diff options
author | Hugo Landau <hlandau@openssl.org> | 2023-05-03 19:09:05 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-05-29 08:51:12 +0200 |
commit | 7ea497134733f8197f359fe3243ad24e97df0f1a (patch) | |
tree | ef06baa3a9912e9e8899c16ee681e214ddd64749 | |
parent | 6084e04b25378a4590798a034633e90791cf74a3 (diff) |
QUIC APL: Change SSL_get_event_timeout API design
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
-rw-r--r-- | include/internal/quic_ssl.h | 3 | ||||
-rw-r--r-- | include/openssl/ssl.h.in | 2 | ||||
-rw-r--r-- | ssl/quic/quic_impl.c | 16 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 11 |
4 files changed, 22 insertions, 10 deletions
diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h index f3527dbf95..f8469c4fa7 100644 --- a/include/internal/quic_ssl.h +++ b/include/internal/quic_ssl.h @@ -46,7 +46,8 @@ void ossl_quic_set_accept_state(SSL *s); __owur int ossl_quic_has_pending(const SSL *s); __owur int ossl_quic_handle_events(SSL *s); -__owur int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv); +__owur int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, + int *is_infinite); OSSL_TIME ossl_quic_get_event_deadline(SSL *s); __owur int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *d); __owur int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *d); diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index dbfd0317ae..d580c8f19f 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -2258,7 +2258,7 @@ size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx); /* QUIC support */ int SSL_handle_events(SSL *s); -__owur int SSL_get_event_timeout(SSL *s, struct timeval *tv); +__owur int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite); __owur int SSL_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc); __owur int SSL_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc); __owur int SSL_net_read_desired(SSL *s); diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 3297c93d58..8f319ec977 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -857,11 +857,11 @@ int ossl_quic_handle_events(SSL *s) /* * SSL_get_event_timeout. Get the time in milliseconds until the SSL object * should be ticked by the application by calling SSL_handle_events(). tv is set - * to 0 if the object should be ticked immediately and tv->tv_sec is set to -1 - * if no timeout is currently active. + * to 0 if the object should be ticked immediately. If no timeout is currently + * active, *is_infinite is set to 1 and the value of *tv is undefined. */ QUIC_TAKES_LOCK -int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv) +int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite) { QCTX ctx; OSSL_TIME deadline = ossl_time_infinite(); @@ -875,13 +875,21 @@ int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv) = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch)); if (ossl_time_is_infinite(deadline)) { - tv->tv_sec = -1; + *is_infinite = 1; + + /* + * Robustness against faulty applications that don't check *is_infinite; + * harmless long timeout. + */ + tv->tv_sec = 1000000; tv->tv_usec = 0; + quic_unlock(ctx.qc); return 1; } *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, ossl_time_now())); + *is_infinite = 0; quic_unlock(ctx.qc); return 1; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a29cb3e2c5..6848dbad7a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -7148,22 +7148,25 @@ int SSL_handle_events(SSL *s) return 1; } -int SSL_get_event_timeout(SSL *s, struct timeval *tv) +int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite) { SSL_CONNECTION *sc; #ifndef OPENSSL_NO_QUIC if (IS_QUIC(s)) - return ossl_quic_get_event_timeout(s, tv); + return ossl_quic_get_event_timeout(s, tv, is_infinite); #endif sc = SSL_CONNECTION_FROM_SSL_ONLY(s); if (sc != NULL && SSL_CONNECTION_IS_DTLS(sc) - && DTLSv1_get_timeout(s, tv)) + && DTLSv1_get_timeout(s, tv)) { + *is_infinite = 0; return 1; + } - tv->tv_sec = -1; + tv->tv_sec = 1000000; tv->tv_usec = 0; + *is_infinite = 1; return 1; } |