The below patch fixes padding emission for small packets, which is
required to ensure that header protection removal can be performed by
the recipient.
commit
d7dea408c64c327cab6aebf4ccad93405b675565
BUG/MINOR: quic: too short PADDING frame for too short packets
In addition to the proper fix, constant QUIC_HP_SAMPLE_LEN was removed
and replaced by QUIC_TLS_TAG_LEN. However, it still makes sense to have
a dedicated constant which represent the size of the sample used for
header protection. Thus, this patch restores it.
Special instructions for backport : above patch mentions that no
backport is needed. However, this is incorrect, as bug is introduced by
another patch scheduled for backport up to 2.6. Thus, it is first
mandatory to schedule
d7dea408c64c327cab6aebf4ccad93405b675565 after it.
Then, this patch can also be used for the sake of code clarity.
(cherry picked from commit
f645cd3c74ed07f351f9ce9cebc609a3a7d8407a)
[ad: fix conflict due to missing trace in 3.2]
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>
(cherry picked from commit
dac51e76f694b6180fdf0be1304b760d740c2f59)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>
(cherry picked from commit
cb432641f99d6011cd85faa5ef57bf1fe6f2f87e)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>
#define QUIC_PACKET_PNL_BITMASK 0x03
#define QUIC_PACKET_PN_MAXLEN 4
+/* TLS algo supported by QUIC uses a 16-bytes sample for HP. */
+#define QUIC_HP_SAMPLE_LEN 16
+
/*
* 0 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* Note that from here, <len> includes <*pn_len>, the total frame lenghts,
* and QUIC_TLS_TAG_LEN(16).
*/
- if (len < QUIC_PACKET_PN_MAXLEN + QUIC_TLS_TAG_LEN) {
- padding_len = QUIC_PACKET_PN_MAXLEN + QUIC_TLS_TAG_LEN - len;
+ if (len < QUIC_PACKET_PN_MAXLEN + QUIC_HP_SAMPLE_LEN) {
+ padding_len = QUIC_PACKET_PN_MAXLEN + QUIC_HP_SAMPLE_LEN - len;
len += padding_len;
}
projects / haproxy-3.0.git / commitdiff