Re: [quicwg/base-drafts] Close in response to invalid CONNECTION_CLOSE (#3230)

ianswett <> Tue, 12 November 2019 20:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E7696120839 for <>; Tue, 12 Nov 2019 12:50:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4ySyAgx6cwlH for <>; Tue, 12 Nov 2019 12:50:36 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id EFFDE12008A for <>; Tue, 12 Nov 2019 12:50:35 -0800 (PST)
Date: Tue, 12 Nov 2019 12:50:35 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1573591835; bh=ZZuStk+PWye3W928HqVGg6FXX0Zw64ExPZa4pKjPjD8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=moykyRjUlnGlcH6R/VJWtOF89uGRENcIQ3sw9nmP24vJiBnTNEBVYRl7xEit22rtb 6Lkg2NnkyXDWctA2bMpCA7c7NTgBDl4QIMKOrzERqCXkA0OuDz2EFi3sGX9E8loLh/ bxsIpZrkRrBlh8qOqXWZPndV33YFKfwoxQFhC6OA=
From: ianswett <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3230/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Close in response to invalid CONNECTION_CLOSE (#3230)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dcb1b1b25531_3c003fd8424cd95c93015"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Nov 2019 20:50:38 -0000

ianswett commented on this pull request.

> @@ -2397,12 +2397,13 @@ transmission of CONNECTION_CLOSE frames to validated addresses or drop packets
 without response if the response would be more than three times larger than the
 received packet.
-After receiving a CONNECTION_CLOSE frame, endpoints enter the draining state.
-An endpoint that receives a CONNECTION_CLOSE frame MAY send a single packet
-containing a CONNECTION_CLOSE frame before entering the draining state, using a
-CONNECTION_CLOSE frame and a NO_ERROR code if appropriate.  An endpoint MUST NOT
-send further packets, which could result in a constant exchange of
-CONNECTION_CLOSE frames until the closing period on either peer ended.
+After receiving a CONNECTION_CLOSE frame, or an invalid packet that appears to
+contain a CONNECTION_CLOSE frame, endpoints enter the draining state.  An

"or an invalid packet that appears to contain a CONNECTION_CLOSE_ frame," is a pretty big category of potential issues.  Does this need to be called out as separate from the general invalid packet case?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: