IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

QUIC: fixed PATH_RESPONSE frame expansion.

Browse Source 
The PATH_RESPONSE frame must be expanded to 1200, except the case
when anti-amplification limit is in effect, i.e. on unvalidated paths.

Previously, the anti-amplification limit was always applied.
This commit is contained in:
Vladimir Homutov 2021-11-11 15:15:07 +03:00
parent 62b2eea0fe
commit 1562200066
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/event/quic/ngx_event_quic_migration.c
View File

@ -47,13 +47,21 @@ ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
path = qsock->path;
/*
* An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
* to at least the smallest allowed maximum datagram size of 1200 bytes.
* ...
* An endpoint MUST NOT expand the datagram containing the PATH_RESPONSE
* if the resulting data exceeds the anti-amplification limit.
*/
if (path->state != NGX_QUIC_PATH_VALIDATED) {
max = path->received * 3;
max = (path->sent >= max) ? 0 : max - path->sent;
pad = ngx_min(1200, max);
} else {
pad = 1200;
}
sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen);
if (sent < 0) {
return NGX_ERROR;