From 96db15c836dd88c254863d172c227f63e93cf1d0 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Sat, 31 Aug 2019 12:26:37 +0700 Subject: [PATCH 1/2] accept smaller stateless resets --- packet_handler_map.go | 2 +- packet_handler_map_test.go | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/packet_handler_map.go b/packet_handler_map.go index 35265b59..12e2e70e 100644 --- a/packet_handler_map.go +++ b/packet_handler_map.go @@ -223,7 +223,7 @@ func (h *packetHandlerMap) maybeHandleStatelessReset(data []byte) bool { if data[0]&0x80 != 0 { return false } - if len(data) < protocol.MinStatelessResetSize { + if len(data) < 17 /* type byte + 16 bytes for the reset token */ { return false } diff --git a/packet_handler_map_test.go b/packet_handler_map_test.go index e52c1305..a4c15798 100644 --- a/packet_handler_map_test.go +++ b/packet_handler_map_test.go @@ -265,6 +265,21 @@ var _ = Describe("Packet Handler Map", func() { // make sure we give it enough time to be called to cause an error here time.Sleep(scaleDuration(25 * time.Millisecond)) }) + + It("ignores packets too small to contain a stateless reset", func() { + handler.connIDLen = 0 + packetHandler := NewMockPacketHandler(mockCtrl) + token := [16]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16} + handler.AddResetToken(token, packetHandler) + packet := append([]byte{0x40} /* short header packet */, token[:15]...) + done := make(chan struct{}) + // don't EXPECT any calls here, but register the closing of the done channel + packetHandler.EXPECT().destroy(gomock.Any()).Do(func(error) { + close(done) + }).AnyTimes() + conn.dataToRead <- packet + Consistently(done).ShouldNot(BeClosed()) + }) }) Context("generating", func() { From d02fd5178a95a16f5e721fdd466a2c9662f3d6c4 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Sat, 31 Aug 2019 12:33:53 +0700 Subject: [PATCH 2/2] adjust the minimum size for stateless resets to the new header format --- internal/protocol/protocol.go | 4 ++-- packet_handler_map.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/protocol/protocol.go b/internal/protocol/protocol.go index 7c4d6071..8c750e5f 100644 --- a/internal/protocol/protocol.go +++ b/internal/protocol/protocol.go @@ -56,8 +56,8 @@ const DefaultTCPMSS ByteCount = 1460 // MinInitialPacketSize is the minimum size an Initial packet is required to have. const MinInitialPacketSize = 1200 -// MinStatelessResetSize is the minimum size of a stateless reset packet -const MinStatelessResetSize = 1 /* first byte */ + 22 /* random bytes */ + 16 /* token */ +// MinStatelessResetSize is the minimum size of a stateless reset packet that we send +const MinStatelessResetSize = 1 /* first byte */ + 20 /* max. conn ID length */ + 4 /* max. packet number length */ + 1 /* min. payload length */ + 16 /* token */ // MinConnectionIDLenInitial is the minimum length of the destination connection ID on an Initial packet. const MinConnectionIDLenInitial = 8 diff --git a/packet_handler_map.go b/packet_handler_map.go index 12e2e70e..57a77f7a 100644 --- a/packet_handler_map.go +++ b/packet_handler_map.go @@ -264,7 +264,7 @@ func (h *packetHandlerMap) maybeSendStatelessReset(p *receivedPacket, connID pro } token := h.GetStatelessResetToken(connID) h.logger.Debugf("Sending stateless reset to %s (connection ID: %s). Token: %#x", p.remoteAddr, connID, token) - data := make([]byte, 23) + data := make([]byte, protocol.MinStatelessResetSize-16, protocol.MinStatelessResetSize) rand.Read(data) data[0] = (data[0] & 0x7f) | 0x40 data = append(data, token[:]...)