Don't fail on a bad dcid in the tranport params when fuzzing

We accept a bad original destination connection id in the transport params
while we are fuzzing since this may change every time.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 9e5b84162234c469a75accf22f68b97f11d823a2..ef6ad1508720e1c5cdb0904aa86586cad6e41bcf 100644 (file)
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -1311,11 +1311,13 @@ static int ch_on_transport_params(const unsigned char *params,
                 goto malformed;
             }
 
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
             /* Must match our initial DCID. */
             if (!ossl_quic_conn_id_eq(&ch->init_dcid, &cid)) {
                 reason = TP_REASON_EXPECTED_VALUE("ORIG_DCID");
                 goto malformed;
             }
+#endif
 
             got_orig_dcid = 1;
             break;