]> git.kaiwu.me - nginx.git/commitdiff
QUIC: rejecting zero-length packets with PROTOCOL_VIOLATION.
authorSergey Kandaurov <pluknet@nginx.com>
Wed, 18 Nov 2020 20:56:11 +0000 (20:56 +0000)
committerSergey Kandaurov <pluknet@nginx.com>
Wed, 18 Nov 2020 20:56:11 +0000 (20:56 +0000)
Per the latest post draft-32 specification updates on the topic:
https://github.com/quicwg/base-drafts/pull/4391

src/event/ngx_event_quic_protection.c

index 64922b57f294da5e65014e523ec19e71d00fb3fd..5637fcec53eaa863c9454995b751afa3f6d734a6 100644 (file)
@@ -1146,16 +1146,20 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
 
     rc = ngx_quic_tls_open(ciphers.c, secret, &pkt->payload,
                            nonce, &in, &ad, pkt->log);
-
-#if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS)
-    ngx_quic_hexdump(pkt->log, "quic packet payload",
-                     pkt->payload.data, pkt->payload.len);
-#endif
-
     if (rc != NGX_OK) {
         return NGX_DECLINED;
     }
 
+    if (pkt->payload.len == 0) {
+        /*
+         * An endpoint MUST treat receipt of a packet containing no
+         * frames as a connection error of type PROTOCOL_VIOLATION.
+         */
+        ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic zero-length packet");
+        pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION;
+        return NGX_ERROR;
+    }
+
     if (pkt->flags & ngx_quic_pkt_rb_mask(pkt->flags)) {
         /*
          * An endpoint MUST treat receipt of a packet that has
@@ -1169,6 +1173,11 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
         return NGX_ERROR;
     }
 
+#if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS)
+    ngx_quic_hexdump(pkt->log, "quic packet payload",
+                     pkt->payload.data, pkt->payload.len);
+#endif
+
     *largest_pn = lpn;
 
     return NGX_OK;