From 70e809b08a3fe70fed7f7ecdad88e5bb9fc3af1c Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Fri, 8 Sep 2023 12:50:59 +0100 Subject: [PATCH] QUIC CHANNEL: Add missing duplicate TPARAM handling cases Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22039) --- ssl/quic/quic_channel.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index 7504f06dfc0..3da0caa4ea6 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -1270,6 +1270,8 @@ static int ch_on_transport_params(const unsigned char *params, int got_initial_max_stream_data_uni = 0; int got_initial_max_streams_bidi = 0; int got_initial_max_streams_uni = 0; + int got_stateless_reset_token = 0; + int got_preferred_addr = 0; int got_ack_delay_exp = 0; int got_max_ack_delay = 0; int got_max_udp_payload_size = 0; @@ -1574,6 +1576,11 @@ static int ch_on_transport_params(const unsigned char *params, break; case QUIC_TPARAM_STATELESS_RESET_TOKEN: + if (got_stateless_reset_token) { + reason = TP_REASON_DUP("STATELESS_RESET_TOKEN"); + goto malformed; + } + /* * We must ensure a client doesn't send them because we don't have * processing for them. @@ -1595,12 +1602,17 @@ static int ch_on_transport_params(const unsigned char *params, goto malformed; } + got_stateless_reset_token = 1; break; case QUIC_TPARAM_PREFERRED_ADDR: { /* TODO(QUIC FUTURE): Handle preferred address. */ QUIC_PREFERRED_ADDR pfa; + if (got_preferred_addr) { + reason = TP_REASON_DUP("PREFERRED_ADDR"); + goto malformed; + } /* * RFC 9000 s. 18.2: "A server that chooses a zero-length @@ -1629,6 +1641,8 @@ static int ch_on_transport_params(const unsigned char *params, reason = "zero-length CID in PREFERRED_ADDR"; goto malformed; } + + got_preferred_addr = 1; } break; -- 2.47.2