MINOR: quic: Ping from Initial pktns before reaching anti-amplification limit

There are cases where there are enough room on the network to send 1200 bytes
into a PING only Initial packets. This may be considered as the last chance
for the connection to complete the handshake. Indeed, the client should
reply with at least a 1200 bytes datagram with an Initial packet inside.
This would give the haproxy endpoint a credit of 3600 bytes to complete
the handshake before reaching the anti-amplification limit again, and so on.

diff --git a/src/quic_conn.c b/src/quic_conn.c
index 76c004168ab1a3a941b07583b317abc412e7006b..157cdbd730b66045656ae44b529505d222ee1045 100644 (file)
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -2781,13 +2781,16 @@ static void qc_prep_hdshk_fast_retrans(struct quic_conn *qc,
         */
        if (!quic_peer_validated_addr(qc) && qc_is_listener(qc)) {
                size_t dglen = pkt->len + 4;
+               size_t may_send = 3 * qc->rx.bytes - qc->tx.prep_bytes;
 
                dglen += pkt->next ? pkt->next->len + 4 : 0;
-               if (dglen > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
+               if (dglen > may_send) {
                        qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED;
                        TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt);
                        if (pkt->next)
                                TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt->next);
+                       if (qel == iqel && may_send >= QUIC_INITIAL_PACKET_MINLEN)
+                               TRACE_PROTO("will probe Initial packet number space", QUIC_EV_CONN_SPPKTS, qc);
                        goto end;
                }
        }
@@ -4957,12 +4960,16 @@ static int qc_dgrams_retransmit(struct quic_conn *qc)
                                LIST_SPLICE(&hpktns->tx.frms, &hfrms);
                        }
                        else {
-                               if (!(qc->flags & QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED)) {
-                                       ipktns->tx.pto_probe = 1;
-                                       qc->iel->retrans_frms = &ifrms;
-                                       if (!qc_send_hdshk_pkts(qc, 0, qc->iel, NULL))
-                                               goto leave;
-                               }
+                               /* We are in the case where the anti-amplification limit will be
+                                * reached after having sent this datagram. There is no need to
+                                * send more than one datagram.
+                                */
+                               ipktns->tx.pto_probe = 1;
+                               qc->iel->retrans_frms = &ifrms;
+                               if (!qc_send_hdshk_pkts(qc, 0, qc->iel, NULL))
+                                       goto leave;
+
+                               break;
                        }
                }
                TRACE_STATE("no more need to probe Initial packet number space",