Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 2c15a66b6127330140ba78585c274674aeb0f82b^! / .
commit2c15a66b6127330140ba78585c274674aeb0f82b[log] [tgz]
authorFrédéric Lécaille <flecaille@haproxy.com>Wed Dec 22 20:39:12 2021 +0100
committerFrédéric Lécaille <flecaille@haproxy.com>Wed Dec 22 20:43:22 2021 +0100
treef8642bd3537a079b17eebe1c8746549083ab28ab
parente7ff2b265a40d31d93b7258171738d36f9f85a9c [diff]
MINOR: quic: Drop asap Retry or Version Negotiation packets

These packet are only sent by servers. We drop them as soon as possible
when we are an haproxy listener.

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index be71f26..8c4b38c 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c

@@ -3973,21 +3973,21 @@
 	/* Header form */
 	qc_parse_hd_form(pkt, *buf++, &long_header);
 	if (long_header) {
+		uint64_t len;
+
 		if (!quic_packet_read_long_header(&buf, end, pkt)) {
 			TRACE_PROTO("Packet dropped", QUIC_EV_CONN_LPKT);
 			goto err;
 		}
 
+		/* Retry of Version Negotiation packets are only sent by servers */
+		if (pkt->type == QUIC_PACKET_TYPE_RETRY || !pkt->version) {
+			TRACE_PROTO("Packet dropped", QUIC_EV_CONN_LPKT);
+			goto err;
+		}
+
 		/* RFC9000 6. Version Negotiation */
 		if (!qc_pkt_is_supported_version(pkt)) {
-			/* do not send Version Negotiation in response to a
-			 * Version Negotiation packet.
-			 */
-			if (!pkt->version) {
-				TRACE_PROTO("Null QUIC version, packet dropped", QUIC_EV_CONN_LPKT);
-				goto err;
-			}
-
 			 /* unsupported version, send Negotiation packet */
 			if (qc_send_version_negotiation(l->rx.fd, saddr, pkt)) {
 				TRACE_PROTO("Error on Version Negotiation sending", QUIC_EV_CONN_LPKT);
@@ -4026,22 +4026,15 @@
 			}
 		}
 
-		/* Only packets packets with long headers and not RETRY or VERSION as type
-		 * have a length field.
-		 */
-		if (pkt->type != QUIC_PACKET_TYPE_RETRY && pkt->version) {
-			uint64_t len;
-
-			if (!quic_dec_int(&len, (const unsigned char **)&buf, end) ||
-				end - buf < len) {
-				TRACE_PROTO("Packet dropped", QUIC_EV_CONN_LPKT);
-				goto err;
-			}
-
-			payload = buf;
-			pkt->len = len + payload - beg;
+		if (!quic_dec_int(&len, (const unsigned char **)&buf, end) ||
+			end - buf < len) {
+			TRACE_PROTO("Packet dropped", QUIC_EV_CONN_LPKT);
+			goto err;
 		}
 
+		payload = buf;
+		pkt->len = len + payload - beg;
+
 		qc = qc_retrieve_conn_from_cid(pkt, l, saddr);
 		if (!qc) {
 			int ipv4;