Correctly Send & Validate Retry Source CID (#486)

src/core/connection.c

@@ -2044,7 +2044,8 @@ QuicConnHandshakeConfigure(
             QUIC_FREE(Connection->OrigDestCID);
             Connection->OrigDestCID = NULL;
 
-            if (Connection->Stats.QuicVersion != QUIC_VERSION_DRAFT_27) {
+            if (Connection->State.HandshakeUsedRetryPacket &&
+                Connection->Stats.QuicVersion != QUIC_VERSION_DRAFT_27) {
                 QUIC_DBG_ASSERT(SourceCid->Link.Next != NULL);
                 const QUIC_CID_HASH_ENTRY* PrevSourceCid =
                     QUIC_CONTAINING_RECORD(
@@ -2222,7 +2223,7 @@ QuicConnValidateTransportParameterDraft27CIDs(
     _In_ QUIC_CONNECTION* Connection
     )
 {
-    if (Connection->State.ReceivedRetryPacket) {
+    if (Connection->State.HandshakeUsedRetryPacket) {
         QUIC_DBG_ASSERT(!QuicConnIsServer(Connection));
         QUIC_DBG_ASSERT(Connection->OrigDestCID != NULL);
         //
@@ -2329,7 +2330,7 @@ QuicConnValidateTransportParameterCIDs(
         }
         QUIC_FREE(Connection->OrigDestCID);
         Connection->OrigDestCID = NULL;
-        if (Connection->State.ReceivedRetryPacket) {
+        if (Connection->State.HandshakeUsedRetryPacket) {
             if (!(Connection->PeerTransportParams.Flags & QUIC_TP_FLAG_RETRY_SOURCE_CONNECTION_ID)) {
                 QuicTraceEvent(
                     ConnError,
@@ -2340,15 +2341,13 @@ QuicConnValidateTransportParameterCIDs(
             }
             // TODO - Validate
         } else {
-            if (Connection->State.ReceivedRetryPacket) {
-                if (Connection->PeerTransportParams.Flags & QUIC_TP_FLAG_RETRY_SOURCE_CONNECTION_ID) {
-                    QuicTraceEvent(
-                        ConnError,
-                        "[conn][%p] ERROR, %s.",
-                        Connection,
-                        "Server incorrectly provided the retry source CID in TP");
-                    return FALSE;
-                }
+            if (Connection->PeerTransportParams.Flags & QUIC_TP_FLAG_RETRY_SOURCE_CONNECTION_ID) {
+                QuicTraceEvent(
+                    ConnError,
+                    "[conn][%p] ERROR, %s.",
+                    Connection,
+                    "Server incorrectly provided the retry source CID in TP");
+                return FALSE;
             }
         }
     }
@@ -2820,7 +2819,7 @@ QuicConnRecvRetry(
     }
 
     Connection->State.GotFirstServerResponse = TRUE;
-    Connection->State.ReceivedRetryPacket = TRUE;
+    Connection->State.HandshakeUsedRetryPacket = TRUE;
 
     //
     // Update the Initial packet's key based on the new CID.
@@ -3054,6 +3053,7 @@ QuicConnRecvHeader(
                 Connection->OrigDestCID->Data,
                 Token.Encrypted.OrigConnId,
                 Token.Encrypted.OrigConnIdLength);
+            Connection->State.HandshakeUsedRetryPacket = TRUE;
 
             QuicPathSetValid(Connection, Path, QUIC_PATH_VALID_INITIAL_TOKEN);
 

src/core/connection.h

@@ -65,10 +65,9 @@ typedef union QUIC_CONNECTION_STATE {
         BOOLEAN GotFirstServerResponse : 1;
 
         //
-        // This flag indicates the client received a Retry packet during the
-        // handshake.
+        // This flag indicates the Retry packet was used during the handshake.
         //
-        BOOLEAN ReceivedRetryPacket : 1;
+        BOOLEAN HandshakeUsedRetryPacket : 1;
 
         //
         // We have confirmed that the peer has completed the handshake.

src/tools/dbg/quictypes.h

@@ -111,10 +111,9 @@ typedef union QUIC_CONNECTION_STATE {
         BOOLEAN GotFirstServerResponse : 1;
 
         //
-        // This flag indicates the client received a Retry packet during the
-        // handshake.
+        // This flag indicates the Retry packet was used during the handshake.
         //
-        BOOLEAN ReceivedRetryPacket : 1;
+        BOOLEAN HandshakeUsedRetryPacket : 1;
 
         //
         // We have confirmed that the peer has completed the handshake.