git.ipfire.org Git - thirdparty/openssl.git/commit

author	Neil Horman <nhorman@openssl.org>
	Thu, 7 Nov 2024 14:34:29 +0000 (09:34 -0500)
committer	Neil Horman <nhorman@openssl.org>
	Mon, 17 Feb 2025 16:27:33 +0000 (11:27 -0500)
commit	35f1917f2da1dec62e665e30b44337bbe184b138
tree	2df2e6f0b00563ceeb0e73af0f2834d23d90e14c	tree
parent	1c6e1e1c9cfe0e45d0c467714772d8c5567b9e9e	commit \| diff

Include RETRY_CID transport parameter when handling retried connection

After sending a retry frame from a server, the subsequent server hello
record must include the RETRY_SCID transport parameter, as per RFC 9000:
https://datatracker.ietf.org/doc/html/rfc9000#section-7.3

Implement the encoding of said retry_source_connection_id transport
param, and fix up tests to address the impact of that change.  Test
changes amount to:
1) quicapitest needs to have its tparam test augmented such that it
   doesn't inject the retry_scid on its own, as the quic stack does it
   for the test now
2) quicapitest needs to have the ssl_trace test adjusted so the expected
   record values are reflected.

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25890)

ssl/quic/quic_channel.c		diff \| blob \| blame \| history
test/quicapitest.c		diff \| blob \| blame \| history
test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt		diff \| blob \| blame \| history
test/recipes/75-test_quicapi_data/ssltraceref.txt		diff \| blob \| blame \| history