set a net.Conn with the correct addresses on the tls.ClientHelloInfo (#4001)

2023-07-31 16:32:10 -04:00
parent 44a58dc425
commit f3a0ce1599
7 changed files with 69 additions and 0 deletions
--- a/internal/handshake/conn.go
+++ b/internal/handshake/conn.go
@@ -0,0 +1,21 @@
+package handshake
+
+import (
+	"net"
+	"time"
+)
+
+type conn struct {
+	localAddr, remoteAddr net.Addr
+}
+
+var _ net.Conn = &conn{}
+
+func (c *conn) Read([]byte) (int, error)         { return 0, nil }
+func (c *conn) Write([]byte) (int, error)        { return 0, nil }
+func (c *conn) Close() error                     { return nil }
+func (c *conn) RemoteAddr() net.Addr             { return c.remoteAddr }
+func (c *conn) LocalAddr() net.Addr              { return c.localAddr }
+func (c *conn) SetReadDeadline(time.Time) error  { return nil }
+func (c *conn) SetWriteDeadline(time.Time) error { return nil }
+func (c *conn) SetDeadline(time.Time) error      { return nil }
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@@ -6,6 +6,7 @@ import (
 	"crypto/tls"
 	"errors"
 	"fmt"
+	"net"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -104,6 +105,7 @@ func NewCryptoSetupClient(
 // NewCryptoSetupServer creates a new crypto setup for the server
 func NewCryptoSetupServer(
 	connID protocol.ConnectionID,
+	localAddr, remoteAddr net.Addr,
 	tp *wire.TransportParameters,
 	tlsConf *tls.Config,
 	allow0RTT bool,
@@ -125,6 +127,13 @@ func NewCryptoSetupServer(

 	quicConf := &qtls.QUICConfig{TLSConfig: tlsConf}
 	qtls.SetupConfigForServer(quicConf, cs.allow0RTT, cs.getDataForSessionTicket, cs.accept0RTT)
+	if quicConf.TLSConfig.GetConfigForClient != nil {
+		gcfc := quicConf.TLSConfig.GetConfigForClient
+		quicConf.TLSConfig.GetConfigForClient = func(info *tls.ClientHelloInfo) (*tls.Config, error) {
+			info.Conn = &conn{localAddr: localAddr, remoteAddr: remoteAddr}
+			return gcfc(info)
+		}
+	}

 	cs.tlsConf = quicConf.TLSConfig
 	cs.conn = qtls.QUICServer(quicConf)
--- a/internal/handshake/crypto_setup_test.go
+++ b/internal/handshake/crypto_setup_test.go
@@ -7,6 +7,7 @@ import (
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"math/big"
+	"net"
 	"time"

 	mocktls "github.com/quic-go/quic-go/internal/mocks/tls"
@@ -65,6 +66,8 @@ var _ = Describe("Crypto Setup TLS", func() {
 		var token protocol.StatelessResetToken
 		server := NewCryptoSetupServer(
 			protocol.ConnectionID{},
+			&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
+			&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
 			&wire.TransportParameters{StatelessResetToken: &token},
 			testdata.GetTLSConfig(),
 			false,
@@ -204,6 +207,8 @@ var _ = Describe("Crypto Setup TLS", func() {
 			}
 			server := NewCryptoSetupServer(
 				protocol.ConnectionID{},
+				&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
+				&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
 				serverTransportParameters,
 				serverConf,
 				enable0RTT,
@@ -273,6 +278,8 @@ var _ = Describe("Crypto Setup TLS", func() {
 			}
 			server := NewCryptoSetupServer(
 				protocol.ConnectionID{},
+				&net.UDPAddr{IP: net.IPv6loopback, Port: 1234},
+				&net.UDPAddr{IP: net.IPv6loopback, Port: 4321},
 				sTransportParameters,
 				serverConf,
 				false,