IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.

Browse Source 
By default packets with these frames are expanded to 1200 bytes.  Previously,
if anti-amplification limit did not allow this expansion, it was limited to
whatever size was allowed.  However RFC 9000 clearly states no partial
expansion should happen in both cases.

    Section 8.2.1.  Initiating Path Validation:

    An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
    to at least the smallest allowed maximum datagram size of 1200 bytes,
    unless the anti-amplification limit for the path does not permit
    sending a datagram of this size.

    Section 8.2.2. Path Validation Responses:

    An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
    to at least the smallest allowed maximum datagram size of 1200 bytes.
    ...
    However, an endpoint MUST NOT expand the datagram containing the
    PATH_RESPONSE if the resulting data exceeds the anti-amplification limit.
This commit is contained in:
Roman Arutyunyan 2023-11-29 18:13:25 +04:00
parent d8fa024ef1
commit 0efe8db1d0
4 changed files with 31 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/event/quic/ngx_event_quic_connection.h
View File

@ -106,8 +106,7 @@ struct ngx_quic_path_s {
size_t max_mtu; size_t max_mtu;
off_t sent; off_t sent;
off_t received; off_t received;
u_char challenge1[8]; u_char challenge[2][8];
u_char challenge2[8];
uint64_t seqnum; uint64_t seqnum;
uint64_t mtu_pnum[NGX_QUIC_PATH_RETRIES]; uint64_t mtu_pnum[NGX_QUIC_PATH_RETRIES];
ngx_str_t addr_text; ngx_str_t addr_text;

51
src/event/quic/ngx_event_quic_migration.c
View File

@ -36,6 +36,7 @@ ngx_int_t
ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f)
{ {
size_t min;
ngx_quic_frame_t frame, *fp; ngx_quic_frame_t frame, *fp;
ngx_quic_connection_t *qc; ngx_quic_connection_t *qc;
@ -57,8 +58,14 @@ ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
/* /*
* An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
* to at least the smallest allowed maximum datagram size of 1200 bytes. * to at least the smallest allowed maximum datagram size of 1200 bytes.
* ...
* However, an endpoint MUST NOT expand the datagram containing the
* PATH_RESPONSE if the resulting data exceeds the anti-amplification limit.
*/ */
if (ngx_quic_frame_sendto(c, &frame, 1200, pkt->path) == NGX_ERROR) {
min = (ngx_quic_path_limit(c, pkt->path, 1200) < 1200) ? 0 : 1200;
if (ngx_quic_frame_sendto(c, &frame, min, pkt->path) == NGX_ERROR) {
return NGX_ERROR; return NGX_ERROR;
} }
@ -113,8 +120,8 @@ ngx_quic_handle_path_response_frame(ngx_connection_t *c,
continue; continue;
} }
if (ngx_memcmp(path->challenge1, f->data, sizeof(f->data)) == 0 if (ngx_memcmp(path->challenge[0], f->data, sizeof(f->data)) == 0
|| ngx_memcmp(path->challenge2, f->data, sizeof(f->data)) == 0) || ngx_memcmp(path->challenge[1], f->data, sizeof(f->data)) == 0)
{ {
goto valid; goto valid;
} }
@ -510,11 +517,7 @@ ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_path_t *path)
path->tries = 0; path->tries = 0;
if (RAND_bytes(path->challenge1, 8) != 1) { if (RAND_bytes((u_char *) path->challenge, sizeof(path->challenge)) != 1) {
return NGX_ERROR;
}
if (RAND_bytes(path->challenge2, 8) != 1) {
return NGX_ERROR; return NGX_ERROR;
} }
@ -535,6 +538,8 @@ ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_path_t *path)
static ngx_int_t static ngx_int_t
ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path) ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path)
{ {
size_t min;
ngx_uint_t n;
ngx_quic_frame_t frame; ngx_quic_frame_t frame;
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
@ -546,26 +551,24 @@ ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path)
frame.level = ssl_encryption_application; frame.level = ssl_encryption_application;
frame.type = NGX_QUIC_FT_PATH_CHALLENGE; frame.type = NGX_QUIC_FT_PATH_CHALLENGE;
ngx_memcpy(frame.u.path_challenge.data, path->challenge1, 8); for (n = 0; n < 2; n++) {
/* ngx_memcpy(frame.u.path_challenge.data, path->challenge[n], 8);
* RFC 9000, 8.2.1. Initiating Path Validation
*
* An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
* to at least the smallest allowed maximum datagram size of 1200 bytes,
* unless the anti-amplification limit for the path does not permit
* sending a datagram of this size.
*/
/* same applies to PATH_RESPONSE frames */ /*
if (ngx_quic_frame_sendto(c, &frame, 1200, path) == NGX_ERROR) { * RFC 9000, 8.2.1. Initiating Path Validation
return NGX_ERROR; *
} * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
* to at least the smallest allowed maximum datagram size of 1200 bytes,
* unless the anti-amplification limit for the path does not permit
* sending a datagram of this size.
*/
ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8); min = (ngx_quic_path_limit(c, path, 1200) < 1200) ? 0 : 1200;
if (ngx_quic_frame_sendto(c, &frame, 1200, path) == NGX_ERROR) { if (ngx_quic_frame_sendto(c, &frame, min, path) == NGX_ERROR) {
return NGX_ERROR; return NGX_ERROR;
}
} }
return NGX_OK; return NGX_OK;

4
src/event/quic/ngx_event_quic_output.c
View File

@ -63,8 +63,6 @@ static ssize_t ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len,
struct sockaddr *sockaddr, socklen_t socklen); struct sockaddr *sockaddr, socklen_t socklen);
static void ngx_quic_set_packet_number(ngx_quic_header_t *pkt, static void ngx_quic_set_packet_number(ngx_quic_header_t *pkt,
ngx_quic_send_ctx_t *ctx); ngx_quic_send_ctx_t *ctx);
static size_t ngx_quic_path_limit(ngx_connection_t *c, ngx_quic_path_t *path,
size_t size);
ngx_int_t ngx_int_t
@ -1250,7 +1248,7 @@ ngx_quic_frame_sendto(ngx_connection_t *c, ngx_quic_frame_t *frame,
} }
static size_t size_t
ngx_quic_path_limit(ngx_connection_t *c, ngx_quic_path_t *path, size_t size) ngx_quic_path_limit(ngx_connection_t *c, ngx_quic_path_t *path, size_t size)
{ {
off_t max; off_t max;

2
src/event/quic/ngx_event_quic_output.h
View File

@ -34,5 +34,7 @@ ngx_int_t ngx_quic_send_ack_range(ngx_connection_t *c,
ngx_int_t ngx_quic_frame_sendto(ngx_connection_t *c, ngx_quic_frame_t *frame, ngx_int_t ngx_quic_frame_sendto(ngx_connection_t *c, ngx_quic_frame_t *frame,
size_t min, ngx_quic_path_t *path); size_t min, ngx_quic_path_t *path);
size_t ngx_quic_path_limit(ngx_connection_t *c, ngx_quic_path_t *path,
size_t size);
#endif /* _NGX_EVENT_QUIC_OUTPUT_H_INCLUDED_ */ #endif /* _NGX_EVENT_QUIC_OUTPUT_H_INCLUDED_ */