search

aiortc / aioquic

QUIC and HTTP/3 implementation in Python
BSD 3-Clause "New" or "Revised" License
1.6k stars 229 forks source link

Improved path challenge handling. #483

Closed rthalley closed 2 weeks ago

rthalley commented 3 months ago

1) We are willing to reply to up to 5 outstanding challenges on a connection, as it is legal for a client to send more than one. We limit to 5 to prevent excessive challenging.

2) We now accept path challege responses on any network path, in accordance with RFC 9000 section 8.2.3.

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 100.00%. Comparing base (6c5b9db) to head (77014f8).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #483 +/- ## ========================================= Coverage 100.00% 100.00% ========================================= Files 25 25 Lines 4976 4987 +11 ========================================= + Hits 4976 4987 +11 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

rthalley commented 3 months ago

This patch addresses the issue raised by [#189], though with a different implementation. It also addresses another issue, which is that we may need to reply to more than one remote challenge on the same path. Both sides are bounded, currently to 5 items, to avoid any possible resource attack. There are tests and coverage remains at 100%.

rthalley commented 3 months ago

I will lint this one further and push an update tonight or tomorrow morning