You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ma...@apache.org on 2017/10/04 13:28:16 UTC
[trafficserver] branch quic-latest updated: Fix #2494 Generate
Stateless Reset Token with a configurable value
This is an automated email from the ASF dual-hosted git repository.
maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new 8cc22df Fix #2494 Generate Stateless Reset Token with a configurable value
8cc22df is described below
commit 8cc22df1355e37b46c6665ecd7d2970aee464215
Author: Zizhong Zhang <zi...@linkedin.com>
AuthorDate: Tue Oct 3 17:38:13 2017 -0700
Fix #2494 Generate Stateless Reset Token with a configurable value
---
iocore/net/QUICNetVConnection.cc | 8 ++++++--
iocore/net/QUICPacketHandler.cc | 6 +++++-
iocore/net/quic/QUICConfig.cc | 7 +++++++
iocore/net/quic/QUICConfig.h | 2 ++
4 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc
index aff162a..5962e96 100644
--- a/iocore/net/QUICNetVConnection.cc
+++ b/iocore/net/QUICNetVConnection.cc
@@ -35,6 +35,7 @@
#include "P_SSLNextProtocolSet.h"
+#include "QUICConfig.h"
#include "QUICDebugNames.h"
#include "QUICEvents.h"
#include "QUICConfig.h"
@@ -92,7 +93,10 @@ void
QUICNetVConnection::start(SSL_CTX *ssl_ctx)
{
// Version 0x00000001 uses stream 0 for cryptographic handshake with TLS 1.3, but newer version may not
- this->_token.gen_token(_quic_connection_id ^ id);
+ {
+ QUICConfig::scoped_config params;
+ this->_token.gen_token(_quic_connection_id ^ params->server_id());
+ }
this->_handshake_handler = new QUICHandshake(this, ssl_ctx, this->_token);
this->_application_map = new QUICApplicationMap();
@@ -689,7 +693,7 @@ QUICNetVConnection::_state_common_receive_packet()
break;
case QUICPacketType::CLIENT_CLEARTEXT:
// FIXME Just ignore for now but it has to be acked (GitHub#2609)
- break;
+ break;
default:
error = QUICErrorUPtr(new QUICConnectionError(QUICErrorClass::QUIC_TRANSPORT, QUICErrorCode::INTERNAL_ERROR));
break;
diff --git a/iocore/net/QUICPacketHandler.cc b/iocore/net/QUICPacketHandler.cc
index 641dba2..2c8dfb9 100644
--- a/iocore/net/QUICPacketHandler.cc
+++ b/iocore/net/QUICPacketHandler.cc
@@ -22,6 +22,7 @@
#include "ts/ink_config.h"
#include "P_Net.h"
+#include "QUICConfig.h"
#include "QUICPacket.h"
#include "QUICDebugNames.h"
#include "QUICEvents.h"
@@ -135,7 +136,10 @@ QUICPacketHandler::_recv_packet(int event, UDPPacket *udpPacket)
// Send stateless reset if the packet is not a initial packet
if (!QUICTypeUtil::hasLongHeader(reinterpret_cast<const uint8_t *>(block->buf()))) {
QUICStatelessToken token;
- token.gen_token(cid);
+ {
+ QUICConfig::scoped_config params;
+ token.gen_token(cid ^ params->server_id());
+ }
auto packet = QUICPacketFactory::create_stateless_reset_packet(cid, token);
this->send_packet(*packet, udpPacket->getConnection(), con.addr, 1200);
return;
diff --git a/iocore/net/quic/QUICConfig.cc b/iocore/net/quic/QUICConfig.cc
index d97ef54..38b6b13 100644
--- a/iocore/net/quic/QUICConfig.cc
+++ b/iocore/net/quic/QUICConfig.cc
@@ -34,6 +34,7 @@ void
QUICConfigParams::initialize()
{
REC_EstablishStaticConfigInt32U(this->_no_activity_timeout_in, "proxy.config.quic.no_activity_timeout_in");
+ REC_EstablishStaticConfigInt32U(this->_server_id, "proxy.config.quic.server_id");
}
uint32_t
@@ -43,6 +44,12 @@ QUICConfigParams::no_activity_timeout_in() const
}
uint32_t
+QUICConfigParams::server_id() const
+{
+ return this->_server_id;
+}
+
+uint32_t
QUICConfigParams::initial_max_data() const
{
return this->_initial_max_data;
diff --git a/iocore/net/quic/QUICConfig.h b/iocore/net/quic/QUICConfig.h
index b9ac7c2..05588ce 100644
--- a/iocore/net/quic/QUICConfig.h
+++ b/iocore/net/quic/QUICConfig.h
@@ -34,6 +34,7 @@ public:
uint32_t initial_max_data() const;
uint32_t initial_max_stream_data() const;
uint32_t initial_max_stream_id() const;
+ uint32_t server_id() const;
private:
// FIXME Fill appropriate values
@@ -41,6 +42,7 @@ private:
uint32_t _initial_max_data = 100; // in units of 1024 octets
uint32_t _initial_max_stream_data = 2048;
uint32_t _initial_max_stream_id = 100;
+ uint32_t _server_id = 0;
};
class QUICConfig
--
To stop receiving notification emails like this one, please contact
['"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>'].