[trafficserver] branch quic-latest updated: Fix a bug in unprotecting PN in short header

Wed, 20 Jun 2018 20:25:58 -0700 

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/quic-latest by this push:
     new 0e2934c  Fix a bug in unprotecting PN in short header
0e2934c is described below

commit 0e2934c7b9f7219e4462eb4e6490130371b3a8b3
Author: Masakazu Kitajo <[email protected]>
AuthorDate: Thu Jun 21 12:22:21 2018 +0900

    Fix a bug in unprotecting PN in short header
    
    Incorrect PN offset was used due to CID length difference.
---
 iocore/net/P_QUICPacketHandler.h |  2 +-
 iocore/net/QUICPacketHandler.cc  | 12 ++++++------
 iocore/net/quic/QUICPacket.cc    | 11 +++++------
 iocore/net/quic/QUICPacket.h     |  4 ++--
 4 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/iocore/net/P_QUICPacketHandler.h b/iocore/net/P_QUICPacketHandler.h
index 77fe364..b85fc02 100644
--- a/iocore/net/P_QUICPacketHandler.h
+++ b/iocore/net/P_QUICPacketHandler.h
@@ -45,7 +45,7 @@ public:
 
 protected:
   static void _send_packet(Continuation *c, const QUICPacket &packet, 
UDPConnection *udp_con, IpEndpoint &addr, uint32_t pmtu,
-                           QUICPacketNumberProtector *pn_protector);
+                           QUICPacketNumberProtector *pn_protector, int dcil);
 
   Event *_collector_event                       = nullptr;
   QUICClosedConCollector *_closed_con_collector = nullptr;
diff --git a/iocore/net/QUICPacketHandler.cc b/iocore/net/QUICPacketHandler.cc
index 7e6a58e..8d66d5a 100644
--- a/iocore/net/QUICPacketHandler.cc
+++ b/iocore/net/QUICPacketHandler.cc
@@ -71,7 +71,7 @@ QUICPacketHandler::close_conenction(QUICNetVConnection *conn)
 
 void
 QUICPacketHandler::_send_packet(Continuation *c, const QUICPacket &packet, 
UDPConnection *udp_con, IpEndpoint &addr, uint32_t pmtu,
-                                QUICPacketNumberProtector *pn_protector)
+                                QUICPacketNumberProtector *pn_protector, int 
dcil)
 {
   size_t udp_len;
   Ptr<IOBufferBlock> udp_payload(new_IOBufferBlock());
@@ -80,7 +80,7 @@ QUICPacketHandler::_send_packet(Continuation *c, const 
QUICPacket &packet, UDPCo
   udp_payload->fill(udp_len);
 
   if (pn_protector) {
-    QUICPacket::protect_packet_number(reinterpret_cast<uint8_t 
*>(udp_payload->start()), udp_len, pn_protector);
+    QUICPacket::protect_packet_number(reinterpret_cast<uint8_t 
*>(udp_payload->start()), udp_len, pn_protector, dcil);
   }
 
   UDPPacket *udp_packet = new_UDPPacket(addr, 0, udp_payload);
@@ -221,7 +221,7 @@ QUICPacketHandlerIn::_recv_packet(int event, UDPPacket 
*udp_packet)
       QUICDebugDS(scid, dcid, "Unsupported version: 0x%x", v);
 
       QUICPacketUPtr vn = 
QUICPacketFactory::create_version_negotiation_packet(scid, dcid);
-      this->_send_packet(this, *vn, udp_packet->getConnection(), 
udp_packet->from, 1200, nullptr);
+      this->_send_packet(this, *vn, udp_packet->getConnection(), 
udp_packet->from, 1200, nullptr, 0);
       udp_packet->free();
       return;
     }
@@ -252,7 +252,7 @@ QUICPacketHandlerIn::_recv_packet(int event, UDPPacket 
*udp_packet)
       token.generate(dcid, params->server_id());
     }
     auto packet = QUICPacketFactory::create_stateless_reset_packet(dcid, 
token);
-    this->_send_packet(this, *packet, udp_packet->getConnection(), 
udp_packet->from, 1200, nullptr);
+    this->_send_packet(this, *packet, udp_packet->getConnection(), 
udp_packet->from, 1200, nullptr, 0);
     udp_packet->free();
     return;
   }
@@ -304,7 +304,7 @@ QUICPacketHandlerIn::_recv_packet(int event, UDPPacket 
*udp_packet)
 void
 QUICPacketHandlerIn::send_packet(const QUICPacket &packet, QUICNetVConnection 
*vc, QUICPacketNumberProtector &pn_protector)
 {
-  this->_send_packet(this, packet, vc->get_udp_con(), vc->con.addr, 
vc->pmtu(), &pn_protector);
+  this->_send_packet(this, packet, vc->get_udp_con(), vc->con.addr, 
vc->pmtu(), &pn_protector, vc->peer_connection_id().length());
 }
 
 //
@@ -350,7 +350,7 @@ void
 QUICPacketHandlerOut::send_packet(const QUICPacket &packet, QUICNetVConnection 
*vc, QUICPacketNumberProtector &pn_protector)
 {
   // TODO Pass QUICPacketNumberProtector
-  this->_send_packet(this, packet, vc->get_udp_con(), vc->con.addr, 
vc->pmtu(), nullptr);
+  this->_send_packet(this, packet, vc->get_udp_con(), vc->con.addr, 
vc->pmtu(), nullptr, 0);
 }
 
 void
diff --git a/iocore/net/quic/QUICPacket.cc b/iocore/net/quic/QUICPacket.cc
index a28a3f5..9ac10d5 100644
--- a/iocore/net/quic/QUICPacket.cc
+++ b/iocore/net/quic/QUICPacket.cc
@@ -545,10 +545,9 @@ QUICPacketShortHeader::key_phase(QUICKeyPhase &phase, 
const uint8_t *packet, siz
 }
 
 bool
-QUICPacketShortHeader::packet_number_offset(size_t &pn_offset, const uint8_t 
*packet, size_t packet_len)
+QUICPacketShortHeader::packet_number_offset(size_t &pn_offset, const uint8_t 
*packet, size_t packet_len, int dcil)
 {
-  int connection_id_len = QUICConfigParams::scid_len();
-  pn_offset             = 1 + connection_id_len;
+  pn_offset = 1 + dcil;
   return true;
 }
 
@@ -756,7 +755,7 @@ QUICPacket::decode_packet_number(QUICPacketNumber &dst, 
QUICPacketNumber src, si
 }
 
 bool
-QUICPacket::protect_packet_number(uint8_t *packet, size_t packet_len, 
QUICPacketNumberProtector *pn_protector)
+QUICPacket::protect_packet_number(uint8_t *packet, size_t packet_len, 
QUICPacketNumberProtector *pn_protector, int dcil)
 {
   size_t pn_offset             = 0;
   uint8_t pn_len               = 4;
@@ -779,7 +778,7 @@ QUICPacket::protect_packet_number(uint8_t *packet, size_t 
packet_len, QUICPacket
     QUICPacketLongHeader::packet_number_offset(pn_offset, packet, packet_len);
   } else {
     QUICPacketShortHeader::key_phase(phase, packet, packet_len);
-    QUICPacketShortHeader::packet_number_offset(pn_offset, packet, packet_len);
+    QUICPacketShortHeader::packet_number_offset(pn_offset, packet, packet_len, 
dcil);
   }
   sample_offset = std::min(pn_offset + 4, packet_len - aead_expansion);
   sample_len    = 16; // On draft-12, the length is always 16 (See 5.6.1 and 
5.6.2)
@@ -818,7 +817,7 @@ QUICPacket::unprotect_packet_number(uint8_t *packet, size_t 
packet_len, QUICPack
     QUICPacketLongHeader::packet_number_offset(pn_offset, packet, packet_len);
   } else {
     QUICPacketShortHeader::key_phase(phase, packet, packet_len);
-    QUICPacketShortHeader::packet_number_offset(pn_offset, packet, packet_len);
+    QUICPacketShortHeader::packet_number_offset(pn_offset, packet, packet_len, 
QUICConfigParams::scid_len());
   }
   sample_offset = std::min(pn_offset + 4, packet_len - aead_expansion);
   sample_len    = 16; // On draft-12, the length is always 16 (See 5.6.1 and 
5.6.2)
diff --git a/iocore/net/quic/QUICPacket.h b/iocore/net/quic/QUICPacket.h
index 4067fda..8156a16 100644
--- a/iocore/net/quic/QUICPacket.h
+++ b/iocore/net/quic/QUICPacket.h
@@ -238,7 +238,7 @@ public:
   void store(uint8_t *buf, size_t *len) const;
 
   static bool key_phase(QUICKeyPhase &key_phase, const uint8_t *packet, size_t 
packet_len);
-  static bool packet_number_offset(size_t &pn_offset, const uint8_t *packet, 
size_t packet_len);
+  static bool packet_number_offset(size_t &pn_offset, const uint8_t *packet, 
size_t packet_len, int dcil);
 
 private:
   int _packet_number_len;
@@ -330,7 +330,7 @@ public:
   static bool encode_packet_number(QUICPacketNumber &dst, QUICPacketNumber 
src, size_t len);
   static bool decode_packet_number(QUICPacketNumber &dst, QUICPacketNumber 
src, size_t len, QUICPacketNumber largest_acked);
 
-  static bool protect_packet_number(uint8_t *packet, size_t packet_len, 
QUICPacketNumberProtector *pn_protector);
+  static bool protect_packet_number(uint8_t *packet, size_t packet_len, 
QUICPacketNumberProtector *pn_protector, int dcil);
   static bool unprotect_packet_number(uint8_t *packet, size_t packet_len, 
QUICPacketNumberProtector *pn_protector);
 
   LINK(QUICPacket, link);

Reply via email to