Trait s2n_quic::provider::stateless_reset_token::Generator

pub trait Generator: 'static + Send {
    const ENABLED: bool = true;

    // Required method
    fn generate(&mut self, local_connection_id: &[u8]) -> Token;
}

A generator for a stateless reset token

QUIC§21.11 highlights a denial of service attack that is possible if an attacker can cause an endpoint to transmit a valid stateless reset token for a connection ID of the attacker’s choosing. This attack may be mitigated by ensuring the generate implementation only returns a valid (non-random) Token if the given local_connection_id does not correspond to any active connection on any endpoint that uses the same static key for generating stateless reset tokens. This is in accordance with the following requirement:

More generally, servers MUST NOT generate a stateless reset if a connection with the corresponding connection ID could be active on any endpoint using the same static key.

This may require coordination between endpoints and/or careful setup of load balancing and packet routing, as well as ensuring the connection IDs in use are difficult to guess.

Take these factors into consideration before enabling the Stateless Reset Token Generator. By default, stateless resets are not transmitted by s2n-quic endpoints, see stateless_reset_token::Default.

Provided Associated Constants

const ENABLED: bool = true

If enabled, a stateless reset packet containing the token generated by this Generator will be sent when a packet is received that cannot be matched to an existing connection. Otherwise, the packet will be dropped with no further action.

Required Methods

fn generate(&mut self, local_connection_id: &[u8]) -> Token

Generates a stateless reset token.

The stateless reset token MUST be difficult to guess.

To enable stateless reset functionality, the stateless reset token must be generated the same for a given local_connection_id before and after loss of state.

Object Safety

This trait is not object safe.

Implementors