nghttpx: Regular token does not require server issued DCID

This commit is contained in:
Tatsuhiro Tsujikawa 2022-08-21 18:57:37 +09:00
parent 9d265e8bb8
commit 31be334660
1 changed files with 23 additions and 9 deletions

View File

@ -213,15 +213,16 @@ int QUICConnectionHandler::handle_packet(const UpstreamAddr *faddr,
break; break;
} }
if (vc.dcidlen != SHRPX_QUIC_SCIDLEN) {
// Initial packets with token must have DCID chosen by server.
return 0;
}
auto qkm = select_quic_keying_material(*qkms.get(), vc.dcid);
switch (hd.token.base[0]) { switch (hd.token.base[0]) {
case NGTCP2_CRYPTO_TOKEN_MAGIC_RETRY: case NGTCP2_CRYPTO_TOKEN_MAGIC_RETRY: {
if (vc.dcidlen != SHRPX_QUIC_SCIDLEN) {
// Initial packets with Retry token must have DCID chosen by
// server.
return 0;
}
auto qkm = select_quic_keying_material(*qkms.get(), vc.dcid);
if (verify_retry_token(odcid, hd.token.base, hd.token.len, hd.version, if (verify_retry_token(odcid, hd.token.base, hd.token.len, hd.version,
hd.dcid, &remote_addr.su.sa, remote_addr.len, hd.dcid, &remote_addr.su.sa, remote_addr.len,
qkm->secret.data(), qkm->secret.size()) != 0) { qkm->secret.data(), qkm->secret.size()) != 0) {
@ -248,7 +249,19 @@ int QUICConnectionHandler::handle_packet(const UpstreamAddr *faddr,
tokenlen = hd.token.len; tokenlen = hd.token.len;
break; break;
case NGTCP2_CRYPTO_TOKEN_MAGIC_REGULAR: }
case NGTCP2_CRYPTO_TOKEN_MAGIC_REGULAR: {
// If a token is a regular token, it must be at least
// NGTCP2_MIN_INITIAL_DCIDLEN bytes long.
if (vc.dcidlen < NGTCP2_MIN_INITIAL_DCIDLEN) {
return 0;
}
// Regarding the QUIC secret that encrypted this token, DCID
// is a client chosen one, and we have no information embedded
// in a token. Just use the first QUIC secret.
auto qkm = &qkms->keying_materials.front();
if (verify_token(hd.token.base, hd.token.len, &remote_addr.su.sa, if (verify_token(hd.token.base, hd.token.len, &remote_addr.su.sa,
remote_addr.len, qkm->secret.data(), remote_addr.len, qkm->secret.data(),
qkm->secret.size()) != 0) { qkm->secret.size()) != 0) {
@ -276,6 +289,7 @@ int QUICConnectionHandler::handle_packet(const UpstreamAddr *faddr,
tokenlen = hd.token.len; tokenlen = hd.token.len;
break; break;
}
default: default:
if (quicconf.upstream.require_token) { if (quicconf.upstream.require_token) {
send_retry(faddr, vc.version, vc.dcid, vc.dcidlen, vc.scid, send_retry(faddr, vc.version, vc.dcid, vc.dcidlen, vc.scid,