forked from quic-go/quic-go
Merge pull request #1361 from lucas-clemente/dont-trust-unauthenticated-packets
don't save anything about a packet before authenticating it
This commit is contained in:
Marten Seemann
@@ -603,9 +603,6 @@ func (s *session) handlePacketImpl(p *receivedPacket) error {
|
|||||||
p.rcvTime = time.Now()
|
p.rcvTime = time.Now()
|
||||||
}
|
}
|
||||||
|
|
||||||
s.receivedFirstPacket = true
|
|
||||||
s.lastNetworkActivityTime = p.rcvTime
|
|
||||||
s.keepAlivePingSent = false
|
|
||||||
hdr := p.header
|
hdr := p.header
|
||||||
data := p.data
|
data := p.data
|
||||||
|
|
||||||
@@ -630,6 +627,10 @@ func (s *session) handlePacketImpl(p *receivedPacket) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
s.receivedFirstPacket = true
|
||||||
|
s.lastNetworkActivityTime = p.rcvTime
|
||||||
|
s.keepAlivePingSent = false
|
||||||
|
|
||||||
// In TLS 1.3, the client considers the handshake complete as soon as
|
// In TLS 1.3, the client considers the handshake complete as soon as
|
||||||
// it received the server's Finished message and sent its Finished.
|
// it received the server's Finished message and sent its Finished.
|
||||||
// We have to wait for the first forward-secure packet from the server before
|
// We have to wait for the first forward-secure packet from the server before
|
||||||
|
|||||||
Reference in New Issue
Block a user