]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
Include RETRY_CID transport parameter when handling retried connection
authorNeil Horman <nhorman@openssl.org>
Thu, 7 Nov 2024 14:34:29 +0000 (09:34 -0500)
committerNeil Horman <nhorman@openssl.org>
Sat, 11 Jan 2025 21:02:29 +0000 (16:02 -0500)
After sending a retry frame from a server, the subsequent server hello
record must include the RETRY_SCID transport parameter, as per RFC 9000:
https://datatracker.ietf.org/doc/html/rfc9000#section-7.3

Implement the encoding of said retry_source_connection_id transport
param, and fix up tests to address the impact of that change.  Test
changes amount to:
1) quicapitest needs to have its tparam test augmented such that it
   doesn't inject the retry_scid on its own, as the quic stack does it
   for the test now
2) quicapitest needs to have the ssl_trace test adjusted so the expected
   record values are reflected.

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25890)

ssl/quic/quic_channel.c
test/quicapitest.c
test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt
test/recipes/75-test_quicapi_data/ssltraceref.txt

index 99222c2fd9c26a87a915779d6c4feca863ef6a57..352e6b44c78079e25e8879b404a672bbe5f736e0 100644 (file)
@@ -1755,6 +1755,11 @@ static int ch_generate_transport_params(QUIC_CHANNEL *ch)
         if (!ossl_quic_wire_encode_transport_param_cid(&wpkt, QUIC_TPARAM_INITIAL_SCID,
                                                        &ch->cur_local_cid))
             goto err;
+        if (ch->odcid.id_len != 0)
+            if (!ossl_quic_wire_encode_transport_param_cid(&wpkt,
+                                                           QUIC_TPARAM_RETRY_SCID,
+                                                           &ch->init_dcid))
+                goto err;
     } else {
         /* Client always uses an empty SCID. */
         if (ossl_quic_wire_encode_transport_param_bytes(&wpkt, QUIC_TPARAM_INITIAL_SCID,
index 7b9123482a2feb1d3769e614b34292179775fc5e..34ee52d07bf1c0c059942678fbd7b872891f83b6 100644 (file)
@@ -1724,7 +1724,6 @@ struct tparam_test {
     size_t      buf_len;
 };
 
-static const unsigned char retry_scid_1[8] = { 0 };
 
 static const unsigned char disable_active_migration_1[] = {
     0x00
@@ -1852,8 +1851,6 @@ static const struct tparam_test tparam_tests[] = {
     TPARAM_CHECK_DROP(ORIG_DCID,
                       "ORIG_DCID was not sent but is required")
 
-    TPARAM_CHECK_INJECT_A(RETRY_SCID, retry_scid_1,
-                          "RETRY_SCID sent when not performing a retry")
     TPARAM_CHECK_DROP_INJECT_A(DISABLE_ACTIVE_MIGRATION, disable_active_migration_1,
                                "DISABLE_ACTIVE_MIGRATION is malformed")
     TPARAM_CHECK_INJECT(UNKNOWN_1, NULL, 0,
index eb55e9a5ba85d27f04827e41edca306ac91778b3..278e2934f3231a6ae4209dd582cb65f24a77baf7 100644 (file)
@@ -100,7 +100,7 @@ Sent Datagram
 Received Datagram
   Length: 1200
 Received Datagram
-  Length: 234
+  Length: 244
 Received Packet
   Packet Type: Initial
   Version: 0x00000001
@@ -150,7 +150,7 @@ Received Packet
   Version: 0x00000001
   Destination Conn Id: <zero length id>
   Source Conn Id: 0x????????????????
-  Payload length: 213
+  Payload length: 223
   Packet Number: 0x00000001
 Received Frame: Crypto
     Offset: 0
@@ -161,14 +161,15 @@ Header:
   Content Type = ApplicationData (23)
   Length = 1022
   Inner Content Type = Handshake (22)
-    EncryptedExtensions, Length=88
-      extensions, length = 86
-        extension_type=UNKNOWN(57), length=67
+    EncryptedExtensions, Length=98
+      extensions, length = 96
+        extension_type=UNKNOWN(57), length=77
           0000 - 0c 00 00 08 ?? ?? ?? ??-?? ?? ?? ?? 0f 08 ??   ....????????..?
-          000f - ?? ?? ?? ?? ?? ?? ?? 01-04 80 00 75 30 03 02   ???????....u0..
-          001e - 44 b0 0e 01 02 04 04 80-0c 00 00 05 04 80 08   D..............
-          002d - 00 00 06 04 80 08 00 00-07 04 80 08 00 00 08   ...............
-          003c - 02 40 64 09 02 40 64                           .@d..@d
+          000f - ?? ?? ?? ?? ?? ?? ?? 10-08 ?? ?? ?? ?? ?? ??   ???????????????
+          001e - ?? ?? 01 04 80 00 75 30-03 02 44 b0 0e 01 02   ???????????????
+          002d - 04 04 80 0c 00 00 05 04-80 08 00 00 06 04 80   ...............
+          003c - 08 00 00 07 04 80 08 00-00 08 02 40 64 09 02   ???????????????
+          004b - 40 64                                          ??
         extension_type=application_layer_protocol_negotiation(16), length=11
           ossltest
 
@@ -262,12 +263,12 @@ YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
 
 Received Frame: Crypto
     Offset: 1022
-    Len: 192
+    Len: 202
 Received TLS Record
 Header:
   Version = TLS 1.2 (0x303)
   Content Type = ApplicationData (23)
-  Length = 192
+  Length = 202
   Inner Content Type = Handshake (22)
     CertificateVerify, Length=260
       Signature Algorithm: rsa_pss_rsae_sha256 (0x0804)
index 127c1629e558fd17b91f31a419c7e32f583e7e97..901740bbbf0f40a1d3607035138668bf3e4c0189 100644 (file)
@@ -98,7 +98,7 @@ Sent Datagram
 Received Datagram
   Length: 1200
 Received Datagram
-  Length: 234
+  Length: 244
 Received Packet
   Packet Type: Initial
   Version: 0x00000001
@@ -148,7 +148,7 @@ Received Packet
   Version: 0x00000001
   Destination Conn Id: <zero length id>
   Source Conn Id: 0x????????????????
-  Payload length: 213
+  Payload length: 223
   Packet Number: 0x00000001
 Received Frame: Crypto
     Offset: 0
@@ -159,14 +159,15 @@ Header:
   Content Type = ApplicationData (23)
   Length = 1022
   Inner Content Type = Handshake (22)
-    EncryptedExtensions, Length=88
-      extensions, length = 86
-        extension_type=UNKNOWN(57), length=67
+    EncryptedExtensions, Length=98
+      extensions, length = 96
+        extension_type=UNKNOWN(57), length=77
           0000 - 0c 00 00 08 ?? ?? ?? ??-?? ?? ?? ?? 0f 08 ??   ....????????..?
-          000f - ?? ?? ?? ?? ?? ?? ?? 01-04 80 00 75 30 03 02   ???????....u0..
-          001e - 44 b0 0e 01 02 04 04 80-0c 00 00 05 04 80 08   D..............
-          002d - 00 00 06 04 80 08 00 00-07 04 80 08 00 00 08   ...............
-          003c - 02 40 64 09 02 40 64                           .@d..@d
+          000f - ?? ?? ?? ?? ?? ?? ?? 10-08 ?? ?? ?? ?? ?? ??   ???????..??????
+          001e - ?? ?? 01 04 80 00 75 30-03 02 44 b0 0e 01 02   ??....??..?....
+          002d - 04 04 80 0c 00 00 05 04-80 08 00 00 06 04 80   ...............
+          003c - 08 00 00 07 04 80 08 00-00 08 02 40 64 09 02   ...........@d..
+          004b - 40 64                                          @d
         extension_type=application_layer_protocol_negotiation(16), length=11
           ossltest
 
@@ -260,12 +261,12 @@ YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
 
 Received Frame: Crypto
     Offset: 1022
-    Len: 192
+    Len: 202
 Received TLS Record
 Header:
   Version = TLS 1.2 (0x303)
   Content Type = ApplicationData (23)
-  Length = 192
+  Length = 202
   Inner Content Type = Handshake (22)
     CertificateVerify, Length=260
       Signature Algorithm: rsa_pss_rsae_sha256 (0x0804)