From 56d0ca6791ea660b962ee4a25e7c0bfed9eed9c6 Mon Sep 17 00:00:00 2001 From: Neil Horman Date: Mon, 27 Jan 2025 16:32:32 -0500 Subject: [PATCH] Don't reserve an unused cid for NEW_TOKENS MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Just realized that NEW_TOKEN tokens don't need a reserved rscid. Because a client might use a received NEW_TOKEN for multiple subsequent connections, we allocate a cid when we validate the token on new connection establishment (in fact we just use the one that the client sends). As such the allocated rscid never gets used, and just sits there until it ages out. Instead, fill the rscid with random data to mutate subsequently generated NEW_TOKENS's, since it won't ever be part of the validation process anyway. Reviewed-by: Matt Caswell Reviewed-by: Saša Nedvědický (Merged from https://github.com/openssl/openssl/pull/26517) --- ssl/quic/quic_port.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c index e6e2762463f..3276ec885c4 100644 --- a/ssl/quic/quic_port.c +++ b/ssl/quic/quic_port.c @@ -1360,8 +1360,17 @@ static void generate_new_token(QUIC_CHANNEL *ch, BIO_ADDR *peer) if (ct_buf == NULL) return; - if (!ossl_quic_lcidm_get_unused_cid(ch->port->lcidm, &rscid)) + /* + * NEW_TOKEN tokens may be used for multiple subsequent connections + * within their timeout period, so don't reserve an rscid here + * like we do for retry tokens, instead, just fill it with random + * data, as we won't use it anyway + */ + rscid.id_len = 8; + if (!RAND_bytes_ex(ch->port->engine->libctx, rscid.id, 8, 0)) { + OPENSSL_free(ct_buf); return; + } if (!generate_token(peer, ch->init_dcid, rscid, &token, 0) || !marshal_validation_token(&token, buffer, &token_buf_len) -- 2.47.2