QUIC CHANNEL: Improve error reporting

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)

5 files changed, 96 insertions, 5 deletions

diff --git a/include/internal/quic_channel.h b/include/internal/quic_channel.h
index abeeb05b96..f9e654fd93 100644
--- a/include/internal/quic_channel.h
+++ b/include/internal/quic_channel.h
@@ -211,11 +211,28 @@ int ossl_quic_channel_on_handshake_confirmed(QUIC_CHANNEL *ch);
  * reason string is not currently handled, but should be a string of static
  * storage duration. If the connection has already terminated due to a previous
  * protocol error, this is a no-op; first error wins.
+ *
+ * Usually the ossl_quic_channel_raise_protocol_error() function should be used.
+ * The ossl_quic_channel_raise_protocol_error_loc() function can be used
+ * directly for passing through existing call site information from an existing
+ * error.
  */
-void ossl_quic_channel_raise_protocol_error(QUIC_CHANNEL *ch,
-                                            uint64_t error_code,
-                                            uint64_t frame_type,
-                                            const char *reason);
+void ossl_quic_channel_raise_protocol_error_loc(QUIC_CHANNEL *ch,
+                                                uint64_t error_code,
+                                                uint64_t frame_type,
+                                                const char *reason,
+                                                const char *src_file,
+                                                int src_line,
+                                                const char *src_func);
+
+#define ossl_quic_channel_raise_protocol_error(ch, error_code, frame_type, reason) \
+    ossl_quic_channel_raise_protocol_error_loc((ch), (error_code),  \
+                                               (frame_type),        \
+                                               (reason),            \
+                                               OPENSSL_FILE,        \
+                                               OPENSSL_LINE,        \
+                                               OPENSSL_FUNC)
+
 /*
  * Returns 1 if permanent net error was detected on the QUIC_CHANNEL,
  * 0 otherwise.
diff --git a/include/internal/quic_error.h b/include/internal/quic_error.h
index e32bdf03f8..9495c3e67d 100644
--- a/include/internal/quic_error.h
+++ b/include/internal/quic_error.h
@@ -46,6 +46,34 @@
 #  define QUIC_ERR_CRYPTO_NO_APP_PROTO \
     QUIC_ERR_CRYPTO_ERR(TLS1_AD_NO_APPLICATION_PROTOCOL)
 
+static ossl_inline ossl_unused const char *
+ossl_quic_err_to_string(uint64_t error_code)
+{
+    switch (error_code) {
+#define X(name) case QUIC_ERR_##name: return #name;
+    X(NO_ERROR)
+    X(INTERNAL_ERROR)
+    X(CONNECTION_REFUSED)
+    X(FLOW_CONTROL_ERROR)
+    X(STREAM_LIMIT_ERROR)
+    X(STREAM_STATE_ERROR)
+    X(FINAL_SIZE_ERROR)
+    X(FRAME_ENCODING_ERROR)
+    X(TRANSPORT_PARAMETER_ERROR)
+    X(CONNECTION_ID_LIMIT_ERROR)
+    X(PROTOCOL_VIOLATION)
+    X(INVALID_TOKEN)
+    X(APPLICATION_ERROR)
+    X(CRYPTO_BUFFER_EXCEEDED)
+    X(KEY_UPDATE_ERROR)
+    X(AEAD_LIMIT_REACHED)
+    X(NO_VIABLE_PATH)
+#undef X
+    default:
+        return NULL;
+    }
+}
+
 # endif
 
 #endif
diff --git a/include/internal/quic_tls.h b/include/internal/quic_tls.h
index 9c5fa9cd5a..13da5882c9 100644
--- a/include/internal/quic_tls.h
+++ b/include/internal/quic_tls.h
@@ -97,6 +97,9 @@ int ossl_quic_tls_set_transport_params(QUIC_TLS *qtls,
 
 int ossl_quic_tls_get_error(QUIC_TLS *qtls,
                             uint64_t *error_code,
-                            const char **error_msg);
+                            const char **error_msg,
+                            const char **error_src_file,
+                            int *error_src_line,
+                            const char **error_src_func);
 
 #endif
diff --git a/include/internal/quic_wire.h b/include/internal/quic_wire.h
index ee8f7e76cb..4f059120b3 100644
--- a/include/internal/quic_wire.h
+++ b/include/internal/quic_wire.h
@@ -87,6 +87,48 @@
 #  define OSSL_QUIC_FRAME_TYPE_IS_CONN_CLOSE(x) \
     (((x) & ~(uint64_t)1) == OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT)
 
+static ossl_unused ossl_inline const char *
+ossl_quic_frame_type_to_string(uint64_t frame_type)
+{
+    switch (frame_type) {
+#define X(name) case OSSL_QUIC_FRAME_TYPE_##name: return #name;
+    X(PADDING)
+    X(PING)
+    X(ACK_WITHOUT_ECN)
+    X(ACK_WITH_ECN)
+    X(RESET_STREAM)
+    X(STOP_SENDING)
+    X(CRYPTO)
+    X(NEW_TOKEN)
+    X(MAX_DATA)
+    X(MAX_STREAM_DATA)
+    X(MAX_STREAMS_BIDI)
+    X(MAX_STREAMS_UNI)
+    X(DATA_BLOCKED)
+    X(STREAM_DATA_BLOCKED)
+    X(STREAMS_BLOCKED_BIDI)
+    X(STREAMS_BLOCKED_UNI)
+    X(NEW_CONN_ID)
+    X(RETIRE_CONN_ID)
+    X(PATH_CHALLENGE)
+    X(PATH_RESPONSE)
+    X(CONN_CLOSE_TRANSPORT)
+    X(CONN_CLOSE_APP)
+    X(HANDSHAKE_DONE)
+    X(STREAM)
+    X(STREAM_FIN)
+    X(STREAM_LEN)
+    X(STREAM_LEN_FIN)
+    X(STREAM_OFF)
+    X(STREAM_OFF_FIN)
+    X(STREAM_OFF_LEN)
+    X(STREAM_OFF_LEN_FIN)
+#undef X
+    default:
+        return NULL;
+    }
+}
+
 static ossl_unused ossl_inline int
 ossl_quic_frame_type_is_ack_eliciting(uint64_t frame_type)
 {
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 4a05f6636f..b330b90be4 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -230,6 +230,7 @@
 # define SSL_R_PSK_IDENTITY_NOT_FOUND                     223
 # define SSL_R_PSK_NO_CLIENT_CB                           224
 # define SSL_R_PSK_NO_SERVER_CB                           225
+# define SSL_R_QUIC_NETWORK_ERROR                         387
 # define SSL_R_QUIC_PROTOCOL_ERROR                        382
 # define SSL_R_READ_BIO_NOT_SET                           211
 # define SSL_R_READ_TIMEOUT_EXPIRED                       312