mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-10-27 22:51:02 +01:00
1529ec1a25
The below patch has simplified INITIAL padding on emission. Now, qc_prep_pkts() is responsible to activate padding for this case, and there is no more special case in qc_do_build_pkt() needed. commit 8bc339a6ad4702f2c39b2a78aaaff665d85c762b BUG/MAJOR: quic: fix INITIAL padding with probing packet only However, qc_do_build_pkt() may still activate padding on its own, to ensure that a packet is big enough so that header protection decryption can be performed by the peer. HP decryption is performed by extracting a sample from the ciphered packet, starting 4 bytes after PN offset. Sample length is 16 bytes as defined by TLS algos used by QUIC. Thus, a QUIC sender must ensures that length of packet number plus payload fields to be at least 4 bytes long. This is enough given that each packet is completed by a 16 bytes AEAD tag which can be part of the HP sample. This patch simplifies qc_do_build_pkt() by centralizing padding for this case in a single location. This is performed at the end of the function after payload is completed. The code is thus simpler. This is not a bug. However, it may be interesting to backport this patch up to 2.6, as qc_do_build_pkt() is a tedious function, in particular when dealing with padding generation, thus it may benefit greatly from simplification.