From cc29ab437ea6348aa1defcab15a306742a9fd826 Mon Sep 17 00:00:00 2001
From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Wed, 14 Feb 2024 18:13:08 +0100
Subject: [PATCH] BUG/MINOR: quic: reject HANDSHAKE_DONE as server

As specified in RFC 9000, a client must never emit a HANDSHAKE_DONE
frame. If this happens, the server must close the connection with error
PROTOCOL VIOLATION.

Previously, such a frame was silently discarded on server side. The
connection remained opened which is not conformant to the specification.

This should be backported up to 2.6.
---
 src/quic_rx.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/quic_rx.c b/src/quic_rx.c
index 3a1a35faa..14f4ca26c 100644
--- a/src/quic_rx.c
+++ b/src/quic_rx.c
@@ -1056,6 +1056,14 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt,
 			if (qc_is_listener(qc)) {
 				TRACE_ERROR("non accepted QUIC_FT_HANDSHAKE_DONE frame",
 				            QUIC_EV_CONN_PRSHPKT, qc);
+
+				/* RFC 9000 19.20. HANDSHAKE_DONE Frames
+				 *
+				 * A
+				 * server MUST treat receipt of a HANDSHAKE_DONE frame as a connection
+				 * error of type PROTOCOL_VIOLATION.
+				 */
+				quic_set_connection_close(qc, quic_err_transport(QC_ERR_PROTOCOL_VIOLATION));
 				goto leave;
 			}
 
-- 
2.47.3