commit a65b71f89f4dec6cd65aa71403349e25fed6bc51
author Frédéric Lécaille <flecaille@haproxy.com> Fri Mar 03 10:16:32 2023 +0100
committer Frédéric Lécaille <flecaille@haproxy.com> Fri Mar 03 19:12:26 2023 +0100
tree 04f90ae450a826b80fc70b83c00520eb93055b82
parent e6359b649b7a172a4271ddef4daee2dfae7cbae1

BUG/MINOR: quic: Missing detections of amplification limit reached

Mark the connection as limited by the anti-amplification limit when trying to
probe the peer.
Wakeup the connection PTO/dectection loss timer as soon as a datagram is
received. This was done only when the datagram was dropped.
This fixes deadlock issues revealed by some interop runner tests.

Must be backported to 2.7 and 2.6.

src/quic_conn.c

diff --git a/src/quic_conn.c b/src/quic_conn.c
index 61acd72..81ad537 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -2658,6 +2658,7 @@
 	 */
 	if (!quic_peer_validated_addr(qc) && qc_is_listener(qc) &&
 	    pkt->len + 4 > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
+		qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED;
 		TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt);
 		goto leave;
 	}
@@ -2724,6 +2725,7 @@
 
 		dglen += pkt->next ? pkt->next->len + 4 : 0;
 		if (dglen > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
+			qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED;
 			TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt);
 			if (pkt->next)
 				TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt->next);
@@ -6788,20 +6790,22 @@
 	const struct quic_version *qv = pkt->version;
 	struct quic_enc_level *qel = NULL;
 	size_t b_cspace;
-	int io_cb_wakeup = 0;
 
 	TRACE_ENTER(QUIC_EV_CONN_LPKT, qc, pkt, NULL, qv);
 
 	if (pkt->flags & QUIC_FL_RX_PACKET_DGRAM_FIRST &&
-	    !quic_peer_validated_addr(qc) &&
 	    qc->flags & QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED) {
 		TRACE_PROTO("PTO timer must be armed after anti-amplication was reached",
 					QUIC_EV_CONN_LPKT, qc, NULL, NULL, qv);
+		TRACE_DEVEL("needs to wakeup the timer task after the amplification limit was reached",
+		            QUIC_EV_CONN_LPKT, qc);
 		/* Reset the anti-amplification bit. It will be set again
 		 * when sending the next packet if reached again.
 		 */
 		qc->flags &= ~QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED;
-		io_cb_wakeup = 1;
+		qc_set_timer(qc);
+		if (qc->timer_task && tick_isset(qc->timer) && tick_is_lt(qc->timer, now_ms))
+			task_wakeup(qc->timer_task, TASK_WOKEN_MSG);
 	}
 
 	if (qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE) {
@@ -6856,14 +6860,6 @@
 
  drop:
 	HA_ATOMIC_INC(&qc->prx_counters->dropped_pkt);
-	if (io_cb_wakeup) {
-		TRACE_DEVEL("needs to wakeup the timer task after the amplification limit was reached",
-		            QUIC_EV_CONN_LPKT, qc);
-		qc_set_timer(qc);
-		if (qc->timer_task && tick_isset(qc->timer) && tick_is_lt(qc->timer, now_ms))
-			task_wakeup(qc->timer_task, TASK_WOKEN_MSG);
-	}
-
 	TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc ? qc : NULL, pkt, NULL, qv);
 }