From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Fri, 26 Jul 2024 13:24:35 +0000 (+0200)
Subject: BUG/MEDIUM: quic: fix invalid conn reject with CONNECTION_REFUSED
X-Git-Tag: v3.1-dev5~76
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=85131f91bf726039acf49c6fe5333df0a6aaa959;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: quic: fix invalid conn reject with CONNECTION_REFUSED

quic-initial rules were implemented just recently. For some actions, a
new flags field was added in quic_dgram structure. This is used to
report the result of the rules execution.

However, this flags field was left uninitialized. Depending on its
value, it may close the connection to be wrongly rejected via
CONNECTION_REFUSED. Fix this by properly set flags value to 0.

No need to backport.
---

diff --git a/src/quic_sock.c b/src/quic_sock.c
index 4049fc9b58..a894396497 100644
--- a/src/quic_sock.c
+++ b/src/quic_sock.c
@@ -295,6 +295,7 @@ static int quic_lstnr_dgram_dispatch(unsigned char *pos, size_t len, void *owner
 	dgram->saddr = *saddr;
 	dgram->daddr = *daddr;
 	dgram->qc = NULL;
+	dgram->flags = 0;
 
 	/* Attached datagram to its quic_receiver_buf and quic_dghdlrs. */
 	LIST_APPEND(dgrams, &dgram->recv_list);
@@ -859,6 +860,7 @@ int qc_rcv_buf(struct quic_conn *qc)
 		new_dgram->saddr = saddr;
 		new_dgram->daddr = daddr;
 		new_dgram->qc = NULL;  /* set later via quic_dgram_parse() */
+		new_dgram->flags = 0;
 
 		TRACE_DEVEL("read datagram", QUIC_EV_CONN_RCV, qc, new_dgram);