]> git.kaiwu.me - nginx.git/commitdiff
QUIC: macros for manipulating header protection and reserved bits.
authorSergey Kandaurov <pluknet@nginx.com>
Tue, 17 Nov 2020 21:32:22 +0000 (21:32 +0000)
committerSergey Kandaurov <pluknet@nginx.com>
Tue, 17 Nov 2020 21:32:22 +0000 (21:32 +0000)
This gets rid of magic numbers from quic protection and allows to push down
header construction specifics further to quic transport.

src/event/ngx_event_quic_protection.c
src/event/ngx_event_quic_transport.h

index 0b491d9761cbe85c5b5fe3f0f4c692757780a947..4228533102dcc91fe55d6c7c10f3a70a941e4afe 100644 (file)
@@ -870,7 +870,7 @@ ngx_quic_create_long_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
     }
 
     /* quic-tls: 5.4.1.  Header Protection Application */
-    ad.data[0] ^= mask[0] & 0x0f;
+    ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags);
 
     for (i = 0; i < pkt->num_len; i++) {
         pnp[i] ^= mask[i + 1];
@@ -928,7 +928,7 @@ ngx_quic_create_short_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
     }
 
     /* quic-tls: 5.4.1.  Header Protection Application */
-    ad.data[0] ^= mask[0] & 0x1f;
+    ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags);
 
     for (i = 0; i < pkt->num_len; i++) {
         pnp[i] ^= mask[i + 1];
@@ -1161,11 +1161,9 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
         return NGX_DECLINED;
     }
 
-    if (ngx_quic_long_pkt(pkt->flags)) {
-        clearflags = pkt->flags ^ (mask[0] & 0x0f);
+    clearflags = pkt->flags ^ (mask[0] & ngx_quic_pkt_hp_mask(pkt->flags));
 
-    } else {
-        clearflags = pkt->flags ^ (mask[0] & 0x1f);
+    if (ngx_quic_short_pkt(pkt->flags)) {
         key_phase = (clearflags & NGX_QUIC_PKT_KPHASE) != 0;
 
         if (key_phase != pkt->key_phase) {
@@ -1192,12 +1190,7 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
     in.data = p;
     in.len = len - pnl;
 
-    if (ngx_quic_long_pkt(pkt->flags)) {
-        badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT;
-
-    } else {
-        badflags = clearflags & NGX_QUIC_PKT_SHORT_RESERVED_BIT;
-    }
+    badflags = clearflags & ngx_quic_pkt_rb_mask(pkt->flags);
 
     ad.len = p - pkt->data;
     ad.data = pkt->plaintext;
index ee89855bdb251a2d9be3c3e0178676df9a6fa8cf..2e7a6f953b4611d92a22f5bb319ec65d508ae5f5 100644 (file)
@@ -19,9 +19,6 @@
 #define NGX_QUIC_PKT_TYPE       0x30  /* in long packet */
 #define NGX_QUIC_PKT_KPHASE     0x04  /* in short packet */
 
-#define NGX_QUIC_PKT_LONG_RESERVED_BIT   0x0C
-#define NGX_QUIC_PKT_SHORT_RESERVED_BIT  0x18
-
 #define ngx_quic_long_pkt(flags)  ((flags) & NGX_QUIC_PKT_LONG)
 #define ngx_quic_short_pkt(flags)  (((flags) & NGX_QUIC_PKT_LONG) == 0)
 
 #define ngx_quic_pkt_retry(flags)                                             \
     (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_RETRY)
 
+#define ngx_quic_pkt_rb_mask(flags)                                           \
+    (ngx_quic_long_pkt(flags) ? 0x0C : 0x18)
+#define ngx_quic_pkt_hp_mask(flags)                                           \
+    (ngx_quic_long_pkt(flags) ? 0x0F : 0x1F)
+
 #define ngx_quic_level_name(lvl)                                              \
     (lvl == ssl_encryption_application) ? "app"                               \
         : (lvl == ssl_encryption_initial) ? "init"                            \