Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore Version Negotiation if it was already done #284

Closed
martinthomson opened this issue Feb 10, 2017 · 3 comments
Closed

Ignore Version Negotiation if it was already done #284

martinthomson opened this issue Feb 10, 2017 · 3 comments
Labels
-transport design An issue that affects the design of the protocol; resolution requires consensus. has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list.
Milestone
First Implementat...

Comments

@martinthomson
Copy link
Member

The text currently says:

Once a client receives a packet from the server with the VERSION flag unset, it MUST ignore the flag in subsequently received packets.

I don't know how to interpret this. What should a client do if it receives a packet with the VERSION flag set after completing version negotiation? Maybe should should mandate ignoring the packet not just the flag.
@marten-seemann
Copy link
Contributor

Ignoring the packet is the correct behavior, and is what current implementations do.
Otherwise it would be easy for an attacker to interfere with a connection, since version negotiation packets are not authenticated.

@RyanTheOptimist
Copy link
Contributor

That text is definitely unclear. What it's trying to say, is that after the client and server have negotiated a version, the client needs to ignore any version negotiation packets its receives. This is because 0-RTT packets sent with the old version may have elicited version negotiation packets which may end up delivered out of order.

@martinthomson
Copy link
Member Author

It probably needs to go further and recommend that the client not change its mind more than once. That is, if it receives a version negotiation packet that would cause it to select a third version, that's reason enough to ignore the packet.

@mnot mnot added the design An issue that affects the design of the protocol; resolution requires consensus. label Feb 15, 2017
martinthomson added a commit that referenced this issue Apr 27, 2017
@martinthomson
Various version negotiation fixes
6117221 
1. Version negotiation is stateless (this was implied but not made explicit)

2. Client ignores version negotiation packets if it has already done version
   negotiation.

3. Client ignores version negotaition packets if they list the version it is
   using.

Closes #284, #294, #241.
@martinthomson martinthomson mentioned this issue Apr 27, 2017
Merged
@martinthomson martinthomson changed the title Ignoring VERSION Ignore Version Negotiation if it was already done Apr 28, 2017
@mnot mnot added the has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list. label Sep 26, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
-transport design An issue that affects the design of the protocol; resolution requires consensus. has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list.
Projects
None yet
Milestone
First Implementation Draft Candidate
Development

No branches or pull requests
4 participants
@martinthomson @mnot @marten-seemann @RyanTheOptimist