git.ipfire.org Git - thirdparty/openssl.git/commit

author	Alexandr Nedvedicky <sashan@openssl.org>
	Tue, 18 Feb 2025 00:34:04 +0000 (01:34 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 25 Feb 2025 11:05:10 +0000 (12:05 +0100)
commit	96075a6a4061eab8274fc27f5f10959ddae433e5
tree	e5d3f91df6b93f9d3a06f9fbac7e50d110288a4f	tree \| snapshot
parent	c14ae04613528f42f31a6fff1c0fa5ae3be887bb	commit \| diff

Fix AEAD validation of initial packets in port

The interoperability tests disable client ip address
validation done by RETRY packet. All tests done in CI
take code path which sends a retry packet.

The first initial packet sent by client uses a different
initial encryption level keys to protect packet integrity.
The keys are derived from DCID chosen by client.

When server accepts connection on behalf of initial packet,
the 'DCID' gets changed which means the initial level encryption keys
are changing too. So when server skips sending a retry packet,
it must forget the qrx which was used to validate initial
packet sent by client.

Forgetting qrx is not straightforward, we must salvage the
unencrypted packets left there after they were validated.
Those unencrypted packets must be injected to newly created channel.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26808)

include/internal/quic_channel.h		diff \| blob \| blame \| history
include/internal/quic_record_rx.h		diff \| blob \| blame \| history
ssl/quic/quic_channel.c		diff \| blob \| blame \| history
ssl/quic/quic_port.c		diff \| blob \| blame \| history
ssl/quic/quic_record_rx.c		diff \| blob \| blame \| history