Merge pull request #2099 from lucas-clemente/stateless-reset-size

rework stateless reset size
2019-08-31 17:40:09 +07:00
parent dd6e8a7424 d02fd5178a
commit 3550aea322
3 changed files with 19 additions and 4 deletions
--- a/internal/protocol/protocol.go
+++ b/internal/protocol/protocol.go
@@ -56,8 +56,8 @@ const DefaultTCPMSS ByteCount = 1460
 // MinInitialPacketSize is the minimum size an Initial packet is required to have.
 const MinInitialPacketSize = 1200

-// MinStatelessResetSize is the minimum size of a stateless reset packet
-const MinStatelessResetSize = 1 /* first byte */ + 22 /* random bytes */ + 16 /* token */
+// MinStatelessResetSize is the minimum size of a stateless reset packet that we send
+const MinStatelessResetSize = 1 /* first byte */ + 20 /* max. conn ID length */ + 4 /* max. packet number length */ + 1 /* min. payload length */ + 16 /* token */

 // MinConnectionIDLenInitial is the minimum length of the destination connection ID on an Initial packet.
 const MinConnectionIDLenInitial = 8
--- a/packet_handler_map.go
+++ b/packet_handler_map.go
@@ -223,7 +223,7 @@ func (h *packetHandlerMap) maybeHandleStatelessReset(data []byte) bool {
 	if data[0]&0x80 != 0 {
 		return false
 	}
-	if len(data) < protocol.MinStatelessResetSize {
+	if len(data) < 17 /* type byte + 16 bytes for the reset token */ {
 		return false
 	}

@@ -264,7 +264,7 @@ func (h *packetHandlerMap) maybeSendStatelessReset(p *receivedPacket, connID pro
 	}
 	token := h.GetStatelessResetToken(connID)
 	h.logger.Debugf("Sending stateless reset to %s (connection ID: %s). Token: %#x", p.remoteAddr, connID, token)
-	data := make([]byte, 23)
+	data := make([]byte, protocol.MinStatelessResetSize-16, protocol.MinStatelessResetSize)
 	rand.Read(data)
 	data[0] = (data[0] & 0x7f) | 0x40
 	data = append(data, token[:]...)
--- a/packet_handler_map_test.go
+++ b/packet_handler_map_test.go
@@ -265,6 +265,21 @@ var _ = Describe("Packet Handler Map", func() {
 				// make sure we give it enough time to be called to cause an error here
 				time.Sleep(scaleDuration(25 * time.Millisecond))
 			})
+
+			It("ignores packets too small to contain a stateless reset", func() {
+				handler.connIDLen = 0
+				packetHandler := NewMockPacketHandler(mockCtrl)
+				token := [16]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}
+				handler.AddResetToken(token, packetHandler)
+				packet := append([]byte{0x40} /* short header packet */, token[:15]...)
+				done := make(chan struct{})
+				// don't EXPECT any calls here, but register the closing of the done channel
+				packetHandler.EXPECT().destroy(gomock.Any()).Do(func(error) {
+					close(done)
+				}).AnyTimes()
+				conn.dataToRead <- packet
+				Consistently(done).ShouldNot(BeClosed())
+			})
 		})

 		Context("generating", func() {