forked from quic-go/quic-go
drop short header packets for unknown sessions
This commit is contained in:
Marten Seemann
@@ -185,14 +185,18 @@ func (h *packetHandlerMap) handlePacket(addr net.Addr, data []byte) error {
|
||||
handlePacket = handler.handlePacket
|
||||
} else { // no session found
|
||||
// this might be a stateless reset
|
||||
if !iHdr.IsLongHeader && len(data) >= protocol.MinStatelessResetSize {
|
||||
var token [16]byte
|
||||
copy(token[:], data[len(data)-16:])
|
||||
if sess, ok := h.resetTokens[token]; ok {
|
||||
h.mutex.RUnlock()
|
||||
sess.destroy(errors.New("received a stateless reset"))
|
||||
return nil
|
||||
if !iHdr.IsLongHeader {
|
||||
if len(data) >= protocol.MinStatelessResetSize {
|
||||
var token [16]byte
|
||||
copy(token[:], data[len(data)-16:])
|
||||
if sess, ok := h.resetTokens[token]; ok {
|
||||
h.mutex.RUnlock()
|
||||
sess.destroy(errors.New("received a stateless reset"))
|
||||
return nil
|
||||
}
|
||||
}
|
||||
// TODO(#943): send a stateless reset
|
||||
return fmt.Errorf("received a short header packet with an unexpected connection ID %s", iHdr.DestConnectionID)
|
||||
}
|
||||
if server == nil { // no server set
|
||||
h.mutex.RUnlock()
|
||||
|
||||
@@ -227,7 +227,7 @@ var _ = Describe("Packet Handler Map", func() {
|
||||
Expect(handler.handlePacket(nil, getPacket(connID))).To(MatchError("received a packet with an unexpected connection ID 0xdeadbeef42"))
|
||||
packet := append([]byte{0x40, 0xde, 0xca, 0xfb, 0xad, 0x99} /* short header packet */, make([]byte, 50)...)
|
||||
packet = append(packet, token[:]...)
|
||||
Expect(handler.handlePacket(nil, packet)).To(MatchError("received a packet with an unexpected connection ID 0xdecafbad99"))
|
||||
Expect(handler.handlePacket(nil, packet)).To(MatchError("received a short header packet with an unexpected connection ID 0xdecafbad99"))
|
||||
Expect(handler.resetTokens).To(BeEmpty())
|
||||
})
|
||||
})
|
||||
|
||||
@@ -308,11 +308,9 @@ func (s *server) handlePacket(p *receivedPacket) {
|
||||
func (s *server) handlePacketImpl(p *receivedPacket) error {
|
||||
hdr := p.header
|
||||
|
||||
if hdr.IsLongHeader {
|
||||
// send a Version Negotiation Packet if the client is speaking a different protocol version
|
||||
if !protocol.IsSupportedVersion(s.config.Versions, hdr.Version) {
|
||||
return s.sendVersionNegotiationPacket(p)
|
||||
}
|
||||
// send a Version Negotiation Packet if the client is speaking a different protocol version
|
||||
if !protocol.IsSupportedVersion(s.config.Versions, hdr.Version) {
|
||||
return s.sendVersionNegotiationPacket(p)
|
||||
}
|
||||
if hdr.Type == protocol.PacketTypeInitial {
|
||||
go s.handleInitial(p)
|
||||
|
||||
@@ -129,27 +129,33 @@ var _ = Describe("Server", func() {
|
||||
},
|
||||
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize-100),
|
||||
})
|
||||
Expect(conn.dataWritten.Len()).To(BeZero())
|
||||
Consistently(conn.dataWritten.Len).Should(BeZero())
|
||||
})
|
||||
|
||||
It("drops packets with a too short connection ID", func() {
|
||||
hdr := &wire.Header{
|
||||
IsLongHeader: true,
|
||||
Type: protocol.PacketTypeInitial,
|
||||
SrcConnectionID: protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8},
|
||||
DestConnectionID: protocol.ConnectionID{1, 2, 3, 4},
|
||||
Version: serv.config.Versions[0],
|
||||
PacketNumberLen: protocol.PacketNumberLen1,
|
||||
}
|
||||
serv.handlePacket(&receivedPacket{
|
||||
header: hdr,
|
||||
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize),
|
||||
})
|
||||
Expect(conn.dataWritten.Len()).To(BeZero())
|
||||
Consistently(conn.dataWritten.Len).Should(BeZero())
|
||||
})
|
||||
|
||||
It("drops non-Initial packets", func() {
|
||||
serv.logger.SetLogLevel(utils.LogLevelDebug)
|
||||
serv.handlePacket(&receivedPacket{
|
||||
header: &wire.Header{Type: protocol.PacketTypeHandshake},
|
||||
data: []byte("invalid"),
|
||||
header: &wire.Header{
|
||||
Type: protocol.PacketTypeHandshake,
|
||||
Version: serv.config.Versions[0],
|
||||
},
|
||||
data: []byte("invalid"),
|
||||
})
|
||||
})
|
||||
|
||||
@@ -170,8 +176,9 @@ var _ = Describe("Server", func() {
|
||||
serv.handlePacket(&receivedPacket{
|
||||
remoteAddr: raddr,
|
||||
header: &wire.Header{
|
||||
Type: protocol.PacketTypeInitial,
|
||||
Token: token,
|
||||
Type: protocol.PacketTypeInitial,
|
||||
Token: token,
|
||||
Version: serv.config.Versions[0],
|
||||
},
|
||||
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize),
|
||||
})
|
||||
@@ -193,8 +200,9 @@ var _ = Describe("Server", func() {
|
||||
serv.handlePacket(&receivedPacket{
|
||||
remoteAddr: raddr,
|
||||
header: &wire.Header{
|
||||
Type: protocol.PacketTypeInitial,
|
||||
Token: []byte("foobar"),
|
||||
Type: protocol.PacketTypeInitial,
|
||||
Token: []byte("foobar"),
|
||||
Version: serv.config.Versions[0],
|
||||
},
|
||||
data: bytes.Repeat([]byte{0}, protocol.MinInitialPacketSize),
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user