#
56e30325 |
| 17-Oct-2023 |
Matt Caswell |
Ignore retry packets that arrive too late RFC 9000 s 17.2.5.2 says > After the client has received and processed an Initial or Retry packet > from the server, it MUST discard an
Ignore retry packets that arrive too late RFC 9000 s 17.2.5.2 says > After the client has received and processed an Initial or Retry packet > from the server, it MUST discard any subsequent Retry packets that it > receives. We were checking for multiple Retry packets, but not if we had already processed an Initial packet. Fixes the assertion failure noted in https://github.com/openssl/openssl/pull/22368#issuecomment-1765618884 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22411)
show more ...
|
#
70e809b0 |
| 08-Sep-2023 |
Hugo Landau |
QUIC CHANNEL: Add missing duplicate TPARAM handling cases Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/opens
QUIC CHANNEL: Add missing duplicate TPARAM handling cases Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22039)
show more ...
|
#
982dae89 |
| 11-Sep-2023 |
Matt Caswell |
Ensure QUIC-TLS errors raised during channel start are available to caller TLS misconfiguration errors should be shown to the application to enable diagnosis of the problem. Otherwise yo
Ensure QUIC-TLS errors raised during channel start are available to caller TLS misconfiguration errors should be shown to the application to enable diagnosis of the problem. Otherwise you just get a generical "internal error" message. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22066)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
8c792b0c |
| 31-Aug-2023 |
Hugo Landau |
QUIC RXDP: Reuse allocations between ACK frame processing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/ope
QUIC RXDP: Reuse allocations between ACK frame processing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21917)
show more ...
|
#
617b459d |
| 09-Aug-2023 |
Hugo Landau |
QUIC CHANNEL: Introduce concept of (non-)addressed mode Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/opens
QUIC CHANNEL: Introduce concept of (non-)addressed mode Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
show more ...
|
#
be96180a |
| 09-Aug-2023 |
Hugo Landau |
QUIC CHANNEL: Cleanup poll descriptor management Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/open
QUIC CHANNEL: Cleanup poll descriptor management Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
show more ...
|
#
549d0a70 |
| 09-Aug-2023 |
Hugo Landau |
QUIC CHANNEL: Only handle the first protocol error raised Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/ope
QUIC CHANNEL: Only handle the first protocol error raised Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
show more ...
|
#
777a8a7f |
| 17-Aug-2023 |
Hugo Landau |
QUIC: Minimally handle version negotiation packets Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/op
QUIC: Minimally handle version negotiation packets Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21764)
show more ...
|
#
9d6bd3d3 |
| 22-Aug-2023 |
Hugo Landau |
QUIC APL: Implement backpressure on stream creation Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/o
QUIC APL: Implement backpressure on stream creation Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21811)
show more ...
|
#
aa433014 |
| 17-Aug-2023 |
Matt Caswell |
Keep sending datagrams while we have data to send If we've got more data to send than will fit in a single datagram we should keep generating those datagrams until we've sent it all.
Keep sending datagrams while we have data to send If we've got more data to send than will fit in a single datagram we should keep generating those datagrams until we've sent it all. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21798)
show more ...
|
#
64fd6991 |
| 18-Aug-2023 |
Tomas Mraz |
ossl_quic_tx_packetiser_generate(): Always report if packets were sent Even in case of later failure we need to flush the previous packets. Reviewed-by: Hugo Landau <hlandau@ope
ossl_quic_tx_packetiser_generate(): Always report if packets were sent Even in case of later failure we need to flush the previous packets. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
show more ...
|
#
96014840 |
| 09-Aug-2023 |
Tomas Mraz |
QUIC: Miscellaneous error handling updates Raise errors when appropriate. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged
QUIC: Miscellaneous error handling updates Raise errors when appropriate. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
show more ...
|
#
8fd32a0e |
| 15-Aug-2023 |
Tomas Mraz |
QUIC: Update ping deadline when we receive a packet Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openss
QUIC: Update ping deadline when we receive a packet Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21713)
show more ...
|
#
b6125b54 |
| 10-Aug-2023 |
Tomas Mraz |
QUIC: Do not discard the INITIAL el too early RFC says that successful decryption of HANDSHAKE el packet triggers the discard on server side only. On client we discard INITIAL e
QUIC: Do not discard the INITIAL el too early RFC says that successful decryption of HANDSHAKE el packet triggers the discard on server side only. On client we discard INITIAL el when we successfully send a HANDSHAKE packet. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21713)
show more ...
|
#
cdd91631 |
| 01-Aug-2023 |
Pauli |
quic: process stateless resets Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21649)
|
#
04c7fb53 |
| 07-Aug-2023 |
Matt Caswell |
NewSessionTickets with an early_data extension must have a valid max value The max_early_data value must be 0xffffffff if the extension is present in a NewSessionTicket message in QUIC.
NewSessionTickets with an early_data extension must have a valid max value The max_early_data value must be 0xffffffff if the extension is present in a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
show more ...
|
#
b644a932 |
| 02-Aug-2023 |
Matt Caswell |
Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION An OpenSSL QUIC client does not send the post_handshake_auth extension. Therefore if a server sends a post-han
Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION An OpenSSL QUIC client does not send the post_handshake_auth extension. Therefore if a server sends a post-handsahke CertificateRequest then this would be treated as a TLS protocol violation with an "unexpected message" alert code. However RFC 9001 specifically requires us to treat this as QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message" alert code in this one instance. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
show more ...
|
#
f2609004 |
| 09-Aug-2023 |
Hugo Landau |
Minor fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
|
#
89b0948e |
| 28-Jul-2023 |
Hugo Landau |
QUIC CHANNEL: Tune RXFC default parameters Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pu
QUIC CHANNEL: Tune RXFC default parameters Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
show more ...
|
#
40c8c756 |
| 26-Jul-2023 |
Hugo Landau |
QUIC APL/CHANNEL: Wire up connection closure reason Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/o
QUIC APL/CHANNEL: Wire up connection closure reason Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
show more ...
|
#
ed75eb32 |
| 26-Jul-2023 |
Hugo Landau |
QUIC TEST: Test NEW_CONN_ID frames Fixes https://github.com/openssl/project/issues/86 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
QUIC TEST: Test NEW_CONN_ID frames Fixes https://github.com/openssl/project/issues/86 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
show more ...
|
#
17340e87 |
| 26-Jul-2023 |
Hugo Landau |
QUIC TEST: Ensure PING causes ACK generation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/
QUIC TEST: Ensure PING causes ACK generation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
show more ...
|
#
44cb36d0 |
| 24-Jul-2023 |
Tomas Mraz |
Resolve some of the TODO(QUIC) items For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH designation to indicate these do not need to be resolved in QUIC MVP release.
Resolve some of the TODO(QUIC) items For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH designation to indicate these do not need to be resolved in QUIC MVP release. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21539)
show more ...
|
#
7a2bb210 |
| 03-Aug-2023 |
Hugo Landau |
QUIC TLS: Rethink error handling Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
|