1berry/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MINOR: quic-be: Handshake packet number space discarding

Browse Source 
This is done for QUIC clients (or haproxy QUIC servers) when the handshake is
confirmed.
This commit is contained in:
Frederic Lecaille 2024-01-11 19:12:20 +01:00
parent 8059d5c998
commit 766150f128
1 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/quic_conn.c
View File

@ -775,6 +775,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
struct list send_list = LIST_HEAD_INIT(send_list); struct list send_list = LIST_HEAD_INIT(send_list);
struct quic_enc_level *qel; struct quic_enc_level *qel;
int st; int st;
int discard_hpktns = 0;
struct tasklet *tl = (struct tasklet *)t; struct tasklet *tl = (struct tasklet *)t;
TRACE_ENTER(QUIC_EV_CONN_IO_CB, qc); TRACE_ENTER(QUIC_EV_CONN_IO_CB, qc);
@ -822,8 +823,17 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
goto out; goto out;
st = qc->state; st = qc->state;
if (st >= QUIC_HS_ST_COMPLETE) {
if (!(qc->flags & QUIC_FL_CONN_HPKTNS_DCD)) { if (qc_is_listener(qc)) {
if (st >= QUIC_HS_ST_COMPLETE && !quic_tls_pktns_is_dcd(qc, qc->hpktns))
discard_hpktns = 1;
}
else {
if (st >= QUIC_HS_ST_CONFIRMED && !quic_tls_pktns_is_dcd(qc, qc->hpktns))
discard_hpktns = 1;
}
if (discard_hpktns) {
/* Discard the Handshake packet number space. */ /* Discard the Handshake packet number space. */
TRACE_PROTO("discarding Handshake pktns", QUIC_EV_CONN_PHPKTS, qc); TRACE_PROTO("discarding Handshake pktns", QUIC_EV_CONN_PHPKTS, qc);
quic_pktns_discard(qc->hel->pktns, qc); quic_pktns_discard(qc->hel->pktns, qc);
@ -832,6 +842,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
qc_release_pktns_frms(qc, qc->hel->pktns); qc_release_pktns_frms(qc, qc->hel->pktns);
} }
if (qc_is_listener(qc) && st >= QUIC_HS_ST_COMPLETE) {
/* Note: if no token for address validation was received /* Note: if no token for address validation was received
* for a 0RTT connection, some 0RTT packet could still be * for a 0RTT connection, some 0RTT packet could still be
* waiting for HP removal AFTER the successful handshake completion. * waiting for HP removal AFTER the successful handshake completion.