Select proper ORIG_DCID when sending server hello over quic

When establishing a connection over quic, if the channel is established
in response to a retry request from the server, the ORIG_DCID transport
parameter must reflect the original dcid sent from the client in the
first inital packet that the server sent the retry request in response
to.

As opposed to establishing a connection without the retry request, when
address validation isn't in use, where the ORIG_DCID parameter just
represents the the dcid that the client sent.

Augment the channel creation code to select the 'right' DCID when
encoding server side transport parameters

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25890)

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 23edb1a635fa9d229ddcf017a2f5217dd339fc29..305831144f2e654ecf36506591ba525c0cee05d8 100644 (file)
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -1769,7 +1769,7 @@ static int ch_generate_transport_params(QUIC_CHANNEL *ch)
 
     if (ch->is_server) {
         if (!ossl_quic_wire_encode_transport_param_cid(&wpkt, QUIC_TPARAM_ORIG_DCID,
-                                                       &ch->init_dcid))
+                                                       id_to_use))
             goto err;
 
         if (!ossl_quic_wire_encode_transport_param_cid(&wpkt, QUIC_TPARAM_INITIAL_SCID,
@@ -3422,6 +3422,10 @@ static int ch_on_new_conn_common(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
     ch->cur_peer_addr   = *peer;
     ch->init_dcid       = *peer_dcid;
     ch->cur_remote_dcid = *peer_scid;
+    ch->odcid.id_len = 0;
+
+    if (peer_odcid != NULL)
+        ch->odcid = *peer_odcid;
 
     /* Inform QTX of peer address. */
     if (!ossl_quic_tx_packetiser_set_peer(ch->txp, &ch->cur_peer_addr))
@@ -3448,8 +3452,8 @@ static int ch_on_new_conn_common(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
 
     /* Register the peer ODCID in the LCIDM. */
     if (!ossl_quic_lcidm_enrol_odcid(ch->lcidm, ch, peer_odcid == NULL ?
-                                                    &ch->init_dcid :
-                                                    peer_odcid))
+                                     &ch->init_dcid :
+                                     peer_odcid))
         return 0;
 
     /* Change state. */

diff --git a/ssl/quic/quic_channel_local.h b/ssl/quic/quic_channel_local.h
index ba8095bbac3502e66449e39f31833e17efdf1bcb..63f10412189beb51ee6f015bc607f05724b9398b 100644 (file)
--- a/ssl/quic/quic_channel_local.h
+++ b/ssl/quic/quic_channel_local.h
@@ -108,6 +108,13 @@ struct quic_channel_st {
      */
     QUIC_CONN_ID                    init_dcid;
 
+    /*
+     * Server: If this channel is created in response to an init packet sent
+     * after the server has sent a retry packet to do address validation, this
+     * field stores the original connection id from the first init packet sent
+     */
+    QUIC_CONN_ID                    odcid;
+
     /*
      * Client: The SCID found in the first Initial packet from the server.
      * Not valid for servers.