unless the client offered ECH, reject EE.ECH

commit: 697e7b47addc6719be7d40887158b67e5e7c4418 [log] [tgz]
author: Kazuho Oku <kazuhooku@gmail.com> Fri Nov 25 12:28:22 2022 +0900
committer: Kazuho Oku <kazuhooku@gmail.com> Fri Nov 25 12:28:22 2022 +0900
tree: dc19e7123ee80a5ba0560b114f5a22f5a4367bb3
parent: 3f07e640a79f36ce453a8837253c675d2e748a80 [diff]
diff --git a/lib/picotls.c b/lib/picotls.c
index 9dc360d..4e6294c 100644
--- a/lib/picotls.c
+++ b/lib/picotls.c

@@ -2803,10 +2803,12 @@
                 ret = PTLS_ALERT_DECODE_ERROR;
                 goto Exit;
             }
-            if (ptls_is_ech_handshake(tls)) {
+            /* accept retry_configs only if we offered ECH but rejected */
+            if (tls->client.first_ech.base == NULL || ptls_is_ech_handshake(tls)) {
                 ret = PTLS_ALERT_UNSUPPORTED_EXTENSION;
                 goto Exit;
             }
+            /* parse retry_config, and if it is applicable, provide that to the application */
             if ((ret = decode_ech_config_list(tls->ctx, &decoded, ptls_iovec_init(src, end - src))) != 0)
                 goto Exit;
             if (decoded.kem != NULL && decoded.cipher != NULL && properties != NULL &&
commit	697e7b47addc6719be7d40887158b67e5e7c4418	[log] [tgz]
author	Kazuho Oku <kazuhooku@gmail.com>	Fri Nov 25 12:28:22 2022 +0900
committer	Kazuho Oku <kazuhooku@gmail.com>	Fri Nov 25 12:28:22 2022 +0900
tree	dc19e7123ee80a5ba0560b114f5a22f5a4367bb3
parent	3f07e640a79f36ce453a8837253c675d2e748a80 [diff]