#2536 closed defect (invalid)

should we discard initial packet with zero-length odcid?

Reported by: pl080516@… Owned by:
Priority: minor Milestone:
Component: http/3 Version: 1.25.x
Keywords: odcid Cc:
uname -a: Linux vod-dev-20190508011167067216.na63 5.10.84-004.5000.al8.x86_64 #1 SMP Wed Apr 13 13:26:37 CST 2022 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.23.4
built by gcc 5.3.0 (GCC)
built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL)
TLS SNI support enabled
configure arguments: --with-debug --with-http_v3_module --with-cc-opt='-I/data/boringssl_github/include -g3 -O0 -Wno-error=type-limits' --with-ld-opt='-L/data/boringssl_github/build/lib -L/data/boringssl_github/build/crypto -L/data/boringssl_github/build/ssl' --prefix=/data/servers/nginx

Description

If a initial packet with zero-length odcid is accpeted, nginx will create a quic connection state machine and insert a temp ngx_quic_socket_t object with the odcid in the red-black tree, but this will result nginx can not process other initial packet with zero-length odcid from different peer?

Change History (2)

comment:1 by Roman Arutyunyan, 16 months ago

Thanks for reporting this. We need to rely on client ip/port in this case.

comment:2 by Roman Arutyunyan, 16 months ago

Resolution: invalid
Status: newclosed

I looked deeper into this and I don't see how odcid can be empty. An initial dcid that's shorter than 8 bytes is not accepted by nginx, so it's never assigned to odcid. If odcid from a token is empty, dcid is used instead.

Note: See TracTickets for help on using tickets.