From d200bb4472b34cf1bf629c1bd393100904f19890 Mon Sep 17 00:00:00 2001
From: Dirkjan Ochtman <dirkjan@ochtman.nl>
Date: Thu, 7 Dec 2023 13:10:29 +0100
Subject: [PATCH] proto: yield transport error for Initial packets with no
 CRYPTO

---
 quinn-proto/src/connection/mod.rs | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/quinn-proto/src/connection/mod.rs b/quinn-proto/src/connection/mod.rs
index 8a115b834..e819af44e 100644
--- a/quinn-proto/src/connection/mod.rs
+++ b/quinn-proto/src/connection/mod.rs
@@ -1812,10 +1812,26 @@ impl Connection {
             false,
             false,
         );
+
         self.process_decrypted_packet(now, remote, Some(packet_number), packet)?;
         if let Some(data) = remaining {
             self.handle_coalesced(now, remote, ecn, data);
         }
+
+        if self.highest_space == SpaceId::Initial && self.state.is_handshake() {
+            // "The first packet sent by a client always includes a CRYPTO frame that contains the
+            // start or all of the first cryptographic handshake message. The first CRYPTO frame
+            // sent always begins at an offset of 0; see Section 7."
+            // https://www.rfc-editor.org/rfc/rfc9000.html#section-17.2.2
+            let space = &self.spaces[SpaceId::Initial];
+            if space.crypto_stream.bytes_read() == 0 {
+                return Err(TransportError::PROTOCOL_VIOLATION(
+                    "received initial packet without CRYPTO frames",
+                )
+                .into());
+            }
+        }
+
         Ok(())
     }