quic: fixup token verification to handle zero expiration

Signed-off-by: James M Snell <jasnell@gmail.com>
Assisted-by: Opencode:Opus 4.6
PR-URL: #62620
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>

Author: jasnell

src/quic/application.cc

@@ -516,13 +516,6 @@ class DefaultApplication final : public Session::Application {
     if (!session().max_data_left()) return 0;
     if (stream_queue_.IsEmpty()) return 0;
 
-    const auto get_length = [](auto vec, size_t count) {
-      CHECK_NOT_NULL(vec);
-      size_t len = 0;
-      for (size_t n = 0; n < count; n++) len += vec[n].len;
-      return len;
-    };
-
     Stream* stream = stream_queue_.PopFront();
     CHECK_NOT_NULL(stream);
     stream_data->stream.reset(stream);

src/quic/endpoint.cc

@@ -92,7 +92,7 @@ bool is_diagnostic_packet_loss(double probability) {
   return (static_cast<double>(c) / 255) < probability;
 }
 
-template <typename Opt, double Opt::* member>
+template <typename Opt, double Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -113,7 +113,7 @@ bool SetOption(Environment* env,
 }
 #endif  // DEBUG
 
-template <typename Opt, uint8_t Opt::* member>
+template <typename Opt, uint8_t Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -140,7 +140,7 @@ bool SetOption(Environment* env,
   return true;
 }
 
-template <typename Opt, TokenSecret Opt::* member>
+template <typename Opt, TokenSecret Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,

src/quic/session.cc

@@ -208,7 +208,7 @@ void ngtcp2_debug_log(void* user_data, const char* fmt, ...) {
   va_end(ap);
 }
 
-template <typename Opt, PreferredAddress::Policy Opt::* member>
+template <typename Opt, PreferredAddress::Policy Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -223,7 +223,7 @@ bool SetOption(Environment* env,
   return true;
 }
 
-template <typename Opt, TLSContext::Options Opt::* member>
+template <typename Opt, TLSContext::Options Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -238,7 +238,7 @@ bool SetOption(Environment* env,
   return true;
 }
 
-template <typename Opt, TransportParams::Options Opt::* member>
+template <typename Opt, TransportParams::Options Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -253,7 +253,7 @@ bool SetOption(Environment* env,
   return true;
 }
 
-template <typename Opt, ngtcp2_cc_algo Opt::* member>
+template <typename Opt, ngtcp2_cc_algo Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -2480,7 +2480,9 @@ bool Session::HandshakeCompleted() {
 
   // If early data was attempted but rejected by the server,
   // tell ngtcp2 so it can retransmit the data as 1-RTT.
-  if (!is_server() && !tls_session().early_data_was_accepted())
+  // The status of early data will only be rejected if an
+  // attempt was actually made to send early data.
+  if (!is_server() && tls_session().early_data_was_rejected())
     ngtcp2_conn_tls_early_data_rejected(*this);
 
   // When in a server session, handshake completed == handshake confirmed.
@@ -2709,6 +2711,7 @@ void Session::EmitHandshakeComplete() {
       Undefined(isolate),  // Cipher version
       Undefined(isolate),  // Validation error reason
       Undefined(isolate),  // Validation error code
+      Boolean::New(isolate, tls_session().early_data_was_attempted()),
       Boolean::New(isolate, tls_session().early_data_was_accepted())};
 
   auto& tls = tls_session();

src/quic/tlscontext.cc

@@ -91,7 +91,7 @@ void EnableTrace(Environment* env, BIOPointer* bio, SSL* ssl) {
 #endif
 }
 
-template <typename T, typename Opt, std::vector<T> Opt::* member>
+template <typename T, typename Opt, std::vector<T> Opt::*member>
 bool SetOption(Environment* env,
                Opt* options,
                const Local<Object>& object,
@@ -270,6 +270,14 @@ bool OSSLContext::get_early_data_accepted() const {
   return SSL_get_early_data_status(*this) == SSL_EARLY_DATA_ACCEPTED;
 }
 
+bool OSSLContext::get_early_data_rejected() const {
+  return SSL_get_early_data_status(*this) == SSL_EARLY_DATA_REJECTED;
+}
+
+bool OSSLContext::get_early_data_attempted() const {
+  return SSL_get_early_data_status(*this) != SSL_EARLY_DATA_NOT_SENT;
+}
+
 bool OSSLContext::set_session_ticket(const ncrypto::SSLSessionPointer& ticket) {
   if (!ticket) return false;
   if (SSL_set_session(*this, ticket.get()) != 1) return false;
@@ -767,6 +775,16 @@ bool TLSSession::early_data_was_accepted() const {
   return ossl_context_.get_early_data_accepted();
 }
 
+bool TLSSession::early_data_was_rejected() const {
+  CHECK_NE(ngtcp2_conn_get_handshake_completed(*session_), 0);
+  return ossl_context_.get_early_data_rejected();
+}
+
+bool TLSSession::early_data_was_attempted() const {
+  CHECK_NE(ngtcp2_conn_get_handshake_completed(*session_), 0);
+  return ossl_context_.get_early_data_attempted();
+}
+
 void TLSSession::Initialize(
     const std::optional<SessionTicket>& maybeSessionTicket) {
   auto& ctx = context();

src/quic/tlscontext.h

@@ -55,6 +55,8 @@ class OSSLContext final {
   bool set_transport_params(const ngtcp2_vec& tp) const;
 
   bool get_early_data_accepted() const;
+  bool get_early_data_rejected() const;
+  bool get_early_data_attempted() const;
 
   // Sets the session ticket for 0-RTT resumption. Returns true if the
   // ticket was set successfully and the ticket supports early data.
@@ -106,6 +108,8 @@ class TLSSession final : public MemoryRetainer {
   // accepted by the TLS session. This will assert if the handshake has
   // not been completed.
   bool early_data_was_accepted() const;
+  bool early_data_was_rejected() const;
+  bool early_data_was_attempted() const;
 
   v8::MaybeLocal<v8::Object> cert(Environment* env) const;
   v8::MaybeLocal<v8::Object> peer_cert(Environment* env) const;

src/quic/tokens.cc

@@ -200,7 +200,9 @@ std::optional<CID> RetryToken::Validate(uint32_t version,
                                         const CID& dcid,
                                         const TokenSecret& token_secret,
                                         uint64_t verification_expiration) {
-  if (ptr_.base == nullptr || ptr_.len == 0) return std::nullopt;
+  if (ptr_.base == nullptr || ptr_.len == 0 || verification_expiration == 0) {
+    return std::nullopt;
+  }
   ngtcp2_cid ocid;
   int ret = ngtcp2_crypto_verify_retry_token(
       &ocid,
@@ -266,7 +268,9 @@ bool RegularToken::Validate(uint32_t version,
                             const SocketAddress& addr,
                             const TokenSecret& token_secret,
                             uint64_t verification_expiration) {
-  if (ptr_.base == nullptr || ptr_.len == 0) return false;
+  if (ptr_.base == nullptr || ptr_.len == 0 || verification_expiration == 0) {
+    return false;
+  }
   return ngtcp2_crypto_verify_regular_token(
              ptr_.base,
              ptr_.len,

test/parallel/test-quic-alpn-h3.mjs

@@ -0,0 +1,44 @@
+// Flags: --experimental-quic --no-warnings
+
+import { hasQuic, skip, mustCall } from '../common/index.mjs';
+import assert from 'node:assert';
+import * as fixtures from '../common/fixtures.mjs';
+
+if (!hasQuic) {
+  skip('QUIC is not enabled');
+}
+
+const { listen, connect } = await import('node:quic');
+const { createPrivateKey } = await import('node:crypto');
+
+const key = createPrivateKey(fixtures.readKey('agent1-key.pem'));
+const cert = fixtures.readKey('agent1-cert.pem');
+
+// Test h3 ALPN negotiation with Http3ApplicationImpl.
+// Both server and client use the default ALPN (h3).
+
+const serverOpened = Promise.withResolvers();
+const clientOpened = Promise.withResolvers();
+
+const serverEndpoint = await listen(mustCall((serverSession) => {
+  serverSession.opened.then(mustCall((info) => {
+    assert.strictEqual(info.protocol, 'h3');
+    serverOpened.resolve();
+    serverSession.close();
+  }));
+}), {
+  sni: { '*': { keys: [key], certs: [cert] } },
+});
+
+assert.ok(serverEndpoint.address !== undefined);
+
+const clientSession = await connect(serverEndpoint.address, {
+  servername: 'localhost',
+});
+clientSession.opened.then(mustCall((info) => {
+  assert.strictEqual(info.protocol, 'h3');
+  clientOpened.resolve();
+}));
+
+await Promise.all([serverOpened.promise, clientOpened.promise]);
+clientSession.close();