BUG/MINOR: quic: reject retry_source_cid TP on server side

Close the connection on error if retry_source_connection_id transport
parameter is received. This is specified by RFC 9000 as this parameter
must not be emitted by a client. Previously, it was silently ignored.

This should be backported up to 2.6. Note that is relies on previous
patch "MINOR: quic: extend return value on TP parsing".

(cherry picked from commit 10f1f1adce032742d60fe14ee780871c4e6a1db1)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit f66a92724a8f8469e98abcaeccf46cc58ea7fb5c)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/quic_tp.c b/src/quic_tp.c
index 6e53d7f..33408ff 100644 (file)
--- a/src/quic_tp.c
+++ b/src/quic_tp.c
@@ -338,6 +338,13 @@ quic_transport_param_decode(struct quic_transport_params *p, int server,
                                                           buf, *buf + len, server))
                        return QUIC_TP_DEC_ERR_TRUNC;
                break;
+       case QUIC_TP_RETRY_SOURCE_CONNECTION_ID:
+               /* see original_destination_connection_id RFC reference above. */
+               if (!server)
+                       return QUIC_TP_DEC_ERR_INVAL;
+
+               /* TODO implement parsing for client side */
+               break;
        default:
                *buf += len;
        };