diff options
author | Hugo Landau <hlandau@openssl.org> | 2023-10-19 09:27:11 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-10-20 16:31:40 +0100 |
commit | 461d41174b33e365677d21bf176d6959b15c2468 (patch) | |
tree | a718edd67929f9ca0c541b44192abc023acecbfa /include | |
parent | 21f7a09ca256eee0ccc9a8fc498e8427469ab506 (diff) |
QUIC: Prevent incoming oversize tokens
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22436)
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/quic_txp.h | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/include/internal/quic_txp.h b/include/internal/quic_txp.h index 64efedc27f..ae508f2393 100644 --- a/include/internal/quic_txp.h +++ b/include/internal/quic_txp.h @@ -112,13 +112,15 @@ OSSL_TIME ossl_quic_tx_packetiser_get_deadline(OSSL_QUIC_TX_PACKETISER *txp); /* * Set the token used in Initial packets. The callback is called when the buffer * is no longer needed; for example, when the TXP is freed or when this function - * is called again with a new buffer. + * is called again with a new buffer. Fails returning 0 if the token is too big + * to ever be reasonably encapsulated in an outgoing packet based on our current + * understanding of our PMTU. */ -void ossl_quic_tx_packetiser_set_initial_token(OSSL_QUIC_TX_PACKETISER *txp, - const unsigned char *token, - size_t token_len, - ossl_quic_initial_token_free_fn *free_cb, - void *free_cb_arg); +int ossl_quic_tx_packetiser_set_initial_token(OSSL_QUIC_TX_PACKETISER *txp, + const unsigned char *token, + size_t token_len, + ossl_quic_initial_token_free_fn *free_cb, + void *free_cb_arg); /* Change the DCID the TXP uses to send outgoing packets. */ int ossl_quic_tx_packetiser_set_cur_dcid(OSSL_QUIC_TX_PACKETISER *txp, |