Check all frames for stateless reset conditions

In writing the quic stateless reset test we found that the quic rx code
wasn't checking for stateless reest conditions, as the SRT frames were
getting discarded due to failed lcdim lookups.  Move the SRT check above
the lcdim lookup in the rx path to ensure we handle SRT properly in the
client.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23384)

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index 46ca22cc3b1850ecf75f52f765f2432e8c12eb0f..0de384de454e877741bec8e158797d4d710c1a53 100644 (file)
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -499,6 +499,9 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg,
     if (!ossl_quic_port_is_running(port))
         goto undesirable;
 
+    if (port_try_handle_stateless_reset(port, e))
+        goto undesirable;
+
     if (dcid != NULL
         && ossl_quic_lcidm_lookup(port->lcidm, dcid, NULL,
                                   (void **)&ch)) {
@@ -507,9 +510,6 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg,
         return;
     }
 
-    if (port_try_handle_stateless_reset(port, e))
-        goto undesirable;
-
     /*
      * If we have an incoming packet which doesn't match any existing connection
      * we assume this is an attempt to make a new connection. Currently we