2
0

quic_impl.c 104 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657
  1. /*
  2. * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/macros.h>
  10. #include <openssl/objects.h>
  11. #include <openssl/sslerr.h>
  12. #include <crypto/rand.h>
  13. #include "quic_local.h"
  14. #include "internal/quic_tls.h"
  15. #include "internal/quic_rx_depack.h"
  16. #include "internal/quic_error.h"
  17. #include "internal/time.h"
  18. typedef struct qctx_st QCTX;
  19. static void aon_write_finish(QUIC_XSO *xso);
  20. static int create_channel(QUIC_CONNECTION *qc);
  21. static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
  22. static int qc_try_create_default_xso_for_write(QCTX *ctx);
  23. static int qc_wait_for_default_xso_for_read(QCTX *ctx);
  24. static void quic_lock(QUIC_CONNECTION *qc);
  25. static void quic_unlock(QUIC_CONNECTION *qc);
  26. static void quic_lock_for_io(QCTX *ctx);
  27. static int quic_do_handshake(QCTX *ctx);
  28. static void qc_update_reject_policy(QUIC_CONNECTION *qc);
  29. static void qc_touch_default_xso(QUIC_CONNECTION *qc);
  30. static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch);
  31. static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
  32. int touch, QUIC_XSO **old_xso);
  33. static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock);
  34. static int quic_validate_for_write(QUIC_XSO *xso, int *err);
  35. static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active);
  36. static int qc_blocking_mode(const QUIC_CONNECTION *qc);
  37. static int xso_blocking_mode(const QUIC_XSO *xso);
  38. /*
  39. * QUIC Front-End I/O API: Common Utilities
  40. * ========================================
  41. */
  42. /*
  43. * Block until a predicate is met.
  44. *
  45. * Precondition: Must have a channel.
  46. * Precondition: Must hold channel lock (unchecked).
  47. */
  48. QUIC_NEEDS_LOCK
  49. static int block_until_pred(QUIC_CONNECTION *qc,
  50. int (*pred)(void *arg), void *pred_arg,
  51. uint32_t flags)
  52. {
  53. QUIC_REACTOR *rtor;
  54. assert(qc->ch != NULL);
  55. /*
  56. * Any attempt to block auto-disables tick inhibition as otherwise we will
  57. * hang around forever.
  58. */
  59. ossl_quic_channel_set_inhibit_tick(qc->ch, 0);
  60. rtor = ossl_quic_channel_get_reactor(qc->ch);
  61. return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
  62. qc->mutex);
  63. }
  64. static OSSL_TIME get_time(QUIC_CONNECTION *qc)
  65. {
  66. if (qc->override_now_cb != NULL)
  67. return qc->override_now_cb(qc->override_now_cb_arg);
  68. else
  69. return ossl_time_now();
  70. }
  71. static OSSL_TIME get_time_cb(void *arg)
  72. {
  73. QUIC_CONNECTION *qc = arg;
  74. return get_time(qc);
  75. }
  76. /*
  77. * QCTX is a utility structure which provides information we commonly wish to
  78. * unwrap upon an API call being dispatched to us, namely:
  79. *
  80. * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
  81. * was passed);
  82. * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
  83. * a QCSO with a default stream was passed);
  84. * - whether a QSSO was passed (xso == NULL must not be used to determine this
  85. * because it may be non-NULL when a QCSO is passed if that QCSO has a
  86. * default stream);
  87. * - whether we are in "I/O context", meaning that non-normal errors can
  88. * be reported via SSL_get_error() as well as via ERR. Functions such as
  89. * SSL_read(), SSL_write() and SSL_do_handshake() are "I/O context"
  90. * functions which are allowed to change the value returned by
  91. * SSL_get_error. However, other functions (including functions which call
  92. * SSL_do_handshake() implicitly) are not allowed to change the return value
  93. * of SSL_get_error.
  94. */
  95. struct qctx_st {
  96. QUIC_CONNECTION *qc;
  97. QUIC_XSO *xso;
  98. int is_stream, in_io;
  99. };
  100. QUIC_NEEDS_LOCK
  101. static void quic_set_last_error(QCTX *ctx, int last_error)
  102. {
  103. if (!ctx->in_io)
  104. return;
  105. if (ctx->is_stream && ctx->xso != NULL)
  106. ctx->xso->last_error = last_error;
  107. else if (!ctx->is_stream && ctx->qc != NULL)
  108. ctx->qc->last_error = last_error;
  109. }
  110. /*
  111. * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
  112. * rather than via ERR. Note that normal errors must always be raised while
  113. * holding a lock.
  114. */
  115. QUIC_NEEDS_LOCK
  116. static int quic_raise_normal_error(QCTX *ctx,
  117. int err)
  118. {
  119. assert(ctx->in_io);
  120. quic_set_last_error(ctx, err);
  121. return 0;
  122. }
  123. /*
  124. * Raise a 'non-normal' error, meaning any error that is not reported via
  125. * SSL_get_error() and must be reported via ERR.
  126. *
  127. * qc should be provided if available. In exceptional circumstances when qc is
  128. * not known NULL may be passed. This should generally only happen when an
  129. * expect_...() function defined below fails, which generally indicates a
  130. * dispatch error or caller error.
  131. *
  132. * ctx should be NULL if the connection lock is not held.
  133. */
  134. static int quic_raise_non_normal_error(QCTX *ctx,
  135. const char *file,
  136. int line,
  137. const char *func,
  138. int reason,
  139. const char *fmt,
  140. ...)
  141. {
  142. va_list args;
  143. if (ctx != NULL) {
  144. quic_set_last_error(ctx, SSL_ERROR_SSL);
  145. if (reason == SSL_R_PROTOCOL_IS_SHUTDOWN && ctx->qc != NULL)
  146. ossl_quic_channel_restore_err_state(ctx->qc->ch);
  147. }
  148. ERR_new();
  149. ERR_set_debug(file, line, func);
  150. va_start(args, fmt);
  151. ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
  152. va_end(args);
  153. return 0;
  154. }
  155. #define QUIC_RAISE_NORMAL_ERROR(ctx, err) \
  156. quic_raise_normal_error((ctx), (err))
  157. #define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg) \
  158. quic_raise_non_normal_error((ctx), \
  159. OPENSSL_FILE, OPENSSL_LINE, \
  160. OPENSSL_FUNC, \
  161. (reason), \
  162. (msg))
  163. /*
  164. * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
  165. * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
  166. *
  167. * After this returns 1, all fields of the passed QCTX are initialised.
  168. * Returns 0 on failure. This function is intended to be used to provide API
  169. * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
  170. */
  171. static int expect_quic(const SSL *s, QCTX *ctx)
  172. {
  173. QUIC_CONNECTION *qc;
  174. QUIC_XSO *xso;
  175. ctx->qc = NULL;
  176. ctx->xso = NULL;
  177. ctx->is_stream = 0;
  178. if (s == NULL)
  179. return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
  180. switch (s->type) {
  181. case SSL_TYPE_QUIC_CONNECTION:
  182. qc = (QUIC_CONNECTION *)s;
  183. ctx->qc = qc;
  184. ctx->xso = qc->default_xso;
  185. ctx->is_stream = 0;
  186. ctx->in_io = 0;
  187. return 1;
  188. case SSL_TYPE_QUIC_XSO:
  189. xso = (QUIC_XSO *)s;
  190. ctx->qc = xso->conn;
  191. ctx->xso = xso;
  192. ctx->is_stream = 1;
  193. ctx->in_io = 0;
  194. return 1;
  195. default:
  196. return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
  197. }
  198. }
  199. /*
  200. * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
  201. * other words, requires that the passed QSO be a QSSO or a QCSO with a default
  202. * stream.
  203. *
  204. * remote_init determines if we expect the default XSO to be remotely created or
  205. * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
  206. *
  207. * Channel mutex is acquired and retained on success.
  208. */
  209. QUIC_ACQUIRES_LOCK
  210. static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
  211. int in_io, QCTX *ctx)
  212. {
  213. if (!expect_quic(s, ctx))
  214. return 0;
  215. if (in_io)
  216. quic_lock_for_io(ctx);
  217. else
  218. quic_lock(ctx->qc);
  219. if (ctx->xso == NULL && remote_init >= 0) {
  220. if (!quic_mutation_allowed(ctx->qc, /*req_active=*/0)) {
  221. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  222. goto err;
  223. }
  224. /* If we haven't finished the handshake, try to advance it. */
  225. if (quic_do_handshake(ctx) < 1)
  226. /* ossl_quic_do_handshake raised error here */
  227. goto err;
  228. if (remote_init == 0) {
  229. if (!qc_try_create_default_xso_for_write(ctx))
  230. goto err;
  231. } else {
  232. if (!qc_wait_for_default_xso_for_read(ctx))
  233. goto err;
  234. }
  235. ctx->xso = ctx->qc->default_xso;
  236. }
  237. if (ctx->xso == NULL) {
  238. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
  239. goto err;
  240. }
  241. return 1; /* coverity[missing_unlock]: lock held */
  242. err:
  243. quic_unlock(ctx->qc);
  244. return 0;
  245. }
  246. /*
  247. * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
  248. * be non-NULL if the QCSO has a default stream.
  249. */
  250. static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx)
  251. {
  252. if (!expect_quic(s, ctx))
  253. return 0;
  254. if (ctx->is_stream)
  255. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_CONN_USE_ONLY, NULL);
  256. return 1;
  257. }
  258. /*
  259. * Ensures that the channel mutex is held for a method which touches channel
  260. * state.
  261. *
  262. * Precondition: Channel mutex is not held (unchecked)
  263. */
  264. static void quic_lock(QUIC_CONNECTION *qc)
  265. {
  266. #if defined(OPENSSL_THREADS)
  267. ossl_crypto_mutex_lock(qc->mutex);
  268. #endif
  269. }
  270. static void quic_lock_for_io(QCTX *ctx)
  271. {
  272. quic_lock(ctx->qc);
  273. ctx->in_io = 1;
  274. /*
  275. * We are entering an I/O function so we must update the values returned by
  276. * SSL_get_error and SSL_want. Set no error. This will be overridden later
  277. * if a call to QUIC_RAISE_NORMAL_ERROR or QUIC_RAISE_NON_NORMAL_ERROR
  278. * occurs during the API call.
  279. */
  280. quic_set_last_error(ctx, SSL_ERROR_NONE);
  281. }
  282. /* Precondition: Channel mutex is held (unchecked) */
  283. QUIC_NEEDS_LOCK
  284. static void quic_unlock(QUIC_CONNECTION *qc)
  285. {
  286. #if defined(OPENSSL_THREADS)
  287. ossl_crypto_mutex_unlock(qc->mutex);
  288. #endif
  289. }
  290. /*
  291. * This predicate is the criterion which should determine API call rejection for
  292. * *most* mutating API calls, particularly stream-related operations for send
  293. * parts.
  294. *
  295. * A call is rejected (this function returns 0) if shutdown is in progress
  296. * (stream flushing), or we are in a TERMINATING or TERMINATED state. If
  297. * req_active=1, the connection must be active (i.e., the IDLE state is also
  298. * rejected).
  299. */
  300. static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active)
  301. {
  302. if (qc->shutting_down || ossl_quic_channel_is_term_any(qc->ch))
  303. return 0;
  304. if (req_active && !ossl_quic_channel_is_active(qc->ch))
  305. return 0;
  306. return 1;
  307. }
  308. /*
  309. * QUIC Front-End I/O API: Initialization
  310. * ======================================
  311. *
  312. * SSL_new => ossl_quic_new
  313. * ossl_quic_init
  314. * SSL_reset => ossl_quic_reset
  315. * SSL_clear => ossl_quic_clear
  316. * ossl_quic_deinit
  317. * SSL_free => ossl_quic_free
  318. *
  319. * SSL_set_options => ossl_quic_set_options
  320. * SSL_get_options => ossl_quic_get_options
  321. * SSL_clear_options => ossl_quic_clear_options
  322. *
  323. */
  324. /* SSL_new */
  325. SSL *ossl_quic_new(SSL_CTX *ctx)
  326. {
  327. QUIC_CONNECTION *qc = NULL;
  328. SSL *ssl_base = NULL;
  329. SSL_CONNECTION *sc = NULL;
  330. qc = OPENSSL_zalloc(sizeof(*qc));
  331. if (qc == NULL) {
  332. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
  333. return NULL;
  334. }
  335. #if defined(OPENSSL_THREADS)
  336. if ((qc->mutex = ossl_crypto_mutex_new()) == NULL) {
  337. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
  338. goto err;
  339. }
  340. #endif
  341. /* Initialise the QUIC_CONNECTION's stub header. */
  342. ssl_base = &qc->ssl;
  343. if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
  344. ssl_base = NULL;
  345. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
  346. goto err;
  347. }
  348. qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
  349. if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL) {
  350. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
  351. goto err;
  352. }
  353. /* override the user_ssl of the inner connection */
  354. sc->s3.flags |= TLS1_FLAGS_QUIC;
  355. /* Restrict options derived from the SSL_CTX. */
  356. sc->options &= OSSL_QUIC_PERMITTED_OPTIONS_CONN;
  357. sc->pha_enabled = 0;
  358. #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
  359. qc->is_thread_assisted
  360. = (ssl_base->method == OSSL_QUIC_client_thread_method());
  361. #endif
  362. qc->as_server = 0; /* TODO(QUIC SERVER): add server support */
  363. qc->as_server_state = qc->as_server;
  364. qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
  365. qc->default_ssl_mode = qc->ssl.ctx->mode;
  366. qc->default_ssl_options = qc->ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS;
  367. qc->desires_blocking = 1;
  368. qc->blocking = 0;
  369. qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO;
  370. qc->last_error = SSL_ERROR_NONE;
  371. if (!create_channel(qc))
  372. goto err;
  373. ossl_quic_channel_set_msg_callback(qc->ch, ctx->msg_callback, ssl_base);
  374. ossl_quic_channel_set_msg_callback_arg(qc->ch, ctx->msg_callback_arg);
  375. qc_update_reject_policy(qc);
  376. /*
  377. * We do not create the default XSO yet. The reason for this is that the
  378. * stream ID of the default XSO will depend on whether the stream is client
  379. * or server-initiated, which depends on who transmits first. Since we do
  380. * not know whether the application will be using a client-transmits-first
  381. * or server-transmits-first protocol, we defer default XSO creation until
  382. * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
  383. * we take that as a cue that the client is expecting a server-initiated
  384. * stream, and vice versa if SSL_write() is called first.
  385. */
  386. return ssl_base;
  387. err:
  388. if (ssl_base == NULL) {
  389. #if defined(OPENSSL_THREADS)
  390. ossl_crypto_mutex_free(qc->mutex);
  391. #endif
  392. OPENSSL_free(qc);
  393. } else {
  394. SSL_free(ssl_base);
  395. }
  396. return NULL;
  397. }
  398. /* SSL_free */
  399. QUIC_TAKES_LOCK
  400. void ossl_quic_free(SSL *s)
  401. {
  402. QCTX ctx;
  403. int is_default;
  404. /* We should never be called on anything but a QSO. */
  405. if (!expect_quic(s, &ctx))
  406. return;
  407. quic_lock(ctx.qc);
  408. if (ctx.is_stream) {
  409. /*
  410. * When a QSSO is freed, the XSO is freed immediately, because the XSO
  411. * itself only contains API personality layer data. However the
  412. * underlying QUIC_STREAM is not freed immediately but is instead marked
  413. * as deleted for later collection.
  414. */
  415. assert(ctx.qc->num_xso > 0);
  416. --ctx.qc->num_xso;
  417. /* If a stream's send part has not been finished, auto-reset it. */
  418. if (( ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_READY
  419. || ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_SEND)
  420. && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL))
  421. ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
  422. ctx.xso->stream, 0);
  423. /* Do STOP_SENDING for the receive part, if applicable. */
  424. if ( ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_RECV
  425. || ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN)
  426. ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
  427. ctx.xso->stream, 0);
  428. /* Update stream state. */
  429. ctx.xso->stream->deleted = 1;
  430. ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch),
  431. ctx.xso->stream);
  432. is_default = (ctx.xso == ctx.qc->default_xso);
  433. quic_unlock(ctx.qc);
  434. /*
  435. * Unref the connection in most cases; the XSO has a ref to the QC and
  436. * not vice versa. But for a default XSO, to avoid circular references,
  437. * the QC refs the XSO but the XSO does not ref the QC. If we are the
  438. * default XSO, we only get here when the QC is being torn down anyway,
  439. * so don't call SSL_free(qc) as we are already in it.
  440. */
  441. if (!is_default)
  442. SSL_free(&ctx.qc->ssl);
  443. /* Note: SSL_free calls OPENSSL_free(xso) for us */
  444. return;
  445. }
  446. /*
  447. * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
  448. * stage, but is freed during the channel free when the whole QSM is freed.
  449. */
  450. if (ctx.qc->default_xso != NULL) {
  451. QUIC_XSO *xso = ctx.qc->default_xso;
  452. quic_unlock(ctx.qc);
  453. SSL_free(&xso->ssl);
  454. quic_lock(ctx.qc);
  455. ctx.qc->default_xso = NULL;
  456. }
  457. /* Ensure we have no remaining XSOs. */
  458. assert(ctx.qc->num_xso == 0);
  459. #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
  460. if (ctx.qc->is_thread_assisted && ctx.qc->started) {
  461. ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
  462. ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
  463. }
  464. #endif
  465. ossl_quic_channel_free(ctx.qc->ch);
  466. BIO_free_all(ctx.qc->net_rbio);
  467. BIO_free_all(ctx.qc->net_wbio);
  468. /* Note: SSL_free calls OPENSSL_free(qc) for us */
  469. SSL_free(ctx.qc->tls);
  470. quic_unlock(ctx.qc); /* tsan doesn't like freeing locked mutexes */
  471. #if defined(OPENSSL_THREADS)
  472. ossl_crypto_mutex_free(&ctx.qc->mutex);
  473. #endif
  474. }
  475. /* SSL method init */
  476. int ossl_quic_init(SSL *s)
  477. {
  478. /* Same op as SSL_clear, forward the call. */
  479. return ossl_quic_clear(s);
  480. }
  481. /* SSL method deinit */
  482. void ossl_quic_deinit(SSL *s)
  483. {
  484. /* No-op. */
  485. }
  486. /* SSL_clear (ssl_reset method) */
  487. int ossl_quic_reset(SSL *s)
  488. {
  489. QCTX ctx;
  490. if (!expect_quic(s, &ctx))
  491. return 0;
  492. ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
  493. return 0;
  494. }
  495. /* ssl_clear method (unused) */
  496. int ossl_quic_clear(SSL *s)
  497. {
  498. QCTX ctx;
  499. if (!expect_quic(s, &ctx))
  500. return 0;
  501. ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
  502. return 0;
  503. }
  504. int ossl_quic_conn_set_override_now_cb(SSL *s,
  505. OSSL_TIME (*now_cb)(void *arg),
  506. void *now_cb_arg)
  507. {
  508. QCTX ctx;
  509. if (!expect_quic(s, &ctx))
  510. return 0;
  511. quic_lock(ctx.qc);
  512. ctx.qc->override_now_cb = now_cb;
  513. ctx.qc->override_now_cb_arg = now_cb_arg;
  514. quic_unlock(ctx.qc);
  515. return 1;
  516. }
  517. void ossl_quic_conn_force_assist_thread_wake(SSL *s)
  518. {
  519. QCTX ctx;
  520. if (!expect_quic(s, &ctx))
  521. return;
  522. #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
  523. if (ctx.qc->is_thread_assisted && ctx.qc->started)
  524. ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
  525. #endif
  526. }
  527. QUIC_NEEDS_LOCK
  528. static void qc_touch_default_xso(QUIC_CONNECTION *qc)
  529. {
  530. qc->default_xso_created = 1;
  531. qc_update_reject_policy(qc);
  532. }
  533. /*
  534. * Changes default XSO. Allows caller to keep reference to the old default XSO
  535. * (if any). Reference to new XSO is transferred from caller.
  536. */
  537. QUIC_NEEDS_LOCK
  538. static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
  539. int touch,
  540. QUIC_XSO **old_xso)
  541. {
  542. int refs;
  543. *old_xso = NULL;
  544. if (qc->default_xso != xso) {
  545. *old_xso = qc->default_xso; /* transfer old XSO ref to caller */
  546. qc->default_xso = xso;
  547. if (xso == NULL) {
  548. /*
  549. * Changing to not having a default XSO. XSO becomes standalone and
  550. * now has a ref to the QC.
  551. */
  552. if (!ossl_assert(SSL_up_ref(&qc->ssl)))
  553. return;
  554. } else {
  555. /*
  556. * Changing from not having a default XSO to having one. The new XSO
  557. * will have had a reference to the QC we need to drop to avoid a
  558. * circular reference.
  559. *
  560. * Currently we never change directly from one default XSO to
  561. * another, though this function would also still be correct if this
  562. * weren't the case.
  563. */
  564. assert(*old_xso == NULL);
  565. CRYPTO_DOWN_REF(&qc->ssl.references, &refs);
  566. assert(refs > 0);
  567. }
  568. }
  569. if (touch)
  570. qc_touch_default_xso(qc);
  571. }
  572. /*
  573. * Changes default XSO, releasing the reference to any previous default XSO.
  574. * Reference to new XSO is transferred from caller.
  575. */
  576. QUIC_NEEDS_LOCK
  577. static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch)
  578. {
  579. QUIC_XSO *old_xso = NULL;
  580. qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso);
  581. if (old_xso != NULL)
  582. SSL_free(&old_xso->ssl);
  583. }
  584. QUIC_NEEDS_LOCK
  585. static void xso_update_options(QUIC_XSO *xso)
  586. {
  587. int cleanse = ((xso->ssl_options & SSL_OP_CLEANSE_PLAINTEXT) != 0);
  588. if (xso->stream->rstream != NULL)
  589. ossl_quic_rstream_set_cleanse(xso->stream->rstream, cleanse);
  590. if (xso->stream->sstream != NULL)
  591. ossl_quic_sstream_set_cleanse(xso->stream->sstream, cleanse);
  592. }
  593. /*
  594. * SSL_set_options
  595. * ---------------
  596. *
  597. * Setting options on a QCSO
  598. * - configures the handshake-layer options;
  599. * - configures the default data-plane options for new streams;
  600. * - configures the data-plane options on the default XSO, if there is one.
  601. *
  602. * Setting options on a QSSO
  603. * - configures data-plane options for that stream only.
  604. */
  605. QUIC_TAKES_LOCK
  606. static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_value)
  607. {
  608. QCTX ctx;
  609. uint64_t hs_mask_value, hs_or_value, ret;
  610. if (!expect_quic(ssl, &ctx))
  611. return 0;
  612. quic_lock(ctx.qc);
  613. if (!ctx.is_stream) {
  614. /*
  615. * If we were called on the connection, we apply any handshake option
  616. * changes.
  617. */
  618. hs_mask_value = (mask_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
  619. hs_or_value = (or_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
  620. SSL_clear_options(ctx.qc->tls, hs_mask_value);
  621. SSL_set_options(ctx.qc->tls, hs_or_value);
  622. /* Update defaults for new streams. */
  623. ctx.qc->default_ssl_options
  624. = ((ctx.qc->default_ssl_options & ~mask_value) | or_value)
  625. & OSSL_QUIC_PERMITTED_OPTIONS;
  626. }
  627. if (ctx.xso != NULL) {
  628. ctx.xso->ssl_options
  629. = ((ctx.xso->ssl_options & ~mask_value) | or_value)
  630. & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
  631. xso_update_options(ctx.xso);
  632. }
  633. ret = ctx.is_stream ? ctx.xso->ssl_options : ctx.qc->default_ssl_options;
  634. quic_unlock(ctx.qc);
  635. return ret;
  636. }
  637. uint64_t ossl_quic_set_options(SSL *ssl, uint64_t options)
  638. {
  639. return quic_mask_or_options(ssl, 0, options);
  640. }
  641. /* SSL_clear_options */
  642. uint64_t ossl_quic_clear_options(SSL *ssl, uint64_t options)
  643. {
  644. return quic_mask_or_options(ssl, options, 0);
  645. }
  646. /* SSL_get_options */
  647. uint64_t ossl_quic_get_options(const SSL *ssl)
  648. {
  649. return quic_mask_or_options((SSL *)ssl, 0, 0);
  650. }
  651. /*
  652. * QUIC Front-End I/O API: Network BIO Configuration
  653. * =================================================
  654. *
  655. * Handling the different BIOs is difficult:
  656. *
  657. * - It is more or less a requirement that we use non-blocking network I/O;
  658. * we need to be able to have timeouts on recv() calls, and make best effort
  659. * (non blocking) send() and recv() calls.
  660. *
  661. * The only sensible way to do this is to configure the socket into
  662. * non-blocking mode. We could try to do select() before calling send() or
  663. * recv() to get a guarantee that the call will not block, but this will
  664. * probably run into issues with buggy OSes which generate spurious socket
  665. * readiness events. In any case, relying on this to work reliably does not
  666. * seem sane.
  667. *
  668. * Timeouts could be handled via setsockopt() socket timeout options, but
  669. * this depends on OS support and adds another syscall to every network I/O
  670. * operation. It also has obvious thread safety concerns if we want to move
  671. * to concurrent use of a single socket at some later date.
  672. *
  673. * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
  674. * be made non-blocking. However some OSes (e.g. Windows) do not support
  675. * this, so we cannot rely on this.
  676. *
  677. * As such, we need to configure any FD in non-blocking mode. This may
  678. * confound users who pass a blocking socket to libssl. However, in practice
  679. * it would be extremely strange for a user of QUIC to pass an FD to us,
  680. * then also try and send receive traffic on the same socket(!). Thus the
  681. * impact of this should be limited, and can be documented.
  682. *
  683. * - We support both blocking and non-blocking operation in terms of the API
  684. * presented to the user. One prospect is to set the blocking mode based on
  685. * whether the socket passed to us was already in blocking mode. However,
  686. * Windows has no API for determining if a socket is in blocking mode (!),
  687. * therefore this cannot be done portably. Currently therefore we expose an
  688. * explicit API call to set this, and default to blocking mode.
  689. *
  690. * - We need to determine our initial destination UDP address. The "natural"
  691. * way for a user to do this is to set the peer variable on a BIO_dgram.
  692. * However, this has problems because BIO_dgram's peer variable is used for
  693. * both transmission and reception. This means it can be constantly being
  694. * changed to a malicious value (e.g. if some random unrelated entity on the
  695. * network starts sending traffic to us) on every read call. This is not a
  696. * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
  697. * calls only, which do not use this variable. However, we do need to let
  698. * the user specify the peer in a 'normal' manner. The compromise here is
  699. * that we grab the current peer value set at the time the write BIO is set
  700. * and do not read the value again.
  701. *
  702. * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
  703. * Currently we do this by only supporting non-blocking mode.
  704. *
  705. */
  706. /*
  707. * Determines what initial destination UDP address we should use, if possible.
  708. * If this fails the client must set the destination address manually, or use a
  709. * BIO which does not need a destination address.
  710. */
  711. static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
  712. {
  713. if (BIO_dgram_detect_peer_addr(net_wbio, peer) <= 0)
  714. return 0;
  715. return 1;
  716. }
  717. static int qc_can_support_blocking_cached(QUIC_CONNECTION *qc)
  718. {
  719. QUIC_REACTOR *rtor = ossl_quic_channel_get_reactor(qc->ch);
  720. return ossl_quic_reactor_can_poll_r(rtor)
  721. && ossl_quic_reactor_can_poll_w(rtor);
  722. }
  723. static void qc_update_can_support_blocking(QUIC_CONNECTION *qc)
  724. {
  725. ossl_quic_channel_update_poll_descriptors(qc->ch); /* best effort */
  726. }
  727. static void qc_update_blocking_mode(QUIC_CONNECTION *qc)
  728. {
  729. qc->blocking = qc->desires_blocking && qc_can_support_blocking_cached(qc);
  730. }
  731. void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
  732. {
  733. QCTX ctx;
  734. if (!expect_quic(s, &ctx))
  735. return;
  736. if (ctx.qc->net_rbio == net_rbio)
  737. return;
  738. if (!ossl_quic_channel_set_net_rbio(ctx.qc->ch, net_rbio))
  739. return;
  740. BIO_free_all(ctx.qc->net_rbio);
  741. ctx.qc->net_rbio = net_rbio;
  742. if (net_rbio != NULL)
  743. BIO_set_nbio(net_rbio, 1); /* best effort autoconfig */
  744. /*
  745. * Determine if the current pair of read/write BIOs now set allows blocking
  746. * mode to be supported.
  747. */
  748. qc_update_can_support_blocking(ctx.qc);
  749. qc_update_blocking_mode(ctx.qc);
  750. }
  751. void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
  752. {
  753. QCTX ctx;
  754. if (!expect_quic(s, &ctx))
  755. return;
  756. if (ctx.qc->net_wbio == net_wbio)
  757. return;
  758. if (!ossl_quic_channel_set_net_wbio(ctx.qc->ch, net_wbio))
  759. return;
  760. BIO_free_all(ctx.qc->net_wbio);
  761. ctx.qc->net_wbio = net_wbio;
  762. if (net_wbio != NULL)
  763. BIO_set_nbio(net_wbio, 1); /* best effort autoconfig */
  764. /*
  765. * Determine if the current pair of read/write BIOs now set allows blocking
  766. * mode to be supported.
  767. */
  768. qc_update_can_support_blocking(ctx.qc);
  769. qc_update_blocking_mode(ctx.qc);
  770. }
  771. BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
  772. {
  773. QCTX ctx;
  774. if (!expect_quic(s, &ctx))
  775. return NULL;
  776. return ctx.qc->net_rbio;
  777. }
  778. BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
  779. {
  780. QCTX ctx;
  781. if (!expect_quic(s, &ctx))
  782. return NULL;
  783. return ctx.qc->net_wbio;
  784. }
  785. int ossl_quic_conn_get_blocking_mode(const SSL *s)
  786. {
  787. QCTX ctx;
  788. if (!expect_quic(s, &ctx))
  789. return 0;
  790. if (ctx.is_stream)
  791. return xso_blocking_mode(ctx.xso);
  792. return qc_blocking_mode(ctx.qc);
  793. }
  794. QUIC_TAKES_LOCK
  795. int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
  796. {
  797. int ret = 0;
  798. QCTX ctx;
  799. if (!expect_quic(s, &ctx))
  800. return 0;
  801. quic_lock(ctx.qc);
  802. /* Sanity check - can we support the request given the current network BIO? */
  803. if (blocking) {
  804. /*
  805. * If called directly on a QCSO, update our information on network BIO
  806. * capabilities.
  807. */
  808. if (!ctx.is_stream)
  809. qc_update_can_support_blocking(ctx.qc);
  810. /* Cannot enable blocking mode if we do not have pollable FDs. */
  811. if (!qc_can_support_blocking_cached(ctx.qc)) {
  812. ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
  813. goto out;
  814. }
  815. }
  816. if (!ctx.is_stream)
  817. /*
  818. * If called directly on a QCSO, update default and connection-level
  819. * blocking modes.
  820. */
  821. ctx.qc->desires_blocking = (blocking != 0);
  822. if (ctx.xso != NULL) {
  823. /*
  824. * If called on a QSSO or a QCSO with a default XSO, update the blocking
  825. * mode.
  826. */
  827. ctx.xso->desires_blocking = (blocking != 0);
  828. ctx.xso->desires_blocking_set = 1;
  829. }
  830. ret = 1;
  831. out:
  832. qc_update_blocking_mode(ctx.qc);
  833. quic_unlock(ctx.qc);
  834. return ret;
  835. }
  836. int ossl_quic_conn_set_initial_peer_addr(SSL *s,
  837. const BIO_ADDR *peer_addr)
  838. {
  839. QCTX ctx;
  840. if (!expect_quic(s, &ctx))
  841. return 0;
  842. if (ctx.qc->started)
  843. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
  844. NULL);
  845. if (peer_addr == NULL) {
  846. BIO_ADDR_clear(&ctx.qc->init_peer_addr);
  847. return 1;
  848. }
  849. ctx.qc->init_peer_addr = *peer_addr;
  850. return 1;
  851. }
  852. /*
  853. * QUIC Front-End I/O API: Asynchronous I/O Management
  854. * ===================================================
  855. *
  856. * (BIO/)SSL_handle_events => ossl_quic_handle_events
  857. * (BIO/)SSL_get_event_timeout => ossl_quic_get_event_timeout
  858. * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
  859. *
  860. */
  861. /* Returns 1 if the connection is being used in blocking mode. */
  862. static int qc_blocking_mode(const QUIC_CONNECTION *qc)
  863. {
  864. return qc->blocking;
  865. }
  866. static int xso_blocking_mode(const QUIC_XSO *xso)
  867. {
  868. if (xso->desires_blocking_set)
  869. return xso->desires_blocking && qc_can_support_blocking_cached(xso->conn);
  870. else
  871. /* Only ever set if we can support blocking. */
  872. return xso->conn->blocking;
  873. }
  874. /* SSL_handle_events; performs QUIC I/O and timeout processing. */
  875. QUIC_TAKES_LOCK
  876. int ossl_quic_handle_events(SSL *s)
  877. {
  878. QCTX ctx;
  879. if (!expect_quic(s, &ctx))
  880. return 0;
  881. quic_lock(ctx.qc);
  882. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
  883. quic_unlock(ctx.qc);
  884. return 1;
  885. }
  886. /*
  887. * SSL_get_event_timeout. Get the time in milliseconds until the SSL object
  888. * should next have events handled by the application by calling
  889. * SSL_handle_events(). tv is set to 0 if the object should have events handled
  890. * immediately. If no timeout is currently active, *is_infinite is set to 1 and
  891. * the value of *tv is undefined.
  892. */
  893. QUIC_TAKES_LOCK
  894. int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite)
  895. {
  896. QCTX ctx;
  897. OSSL_TIME deadline = ossl_time_infinite();
  898. if (!expect_quic(s, &ctx))
  899. return 0;
  900. quic_lock(ctx.qc);
  901. deadline
  902. = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
  903. if (ossl_time_is_infinite(deadline)) {
  904. *is_infinite = 1;
  905. /*
  906. * Robustness against faulty applications that don't check *is_infinite;
  907. * harmless long timeout.
  908. */
  909. tv->tv_sec = 1000000;
  910. tv->tv_usec = 0;
  911. quic_unlock(ctx.qc);
  912. return 1;
  913. }
  914. *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, get_time(ctx.qc)));
  915. *is_infinite = 0;
  916. quic_unlock(ctx.qc);
  917. return 1;
  918. }
  919. /* SSL_get_rpoll_descriptor */
  920. int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
  921. {
  922. QCTX ctx;
  923. if (!expect_quic(s, &ctx))
  924. return 0;
  925. if (desc == NULL || ctx.qc->net_rbio == NULL)
  926. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
  927. NULL);
  928. return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
  929. }
  930. /* SSL_get_wpoll_descriptor */
  931. int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
  932. {
  933. QCTX ctx;
  934. if (!expect_quic(s, &ctx))
  935. return 0;
  936. if (desc == NULL || ctx.qc->net_wbio == NULL)
  937. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
  938. NULL);
  939. return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
  940. }
  941. /* SSL_net_read_desired */
  942. QUIC_TAKES_LOCK
  943. int ossl_quic_get_net_read_desired(SSL *s)
  944. {
  945. QCTX ctx;
  946. int ret;
  947. if (!expect_quic(s, &ctx))
  948. return 0;
  949. quic_lock(ctx.qc);
  950. ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
  951. quic_unlock(ctx.qc);
  952. return ret;
  953. }
  954. /* SSL_net_write_desired */
  955. QUIC_TAKES_LOCK
  956. int ossl_quic_get_net_write_desired(SSL *s)
  957. {
  958. int ret;
  959. QCTX ctx;
  960. if (!expect_quic(s, &ctx))
  961. return 0;
  962. quic_lock(ctx.qc);
  963. ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
  964. quic_unlock(ctx.qc);
  965. return ret;
  966. }
  967. /*
  968. * QUIC Front-End I/O API: Connection Lifecycle Operations
  969. * =======================================================
  970. *
  971. * SSL_do_handshake => ossl_quic_do_handshake
  972. * SSL_set_connect_state => ossl_quic_set_connect_state
  973. * SSL_set_accept_state => ossl_quic_set_accept_state
  974. * SSL_shutdown => ossl_quic_shutdown
  975. * SSL_ctrl => ossl_quic_ctrl
  976. * (BIO/)SSL_connect => ossl_quic_connect
  977. * (BIO/)SSL_accept => ossl_quic_accept
  978. *
  979. */
  980. QUIC_NEEDS_LOCK
  981. static void qc_shutdown_flush_init(QUIC_CONNECTION *qc)
  982. {
  983. QUIC_STREAM_MAP *qsm;
  984. if (qc->shutting_down)
  985. return;
  986. qsm = ossl_quic_channel_get_qsm(qc->ch);
  987. ossl_quic_stream_map_begin_shutdown_flush(qsm);
  988. qc->shutting_down = 1;
  989. }
  990. /* Returns 1 if all shutdown-flush streams have been done with. */
  991. QUIC_NEEDS_LOCK
  992. static int qc_shutdown_flush_finished(QUIC_CONNECTION *qc)
  993. {
  994. QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
  995. return qc->shutting_down
  996. && ossl_quic_stream_map_is_shutdown_flush_finished(qsm);
  997. }
  998. /* SSL_shutdown */
  999. static int quic_shutdown_wait(void *arg)
  1000. {
  1001. QUIC_CONNECTION *qc = arg;
  1002. return ossl_quic_channel_is_terminated(qc->ch);
  1003. }
  1004. /* Returns 1 if shutdown flush process has finished or is inapplicable. */
  1005. static int quic_shutdown_flush_wait(void *arg)
  1006. {
  1007. QUIC_CONNECTION *qc = arg;
  1008. return ossl_quic_channel_is_term_any(qc->ch)
  1009. || qc_shutdown_flush_finished(qc);
  1010. }
  1011. static int quic_shutdown_peer_wait(void *arg)
  1012. {
  1013. QUIC_CONNECTION *qc = arg;
  1014. return ossl_quic_channel_is_term_any(qc->ch);
  1015. }
  1016. QUIC_TAKES_LOCK
  1017. int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
  1018. const SSL_SHUTDOWN_EX_ARGS *args,
  1019. size_t args_len)
  1020. {
  1021. int ret;
  1022. QCTX ctx;
  1023. int stream_flush = ((flags & SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH) == 0);
  1024. int no_block = ((flags & SSL_SHUTDOWN_FLAG_NO_BLOCK) != 0);
  1025. int wait_peer = ((flags & SSL_SHUTDOWN_FLAG_WAIT_PEER) != 0);
  1026. if (!expect_quic(s, &ctx))
  1027. return -1;
  1028. if (ctx.is_stream) {
  1029. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_CONN_USE_ONLY, NULL);
  1030. return -1;
  1031. }
  1032. quic_lock(ctx.qc);
  1033. if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
  1034. quic_unlock(ctx.qc);
  1035. return 1;
  1036. }
  1037. /* Phase 1: Stream Flushing */
  1038. if (!wait_peer && stream_flush) {
  1039. qc_shutdown_flush_init(ctx.qc);
  1040. if (!qc_shutdown_flush_finished(ctx.qc)) {
  1041. if (!no_block && qc_blocking_mode(ctx.qc)) {
  1042. ret = block_until_pred(ctx.qc, quic_shutdown_flush_wait, ctx.qc, 0);
  1043. if (ret < 1) {
  1044. ret = 0;
  1045. goto err;
  1046. }
  1047. } else {
  1048. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
  1049. }
  1050. }
  1051. if (!qc_shutdown_flush_finished(ctx.qc)) {
  1052. quic_unlock(ctx.qc);
  1053. return 0; /* ongoing */
  1054. }
  1055. }
  1056. /* Phase 2: Connection Closure */
  1057. if (wait_peer && !ossl_quic_channel_is_term_any(ctx.qc->ch)) {
  1058. if (!no_block && qc_blocking_mode(ctx.qc)) {
  1059. ret = block_until_pred(ctx.qc, quic_shutdown_peer_wait, ctx.qc, 0);
  1060. if (ret < 1) {
  1061. ret = 0;
  1062. goto err;
  1063. }
  1064. } else {
  1065. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
  1066. }
  1067. if (!ossl_quic_channel_is_term_any(ctx.qc->ch)) {
  1068. ret = 0; /* peer hasn't closed yet - still not done */
  1069. goto err;
  1070. }
  1071. /*
  1072. * We are at least terminating - go through the normal process of
  1073. * waiting until we are in the TERMINATED state.
  1074. */
  1075. }
  1076. /* Block mutation ops regardless of if we did stream flush. */
  1077. ctx.qc->shutting_down = 1;
  1078. /*
  1079. * This call is a no-op if we are already terminating, so it doesn't
  1080. * affect the wait_peer case.
  1081. */
  1082. ossl_quic_channel_local_close(ctx.qc->ch,
  1083. args != NULL ? args->quic_error_code : 0,
  1084. args != NULL ? args->quic_reason : NULL);
  1085. SSL_set_shutdown(ctx.qc->tls, SSL_SENT_SHUTDOWN);
  1086. if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
  1087. quic_unlock(ctx.qc);
  1088. return 1;
  1089. }
  1090. /* Phase 3: Terminating Wait Time */
  1091. if (!no_block && qc_blocking_mode(ctx.qc)
  1092. && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0) {
  1093. ret = block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
  1094. if (ret < 1) {
  1095. ret = 0;
  1096. goto err;
  1097. }
  1098. } else {
  1099. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
  1100. }
  1101. ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
  1102. err:
  1103. quic_unlock(ctx.qc);
  1104. return ret;
  1105. }
  1106. /* SSL_ctrl */
  1107. long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
  1108. {
  1109. QCTX ctx;
  1110. if (!expect_quic(s, &ctx))
  1111. return 0;
  1112. switch (cmd) {
  1113. case SSL_CTRL_MODE:
  1114. /* If called on a QCSO, update the default mode. */
  1115. if (!ctx.is_stream)
  1116. ctx.qc->default_ssl_mode |= (uint32_t)larg;
  1117. /*
  1118. * If we were called on a QSSO or have a default stream, we also update
  1119. * that.
  1120. */
  1121. if (ctx.xso != NULL) {
  1122. /* Cannot enable EPW while AON write in progress. */
  1123. if (ctx.xso->aon_write_in_progress)
  1124. larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
  1125. ctx.xso->ssl_mode |= (uint32_t)larg;
  1126. return ctx.xso->ssl_mode;
  1127. }
  1128. return ctx.qc->default_ssl_mode;
  1129. case SSL_CTRL_CLEAR_MODE:
  1130. if (!ctx.is_stream)
  1131. ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
  1132. if (ctx.xso != NULL) {
  1133. ctx.xso->ssl_mode &= ~(uint32_t)larg;
  1134. return ctx.xso->ssl_mode;
  1135. }
  1136. return ctx.qc->default_ssl_mode;
  1137. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  1138. ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
  1139. /* This ctrl also needs to be passed to the internal SSL object */
  1140. return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
  1141. case DTLS_CTRL_GET_TIMEOUT: /* DTLSv1_get_timeout */
  1142. {
  1143. int is_infinite;
  1144. if (!ossl_quic_get_event_timeout(s, parg, &is_infinite))
  1145. return 0;
  1146. return !is_infinite;
  1147. }
  1148. case DTLS_CTRL_HANDLE_TIMEOUT: /* DTLSv1_handle_timeout */
  1149. /* For legacy compatibility with DTLS calls. */
  1150. return ossl_quic_handle_events(s) == 1 ? 1 : -1;
  1151. /* Mask ctrls we shouldn't support for QUIC. */
  1152. case SSL_CTRL_GET_READ_AHEAD:
  1153. case SSL_CTRL_SET_READ_AHEAD:
  1154. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  1155. case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
  1156. case SSL_CTRL_SET_MAX_PIPELINES:
  1157. return 0;
  1158. default:
  1159. /*
  1160. * Probably a TLS related ctrl. Send back to the frontend SSL_ctrl
  1161. * implementation. Either SSL_ctrl will handle it itself by direct
  1162. * access into handshake layer state, or failing that, it will be passed
  1163. * to the handshake layer via the SSL_METHOD vtable. If the ctrl is not
  1164. * supported by anything, the handshake layer's ctrl method will finally
  1165. * return 0.
  1166. */
  1167. return ossl_ctrl_internal(&ctx.qc->ssl, cmd, larg, parg, /*no_quic=*/1);
  1168. }
  1169. }
  1170. /* SSL_set_connect_state */
  1171. void ossl_quic_set_connect_state(SSL *s)
  1172. {
  1173. QCTX ctx;
  1174. if (!expect_quic(s, &ctx))
  1175. return;
  1176. /* Cannot be changed after handshake started */
  1177. if (ctx.qc->started || ctx.is_stream)
  1178. return;
  1179. ctx.qc->as_server_state = 0;
  1180. }
  1181. /* SSL_set_accept_state */
  1182. void ossl_quic_set_accept_state(SSL *s)
  1183. {
  1184. QCTX ctx;
  1185. if (!expect_quic(s, &ctx))
  1186. return;
  1187. /* Cannot be changed after handshake started */
  1188. if (ctx.qc->started || ctx.is_stream)
  1189. return;
  1190. ctx.qc->as_server_state = 1;
  1191. }
  1192. /* SSL_do_handshake */
  1193. struct quic_handshake_wait_args {
  1194. QUIC_CONNECTION *qc;
  1195. };
  1196. static int tls_wants_non_io_retry(QUIC_CONNECTION *qc)
  1197. {
  1198. int want = SSL_want(qc->tls);
  1199. if (want == SSL_X509_LOOKUP
  1200. || want == SSL_CLIENT_HELLO_CB
  1201. || want == SSL_RETRY_VERIFY)
  1202. return 1;
  1203. return 0;
  1204. }
  1205. static int quic_handshake_wait(void *arg)
  1206. {
  1207. struct quic_handshake_wait_args *args = arg;
  1208. if (!quic_mutation_allowed(args->qc, /*req_active=*/1))
  1209. return -1;
  1210. if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
  1211. return 1;
  1212. if (tls_wants_non_io_retry(args->qc))
  1213. return 1;
  1214. return 0;
  1215. }
  1216. static int configure_channel(QUIC_CONNECTION *qc)
  1217. {
  1218. assert(qc->ch != NULL);
  1219. if (!ossl_quic_channel_set_net_rbio(qc->ch, qc->net_rbio)
  1220. || !ossl_quic_channel_set_net_wbio(qc->ch, qc->net_wbio)
  1221. || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
  1222. return 0;
  1223. return 1;
  1224. }
  1225. QUIC_NEEDS_LOCK
  1226. static int create_channel(QUIC_CONNECTION *qc)
  1227. {
  1228. QUIC_CHANNEL_ARGS args = {0};
  1229. args.libctx = qc->ssl.ctx->libctx;
  1230. args.propq = qc->ssl.ctx->propq;
  1231. args.is_server = qc->as_server;
  1232. args.tls = qc->tls;
  1233. args.mutex = qc->mutex;
  1234. args.now_cb = get_time_cb;
  1235. args.now_cb_arg = qc;
  1236. qc->ch = ossl_quic_channel_new(&args);
  1237. if (qc->ch == NULL) {
  1238. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
  1239. return 0;
  1240. }
  1241. return 1;
  1242. }
  1243. /*
  1244. * Configures a channel with the information we have accumulated via calls made
  1245. * to us from the application prior to starting a handshake attempt.
  1246. */
  1247. QUIC_NEEDS_LOCK
  1248. static int ensure_channel_started(QCTX *ctx)
  1249. {
  1250. QUIC_CONNECTION *qc = ctx->qc;
  1251. if (!qc->started) {
  1252. if (!configure_channel(qc)) {
  1253. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
  1254. "failed to configure channel");
  1255. return 0;
  1256. }
  1257. if (!ossl_quic_channel_start(qc->ch)) {
  1258. ossl_quic_channel_restore_err_state(qc->ch);
  1259. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
  1260. "failed to start channel");
  1261. return 0;
  1262. }
  1263. #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
  1264. if (qc->is_thread_assisted)
  1265. if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch,
  1266. qc->override_now_cb,
  1267. qc->override_now_cb_arg)) {
  1268. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
  1269. "failed to start assist thread");
  1270. return 0;
  1271. }
  1272. #endif
  1273. }
  1274. qc->started = 1;
  1275. return 1;
  1276. }
  1277. QUIC_NEEDS_LOCK
  1278. static int quic_do_handshake(QCTX *ctx)
  1279. {
  1280. int ret;
  1281. QUIC_CONNECTION *qc = ctx->qc;
  1282. if (ossl_quic_channel_is_handshake_complete(qc->ch))
  1283. /* Handshake already completed. */
  1284. return 1;
  1285. if (!quic_mutation_allowed(qc, /*req_active=*/0))
  1286. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1287. if (qc->as_server != qc->as_server_state) {
  1288. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
  1289. return -1; /* Non-protocol error */
  1290. }
  1291. if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
  1292. /* Need read and write BIOs. */
  1293. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BIO_NOT_SET, NULL);
  1294. return -1; /* Non-protocol error */
  1295. }
  1296. /*
  1297. * We need to determine our addressing mode. There are basically two
  1298. * ways we can use L4 addresses:
  1299. *
  1300. * - Addressed mode, in which our BIO_sendmmsg calls have destination
  1301. * addresses attached to them which we expect the underlying network BIO
  1302. * to handle;
  1303. *
  1304. * - Unaddressed mode, in which the BIO provided to us on the
  1305. * network side neither provides us with L4 addresses nor is capable of
  1306. * honouring ones we provide. We don't know where the QUIC traffic we
  1307. * send ends up exactly and trust the application to know what it is
  1308. * doing.
  1309. *
  1310. * Addressed mode is preferred because it enables support for connection
  1311. * migration, multipath, etc. in the future. Addressed mode is automatically
  1312. * enabled if we are using e.g. BIO_s_datagram, with or without
  1313. * BIO_s_connect.
  1314. *
  1315. * If we are passed a BIO_s_dgram_pair (or some custom BIO) we may have to
  1316. * use unaddressed mode unless that BIO supports capability flags indicating
  1317. * it can provide and honour L4 addresses.
  1318. *
  1319. * Our strategy for determining address mode is simple: we probe the
  1320. * underlying network BIOs for their capabilities. If the network BIOs
  1321. * support what we need, we use addressed mode. Otherwise, we use
  1322. * unaddressed mode.
  1323. *
  1324. * If addressed mode is chosen, we require an initial peer address to be
  1325. * set. If this is not set, we fail. If unaddressed mode is used, we do not
  1326. * require this, as such an address is superfluous, though it can be set if
  1327. * desired.
  1328. */
  1329. if (!qc->started && !qc->addressing_probe_done) {
  1330. long rcaps = BIO_dgram_get_effective_caps(qc->net_rbio);
  1331. long wcaps = BIO_dgram_get_effective_caps(qc->net_wbio);
  1332. qc->addressed_mode_r = ((rcaps & BIO_DGRAM_CAP_PROVIDES_SRC_ADDR) != 0);
  1333. qc->addressed_mode_w = ((wcaps & BIO_DGRAM_CAP_HANDLES_DST_ADDR) != 0);
  1334. qc->addressing_probe_done = 1;
  1335. }
  1336. if (!qc->started && qc->addressed_mode_w
  1337. && BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
  1338. /*
  1339. * We are trying to connect and are using addressed mode, which means we
  1340. * need an initial peer address; if we do not have a peer address yet,
  1341. * we should try to autodetect one.
  1342. *
  1343. * We do this as late as possible because some BIOs (e.g. BIO_s_connect)
  1344. * may not be able to provide us with a peer address until they have
  1345. * finished their own processing. They may not be able to perform this
  1346. * processing until an application has finished configuring that BIO
  1347. * (e.g. with setter calls), which might happen after SSL_set_bio is
  1348. * called.
  1349. */
  1350. if (!csm_analyse_init_peer_addr(qc->net_wbio, &qc->init_peer_addr))
  1351. /* best effort */
  1352. BIO_ADDR_clear(&qc->init_peer_addr);
  1353. else
  1354. ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr);
  1355. }
  1356. if (!qc->started
  1357. && qc->addressed_mode_w
  1358. && BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
  1359. /*
  1360. * If we still don't have a peer address in addressed mode, we can't do
  1361. * anything.
  1362. */
  1363. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
  1364. return -1; /* Non-protocol error */
  1365. }
  1366. /*
  1367. * Start connection process. Note we may come here multiple times in
  1368. * non-blocking mode, which is fine.
  1369. */
  1370. if (!ensure_channel_started(ctx)) /* raises on failure */
  1371. return -1; /* Non-protocol error */
  1372. if (ossl_quic_channel_is_handshake_complete(qc->ch))
  1373. /* The handshake is now done. */
  1374. return 1;
  1375. if (!qc_blocking_mode(qc)) {
  1376. /* Try to advance the reactor. */
  1377. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
  1378. if (ossl_quic_channel_is_handshake_complete(qc->ch))
  1379. /* The handshake is now done. */
  1380. return 1;
  1381. if (ossl_quic_channel_is_term_any(qc->ch)) {
  1382. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1383. return 0;
  1384. } else if (qc->desires_blocking) {
  1385. /*
  1386. * As a special case when doing a handshake when blocking mode is
  1387. * desired yet not available, see if the network BIOs have become
  1388. * poll descriptor-enabled. This supports BIOs such as BIO_s_connect
  1389. * which do late creation of socket FDs and therefore cannot expose
  1390. * a poll descriptor until after a network BIO is set on the QCSO.
  1391. */
  1392. assert(!qc->blocking);
  1393. qc_update_can_support_blocking(qc);
  1394. qc_update_blocking_mode(qc);
  1395. }
  1396. }
  1397. /*
  1398. * We are either in blocking mode or just entered it due to the code above.
  1399. */
  1400. if (qc_blocking_mode(qc)) {
  1401. /* In blocking mode, wait for the handshake to complete. */
  1402. struct quic_handshake_wait_args args;
  1403. args.qc = qc;
  1404. ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
  1405. if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
  1406. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1407. return 0; /* Shutdown before completion */
  1408. } else if (ret <= 0) {
  1409. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1410. return -1; /* Non-protocol error */
  1411. }
  1412. if (tls_wants_non_io_retry(qc)) {
  1413. QUIC_RAISE_NORMAL_ERROR(ctx, SSL_get_error(qc->tls, 0));
  1414. return -1;
  1415. }
  1416. assert(ossl_quic_channel_is_handshake_complete(qc->ch));
  1417. return 1;
  1418. }
  1419. if (tls_wants_non_io_retry(qc)) {
  1420. QUIC_RAISE_NORMAL_ERROR(ctx, SSL_get_error(qc->tls, 0));
  1421. return -1;
  1422. }
  1423. /*
  1424. * Otherwise, indicate that the handshake isn't done yet.
  1425. * We can only get here in non-blocking mode.
  1426. */
  1427. QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
  1428. return -1; /* Non-protocol error */
  1429. }
  1430. QUIC_TAKES_LOCK
  1431. int ossl_quic_do_handshake(SSL *s)
  1432. {
  1433. int ret;
  1434. QCTX ctx;
  1435. if (!expect_quic(s, &ctx))
  1436. return 0;
  1437. quic_lock_for_io(&ctx);
  1438. ret = quic_do_handshake(&ctx);
  1439. quic_unlock(ctx.qc);
  1440. return ret;
  1441. }
  1442. /* SSL_connect */
  1443. int ossl_quic_connect(SSL *s)
  1444. {
  1445. /* Ensure we are in connect state (no-op if non-idle). */
  1446. ossl_quic_set_connect_state(s);
  1447. /* Begin or continue the handshake */
  1448. return ossl_quic_do_handshake(s);
  1449. }
  1450. /* SSL_accept */
  1451. int ossl_quic_accept(SSL *s)
  1452. {
  1453. /* Ensure we are in accept state (no-op if non-idle). */
  1454. ossl_quic_set_accept_state(s);
  1455. /* Begin or continue the handshake */
  1456. return ossl_quic_do_handshake(s);
  1457. }
  1458. /*
  1459. * QUIC Front-End I/O API: Stream Lifecycle Operations
  1460. * ===================================================
  1461. *
  1462. * SSL_stream_new => ossl_quic_conn_stream_new
  1463. *
  1464. */
  1465. /*
  1466. * Try to create the default XSO if it doesn't already exist. Returns 1 if the
  1467. * default XSO was created. Returns 0 if it was not (e.g. because it already
  1468. * exists). Note that this is NOT an error condition.
  1469. */
  1470. QUIC_NEEDS_LOCK
  1471. static int qc_try_create_default_xso_for_write(QCTX *ctx)
  1472. {
  1473. uint64_t flags = 0;
  1474. QUIC_CONNECTION *qc = ctx->qc;
  1475. if (qc->default_xso_created
  1476. || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
  1477. /*
  1478. * We only do this once. If the user detaches a previously created
  1479. * default XSO we don't auto-create another one.
  1480. */
  1481. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
  1482. /* Create a locally-initiated stream. */
  1483. if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
  1484. flags |= SSL_STREAM_FLAG_UNI;
  1485. qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(ctx, flags,
  1486. /*needs_lock=*/0),
  1487. /*touch=*/0);
  1488. if (qc->default_xso == NULL)
  1489. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1490. qc_touch_default_xso(qc);
  1491. return 1;
  1492. }
  1493. struct quic_wait_for_stream_args {
  1494. QUIC_CONNECTION *qc;
  1495. QUIC_STREAM *qs;
  1496. QCTX *ctx;
  1497. uint64_t expect_id;
  1498. };
  1499. QUIC_NEEDS_LOCK
  1500. static int quic_wait_for_stream(void *arg)
  1501. {
  1502. struct quic_wait_for_stream_args *args = arg;
  1503. if (!quic_mutation_allowed(args->qc, /*req_active=*/1)) {
  1504. /* If connection is torn down due to an error while blocking, stop. */
  1505. QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1506. return -1;
  1507. }
  1508. args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
  1509. args->expect_id | QUIC_STREAM_DIR_BIDI);
  1510. if (args->qs == NULL)
  1511. args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
  1512. args->expect_id | QUIC_STREAM_DIR_UNI);
  1513. if (args->qs != NULL)
  1514. return 1; /* stream now exists */
  1515. return 0; /* did not get a stream, keep trying */
  1516. }
  1517. QUIC_NEEDS_LOCK
  1518. static int qc_wait_for_default_xso_for_read(QCTX *ctx)
  1519. {
  1520. /* Called on a QCSO and we don't currently have a default stream. */
  1521. uint64_t expect_id;
  1522. QUIC_CONNECTION *qc = ctx->qc;
  1523. QUIC_STREAM *qs;
  1524. int res;
  1525. struct quic_wait_for_stream_args wargs;
  1526. OSSL_RTT_INFO rtt_info;
  1527. /*
  1528. * If default stream functionality is disabled or we already detached
  1529. * one, don't make another default stream and just fail.
  1530. */
  1531. if (qc->default_xso_created
  1532. || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
  1533. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
  1534. /*
  1535. * The peer may have opened a stream since we last ticked. So tick and
  1536. * see if the stream with ordinal 0 (remote, bidi/uni based on stream
  1537. * mode) exists yet. QUIC stream IDs must be allocated in order, so the
  1538. * first stream created by a peer must have an ordinal of 0.
  1539. */
  1540. expect_id = qc->as_server
  1541. ? QUIC_STREAM_INITIATOR_CLIENT
  1542. : QUIC_STREAM_INITIATOR_SERVER;
  1543. qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
  1544. expect_id | QUIC_STREAM_DIR_BIDI);
  1545. if (qs == NULL)
  1546. qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
  1547. expect_id | QUIC_STREAM_DIR_UNI);
  1548. if (qs == NULL) {
  1549. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
  1550. qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
  1551. expect_id);
  1552. }
  1553. if (qs == NULL) {
  1554. if (!qc_blocking_mode(qc))
  1555. /* Non-blocking mode, so just bail immediately. */
  1556. return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
  1557. /* Block until we have a stream. */
  1558. wargs.qc = qc;
  1559. wargs.qs = NULL;
  1560. wargs.ctx = ctx;
  1561. wargs.expect_id = expect_id;
  1562. res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
  1563. if (res == 0)
  1564. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1565. else if (res < 0 || wargs.qs == NULL)
  1566. /* quic_wait_for_stream raised error here */
  1567. return 0;
  1568. qs = wargs.qs;
  1569. }
  1570. /*
  1571. * We now have qs != NULL. Remove it from the incoming stream queue so that
  1572. * it isn't also returned by any future SSL_accept_stream calls.
  1573. */
  1574. ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
  1575. ossl_quic_stream_map_remove_from_accept_queue(ossl_quic_channel_get_qsm(qc->ch),
  1576. qs, rtt_info.smoothed_rtt);
  1577. /*
  1578. * Now make qs the default stream, creating the necessary XSO.
  1579. */
  1580. qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0);
  1581. if (qc->default_xso == NULL)
  1582. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1583. qc_touch_default_xso(qc); /* inhibits default XSO */
  1584. return 1;
  1585. }
  1586. QUIC_NEEDS_LOCK
  1587. static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
  1588. {
  1589. QUIC_XSO *xso = NULL;
  1590. if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL) {
  1591. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
  1592. goto err;
  1593. }
  1594. if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO)) {
  1595. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
  1596. goto err;
  1597. }
  1598. /* XSO refs QC */
  1599. if (!SSL_up_ref(&qc->ssl)) {
  1600. QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SSL_LIB, NULL);
  1601. goto err;
  1602. }
  1603. xso->conn = qc;
  1604. xso->ssl_mode = qc->default_ssl_mode;
  1605. xso->ssl_options
  1606. = qc->default_ssl_options & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
  1607. xso->last_error = SSL_ERROR_NONE;
  1608. xso->stream = qs;
  1609. ++qc->num_xso;
  1610. xso_update_options(xso);
  1611. return xso;
  1612. err:
  1613. OPENSSL_free(xso);
  1614. return NULL;
  1615. }
  1616. struct quic_new_stream_wait_args {
  1617. QUIC_CONNECTION *qc;
  1618. int is_uni;
  1619. };
  1620. static int quic_new_stream_wait(void *arg)
  1621. {
  1622. struct quic_new_stream_wait_args *args = arg;
  1623. QUIC_CONNECTION *qc = args->qc;
  1624. if (!quic_mutation_allowed(qc, /*req_active=*/1))
  1625. return -1;
  1626. if (ossl_quic_channel_is_new_local_stream_admissible(qc->ch, args->is_uni))
  1627. return 1;
  1628. return 0;
  1629. }
  1630. /* locking depends on need_lock */
  1631. static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock)
  1632. {
  1633. int ret;
  1634. QUIC_CONNECTION *qc = ctx->qc;
  1635. QUIC_XSO *xso = NULL;
  1636. QUIC_STREAM *qs = NULL;
  1637. int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
  1638. int no_blocking = ((flags & SSL_STREAM_FLAG_NO_BLOCK) != 0);
  1639. int advance = ((flags & SSL_STREAM_FLAG_ADVANCE) != 0);
  1640. if (need_lock)
  1641. quic_lock(qc);
  1642. if (!quic_mutation_allowed(qc, /*req_active=*/0)) {
  1643. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1644. goto err;
  1645. }
  1646. if (!advance
  1647. && !ossl_quic_channel_is_new_local_stream_admissible(qc->ch, is_uni)) {
  1648. struct quic_new_stream_wait_args args;
  1649. /*
  1650. * Stream count flow control currently doesn't permit this stream to be
  1651. * opened.
  1652. */
  1653. if (no_blocking || !qc_blocking_mode(qc)) {
  1654. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_STREAM_COUNT_LIMITED, NULL);
  1655. goto err;
  1656. }
  1657. args.qc = qc;
  1658. args.is_uni = is_uni;
  1659. /* Blocking mode - wait until we can get a stream. */
  1660. ret = block_until_pred(ctx->qc, quic_new_stream_wait, &args, 0);
  1661. if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
  1662. QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1663. goto err; /* Shutdown before completion */
  1664. } else if (ret <= 0) {
  1665. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1666. goto err; /* Non-protocol error */
  1667. }
  1668. }
  1669. qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni);
  1670. if (qs == NULL) {
  1671. QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1672. goto err;
  1673. }
  1674. xso = create_xso_from_stream(qc, qs);
  1675. if (xso == NULL)
  1676. goto err;
  1677. qc_touch_default_xso(qc); /* inhibits default XSO */
  1678. if (need_lock)
  1679. quic_unlock(qc);
  1680. return &xso->ssl;
  1681. err:
  1682. OPENSSL_free(xso);
  1683. ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs);
  1684. if (need_lock)
  1685. quic_unlock(qc);
  1686. return NULL;
  1687. }
  1688. QUIC_TAKES_LOCK
  1689. SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
  1690. {
  1691. QCTX ctx;
  1692. if (!expect_quic_conn_only(s, &ctx))
  1693. return NULL;
  1694. return quic_conn_stream_new(&ctx, flags, /*need_lock=*/1);
  1695. }
  1696. /*
  1697. * QUIC Front-End I/O API: Steady-State Operations
  1698. * ===============================================
  1699. *
  1700. * Here we dispatch calls to the steady-state front-end I/O API functions; that
  1701. * is, the functions used during the established phase of a QUIC connection
  1702. * (e.g. SSL_read, SSL_write).
  1703. *
  1704. * Each function must handle both blocking and non-blocking modes. As discussed
  1705. * above, all QUIC I/O is implemented using non-blocking mode internally.
  1706. *
  1707. * SSL_get_error => partially implemented by ossl_quic_get_error
  1708. * SSL_want => ossl_quic_want
  1709. * (BIO/)SSL_read => ossl_quic_read
  1710. * (BIO/)SSL_write => ossl_quic_write
  1711. * SSL_pending => ossl_quic_pending
  1712. * SSL_stream_conclude => ossl_quic_conn_stream_conclude
  1713. * SSL_key_update => ossl_quic_key_update
  1714. */
  1715. /* SSL_get_error */
  1716. int ossl_quic_get_error(const SSL *s, int i)
  1717. {
  1718. QCTX ctx;
  1719. int net_error, last_error;
  1720. if (!expect_quic(s, &ctx))
  1721. return 0;
  1722. quic_lock(ctx.qc);
  1723. net_error = ossl_quic_channel_net_error(ctx.qc->ch);
  1724. last_error = ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error;
  1725. quic_unlock(ctx.qc);
  1726. if (net_error)
  1727. return SSL_ERROR_SYSCALL;
  1728. return last_error;
  1729. }
  1730. /* Converts a code returned by SSL_get_error to a code returned by SSL_want. */
  1731. static int error_to_want(int error)
  1732. {
  1733. switch (error) {
  1734. case SSL_ERROR_WANT_CONNECT: /* never used - UDP is connectionless */
  1735. case SSL_ERROR_WANT_ACCEPT: /* never used - UDP is connectionless */
  1736. case SSL_ERROR_ZERO_RETURN:
  1737. default:
  1738. return SSL_NOTHING;
  1739. case SSL_ERROR_WANT_READ:
  1740. return SSL_READING;
  1741. case SSL_ERROR_WANT_WRITE:
  1742. return SSL_WRITING;
  1743. case SSL_ERROR_WANT_RETRY_VERIFY:
  1744. return SSL_RETRY_VERIFY;
  1745. case SSL_ERROR_WANT_CLIENT_HELLO_CB:
  1746. return SSL_CLIENT_HELLO_CB;
  1747. case SSL_ERROR_WANT_X509_LOOKUP:
  1748. return SSL_X509_LOOKUP;
  1749. }
  1750. }
  1751. /* SSL_want */
  1752. int ossl_quic_want(const SSL *s)
  1753. {
  1754. QCTX ctx;
  1755. int w;
  1756. if (!expect_quic(s, &ctx))
  1757. return SSL_NOTHING;
  1758. quic_lock(ctx.qc);
  1759. w = error_to_want(ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error);
  1760. quic_unlock(ctx.qc);
  1761. return w;
  1762. }
  1763. /*
  1764. * SSL_write
  1765. * ---------
  1766. *
  1767. * The set of functions below provide the implementation of the public SSL_write
  1768. * function. We must handle:
  1769. *
  1770. * - both blocking and non-blocking operation at the application level,
  1771. * depending on how we are configured;
  1772. *
  1773. * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
  1774. *
  1775. * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
  1776. *
  1777. */
  1778. QUIC_NEEDS_LOCK
  1779. static void quic_post_write(QUIC_XSO *xso, int did_append, int do_tick)
  1780. {
  1781. /*
  1782. * We have appended at least one byte to the stream.
  1783. * Potentially mark stream as active, depending on FC.
  1784. */
  1785. if (did_append)
  1786. ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
  1787. xso->stream);
  1788. /*
  1789. * Try and send.
  1790. *
  1791. * TODO(QUIC FUTURE): It is probably inefficient to try and do this
  1792. * immediately, plus we should eventually consider Nagle's algorithm.
  1793. */
  1794. if (do_tick)
  1795. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
  1796. }
  1797. struct quic_write_again_args {
  1798. QUIC_XSO *xso;
  1799. const unsigned char *buf;
  1800. size_t len;
  1801. size_t total_written;
  1802. int err;
  1803. };
  1804. /*
  1805. * Absolute maximum write buffer size, enforced to prevent a rogue peer from
  1806. * deliberately inducing DoS. This has been chosen based on the optimal buffer
  1807. * size for an RTT of 500ms and a bandwidth of 100 Mb/s.
  1808. */
  1809. #define MAX_WRITE_BUF_SIZE (6 * 1024 * 1024)
  1810. /*
  1811. * Ensure spare buffer space available (up until a limit, at least).
  1812. */
  1813. QUIC_NEEDS_LOCK
  1814. static int sstream_ensure_spare(QUIC_SSTREAM *sstream, uint64_t spare)
  1815. {
  1816. size_t cur_sz = ossl_quic_sstream_get_buffer_size(sstream);
  1817. size_t avail = ossl_quic_sstream_get_buffer_avail(sstream);
  1818. size_t spare_ = (spare > SIZE_MAX) ? SIZE_MAX : (size_t)spare;
  1819. size_t new_sz, growth;
  1820. if (spare_ <= avail || cur_sz == MAX_WRITE_BUF_SIZE)
  1821. return 1;
  1822. growth = spare_ - avail;
  1823. if (cur_sz + growth > MAX_WRITE_BUF_SIZE)
  1824. new_sz = MAX_WRITE_BUF_SIZE;
  1825. else
  1826. new_sz = cur_sz + growth;
  1827. return ossl_quic_sstream_set_buffer_size(sstream, new_sz);
  1828. }
  1829. /*
  1830. * Append to a QUIC_STREAM's QUIC_SSTREAM, ensuring buffer space is expanded
  1831. * as needed according to flow control.
  1832. */
  1833. QUIC_NEEDS_LOCK
  1834. static int xso_sstream_append(QUIC_XSO *xso, const unsigned char *buf,
  1835. size_t len, size_t *actual_written)
  1836. {
  1837. QUIC_SSTREAM *sstream = xso->stream->sstream;
  1838. uint64_t cur = ossl_quic_sstream_get_cur_size(sstream);
  1839. uint64_t cwm = ossl_quic_txfc_get_cwm(&xso->stream->txfc);
  1840. uint64_t permitted = (cwm >= cur ? cwm - cur : 0);
  1841. if (len > permitted)
  1842. len = (size_t)permitted;
  1843. if (!sstream_ensure_spare(sstream, len))
  1844. return 0;
  1845. return ossl_quic_sstream_append(sstream, buf, len, actual_written);
  1846. }
  1847. QUIC_NEEDS_LOCK
  1848. static int quic_write_again(void *arg)
  1849. {
  1850. struct quic_write_again_args *args = arg;
  1851. size_t actual_written = 0;
  1852. if (!quic_mutation_allowed(args->xso->conn, /*req_active=*/1))
  1853. /* If connection is torn down due to an error while blocking, stop. */
  1854. return -2;
  1855. if (!quic_validate_for_write(args->xso, &args->err))
  1856. /*
  1857. * Stream may have become invalid for write due to connection events
  1858. * while we blocked.
  1859. */
  1860. return -2;
  1861. args->err = ERR_R_INTERNAL_ERROR;
  1862. if (!xso_sstream_append(args->xso, args->buf, args->len, &actual_written))
  1863. return -2;
  1864. quic_post_write(args->xso, actual_written > 0, 0);
  1865. args->buf += actual_written;
  1866. args->len -= actual_written;
  1867. args->total_written += actual_written;
  1868. if (args->len == 0)
  1869. /* Written everything, done. */
  1870. return 1;
  1871. /* Not written everything yet, keep trying. */
  1872. return 0;
  1873. }
  1874. QUIC_NEEDS_LOCK
  1875. static int quic_write_blocking(QCTX *ctx, const void *buf, size_t len,
  1876. size_t *written)
  1877. {
  1878. int res;
  1879. QUIC_XSO *xso = ctx->xso;
  1880. struct quic_write_again_args args;
  1881. size_t actual_written = 0;
  1882. /* First make a best effort to append as much of the data as possible. */
  1883. if (!xso_sstream_append(xso, buf, len, &actual_written)) {
  1884. /* Stream already finished or allocation error. */
  1885. *written = 0;
  1886. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1887. }
  1888. quic_post_write(xso, actual_written > 0, 1);
  1889. if (actual_written == len) {
  1890. /* Managed to append everything on the first try. */
  1891. *written = actual_written;
  1892. return 1;
  1893. }
  1894. /*
  1895. * We did not manage to append all of the data immediately, so the stream
  1896. * buffer has probably filled up. This means we need to block until some of
  1897. * it is freed up.
  1898. */
  1899. args.xso = xso;
  1900. args.buf = (const unsigned char *)buf + actual_written;
  1901. args.len = len - actual_written;
  1902. args.total_written = 0;
  1903. args.err = ERR_R_INTERNAL_ERROR;
  1904. res = block_until_pred(xso->conn, quic_write_again, &args, 0);
  1905. if (res <= 0) {
  1906. if (!quic_mutation_allowed(xso->conn, /*req_active=*/1))
  1907. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  1908. else
  1909. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, args.err, NULL);
  1910. }
  1911. *written = args.total_written;
  1912. return 1;
  1913. }
  1914. /*
  1915. * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
  1916. * write semantics.
  1917. */
  1918. static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
  1919. size_t buf_len, size_t already_sent)
  1920. {
  1921. assert(!xso->aon_write_in_progress);
  1922. xso->aon_write_in_progress = 1;
  1923. xso->aon_buf_base = buf;
  1924. xso->aon_buf_pos = already_sent;
  1925. xso->aon_buf_len = buf_len;
  1926. }
  1927. static void aon_write_finish(QUIC_XSO *xso)
  1928. {
  1929. xso->aon_write_in_progress = 0;
  1930. xso->aon_buf_base = NULL;
  1931. xso->aon_buf_pos = 0;
  1932. xso->aon_buf_len = 0;
  1933. }
  1934. QUIC_NEEDS_LOCK
  1935. static int quic_write_nonblocking_aon(QCTX *ctx, const void *buf,
  1936. size_t len, size_t *written)
  1937. {
  1938. QUIC_XSO *xso = ctx->xso;
  1939. const void *actual_buf;
  1940. size_t actual_len, actual_written = 0;
  1941. int accept_moving_buffer
  1942. = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
  1943. if (xso->aon_write_in_progress) {
  1944. /*
  1945. * We are in the middle of an AON write (i.e., a previous write did not
  1946. * manage to append all data to the SSTREAM and we have Enable Partial
  1947. * Write (EPW) mode disabled.)
  1948. */
  1949. if ((!accept_moving_buffer && xso->aon_buf_base != buf)
  1950. || len != xso->aon_buf_len)
  1951. /*
  1952. * Pointer must not have changed if we are not in accept moving
  1953. * buffer mode. Length must never change.
  1954. */
  1955. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BAD_WRITE_RETRY, NULL);
  1956. actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
  1957. actual_len = len - xso->aon_buf_pos;
  1958. assert(actual_len > 0);
  1959. } else {
  1960. actual_buf = buf;
  1961. actual_len = len;
  1962. }
  1963. /* First make a best effort to append as much of the data as possible. */
  1964. if (!xso_sstream_append(xso, actual_buf, actual_len, &actual_written)) {
  1965. /* Stream already finished or allocation error. */
  1966. *written = 0;
  1967. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  1968. }
  1969. quic_post_write(xso, actual_written > 0, 1);
  1970. if (actual_written == actual_len) {
  1971. /* We have sent everything. */
  1972. if (xso->aon_write_in_progress) {
  1973. /*
  1974. * We have sent everything, and we were in the middle of an AON
  1975. * write. The output write length is the total length of the AON
  1976. * buffer, not however many bytes we managed to write to the stream
  1977. * in this call.
  1978. */
  1979. *written = xso->aon_buf_len;
  1980. aon_write_finish(xso);
  1981. } else {
  1982. *written = actual_written;
  1983. }
  1984. return 1;
  1985. }
  1986. if (xso->aon_write_in_progress) {
  1987. /*
  1988. * AON write is in progress but we have not written everything yet. We
  1989. * may have managed to send zero bytes, or some number of bytes less
  1990. * than the total remaining which need to be appended during this
  1991. * AON operation.
  1992. */
  1993. xso->aon_buf_pos += actual_written;
  1994. assert(xso->aon_buf_pos < xso->aon_buf_len);
  1995. return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
  1996. }
  1997. /*
  1998. * Not in an existing AON operation but partial write is not enabled, so we
  1999. * need to begin a new AON operation. However we needn't bother if we didn't
  2000. * actually append anything.
  2001. */
  2002. if (actual_written > 0)
  2003. aon_write_begin(xso, buf, len, actual_written);
  2004. /*
  2005. * AON - We do not publicly admit to having appended anything until AON
  2006. * completes.
  2007. */
  2008. *written = 0;
  2009. return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
  2010. }
  2011. QUIC_NEEDS_LOCK
  2012. static int quic_write_nonblocking_epw(QCTX *ctx, const void *buf, size_t len,
  2013. size_t *written)
  2014. {
  2015. QUIC_XSO *xso = ctx->xso;
  2016. /* Simple best effort operation. */
  2017. if (!xso_sstream_append(xso, buf, len, written)) {
  2018. /* Stream already finished or allocation error. */
  2019. *written = 0;
  2020. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  2021. }
  2022. quic_post_write(xso, *written > 0, 1);
  2023. return 1;
  2024. }
  2025. QUIC_NEEDS_LOCK
  2026. static int quic_validate_for_write(QUIC_XSO *xso, int *err)
  2027. {
  2028. QUIC_STREAM_MAP *qsm;
  2029. if (xso == NULL || xso->stream == NULL) {
  2030. *err = ERR_R_INTERNAL_ERROR;
  2031. return 0;
  2032. }
  2033. switch (xso->stream->send_state) {
  2034. default:
  2035. case QUIC_SSTREAM_STATE_NONE:
  2036. *err = SSL_R_STREAM_RECV_ONLY;
  2037. return 0;
  2038. case QUIC_SSTREAM_STATE_READY:
  2039. qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
  2040. if (!ossl_quic_stream_map_ensure_send_part_id(qsm, xso->stream)) {
  2041. *err = ERR_R_INTERNAL_ERROR;
  2042. return 0;
  2043. }
  2044. /* FALLTHROUGH */
  2045. case QUIC_SSTREAM_STATE_SEND:
  2046. case QUIC_SSTREAM_STATE_DATA_SENT:
  2047. case QUIC_SSTREAM_STATE_DATA_RECVD:
  2048. if (ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL)) {
  2049. *err = SSL_R_STREAM_FINISHED;
  2050. return 0;
  2051. }
  2052. return 1;
  2053. case QUIC_SSTREAM_STATE_RESET_SENT:
  2054. case QUIC_SSTREAM_STATE_RESET_RECVD:
  2055. *err = SSL_R_STREAM_RESET;
  2056. return 0;
  2057. }
  2058. }
  2059. QUIC_TAKES_LOCK
  2060. int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
  2061. {
  2062. int ret;
  2063. QCTX ctx;
  2064. int partial_write, err;
  2065. *written = 0;
  2066. if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/1, &ctx))
  2067. return 0;
  2068. partial_write = ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0);
  2069. if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) {
  2070. ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  2071. goto out;
  2072. }
  2073. /*
  2074. * If we haven't finished the handshake, try to advance it.
  2075. * We don't accept writes until the handshake is completed.
  2076. */
  2077. if (quic_do_handshake(&ctx) < 1) {
  2078. ret = 0;
  2079. goto out;
  2080. }
  2081. /* Ensure correct stream state, stream send part not concluded, etc. */
  2082. if (!quic_validate_for_write(ctx.xso, &err)) {
  2083. ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
  2084. goto out;
  2085. }
  2086. if (len == 0) {
  2087. ret = 1;
  2088. goto out;
  2089. }
  2090. if (xso_blocking_mode(ctx.xso))
  2091. ret = quic_write_blocking(&ctx, buf, len, written);
  2092. else if (partial_write)
  2093. ret = quic_write_nonblocking_epw(&ctx, buf, len, written);
  2094. else
  2095. ret = quic_write_nonblocking_aon(&ctx, buf, len, written);
  2096. out:
  2097. quic_unlock(ctx.qc);
  2098. return ret;
  2099. }
  2100. /*
  2101. * SSL_read
  2102. * --------
  2103. */
  2104. struct quic_read_again_args {
  2105. QCTX *ctx;
  2106. QUIC_STREAM *stream;
  2107. void *buf;
  2108. size_t len;
  2109. size_t *bytes_read;
  2110. int peek;
  2111. };
  2112. QUIC_NEEDS_LOCK
  2113. static int quic_validate_for_read(QUIC_XSO *xso, int *err, int *eos)
  2114. {
  2115. QUIC_STREAM_MAP *qsm;
  2116. *eos = 0;
  2117. if (xso == NULL || xso->stream == NULL) {
  2118. *err = ERR_R_INTERNAL_ERROR;
  2119. return 0;
  2120. }
  2121. switch (xso->stream->recv_state) {
  2122. default:
  2123. case QUIC_RSTREAM_STATE_NONE:
  2124. *err = SSL_R_STREAM_SEND_ONLY;
  2125. return 0;
  2126. case QUIC_RSTREAM_STATE_RECV:
  2127. case QUIC_RSTREAM_STATE_SIZE_KNOWN:
  2128. case QUIC_RSTREAM_STATE_DATA_RECVD:
  2129. return 1;
  2130. case QUIC_RSTREAM_STATE_DATA_READ:
  2131. *eos = 1;
  2132. return 0;
  2133. case QUIC_RSTREAM_STATE_RESET_RECVD:
  2134. qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
  2135. ossl_quic_stream_map_notify_app_read_reset_recv_part(qsm, xso->stream);
  2136. /* FALLTHROUGH */
  2137. case QUIC_RSTREAM_STATE_RESET_READ:
  2138. *err = SSL_R_STREAM_RESET;
  2139. return 0;
  2140. }
  2141. }
  2142. QUIC_NEEDS_LOCK
  2143. static int quic_read_actual(QCTX *ctx,
  2144. QUIC_STREAM *stream,
  2145. void *buf, size_t buf_len,
  2146. size_t *bytes_read,
  2147. int peek)
  2148. {
  2149. int is_fin = 0, err, eos;
  2150. QUIC_CONNECTION *qc = ctx->qc;
  2151. if (!quic_validate_for_read(ctx->xso, &err, &eos)) {
  2152. if (eos)
  2153. return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
  2154. else
  2155. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, err, NULL);
  2156. }
  2157. if (peek) {
  2158. if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
  2159. bytes_read, &is_fin))
  2160. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  2161. } else {
  2162. if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
  2163. bytes_read, &is_fin))
  2164. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  2165. }
  2166. if (!peek) {
  2167. if (*bytes_read > 0) {
  2168. /*
  2169. * We have read at least one byte from the stream. Inform stream-level
  2170. * RXFC of the retirement of controlled bytes. Update the active stream
  2171. * status (the RXFC may now want to emit a frame granting more credit to
  2172. * the peer).
  2173. */
  2174. OSSL_RTT_INFO rtt_info;
  2175. ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
  2176. if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
  2177. rtt_info.smoothed_rtt))
  2178. return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
  2179. }
  2180. if (is_fin && !peek) {
  2181. QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(ctx->qc->ch);
  2182. ossl_quic_stream_map_notify_totally_read(qsm, ctx->xso->stream);
  2183. }
  2184. if (*bytes_read > 0)
  2185. ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
  2186. stream);
  2187. }
  2188. if (*bytes_read == 0 && is_fin)
  2189. return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
  2190. return 1;
  2191. }
  2192. QUIC_NEEDS_LOCK
  2193. static int quic_read_again(void *arg)
  2194. {
  2195. struct quic_read_again_args *args = arg;
  2196. if (!quic_mutation_allowed(args->ctx->qc, /*req_active=*/1)) {
  2197. /* If connection is torn down due to an error while blocking, stop. */
  2198. QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  2199. return -1;
  2200. }
  2201. if (!quic_read_actual(args->ctx, args->stream,
  2202. args->buf, args->len, args->bytes_read,
  2203. args->peek))
  2204. return -1;
  2205. if (*args->bytes_read > 0)
  2206. /* got at least one byte, the SSL_read op can finish now */
  2207. return 1;
  2208. return 0; /* did not read anything, keep trying */
  2209. }
  2210. QUIC_TAKES_LOCK
  2211. static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
  2212. {
  2213. int ret, res;
  2214. QCTX ctx;
  2215. struct quic_read_again_args args;
  2216. *bytes_read = 0;
  2217. if (!expect_quic(s, &ctx))
  2218. return 0;
  2219. quic_lock_for_io(&ctx);
  2220. if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) {
  2221. ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  2222. goto out;
  2223. }
  2224. /* If we haven't finished the handshake, try to advance it. */
  2225. if (quic_do_handshake(&ctx) < 1) {
  2226. ret = 0; /* ossl_quic_do_handshake raised error here */
  2227. goto out;
  2228. }
  2229. if (ctx.xso == NULL) {
  2230. /*
  2231. * Called on a QCSO and we don't currently have a default stream.
  2232. *
  2233. * Wait until we get a stream initiated by the peer (blocking mode) or
  2234. * fail if we don't have one yet (non-blocking mode).
  2235. */
  2236. if (!qc_wait_for_default_xso_for_read(&ctx)) {
  2237. ret = 0; /* error already raised here */
  2238. goto out;
  2239. }
  2240. ctx.xso = ctx.qc->default_xso;
  2241. }
  2242. if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
  2243. ret = 0; /* quic_read_actual raised error here */
  2244. goto out;
  2245. }
  2246. if (*bytes_read > 0) {
  2247. /*
  2248. * Even though we succeeded, tick the reactor here to ensure we are
  2249. * handling other aspects of the QUIC connection.
  2250. */
  2251. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
  2252. ret = 1;
  2253. } else if (xso_blocking_mode(ctx.xso)) {
  2254. /*
  2255. * We were not able to read anything immediately, so our stream
  2256. * buffer is empty. This means we need to block until we get
  2257. * at least one byte.
  2258. */
  2259. args.ctx = &ctx;
  2260. args.stream = ctx.xso->stream;
  2261. args.buf = buf;
  2262. args.len = len;
  2263. args.bytes_read = bytes_read;
  2264. args.peek = peek;
  2265. res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
  2266. if (res == 0) {
  2267. ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
  2268. goto out;
  2269. } else if (res < 0) {
  2270. ret = 0; /* quic_read_again raised error here */
  2271. goto out;
  2272. }
  2273. ret = 1;
  2274. } else {
  2275. /*
  2276. * We did not get any bytes and are not in blocking mode.
  2277. * Tick to see if this delivers any more.
  2278. */
  2279. ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
  2280. /* Try the read again. */
  2281. if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
  2282. ret = 0; /* quic_read_actual raised error here */
  2283. goto out;
  2284. }
  2285. if (*bytes_read > 0)
  2286. ret = 1; /* Succeeded this time. */
  2287. else
  2288. ret = QUIC_RAISE_NORMAL_ERROR(&ctx, SSL_ERROR_WANT_READ);
  2289. }
  2290. out:
  2291. quic_unlock(ctx.qc);
  2292. return ret;
  2293. }
  2294. int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
  2295. {
  2296. return quic_read(s, buf, len, bytes_read, 0);
  2297. }
  2298. int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
  2299. {
  2300. return quic_read(s, buf, len, bytes_read, 1);
  2301. }
  2302. /*
  2303. * SSL_pending
  2304. * -----------
  2305. */
  2306. QUIC_TAKES_LOCK
  2307. static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
  2308. {
  2309. QCTX ctx;
  2310. size_t avail = 0;
  2311. int fin = 0;
  2312. if (!expect_quic(s, &ctx))
  2313. return 0;
  2314. quic_lock(ctx.qc);
  2315. if (ctx.xso == NULL) {
  2316. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_NO_STREAM, NULL);
  2317. goto out;
  2318. }
  2319. if (ctx.xso->stream == NULL
  2320. || !ossl_quic_stream_has_recv_buffer(ctx.xso->stream)) {
  2321. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
  2322. goto out;
  2323. }
  2324. if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin))
  2325. avail = 0;
  2326. if (avail == 0 && check_channel && ossl_quic_channel_has_pending(ctx.qc->ch))
  2327. avail = 1;
  2328. out:
  2329. quic_unlock(ctx.qc);
  2330. return avail;
  2331. }
  2332. size_t ossl_quic_pending(const SSL *s)
  2333. {
  2334. return ossl_quic_pending_int(s, /*check_channel=*/0);
  2335. }
  2336. int ossl_quic_has_pending(const SSL *s)
  2337. {
  2338. /* Do we have app-side pending data or pending URXEs or RXEs? */
  2339. return ossl_quic_pending_int(s, /*check_channel=*/1) > 0;
  2340. }
  2341. /*
  2342. * SSL_stream_conclude
  2343. * -------------------
  2344. */
  2345. QUIC_TAKES_LOCK
  2346. int ossl_quic_conn_stream_conclude(SSL *s)
  2347. {
  2348. QCTX ctx;
  2349. QUIC_STREAM *qs;
  2350. int err;
  2351. if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
  2352. return 0;
  2353. qs = ctx.xso->stream;
  2354. if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
  2355. quic_unlock(ctx.qc);
  2356. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  2357. }
  2358. if (!quic_validate_for_write(ctx.xso, &err)) {
  2359. quic_unlock(ctx.qc);
  2360. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
  2361. }
  2362. if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
  2363. quic_unlock(ctx.qc);
  2364. return 1;
  2365. }
  2366. ossl_quic_sstream_fin(qs->sstream);
  2367. quic_post_write(ctx.xso, 1, 1);
  2368. quic_unlock(ctx.qc);
  2369. return 1;
  2370. }
  2371. /*
  2372. * SSL_inject_net_dgram
  2373. * --------------------
  2374. */
  2375. QUIC_TAKES_LOCK
  2376. int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
  2377. size_t buf_len,
  2378. const BIO_ADDR *peer,
  2379. const BIO_ADDR *local)
  2380. {
  2381. int ret;
  2382. QCTX ctx;
  2383. QUIC_DEMUX *demux;
  2384. if (!expect_quic(s, &ctx))
  2385. return 0;
  2386. quic_lock(ctx.qc);
  2387. demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
  2388. ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
  2389. quic_unlock(ctx.qc);
  2390. return ret;
  2391. }
  2392. /*
  2393. * SSL_get0_connection
  2394. * -------------------
  2395. */
  2396. SSL *ossl_quic_get0_connection(SSL *s)
  2397. {
  2398. QCTX ctx;
  2399. if (!expect_quic(s, &ctx))
  2400. return NULL;
  2401. return &ctx.qc->ssl;
  2402. }
  2403. /*
  2404. * SSL_get_stream_type
  2405. * -------------------
  2406. */
  2407. int ossl_quic_get_stream_type(SSL *s)
  2408. {
  2409. QCTX ctx;
  2410. if (!expect_quic(s, &ctx))
  2411. return SSL_STREAM_TYPE_BIDI;
  2412. if (ctx.xso == NULL) {
  2413. /*
  2414. * If deferred XSO creation has yet to occur, proceed according to the
  2415. * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
  2416. * what kind of stream will be created yet, so return BIDI on the basis
  2417. * that at this time, the client still has the option of calling
  2418. * SSL_read() or SSL_write() first.
  2419. */
  2420. if (ctx.qc->default_xso_created
  2421. || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
  2422. return SSL_STREAM_TYPE_NONE;
  2423. else
  2424. return SSL_STREAM_TYPE_BIDI;
  2425. }
  2426. if (ossl_quic_stream_is_bidi(ctx.xso->stream))
  2427. return SSL_STREAM_TYPE_BIDI;
  2428. if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
  2429. return SSL_STREAM_TYPE_READ;
  2430. else
  2431. return SSL_STREAM_TYPE_WRITE;
  2432. }
  2433. /*
  2434. * SSL_get_stream_id
  2435. * -----------------
  2436. */
  2437. QUIC_TAKES_LOCK
  2438. uint64_t ossl_quic_get_stream_id(SSL *s)
  2439. {
  2440. QCTX ctx;
  2441. uint64_t id;
  2442. if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx))
  2443. return UINT64_MAX;
  2444. id = ctx.xso->stream->id;
  2445. quic_unlock(ctx.qc);
  2446. return id;
  2447. }
  2448. /*
  2449. * SSL_is_stream_local
  2450. * -------------------
  2451. */
  2452. QUIC_TAKES_LOCK
  2453. int ossl_quic_is_stream_local(SSL *s)
  2454. {
  2455. QCTX ctx;
  2456. int is_local;
  2457. if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx))
  2458. return -1;
  2459. is_local = ossl_quic_stream_is_local_init(ctx.xso->stream);
  2460. quic_unlock(ctx.qc);
  2461. return is_local;
  2462. }
  2463. /*
  2464. * SSL_set_default_stream_mode
  2465. * ---------------------------
  2466. */
  2467. QUIC_TAKES_LOCK
  2468. int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
  2469. {
  2470. QCTX ctx;
  2471. if (!expect_quic_conn_only(s, &ctx))
  2472. return 0;
  2473. quic_lock(ctx.qc);
  2474. if (ctx.qc->default_xso_created) {
  2475. quic_unlock(ctx.qc);
  2476. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
  2477. "too late to change default stream mode");
  2478. }
  2479. switch (mode) {
  2480. case SSL_DEFAULT_STREAM_MODE_NONE:
  2481. case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
  2482. case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
  2483. ctx.qc->default_stream_mode = mode;
  2484. break;
  2485. default:
  2486. quic_unlock(ctx.qc);
  2487. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
  2488. "bad default stream type");
  2489. }
  2490. quic_unlock(ctx.qc);
  2491. return 1;
  2492. }
  2493. /*
  2494. * SSL_detach_stream
  2495. * -----------------
  2496. */
  2497. QUIC_TAKES_LOCK
  2498. SSL *ossl_quic_detach_stream(SSL *s)
  2499. {
  2500. QCTX ctx;
  2501. QUIC_XSO *xso = NULL;
  2502. if (!expect_quic_conn_only(s, &ctx))
  2503. return NULL;
  2504. quic_lock(ctx.qc);
  2505. /* Calling this function inhibits default XSO autocreation. */
  2506. /* QC ref to any default XSO is transferred to us and to caller. */
  2507. qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso);
  2508. quic_unlock(ctx.qc);
  2509. return xso != NULL ? &xso->ssl : NULL;
  2510. }
  2511. /*
  2512. * SSL_attach_stream
  2513. * -----------------
  2514. */
  2515. QUIC_TAKES_LOCK
  2516. int ossl_quic_attach_stream(SSL *conn, SSL *stream)
  2517. {
  2518. QCTX ctx;
  2519. QUIC_XSO *xso;
  2520. int nref;
  2521. if (!expect_quic_conn_only(conn, &ctx))
  2522. return 0;
  2523. if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
  2524. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_NULL_PARAMETER,
  2525. "stream to attach must be a valid QUIC stream");
  2526. xso = (QUIC_XSO *)stream;
  2527. quic_lock(ctx.qc);
  2528. if (ctx.qc->default_xso != NULL) {
  2529. quic_unlock(ctx.qc);
  2530. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
  2531. "connection already has a default stream");
  2532. }
  2533. /*
  2534. * It is a caller error for the XSO being attached as a default XSO to have
  2535. * more than one ref.
  2536. */
  2537. if (!CRYPTO_GET_REF(&xso->ssl.references, &nref)) {
  2538. quic_unlock(ctx.qc);
  2539. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR,
  2540. "ref");
  2541. }
  2542. if (nref != 1) {
  2543. quic_unlock(ctx.qc);
  2544. return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
  2545. "stream being attached must have "
  2546. "only 1 reference");
  2547. }
  2548. /* Caller's reference to the XSO is transferred to us. */
  2549. /* Calling this function inhibits default XSO autocreation. */
  2550. qc_set_default_xso(ctx.qc, xso, /*touch=*/1);
  2551. quic_unlock(ctx.qc);
  2552. return 1;
  2553. }
  2554. /*
  2555. * SSL_set_incoming_stream_policy
  2556. * ------------------------------
  2557. */
  2558. QUIC_NEEDS_LOCK
  2559. static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc)
  2560. {
  2561. switch (qc->incoming_stream_policy) {
  2562. case SSL_INCOMING_STREAM_POLICY_AUTO:
  2563. if ((qc->default_xso == NULL && !qc->default_xso_created)
  2564. || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
  2565. return SSL_INCOMING_STREAM_POLICY_ACCEPT;
  2566. else
  2567. return SSL_INCOMING_STREAM_POLICY_REJECT;
  2568. default:
  2569. return qc->incoming_stream_policy;
  2570. }
  2571. }
  2572. QUIC_NEEDS_LOCK
  2573. static void qc_update_reject_policy(QUIC_CONNECTION *qc)
  2574. {
  2575. int policy = qc_get_effective_incoming_stream_policy(qc);
  2576. int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT);
  2577. ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch,
  2578. enable_reject,
  2579. qc->incoming_stream_aec);
  2580. }
  2581. QUIC_TAKES_LOCK
  2582. int ossl_quic_set_incoming_stream_policy(SSL *s, int policy,
  2583. uint64_t aec)
  2584. {
  2585. int ret = 1;
  2586. QCTX ctx;
  2587. if (!expect_quic_conn_only(s, &ctx))
  2588. return 0;
  2589. quic_lock(ctx.qc);
  2590. switch (policy) {
  2591. case SSL_INCOMING_STREAM_POLICY_AUTO:
  2592. case SSL_INCOMING_STREAM_POLICY_ACCEPT:
  2593. case SSL_INCOMING_STREAM_POLICY_REJECT:
  2594. ctx.qc->incoming_stream_policy = policy;
  2595. ctx.qc->incoming_stream_aec = aec;
  2596. break;
  2597. default:
  2598. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
  2599. ret = 0;
  2600. break;
  2601. }
  2602. qc_update_reject_policy(ctx.qc);
  2603. quic_unlock(ctx.qc);
  2604. return ret;
  2605. }
  2606. /*
  2607. * SSL_accept_stream
  2608. * -----------------
  2609. */
  2610. struct wait_for_incoming_stream_args {
  2611. QCTX *ctx;
  2612. QUIC_STREAM *qs;
  2613. };
  2614. QUIC_NEEDS_LOCK
  2615. static int wait_for_incoming_stream(void *arg)
  2616. {
  2617. struct wait_for_incoming_stream_args *args = arg;
  2618. QUIC_CONNECTION *qc = args->ctx->qc;
  2619. QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
  2620. if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
  2621. /* If connection is torn down due to an error while blocking, stop. */
  2622. QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
  2623. return -1;
  2624. }
  2625. args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
  2626. if (args->qs != NULL)
  2627. return 1; /* got a stream */
  2628. return 0; /* did not get a stream, keep trying */
  2629. }
  2630. QUIC_TAKES_LOCK
  2631. SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
  2632. {
  2633. QCTX ctx;
  2634. int ret;
  2635. SSL *new_s = NULL;
  2636. QUIC_STREAM_MAP *qsm;
  2637. QUIC_STREAM *qs;
  2638. QUIC_XSO *xso;
  2639. OSSL_RTT_INFO rtt_info;
  2640. if (!expect_quic_conn_only(s, &ctx))
  2641. return NULL;
  2642. quic_lock(ctx.qc);
  2643. if (qc_get_effective_incoming_stream_policy(ctx.qc)
  2644. == SSL_INCOMING_STREAM_POLICY_REJECT) {
  2645. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
  2646. goto out;
  2647. }
  2648. qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
  2649. qs = ossl_quic_stream_map_peek_accept_queue(qsm);
  2650. if (qs == NULL) {
  2651. if (qc_blocking_mode(ctx.qc)
  2652. && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
  2653. struct wait_for_incoming_stream_args args;
  2654. args.ctx = &ctx;
  2655. args.qs = NULL;
  2656. ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
  2657. if (ret == 0) {
  2658. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
  2659. goto out;
  2660. } else if (ret < 0 || args.qs == NULL) {
  2661. goto out;
  2662. }
  2663. qs = args.qs;
  2664. } else {
  2665. goto out;
  2666. }
  2667. }
  2668. xso = create_xso_from_stream(ctx.qc, qs);
  2669. if (xso == NULL)
  2670. goto out;
  2671. ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info);
  2672. ossl_quic_stream_map_remove_from_accept_queue(qsm, qs,
  2673. rtt_info.smoothed_rtt);
  2674. new_s = &xso->ssl;
  2675. /* Calling this function inhibits default XSO autocreation. */
  2676. qc_touch_default_xso(ctx.qc); /* inhibits default XSO */
  2677. out:
  2678. quic_unlock(ctx.qc);
  2679. return new_s;
  2680. }
  2681. /*
  2682. * SSL_get_accept_stream_queue_len
  2683. * -------------------------------
  2684. */
  2685. QUIC_TAKES_LOCK
  2686. size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
  2687. {
  2688. QCTX ctx;
  2689. size_t v;
  2690. if (!expect_quic_conn_only(s, &ctx))
  2691. return 0;
  2692. quic_lock(ctx.qc);
  2693. v = ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
  2694. quic_unlock(ctx.qc);
  2695. return v;
  2696. }
  2697. /*
  2698. * SSL_stream_reset
  2699. * ----------------
  2700. */
  2701. int ossl_quic_stream_reset(SSL *ssl,
  2702. const SSL_STREAM_RESET_ARGS *args,
  2703. size_t args_len)
  2704. {
  2705. QCTX ctx;
  2706. QUIC_STREAM_MAP *qsm;
  2707. QUIC_STREAM *qs;
  2708. uint64_t error_code;
  2709. int ok, err;
  2710. if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, /*io=*/0, &ctx))
  2711. return 0;
  2712. qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
  2713. qs = ctx.xso->stream;
  2714. error_code = (args != NULL ? args->quic_error_code : 0);
  2715. if (!quic_validate_for_write(ctx.xso, &err)) {
  2716. ok = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
  2717. goto err;
  2718. }
  2719. ok = ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code);
  2720. err:
  2721. quic_unlock(ctx.qc);
  2722. return ok;
  2723. }
  2724. /*
  2725. * SSL_get_stream_read_state
  2726. * -------------------------
  2727. */
  2728. static void quic_classify_stream(QUIC_CONNECTION *qc,
  2729. QUIC_STREAM *qs,
  2730. int is_write,
  2731. int *state,
  2732. uint64_t *app_error_code)
  2733. {
  2734. int local_init;
  2735. uint64_t final_size;
  2736. local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server);
  2737. if (app_error_code != NULL)
  2738. *app_error_code = UINT64_MAX;
  2739. else
  2740. app_error_code = &final_size; /* throw away value */
  2741. if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) {
  2742. /*
  2743. * Unidirectional stream and this direction of transmission doesn't
  2744. * exist.
  2745. */
  2746. *state = SSL_STREAM_STATE_WRONG_DIR;
  2747. } else if (ossl_quic_channel_is_term_any(qc->ch)) {
  2748. /* Connection already closed. */
  2749. *state = SSL_STREAM_STATE_CONN_CLOSED;
  2750. } else if (!is_write && qs->recv_state == QUIC_RSTREAM_STATE_DATA_READ) {
  2751. /* Application has read a FIN. */
  2752. *state = SSL_STREAM_STATE_FINISHED;
  2753. } else if ((!is_write && qs->stop_sending)
  2754. || (is_write && ossl_quic_stream_send_is_reset(qs))) {
  2755. /*
  2756. * Stream has been reset locally. FIN takes precedence over this for the
  2757. * read case as the application need not care if the stream is reset
  2758. * after a FIN has been successfully processed.
  2759. */
  2760. *state = SSL_STREAM_STATE_RESET_LOCAL;
  2761. *app_error_code = !is_write
  2762. ? qs->stop_sending_aec
  2763. : qs->reset_stream_aec;
  2764. } else if ((!is_write && ossl_quic_stream_recv_is_reset(qs))
  2765. || (is_write && qs->peer_stop_sending)) {
  2766. /*
  2767. * Stream has been reset remotely. */
  2768. *state = SSL_STREAM_STATE_RESET_REMOTE;
  2769. *app_error_code = !is_write
  2770. ? qs->peer_reset_stream_aec
  2771. : qs->peer_stop_sending_aec;
  2772. } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream,
  2773. &final_size)) {
  2774. /*
  2775. * Stream has been finished. Stream reset takes precedence over this for
  2776. * the write case as peer may not have received all data.
  2777. */
  2778. *state = SSL_STREAM_STATE_FINISHED;
  2779. } else {
  2780. /* Stream still healthy. */
  2781. *state = SSL_STREAM_STATE_OK;
  2782. }
  2783. }
  2784. static int quic_get_stream_state(SSL *ssl, int is_write)
  2785. {
  2786. QCTX ctx;
  2787. int state;
  2788. if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
  2789. return SSL_STREAM_STATE_NONE;
  2790. quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL);
  2791. quic_unlock(ctx.qc);
  2792. return state;
  2793. }
  2794. int ossl_quic_get_stream_read_state(SSL *ssl)
  2795. {
  2796. return quic_get_stream_state(ssl, /*is_write=*/0);
  2797. }
  2798. /*
  2799. * SSL_get_stream_write_state
  2800. * --------------------------
  2801. */
  2802. int ossl_quic_get_stream_write_state(SSL *ssl)
  2803. {
  2804. return quic_get_stream_state(ssl, /*is_write=*/1);
  2805. }
  2806. /*
  2807. * SSL_get_stream_read_error_code
  2808. * ------------------------------
  2809. */
  2810. static int quic_get_stream_error_code(SSL *ssl, int is_write,
  2811. uint64_t *app_error_code)
  2812. {
  2813. QCTX ctx;
  2814. int state;
  2815. if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
  2816. return -1;
  2817. quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0,
  2818. &state, app_error_code);
  2819. quic_unlock(ctx.qc);
  2820. switch (state) {
  2821. case SSL_STREAM_STATE_FINISHED:
  2822. return 0;
  2823. case SSL_STREAM_STATE_RESET_LOCAL:
  2824. case SSL_STREAM_STATE_RESET_REMOTE:
  2825. return 1;
  2826. default:
  2827. return -1;
  2828. }
  2829. }
  2830. int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code)
  2831. {
  2832. return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code);
  2833. }
  2834. /*
  2835. * SSL_get_stream_write_error_code
  2836. * -------------------------------
  2837. */
  2838. int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code)
  2839. {
  2840. return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code);
  2841. }
  2842. /*
  2843. * Write buffer size mutation
  2844. * --------------------------
  2845. */
  2846. int ossl_quic_set_write_buffer_size(SSL *ssl, size_t size)
  2847. {
  2848. int ret = 0;
  2849. QCTX ctx;
  2850. if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
  2851. return 0;
  2852. if (!ossl_quic_stream_has_send(ctx.xso->stream)) {
  2853. /* Called on a unidirectional receive-only stream - error. */
  2854. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
  2855. goto out;
  2856. }
  2857. if (!ossl_quic_stream_has_send_buffer(ctx.xso->stream)) {
  2858. /*
  2859. * If the stream has a send part but we have disposed of it because we
  2860. * no longer need it, this is a no-op.
  2861. */
  2862. ret = 1;
  2863. goto out;
  2864. }
  2865. if (!ossl_quic_sstream_set_buffer_size(ctx.xso->stream->sstream, size)) {
  2866. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
  2867. goto out;
  2868. }
  2869. ret = 1;
  2870. out:
  2871. quic_unlock(ctx.qc);
  2872. return ret;
  2873. }
  2874. /*
  2875. * SSL_get_conn_close_info
  2876. * -----------------------
  2877. */
  2878. int ossl_quic_get_conn_close_info(SSL *ssl,
  2879. SSL_CONN_CLOSE_INFO *info,
  2880. size_t info_len)
  2881. {
  2882. QCTX ctx;
  2883. const QUIC_TERMINATE_CAUSE *tc;
  2884. if (!expect_quic_conn_only(ssl, &ctx))
  2885. return -1;
  2886. tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
  2887. if (tc == NULL)
  2888. return 0;
  2889. info->error_code = tc->error_code;
  2890. info->frame_type = tc->frame_type;
  2891. info->reason = tc->reason;
  2892. info->reason_len = tc->reason_len;
  2893. info->flags = 0;
  2894. if (!tc->remote)
  2895. info->flags |= SSL_CONN_CLOSE_FLAG_LOCAL;
  2896. if (!tc->app)
  2897. info->flags |= SSL_CONN_CLOSE_FLAG_TRANSPORT;
  2898. return 1;
  2899. }
  2900. /*
  2901. * SSL_key_update
  2902. * --------------
  2903. */
  2904. int ossl_quic_key_update(SSL *ssl, int update_type)
  2905. {
  2906. QCTX ctx;
  2907. if (!expect_quic_conn_only(ssl, &ctx))
  2908. return 0;
  2909. switch (update_type) {
  2910. case SSL_KEY_UPDATE_NOT_REQUESTED:
  2911. /*
  2912. * QUIC signals peer key update implicily by triggering a local
  2913. * spontaneous TXKU. Silently upgrade this to SSL_KEY_UPDATE_REQUESTED.
  2914. */
  2915. case SSL_KEY_UPDATE_REQUESTED:
  2916. break;
  2917. default:
  2918. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
  2919. return 0;
  2920. }
  2921. quic_lock(ctx.qc);
  2922. /* Attempt to perform a TXKU. */
  2923. if (!ossl_quic_channel_trigger_txku(ctx.qc->ch)) {
  2924. QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_TOO_MANY_KEY_UPDATES, NULL);
  2925. quic_unlock(ctx.qc);
  2926. return 0;
  2927. }
  2928. quic_unlock(ctx.qc);
  2929. return 1;
  2930. }
  2931. /*
  2932. * SSL_get_key_update_type
  2933. * -----------------------
  2934. */
  2935. int ossl_quic_get_key_update_type(const SSL *s)
  2936. {
  2937. /*
  2938. * We always handle key updates immediately so a key update is never
  2939. * pending.
  2940. */
  2941. return SSL_KEY_UPDATE_NONE;
  2942. }
  2943. /*
  2944. * QUIC Front-End I/O API: SSL_CTX Management
  2945. * ==========================================
  2946. */
  2947. long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
  2948. {
  2949. switch (cmd) {
  2950. default:
  2951. return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
  2952. }
  2953. }
  2954. long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
  2955. {
  2956. QCTX ctx;
  2957. if (!expect_quic_conn_only(s, &ctx))
  2958. return 0;
  2959. switch (cmd) {
  2960. case SSL_CTRL_SET_MSG_CALLBACK:
  2961. ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp,
  2962. &ctx.qc->ssl);
  2963. /* This callback also needs to be set on the internal SSL object */
  2964. return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);;
  2965. default:
  2966. /* Probably a TLS related ctrl. Defer to our internal SSL object */
  2967. return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);
  2968. }
  2969. }
  2970. long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
  2971. {
  2972. return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
  2973. }
  2974. int ossl_quic_renegotiate_check(SSL *ssl, int initok)
  2975. {
  2976. /* We never do renegotiation. */
  2977. return 0;
  2978. }
  2979. const SSL_CIPHER *ossl_quic_get_cipher_by_char(const unsigned char *p)
  2980. {
  2981. const SSL_CIPHER *ciph = ssl3_get_cipher_by_char(p);
  2982. if ((ciph->algorithm2 & SSL_QUIC) == 0)
  2983. return NULL;
  2984. return ciph;
  2985. }
  2986. /*
  2987. * These functions define the TLSv1.2 (and below) ciphers that are supported by
  2988. * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
  2989. */
  2990. int ossl_quic_num_ciphers(void)
  2991. {
  2992. return 0;
  2993. }
  2994. const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
  2995. {
  2996. return NULL;
  2997. }
  2998. /*
  2999. * SSL_get_shutdown()
  3000. * ------------------
  3001. */
  3002. int ossl_quic_get_shutdown(const SSL *s)
  3003. {
  3004. QCTX ctx;
  3005. int shut = 0;
  3006. if (!expect_quic_conn_only(s, &ctx))
  3007. return 0;
  3008. if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
  3009. shut |= SSL_SENT_SHUTDOWN;
  3010. if (!ossl_quic_channel_is_closing(ctx.qc->ch))
  3011. shut |= SSL_RECEIVED_SHUTDOWN;
  3012. }
  3013. return shut;
  3014. }
  3015. /*
  3016. * Internal Testing APIs
  3017. * =====================
  3018. */
  3019. QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s)
  3020. {
  3021. QCTX ctx;
  3022. if (!expect_quic_conn_only(s, &ctx))
  3023. return NULL;
  3024. return ctx.qc->ch;
  3025. }