QUIC APL: Ensure APL functions use correct prologue

Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24037)
author: Hugo Landau <hlandau@openssl.org> 2024-04-04 10:11:49 +0100
committer: Hugo Landau <hlandau@openssl.org> 2024-04-19 09:33:53 +0100
commit: ae859d7c723c82410799581cff03b0078d6db6d7 (patch)
tree: 23cf06814afbbd7cfe8a0149d949c3c236b5100e
parent: 7c0e134d73677dc92cff123f89266f49e86ef9b6 (diff)
1 files changed, 34 insertions, 12 deletions
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index ba2e003d87..c9151d9522 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -377,6 +377,8 @@ static int expect_quic_csl(const SSL *s, QCTX *ctx)
     return expect_quic_as(s, ctx, QCTX_C | QCTX_S | QCTX_L);
 }
 
+#define expect_quic_any expect_quic_csl
+
 static int expect_quic_listener(const SSL *s, QCTX *ctx)
 {
     return expect_quic_as(s, ctx, QCTX_L);
@@ -671,7 +673,7 @@ void ossl_quic_free(SSL *s)
     int is_default;
 
     /* We should never be called on anything but a QSO. */
-    if (!expect_quic_csl(s, &ctx))
+    if (!expect_quic_any(s, &ctx))
         return;
 
     if (ctx.is_listener) {
@@ -779,7 +781,7 @@ int ossl_quic_reset(SSL *s)
 {
     QCTX ctx;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_any(s, &ctx))
         return 0;
 
     ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
@@ -791,7 +793,7 @@ int ossl_quic_clear(SSL *s)
 {
     QCTX ctx;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_any(s, &ctx))
         return 0;
 
     ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
@@ -804,7 +806,7 @@ int ossl_quic_conn_set_override_now_cb(SSL *s,
 {
     QCTX ctx;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_conn_only(s, &ctx))
         return 0;
 
     qctx_lock(&ctx);
@@ -820,7 +822,7 @@ void ossl_quic_conn_force_assist_thread_wake(SSL *s)
 {
     QCTX ctx;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_conn_only(s, &ctx))
         return;
 
 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
@@ -1287,7 +1289,7 @@ int ossl_quic_handle_events(SSL *s)
 {
     QCTX ctx;
 
-    if (!expect_quic_csl(s, &ctx))
+    if (!expect_quic_any(s, &ctx))
         return 0;
 
     qctx_lock(&ctx);
@@ -1309,7 +1311,7 @@ int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite)
     QCTX ctx;
     OSSL_TIME deadline = ossl_time_infinite();
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_any(s, &ctx))
         return 0;
 
     qctx_lock(&ctx);
@@ -1382,7 +1384,7 @@ int ossl_quic_get_net_read_desired(SSL *s)
     QCTX ctx;
     int ret;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_csl(s, &ctx))
         return 0;
 
     qctx_lock(&ctx);
@@ -1398,7 +1400,7 @@ int ossl_quic_get_net_write_desired(SSL *s)
     int ret;
     QCTX ctx;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_csl(s, &ctx))
         return 0;
 
     qctx_lock(&ctx);
@@ -1580,11 +1582,14 @@ long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
 {
     QCTX ctx;
 
-    if (!expect_quic_cs(s, &ctx))
+    if (!expect_quic_csl(s, &ctx))
         return 0;
 
     switch (cmd) {
     case SSL_CTRL_MODE:
+        if (ctx.is_listener)
+            return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
+
         /* If called on a QCSO, update the default mode. */
         if (!ctx.is_stream)
             ctx.qc->default_ssl_mode |= (uint32_t)larg;
@@ -1604,6 +1609,9 @@ long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
 
         return ctx.qc->default_ssl_mode;
     case SSL_CTRL_CLEAR_MODE:
+        if (ctx.is_listener)
+            return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
+
         if (!ctx.is_stream)
             ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
 
@@ -1615,6 +1623,9 @@ long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
         return ctx.qc->default_ssl_mode;
 
     case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+        if (ctx.is_listener)
+            return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
+
         ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
         /* This ctrl also needs to be passed to the internal SSL object */
         return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
@@ -1649,6 +1660,9 @@ long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
          * supported by anything, the handshake layer's ctrl method will finally
          * return 0.
          */
+        if (ctx.is_listener)
+            return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
+
         return ossl_ctrl_internal(&ctx.qc->obj.ssl, cmd, larg, parg, /*no_quic=*/1);
     }
 }
@@ -3148,7 +3162,7 @@ int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
                          const BIO_ADDR *peer,
                          const BIO_ADDR *local)
 {
-    int ret;
+    int ret = 0;
     QCTX ctx;
     QUIC_DEMUX *demux;
 
@@ -3157,9 +3171,16 @@ int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
 
     qctx_lock(&ctx);
 
-    demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
+    if (ctx.obj->port == NULL) {
+        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
+        goto err;
+    }
+
+    demux = ossl_quic_port_get0_demux(ctx.obj->port);
     ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
 
+    ret = 1;
+err:
     qctx_unlock(&ctx);
     return ret;
 }
@@ -4525,6 +4546,7 @@ int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick,
     QCTX ctx;
     uint64_t revents = 0;
 
+    /* TODO(QUIC SERVER): Support listeners */
     if (!expect_quic_cs(ssl, &ctx))
         return 0;
author	Hugo Landau <hlandau@openssl.org>	2024-04-04 10:11:49 +0100
committer	Hugo Landau <hlandau@openssl.org>	2024-04-19 09:33:53 +0100
commit	ae859d7c723c82410799581cff03b0078d6db6d7 (patch)
tree	23cf06814afbbd7cfe8a0149d949c3c236b5100e
parent	7c0e134d73677dc92cff123f89266f49e86ef9b6 (diff)