dnsdist: Fix the maximum size of a DoQ retry token

author Remi Gacogne <remi.gacogne@powerdns.com>

Wed, 27 Sep 2023 23:25:11 +0000 (01:25 +0200)

committer Remi Gacogne <remi.gacogne@powerdns.com>

Mon, 9 Oct 2023 11:38:07 +0000 (13:38 +0200)
author Remi Gacogne <remi.gacogne@powerdns.com>
Wed, 27 Sep 2023 23:25:11 +0000 (01:25 +0200)
committer Remi Gacogne <remi.gacogne@powerdns.com>
Mon, 9 Oct 2023 11:38:07 +0000 (13:38 +0200)
diff --git a/pdns/dnsdistdist/doq.cc b/pdns/dnsdistdist/doq.cc

index 8786c55d0f4d0bbdb011c5cff3537db593492f0b..1ba7a8a638ac94f5d9c85920822697e241757f54 100644 (file)
--- a/pdns/dnsdistdist/doq.cc
+++ b/pdns/dnsdistdist/doq.cc
@@ -382,7 +382,7 @@ static std::optional<PacketBuffer> getCID()
    return buffer;
  }
  
-static constexpr size_t MAX_TOKEN_LEN = std::tuple_size<decltype(SodiumNonce::value)>{} /* nonce */ + sizeof(uint64_t) /* TTD */ + 16 /* IPv6 */ + QUICHE_MAX_CONN_ID_LEN;
+static constexpr size_t MAX_TOKEN_LEN = std::tuple_size<decltype(SodiumNonce::value)>{} /* nonce */ + /* MAC */ crypto_secretbox_MACBYTES + sizeof(uint64_t) /* TTD */ + 16 /* IPv6 */ + QUICHE_MAX_CONN_ID_LEN;
  
  static PacketBuffer mintToken(const PacketBuffer& dcid, const ComboAddress& peer)
  {
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Wed, 27 Sep 2023 23:25:11 +0000 (01:25 +0200)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 9 Oct 2023 11:38:07 +0000 (13:38 +0200)