Skip to content

crypto/tls: server doesn't check for empty legacy_session_id when doing QUIC session resumption #63936

New issue
New issue
Open
Open
crypto/tls: server doesn't check for empty legacy_session_id when doing QUIC session resumption#63936
Labels
NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unplanned
@marten-seemann

Description

@marten-seemann
marten-seemann
opened on Nov 3, 2023

What version of Go are you using (go version)?

$ go version
go version go1.21.0 darwin/arm64

Does this issue reproduce with the latest release?

Yes

What did you do?

I sent a ClientHello containing a legacy_session_id when resuming a QUIC session. This is not permitted, see section 8.4 of RFC 9001.

What did you expect to see?

The server should have rejected the handshake. RFC 9001 section 8.4 says that the server SHOULD treat the receipt of a TLS ClientHello with a non-empty legacy_session_id field as a connection error of type PROTOCOL_VIOLATION.

What did you see instead?

The handshake succeeded.

Metadata

Metadata

Assignees

No one assigned

    Labels

    NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions