Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Always Ignore Invalid Tokens #4412

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Always Ignore Invalid Tokens #4412

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9bf6e99
Always Ignore Invalid Tokens
nibanks Jul 24, 2024
515f380
Fix QuicConnRecvHeader function to properly validate initial tokens
nibanks Jul 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 4 additions & 13 deletions src/core/binding.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1208,8 +1208,7 @@ QuicBindingShouldRetryConnection(
_In_ QUIC_RX_PACKET* Packet,
_In_ uint16_t TokenLength,
_In_reads_(TokenLength)
const uint8_t* Token,
_Inout_ BOOLEAN* DropPacket
const uint8_t* Token
)
{
//
Expand All @@ -1226,14 +1225,10 @@ QuicBindingShouldRetryConnection(
// to validate retry tokens is fatal. Failure to validate NEW_TOKEN
// tokens is not.
//
if (QuicPacketValidateInitialToken(
Binding, Packet, TokenLength, Token, DropPacket)) {
if (QuicPacketValidateInitialToken(Binding, Packet, TokenLength, Token)) {
Packet->ValidToken = TRUE;
return FALSE;
}
if (*DropPacket) {
return FALSE;
}
}

uint64_t CurrentMemoryLimit =
Expand Down Expand Up @@ -1558,17 +1553,13 @@ QuicBindingDeliverPackets(

CXPLAT_DBG_ASSERT(Binding->ServerOwned);

BOOLEAN DropPacket = FALSE;
if (QuicBindingShouldRetryConnection(
Binding, Packets, TokenLength, Token, &DropPacket)) {
if (QuicBindingShouldRetryConnection(Binding, Packets, TokenLength, Token)) {
return
QuicBindingQueueStatelessOperation(
Binding, QUIC_OPER_TYPE_RETRY, Packets);
}

if (!DropPacket) {
Connection = QuicBindingCreateConnection(Binding, Packets);
}
Connection = QuicBindingCreateConnection(Binding, Packets);
}

if (Connection == NULL) {
Expand Down
11 changes: 4 additions & 7 deletions src/core/connection.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3824,25 +3824,22 @@
QUIC_PATH* Path = &Connection->Paths[0];
if (!Path->IsPeerValidated && (Packet->ValidToken || TokenLength != 0)) {

BOOLEAN InvalidRetryToken = FALSE;
if (Packet->ValidToken) {
CXPLAT_DBG_ASSERT(TokenBuffer == NULL);
CXPLAT_DBG_ASSERT(TokenLength == 0);
QuicPacketDecodeRetryTokenV1(Packet, &TokenBuffer, &TokenLength);
} else {
CXPLAT_DBG_ASSERT(TokenBuffer != NULL);
if (!QuicPacketValidateInitialToken(
if (QuicPacketValidateInitialToken(
Connection,
Packet,
TokenLength,
TokenBuffer,
&InvalidRetryToken) &&
InvalidRetryToken) {
return FALSE;
TokenBuffer)) {
Packet->ValidToken = TRUE;

Check warning on line 3838 in src/core/connection.c

View check run for this annotation

Codecov / codecov/patch

src/core/connection.c#L3838 

Added line #L3838 was not covered by tests
}
}

if (!InvalidRetryToken) {
if (Packet->ValidToken) {
CXPLAT_DBG_ASSERT(TokenBuffer != NULL);
CXPLAT_DBG_ASSERT(TokenLength == sizeof(QUIC_TOKEN_CONTENTS));

Expand Down
8 changes: 1 addition & 7 deletions src/core/packet.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -521,39 +521,33 @@ QuicPacketValidateInitialToken(
_In_ const QUIC_RX_PACKET* const Packet,
_In_range_(>, 0) uint16_t TokenLength,
_In_reads_(TokenLength)
const uint8_t* TokenBuffer,
_Inout_ BOOLEAN* DropPacket
const uint8_t* TokenBuffer
)
{
const BOOLEAN IsNewToken = TokenBuffer[0] & 0x1;
if (IsNewToken) {
QuicPacketLogDrop(Owner, Packet, "New Token not supported");
*DropPacket = TRUE;
return FALSE; // TODO - Support NEW_TOKEN tokens.
}

if (TokenLength != sizeof(QUIC_TOKEN_CONTENTS)) {
QuicPacketLogDrop(Owner, Packet, "Invalid Token Length");
*DropPacket = TRUE;
return FALSE;
}

QUIC_TOKEN_CONTENTS Token;
if (!QuicRetryTokenDecrypt(Packet, TokenBuffer, &Token)) {
QuicPacketLogDrop(Owner, Packet, "Retry Token Decryption Failure");
*DropPacket = TRUE;
return FALSE;
}

if (Token.Encrypted.OrigConnIdLength > sizeof(Token.Encrypted.OrigConnId)) {
QuicPacketLogDrop(Owner, Packet, "Invalid Retry Token OrigConnId Length");
*DropPacket = TRUE;
return FALSE;
}

if (!QuicAddrCompare(&Token.Encrypted.RemoteAddress, &Packet->Route->RemoteAddress)) {
QuicPacketLogDrop(Owner, Packet, "Retry Token Addr Mismatch");
*DropPacket = TRUE;
return FALSE;
}

Expand Down
3 changes: 1 addition & 2 deletions src/core/packet.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -314,8 +314,7 @@ QuicPacketValidateInitialToken(
_In_ const QUIC_RX_PACKET* const Packet,
_In_range_(>, 0) uint16_t TokenLength,
_In_reads_(TokenLength)
const uint8_t* TokenBuffer,
_Inout_ BOOLEAN* DropPacket
const uint8_t* TokenBuffer
);

_IRQL_requires_max_(DISPATCH_LEVEL)
Expand Down
Loading