]> git.kaiwu.me - nginx.git/commit
QUIC: added stateless reset support.
authorVladimir Homutov <vl@nginx.com>
Wed, 30 Sep 2020 17:54:46 +0000 (20:54 +0300)
committerVladimir Homutov <vl@nginx.com>
Wed, 30 Sep 2020 17:54:46 +0000 (20:54 +0300)
commitf797a8a5b5a2012b0cae9745f05386b628365cb7
treefff9eb5a9b18bf544154cfb24bc6923b755ce2c9
parent2c3ada57224a34403948e36772bb6dc65e80d353
QUIC: added stateless reset support.

The new "quic_stateless_reset_token_key" directive is added.  It sets the
endpoint key used to generate stateless reset tokens and enables feature.

If the endpoint receives short-header packet that can't be matched to
existing  connection, a stateless reset packet is generated with
a proper token.

If a valid stateless reset token is found in the incoming packet,
the connection is closed.

Example configuration:

http {
    quic_stateless_reset_token_key  "foo";
    ...
}
src/event/ngx_event_quic.c
src/event/ngx_event_quic.h
src/event/ngx_event_quic_protection.c
src/event/ngx_event_quic_protection.h
src/event/ngx_event_quic_transport.c
src/event/ngx_event_quic_transport.h
src/http/modules/ngx_http_quic_module.c