Have CreateReplies() check for server mismatch

The same certificate is used for all requests, so we expect each client to indicate the same server.
cloudflare · Aug 8, 2024 · ed03988 · ed03988
1 parent 55f25e9
commit ed03988
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 1 deletion.
diff --git a/protocol/protocol.go b/protocol/protocol.go
@@ -25,6 +25,7 @@ import (
 	"crypto/sha512"
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"io"
 	"math"
 	"sort"
@@ -557,11 +558,18 @@ func ParseRequest(bytes []byte) (req *Request, err error) {
 // signature and includes cert in each.
 //
 // The same version is indicated in each reply. It's the callers responsibility
-// to ensure that each client supports this version.
+// to ensure that each client supports this version. Likewise, the server
+// indicated by each request, if any, must match the certificate.
 func CreateReplies(ver Version, requests []Request, midpoint time.Time, radius time.Duration, cert *Certificate) ([][]byte, error) {
 	versionIETF := ver != VersionGoogle
 	nonceSize := nonceSize(versionIETF)
 
+	for i := range requests {
+		if len(requests[i].srv) > 0 && !bytes.Equal(requests[i].srv, cert.srv) {
+			return nil, fmt.Errorf("request %d indicates the wrong server", i)
+		}
+	}
+
 	if len(requests) == 0 {
 		return nil, nil
 	}

diff --git a/protocol/protocol_test.go b/protocol/protocol_test.go
@@ -545,5 +545,25 @@ func TestSelectCertificateForRequest(t *testing.T) {
 			}
 		})
 	}
+}
+
+func TestCreateReplyForIncorrectCertificate(t *testing.T) {
+	_, unknownRootPublicKey := createServerIdentity(t)
+	cert, _ := createServerIdentity(t)
+
+	_, _, reqBytes, err := CreateRequest(nil, rand.Reader, nil, unknownRootPublicKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	req, err := ParseRequest(reqBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = CreateReplies(VersionDraft11, []Request{*req}, time.Now(), 0, cert)
+	if err == nil {
+		t.Error("expected failure")
+	}
 
 }