QUIC CHANNEL: Add missing duplicate TPARAM handling cases

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22039)
author: Hugo Landau <hlandau@openssl.org> 2023-09-08 12:50:59 +0100
committer: Tomas Mraz <tomas@openssl.org> 2023-09-13 22:16:34 +0200
commit: 70e809b08a3fe70fed7f7ecdad88e5bb9fc3af1c (patch)
tree: c018eee5502905f8011284970c3cba99ddb1e5b6 /ssl
parent: e501e8b606a2398d9b860eb10344113e9d1d375b (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 7504f06dfc..3da0caa4ea 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -1270,6 +1270,8 @@ static int ch_on_transport_params(const unsigned char *params,
     int got_initial_max_stream_data_uni = 0;
     int got_initial_max_streams_bidi = 0;
     int got_initial_max_streams_uni = 0;
+    int got_stateless_reset_token = 0;
+    int got_preferred_addr = 0;
     int got_ack_delay_exp = 0;
     int got_max_ack_delay = 0;
     int got_max_udp_payload_size = 0;
@@ -1574,6 +1576,11 @@ static int ch_on_transport_params(const unsigned char *params,
             break;
 
         case QUIC_TPARAM_STATELESS_RESET_TOKEN:
+            if (got_stateless_reset_token) {
+                reason = TP_REASON_DUP("STATELESS_RESET_TOKEN");
+                goto malformed;
+            }
+
             /*
              * We must ensure a client doesn't send them because we don't have
              * processing for them.
@@ -1595,12 +1602,17 @@ static int ch_on_transport_params(const unsigned char *params,
                 goto malformed;
             }
 
+            got_stateless_reset_token = 1;
             break;
 
         case QUIC_TPARAM_PREFERRED_ADDR:
             {
                 /* TODO(QUIC FUTURE): Handle preferred address. */
                 QUIC_PREFERRED_ADDR pfa;
+                if (got_preferred_addr) {
+                    reason = TP_REASON_DUP("PREFERRED_ADDR");
+                    goto malformed;
+                }
 
                 /*
                  * RFC 9000 s. 18.2: "A server that chooses a zero-length
@@ -1629,6 +1641,8 @@ static int ch_on_transport_params(const unsigned char *params,
                     reason = "zero-length CID in PREFERRED_ADDR";
                     goto malformed;
                 }
+
+                got_preferred_addr = 1;
             }
             break;
author	Hugo Landau <hlandau@openssl.org>	2023-09-08 12:50:59 +0100
committer	Tomas Mraz <tomas@openssl.org>	2023-09-13 22:16:34 +0200
commit	70e809b08a3fe70fed7f7ecdad88e5bb9fc3af1c (patch)
tree	c018eee5502905f8011284970c3cba99ddb1e5b6 /ssl
parent	e501e8b606a2398d9b860eb10344113e9d1d375b (diff)