Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_connid.c @ 8910:f8848f5a1014 quic
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 18 Nov 2021 14:19:31 +0300 |
parents | e2ec952dc295 |
children | b09f055daa4e |
comparison
equal
deleted
inserted
replaced
8909:d041b8d6ab0b | 8910:f8848f5a1014 |
---|---|
363 ngx_quic_client_id_t *cid; | 363 ngx_quic_client_id_t *cid; |
364 ngx_quic_connection_t *qc; | 364 ngx_quic_connection_t *qc; |
365 | 365 |
366 qc = ngx_quic_get_connection(c); | 366 qc = ngx_quic_get_connection(c); |
367 | 367 |
368 if (f->sequence_number >= qc->server_seqnum) { | |
369 /* | |
370 * RFC 9000, 19.16. | |
371 * | |
372 * Receipt of a RETIRE_CONNECTION_ID frame containing a sequence | |
373 * number greater than any previously sent to the peer MUST be | |
374 * treated as a connection error of type PROTOCOL_VIOLATION. | |
375 */ | |
376 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | |
377 qc->error_reason = "sequence number of id to retire was never issued"; | |
378 | |
379 return NGX_ERROR; | |
380 } | |
381 | |
382 qsock = ngx_quic_get_socket(c); | |
383 | |
384 if (qsock->sid.seqnum == f->sequence_number) { | |
385 | |
386 /* | |
387 * RFC 9000, 19.16. | |
388 * | |
389 * The sequence number specified in a RETIRE_CONNECTION_ID frame MUST | |
390 * NOT refer to the Destination Connection ID field of the packet in | |
391 * which the frame is contained. The peer MAY treat this as a | |
392 * connection error of type PROTOCOL_VIOLATION. | |
393 */ | |
394 | |
395 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | |
396 qc->error_reason = "sequence number of id to retire refers DCID"; | |
397 | |
398 return NGX_ERROR; | |
399 } | |
400 | |
368 qsock = ngx_quic_find_socket(c, f->sequence_number); | 401 qsock = ngx_quic_find_socket(c, f->sequence_number); |
369 if (qsock == NULL) { | 402 if (qsock == NULL) { |
370 return NGX_OK; | 403 return NGX_OK; |
371 } | 404 } |
372 | 405 |