Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/net/quic: INITIAL is not RFC 9000 compliant #70264

Closed
ripatel-fd opened this issue Nov 9, 2024 · 2 comments
Closed

x/net/quic: INITIAL is not RFC 9000 compliant #70264

ripatel-fd opened this issue Nov 9, 2024 · 2 comments
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unreleased

Comments

@ripatel-fd
Copy link

ripatel-fd commented Nov 9, 2024
edited
Loading

Go version

golang.org/x/net v0.31.0

Output of go env in your module/workspace:

GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/ripatel/.cache/go-build'
GOENV='/home/ripatel/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/home/ripatel/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/home/ripatel/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/lib/golang'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='local'
GOTOOLDIR='/usr/lib/golang/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.11 (Red Hat 1.21.11-1.module+el8.10.0+21986+2112108a)'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/data/ripatel/quictool/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build1610345316=/tmp/go-build -gno-record-gcc-switches'

What did you do?

Create an outgoing connection with the QUIC library

What did you see happen?

The first UDP packet sent by the QUIC client is padded up to 1200 bytes.
The padding is done by appending 'raw' zeros past the Initial packet, which is not spec compliant.

[ UDP Header ]
[ Initial Packet ]
[ Zero Padding ... ]

RFC 9000 says:

A client MUST expand the payload of all UDP datagrams carrying Initial packets to at least the smallest allowed maximum datagram size of 1200 bytes by adding PADDING frames to the Initial packet or by coalescing the Initial packet;

x/net/quic currently uses coalescing (the Initial Packet ends before the UDP datagram payload ends). Rules on coalescing:

Using the Length field, a sender can coalesce multiple QUIC packets into one UDP datagram.

QUIC makes no specific allowance to coalesce a QUIC packet with zeros into a UDP datagram.

Many QUIC servers try to parse the zeros sent by x/net/quic, and interpret it as garbage data.

What did you expect to see?

x/net/quic should append padding frames to increase the size of the Initial Packet to 1200.
On the wire, this would look like random bytes (the zero padding is encrypted)
@gopherbot gopherbot added this to the Unreleased milestone Nov 9, 2024
@cherrymui
Copy link
Member

cc @neild

@cherrymui cherrymui added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Nov 11, 2024
@ripatel-fd
Copy link
Author

I missed this note in RFC 9000 Section 14.1. Initial Datagram Size.
x/net/quic is doing the correct thing here and this bug report is invalid.

Initial packets can even be coalesced with invalid packets, which a receiver will discard.

@ripatel-fd ripatel-fd closed this as not planned Won't fix, can't repro, duplicate, stale Nov 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
3 participants
@gopherbot @cherrymui @ripatel-fd