From 028996aff8adfd93bde7afdfe555d06d205546ee Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Tue, 17 Aug 2021 19:15:55 +0900 Subject: [PATCH] nghttpx: Generate stateless reset secret --- src/shrpx.cc | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/shrpx.cc b/src/shrpx.cc index d039ef35..2ddbf3a5 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -1549,7 +1549,17 @@ void fill_default_config(Config *config) { } auto &quicconf = config->quic; - { quicconf.timeout.idle = 30_s; } + { + quicconf.timeout.idle = 30_s; + + auto &stateless_resetconf = quicconf.stateless_reset; + // TODO Find better place to do this and error handling. + if (RAND_bytes(stateless_resetconf.secret.data(), + stateless_resetconf.secret.size()) != 1) { + LOG(FATAL) << "Unable to generate stateless reset secret"; + exit(EXIT_FAILURE); + } + } auto &loggingconf = config->logging; {