From 7a49c30d0b229a22b26e863db6615dc8fffa4d42 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Tue, 31 Mar 2020 09:55:19 +0900 Subject: [PATCH 1/2] send INVALID_TOKEN also when failing to parse the decrypted output --- lib/quicly.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/lib/quicly.c b/lib/quicly.c index b17751392..7630f169c 100644 --- a/lib/quicly.c +++ b/lib/quicly.c @@ -5084,19 +5084,20 @@ int quicly_decrypt_address_token(ptls_aead_context_t *aead, quicly_address_token return PTLS_ALERT_DECODE_ERROR; } + /* `goto Exit` can only happen below this line, and that is guaranteed by declaring `ret` here */ + int ret; + /* decrypt */ if ((ptlen = aead->do_decrypt(aead, ptbuf, token + prefix_len + 1 + aead->algo->iv_size, len - (prefix_len + 1 + aead->algo->iv_size), token + prefix_len + 1, token, prefix_len + 1 + aead->algo->iv_size)) == SIZE_MAX) { + ret = PTLS_ALERT_DECRYPT_ERROR; *err_desc = "token decryption failure"; - /* when the token looks like retry, and we fail to decrypt, let the server close the connection immediately. Otherwise, it - * is a soft error */ - return plaintext->type == QUICLY_ADDRESS_TOKEN_TYPE_RETRY ? QUICLY_TRANSPORT_ERROR_INVALID_TOKEN : PTLS_ALERT_DECODE_ERROR; + goto Exit; } /* parse */ const uint8_t *src = ptbuf, *end = src + ptlen; - int ret; if ((ret = ptls_decode64(&plaintext->issued_at, &src, end)) != 0) goto Exit; { @@ -5158,8 +5159,13 @@ int quicly_decrypt_address_token(ptls_aead_context_t *aead, quicly_address_token ret = 0; Exit: - if (ret != 0 && *err_desc == NULL) - *err_desc = "token decode error"; + if (ret != 0) { + if (*err_desc == NULL) + *err_desc = "token decode error"; + /* promote the error to one that triggers the emission of INVALID_TOKEN_ERROR, if the token looked like a retry */ + if (plaintext->type == QUICLY_ADDRESS_TOKEN_TYPE_RETRY) + ret = QUICLY_TRANSPORT_ERROR_INVALID_TOKEN; + } return ret; } From 713707be8eb5fbc5506a0631a647d7e693b8f7eb Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Tue, 31 Mar 2020 16:03:04 +0900 Subject: [PATCH 2/2] CID of 20 bytes is allowed --- lib/quicly.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/quicly.c b/lib/quicly.c index 7630f169c..f0cd612f7 100644 --- a/lib/quicly.c +++ b/lib/quicly.c @@ -5128,7 +5128,7 @@ int quicly_decrypt_address_token(ptls_aead_context_t *aead, quicly_address_token switch (plaintext->type) { case QUICLY_ADDRESS_TOKEN_TYPE_RETRY: ptls_decode_open_block(src, end, 1, { - if ((plaintext->retry.odcid.len = end - src) >= sizeof(plaintext->retry.odcid.cid)) { + if ((plaintext->retry.odcid.len = end - src) > sizeof(plaintext->retry.odcid.cid)) { ret = PTLS_ALERT_DECODE_ERROR; goto Exit; }