From: Hugo Landau <hlandau@openssl.org>
Date: Tue, 6 Jun 2023 15:25:11 +0000 (+0100)
Subject: QUIC CONFORMANCE: RFC 9000 s. 12.5: Ensure CFQ can not be used to send disallowed... 
X-Git-Tag: openssl-3.2.0-alpha1~448
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8d2e353df48c141305327c43226aeb0d9a7e5aa8;p=thirdparty%2Fopenssl.git

QUIC CONFORMANCE: RFC 9000 s. 12.5: Ensure CFQ can not be used to send disallowed frame types in a given PN space

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
---

diff --git a/ssl/quic/quic_txp.c b/ssl/quic/quic_txp.c
index 18e0c507bae..38812b2a333 100644
--- a/ssl/quic/quic_txp.c
+++ b/ssl/quic/quic_txp.c
@@ -656,7 +656,7 @@ static const struct archetype_data archetypes[QUIC_ENC_LEVEL_NUM][TX_PACKETISER_
             /*allow_stream_rel                =*/ 0,
             /*allow_conn_fc                   =*/ 0,
             /*allow_conn_close                =*/ 1,
-            /*allow_cfq_other                 =*/ 1,
+            /*allow_cfq_other                 =*/ 0,
             /*allow_new_token                 =*/ 0,
             /*allow_force_ack_eliciting       =*/ 1,
         },
@@ -693,7 +693,7 @@ static const struct archetype_data archetypes[QUIC_ENC_LEVEL_NUM][TX_PACKETISER_
             /*allow_stream_rel                =*/ 0,
             /*allow_conn_fc                   =*/ 0,
             /*allow_conn_close                =*/ 1,
-            /*allow_cfq_other                 =*/ 1,
+            /*allow_cfq_other                 =*/ 0,
             /*allow_new_token                 =*/ 0,
             /*allow_force_ack_eliciting       =*/ 1,
         },