From 07cbfec9310ca2e540464fb8dae776827901045d Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Thu, 27 Apr 2017 20:22:56 +0700 Subject: [PATCH] drop version negotiation packets that list the version the client chose fixes #569 --- client.go | 6 ++++-- client_test.go | 8 +++++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/client.go b/client.go index 9b3ca32f..00123f91 100644 --- a/client.go +++ b/client.go @@ -183,9 +183,11 @@ func (c *client) handlePacket(remoteAddr net.Addr, packet []byte) error { func (c *client) handlePacketWithVersionFlag(hdr *PublicHeader) error { for _, v := range hdr.SupportedVersions { - // check if the server sent the offered version in supported versions if v == c.version { - return qerr.Error(qerr.InvalidVersionNegotiationPacket, "Server already supports client's version and should have accepted the connection.") + // the version negotiation packet contains the version that we offered + // this might be a packet sent by an attacker (or by a terribly broken server implementation) + // ignore it + return nil } } diff --git a/client_test.go b/client_test.go index 15e90377..50dcfd75 100644 --- a/client_test.go +++ b/client_test.go @@ -265,9 +265,11 @@ var _ = Describe("Client", func() { Consistently(func() bool { return versionNegotiateConnStateCalled }).Should(BeFalse()) }) - It("errors if the server should have accepted the offered version", func() { - err := cl.handlePacket(nil, getVersionNegotiation([]protocol.VersionNumber{cl.version})) - Expect(err).To(MatchError(qerr.Error(qerr.InvalidVersionNegotiationPacket, "Server already supports client's version and should have accepted the connection."))) + It("drops version negotiation packets that contain the offered version", func() { + ver := cl.version + err := cl.handlePacket(nil, getVersionNegotiation([]protocol.VersionNumber{ver})) + Expect(err).ToNot(HaveOccurred()) + Expect(cl.version).To(Equal(ver)) }) }) })