From bf615659d6ea09728789c9a8b98a9d4c7e05181a Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Sat, 7 Jan 2017 14:56:24 +0700
Subject: [PATCH] ignore public reset packets, and log them

ref #34
---
 server.go      | 16 ++++++++++++++++
 server_test.go | 27 +++++++++++++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/server.go b/server.go
index e6dca7d0..a1677030 100644
--- a/server.go
+++ b/server.go
@@ -146,6 +146,22 @@ func (s *Server) handlePacket(conn *net.UDPConn, remoteAddr *net.UDPAddr, packet
 	session, ok := s.sessions[hdr.ConnectionID]
 	s.sessionsMutex.RUnlock()
 
+	// ignore all Public Reset packets
+	if hdr.ResetFlag {
+		if ok {
+			var pr *publicReset
+			pr, err = parsePublicReset(r)
+			if err != nil {
+				utils.Infof("Received a Public Reset for connection %x. An error occurred parsing the packet.")
+			} else {
+				utils.Infof("Received a Public Reset for connection %x, rejected packet number: 0x%x.", hdr.ConnectionID, pr.rejectedPacketNumber)
+			}
+		} else {
+			utils.Infof("Received Public Reset for unknown connection %x.", hdr.ConnectionID)
+		}
+		return nil
+	}
+
 	// a session is only created once the client sent a supported version
 	// if we receive a packet for a connection that already has session, it's probably an old packet that was sent by the client before the version was negotiated
 	// it is safe to drop it
diff --git a/server_test.go b/server_test.go
index 20120534..5a8f3c08 100644
--- a/server_test.go
+++ b/server_test.go
@@ -130,6 +130,33 @@ var _ = Describe("Server", func() {
 			err := server.handlePacket(nil, nil, bytes.Repeat([]byte{'a'}, int(protocol.MaxPacketSize)+1))
 			Expect(err).To(MatchError(qerr.PacketTooLarge))
 		})
+
+		It("ignores public resets for unknown connections", func() {
+			err := server.handlePacket(nil, nil, writePublicReset(999, 1, 1337))
+			Expect(err).ToNot(HaveOccurred())
+			Expect(server.sessions).To(BeEmpty())
+		})
+
+		It("ignores public resets for known connections", func() {
+			err := server.handlePacket(nil, nil, firstPacket)
+			Expect(server.sessions).To(HaveLen(1))
+			Expect(server.sessions[0x4cfa9f9b668619f6].(*mockSession).packetCount).To(Equal(1))
+			err = server.handlePacket(nil, nil, writePublicReset(0x4cfa9f9b668619f6, 1, 1337))
+			Expect(err).ToNot(HaveOccurred())
+			Expect(server.sessions).To(HaveLen(1))
+			Expect(server.sessions[0x4cfa9f9b668619f6].(*mockSession).packetCount).To(Equal(1))
+		})
+
+		It("ignores invalid public resets for known connections", func() {
+			err := server.handlePacket(nil, nil, firstPacket)
+			Expect(server.sessions).To(HaveLen(1))
+			Expect(server.sessions[0x4cfa9f9b668619f6].(*mockSession).packetCount).To(Equal(1))
+			data := writePublicReset(0x4cfa9f9b668619f6, 1, 1337)
+			err = server.handlePacket(nil, nil, data[:len(data)-2])
+			Expect(err).ToNot(HaveOccurred())
+			Expect(server.sessions).To(HaveLen(1))
+			Expect(server.sessions[0x4cfa9f9b668619f6].(*mockSession).packetCount).To(Equal(1))
+		})
 	})
 
 	It("setups and responds with version negotiation", func(done Done) {