]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6654f8b) | patch
Select proper ORIG_DCID when sending server hello over quic
authorNeil Horman <nhorman@openssl.org>
Wed, 6 Nov 2024 13:47:04 +0000 (08:47 -0500)
committerNeil Horman <nhorman@openssl.org>
Mon, 17 Feb 2025 16:27:33 +0000 (11:27 -0500)
commit1c6e1e1c9cfe0e45d0c467714772d8c5567b9e9e
treed146118234f62cedbdd9338c79ca4d35030ab330tree
parent6654f8bb42fc3b936c495732545b8ac8a3679e69commit | diff
Select proper ORIG_DCID when sending server hello over quic

When establishing a connection over quic, if the channel is established
in response to a retry request from the server, the ORIG_DCID transport
parameter must reflect the original dcid sent from the client in the
first inital packet that the server sent the retry request in response
to.

As opposed to establishing a connection without the retry request, when
address validation isn't in use, where the ORIG_DCID parameter just
represents the the dcid that the client sent.

Augment the channel creation code to select the 'right' DCID when
encoding server side transport parameters

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25890)
ssl/quic/quic_channel.c diff | blob | blame | history
ssl/quic/quic_channel_local.h diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git