BUG/MINOR: h3: always reject PUSH_PROMISE

The condition for checking PUSH_PROMISE was not correctly interpreted
from the RFC. Initially, it rejects such a frame for every stream
initiated from client side.

In fact, the RFC indicates that PUSH_PROMISE are never sent by a client.
Thus, it can be rejected in any case until HTTP/3 will be implemented on
the backend side.

This should be backported up to 2.6.

diff --git a/src/h3.c b/src/h3.c
index a6953c33627df313fd0e504fc8a2b0ec10824ebe..a51eafb6af8e7be06e1e4650bebe6ed14368c998 100644 (file)
--- a/src/h3.c
+++ b/src/h3.c
@@ -307,7 +307,6 @@ static inline size_t h3_decode_frm_header(uint64_t *ftype, uint64_t *flen,
 static int h3_is_frame_valid(struct h3c *h3c, struct qcs *qcs, uint64_t ftype)
 {
        struct h3s *h3s = qcs->ctx;
-       const uint64_t id = qcs->id;
 
        /* Stream type must be known to ensure frame is valid for this stream. */
        BUG_ON(h3s->type == H3S_T_UNKNOWN);
@@ -340,8 +339,14 @@ static int h3_is_frame_valid(struct h3c *h3c, struct qcs *qcs, uint64_t ftype)
                       !(h3c->flags & H3_CF_SETTINGS_RECV);
 
        case H3_FT_PUSH_PROMISE:
-               return h3s->type != H3S_T_CTRL &&
-                      (id & QCS_ID_SRV_INTIATOR_BIT);
+               /* RFC 9114 7.2.5. PUSH_PROMISE
+                * A client MUST NOT send a PUSH_PROMISE frame. A server MUST treat the
+                * receipt of a PUSH_PROMISE frame as a connection error of type
+                * H3_FRAME_UNEXPECTED.
+                */
+
+               /* TODO server-side only. */
+               return 0;
 
        default:
                /* draft-ietf-quic-http34 9. Extensions to HTTP/3