gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

enforce a minimum value of the remote idle timeout

Browse Source 
This prevents a DoS where a peer could send us a really small remote
idle timeout, and we would continuously send it PING frames.
This commit is contained in:
Marten Seemann
2017-10-03 11:06:31 -07:00
parent 0ffb64b5d7
commit 4eec7433d9
7 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
internal/handshake/params_negotiator_gquic_test.go
View File

@@ -212,7 +212,7 @@ var _ = Describe("Params Negotiator (for gQUIC)", func() {
})
Context("idle timeout", func() {
It("sets the negotiated lifetime", func() {
It("sets the remote idle timeout", func() {
values := map[Tag][]byte{
TagICSL: {10, 0, 0, 0},
}
@@ -221,6 +221,17 @@ var _ = Describe("Params Negotiator (for gQUIC)", func() {
Expect(pn.GetRemoteIdleTimeout()).To(Equal(10 * time.Second))
})
It("doesn't allow values below the minimum remote idle timeout", func() {
t := 2 * time.Second
Expect(t).To(BeNumerically("<", protocol.MinRemoteIdleTimeout))
values := map[Tag][]byte{
TagICSL: {uint8(t.Seconds()), 0, 0, 0},
}
err := pn.SetFromMap(values)
Expect(err).ToNot(HaveOccurred())
Expect(pn.GetRemoteIdleTimeout()).To(Equal(protocol.MinRemoteIdleTimeout))
})
It("errors when given an invalid value", func() {
values := map[Tag][]byte{TagICSL: {2, 0, 0}} // 1 byte too short
err := pn.SetFromMap(values)