root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

QUIC CONFORMANCE: RFC 9000 s. 12.3: PN Limit 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
This commit is contained in:
Hugo Landau 2023-06-06 16:25:11 +01:00 committed by Pauli
parent dfe5e7fa98
commit 5a1b1d2be3
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ssl/quic/quic_channel.c
View File

@ -2041,7 +2041,19 @@ static int ch_tx(QUIC_CHANNEL *ch)
case TX_PACKETISER_RES_NO_PKT: case TX_PACKETISER_RES_NO_PKT:
break; /* No packet was sent */ break; /* No packet was sent */
default: default:
/*
* One case where TXP can fail is if we reach a TX PN of 2**62 - 1. As
* per RFC 9000 s. 12.3, if this happens we MUST close the connection
* without sending a CONNECTION_CLOSE frame. This is actually handled as
* an emergent consequence of our design, as the TX packetiser will
* never transmit another packet when the TX PN reaches the limit.
*
* Calling the below function terminates the connection; its attempt to
* schedule a CONNECTION_CLOSE frame will not actually cause a packet to
* be transmitted for this reason.
*/
ossl_quic_channel_raise_protocol_error(ch, QUIC_ERR_INTERNAL_ERROR, 0, ossl_quic_channel_raise_protocol_error(ch, QUIC_ERR_INTERNAL_ERROR, 0,
"internal error"); "internal error");
break; /* Internal failure (e.g. allocation, assertion) */ break; /* Internal failure (e.g. allocation, assertion) */