From 5a36a287de9c5aa4eb0668b9f5e9a3f2ca3b02b1 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Sun, 10 Dec 2017 22:52:08 +0700 Subject: [PATCH 1/3] handle MAX_STREAM_DATA frames for the crypto stream --- session.go | 4 ++++ session_test.go | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/session.go b/session.go index 467c992e..16e89e4b 100644 --- a/session.go +++ b/session.go @@ -582,6 +582,10 @@ func (s *session) handleMaxDataFrame(frame *wire.MaxDataFrame) { } func (s *session) handleMaxStreamDataFrame(frame *wire.MaxStreamDataFrame) error { + if frame.StreamID == s.version.CryptoStreamID() { + s.cryptoStream.UpdateSendWindow(frame.ByteOffset) + return nil + } str, err := s.streamsMap.GetOrOpenStream(frame.StreamID) if err != nil { return err diff --git a/session_test.go b/session_test.go index 52c9ad9c..c588b4f7 100644 --- a/session_test.go +++ b/session_test.go @@ -393,6 +393,18 @@ var _ = Describe("Session", func() { sess.connFlowController = connFC }) + It("updates the flow control window of the crypto stream", func() { + fc := mocks.NewMockStreamFlowController(mockCtrl) + offset := protocol.ByteCount(0x4321) + fc.EXPECT().UpdateSendWindow(offset) + sess.cryptoStream.(*stream).flowController = fc + err := sess.handleMaxStreamDataFrame(&wire.MaxStreamDataFrame{ + StreamID: sess.version.CryptoStreamID(), + ByteOffset: offset, + }) + Expect(err).ToNot(HaveOccurred()) + }) + It("updates the flow control window of a stream", func() { offset := protocol.ByteCount(0x1234) str, err := sess.GetOrOpenStream(5) From 81e13e52fda29d69208a5cf3ca6d8891553e44b1 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Sun, 10 Dec 2017 23:01:25 +0700 Subject: [PATCH 2/3] reject STREAM frames that would close the crypto stream --- session.go | 3 +++ session_test.go | 11 ++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/session.go b/session.go index 16e89e4b..3a632909 100644 --- a/session.go +++ b/session.go @@ -563,6 +563,9 @@ func (s *session) handlePacket(p *receivedPacket) { func (s *session) handleStreamFrame(frame *wire.StreamFrame) error { if frame.StreamID == s.version.CryptoStreamID() { + if frame.FinBit { + return errors.New("Received STREAM frame with FIN bit for the crypto stream") + } return s.cryptoStream.AddStreamFrame(frame) } str, err := s.streamsMap.GetOrOpenStream(frame.StreamID) diff --git a/session_test.go b/session_test.go index c588b4f7..9c9d4e30 100644 --- a/session_test.go +++ b/session_test.go @@ -269,7 +269,7 @@ var _ = Describe("Session", func() { } }) - Context("when handling STREAM frames", func() { + Context("handling STREAM frames", func() { BeforeEach(func() { sess.streamsMap.UpdateMaxStreamLimit(100) }) @@ -330,6 +330,15 @@ var _ = Describe("Session", func() { }) Expect(err).ToNot(HaveOccurred()) }) + + It("errors on a STREAM frame that would close the crypto stream", func() { + err := sess.handleStreamFrame(&wire.StreamFrame{ + StreamID: sess.version.CryptoStreamID(), + Offset: 0x1337, + FinBit: true, + }) + Expect(err).To(MatchError("Received STREAM frame with FIN bit for the crypto stream")) + }) }) Context("handling RST_STREAM frames", func() { From dfa2181657c336b7d445e15905c74664bc4c820d Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Sun, 10 Dec 2017 23:11:26 +0700 Subject: [PATCH 3/3] reject RST_STREAM frames for the crypto stream --- session.go | 3 +++ session_test.go | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/session.go b/session.go index 3a632909..e282c69a 100644 --- a/session.go +++ b/session.go @@ -602,6 +602,9 @@ func (s *session) handleMaxStreamDataFrame(frame *wire.MaxStreamDataFrame) error } func (s *session) handleRstStreamFrame(frame *wire.RstStreamFrame) error { + if frame.StreamID == s.version.CryptoStreamID() { + return errors.New("Received RST_STREAM frame for the crypto stream") + } str, err := s.streamsMap.GetOrOpenStream(frame.StreamID) if err != nil { return err diff --git a/session_test.go b/session_test.go index 9c9d4e30..d2a6efe4 100644 --- a/session_test.go +++ b/session_test.go @@ -392,6 +392,14 @@ var _ = Describe("Session", func() { }}, protocol.EncryptionUnspecified) Expect(err).NotTo(HaveOccurred()) }) + + It("erros when a RST_STREAM frame would reset the crypto stream", func() { + err := sess.handleRstStreamFrame(&wire.RstStreamFrame{ + StreamID: sess.version.CryptoStreamID(), + ErrorCode: 123, + }) + Expect(err).To(MatchError("Received RST_STREAM frame for the crypto stream")) + }) }) Context("handling MAX_DATA and MAX_STREAM_DATA frames", func() {