gfe-relnote: In QUIC, do not add connection ID of packets with unknown connection ID and no version to time wait list, instead, send appropriate reset depending on the packets' sizes and drop them. Protected by gfe2_reloadable_flag_quic_reject_unprocessable_packets_statelessly.
PiperOrigin-RevId: 257470130
Change-Id: I0897dc244bac24f442685eddd795a7152ee5242f
diff --git a/quic/core/quic_dispatcher.cc b/quic/core/quic_dispatcher.cc
index 0789567..f7973e0 100644
--- a/quic/core/quic_dispatcher.cc
+++ b/quic/core/quic_dispatcher.cc
@@ -434,6 +434,8 @@
buffered_packets_.DiscardPackets(server_connection_id);
break;
+ case kFateDrop:
+ break;
}
}
@@ -452,6 +454,11 @@
QUIC_DLOG(INFO)
<< "Packet without version arrived for unknown connection ID "
<< packet_info.destination_connection_id;
+ if (GetQuicReloadableFlag(quic_reject_unprocessable_packets_statelessly)) {
+ QUIC_RELOADABLE_FLAG_COUNT(quic_reject_unprocessable_packets_statelessly);
+ MaybeResetPacketsWithNoVersion(packet_info);
+ return kFateDrop;
+ }
return kFateTimeWait;
}
@@ -877,4 +884,24 @@
return false;
}
+void QuicDispatcher::MaybeResetPacketsWithNoVersion(
+ const ReceivedPacketInfo& packet_info) {
+ DCHECK(!packet_info.version_flag);
+ const size_t MinValidPacketLength =
+ kPacketHeaderTypeSize + expected_server_connection_id_length_ +
+ PACKET_1BYTE_PACKET_NUMBER + /*payload size=*/1 + /*tag size=*/12;
+ if (packet_info.packet.length() < MinValidPacketLength) {
+ // The packet size is too small.
+ QUIC_CODE_COUNT(drop_too_small_packets);
+ return;
+ }
+ // TODO(fayang): Consider rate limiting reset packets if reset packet size >
+ // packet_length.
+
+ time_wait_list_manager()->SendPublicReset(
+ packet_info.self_address, packet_info.peer_address,
+ packet_info.destination_connection_id,
+ packet_info.form != GOOGLE_QUIC_PACKET, GetPerPacketContext());
+}
+
} // namespace quic
