From a06a3f6aba43525e32cb033e0472d25a15f202a5 Mon Sep 17 00:00:00 2001
From: Vladimir Homutov <vl@nginx.com>
Date: Thu, 1 Oct 2020 22:20:51 +0300
Subject: [PATCH] QUIC: fixed handling of incorrect packets.

Instead of ignoring, connection was closed. This was broken in d0d3fc0697a0.
---
 src/event/ngx_event_quic_transport.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/event/ngx_event_quic_transport.c b/src/event/ngx_event_quic_transport.c
index 9ee18ca9b..9a1704f10 100644
--- a/src/event/ngx_event_quic_transport.c
+++ b/src/event/ngx_event_quic_transport.c
@@ -256,7 +256,12 @@ ngx_quic_parse_packet(ngx_quic_header_t *pkt)
     if (!ngx_quic_long_pkt(pkt->flags)) {
         pkt->level = ssl_encryption_application;
 
-        return ngx_quic_parse_short_header(pkt, NGX_QUIC_SERVER_CID_LEN);
+        if (ngx_quic_parse_short_header(pkt, NGX_QUIC_SERVER_CID_LEN) != NGX_OK)
+        {
+            return NGX_DECLINED;
+        }
+
+        return NGX_OK;
     }
 
     if (ngx_quic_parse_long_header(pkt) != NGX_OK) {
@@ -277,7 +282,11 @@ ngx_quic_parse_packet(ngx_quic_header_t *pkt)
 
         pkt->level = ssl_encryption_initial;
 
-        return ngx_quic_parse_initial_header(pkt);
+        if (ngx_quic_parse_initial_header(pkt) != NGX_OK) {
+            return NGX_DECLINED;
+        }
+
+        return NGX_OK;
     }
 
     if (ngx_quic_pkt_hs(pkt->flags)) {
@@ -292,7 +301,11 @@ ngx_quic_parse_packet(ngx_quic_header_t *pkt)
          return NGX_DECLINED;
     }
 
-    return ngx_quic_parse_handshake_header(pkt);
+    if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) {
+        return NGX_DECLINED;
+    }
+
+    return NGX_OK;
 }