mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-12-12 18:29:00 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

QUIC: raise error on missing transport parameters.

Browse Source 
quic-tls, 8.2:

    The quic_transport_parameters extension is carried in the ClientHello
    and the EncryptedExtensions messages during the handshake.  Endpoints
    MUST send the quic_transport_parameters extension; endpoints that
    receive ClientHello or EncryptedExtensions messages without the
    quic_transport_parameters extension MUST close the connection with an
    error of type 0x16d (equivalent to a fatal TLS missing_extension
    alert, see Section 4.10).
This commit is contained in:
Vladimir Homutov 2020-06-15 17:06:40 +03:00
parent 6c2712f781
commit d6d7838c79
1 changed files with 48 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/event/ngx_event_quic.c
View File

@ -400,7 +400,16 @@ ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn,
"quic SSL_get_peer_quic_transport_params():"
" params_len %ui", client_params_len);
if (client_params_len != 0) {
if (client_params_len == 0) {
/* quic-tls 8.2 */
qc->error = 0x100 + SSL_AD_MISSING_EXTENSION;
qc->error_reason = "missing transport parameters";
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"missing transport parameters");
return 0;
}
p = (u_char *) client_params;
end = p + client_params_len;
@ -450,7 +459,6 @@ ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn,
qc->client_tp_done = 1;
}
}
/*
* we need to fit at least 1 frame into a packet, thus account head/tail;