From 250630176b3774fa7174ce7ee4f42c73c7e22bf7 Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini <alessandro@ghedini.me>
Date: Fri, 22 Nov 2024 10:15:44 +0000
Subject: [PATCH] gracefully handle Initial+Handshake packets after dropping
 Initial epoch

When datagram with Initial+Handshake coalesced packets is received after
the Initial epoch has already been dropped, we would drop the entire
datagram, causing the peer to resend the Handshake packet.

Instead we should just skip over the Initial packet and continue
processing the datagram.

Closes #1834.
---
 quiche/src/lib.rs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/quiche/src/lib.rs b/quiche/src/lib.rs
index bf9c27824e..6c93c1d189 100644
--- a/quiche/src/lib.rs
+++ b/quiche/src/lib.rs
@@ -2654,6 +2654,17 @@ impl Connection {
                     return Ok(pkt_len);
                 }
 
+                // A datagram with Initial+Handshake coalesced packets might be
+                // received after the Initial epoch has already been dropped.
+                //
+                // To avoid rejecting the Handshake packet (due to the Initial
+                // being undecryptable), simply skip over the Initial packet and
+                // continue processing the rest of the datagram.
+                if hdr.ty == packet::Type::Initial {
+                    let pkt_len = b.off() + payload_len;
+                    return Ok(pkt_len);
+                }
+
                 let e = drop_pkt_on_err(
                     Error::CryptoFail,
                     self.recv_count,