[trafficserver] branch quic-latest updated: Drop Initial packets with short DICL

Mon, 04 Mar 2019 21:00:15 -0800 

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/quic-latest by this push:
     new 991a990  Drop Initial packets with short DICL
991a990 is described below

commit 991a990549153ea4c62c38ee46ab26f33a000c49
Author: Masaori Koshiba <[email protected]>
AuthorDate: Tue Mar 5 13:59:23 2019 +0900

    Drop Initial packets with short DICL
---
 iocore/net/QUICPacketHandler.cc | 13 +++++++++++++
 iocore/net/quic/QUICTypes.h     |  5 +++--
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/iocore/net/QUICPacketHandler.cc b/iocore/net/QUICPacketHandler.cc
index 9493916..6d693cd 100644
--- a/iocore/net/QUICPacketHandler.cc
+++ b/iocore/net/QUICPacketHandler.cc
@@ -255,6 +255,19 @@ QUICPacketHandlerIn::_recv_packet(int event, UDPPacket 
*udp_packet)
       // TODO: lookup DCID by 5-tuple when ATS omits SCID
       return;
     }
+
+    QUICPacketType type = QUICPacketType::UNINITIALIZED;
+    QUICPacketLongHeader::type(type, buf, buf_len);
+    if (type == QUICPacketType::INITIAL) {
+      // [draft-18] 7.2.
+      // When an Initial packet is sent by a client which has not previously 
received a Retry packet from the server, it populates
+      // the Destination Connection ID field with an unpredictable value. This 
MUST be at least 8 bytes in length.
+      if (dcid != QUICConnectionId::ZERO() && dcid.length() < 
QUICConnectionId::MIN_LENGTH_FOR_INITIAL) {
+        QUICDebug("Ignore packet - DCIL is too small for Initial packet");
+        udp_packet->free();
+        return;
+      }
+    }
   } else {
     // TODO: lookup DCID by 5-tuple when ATS omits SCID
     if (is_debug_tag_set(debug_tag)) {
diff --git a/iocore/net/quic/QUICTypes.h b/iocore/net/quic/QUICTypes.h
index bf734d4..c376a2f 100644
--- a/iocore/net/quic/QUICTypes.h
+++ b/iocore/net/quic/QUICTypes.h
@@ -223,8 +223,9 @@ class QUICConnectionId
 public:
   static uint8_t SCID_LEN;
 
-  static const int MAX_LENGTH            = 18;
-  static const size_t MAX_HEX_STR_LENGTH = MAX_LENGTH * 2 + 1;
+  static const int MIN_LENGTH_FOR_INITIAL = 8;
+  static const int MAX_LENGTH             = 18;
+  static const size_t MAX_HEX_STR_LENGTH  = MAX_LENGTH * 2 + 1;
   static QUICConnectionId ZERO();
   QUICConnectionId();
   QUICConnectionId(const uint8_t *buf, uint8_t len);

Reply via email to