Mercurial > hg > nginx
view src/event/quic/ngx_event_quic_tokens.h @ 9284:5c6649b4308f
QUIC: ngx_quic_buffer_t use-after-free protection.
Previously the last chain field of ngx_quic_buffer_t could still reference freed
chains and buffers after calling ngx_quic_free_buffer(). While normally an
ngx_quic_buffer_t object should not be used after freeing, resetting last_chain
field would prevent a potential use-after-free.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Tue, 28 May 2024 17:19:21 +0400 |
parents | 77c1418916f7 |
children |
line wrap: on
line source
/* * Copyright (C) Nginx, Inc. */ #ifndef _NGX_EVENT_QUIC_TOKENS_H_INCLUDED_ #define _NGX_EVENT_QUIC_TOKENS_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #define NGX_QUIC_MAX_TOKEN_SIZE 64 /* SHA-1(addr)=20 + sizeof(time_t) + retry(1) + odcid.len(1) + odcid */ #define NGX_QUIC_AES_256_GCM_IV_LEN 12 #define NGX_QUIC_AES_256_GCM_TAG_LEN 16 #define NGX_QUIC_TOKEN_BUF_SIZE (NGX_QUIC_AES_256_GCM_IV_LEN \ + NGX_QUIC_MAX_TOKEN_SIZE \ + NGX_QUIC_AES_256_GCM_TAG_LEN) ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, u_char *secret, u_char *token); ngx_int_t ngx_quic_new_token(ngx_log_t *log, struct sockaddr *sockaddr, socklen_t socklen, u_char *key, ngx_str_t *token, ngx_str_t *odcid, time_t expires, ngx_uint_t is_retry); ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, u_char *key, ngx_quic_header_t *pkt); #endif /* _NGX_EVENT_QUIC_TOKENS_H_INCLUDED_ */