Wireshark-commits: [Wireshark-commits] master-3.2 acf9162: QUIC: add verification of Retry Integrit
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 14 Feb 2020 22:17:33 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=acf9162225939373093c23b2682758f91653a631
Submitter: "Peter Wu <peter@xxxxxxxxxxxxx>"
Changed: branch: master-3.2
Repository: wireshark

Commits:

acf9162 by Peter Wu (peter@xxxxxxxxxxxxx):

    QUIC: add verification of Retry Integrity Tag (draft -25)
    
    This could help diagnosing early implementation errors using
    https://github.com/marten-seemann/quic-interop-runner
    
    Tested with capture files based on sample provided by Marten Seemann:
    1. Valid Retry packet should not add the "quic.bad_retry" field.
    2. Mutated, invalid tag: "Retry Integrity Tag verification failure"
    3. A missing Initial: "Cannot verify Retry Packet due to unknown ODCID"
    
    As side-effect, the connection tracking code can now distinguish between
    a connection where the server sent an empty SCID and a connection where
    the server did not send an Initial.
    
    Bug: 13881
    Change-Id: I972acd680b1becc9fb7b9e002b400886a06bc828
    Reviewed-on: https://code.wireshark.org/review/35978
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    (cherry picked from commit d24fbbc5a0cdfbeb0cb8d45d7e15f3139bbcb647)
    Reviewed-on: https://code.wireshark.org/review/36109
    Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
    

Actions performed:

    from  29995b5   QUIC: ignore invalid short header packet to fix decryption
     add  acf9162   QUIC: add verification of Retry Integrity Tag (draft -25)


Summary of changes:
 epan/dissectors/packet-quic.c | 89 ++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 83 insertions(+), 6 deletions(-)