gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

detect version downgrade attacks in the client crypto setup

Browse Source
This commit is contained in:
Marten Seemann
2017-01-04 16:42:13 +07:00
parent b52204322f
commit db09de621c
6 changed files with 102 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
client.go
View File

@@ -74,7 +74,7 @@ func NewClient(host string, cryptoChangeCallback CryptoChangeCallback, versionNe
utils.Infof("Starting new connection to %s (%s), connectionID %x, version %d", host, udpAddr.String(), connectionID, client.version)
err = client.createNewSession()
err = client.createNewSession(nil)
if err != nil {
return nil, err
}
@@ -170,7 +170,7 @@ func (c *Client) handlePacket(packet []byte) error {
c.versionNegotiated = true
c.session.Close(errCloseSessionForNewVersion)
err = c.createNewSession()
err = c.createNewSession(hdr.SupportedVersions)
if err != nil {
return err
}
@@ -191,9 +191,9 @@ func (c *Client) handlePacket(packet []byte) error {
return nil
}
func (c *Client) createNewSession() error {
func (c *Client) createNewSession(negotiatedVersions []protocol.VersionNumber) error {
var err error
c.session, err = newClientSession(c.conn, c.addr, c.hostname, c.version, c.connectionID, c.streamCallback, c.closeCallback, c.cryptoChangeCallback)
c.session, err = newClientSession(c.conn, c.addr, c.hostname, c.version, c.connectionID, c.streamCallback, c.closeCallback, c.cryptoChangeCallback, negotiatedVersions)
if err != nil {
return err
}