in neqo-transport/src/connection/mod.rs [2749:2803]
fn validate_cids(&self) -> Res<()> {
let tph = self.tps.borrow();
let remote_tps = tph.remote.as_ref().ok_or(Error::TransportParameterError)?;
let tp = remote_tps.get_bytes(InitialSourceConnectionId);
if self
.remote_initial_source_cid
.as_ref()
.map(ConnectionId::as_cid_ref)
!= tp.map(ConnectionIdRef::from)
{
qwarn!(
"[{self}] ISCID test failed: self cid {:?} != tp cid {:?}",
self.remote_initial_source_cid,
tp.map(hex),
);
return Err(Error::ProtocolViolation);
}
if self.role == Role::Client {
let tp = remote_tps.get_bytes(OriginalDestinationConnectionId);
if self
.original_destination_cid
.as_ref()
.map(ConnectionId::as_cid_ref)
!= tp.map(ConnectionIdRef::from)
{
qwarn!(
"[{self}] ODCID test failed: self cid {:?} != tp cid {:?}",
self.original_destination_cid,
tp.map(hex),
);
return Err(Error::ProtocolViolation);
}
let tp = remote_tps.get_bytes(RetrySourceConnectionId);
let expected = if let AddressValidationInfo::Retry {
retry_source_cid, ..
} = &self.address_validation
{
Some(retry_source_cid.as_cid_ref())
} else {
None
};
if expected != tp.map(ConnectionIdRef::from) {
qwarn!(
"[{self}] RSCID test failed. self cid {expected:?} != tp cid {:?}",
tp.map(hex),
);
return Err(Error::ProtocolViolation);
}
}
Ok(())
}