From 1231d3c179182b60fcf19ebe70f917b77c6d40b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= Date: Thu, 28 Apr 2022 15:43:46 +0200 Subject: [PATCH] MINOR: quic: Drop 0-RTT packets without secrets If we received 0-RTT packets and no secrets were provided by the TLS stack we must drop them. --- src/xprt_quic.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/xprt_quic.c b/src/xprt_quic.c index 3a069df93..1b494a3ea 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -4025,11 +4025,25 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) !(qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE)) goto out; - if (zero_rtt && next_qel && !MT_LIST_ISEMPTY(&next_qel->rx.pqpkts) && - (next_qel->tls_ctx.flags & QUIC_FL_TLS_SECRETS_SET)) { - qel = next_qel; - next_qel = NULL; - goto next_level; + if (next_qel && next_qel == &qc->els[QUIC_TLS_ENC_LEVEL_EARLY_DATA] && + !MT_LIST_ISEMPTY(&next_qel->rx.pqpkts)) { + if ((next_qel->tls_ctx.flags & QUIC_FL_TLS_SECRETS_SET)) { + qel = next_qel; + next_qel = NULL; + goto next_level; + } + else { + struct quic_rx_packet *pkt; + struct mt_list *elt1, elt2; + struct quic_enc_level *aqel = &qc->els[QUIC_TLS_ENC_LEVEL_EARLY_DATA]; + + /* Drop these 0-RTT packets */ + TRACE_PROTO("drop all 0-RTT packets", QUIC_EV_CONN_PHPKTS, qc); + mt_list_for_each_entry_safe(pkt, &aqel->rx.pqpkts, list, elt1, elt2) { + MT_LIST_DELETE_SAFE(elt1); + quic_rx_packet_refdec(pkt); + } + } } st = qc->state;