Use deterministic replacement connection IDs
This CL removes a DoS attack vector where an attacker could grow QuicDispatcher::connection_id_map_ unboundedly. It does so by no longer using random connection IDs that are saved in connection_id_map_; instead we now generate deterministic replacement connection IDs, removing the need for a map. It should not impact the GFE because the GFE overrides QuicDispatcher::GenerateNewServerConnectionId with an already deterministic method, but is still flag protected just in case.
gfe-relnote: use deterministic replacement connection IDs, protected by new disabled flag gfe2_restart_flag_quic_deterministic_replacement_connection_ids
PiperOrigin-RevId: 264192278
Change-Id: I843bf0d846830d4b13e0bb1b470a71b2428ad7c8
diff --git a/quic/core/quic_utils.cc b/quic/core/quic_utils.cc
index 1e2c5fc..a3366da 100644
--- a/quic/core/quic_utils.cc
+++ b/quic/core/quic_utils.cc
@@ -485,6 +485,15 @@
}
// static
+QuicConnectionId QuicUtils::CreateReplacementConnectionId(
+ QuicConnectionId connection_id) {
+ const uint64_t connection_id_hash = FNV1a_64_Hash(
+ QuicStringPiece(connection_id.data(), connection_id.length()));
+ return QuicConnectionId(reinterpret_cast<const char*>(&connection_id_hash),
+ sizeof(connection_id_hash));
+}
+
+// static
QuicConnectionId QuicUtils::CreateRandomConnectionId() {
return CreateRandomConnectionId(kQuicDefaultConnectionIdLength,
QuicRandom::GetInstance());
