From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Thu, 15 Feb 2024 13:41:12 +0000 (+0100)
Subject: BUG/MINOR: quic: reject unknown frame type
X-Git-Tag: v3.0-dev4~43
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5a2aa8c1613eb83f3a7be7831a51869fe488e943;p=thirdparty%2Fhaproxy.git

BUG/MINOR: quic: reject unknown frame type

As specified by RFC 9000, connection is closed on error if an unknown
QUIC frame type is received.

Previously, a frame with unknown type was silently discarded. The
connection remained opened which is not conformant to the specification.

This should be backported up to 2.6.
---

diff --git a/src/quic_frame.c b/src/quic_frame.c
index 61d2c935ec..41309dbfe8 100644
--- a/src/quic_frame.c
+++ b/src/quic_frame.c
@@ -13,7 +13,7 @@
 #include <haproxy/buf-t.h>
 #include <haproxy/chunk.h>
 #include <haproxy/pool.h>
-#include <haproxy/quic_conn-t.h>
+#include <haproxy/quic_conn.h>
 #include <haproxy/quic_enc.h>
 #include <haproxy/quic_frame.h>
 #include <haproxy/quic_rx-t.h>
@@ -1114,7 +1114,13 @@ int qc_parse_frm(struct quic_frame *frm, struct quic_rx_packet *pkt,
 
 	frm->type = *(*pos)++;
 	if (frm->type >= QUIC_FT_MAX) {
+		/* RFC 9000 12.4. Frames and Frame Types
+		 *
+		 * An endpoint MUST treat the receipt of a frame of unknown type as a
+		 * connection error of type FRAME_ENCODING_ERROR.
+		 */
 		TRACE_DEVEL("wrong frame type", QUIC_EV_CONN_PRSFRM, qc, frm);
+		quic_set_connection_close(qc, quic_err_transport(QC_ERR_FRAME_ENCODING_ERROR));
 		goto leave;
 	}