From: Frédéric Lécaille Date: Sat, 21 May 2022 12:42:21 +0000 (+0200) Subject: MINOR: quic: Ignore out of packet padding. X-Git-Tag: v2.6.0~54 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f6954c5c3a07a28e4c86301f830d1aaa10c085f8;p=thirdparty%2Fhaproxy.git MINOR: quic: Ignore out of packet padding. We do not want to count the out of packet padding as being belonging to an invalid packet, the firt byte of a QUIC packet being never null. Some browsers like firefox proceeds this way to add PADDING frames after an Initial packet and increase the size of their Initial packets. --- diff --git a/src/xprt_quic.c b/src/xprt_quic.c index 41d7ef6c4e..60051d8385 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -5152,6 +5152,20 @@ static int qc_conn_alloc_ssl_ctx(struct quic_conn *qc) return 1; } +/* Check that all the bytes between included and address + * excluded are null. This is the responsability of the caller to + * check that there is at least one byte between end . + * Return 1 if this all the bytes are null, 0 if not. + */ +static inline int quic_padding_check(const unsigned char *buf, + const unsigned char *end) +{ + while (buf < end && !*buf) + buf++; + + return buf == end; +} + /* Parse a QUIC packet from UDP datagram found in buffer with the * end of this buffer past one byte and populate RX packet structure * with the information collected from the packet. @@ -5195,7 +5209,16 @@ static void qc_lstnr_pkt_rcv(unsigned char *buf, const unsigned char *end, /* Fixed bit */ if (!(*buf & QUIC_PACKET_FIXED_BIT)) { - /* XXX TO BE DISCARDED */ + if (!first_pkt && quic_padding_check(buf, end)) { + /* Some browsers may pad the remaining datagram space with null bytes. + * That is what we called add padding out of QUIC packets. Such + * datagrams must be considered as valid. But we can only consume + * the remaining space. + */ + pkt->len = end - buf; + goto drop_no_conn; + } + TRACE_PROTO("Packet dropped", QUIC_EV_CONN_LPKT); goto drop; }