This fix follows this previous one:
BUG/MINOR: quic: reorder fragmented RX CRYPTO frames by their offsets
which is not sufficient when a client fragments and mixes its CRYPTO frames AND
leaveswith holes by packets. ngtcp2 (and perhaps chrome) splits theire CRYPTO
frames but without hole by packet. In such a case, the CRYPTO parsing leads to
QUIC_RX_RET_FRM_AGAIN errors which cannot be fixed when the peer resends its packets.
Indeed, even if the peer resends its frames in a different order, this does not
help because since the previous commit, the CRYPTO frames are ordered on haproxy side.
This issue was detected thanks to the interopt tests with quic-go as client. This
client fragments its CRYPTO frames, mixes them, and generate holes, and most of
the times with the retry test.
To fix this, when a QUIC_RX_RET_FRM_AGAIN error is encountered, the CRYPTO frames
parsing is not stop. This leaves chances to the next CRYPTO frames to be parsed.
Must be backported as far as 2.6 as the commit mentioned above.
struct quic_frame *frm = NULL;
const unsigned char *pos, *end;
enum quic_rx_ret_frm ret;
- int fast_retrans = 0;
+ int fast_retrans = 0, cf_err = 0;
TRACE_ENTER(QUIC_EV_CONN_PRSHPKT, qc);
/* Skip the AAD */
case QUIC_RX_RET_FRM_AGAIN:
TRACE_STATE("AGAIN encountered", QUIC_EV_CONN_PRSHPKT, qc);
- /* avoid freeing without eb_delete() */
- frm = NULL;
- goto err;
+ cf_err = 1;
+ break;
case QUIC_RX_RET_FRM_DONE:
TRACE_PROTO("frame handled", QUIC_EV_CONN_PRSAFRM, qc, frm);
qc_frm_free(qc, &frm);
}
+ if (cf_err)
+ goto err;
+
/* Error should be returned if some frames cannot be parsed. */
BUG_ON(!eb_is_empty(&cf_frms_tree));
projects / thirdparty / haproxy.git / commitdiff
