]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4d29127) | patch
Augment RETRY validation token
authorAndrew Dinh <andrewd@openssl.org>
Wed, 27 Nov 2024 20:35:16 +0000 (12:35 -0800)
committerNeil Horman <nhorman@openssl.org>
Mon, 17 Feb 2025 16:27:33 +0000 (11:27 -0500)
commit2b271d0f85bd720f137abd55bbab247c6dd0d176
treec0697051febea34e706e5031e29b48235a475c87tree
parent4d2912749e4e4c0c2ace3b95cc26a3d26f768316commit | diff
Augment RETRY validation token

Adds fields to the QUIC RETRY packet validation token:
timestamp, remote_addr, odcid, & rscid.

Also adds functionality to validate the token once returned by the client.

Note that this does not encrypt the token yet.

Also check that the RSCID stored in the RETRY validation
token matches the DCID in the header.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26048)
ssl/quic/quic_port.c diff | blob | blame | history
ssl/quic/quic_tserver.c diff | blob | blame | history
test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt diff | blob | blame | history
test/recipes/75-test_quicapi_data/ssltraceref.txt diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git