mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 09:20:50 +02:00
154f2e2ea4
QUIC performs key updates at the packet-protection layer via the Key Phase bit, so RFC 9001 section 6 requires a QUIC endpoint to reject any received TLS KeyUpdate handshake message as a fatal unexpected_message connection error and to never send one. The TLS 1.3 receive path processed the message normally, rotating traffic secrets and possibly emitting a prohibited KeyUpdate response, and the send path allowed a QUIC connection to originate a KeyUpdate. Guard the key_update case in SanityCheckTls13MsgReceived so a QUIC connection aborts with a fatal unexpected_message alert, and guard Tls13UpdateKeys so a QUIC connection cannot send a KeyUpdate. Add a QUIC unit test that feeds a post-handshake KeyUpdate and confirms the connection is refused.
Before creating any new configure files (.conf) read the CONF_FILES_README.md