Repositories - haproxy-3.0.git/commit

author	Frederic Lecaille <flecaille@haproxy.com>
	Mon, 4 Nov 2024 17:50:10 +0000 (18:50 +0100)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Wed, 6 Nov 2024 14:55:11 +0000 (15:55 +0100)
commit	4655bd1e6430235d0d671d632fa2bca6a45b4628
tree	e50ca1215d4a136e06de515fb32de1051a2d6389	tree \| snapshot
parent	c91c678b1279e7101ca99288f262b485a901d0b4	commit \| diff

BUG/MINOR: quic: fix malformed probing packet building

This bug arrived with this commit:

cdfceb10a MINOR: quic: refactor qc_prep_pkts() loop

which prevents haproxy from sending PING only packets/datagrams (some
packets/datagrams with only PING frame as ack-eliciting frames inside).
Such packets/datagrams are useful in rare cases during retransmissions
when one wants to probe the peer without exceeding the anti-amplification
limit.

Modify the condition passed to qc_build_pkt() to add padding to the current
datagram. One does not want to do that when probing the peer without ack-eliciting
frames passed as <frms> parameter. Indeed qc_build_pkt() calls qc_do_build_pkt()
which supports this case: if <probe> is true (probing required), qc_do_build_pkt()
handles the case where some padding must be added to a PING only packet/datagram.
This is the case when probing with an empty <frms> frame list of ack-eliciting
frames without exceeding the anti-amplification limit from qc_dgrams_retransmit().

Add some comments to qc_build_pkt() and qc_do_build_pkt() to clarify this
as this code is easy to break!

Thank you for @Tristan971 for having reported this issue in GH #2709.

Must be backported to 3.0.

(cherry picked from commit 217e467e89d15f3c22e11fe144458afbf718c8a8)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>