Wireshark-commits: [Wireshark-commits] master-3.2 acf9162: QUIC: add verification of Retry Integrit
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=acf9162225939373093c23b2682758f91653a631
Submitter: "Peter Wu <peter@xxxxxxxxxxxxx>"
Changed: branch: master-3.2
Repository: wireshark
Commits:
acf9162 by Peter Wu (peter@xxxxxxxxxxxxx):
QUIC: add verification of Retry Integrity Tag (draft -25)
This could help diagnosing early implementation errors using
https://github.com/marten-seemann/quic-interop-runner
Tested with capture files based on sample provided by Marten Seemann:
1. Valid Retry packet should not add the "quic.bad_retry" field.
2. Mutated, invalid tag: "Retry Integrity Tag verification failure"
3. A missing Initial: "Cannot verify Retry Packet due to unknown ODCID"
As side-effect, the connection tracking code can now distinguish between
a connection where the server sent an empty SCID and a connection where
the server did not send an Initial.
Bug: 13881
Change-Id: I972acd680b1becc9fb7b9e002b400886a06bc828
Reviewed-on: https://code.wireshark.org/review/35978
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
(cherry picked from commit d24fbbc5a0cdfbeb0cb8d45d7e15f3139bbcb647)
Reviewed-on: https://code.wireshark.org/review/36109
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from 29995b5 QUIC: ignore invalid short header packet to fix decryption
add acf9162 QUIC: add verification of Retry Integrity Tag (draft -25)
Summary of changes:
epan/dissectors/packet-quic.c | 89 ++++++++++++++++++++++++++++++++++++++++---
1 file changed, 83 insertions(+), 6 deletions(-)