From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Mon, 9 May 2022 16:08:13 +0000 (+0200)
Subject: MINOR: quic: Short packets always embed a trailing AEAD TAG
X-Git-Tag: v2.6-dev10~46
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=36b28ed012427f8d2106620e4a332f256b754c17;p=thirdparty%2Fhaproxy.git

MINOR: quic: Short packets always embed a trailing AEAD TAG

We must drop as soon as possible too small 1-RTT packets to be valid QUIC
packets to avoid replying with stateless reset packets.
---

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index fef93ccaf8..e0c4301632 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -6406,8 +6406,8 @@ static int quic_get_dgram_dcid(unsigned char *buf, const unsigned char *end,
 		goto err;
 
 	long_header = *buf & QUIC_PACKET_LONG_HEADER_BIT;
-	minlen = long_header ?
-		QUIC_LONG_PACKET_MINLEN : QUIC_SHORT_PACKET_MINLEN + QUIC_HAP_CID_LEN;
+	minlen = long_header ? QUIC_LONG_PACKET_MINLEN :
+		QUIC_SHORT_PACKET_MINLEN + QUIC_HAP_CID_LEN + QUIC_TLS_TAG_LEN;
 	skip = long_header ? QUIC_LONG_PACKET_DCID_OFF : QUIC_SHORT_PACKET_DCID_OFF;
 	if (end - buf <= minlen)
 		goto err;