mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-07-31 02:26:15 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

QUIC: Check if CID has been used in stateless reset check

Browse Source 
Section 10.3.1 of RFC9000 requires this check.
This commit is contained in:
Martin Duke 2021-10-12 11:56:49 +03:00
parent 010f974e44
commit 5e37df0bf4
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/event/quic/ngx_event_quic.c
View File

@ -370,8 +370,11 @@ ngx_quic_process_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt)
{
cid = ngx_queue_data(q, ngx_quic_client_id_t, queue);
if (cid->seqnum == 0) {
/* no stateless reset token in initial connection id */
if (cid->seqnum == 0 || cid->refcnt == 0) {
/*
* No stateless reset token in initial connection id.
* Don't accept a token from an unused connection id.
*/
continue;
}