Closed kazuho closed 6 months ago
When hosting multiple IP addresses using one session ticket encryption key, a session ticket obtained from a connection connecting to IP address X can be used for establishing a connection to IP address Y, using resumption.
As stated in https://github.com/h2o/h2o/security/advisories/GHSA-5v5r-rghf-rm6q, this behavior can be used by attackers to confuse clients.
This pull request adds a blob field to ptls_context_t that can be used to prevent cross-address resumption.
ptls_context_t
When hosting multiple IP addresses using one session ticket encryption key, a session ticket obtained from a connection connecting to IP address X can be used for establishing a connection to IP address Y, using resumption.
As stated in https://github.com/h2o/h2o/security/advisories/GHSA-5v5r-rghf-rm6q, this behavior can be used by attackers to confuse clients.
This pull request adds a blob field to
ptls_context_t
that can be used to prevent cross-address resumption.