Ryan Day
Ryan Day
### Problem: Once v2 has reached parity with the current integ framework, we should deprecate and remove from the pipeline. ### Solution: Slowly move integv2 into production - [x] Create...
## **Problem:** We convert from the protocol version from wire format (uint16_t) to our internal format in several places. We should have testable helper functions doing this for us. ##...
## **Problem:** When you initialize a stuffer with an existing blob, the typical pattern is to write ``` struct s2n_blob blob; struct s2n_stuffer stuffer; GUARD(s2n_stuffer_init(&stuffer, &blob)); GUARD(s2n_stuffer_write(&stuffer, &blob)); ``` This...
## **Problem:** S2N exposes a ClientHello callback which allows customers to make decisions on ClientHello message information. If a HelloRetryRequest is required, this callback is only called for ClientHello1, and...
## **Problem:** Using S2N_DONT_MLOCK causes memory leaks in some tests. ``` $ valgrind --leak-check=full --run-libc-freeres=no -q --error-exitcode=9 --gen-suppressions=all --log-fd=2 --num-callers=40 --leak-resolution=high --undef-value-errors=no --trace-children=yes --suppressions=../s2n/tests/unit/valgrind.suppressions bin/s2n_session_ticket_test Running /home/ubuntu/development/s2n/tests/unit/s2n_session_ticket_test.c ... PASSED 398...
//= https://tools.ietf.org/id/draft-ietf-quic-transport-32.txt#8.1.2 //# This token MUST be repeated by the client in all //# Initial packets it sends for that connection after it receives the //# Retry packet.
From [Address Validation using Retry Packets](https://www.rfc-editor.org/rfc/rfc9000.html#name-address-validation-using-re) in [RFC9000](https://www.rfc-editor.org/rfc/rfc9000.html#name-address-validation-using-re): > Instead, the > server SHOULD immediately close (Section 10.2) the connection with an > INVALID_TOKEN error. The token validator used to...
From [Address Validation for Future Connections](https://tools.ietf.org/id/draft-ietf-quic-transport-32.txt#8.1.3) in [draft-ietf-quic-transport-32](https://tools.ietf.org/id/draft-ietf-quic-transport-32.txt): > A server MAY provide clients with an address validation token during > one connection that can be used on a subsequent...
This can be validated on the server as well as enforced in the client. //= https://tools.ietf.org/id/draft-ietf-quic-transport-32.txt#8.1.3 //# The client //# MUST include the token in all Initial packets it sends,...
//= https://tools.ietf.org/id/draft-ietf-quic-transport-32.txt#8.1.3 //= type=TODO //# A server MUST ensure that every NEW_TOKEN frame it sends //# is unique across all clients, with the exception of those sent to //# repair...