diff options
author | Hugo Landau <hlandau@openssl.org> | 2023-07-28 17:48:14 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-08-08 14:33:42 +0100 |
commit | 741170bef340b31a32a94a4ea86cc0d7744c01b2 (patch) | |
tree | 392018b14999bcac9788606052e54e8b2e1d8d68 /include | |
parent | ab6c63456f30a849e3046532c582b4eaff7716d6 (diff) |
QUIC CHANNEL: Improve error reporting
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/quic_channel.h | 25 | ||||
-rw-r--r-- | include/internal/quic_error.h | 28 | ||||
-rw-r--r-- | include/internal/quic_tls.h | 5 | ||||
-rw-r--r-- | include/internal/quic_wire.h | 42 | ||||
-rw-r--r-- | include/openssl/sslerr.h | 1 |
5 files changed, 96 insertions, 5 deletions
diff --git a/include/internal/quic_channel.h b/include/internal/quic_channel.h index abeeb05b96..f9e654fd93 100644 --- a/include/internal/quic_channel.h +++ b/include/internal/quic_channel.h @@ -211,11 +211,28 @@ int ossl_quic_channel_on_handshake_confirmed(QUIC_CHANNEL *ch); * reason string is not currently handled, but should be a string of static * storage duration. If the connection has already terminated due to a previous * protocol error, this is a no-op; first error wins. + * + * Usually the ossl_quic_channel_raise_protocol_error() function should be used. + * The ossl_quic_channel_raise_protocol_error_loc() function can be used + * directly for passing through existing call site information from an existing + * error. */ -void ossl_quic_channel_raise_protocol_error(QUIC_CHANNEL *ch, - uint64_t error_code, - uint64_t frame_type, - const char *reason); +void ossl_quic_channel_raise_protocol_error_loc(QUIC_CHANNEL *ch, + uint64_t error_code, + uint64_t frame_type, + const char *reason, + const char *src_file, + int src_line, + const char *src_func); + +#define ossl_quic_channel_raise_protocol_error(ch, error_code, frame_type, reason) \ + ossl_quic_channel_raise_protocol_error_loc((ch), (error_code), \ + (frame_type), \ + (reason), \ + OPENSSL_FILE, \ + OPENSSL_LINE, \ + OPENSSL_FUNC) + /* * Returns 1 if permanent net error was detected on the QUIC_CHANNEL, * 0 otherwise. diff --git a/include/internal/quic_error.h b/include/internal/quic_error.h index e32bdf03f8..9495c3e67d 100644 --- a/include/internal/quic_error.h +++ b/include/internal/quic_error.h @@ -46,6 +46,34 @@ # define QUIC_ERR_CRYPTO_NO_APP_PROTO \ QUIC_ERR_CRYPTO_ERR(TLS1_AD_NO_APPLICATION_PROTOCOL) +static ossl_inline ossl_unused const char * +ossl_quic_err_to_string(uint64_t error_code) +{ + switch (error_code) { +#define X(name) case QUIC_ERR_##name: return #name; + X(NO_ERROR) + X(INTERNAL_ERROR) + X(CONNECTION_REFUSED) + X(FLOW_CONTROL_ERROR) + X(STREAM_LIMIT_ERROR) + X(STREAM_STATE_ERROR) + X(FINAL_SIZE_ERROR) + X(FRAME_ENCODING_ERROR) + X(TRANSPORT_PARAMETER_ERROR) + X(CONNECTION_ID_LIMIT_ERROR) + X(PROTOCOL_VIOLATION) + X(INVALID_TOKEN) + X(APPLICATION_ERROR) + X(CRYPTO_BUFFER_EXCEEDED) + X(KEY_UPDATE_ERROR) + X(AEAD_LIMIT_REACHED) + X(NO_VIABLE_PATH) +#undef X + default: + return NULL; + } +} + # endif #endif diff --git a/include/internal/quic_tls.h b/include/internal/quic_tls.h index 9c5fa9cd5a..13da5882c9 100644 --- a/include/internal/quic_tls.h +++ b/include/internal/quic_tls.h @@ -97,6 +97,9 @@ int ossl_quic_tls_set_transport_params(QUIC_TLS *qtls, int ossl_quic_tls_get_error(QUIC_TLS *qtls, uint64_t *error_code, - const char **error_msg); + const char **error_msg, + const char **error_src_file, + int *error_src_line, + const char **error_src_func); #endif diff --git a/include/internal/quic_wire.h b/include/internal/quic_wire.h index ee8f7e76cb..4f059120b3 100644 --- a/include/internal/quic_wire.h +++ b/include/internal/quic_wire.h @@ -87,6 +87,48 @@ # define OSSL_QUIC_FRAME_TYPE_IS_CONN_CLOSE(x) \ (((x) & ~(uint64_t)1) == OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT) +static ossl_unused ossl_inline const char * +ossl_quic_frame_type_to_string(uint64_t frame_type) +{ + switch (frame_type) { +#define X(name) case OSSL_QUIC_FRAME_TYPE_##name: return #name; + X(PADDING) + X(PING) + X(ACK_WITHOUT_ECN) + X(ACK_WITH_ECN) + X(RESET_STREAM) + X(STOP_SENDING) + X(CRYPTO) + X(NEW_TOKEN) + X(MAX_DATA) + X(MAX_STREAM_DATA) + X(MAX_STREAMS_BIDI) + X(MAX_STREAMS_UNI) + X(DATA_BLOCKED) + X(STREAM_DATA_BLOCKED) + X(STREAMS_BLOCKED_BIDI) + X(STREAMS_BLOCKED_UNI) + X(NEW_CONN_ID) + X(RETIRE_CONN_ID) + X(PATH_CHALLENGE) + X(PATH_RESPONSE) + X(CONN_CLOSE_TRANSPORT) + X(CONN_CLOSE_APP) + X(HANDSHAKE_DONE) + X(STREAM) + X(STREAM_FIN) + X(STREAM_LEN) + X(STREAM_LEN_FIN) + X(STREAM_OFF) + X(STREAM_OFF_FIN) + X(STREAM_OFF_LEN) + X(STREAM_OFF_LEN_FIN) +#undef X + default: + return NULL; + } +} + static ossl_unused ossl_inline int ossl_quic_frame_type_is_ack_eliciting(uint64_t frame_type) { diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h index 4a05f6636f..b330b90be4 100644 --- a/include/openssl/sslerr.h +++ b/include/openssl/sslerr.h @@ -230,6 +230,7 @@ # define SSL_R_PSK_IDENTITY_NOT_FOUND 223 # define SSL_R_PSK_NO_CLIENT_CB 224 # define SSL_R_PSK_NO_SERVER_CB 225 +# define SSL_R_QUIC_NETWORK_ERROR 387 # define SSL_R_QUIC_PROTOCOL_ERROR 382 # define SSL_R_READ_BIO_NOT_SET 211 # define SSL_R_READ_TIMEOUT_EXPIRED 312 |