mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-21 05:41:26 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: qpack: reject invalid dynamic table capacity

Browse Source 
Currently haproxy does not implement dynamic table support for QPACK. As
such, dynamic table capacity advertized via H3 SETTINGS is 0. When
receiving a non-null Set Dynamic Table Capacity instruction, close
immediately the connection using QPACK_ENCODER_STREAM_ERROR.

Prior to this patch, such instructions were simply ignored. This is non
conform to QUIC specification.

This should be backported up to 2.6. Note that on 2.6 qcc_set_error()
must be replaced by function qcc_emit_cc_app().
This commit is contained in:
Amaury Denoyelle 2024-02-14 18:23:12 +01:00
parent bd71212ea9
commit f8df9bd6a5
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/qpack-dec.c
View File

@ -135,6 +135,19 @@ int qpack_decode_enc(struct buffer *buf, int fin, void *ctx)
} }
else if (inst & QPACK_ENC_INST_SDTC_BIT) { else if (inst & QPACK_ENC_INST_SDTC_BIT) {
/* Set dynamic table capacity */ /* Set dynamic table capacity */
int capacity = *b_head(buf) & 0x1f;
/* RFC 9204 4.3.1. Set Dynamic Table Capacity
*
* The decoder MUST treat a new dynamic table capacity
* value that exceeds this limit as a connection error of type
* QPACK_ENCODER_STREAM_ERROR.
*/
if (capacity) {
qcc_set_error(qcs->qcc, QPACK_ENCODER_STREAM_ERROR, 1);
return -1;
}
} }
return 0; return 0;