From d80f0143c9b6a0b83b05abf79449240591dccd2e Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Wed, 11 Feb 2026 11:34:15 +0100 Subject: [PATCH] BUG/MINOR: quic: ensure handshake speed up is only run once per conn When a duplicated CRYPTO frame is received during handshake, a server may consider that there was a packet loss and immediately retransmit its pending CRYPTO data without having to wait for PTO expiration. However, RFC 9002 indicates that this should only be performed at most once per connection to avoid excessive packet transmission. QUIC connection is flagged with QUIC_FL_CONN_HANDSHAKE_SPEED_UP to mark that a fast retransmit has been performed. However, during the refactoring on CRYPTO handling with the storage conversion from ncbuf to ncbmbuf, the check on the flag was accidentely removed. The faulty patch is the following one : commit f50425c021eceb324add6873b58cc5f366554d31 MINOR: quic: remove received CRYPTO temporary tree storage This patch adds again the check on QUIC_FL_CONN_HANDSHAKE_SPEED_UP before initiating fast retransmit. This ensures this is only performed once per connection. This must be backported up to 3.3. --- src/quic_rx.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/quic_rx.c b/src/quic_rx.c index 9aed7b288..89944843e 100644 --- a/src/quic_rx.c +++ b/src/quic_rx.c @@ -1155,7 +1155,17 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt, if (frm) qc_frm_free(qc, &frm); - if (fast_retrans && qc->iel && qc->hel) { + /* RFC 9002 6.2.3. Speeding up Handshake Completion + * + * To speed up handshake completion under these conditions, an endpoint + * MAY, for a limited number of times per connection, send a packet + * containing unacknowledged CRYPTO data earlier than the PTO expiry, + * subject to the address validation limits in Section 8.1 of [QUIC- + * TRANSPORT]. Doing so at most once for each connection is adequate to + * quickly recover from a single packet loss. + */ + if (fast_retrans && !(qc->flags & QUIC_FL_CONN_HANDSHAKE_SPEED_UP) && + qc->iel && qc->hel) { struct quic_enc_level *iqel = qc->iel; struct quic_enc_level *hqel = qc->hel;