From ee4d393028f3190d046859791926ac2bb7b58dbc Mon Sep 17 00:00:00 2001
From: Dmitri Tikhonov <dtikhonov@litespeedtech.com>
Date: Thu, 5 Nov 2020 11:01:46 -0500
Subject: [PATCH] Release 2.24.2

- [BUGFIX] Allow peer to migrate when its SCID is zero-length.
- [BUGFIX] PADDING size calculation: only one Short packet can be
  coalesced.  (This should have been part of the fix in 2.24.1).
- Abort connect if received NEW_CONNECTION_ID but current DCID is
  zero-length.
- Improve log messages
---
 CHANGELOG                             |  9 +++++++++
 docs/conf.py                          |  2 +-
 include/lsquic.h                      |  2 +-
 src/liblsquic/lsquic_engine.c         |  5 +++++
 src/liblsquic/lsquic_full_conn_ietf.c | 20 ++++++++++++++------
 src/liblsquic/lsquic_send_ctl.c       |  2 ++
 src/liblsquic/lsquic_stream.c         | 16 ++++++++--------
 7 files changed, 40 insertions(+), 16 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index f53834c..9f7a6f5 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,12 @@
+2020-11-05
+    - 2.24.2
+    - [BUGFIX] Allow peer to migrate when its SCID is zero-length.
+    - [BUGFIX] PADDING size calculation: only one Short packet can be
+      coalesced.  (This should have been part of the fix in 2.24.1).
+    - Abort connect if received NEW_CONNECTION_ID but current DCID is
+      zero-length.
+    - Improve log messages
+
 2020-11-04
     - 2.24.1
     - [API] Allow use of ea_get_ssl_ctx() on the client (optional).  PR #186.
diff --git a/docs/conf.py b/docs/conf.py
index 016d7ac..ab18cdf 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -26,7 +26,7 @@ author = u'LiteSpeed Technologies'
 # The short X.Y version
 version = u'2.24'
 # The full version, including alpha/beta/rc tags
-release = u'2.24.1'
+release = u'2.24.2'
 
 
 # -- General configuration ---------------------------------------------------
diff --git a/include/lsquic.h b/include/lsquic.h
index 7a4f14a..5ab0d5f 100644
--- a/include/lsquic.h
+++ b/include/lsquic.h
@@ -25,7 +25,7 @@ extern "C" {
 
 #define LSQUIC_MAJOR_VERSION 2
 #define LSQUIC_MINOR_VERSION 24
-#define LSQUIC_PATCH_VERSION 1
+#define LSQUIC_PATCH_VERSION 2
 
 /**
  * Engine flags:
diff --git a/src/liblsquic/lsquic_engine.c b/src/liblsquic/lsquic_engine.c
index 1ce6e33..751b143 100644
--- a/src/liblsquic/lsquic_engine.c
+++ b/src/liblsquic/lsquic_engine.c
@@ -3026,7 +3026,12 @@ lsquic_engine_packet_in (lsquic_engine_t *engine,
         is_ietf = 0 == (packet_in->pi_flags & PI_GQUIC);
         packet_in_data += packet_in->pi_data_sz;
         if (is_ietf && packet_in_data < packet_end)
+        {
             cid = packet_in->pi_dcid;
+            if (packet_begin == packet_in->pi_data) /* Only log once: */
+                LSQ_DEBUGC("received coalesced datagram of %zd bytes for "
+                        "connection %"CID_FMT, packet_in_size, CID_BITS(&cid));
+        }
         packet_in->pi_received = lsquic_time_now();
         packet_in->pi_flags |= (3 & ecn) << PIBIT_ECN_SHIFT;
         eng_hist_inc(&engine->history, packet_in->pi_received, sl_packets_in);
diff --git a/src/liblsquic/lsquic_full_conn_ietf.c b/src/liblsquic/lsquic_full_conn_ietf.c
index 1e050ee..4150921 100644
--- a/src/liblsquic/lsquic_full_conn_ietf.c
+++ b/src/liblsquic/lsquic_full_conn_ietf.c
@@ -2101,7 +2101,7 @@ maybe_get_rate_available_scid_slot (struct ietf_full_conn *conn,
         return;
     }
 
-    /* period: ns per cid */
+    /* period: usec per cid */
     period = (60 * 1000000) / conn->ifc_enpub->enp_settings.es_scid_iss_rate;
     active_cid = 0;
     total_elapsed = 0;
@@ -2119,12 +2119,12 @@ maybe_get_rate_available_scid_slot (struct ietf_full_conn *conn,
         }
     }
     elapsed_thresh = ((active_cid * (active_cid + 1)) / 2) * period;
-    /* compare total elapsed ns to elapsed ns threshold */
+    /* compare total elapsed usec to elapsed usec threshold */
     if (total_elapsed < elapsed_thresh)
     {
         wait_time = (elapsed_thresh - total_elapsed) / active_cid;
         LSQ_DEBUG("cid_throt no SCID slots available (rate-limited), "
-                    "must wait %"PRIu64" ns", wait_time);
+                    "must wait %"PRIu64" usec", wait_time);
         lsquic_alarmset_set(&conn->ifc_alset, AL_CID_THROT, now + wait_time);
         conn->ifc_send_flags &= ~SF_SEND_NEW_CID;
     }
@@ -6067,6 +6067,13 @@ process_new_connection_id_frame (struct ietf_full_conn *conn,
         return 0;
     }
 
+    if (CUR_DCID(conn)->len == 0)
+    {
+        ABORT_QUIETLY(0, TEC_PROTOCOL_VIOLATION, "Received NEW_CONNECTION_ID "
+            "frame, but current DCID is zero-length");
+        return 0;
+    }
+
     if (seqno < conn->ifc_last_retire_prior_to)
     {
         retire_seqno(conn, seqno);
@@ -6563,10 +6570,11 @@ init_new_path (struct ietf_full_conn *conn, struct conn_path *path,
         path->cop_path.np_dcid = dce->de_cid;
         dce->de_flags |= DE_ASSIGNED;
     }
-    else if (!dcid_changed)
+    else if (!dcid_changed || CUR_DCID(conn)->len == 0)
     {
-        /* It is OK to reuse DCID if the peer did not use a new DCID when its
-         * address changed.  See [draft-ietf-quic-transport-24] Section 9.5.
+        /* It is OK to reuse DCID if it is zero-length or ir the peer did not
+         * use a new DCID when its address changed.  See
+         * [draft-ietf-quic-transport-24] Section 9.5.
          */
         path->cop_path.np_dcid = CUR_NPATH(conn)->np_dcid;
         LSQ_DEBUGC("assigned already-used DCID %"CID_FMT" to new path %u, "
diff --git a/src/liblsquic/lsquic_send_ctl.c b/src/liblsquic/lsquic_send_ctl.c
index f61b042..9bdee1f 100644
--- a/src/liblsquic/lsquic_send_ctl.c
+++ b/src/liblsquic/lsquic_send_ctl.c
@@ -1811,6 +1811,8 @@ send_ctl_maybe_zero_pad (struct lsquic_send_ctl *ctl,
         if (cum_size + size > limit)
             break;
         cum_size += size;
+        if (HETY_NOT_SET == packet_out->po_header_type)
+            break;
     }
 
     LSQ_DEBUG("cum_size: %zu; limit: %zu", cum_size, limit);
diff --git a/src/liblsquic/lsquic_stream.c b/src/liblsquic/lsquic_stream.c
index 5342fb8..b5638f5 100644
--- a/src/liblsquic/lsquic_stream.c
+++ b/src/liblsquic/lsquic_stream.c
@@ -1069,7 +1069,7 @@ lsquic_stream_frame_in (lsquic_stream_t *stream, stream_frame_t *frame)
     assert(frame->packet_in);
 
     SM_HISTORY_APPEND(stream, SHE_FRAME_IN);
-    LSQ_DEBUG("received stream frame, offset 0x%"PRIX64", len %u; "
+    LSQ_DEBUG("received stream frame, offset %"PRIu64", len %u; "
         "fin: %d", frame->data_frame.df_offset, frame->data_frame.df_size, !!frame->data_frame.df_fin);
 
     if ((stream->sm_bflags & SMBF_USE_HEADERS)
@@ -1210,16 +1210,16 @@ lsquic_stream_rst_in (lsquic_stream_t *stream, uint64_t offset,
 
     if (lsquic_sfcw_get_max_recv_off(&stream->fc) > offset)
     {
-        LSQ_INFO("RST_STREAM invalid: its offset 0x%"PRIX64" is "
+        LSQ_INFO("RST_STREAM invalid: its offset %"PRIu64" is "
             "smaller than that of byte following the last byte we have seen: "
-            "0x%"PRIX64, offset,
+            "%"PRIu64, offset,
             lsquic_sfcw_get_max_recv_off(&stream->fc));
         return -1;
     }
 
     if (!lsquic_sfcw_set_max_recv_off(&stream->fc, offset))
     {
-        LSQ_INFO("RST_STREAM invalid: its offset 0x%"PRIX64
+        LSQ_INFO("RST_STREAM invalid: its offset %"PRIu64
             " violates flow control", offset);
         return -1;
     }
@@ -4142,13 +4142,13 @@ lsquic_stream_window_update (lsquic_stream_t *stream, uint64_t offset)
     if (offset > stream->max_send_off)
     {
         SM_HISTORY_APPEND(stream, SHE_WINDOW_UPDATE);
-        LSQ_DEBUG("update max send offset from 0x%"PRIX64" to "
-            "0x%"PRIX64, stream->max_send_off, offset);
+        LSQ_DEBUG("update max send offset from %"PRIu64" to "
+            "%"PRIu64, stream->max_send_off, offset);
         stream->max_send_off = offset;
     }
     else
-        LSQ_DEBUG("new offset 0x%"PRIX64" is not larger than old "
-            "max send offset 0x%"PRIX64", ignoring", offset,
+        LSQ_DEBUG("new offset %"PRIu64" is not larger than old "
+            "max send offset %"PRIu64", ignoring", offset,
             stream->max_send_off);
 }