From 7ea497134733f8197f359fe3243ad24e97df0f1a Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Wed, 3 May 2023 19:09:05 +0100 Subject: QUIC APL: Change SSL_get_event_timeout API design Reviewed-by: Matt Caswell Reviewed-by: Tim Hudson Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/20879) --- include/internal/quic_ssl.h | 3 ++- include/openssl/ssl.h.in | 2 +- ssl/quic/quic_impl.c | 16 ++++++++++++---- ssl/ssl_lib.c | 11 +++++++---- 4 files changed, 22 insertions(+), 10 deletions(-) diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h index f3527dbf95..f8469c4fa7 100644 --- a/include/internal/quic_ssl.h +++ b/include/internal/quic_ssl.h @@ -46,7 +46,8 @@ void ossl_quic_set_accept_state(SSL *s); __owur int ossl_quic_has_pending(const SSL *s); __owur int ossl_quic_handle_events(SSL *s); -__owur int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv); +__owur int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, + int *is_infinite); OSSL_TIME ossl_quic_get_event_deadline(SSL *s); __owur int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *d); __owur int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *d); diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index dbfd0317ae..d580c8f19f 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -2258,7 +2258,7 @@ size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx); /* QUIC support */ int SSL_handle_events(SSL *s); -__owur int SSL_get_event_timeout(SSL *s, struct timeval *tv); +__owur int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite); __owur int SSL_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc); __owur int SSL_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc); __owur int SSL_net_read_desired(SSL *s); diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 3297c93d58..8f319ec977 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -857,11 +857,11 @@ int ossl_quic_handle_events(SSL *s) /* * SSL_get_event_timeout. Get the time in milliseconds until the SSL object * should be ticked by the application by calling SSL_handle_events(). tv is set - * to 0 if the object should be ticked immediately and tv->tv_sec is set to -1 - * if no timeout is currently active. + * to 0 if the object should be ticked immediately. If no timeout is currently + * active, *is_infinite is set to 1 and the value of *tv is undefined. */ QUIC_TAKES_LOCK -int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv) +int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite) { QCTX ctx; OSSL_TIME deadline = ossl_time_infinite(); @@ -875,13 +875,21 @@ int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv) = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch)); if (ossl_time_is_infinite(deadline)) { - tv->tv_sec = -1; + *is_infinite = 1; + + /* + * Robustness against faulty applications that don't check *is_infinite; + * harmless long timeout. + */ + tv->tv_sec = 1000000; tv->tv_usec = 0; + quic_unlock(ctx.qc); return 1; } *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, ossl_time_now())); + *is_infinite = 0; quic_unlock(ctx.qc); return 1; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a29cb3e2c5..6848dbad7a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -7148,22 +7148,25 @@ int SSL_handle_events(SSL *s) return 1; } -int SSL_get_event_timeout(SSL *s, struct timeval *tv) +int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite) { SSL_CONNECTION *sc; #ifndef OPENSSL_NO_QUIC if (IS_QUIC(s)) - return ossl_quic_get_event_timeout(s, tv); + return ossl_quic_get_event_timeout(s, tv, is_infinite); #endif sc = SSL_CONNECTION_FROM_SSL_ONLY(s); if (sc != NULL && SSL_CONNECTION_IS_DTLS(sc) - && DTLSv1_get_timeout(s, tv)) + && DTLSv1_get_timeout(s, tv)) { + *is_infinite = 0; return 1; + } - tv->tv_sec = -1; + tv->tv_sec = 1000000; tv->tv_usec = 0; + *is_infinite = 1; return 1; } -- cgit v1.2.3