mirror/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git synced 2026-02-05 13:23:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: quic: reject retry_source_cid TP on server side

Browse Source 
Close the connection on error if retry_source_connection_id transport
parameter is received. This is specified by RFC 9000 as this parameter
must not be emitted by a client. Previously, it was silently ignored.

This should be backported up to 2.6. Note that is relies on previous
patch "MINOR: quic: extend return value on TP parsing".
This commit is contained in:
Amaury Denoyelle
2025-05-06 17:59:37 +02:00
parent a54fdd3d92
commit 10f1f1adce
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/quic_tp.c
View File

@@ -360,6 +360,13 @@ quic_transport_param_decode(struct quic_transport_params *p, int server,
buf, *buf + len, server))
return QUIC_TP_DEC_ERR_TRUNC;
break;
case QUIC_TP_RETRY_SOURCE_CONNECTION_ID:
/* see original_destination_connection_id RFC reference above. */
if (!server)
return QUIC_TP_DEC_ERR_INVAL;
/* TODO implement parsing for client side */
break;
default:
*buf += len;
};