MINOR: quic: Disable the active connection migrations

Set "disable_active_migration" transport parameter to inform the peer
haproxy listeners does not the connection migration feature.
Also drop all received datagrams with a modified source address.

Must be backported to 2.7.

src/quic_conn.c

@@ -6360,6 +6360,19 @@ static int qc_handle_conn_migration(struct quic_conn *qc,
 {
 	TRACE_ENTER(QUIC_EV_CONN_LPKT, qc);
 
+	/* RFC 9000. Connection Migration
+	 *
+	 * If the peer sent the disable_active_migration transport parameter,
+	 * an endpoint also MUST NOT send packets (including probing packets;
+	 * see Section 9.1) from a different local address to the address the peer
+	 * used during the handshake, unless the endpoint has acted on a
+	 * preferred_address transport parameter from the peer.
+	 */
+	if (qc->li->bind_conf->quic_params.disable_active_migration) {
+		TRACE_ERROR("Active migration was disabled, datagram dropped", QUIC_EV_CONN_LPKT, qc);
+		goto err;
+	}
+
 	/* RFC 9000 9. Connection Migration
 	 *
 	 * The design of QUIC relies on endpoints retaining a stable address for

src/quic_tp.c

@@ -70,8 +70,10 @@ void quic_transport_params_init(struct quic_transport_params *p, int server)
 	p->initial_max_stream_data_uni         = ncb_size;
 	p->initial_max_data = (max_streams_bidi + max_streams_uni) * ncb_size;
 
-	if (server)
+	if (server) {
 		p->with_stateless_reset_token  = 1;
+		p->disable_active_migration    = 1;
+	}
 
 	p->active_connection_id_limit          = 8;