]> git.kaiwu.me - nginx.git/commit
projects / nginx.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ed47f72) | patch
QUIC: trial packet decryption in response to invalid key update.
authorSergey Kandaurov <pluknet@nginx.com>
Wed, 14 Feb 2024 11:55:34 +0000 (15:55 +0400)
committerSergey Kandaurov <pluknet@nginx.com>
Wed, 14 Feb 2024 11:55:34 +0000 (15:55 +0400)
commit5902baf680609f884a1e11ff2b82a0bffb3724cc
treee332f243fb1bc01521b1fa06aae1c95103dab146tree | snapshot
parented47f72a85fb6279e2ba5d431f64ea4db695cf4ecommit | diff
QUIC: trial packet decryption in response to invalid key update.

Inspired by RFC 9001, Section 6.3, trial packet decryption with the current
keys is now used to avoid a timing side-channel signal.  Further, this fixes
segfault while accessing missing next keys (ticket #2585).
src/event/quic/ngx_event_quic_protection.c diff | blob | history
nginx upstream