gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

Merge pull request #1616 from lucas-clemente/drop-short-header-packets

Browse Source 
drop short header packets for unknown sessions
This commit is contained in:
Marten Seemann
2018-11-20 16:01:09 +07:00
committed by GitHub
parent 9edd783983 44513a528c
commit 34dd046cb6
4 changed files with 31 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
packet_handler_map.go
View File

@@ -185,14 +185,18 @@ func (h *packetHandlerMap) handlePacket(addr net.Addr, data []byte) error {
handlePacket = handler.handlePacket handlePacket = handler.handlePacket
} else { // no session found } else { // no session found
// this might be a stateless reset // this might be a stateless reset
if !iHdr.IsLongHeader && len(data) >= protocol.MinStatelessResetSize { if !iHdr.IsLongHeader {
var token [16]byte if len(data) >= protocol.MinStatelessResetSize {
copy(token[:], data[len(data)-16:]) var token [16]byte
if sess, ok := h.resetTokens[token]; ok { copy(token[:], data[len(data)-16:])
h.mutex.RUnlock() if sess, ok := h.resetTokens[token]; ok {
sess.destroy(errors.New("received a stateless reset")) h.mutex.RUnlock()
return nil sess.destroy(errors.New("received a stateless reset"))
return nil
}
} }
// TODO(#943): send a stateless reset
return fmt.Errorf("received a short header packet with an unexpected connection ID %s", iHdr.DestConnectionID)
} }
if server == nil { // no server set if server == nil { // no server set
h.mutex.RUnlock() h.mutex.RUnlock()

2
packet_handler_map_test.go
View File

@@ -227,7 +227,7 @@ var _ = Describe("Packet Handler Map", func() {
Expect(handler.handlePacket(nil, getPacket(connID))).To(MatchError("received a packet with an unexpected connection ID 0xdeadbeef42")) Expect(handler.handlePacket(nil, getPacket(connID))).To(MatchError("received a packet with an unexpected connection ID 0xdeadbeef42"))
packet := append([]byte{0x40, 0xde, 0xca, 0xfb, 0xad, 0x99} /* short header packet */, make([]byte, 50)...) packet := append([]byte{0x40, 0xde, 0xca, 0xfb, 0xad, 0x99} /* short header packet */, make([]byte, 50)...)
packet = append(packet, token[:]...) packet = append(packet, token[:]...)
Expect(handler.handlePacket(nil, packet)).To(MatchError("received a packet with an unexpected connection ID 0xdecafbad99")) Expect(handler.handlePacket(nil, packet)).To(MatchError("received a short header packet with an unexpected connection ID 0xdecafbad99"))
Expect(handler.resetTokens).To(BeEmpty()) Expect(handler.resetTokens).To(BeEmpty())
}) })
}) })

8
server.go
View File

@@ -308,11 +308,9 @@ func (s *server) handlePacket(p *receivedPacket) {
func (s *server) handlePacketImpl(p *receivedPacket) error { func (s *server) handlePacketImpl(p *receivedPacket) error {
hdr := p.header hdr := p.header
if hdr.IsLongHeader { // send a Version Negotiation Packet if the client is speaking a different protocol version
// send a Version Negotiation Packet if the client is speaking a different protocol version if !protocol.IsSupportedVersion(s.config.Versions, hdr.Version) {
if !protocol.IsSupportedVersion(s.config.Versions, hdr.Version) { return s.sendVersionNegotiationPacket(p)
return s.sendVersionNegotiationPacket(p)
}
} }
if hdr.Type == protocol.PacketTypeInitial { if hdr.Type == protocol.PacketTypeInitial {
go s.handleInitial(p) go s.handleInitial(p)

24
server_test.go
View File

@@ -129,27 +129,33 @@ var _ = Describe("Server", func() {
}, },
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize-100), data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize-100),
}) })
Expect(conn.dataWritten.Len()).To(BeZero()) Consistently(conn.dataWritten.Len).Should(BeZero())
}) })
It("drops packets with a too short connection ID", func() { It("drops packets with a too short connection ID", func() {
hdr := &wire.Header{ hdr := &wire.Header{
IsLongHeader: true,
Type: protocol.PacketTypeInitial,
SrcConnectionID: protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8}, SrcConnectionID: protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8},
DestConnectionID: protocol.ConnectionID{1, 2, 3, 4}, DestConnectionID: protocol.ConnectionID{1, 2, 3, 4},
Version: serv.config.Versions[0],
PacketNumberLen: protocol.PacketNumberLen1, PacketNumberLen: protocol.PacketNumberLen1,
} }
serv.handlePacket(&receivedPacket{ serv.handlePacket(&receivedPacket{
header: hdr, header: hdr,
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize), data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize),
}) })
Expect(conn.dataWritten.Len()).To(BeZero()) Consistently(conn.dataWritten.Len).Should(BeZero())
}) })
It("drops non-Initial packets", func() { It("drops non-Initial packets", func() {
serv.logger.SetLogLevel(utils.LogLevelDebug) serv.logger.SetLogLevel(utils.LogLevelDebug)
serv.handlePacket(&receivedPacket{ serv.handlePacket(&receivedPacket{
header: &wire.Header{Type: protocol.PacketTypeHandshake}, header: &wire.Header{
data: []byte("invalid"), Type: protocol.PacketTypeHandshake,
Version: serv.config.Versions[0],
},
data: []byte("invalid"),
}) })
}) })
@@ -170,8 +176,9 @@ var _ = Describe("Server", func() {
serv.handlePacket(&receivedPacket{ serv.handlePacket(&receivedPacket{
remoteAddr: raddr, remoteAddr: raddr,
header: &wire.Header{ header: &wire.Header{
Type: protocol.PacketTypeInitial, Type: protocol.PacketTypeInitial,
Token: token, Token: token,
Version: serv.config.Versions[0],
}, },
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize), data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize),
}) })
@@ -193,8 +200,9 @@ var _ = Describe("Server", func() {
serv.handlePacket(&receivedPacket{ serv.handlePacket(&receivedPacket{
remoteAddr: raddr, remoteAddr: raddr,
header: &wire.Header{ header: &wire.Header{
Type: protocol.PacketTypeInitial, Type: protocol.PacketTypeInitial,
Token: []byte("foobar"), Token: []byte("foobar"),
Version: serv.config.Versions[0],
}, },
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize), data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize),
}) })