gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

disable address validation by default

Browse Source 
We should provide safe defaults. Since we implement the 3x amplification
limit, disabling address validation is not unsafe, and will save 1 RTT
for every handshake for applications that don't explicitely configure
Retries.
This commit is contained in:
Marten Seemann
2022-08-11 22:03:10 +04:00
parent 7fde609eef
commit bbfb7bd493
8 changed files with 35 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
integrationtests/self/mitm_test.go
View File

@@ -347,6 +347,7 @@ var _ = Describe("MITM test", func() {
// as it has already accepted a retry.
// TODO: determine behavior when server does not send Retry packets
It("fails when a forged Retry packet with modified srcConnID is sent to client", func() {
serverConfig.RequireAddressValidation = func(net.Addr) bool { return true }
var initialPacketIntercepted bool
done := make(chan struct{})
delayCb := func(dir quicproxy.Direction, raw []byte) time.Duration {