[openssl/openssl] 56e303: Ignore retry packets that arrive too late
Matt Caswell
noreply at github.com
Thu Oct 19 09:55:16 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 56e303259ed48884c914fe24b354e9cc7b7532c3
https://github.com/openssl/openssl/commit/56e303259ed48884c914fe24b354e9cc7b7532c3
Author: Matt Caswell <matt at openssl.org>
Date: 2023-10-19 (Thu, 19 Oct 2023)
Changed paths:
M ssl/quic/quic_channel.c
Log Message:
-----------
Ignore retry packets that arrive too late
RFC 9000 s 17.2.5.2 says
> After the client has received and processed an Initial or Retry packet
> from the server, it MUST discard any subsequent Retry packets that it
> receives.
We were checking for multiple Retry packets, but not if we had already
processed an Initial packet.
Fixes the assertion failure noted in
https://github.com/openssl/openssl/pull/22368#issuecomment-1765618884
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22411)
More information about the openssl-commits
mailing list