MINOR: quic: Do not accept wrong active_connection_id_limit values A peer must not send active_connection_id_limit values smaller than 2 which is also the minimum value when not sent. Make the transport parameters decoding fail in this case. Must be backported to 2.7.

commit: 4afbca611fad4adbeb2d967dc833ab2e06011dd1 [log] [tgz]
author: Frédéric Lécaille <flecaille@haproxy.com> Mon Mar 06 13:57:40 2023 +0100
committer: Amaury Denoyelle <adenoyelle@haproxy.com> Wed Mar 08 08:50:54 2023 +0100
tree: eccca61fe5711838876c446e0c8cd43640686e2e
parent: ebfafc212a88ce7fdc46a135c0d585d55f2c564d [diff]
diff --git a/src/quic_tp.c b/src/quic_tp.c
index ae01361..09921f3 100644
--- a/src/quic_tp.c
+++ b/src/quic_tp.c

@@ -609,6 +609,13 @@
 	    !p->initial_source_connection_id_present)
 		return 0;
 
+	/* Note that if not received by the peer, active_connection_id_limit will
+	 * have QUIC_TP_DFLT_ACTIVE_CONNECTION_ID_LIMIT as default value. This
+	 * is also the minimum value for this transport parameter.
+	 */
+	if (p->active_connection_id_limit < QUIC_TP_DFLT_ACTIVE_CONNECTION_ID_LIMIT)
+		return 0;
+
 	return 1;
 }
commit	4afbca611fad4adbeb2d967dc833ab2e06011dd1	[log] [tgz]
author	Frédéric Lécaille <flecaille@haproxy.com>	Mon Mar 06 13:57:40 2023 +0100
committer	Amaury Denoyelle <adenoyelle@haproxy.com>	Wed Mar 08 08:50:54 2023 +0100
tree	eccca61fe5711838876c446e0c8cd43640686e2e
parent	ebfafc212a88ce7fdc46a135c0d585d55f2c564d [diff]