From 12fd259363127e2732c03b0d9cf779871f727db0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
Date: Thu, 31 Mar 2022 08:42:06 +0200
Subject: [PATCH] BUG/MINOR: quic: Too much prepared retransmissions due to
 anti-amplification

We must not re-enqueue frames if we can detect in advance they will not be
transmitted due to the anti-amplification limit.
---
 src/xprt_quic.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 591751871..e201a9159 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -2297,6 +2297,15 @@ static void qc_prep_fast_retrans(struct quic_enc_level *qel,
 	if (!pkt)
 		return;
 
+	/* When building a packet from another one, the field which may increase the
+	 * packet size is the packet number. And the maximum increase is 4 bytes.
+	 */
+	if (!quic_peer_validated_addr(qc) && qc_is_listener(qc) &&
+	    pkt->len + 4 > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
+		TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_PRSAFRM, qc);
+		return;
+	}
+
 	qc_requeue_nacked_pkt_tx_frms(qc, &pkt->frms, &qel->pktns->tx.frms);
 }
 
@@ -2344,6 +2353,15 @@ static void qc_prep_hdshk_fast_retrans(struct quic_conn *qc)
 	if (!pkt)
 		goto end;
 
+	/* When building a packet from another one, the field which may increase the
+	 * packet size is the packet number. And the maximum increase is 4 bytes.
+	 */
+	if (!quic_peer_validated_addr(qc) && qc_is_listener(qc) &&
+	    pkt->len + 4 > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
+		TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_PRSAFRM, qc);
+		goto end;
+	}
+
 	qel->pktns->tx.pto_probe += 1;
  requeue:
 	list_for_each_entry_safe(frm, frmbak, &pkt->frms, list) {