diff options
| author | Hugo Landau <hlandau@openssl.org> | 2023-06-26 13:47:03 +0100 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2023-07-05 09:03:04 +1000 |
| commit | d6e7ebba3370e06ea4dfae6381dfe0e1c21070e3 (patch) | |
| tree | dfe11d5e37d4bffe5c2f0de725c34cd884cc5c3a | |
| parent | 5f69db396c61165b25c38a7506d608200561f228 (diff) | |
Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
26 files changed, 134 insertions, 180 deletions
diff --git a/doc/man3/BIO_f_ssl.pod b/doc/man3/BIO_f_ssl.pod index 371c124388..629aeb5e64 100644 --- a/doc/man3/BIO_f_ssl.pod +++ b/doc/man3/BIO_f_ssl.pod @@ -131,7 +131,8 @@ BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros. -BIO_ssl_copy_session_id() is not currently supported on QUIC SSL objects. +BIO_ssl_copy_session_id() is not currently supported on QUIC SSL objects and +fails if called on such an object. =head1 RETURN VALUES @@ -144,7 +145,8 @@ success or a value which is less than or equal to 0 if an error occurred. BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid B<BIO> structure on success or B<NULL> if an error occurred. -BIO_ssl_copy_session_id() returns 1 on success or 0 on error. +BIO_ssl_copy_session_id() returns 1 on success or 0 on error, or if called +on a QUIC SSL object. BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established. diff --git a/doc/man3/DTLSv1_listen.pod b/doc/man3/DTLSv1_listen.pod index ecf11b8915..73b72a6693 100644 --- a/doc/man3/DTLSv1_listen.pod +++ b/doc/man3/DTLSv1_listen.pod @@ -103,7 +103,8 @@ TLSv1.3 is used. Both SSL_stateless() and DTLSv1_listen() will clear the error queue when they start. -SSL_stateless() cannot be used with QUIC SSL objects. +SSL_stateless() cannot be used with QUIC SSL objects and returns an error if +called on such an object. =head1 RETURN VALUES diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod index 84b2bc5dfe..e06a273cb1 100644 --- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod +++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod @@ -25,6 +25,8 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, unsigned int *len); + + void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, const unsigned char **out, @@ -112,7 +114,9 @@ this function need not be a member of the list of supported protocols provided by the callback. NPN functionality cannot be used with QUIC SSL objects. Use of ALPN is mandatory -when using QUIC SSL objects. +when using QUIC SSL objects. SSL_CTX_set_next_protos_advertised_cb() and +SSL_CTX_set_next_proto_select_cb() have no effect if called on a QUIC SSL +context. =head1 NOTES diff --git a/doc/man3/SSL_CTX_set_quiet_shutdown.pod b/doc/man3/SSL_CTX_set_quiet_shutdown.pod index fc8c2725f7..867c331a3d 100644 --- a/doc/man3/SSL_CTX_set_quiet_shutdown.pod +++ b/doc/man3/SSL_CTX_set_quiet_shutdown.pod @@ -30,7 +30,8 @@ B<mode> may be 0 or 1. SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ssl>. -These functions are not supported for QUIC SSL objects. +These functions are not supported for QUIC SSL objects. SSL_set_quiet_shutdown() +has no effect if called on a QUIC SSL object. =head1 NOTES diff --git a/doc/man3/SSL_CTX_set_read_ahead.pod b/doc/man3/SSL_CTX_set_read_ahead.pod index 47e020196e..a4c482ee35 100644 --- a/doc/man3/SSL_CTX_set_read_ahead.pod +++ b/doc/man3/SSL_CTX_set_read_ahead.pod @@ -34,7 +34,8 @@ SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading ahead has been set or not. SSL_CTX_get_default_read_ahead() is identical to SSL_CTX_get_read_ahead(). -These functions cannot be used with QUIC SSL objects. +These functions cannot be used with QUIC SSL objects. SSL_set_read_ahead() +has no effect if called on a QUIC SSL object. =head1 NOTES diff --git a/doc/man3/SSL_CTX_set_record_padding_callback.pod b/doc/man3/SSL_CTX_set_record_padding_callback.pod index 4b15a2b590..a3ba8a5118 100644 --- a/doc/man3/SSL_CTX_set_record_padding_callback.pod +++ b/doc/man3/SSL_CTX_set_record_padding_callback.pod @@ -54,6 +54,8 @@ The B<arg> parameter is the value set via SSL_CTX_set_record_padding_callback_ar or SSL_set_record_padding_callback_arg(). These functions cannot be used with QUIC SSL objects. +SSL_set_record_padding_callback() and SSL_set_block_padding() fail if called on +a QUIC SSL object. =head1 RETURN VALUES diff --git a/doc/man3/SSL_CTX_set_split_send_fragment.pod b/doc/man3/SSL_CTX_set_split_send_fragment.pod index 91d08b387c..e01a696f0d 100644 --- a/doc/man3/SSL_CTX_set_split_send_fragment.pod +++ b/doc/man3/SSL_CTX_set_split_send_fragment.pod @@ -124,6 +124,9 @@ SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in B<session>. These functions cannot be used with QUIC SSL objects. +SSL_set_max_send_fragment(), SSL_set_max_pipelines(), +SSL_set_split_send_fragment(), SSL_set_default_read_buffer_len() and +SSL_set_tlsext_max_fragment_length() fail if called on a QUIC SSL object. =head1 RETURN VALUES diff --git a/doc/man3/SSL_CTX_set_ssl_version.pod b/doc/man3/SSL_CTX_set_ssl_version.pod index a311b1bf58..357807187a 100644 --- a/doc/man3/SSL_CTX_set_ssl_version.pod +++ b/doc/man3/SSL_CTX_set_ssl_version.pod @@ -48,7 +48,8 @@ try to reuse an existing one in this fashion. Its usage is considered deprecated. SSL_set_ssl_method() cannot be used to change a non-QUIC SSL object to a QUIC -SSL object or vice versa. +SSL object or vice versa, or change a QUIC SSL object from one QUIC method to +another. =head1 RETURN VALUES diff --git a/doc/man3/SSL_CTX_set_tlsext_use_srtp.pod b/doc/man3/SSL_CTX_set_tlsext_use_srtp.pod index 1e98842b70..5cb6b2cc82 100644 --- a/doc/man3/SSL_CTX_set_tlsext_use_srtp.pod +++ b/doc/man3/SSL_CTX_set_tlsext_use_srtp.pod @@ -117,6 +117,8 @@ use. This provides the client write master key, the server write master key, the client write master salt and the server write master salt in that order. These functions cannot be used with QUIC SSL objects. +SSL_CTX_set_tlsext_use_srtp() fails if called on a QUIC SSL context. +SSL_set_tlsext_use_srtp() fails if called on a QUIC SSL object. =head1 RETURN VALUES diff --git a/doc/man3/SSL_CTX_set_verify.pod b/doc/man3/SSL_CTX_set_verify.pod index 3af0403854..c49bb39ff0 100644 --- a/doc/man3/SSL_CTX_set_verify.pod +++ b/doc/man3/SSL_CTX_set_verify.pod @@ -216,6 +216,7 @@ When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client. Post-handshake authentication cannot be used with QUIC. +SSL_set_post_handshake_auth() has no effect if called on a QUIC SSL object. =head1 BUGS diff --git a/doc/man3/SSL_clear.pod b/doc/man3/SSL_clear.pod index c4d2fa34c8..6b6b11b482 100644 --- a/doc/man3/SSL_clear.pod +++ b/doc/man3/SSL_clear.pod @@ -34,7 +34,8 @@ server method, even if TLS_*_methods were chosen on startup. This will might lead to connection failures (see L<SSL_new(3)>) for a description of the method's properties. -This function is not supported on QUIC SSL objects. +This function is not supported on QUIC SSL objects and returns failure if called +on such an object. =head1 WARNINGS diff --git a/doc/man3/SSL_new.pod b/doc/man3/SSL_new.pod index 0917127831..82fb89f36f 100644 --- a/doc/man3/SSL_new.pod +++ b/doc/man3/SSL_new.pod @@ -96,7 +96,8 @@ SSL_set0_client_CA_list() or similar functions =back -SSL_dup() is not supported on QUIC SSL objects. +SSL_dup() is not supported on QUIC SSL objects and returns NULL if called on +such an object. =head1 RETURN VALUES diff --git a/doc/man3/SSL_read_early_data.pod b/doc/man3/SSL_read_early_data.pod index e9fce65223..65015124b2 100644 --- a/doc/man3/SSL_read_early_data.pod +++ b/doc/man3/SSL_read_early_data.pod @@ -242,6 +242,9 @@ has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See L</REPLAY PROTECTION> below. These functions cannot currently be used with QUIC SSL objects. +SSL_set_max_early_data(), SSL_set_recv_max_early_data(), SSL_write_early_data(), +SSL_read_early_data(), SSL_get_early_data_status() and +SSL_set_allow_early_data_cb() fail if called on a QUIC SSL object. =head1 NOTES diff --git a/doc/man3/SSL_rstate_string.pod b/doc/man3/SSL_rstate_string.pod index 1df65e199a..ad1ec0ae28 100644 --- a/doc/man3/SSL_rstate_string.pod +++ b/doc/man3/SSL_rstate_string.pod @@ -48,7 +48,8 @@ The read state is unknown. This should never happen. =back -When used with QUIC SSL objects, these functions always return "unknown". +When used with QUIC SSL objects, these functions always return "RH"/"read +header" in normal conditions. =head1 SEE ALSO diff --git a/doc/man3/SSL_set_fd.pod b/doc/man3/SSL_set_fd.pod index 6e0ab578e6..396777d721 100644 --- a/doc/man3/SSL_set_fd.pod +++ b/doc/man3/SSL_set_fd.pod @@ -23,8 +23,9 @@ interface between the B<ssl> and B<fd>. The BIO and hence the SSL engine inherit the behaviour of B<fd>. If B<fd> is nonblocking, the B<ssl> will also have nonblocking behaviour. -When used on a QUIC SSL object, a B<datagram BIO> is automatically created -instead of a B<socket BIO>. +When used on a QUIC connection SSL object, a B<datagram BIO> is automatically +created instead of a B<socket BIO>. These functions fail if called +on a QUIC stream SSL object. If there was already a BIO connected to B<ssl>, BIO_free() will be called (for both the reading and writing side, if different). diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h index 837c3ba7b5..37a29419c8 100644 --- a/include/internal/quic_ssl.h +++ b/include/internal/quic_ssl.h @@ -117,9 +117,7 @@ void ossl_quic_conn_force_assist_thread_wake(SSL *s); /* For use by tests only. */ QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s); -uint64_t ossl_quic_set_options(SSL *s, uint64_t opts); -uint64_t ossl_quic_clear_options(SSL *s, uint64_t opts); -uint64_t ossl_quic_get_options(SSL *s); + int ossl_quic_has_pending(const SSL *s); # endif diff --git a/include/internal/statem.h b/include/internal/statem.h index 93698c9678..c19aba2976 100644 --- a/include/internal/statem.h +++ b/include/internal/statem.h @@ -6,6 +6,8 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +#ifndef STATEM_H +# define STATEM_H /***************************************************************************** * * @@ -165,3 +167,5 @@ int ossl_statem_set_mutator(SSL *s, ossl_statem_mutate_handshake_cb mutate_handshake_cb, ossl_statem_finish_mutate_handshake_cb finish_mutate_handshake_cb, void *mutatearg); + +#endif diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 13f6bbd0a0..6228fe1871 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -16,6 +16,7 @@ #include <stdio.h> #include <openssl/objects.h> #include "ssl_local.h" +#include "quic/quic_local.h" #ifndef OPENSSL_NO_SRTP diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 1a09d82c5c..a918983398 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -617,33 +617,39 @@ static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch) } /* SSL_set_options */ +QUIC_TAKES_LOCK static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_value) { QCTX ctx; - uint64_t r, options; + uint64_t options; - if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx)) + if (!expect_quic(ssl, &ctx)) return 0; + quic_lock(ctx.qc); + /* * Currently most options that we permit are handled in the handshake * layer. */ - options = (SSL_get_options(ctx.qc->tls) & ~mask_value) | or_value; - options &= OSSL_QUIC_PERMITTED_OPTIONS; - r = SSL_set_options(ctx.qc->tls, options); + or_value &= OSSL_QUIC_PERMITTED_OPTIONS; + + SSL_clear_options(ctx.qc->tls, mask_value); + options = SSL_set_options(ctx.qc->tls, or_value); - if (ctx.xso->stream != NULL && ctx.xso->stream->rstream != NULL) + if (ctx.xso != NULL + && ctx.xso->stream != NULL + && ctx.xso->stream->rstream != NULL) ossl_quic_rstream_set_cleanse(ctx.xso->stream->rstream, (options & SSL_OP_CLEANSE_PLAINTEXT) != 0); quic_unlock(ctx.qc); - return r; + return options; } uint64_t ossl_quic_set_options(SSL *ssl, uint64_t options) { - return quic_mask_or_options(ssl, UINT64_MAX, options); + return quic_mask_or_options(ssl, 0, options); } /* SSL_clear_options */ @@ -2118,7 +2124,7 @@ int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read) */ QUIC_TAKES_LOCK -static size_t ossl_quic_pending_int(const SSL *s) +static size_t ossl_quic_pending_int(const SSL *s, int check_channel) { QCTX ctx; size_t avail = 0; @@ -2134,6 +2140,9 @@ static size_t ossl_quic_pending_int(const SSL *s) if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin)) avail = 0; + if (avail == 0 && check_channel && ossl_quic_channel_has_pending(ctx.qc->ch)) + avail = 1; + out: quic_unlock(ctx.qc); return avail; @@ -2141,13 +2150,13 @@ out: size_t ossl_quic_pending(const SSL *s) { - return ossl_quic_pending_int(s); + return ossl_quic_pending_int(s, /*check_channel=*/0); } int ossl_quic_has_pending(const SSL *s) { /* Do we have app-side pending data or pending URXEs or RXEs? */ - return ossl_quic_pending_int(s) > 0 || ossl_quic_channel_has_pending(qc->ch); + return ossl_quic_pending_int(s, /*check_channel=*/1) > 0; } /* diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h index 93c6709427..547c47de05 100644 --- a/ssl/quic/quic_local.h +++ b/ssl/quic/quic_local.h @@ -216,16 +216,10 @@ void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc, int ossl_quic_trace(int write_p, int version, int content_type, const void *buf, size_t msglen, SSL *ssl, void *arg); -# define OSSL_QUIC_ANY_VERSION 0x5155 -# ifndef OPENSSL_NO_QUIC -# define IS_QUIC_METHOD(m) ((m)->version == OSSL_QUIC_ANY_VERSION) -# define IS_QUIC_SSL(s) ((s) != NULL && \ - ((s)->type == SSL_TYPE_QUIC_CONNECTION || \ - (s)->type == SSL_TYPE_QUIC_STREAM)) -# else -# define IS_QUIC_METHOD(m) 0 -# define IS_QUIC_SSL(s) 0 -# endif +# define OSSL_QUIC_ANY_VERSION 0xFFFFF +# define IS_QUIC_METHOD(m) \ + ((m) == OSSL_QUIC_client_method() || \ + (m) == OSSL_QUIC_client_thread_method()) # define IS_QUIC_CTX(ctx) IS_QUIC_METHOD((ctx)->method) # define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \ @@ -257,6 +251,8 @@ int ossl_quic_trace(int write_p, int version, int content_type, # define QUIC_XSO_FROM_SSL_int(ssl, c) NULL # define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL # define IS_QUIC(ssl) 0 +# define IS_QUIC_CTX(ctx) 0 +# define IS_QUIC_METHOD(m) 0 # endif # define QUIC_CONNECTION_FROM_SSL(ssl) \ diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 4cb01eaf6c..2f5a611470 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -12,6 +12,7 @@ #include <errno.h> #include <assert.h> #include "../ssl_local.h" +#include "../quic/quic_local.h" #include <openssl/evp.h> #include <openssl/buffer.h> #include <openssl/rand.h> @@ -162,7 +163,7 @@ void SSL_set_default_read_buffer_len(SSL *s, size_t len) { SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); - if (sc == NULL || IS_QUIC_SSL(s)) + if (sc == NULL || IS_QUIC(s)) return; sc->rlayer.default_read_buf_len = len; } @@ -170,16 +171,8 @@ void SSL_set_default_read_buffer_len(SSL *s, size_t len) const char *SSL_rstate_string_long(const SSL *s) { const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); -#ifndef OPENSSL_NO_QUIC - const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s); -#endif const char *lng; -#ifndef OPENSSL_NO_QUIC - if (qc != NULL) - return "unknown"; -#endif - if (sc == NULL) return NULL; @@ -194,16 +187,8 @@ const char *SSL_rstate_string_long(const SSL *s) const char *SSL_rstate_string(const SSL *s) { const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); -#ifndef OPENSSL_NO_QUIC - const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s); -#endif const char *shrt; -#ifndef OPENSSL_NO_QUIC - if (qc != NULL) - return "unknown"; -#endif - if (sc == NULL) return NULL; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 9c5b29e331..e5dfa4f610 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -425,8 +425,7 @@ static int dane_tlsa_add(SSL_DANE *dane, * Return 0 if there is only one version configured and it was disabled * at configure time. Return 1 otherwise. */ -static int ssl_check_allowed_versions(int min_version, int max_version, - int is_quic) +static int ssl_check_allowed_versions(int min_version, int max_version) { int minisdtls = 0, maxisdtls = 0; @@ -474,7 +473,7 @@ static int ssl_check_allowed_versions(int min_version, int max_version, } else { /* Regular TLS version checks. */ if (min_version == 0) - min_version = is_quic ? TLS1_3_VERSION : SSL3_VERSION; + min_version = SSL3_VERSION; if (max_version == 0) max_version = TLS1_3_VERSION; #ifdef OPENSSL_NO_TLS1_3 @@ -764,17 +763,8 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method) s->max_proto_version = ctx->max_proto_version; } - s->min_proto_version = ctx->min_proto_version; - if (IS_QUIC_CTX(ctx) && s->min_proto_version < TLS1_3_VERSION) - s->min_proto_version = TLS1_3_VERSION; - - s->max_proto_version = ctx->max_proto_version; - if (IS_QUIC_CTX(ctx) && s->max_proto_version < TLS1_3_VERSION) - s->max_proto_version = 0; - s->mode = ctx->mode; s->max_cert_list = ctx->max_cert_list; - if (!IS_QUIC_CTX(ctx)) { s->max_early_data = ctx->max_early_data; s->recv_max_early_data = ctx->recv_max_early_data; @@ -806,11 +796,9 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method) s->msg_callback_arg = ctx->msg_callback_arg; s->verify_mode = ctx->verify_mode; s->not_resumable_session_cb = ctx->not_resumable_session_cb; - if (!IS_QUIC_CTX(ctx)) { - s->rlayer.record_padding_cb = ctx->record_padding_cb; - s->rlayer.record_padding_arg = ctx->record_padding_arg; - s->rlayer.block_padding = ctx->block_padding; - } + s->rlayer.record_padding_cb = ctx->record_padding_cb; + s->rlayer.record_padding_arg = ctx->record_padding_arg; + s->rlayer.block_padding = ctx->block_padding; s->sid_ctx_length = ctx->sid_ctx_length; if (!ossl_assert(s->sid_ctx_length <= sizeof(s->sid_ctx))) goto err; @@ -1672,12 +1660,27 @@ int SSL_get_wfd(const SSL *s) } #ifndef OPENSSL_NO_SOCK +static const BIO_METHOD *fd_method(SSL *s) +{ +#ifndef OPENSSL_NO_DGRAM + if (IS_QUIC(s)) + return BIO_s_datagram(); +#endif + + return BIO_s_socket(); +} + int SSL_set_fd(SSL *s, int fd) { int ret = 0; BIO *bio = NULL; - bio = BIO_new(IS_QUIC_SSL(s) ? BIO_s_datagram() : BIO_s_socket()); + if (s->type == SSL_TYPE_QUIC_XSO) { + ERR_raise(ERR_LIB_SSL, SSL_R_CONN_USE_ONLY); + goto err; + } + + bio = BIO_new(fd_method(s)); if (bio == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); @@ -1702,11 +1705,16 @@ int SSL_set_fd(SSL *s, int fd) int SSL_set_wfd(SSL *s, int fd) { BIO *rbio = SSL_get_rbio(s); - int desired_type = IS_QUIC_SSL(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET; + int desired_type = IS_QUIC(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET; + + if (s->type == SSL_TYPE_QUIC_XSO) { + ERR_raise(ERR_LIB_SSL, SSL_R_CONN_USE_ONLY); + return 0; + } if (rbio == NULL || BIO_method_type(rbio) != desired_type || (int)BIO_get_fd(rbio, NULL) != fd) { - BIO *bio = BIO_new(IS_QUIC_SSL(s) ? BIO_s_datagram() : BIO_s_socket()); + BIO *bio = BIO_new(fd_method(s)); if (bio == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); @@ -1733,11 +1741,16 @@ int SSL_set_wfd(SSL *s, int fd) int SSL_set_rfd(SSL *s, int fd) { BIO *wbio = SSL_get_wbio(s); - int desired_type = IS_QUIC_SSL(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET; + int desired_type = IS_QUIC(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET; + + if (s->type == SSL_TYPE_QUIC_XSO) { + ERR_raise(ERR_LIB_SSL, SSL_R_CONN_USE_ONLY); + return 0; + } if (wbio == NULL || BIO_method_type(wbio) != desired_type || ((int)BIO_get_fd(wbio, NULL) != fd)) { - BIO *bio = BIO_new(IS_QUIC_SSL(s) ? BIO_s_datagram() : BIO_s_socket()); + BIO *bio = BIO_new(fd_method(s)); if (bio == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); @@ -1857,7 +1870,7 @@ void SSL_set_read_ahead(SSL *s, int yes) SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); OSSL_PARAM options[2], *opts = options; - if (sc == NULL || IS_QUIC_SSL(s)) + if (sc == NULL || IS_QUIC(s)) return; RECORD_LAYER_set_read_ahead(&sc->rlayer, yes); @@ -1874,7 +1887,7 @@ int SSL_get_read_ahead(const SSL *s) { const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); - if (sc == NULL || IS_QUIC_SSL(s)) + if (sc == NULL || IS_QUIC(s)) return 0; return RECORD_LAYER_get_read_ahead(&sc->rlayer); @@ -1899,10 +1912,6 @@ int SSL_pending(const SSL *s) int SSL_has_pending(const SSL *s) { -#ifndef OPENSSL_NO_QUIC - const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s); -#endif - /* * Similar to SSL_pending() but returns a 1 to indicate that we have * processed or unprocessed data available or 0 otherwise (as opposed to the @@ -1920,11 +1929,6 @@ int SSL_has_pending(const SSL *s) sc = SSL_CONNECTION_FROM_CONST_SSL(s); -#ifndef OPENSSL_NO_QUIC - if (qc != NULL) - return ossl_quic_has_pending(qc); -#endif - /* Check buffered app data if any first */ if (SSL_CONNECTION_IS_DTLS(sc)) { TLS_RECORD *rdata; @@ -2364,10 +2368,8 @@ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) int ret; SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); - if (sc == NULL) - return 0; - - if (!sc->server) { + /* TODO(QUIC 0RTT): 0-RTT support */ + if (sc == NULL || !sc->server) { ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return SSL_READ_EARLY_DATA_ERROR; } @@ -2421,6 +2423,7 @@ int SSL_get_early_data_status(const SSL *s) { const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); + /* TODO(QUIC 0RTT): 0-RTT support */ if (sc == NULL) return 0; @@ -2909,11 +2912,11 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) switch (cmd) { case SSL_CTRL_GET_READ_AHEAD: - if (IS_QUIC_SSL(s)) + if (IS_QUIC(s)) return 0; return RECORD_LAYER_get_read_ahead(&sc->rlayer); case SSL_CTRL_SET_READ_AHEAD: - if (IS_QUIC_SSL(s)) + if (IS_QUIC(s)) return 0; l = RECORD_LAYER_get_read_ahead(&sc->rlayer); RECORD_LAYER_set_read_ahead(&sc->rlayer, larg); @@ -2945,7 +2948,7 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) sc->max_cert_list = (size_t)larg; return l; case SSL_CTRL_SET_MAX_SEND_FRAGMENT: - if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH || IS_QUIC_SSL(s)) + if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH || IS_QUIC(s)) return 0; #ifndef OPENSSL_NO_KTLS if (sc->wbio != NULL && BIO_get_ktls_send(sc->wbio)) @@ -2957,12 +2960,12 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) sc->rlayer.wrlmethod->set_max_frag_len(sc->rlayer.wrl, larg); return 1; case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT: - if ((size_t)larg > sc->max_send_fragment || larg == 0 || IS_QUIC_SSL(s)) + if ((size_t)larg > sc->max_send_fragment || larg == 0 || IS_QUIC(s)) return 0; sc->split_send_fragment = larg; return 1; case SSL_CTRL_SET_MAX_PIPELINES: - if (larg < 1 || larg > SSL_MAX_PIPELINES || IS_QUIC_SSL(s)) + if (larg < 1 || larg > SSL_MAX_PIPELINES || IS_QUIC(s)) return 0; sc->max_pipelines = larg; if (sc->rlayer.rrlmethod->set_max_pipelines != NULL) @@ -2995,17 +2998,13 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) else return 0; case SSL_CTRL_SET_MIN_PROTO_VERSION: - return ssl_check_allowed_versions(larg, sc->max_proto_version, - IS_QUIC_SSL(s)) + return ssl_check_allowed_versions(larg, sc->max_proto_version) && ssl_set_version_bound(s->defltmeth->version, (int)larg, &sc->min_proto_version); case SSL_CTRL_GET_MIN_PROTO_VERSION: return sc->min_proto_version; case SSL_CTRL_SET_MAX_PROTO_VERSION: - if (IS_QUIC_SSL(s) && larg < TLS1_3_VERSION) - return 0; - return ssl_check_allowed_versions(sc->min_proto_version, larg, - IS_QUIC_SSL(s)) + return ssl_check_allowed_versions(sc->min_proto_version, larg) && ssl_set_version_bound(s->defltmeth->version, (int)larg, &sc->max_proto_version); case SSL_CTRL_GET_MAX_PROTO_VERSION: @@ -3138,13 +3137,13 @@ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_CLEAR_CERT_FLAGS: return (ctx->cert->cert_flags &= ~larg); case SSL_CTRL_SET_MIN_PROTO_VERSION: - return ssl_check_allowed_versions(larg, ctx->max_proto_version, 0) + return ssl_check_allowed_versions(larg, ctx->max_proto_version) && ssl_set_version_bound(ctx->method->version, (int)larg, &ctx->min_proto_version); case SSL_CTRL_GET_MIN_PROTO_VERSION: return ctx->min_proto_version; case SSL_CTRL_SET_MAX_PROTO_VERSION: - return ssl_check_allowed_versions(ctx->min_proto_version, larg, 0) + return ssl_check_allowed_versions(ctx->min_proto_version, larg) && ssl_set_version_bound(ctx->method->version, (int)larg, &ctx->max_proto_version); case SSL_CTRL_GET_MAX_PROTO_VERSION: @@ -5675,7 +5674,7 @@ int SSL_set_record_padding_callback(SSL *ssl, BIO *b; SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl); - if (sc == NULL || IS_QUIC_SSL(ssl)) + if (sc == NULL || IS_QUIC(ssl)) return 0; b = SSL_get_wbio(ssl); @@ -5710,7 +5709,7 @@ int SSL_set_block_padding(SSL *ssl, size_t block_size) { SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl); - if (sc == NULL || (IS_QUIC_SSL(ssl) && block_size > 1)) + if (sc == NULL || (IS_QUIC(ssl) && block_size > 1)) return 0; /* block size of 0 or 1 is basically no padding */ @@ -6606,7 +6605,7 @@ int SSL_free_buffers |