mirror of
https://github.com/refraction-networking/uquic.git
synced 2025-04-03 04:07:35 +03:00
set a net.Conn with the correct addresses on the tls.ClientHelloInfo (#4001)
This commit is contained in:
parent
44a58dc425
commit
f3a0ce1599
7 changed files with 69 additions and 0 deletions
|
@ -315,6 +315,8 @@ var newConnection = func(
|
|||
}
|
||||
cs := handshake.NewCryptoSetupServer(
|
||||
clientDestConnID,
|
||||
conn.LocalAddr(),
|
||||
conn.RemoteAddr(),
|
||||
params,
|
||||
tlsConf,
|
||||
conf.Allow0RTT,
|
||||
|
|
|
@ -3,6 +3,7 @@ package main
|
|||
import (
|
||||
"crypto/tls"
|
||||
"log"
|
||||
"net"
|
||||
|
||||
fuzzhandshake "github.com/quic-go/quic-go/fuzzing/handshake"
|
||||
"github.com/quic-go/quic-go/fuzzing/internal/helper"
|
||||
|
@ -37,6 +38,8 @@ func main() {
|
|||
config.NextProtos = []string{alpn}
|
||||
server := handshake.NewCryptoSetupServer(
|
||||
protocol.ConnectionID{},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
|
||||
&wire.TransportParameters{ActiveConnectionIDLimit: 2},
|
||||
config,
|
||||
false,
|
||||
|
|
|
@ -11,6 +11,7 @@ import (
|
|||
"log"
|
||||
"math"
|
||||
mrand "math/rand"
|
||||
"net"
|
||||
"time"
|
||||
|
||||
"github.com/quic-go/quic-go/fuzzing/internal/helper"
|
||||
|
@ -304,6 +305,8 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
|
|||
|
||||
server := handshake.NewCryptoSetupServer(
|
||||
protocol.ConnectionID{},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
|
||||
serverTP,
|
||||
serverConf,
|
||||
enable0RTTServer,
|
||||
|
|
|
@ -140,6 +140,30 @@ var _ = Describe("Handshake tests", func() {
|
|||
Expect(err).ToNot(HaveOccurred())
|
||||
})
|
||||
|
||||
It("has the right local and remote address on the ClientHelloInfo.Conn", func() {
|
||||
var local, remote net.Addr
|
||||
done := make(chan struct{})
|
||||
tlsConf := &tls.Config{
|
||||
GetConfigForClient: func(info *tls.ClientHelloInfo) (*tls.Config, error) {
|
||||
defer close(done)
|
||||
local = info.Conn.LocalAddr()
|
||||
remote = info.Conn.RemoteAddr()
|
||||
return getTLSConfig(), nil
|
||||
},
|
||||
}
|
||||
runServer(tlsConf)
|
||||
conn, err := quic.DialAddr(
|
||||
context.Background(),
|
||||
fmt.Sprintf("localhost:%d", server.Addr().(*net.UDPAddr).Port),
|
||||
getTLSClientConfig(),
|
||||
getQuicConfig(nil),
|
||||
)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Eventually(done).Should(BeClosed())
|
||||
Expect(server.Addr()).To(Equal(local))
|
||||
Expect(conn.LocalAddr().(*net.UDPAddr).Port).To(Equal(remote.(*net.UDPAddr).Port))
|
||||
})
|
||||
|
||||
It("works with a long certificate chain", func() {
|
||||
runServer(getTLSConfigWithLongCertChain())
|
||||
_, err := quic.DialAddr(
|
||||
|
|
21
internal/handshake/conn.go
Normal file
21
internal/handshake/conn.go
Normal file
|
@ -0,0 +1,21 @@
|
|||
package handshake
|
||||
|
||||
import (
|
||||
"net"
|
||||
"time"
|
||||
)
|
||||
|
||||
type conn struct {
|
||||
localAddr, remoteAddr net.Addr
|
||||
}
|
||||
|
||||
var _ net.Conn = &conn{}
|
||||
|
||||
func (c *conn) Read([]byte) (int, error) { return 0, nil }
|
||||
func (c *conn) Write([]byte) (int, error) { return 0, nil }
|
||||
func (c *conn) Close() error { return nil }
|
||||
func (c *conn) RemoteAddr() net.Addr { return c.remoteAddr }
|
||||
func (c *conn) LocalAddr() net.Addr { return c.localAddr }
|
||||
func (c *conn) SetReadDeadline(time.Time) error { return nil }
|
||||
func (c *conn) SetWriteDeadline(time.Time) error { return nil }
|
||||
func (c *conn) SetDeadline(time.Time) error { return nil }
|
|
@ -6,6 +6,7 @@ import (
|
|||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
|
@ -104,6 +105,7 @@ func NewCryptoSetupClient(
|
|||
// NewCryptoSetupServer creates a new crypto setup for the server
|
||||
func NewCryptoSetupServer(
|
||||
connID protocol.ConnectionID,
|
||||
localAddr, remoteAddr net.Addr,
|
||||
tp *wire.TransportParameters,
|
||||
tlsConf *tls.Config,
|
||||
allow0RTT bool,
|
||||
|
@ -125,6 +127,13 @@ func NewCryptoSetupServer(
|
|||
|
||||
quicConf := &qtls.QUICConfig{TLSConfig: tlsConf}
|
||||
qtls.SetupConfigForServer(quicConf, cs.allow0RTT, cs.getDataForSessionTicket, cs.accept0RTT)
|
||||
if quicConf.TLSConfig.GetConfigForClient != nil {
|
||||
gcfc := quicConf.TLSConfig.GetConfigForClient
|
||||
quicConf.TLSConfig.GetConfigForClient = func(info *tls.ClientHelloInfo) (*tls.Config, error) {
|
||||
info.Conn = &conn{localAddr: localAddr, remoteAddr: remoteAddr}
|
||||
return gcfc(info)
|
||||
}
|
||||
}
|
||||
|
||||
cs.tlsConf = quicConf.TLSConfig
|
||||
cs.conn = qtls.QUICServer(quicConf)
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"math/big"
|
||||
"net"
|
||||
"time"
|
||||
|
||||
mocktls "github.com/quic-go/quic-go/internal/mocks/tls"
|
||||
|
@ -65,6 +66,8 @@ var _ = Describe("Crypto Setup TLS", func() {
|
|||
var token protocol.StatelessResetToken
|
||||
server := NewCryptoSetupServer(
|
||||
protocol.ConnectionID{},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
|
||||
&wire.TransportParameters{StatelessResetToken: &token},
|
||||
testdata.GetTLSConfig(),
|
||||
false,
|
||||
|
@ -204,6 +207,8 @@ var _ = Describe("Crypto Setup TLS", func() {
|
|||
}
|
||||
server := NewCryptoSetupServer(
|
||||
protocol.ConnectionID{},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
|
||||
serverTransportParameters,
|
||||
serverConf,
|
||||
enable0RTT,
|
||||
|
@ -273,6 +278,8 @@ var _ = Describe("Crypto Setup TLS", func() {
|
|||
}
|
||||
server := NewCryptoSetupServer(
|
||||
protocol.ConnectionID{},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
|
||||
&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
|
||||
sTransportParameters,
|
||||
serverConf,
|
||||
false,
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue