Fix uint32 issue with initial PN

private-octopus · Mar 26, 2024 · b661fa9 · b661fa9
1 parent 4b49e9a
commit b661fa9
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/picoquic/packet.c b/picoquic/packet.c
@@ -131,7 +131,7 @@ int picoquic_screen_initial_packet(
                 * is not decrypted yet.
                  */
                 if (picoquic_verify_retry_token(quic, addr_from, current_time,
-                    &is_new_token, &original_cnxid, &ph->dest_cnx_id, UINT64_MAX,
+                    &is_new_token, &original_cnxid, &ph->dest_cnx_id, UINT32_MAX,
                     ph->token_bytes, ph->token_length, 1) == 0) {
                     has_good_token = 1;
                 }

diff --git a/picoquic/tls_api.c b/picoquic/tls_api.c
@@ -2910,9 +2910,9 @@ int picoquic_verify_retry_token(picoquic_quic_t* quic, const struct sockaddr * a
                 /* Invalid token, too old */
                 ret = -1;
             }
-            /* If the PN value is not yet decrypted, setting it to UINT64_MAX
+            /* If the PN value is not yet decrypted, setting it to UINT32_MAX
              * bypasses the verification */
-            else if (initial_pn != UINT64_MAX && odcid->id_len > 0 && token_pn >= initial_pn) {
+            else if (initial_pn != UINT32_MAX && odcid->id_len > 0 && token_pn >= initial_pn) {
                 /* Invalid PN number */
                 ret = -1;
             }