mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-22 20:33:07 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

QUIC: account packet header length in amplification limit.

Browse Source 
This is the restoration of 02ee77f8d53d accidentally reverted by 93be5658a250.
This commit is contained in:
Vladimir Homutov 2020-10-19 12:19:38 +03:00
parent 743cc99781
commit d54fd4ed34
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/event/ngx_event_quic.c
View File

@ -3757,6 +3757,7 @@ ngx_quic_output_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
hlen = (f->level == ssl_encryption_application) ? NGX_QUIC_MAX_SHORT_HEADER
: NGX_QUIC_MAX_LONG_HEADER;
hlen += EVP_GCM_TLS_TAG_LEN;
hlen -= NGX_QUIC_MAX_CID_LEN - qc->scid.len;
do {
len = 0;
@ -3786,7 +3787,7 @@ ngx_quic_output_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
* send more than three times the data it receives;
*/
if (((c->sent + len + f->len) / 3) > qc->received) {
if (((c->sent + hlen + len + f->len) / 3) > qc->received) {
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
"quic hit amplification limit"
" received %uz sent %O",

3
src/event/ngx_event_quic.h
View File

@ -54,7 +54,8 @@
#define NGX_QUIC_STREAM_BUFSIZE 65536
#define NGX_QUIC_SERVER_CID_LEN 20
#define NGX_QUIC_MAX_CID_LEN 20
#define NGX_QUIC_SERVER_CID_LEN NGX_QUIC_MAX_CID_LEN
#define NGX_QUIC_SR_TOKEN_LEN 16