Amaury Denoyelle d38bb7f8a7 MEDIUM: quic: adjust address validation ... When a new QUIC connection is created, server considers peer address as not yet validated. The server must limit its sending up to 3 times the content already received. This is a defensive measure to avoid flooding a remote host victim of address spoofing. This patch adjust the condition to consider the peer address as validated. Two conditions are now considered : * successful handling of a received HANDSHAKE packet. This was already done before although implemented in a different way. * validation of a Retry token. This was not considered prior this patch despite RFC recommandation. This patch also adjusts how a connection is internally labelled as using a validated peer address. Before, above conditions were checked via quic_peer_validated_addr(). Now, a flag QUIC_FL_CONN_PEER_VALIDATED_ADDR is set to labelled this. It already existed prior this patch but was only used for quic_cc_conn. This should now be more explicit.		2023-11-09 16:23:52 +01:00
..
haproxy	MEDIUM: quic: adjust address validation	2023-11-09 16:23:52 +01:00
import	BUG/MAJOR: plock: fix major bug in pl_take_w() introduced with EBO	2023-10-03 08:28:12 +02:00
make	BUILD: makefile: fix build issue on GNU make < 3.82	2023-05-24 15:51:03 +02:00