Select proper ORIG_DCID when sending server hello over quic

When establishing a connection over quic, if the channel is established
in response to a retry request from the server, the ORIG_DCID transport
parameter must reflect the original dcid sent from the client in the
first inital packet that the server sent the retry request in response
to.

As opposed to establishing a connection without the retry request, when
address validation isn't in use, where the ORIG_DCID parameter just
represents the the dcid that the client sent.

Augment the channel creation code to select the 'right' DCID when
encoding server side transport parameters

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25890)

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 3e47b25a6354738aa3eb94ce1babd0c4f91fa725..99222c2fd9c26a87a915779d6c4feca863ef6a57 100644 (file)
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -1749,7 +1749,7 @@ static int ch_generate_transport_params(QUIC_CHANNEL *ch)
 
     if (ch->is_server) {
         if (!ossl_quic_wire_encode_transport_param_cid(&wpkt, QUIC_TPARAM_ORIG_DCID,
-                                                       &ch->init_dcid))
+                                                       id_to_use))
             goto err;
 
         if (!ossl_quic_wire_encode_transport_param_cid(&wpkt, QUIC_TPARAM_INITIAL_SCID,
@@ -3402,6 +3402,10 @@ static int ch_on_new_conn_common(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
     ch->cur_peer_addr   = *peer;
     ch->init_dcid       = *peer_dcid;
     ch->cur_remote_dcid = *peer_scid;
+    ch->odcid.id_len = 0;
+
+    if (peer_odcid != NULL)
+        ch->odcid = *peer_odcid;
 
     /* Inform QTX of peer address. */
     if (!ossl_quic_tx_packetiser_set_peer(ch->txp, &ch->cur_peer_addr))
@@ -3428,8 +3432,8 @@ static int ch_on_new_conn_common(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
 
     /* Register the peer ODCID in the LCIDM. */
     if (!ossl_quic_lcidm_enrol_odcid(ch->lcidm, ch, peer_odcid == NULL ?
-                                                    &ch->init_dcid :
-                                                    peer_odcid))
+                                     &ch->init_dcid :
+                                     peer_odcid))
         return 0;
 
     /* Change state. */

diff --git a/ssl/quic/quic_channel_local.h b/ssl/quic/quic_channel_local.h
index 7cafa109c4998d7e7ad621cf0edbe939dc90278a..97ef45e06e197f58be8096e30b8a27351274fd38 100644 (file)
--- a/ssl/quic/quic_channel_local.h
+++ b/ssl/quic/quic_channel_local.h
@@ -107,6 +107,13 @@ struct quic_channel_st {
      */
     QUIC_CONN_ID                    init_dcid;
 
+    /*
+     * Server: If this channel is created in response to an init packet sent
+     * after the server has sent a retry packet to do address validation, this
+     * field stores the original connection id from the first init packet sent
+     */
+    QUIC_CONN_ID                    odcid;
+
     /*
      * Client: The SCID found in the first Initial packet from the server.
      * Not valid for servers.