From: Hugo Landau <hlandau@openssl.org>
Date: Tue, 6 Jun 2023 15:25:11 +0000 (+0100)
Subject: QUIC CONFORMANCE: RFC 9000 s. 17.2.2: Enforce no initial token from server
X-Git-Tag: openssl-3.2.0-alpha1~443
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fd0d593220dd259ab9d327782eae28a07a537712;p=thirdparty%2Fopenssl.git

QUIC CONFORMANCE: RFC 9000 s. 17.2.2: Enforce no initial token from server

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
---

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 1952b7390c8..9321ff29edd 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -1908,6 +1908,19 @@ static void ch_rx_handle_packet(QUIC_CHANNEL *ch)
             break;
         }
 
+        if (!ch->is_server
+            && ch->qrx_pkt->hdr->type == QUIC_PKT_TYPE_INITIAL
+            && ch->qrx_pkt->hdr->token_len > 0) {
+            /*
+             * RFC 9000 s. 17.2.2: Clients that receive an Initial packet with a
+             * non-zero Token Length field MUST either discard the packet or
+             * generate a connection error of type PROTOCOL_VIOLATION.
+             */
+            ossl_quic_channel_raise_protocol_error(ch, QUIC_ERR_PROTOCOL_VIOLATION,
+                                                   0, "client received initial token");
+            break;
+        }
+
         /* This packet contains frames, pass to the RXDP. */
         ossl_quic_handle_frames(ch, ch->qrx_pkt); /* best effort */
         break;