Make QuicDispatcher reject packets with invalid short connection IDs
This CLs enforces a MUST in the IETF spec that dictates that clients cannot send initial connection IDs under 8 bytes. The QuicDispatcher will reject (and close the connection of) any packet whose connection ID is shorter than 8 (or what it was configured for). The behavior is disabled by quartc. This only impacts v99 because connection IDs of any length other than 8 are already currently dropped when using versions < 99.
gfe-relnote: v99 only, not flag protected
PiperOrigin-RevId: 239629063
Change-Id: I85cee11d84566073e8cbb3569ba3e88e91192f2a
diff --git a/quic/core/quic_dispatcher.h b/quic/core/quic_dispatcher.h
index cdd1196..f00880b 100644
--- a/quic/core/quic_dispatcher.h
+++ b/quic/core/quic_dispatcher.h
@@ -364,6 +364,13 @@
should_update_expected_connection_id_length);
}
+ // If true, the dispatcher will allow incoming initial packets that have
+ // connection IDs shorter than 64 bits.
+ void SetAllowShortInitialConnectionIds(
+ bool allow_short_initial_connection_ids) {
+ allow_short_initial_connection_ids_ = allow_short_initial_connection_ids;
+ }
+
private:
friend class test::QuicDispatcherPeer;
friend class StatelessRejectorProcessDoneCallback;
@@ -495,6 +502,10 @@
// True if this dispatcher is not draining.
bool accept_new_connections_;
+
+ // If false, the dispatcher follows the IETF spec and rejects packets with
+ // invalid connection IDs lengths below 64 bits. If true they are allowed.
+ bool allow_short_initial_connection_ids_;
};
} // namespace quic
