[trafficserver] branch quic-latest updated: Fix unsupported version packet handling

masaori Tue, 05 Jun 2018 05:38:12 -0700

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git



The following commit(s) were added to refs/heads/quic-latest by this push:
     new 0a9fe52  Fix unsupported version packet handling
0a9fe52 is described below

commit 0a9fe522731ca820901781b08c6f9f892870e757
Author: Masaori Koshiba <masa...@apache.org>
AuthorDate: Tue Jun 5 21:35:11 2018 +0900

    Fix unsupported version packet handling
    
    - Do not copy payload, because payload size is unknown
    - Do not set largest received packet number, because packet number is 
unknown
---
 iocore/net/quic/QUICPacket.cc             | 11 +++-------
 iocore/net/quic/QUICPacketReceiveQueue.cc | 34 ++++++++++++++++++++++---------
 2 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/iocore/net/quic/QUICPacket.cc b/iocore/net/quic/QUICPacket.cc
index 0178f02..1e3ed13 100644
--- a/iocore/net/quic/QUICPacket.cc
+++ b/iocore/net/quic/QUICPacket.cc
@@ -746,11 +746,6 @@ QUICPacketFactory::create(IpEndpoint from, ats_unique_buf 
buf, size_t len, QUICP
   size_t plain_txt_len     = 0;
 
   QUICPacketHeaderUPtr header = QUICPacketHeader::load(from, std::move(buf), 
len, base_packet_number, this->_dcil);
-  if (!header->is_valid()) {
-    // PROTOCOL_VIOLATION ?
-    result = QUICPacketCreationResult::FAILED;
-    return QUICPacketUPtr(nullptr, &QUICPacketDeleter::delete_packet);
-  }
 
   QUICConnectionId dcid = header->destination_cid();
   QUICConnectionId scid = header->source_cid();
@@ -762,13 +757,13 @@ QUICPacketFactory::create(IpEndpoint from, ats_unique_buf 
buf, size_t len, QUICP
       // version of VN packet is 0x00000000
       // This packet is unprotected. Just copy the payload
       result = QUICPacketCreationResult::SUCCESS;
+      memcpy(plain_txt.get(), header->payload(), header->payload_size());
+      plain_txt_len = header->payload_size();
     } else {
       // We can't decrypt packets that have unknown versions
+      // What we can use is invariant field of Long Header - version, dcid, 
and scid
       result = QUICPacketCreationResult::UNSUPPORTED;
     }
-
-    memcpy(plain_txt.get(), header->payload(), header->payload_size());
-    plain_txt_len = header->payload_size();
   } else {
     switch (header->type()) {
     case QUICPacketType::STATELESS_RESET:
diff --git a/iocore/net/quic/QUICPacketReceiveQueue.cc 
b/iocore/net/quic/QUICPacketReceiveQueue.cc
index 00c6904..1c30f3a 100644
--- a/iocore/net/quic/QUICPacketReceiveQueue.cc
+++ b/iocore/net/quic/QUICPacketReceiveQueue.cc
@@ -31,9 +31,9 @@ static constexpr int LONG_HDR_OFFSET_CONNECTION_ID = 6;
 static constexpr int LONG_HDR_PKT_NUM_LEN          = 4;
 
 static bool
-is_vn(uint8_t *buf)
+is_vn(QUICVersion v)
 {
-  return QUICTypeUtil::read_QUICVersion(buf + LONG_HDR_OFFSET_VERSION) == 0x00;
+  return v == 0x0;
 }
 
 static size_t
@@ -99,11 +99,19 @@ QUICPacketReceiveQueue::dequeue(QUICPacketCreationResult 
&result)
   size_t pkt_len     = 0;
 
   if (QUICTypeUtil::has_long_header(this->_payload.get())) {
+    uint8_t *buf         = this->_payload.get() + this->_offset;
     size_t remaining_len = this->_payload_len - this->_offset;
-    if (is_vn(this->_payload.get() + this->_offset)) {
-      pkt_len = remaining_len;
-    } else if (QUICTypeUtil::has_long_header(this->_payload.get() + 
this->_offset)) {
-      pkt_len = long_hdr_pkt_len(this->_payload.get() + this->_offset);
+
+    if (QUICTypeUtil::has_long_header(buf)) {
+      QUICVersion version = QUICTypeUtil::read_QUICVersion(buf + 
LONG_HDR_OFFSET_VERSION);
+      if (is_vn(version)) {
+        pkt_len = remaining_len;
+      } else if (!QUICTypeUtil::is_supported_version(version)) {
+        result  = QUICPacketCreationResult::UNSUPPORTED;
+        pkt_len = remaining_len;
+      } else {
+        pkt_len = long_hdr_pkt_len(this->_payload.get() + this->_offset);
+      }
     } else {
       pkt_len = remaining_len;
     }
@@ -140,15 +148,21 @@ QUICPacketReceiveQueue::dequeue(QUICPacketCreationResult 
&result)
     udp_packet->free();
   }
 
-  if (result == QUICPacketCreationResult::NOT_READY) {
+  switch (result) {
+  case QUICPacketCreationResult::NOT_READY:
     // FIXME: unordered packet should be buffered and retried
     if (this->_queue.size > 0) {
       result = QUICPacketCreationResult::IGNORED;
     }
-  }
 
-  if (quic_packet && quic_packet->packet_number() > 
this->_largest_received_packet_number) {
-    this->_largest_received_packet_number = quic_packet->packet_number();
+    break;
+  case QUICPacketCreationResult::UNSUPPORTED:
+    // do nothing - if the packet is unsupported version, we don't know packet 
number
+    break;
+  default:
+    if (quic_packet && quic_packet->packet_number() > 
this->_largest_received_packet_number) {
+      this->_largest_received_packet_number = quic_packet->packet_number();
+    }
   }
 
   return quic_packet;

-- 
To stop receiving notification emails like this one, please contact
masa...@apache.org.

[trafficserver] branch quic-latest updated: Fix unsupported version packet handling

Reply via email to