Commit f20bc39f authored by Marten Seemann's avatar Marten Seemann Committed by Gopher Robot
Browse files

crypto/tls: check client's supported versions when using QUIC

According to RFC 9001 Section 4.2, the client MUST NOT offer any TLS version
older than 1.3.

Fixes #63723.

Change-Id: Ia92f98274ca784e2bc151faf236380af51f699c1
Reviewed-on: https://go-review.googlesource.com/c/go/+/537576


Reviewed-by: default avatarFilippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: default avatarRoland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: default avatarDamien Neil <dneil@google.com>
parent 2dbfad5c
Loading
Loading
Loading
Loading
+8 −1
Original line number Diff line number Diff line
@@ -240,8 +240,15 @@ GroupSelection:
	c.clientProtocol = selectedProto

	if c.quic != nil {
		if hs.clientHello.quicTransportParameters == nil {
		// RFC 9001 Section 4.2: Clients MUST NOT offer TLS versions older than 1.3.
		for _, v := range hs.clientHello.supportedVersions {
			if v < VersionTLS13 {
				c.sendAlert(alertProtocolVersion)
				return errors.New("tls: client offered TLS version older than TLS 1.3")
			}
		}
		// RFC 9001 Section 8.2.
		if hs.clientHello.quicTransportParameters == nil {
			c.sendAlert(alertMissingExtension)
			return errors.New("tls: client did not send a quic_transport_parameters extension")
		}