You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ma...@apache.org on 2017/10/11 07:50:43 UTC

[trafficserver] 10/25: Fix #2494 Generate Stateless Reset Token with a configurable value

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-05
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit c4ea4871b8bef18f02cea1f8aa0a19da54c34794
Author: Zizhong Zhang <zi...@linkedin.com>
AuthorDate: Tue Oct 3 17:38:13 2017 -0700

    Fix #2494 Generate Stateless Reset Token with a configurable value
    
    (cherry picked from commit 8cc22df1355e37b46c6665ecd7d2970aee464215)
---
 iocore/net/QUICNetVConnection.cc | 8 ++++++--
 iocore/net/QUICPacketHandler.cc  | 6 +++++-
 iocore/net/quic/QUICConfig.cc    | 7 +++++++
 iocore/net/quic/QUICConfig.h     | 2 ++
 4 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc
index aff162a..5962e96 100644
--- a/iocore/net/QUICNetVConnection.cc
+++ b/iocore/net/QUICNetVConnection.cc
@@ -35,6 +35,7 @@
 
 #include "P_SSLNextProtocolSet.h"
 
+#include "QUICConfig.h"
 #include "QUICDebugNames.h"
 #include "QUICEvents.h"
 #include "QUICConfig.h"
@@ -92,7 +93,10 @@ void
 QUICNetVConnection::start(SSL_CTX *ssl_ctx)
 {
   // Version 0x00000001 uses stream 0 for cryptographic handshake with TLS 1.3, but newer version may not
-  this->_token.gen_token(_quic_connection_id ^ id);
+  {
+    QUICConfig::scoped_config params;
+    this->_token.gen_token(_quic_connection_id ^ params->server_id());
+  }
 
   this->_handshake_handler = new QUICHandshake(this, ssl_ctx, this->_token);
   this->_application_map   = new QUICApplicationMap();
@@ -689,7 +693,7 @@ QUICNetVConnection::_state_common_receive_packet()
     break;
   case QUICPacketType::CLIENT_CLEARTEXT:
     // FIXME Just ignore for now but it has to be acked (GitHub#2609)
-   break;
+    break;
   default:
     error = QUICErrorUPtr(new QUICConnectionError(QUICErrorClass::QUIC_TRANSPORT, QUICErrorCode::INTERNAL_ERROR));
     break;
diff --git a/iocore/net/QUICPacketHandler.cc b/iocore/net/QUICPacketHandler.cc
index 641dba2..2c8dfb9 100644
--- a/iocore/net/QUICPacketHandler.cc
+++ b/iocore/net/QUICPacketHandler.cc
@@ -22,6 +22,7 @@
 #include "ts/ink_config.h"
 #include "P_Net.h"
 
+#include "QUICConfig.h"
 #include "QUICPacket.h"
 #include "QUICDebugNames.h"
 #include "QUICEvents.h"
@@ -135,7 +136,10 @@ QUICPacketHandler::_recv_packet(int event, UDPPacket *udpPacket)
     // Send stateless reset if the packet is not a initial packet
     if (!QUICTypeUtil::hasLongHeader(reinterpret_cast<const uint8_t *>(block->buf()))) {
       QUICStatelessToken token;
-      token.gen_token(cid);
+      {
+        QUICConfig::scoped_config params;
+        token.gen_token(cid ^ params->server_id());
+      }
       auto packet = QUICPacketFactory::create_stateless_reset_packet(cid, token);
       this->send_packet(*packet, udpPacket->getConnection(), con.addr, 1200);
       return;
diff --git a/iocore/net/quic/QUICConfig.cc b/iocore/net/quic/QUICConfig.cc
index d97ef54..38b6b13 100644
--- a/iocore/net/quic/QUICConfig.cc
+++ b/iocore/net/quic/QUICConfig.cc
@@ -34,6 +34,7 @@ void
 QUICConfigParams::initialize()
 {
   REC_EstablishStaticConfigInt32U(this->_no_activity_timeout_in, "proxy.config.quic.no_activity_timeout_in");
+  REC_EstablishStaticConfigInt32U(this->_server_id, "proxy.config.quic.server_id");
 }
 
 uint32_t
@@ -43,6 +44,12 @@ QUICConfigParams::no_activity_timeout_in() const
 }
 
 uint32_t
+QUICConfigParams::server_id() const
+{
+  return this->_server_id;
+}
+
+uint32_t
 QUICConfigParams::initial_max_data() const
 {
   return this->_initial_max_data;
diff --git a/iocore/net/quic/QUICConfig.h b/iocore/net/quic/QUICConfig.h
index b9ac7c2..05588ce 100644
--- a/iocore/net/quic/QUICConfig.h
+++ b/iocore/net/quic/QUICConfig.h
@@ -34,6 +34,7 @@ public:
   uint32_t initial_max_data() const;
   uint32_t initial_max_stream_data() const;
   uint32_t initial_max_stream_id() const;
+  uint32_t server_id() const;
 
 private:
   // FIXME Fill appropriate values
@@ -41,6 +42,7 @@ private:
   uint32_t _initial_max_data        = 100; // in units of 1024 octets
   uint32_t _initial_max_stream_data = 2048;
   uint32_t _initial_max_stream_id   = 100;
+  uint32_t _server_id               = 0;
 };
 
 class QUICConfig

-- 
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.