]> git.kaiwu.me - nginx.git/commit
projects / nginx.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e9e83db) | patch
QUIC: ignore version negotiation packets.
authorRoman Arutyunyan <arut@nginx.com>
Fri, 13 Dec 2024 09:25:26 +0000 (13:25 +0400)
committerpluknet <pluknet@nginx.com>
Wed, 5 Feb 2025 16:40:47 +0000 (20:40 +0400)
commit0d11f2885eab99924dbe40d7effb91c80b00d9bf
treef03043838e2ebe14f49e9aa1fb5e945a31202b6btree | snapshot
parente9e83dbb697c17b7ad51d1dd8536ad1c601fdd0ecommit | diff
QUIC: ignore version negotiation packets.

Previously, such packets were treated as long header packets with unknown
version 0, and a version negotiation packet was sent in response.  This
could be used to set up an infinite traffic reflect loop with another nginx
instance.

Now version negotiation packets are ignored.  As per RFC 9000, Section 6.1:

  An endpoint MUST NOT send a Version Negotiation packet in response to
  receiving a Version Negotiation packet.
src/event/quic/ngx_event_quic_transport.c diff | blob | history
nginx upstream