don't send stateless resets for small packets

This prevents amplification and looping.
2019-03-06 14:42:38 +09:00
parent 19cf46d736
commit 5c20519743
2 changed files with 12 additions and 0 deletions
--- a/packet_handler_map.go
+++ b/packet_handler_map.go
@@ -245,6 +245,11 @@ func (h *packetHandlerMap) GetStatelessResetToken(connID protocol.ConnectionID)

 func (h *packetHandlerMap) maybeSendStatelessReset(p *receivedPacket, connID protocol.ConnectionID) {
 	defer p.buffer.Release()
+	// Don't send a stateless reset in response to very small packets.
+	// This includes packets that could be stateless resets.
+	if len(p.data) <= protocol.MinStatelessResetSize {
+		return
+	}
 	token := h.GetStatelessResetToken(connID)
 	h.logger.Debugf("Sending stateless reset to %s (connection ID: %s). Token: %#x", p.remoteAddr, connID, token)
 	data := make([]byte, 23)