quiche icon indicating copy to clipboard operation
quiche copied to clipboard
verified publisher icon cloudflare

Allow to specify dcid when creating a client side connection

Open normanmaurer opened this issue 1 month ago • 10 comments

Motivation:

Sometimes the user want to have control over generating the dcid when creating a new client side connection. This was not possible before.

Modification:

  • Only use dcid for local transport params when the connection is for server side
  • Use provided odcid as dcid on the client side when given and if not just randomly generate one

Result:

More flexible usage possible

normanmaurer avatar Nov 06 '25 07:11 normanmaurer

I really only care about be able to do this using the c headers but never less thought it might also be useful to be able to do this via the rust api so I added two new functions there as well.

normanmaurer avatar Nov 06 '25 07:11 normanmaurer

The RFC places requirements for unpredictability and length on the client DCID field; see https://datatracker.ietf.org/doc/html/rfc9000#section-7.2-3

I'm concerned this change can make QUIC connections vulnerable, in ways described in the RFC security considerations, or in ways that are yet to be determined.

That said, there could be use cases where a deterministic CID (yet unpredictable to some actors) is useful.

Providing safety rails for the majority of default users is important. Perhaps this could be placed behind a very explicit opt-in feature flag with some clear warning are references to the relevant RFC text

LPardue avatar Nov 06 '25 07:11 LPardue

The RFC places requirements for unpredictability and length on the client DCID field; see https://datatracker.ietf.org/doc/html/rfc9000#section-7.2-3

I'm concerned this change can make QUIC connections vulnerable, in ways described in the RFC security considerations, or in ways that are yet to be determined.

Fair enough...

That said, there could be use cases where a deterministic CID (yet unpredictable to some actors) is useful.

Yeah that's why I need it :)

Providing safety rails for the majority of default users is important. Perhaps this could be placed behind a very explicit opt-in feature flag with some clear warning are references to the relevant RFC text

That would be fine with me ... That said I think we could also add some validations for the length at least (must be at least 8 bytes). Let me do this in any case.

normanmaurer avatar Nov 06 '25 07:11 normanmaurer

@LPardue added the length check and also added some more docs. That said I would also be ok to just remove the two new rust functions completely as long as I can do it via FFI / c :)

normanmaurer avatar Nov 06 '25 07:11 normanmaurer

Just to make it clear.... I basically (as a library user) would like to be able to control how this random value is generated for the DCID.

normanmaurer avatar Nov 06 '25 18:11 normanmaurer

@LPardue @ghedo would be possible to add ?

normanmaurer avatar Nov 10 '25 08:11 normanmaurer

ping again...

normanmaurer avatar Nov 17 '25 15:11 normanmaurer

As noted in https://github.com/cloudflare/quiche/pull/2234#issuecomment-3495528844, I think this need to be put behind a feature flag. I'm not willing to make this the default behaviour and risk clients accidentally using the API incorrectly

LPardue avatar Dec 02 '25 14:12 LPardue

@LPardue that's fair enough let me make the change later today

normanmaurer avatar Dec 02 '25 15:12 normanmaurer

@LPardue I added the feature flag as requested... PTAL

normanmaurer avatar Dec 09 '25 01:12 normanmaurer