This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push: new 0a9fe52 Fix unsupported version packet handling 0a9fe52 is described below commit 0a9fe522731ca820901781b08c6f9f892870e757 Author: Masaori Koshiba <masa...@apache.org> AuthorDate: Tue Jun 5 21:35:11 2018 +0900 Fix unsupported version packet handling - Do not copy payload, because payload size is unknown - Do not set largest received packet number, because packet number is unknown --- iocore/net/quic/QUICPacket.cc | 11 +++------- iocore/net/quic/QUICPacketReceiveQueue.cc | 34 ++++++++++++++++++++++--------- 2 files changed, 27 insertions(+), 18 deletions(-) diff --git a/iocore/net/quic/QUICPacket.cc b/iocore/net/quic/QUICPacket.cc index 0178f02..1e3ed13 100644 --- a/iocore/net/quic/QUICPacket.cc +++ b/iocore/net/quic/QUICPacket.cc @@ -746,11 +746,6 @@ QUICPacketFactory::create(IpEndpoint from, ats_unique_buf buf, size_t len, QUICP size_t plain_txt_len = 0; QUICPacketHeaderUPtr header = QUICPacketHeader::load(from, std::move(buf), len, base_packet_number, this->_dcil); - if (!header->is_valid()) { - // PROTOCOL_VIOLATION ? - result = QUICPacketCreationResult::FAILED; - return QUICPacketUPtr(nullptr, &QUICPacketDeleter::delete_packet); - } QUICConnectionId dcid = header->destination_cid(); QUICConnectionId scid = header->source_cid(); @@ -762,13 +757,13 @@ QUICPacketFactory::create(IpEndpoint from, ats_unique_buf buf, size_t len, QUICP // version of VN packet is 0x00000000 // This packet is unprotected. Just copy the payload result = QUICPacketCreationResult::SUCCESS; + memcpy(plain_txt.get(), header->payload(), header->payload_size()); + plain_txt_len = header->payload_size(); } else { // We can't decrypt packets that have unknown versions + // What we can use is invariant field of Long Header - version, dcid, and scid result = QUICPacketCreationResult::UNSUPPORTED; } - - memcpy(plain_txt.get(), header->payload(), header->payload_size()); - plain_txt_len = header->payload_size(); } else { switch (header->type()) { case QUICPacketType::STATELESS_RESET: diff --git a/iocore/net/quic/QUICPacketReceiveQueue.cc b/iocore/net/quic/QUICPacketReceiveQueue.cc index 00c6904..1c30f3a 100644 --- a/iocore/net/quic/QUICPacketReceiveQueue.cc +++ b/iocore/net/quic/QUICPacketReceiveQueue.cc @@ -31,9 +31,9 @@ static constexpr int LONG_HDR_OFFSET_CONNECTION_ID = 6; static constexpr int LONG_HDR_PKT_NUM_LEN = 4; static bool -is_vn(uint8_t *buf) +is_vn(QUICVersion v) { - return QUICTypeUtil::read_QUICVersion(buf + LONG_HDR_OFFSET_VERSION) == 0x00; + return v == 0x0; } static size_t @@ -99,11 +99,19 @@ QUICPacketReceiveQueue::dequeue(QUICPacketCreationResult &result) size_t pkt_len = 0; if (QUICTypeUtil::has_long_header(this->_payload.get())) { + uint8_t *buf = this->_payload.get() + this->_offset; size_t remaining_len = this->_payload_len - this->_offset; - if (is_vn(this->_payload.get() + this->_offset)) { - pkt_len = remaining_len; - } else if (QUICTypeUtil::has_long_header(this->_payload.get() + this->_offset)) { - pkt_len = long_hdr_pkt_len(this->_payload.get() + this->_offset); + + if (QUICTypeUtil::has_long_header(buf)) { + QUICVersion version = QUICTypeUtil::read_QUICVersion(buf + LONG_HDR_OFFSET_VERSION); + if (is_vn(version)) { + pkt_len = remaining_len; + } else if (!QUICTypeUtil::is_supported_version(version)) { + result = QUICPacketCreationResult::UNSUPPORTED; + pkt_len = remaining_len; + } else { + pkt_len = long_hdr_pkt_len(this->_payload.get() + this->_offset); + } } else { pkt_len = remaining_len; } @@ -140,15 +148,21 @@ QUICPacketReceiveQueue::dequeue(QUICPacketCreationResult &result) udp_packet->free(); } - if (result == QUICPacketCreationResult::NOT_READY) { + switch (result) { + case QUICPacketCreationResult::NOT_READY: // FIXME: unordered packet should be buffered and retried if (this->_queue.size > 0) { result = QUICPacketCreationResult::IGNORED; } - } - if (quic_packet && quic_packet->packet_number() > this->_largest_received_packet_number) { - this->_largest_received_packet_number = quic_packet->packet_number(); + break; + case QUICPacketCreationResult::UNSUPPORTED: + // do nothing - if the packet is unsupported version, we don't know packet number + break; + default: + if (quic_packet && quic_packet->packet_number() > this->_largest_received_packet_number) { + this->_largest_received_packet_number = quic_packet->packet_number(); + } } return quic_packet; -- To stop receiving notification emails like this one, please contact masa...@apache.org.