diff options
| author | Hugo Landau <hlandau@openssl.org> | 2024-02-15 09:14:41 +0000 |
|---|---|---|
| committer | Hugo Landau <hlandau@openssl.org> | 2024-03-07 23:48:49 +0000 |
| commit | 5f02bbd5a6e7157faefb944ac5f11e0f6b024740 (patch) | |
| tree | 9913be5cf876c899f27332056bd08388848fc8f9 /doc | |
| parent | c38558357de693ac9807d42c5f700ee59de7f20d (diff) | |
QUIC: Define error code for stateless reset
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23598)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man3/SSL_get_conn_close_info.pod | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/doc/man3/SSL_get_conn_close_info.pod b/doc/man3/SSL_get_conn_close_info.pod index bb5bc72b7a..badb3bf7a6 100644 --- a/doc/man3/SSL_get_conn_close_info.pod +++ b/doc/man3/SSL_get_conn_close_info.pod @@ -23,7 +23,8 @@ OSSL_QUIC_ERR_AEAD_LIMIT_REACHED, OSSL_QUIC_ERR_NO_VIABLE_PATH, OSSL_QUIC_ERR_CRYPTO_ERR_BEGIN, OSSL_QUIC_ERR_CRYPTO_ERR_END, -OSSL_QUIC_ERR_CRYPTO_ERR +OSSL_QUIC_ERR_CRYPTO_ERR, +OSSL_QUIC_LOCAL_ERR_IDLE_TIMEOUT - get information about why a QUIC connection was closed =head1 SYNOPSIS @@ -67,6 +68,8 @@ OSSL_QUIC_ERR_CRYPTO_ERR #define OSSL_QUIC_ERR_CRYPTO_ERR(X) + #define OSSL_QUIC_LOCAL_ERR_IDLE_TIMEOUT + =head1 DESCRIPTION The SSL_get_conn_close_info() function provides information about why and how a @@ -124,6 +127,29 @@ by the local or remote application. =back +The B<OSSL_QUIC_ERR> macro definitions provide the QUIC transport error codes as +defined by RFC 9000. The OSSL_QUIC_ERR_CRYPTO_ERR() macro can be used to convert +a TLS alert code into a QUIC transport error code by mapping it into the range +reserved for such codes by RFC 9000. This range begins at +B<OSSL_QUIC_ERR_CRYPTO_ERR_BEGIN> and ends at B<OSSL_QUIC_ERR_CRYPTO_ERR_END> +inclusive. + +=head1 NON-STANDARD TRANSPORT ERROR CODES + +Some conditions which can cause QUIC connection termination are not signalled on +the wire and therefore do not have standard error codes. OpenSSL indicates these +errors via SSL_get_conn_close_info() by setting B<SSL_CONN_CLOSE_FLAG_TRANSPORT> +and using one of the following error values. These codes are specific to +OpenSSL, and cannot be sent over the wire, as they are above 2**62. + +=over 4 + +=item B<OSSL_QUIC_LOCAL_ERR_IDLE_TIMEOUT> + +The connection was terminated immediately due to the idle timeout expiring. + +=back + =head1 RETURN VALUES SSL_get_conn_close_info() returns 1 on success and 0 on failure. This function |