BUG/MINOR: quic: close conn on packet reception with incompatible frame

RFC 9000 lists each supported frames and the type of packets in which it
can be present.

Prior to this patch, a packet with an incompatible frame is dropped.
However, QUIC specification mandates that the connection is immediately
closed with PROTOCOL_VIOLATION error code. This patch completes
qc_parse_frm() to add such connection closure.

This must be backported up to 2.6.

diff --git a/src/quic_frame.c b/src/quic_frame.c
index 963cf5728a72b0b94e60c6b4e14d6c369f75ac68..d92e1d661a2a127ee9af722fe535be7d40f31699 100644 (file)
--- a/src/quic_frame.c
+++ b/src/quic_frame.c
@@ -1185,7 +1185,14 @@ int qc_parse_frm(struct quic_frame *frm, struct quic_rx_packet *pkt,
 
        parser = qf_parser(frm->type);
        if (!(parser->mask & (1U << pkt->type))) {
+               /* RFC 9000 12.4. Frames and Frame Types
+                *
+                * An endpoint MUST treat
+                * receipt of a frame in a packet type that is not permitted as a
+                * connection error of type PROTOCOL_VIOLATION.
+                */
                TRACE_DEVEL("unauthorized frame", QUIC_EV_CONN_PRSFRM, qc, frm);
+               quic_set_connection_close(qc, quic_err_transport(QC_ERR_PROTOCOL_VIOLATION));
                goto leave;
        }