diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2020-03-10 18:40:18 +0300 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2020-03-10 18:40:18 +0300 |
| commit | 385408732e4b3934d4bf14b1628f4b21a646875c (patch) | |
| tree | b5ef0a81d68f6f98ddf911f40615fdc04c2010be /src | |
| parent | c2afb5ec8adde78add52cfe53047f02a54915836 (diff) | |
| download | nginx-385408732e4b3934d4bf14b1628f4b21a646875c.tar.gz nginx-385408732e4b3934d4bf14b1628f4b21a646875c.tar.bz2 | |
Fixed nonce in short packet protection.
Diffstat (limited to 'src')
| -rw-r--r-- | src/event/ngx_event_quic.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/event/ngx_event_quic.c b/src/event/ngx_event_quic.c index 6ea9d23ed..55eea0137 100644 --- a/src/event/ngx_event_quic.c +++ b/src/event/ngx_event_quic.c @@ -758,7 +758,9 @@ ngx_quic_create_short_packet(ngx_connection_t *c, ngx_ssl_conn_t *ssl_conn, } nonce = ngx_pstrdup(c->pool, &pkt->secret->iv); - if (pkt->level == ssl_encryption_handshake) { + if (pkt->level == ssl_encryption_handshake + || pkt->level == ssl_encryption_application) + { nonce[11] ^= (*pkt->number - 1); } |