git.feebdaed.xyz Git - 0xmirror/nginx.git/commit

]> git.feebdaed.xyz Git - 0xmirror/nginx.git/commit

projects / 0xmirror / nginx.git / commit

author	Roman Arutyunyan <arut@nginx.com>
	Fri, 13 Dec 2024 09:25:26 +0000 (13:25 +0400)
committer	Roman Arutyunyan <arutyunyan.roman@gmail.com>
	Thu, 26 Dec 2024 14:58:05 +0000 (18:58 +0400)
commit	a52ba8ba0e349585e49073c168e423c12abcf597
tree	9e13779d9b30315622808517b50a87a4721f9715	tree \| snapshot
parent	c73fb273acc31bff7c4e469efda5f3fd66c48557	commit \| diff

QUIC: ignore version negotiation packets.

Previously, such packets were treated as long header packets with unknown
version 0, and a version negotiation packet was sent in response.  This
could be used to set up an infinite traffic reflect loop with another nginx
instance.

Now version negotiation packets are ignored.  As per RFC 9000, Section 6.1:

  An endpoint MUST NOT send a Version Negotiation packet in response to
  receiving a Version Negotiation packet.

src/event/quic/ngx_event_quic_transport.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom