diff options
| author | Todd Short <tshort@akamai.com> | 2021-09-08 16:23:04 -0400 |
|---|---|---|
| committer | Todd Short <todd.short@me.com> | 2022-03-10 10:42:43 -0500 |
| commit | a3e53d56831adb60d6875297b3339a4251f735d2 (patch) | |
| tree | c931c5b2cc9a63f80e4f3ae3a366b70064b897ae /crypto/bio/bss_conn.c | |
| parent | 97896f744d9ee4f2e821e3383caac8e8c5f226cf (diff) | |
Add TFO support to socket BIO and s_client/s_server
Supports Linux, MacOS and FreeBSD
Disabled by default, enabled via `enabled-tfo`
Some tests
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8692)
Diffstat (limited to 'crypto/bio/bss_conn.c')
| -rw-r--r-- | crypto/bio/bss_conn.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 8bc53548ca..3c61bc91c5 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -11,6 +11,7 @@ #include <errno.h> #include "bio_local.h" +#include "internal/bio_tfo.h" #include "internal/ktls.h" #ifndef OPENSSL_NO_SOCK @@ -24,6 +25,7 @@ typedef struct bio_connect_st { # ifndef OPENSSL_NO_KTLS unsigned char record_type; # endif + int tfo_first; BIO_ADDRINFO *addr_first; const BIO_ADDRINFO *addr_iter; @@ -361,6 +363,15 @@ static int conn_write(BIO *b, const char *in, int inl) } } else # endif +# if defined(OSSL_TFO_SENDTO) + if (data->tfo_first) { + int peerlen = BIO_ADDRINFO_sockaddr_size(data->addr_iter); + + ret = sendto(b->num, in, inl, OSSL_TFO_SENDTO, + BIO_ADDRINFO_sockaddr(data->addr_iter), peerlen); + data->tfo_first = 0; + } else +# endif ret = writesocket(b->num, in, inl); BIO_clear_retry_flags(b); if (ret <= 0) { @@ -425,6 +436,8 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) ret = -1; break; } + } else if (num == 4) { + ret = data->connect_mode; } else { ret = 0; } @@ -485,8 +498,23 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) else data->connect_mode &= ~BIO_SOCK_NONBLOCK; break; +#if defined(TCP_FASTOPEN) && !defined(OPENSSL_NO_TFO) + case BIO_C_SET_TFO: + if (num != 0) { + data->connect_mode |= BIO_SOCK_TFO; + data->tfo_first = 1; + } else { + data->connect_mode &= ~BIO_SOCK_TFO; + data->tfo_first = 0; + } + break; +#endif case BIO_C_SET_CONNECT_MODE: data->connect_mode = (int)num; + if (num & BIO_SOCK_TFO) + data->tfo_first = 1; + else + data->tfo_first = 0; break; case BIO_C_GET_FD: if (b->init) { |