mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-03 20:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

drop version negotiation packets that list the version the client chose

Browse source 
fixes #569
This commit is contained in:
Marten Seemann 2017-04-27 20:22:56 +07:00
parent 194c56fcbc
commit 07cbfec931
No known key found for this signature in database
GPG key ID: 3603F40B121FCDEA
2 changed files with 9 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
client.go
View file

@ -183,9 +183,11 @@ func (c *client) handlePacket(remoteAddr net.Addr, packet []byte) error {
func (c *client) handlePacketWithVersionFlag(hdr *PublicHeader) error {
for _, v := range hdr.SupportedVersions {
// check if the server sent the offered version in supported versions
if v == c.version {
return qerr.Error(qerr.InvalidVersionNegotiationPacket, "Server already supports client's version and should have accepted the connection.")
// the version negotiation packet contains the version that we offered
// this might be a packet sent by an attacker (or by a terribly broken server implementation)
// ignore it
return nil
}
}

8
client_test.go
View file

@ -265,9 +265,11 @@ var _ = Describe("Client", func() {
Consistently(func() bool { return versionNegotiateConnStateCalled }).Should(BeFalse())
})
It("errors if the server should have accepted the offered version", func() {
err := cl.handlePacket(nil, getVersionNegotiation([]protocol.VersionNumber{cl.version}))
Expect(err).To(MatchError(qerr.Error(qerr.InvalidVersionNegotiationPacket, "Server already supports client's version and should have accepted the connection.")))
It("drops version negotiation packets that contain the offered version", func() {
ver := cl.version
err := cl.handlePacket(nil, getVersionNegotiation([]protocol.VersionNumber{ver}))
Expect(err).ToNot(HaveOccurred())
Expect(cl.version).To(Equal(ver))
})
})
})