TCP: don't error on data packets with stale key id

If we're rekeying a data packet with the old key id seems to be able to arrive just after finishing rekeying. Or so it seems from the e2e test.
robur-coop · Sep 28, 2024 · 15ba1ed · 15ba1ed
1 parent 6099a4b
commit 15ba1ed
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/src/engine.ml b/src/engine.ml
@@ -1769,7 +1769,13 @@ let incoming state control_crypto buf =
         let state = { state with linger } in
         let* state, out, payloads, act_opt =
           match find_channel state key op with
-          | None -> ignore_udp_error (Error (`No_channel key))
+          | None -> (
+              match op with
+              | Packet.Data_v1 ->
+                  Log.warn (fun m ->
+                      m "ignoring packet with stale or bad key id");
+                  Ok (state, out, payloads, act_opt)
+              | _ -> ignore_udp_error (Error (`No_channel key)))
           | Some (ch, set_ch) -> (
               Log.debug (fun m ->
                   m "channel %a - received key %u op %a" pp_channel ch key