mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-01-18 19:50:54 +00:00
BUG/MINOR: quic: Incorrect peer address validation
We must consider the peer address as validated as soon as we received an handshake packet. An ACK frame in handshake packet was too restrictive. Rename the concerned flag to reflect this situation.
This commit is contained in:
parent
12aa26b6fd
commit
44ae75220a
@ -387,9 +387,9 @@ struct quic_arngs {
|
||||
size_t enc_sz;
|
||||
};
|
||||
|
||||
/* Flag the packet number space as having received an ACK frame */
|
||||
#define QUIC_FL_PKTNS_ACK_RECEIVED_BIT 0
|
||||
#define QUIC_FL_PKTNS_ACK_RECEIVED (1UL << QUIC_FL_PKTNS_ACK_RECEIVED_BIT)
|
||||
/* Flag the packet number space as having received a packet */
|
||||
#define QUIC_FL_PKTNS_PKT_RECEIVED_BIT 0
|
||||
#define QUIC_FL_PKTNS_PKT_RECEIVED (1UL << QUIC_FL_PKTNS_PKT_RECEIVED_BIT)
|
||||
|
||||
/* Flag the packet number space as requiring an ACK frame to be sent. */
|
||||
#define QUIC_FL_PKTNS_ACK_REQUIRED_BIT 1
|
||||
|
@ -597,8 +597,8 @@ static inline int quic_peer_validated_addr(struct quic_conn *qc)
|
||||
|
||||
hdshk_pktns = qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].pktns;
|
||||
app_pktns = qc->els[QUIC_TLS_ENC_LEVEL_APP].pktns;
|
||||
if ((HA_ATOMIC_LOAD(&hdshk_pktns->flags) & QUIC_FL_PKTNS_ACK_RECEIVED) ||
|
||||
(HA_ATOMIC_LOAD(&app_pktns->flags) & QUIC_FL_PKTNS_ACK_RECEIVED) ||
|
||||
if ((HA_ATOMIC_LOAD(&hdshk_pktns->flags) & QUIC_FL_PKTNS_PKT_RECEIVED) ||
|
||||
(HA_ATOMIC_LOAD(&app_pktns->flags) & QUIC_FL_PKTNS_PKT_RECEIVED) ||
|
||||
HA_ATOMIC_LOAD(&qc->state) >= QUIC_HS_ST_COMPLETE)
|
||||
return 1;
|
||||
|
||||
@ -1869,9 +1869,6 @@ static inline int qc_parse_ack_frm(struct quic_conn *qc,
|
||||
qc, NULL, &largest, &smallest);
|
||||
} while (1);
|
||||
|
||||
/* Flag this packet number space as having received an ACK. */
|
||||
HA_ATOMIC_OR(&qel->pktns->flags, QUIC_FL_PKTNS_ACK_RECEIVED);
|
||||
|
||||
if (time_sent && (pkt_flags & QUIC_FL_TX_PACKET_ACK_ELICITING)) {
|
||||
*rtt_sample = tick_remain(time_sent, now_ms);
|
||||
HA_ATOMIC_STORE(&qel->pktns->rx.largest_acked_pn, ack->largest_ack);
|
||||
@ -2469,6 +2466,9 @@ static int qc_parse_pkt_frms(struct quic_rx_packet *pkt, struct ssl_sock_ctx *ct
|
||||
}
|
||||
}
|
||||
|
||||
/* Flag this packet number space as having received a packet. */
|
||||
HA_ATOMIC_OR(&qel->pktns->flags, QUIC_FL_PKTNS_PKT_RECEIVED);
|
||||
|
||||
if (fast_retrans)
|
||||
qc_prep_hdshk_fast_retrans(qc);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user