From: Matt Caswell <matt@openssl.org>
Date: Wed, 7 Dec 2022 16:55:21 +0000 (+0000)
Subject: Raise a protocol error if we have not received transport params from peer
X-Git-Tag: openssl-3.2.0-alpha1~1255
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=62d0da12e397811e26be5b5be8a1cfe54de5031e;p=thirdparty%2Fopenssl.git

Raise a protocol error if we have not received transport params from peer

If we complete the TLS handshake but transport params were not received
then this is a protcol error and we should fail.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20030)
---

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index be438426ba0..bbb88470be7 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -613,12 +613,16 @@ static int ch_on_handshake_complete(void *arg)
     if (!ossl_assert(ch->tx_enc_level == QUIC_ENC_LEVEL_1RTT))
         return 0;
 
-    if (!ch->got_remote_transport_params)
+    if (!ch->got_remote_transport_params) {
         /*
          * Was not a valid QUIC handshake if we did not get valid transport
          * params.
          */
+        ossl_quic_channel_raise_protocol_error(ch, QUIC_ERR_PROTOCOL_VIOLATION,
+                                               OSSL_QUIC_FRAME_TYPE_CRYPTO,
+                                               "no transport parameters received");
         return 0;
+    }
 
     /* Don't need transport parameters anymore. */
     OPENSSL_free(ch->local_transport_params);