]> git.ipfire.org Git - thirdparty/openssl.git/blame - ssl/quic/quic_impl.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
QUIC MSMT TESTS: Add tests to exercise MAX_STREAMS
[thirdparty/openssl.git] / ssl / quic / quic_impl.c
CommitLineData
99e1cc7b
TM		 1/*
2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/macros.h>
11#include <openssl/objects.h>
22d53c88
HL		 12#include <openssl/sslerr.h>
13#include <crypto/rand.h>
99e1cc7b 14#include "quic_local.h"
2723d705 15#include "internal/quic_tls.h"
22d53c88
HL		 16#include "internal/quic_rx_depack.h"
17#include "internal/quic_error.h"
18#include "internal/time.h"
99e1cc7b 19
cb5c208b 20static void aon_write_finish(QUIC_XSO *xso);
23c04709 21static int create_channel(QUIC_CONNECTION *qc);
21c80696 22static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
8b7be3aa
HL		 23static int qc_try_create_default_xso_for_write(QUIC_CONNECTION *qc);
24static int qc_wait_for_default_xso_for_read(QUIC_CONNECTION *qc);
25static void quic_lock(QUIC_CONNECTION *qc);
26static void quic_unlock(QUIC_CONNECTION *qc);
27static int quic_do_handshake(QUIC_CONNECTION *qc);
995ff282
HL		 28static void qc_update_reject_policy(QUIC_CONNECTION *qc);
29static void qc_touch_default_xso(QUIC_CONNECTION *qc);
30static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch);
9cab4bd5
HL		 31static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
32 int touch, QUIC_XSO **old_xso);
13ac037d
HL		 33static SSL *quic_conn_stream_new(QUIC_CONNECTION *qc, uint64_t flags,
34 int need_lock);
22d53c88
HL		 35
36/*
37 * QUIC Front-End I/O API: Common Utilities
38 * ========================================
39 */
40
41/*
42 * Block until a predicate is met.
43 *
44 * Precondition: Must have a channel.
d7b1fadd 45 * Precondition: Must hold channel lock (unchecked).
22d53c88 46 */
d7b1fadd 47QUIC_NEEDS_LOCK
22d53c88
HL		 48static int block_until_pred(QUIC_CONNECTION *qc,
49 int (*pred)(void *arg), void *pred_arg,
50 uint32_t flags)
51{
52 QUIC_REACTOR *rtor;
53
54 assert(qc->ch != NULL);
55
56 rtor = ossl_quic_channel_get_reactor(qc->ch);
c019e1ef 57 return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
4847599b 58 qc->mutex);
22d53c88
HL		 59}
60
61/*
62 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
63 * rather than via ERR.
64 */
65static int quic_raise_normal_error(QUIC_CONNECTION *qc,
66 int err)
67{
68 qc->last_error = err;
69 return 0;
70}
71
72/*
73 * Raise a 'non-normal' error, meaning any error that is not reported via
74 * SSL_get_error() and must be reported via ERR.
e88cdb8e
HL		 75 *
76 * qc should be provided if available. In exceptional circumstances when qc is
77 * not known NULL may be passed. This should generally only happen when an
78 * expect_...() function defined below fails, which generally indicates a
79 * dispatch error or caller error.
22d53c88
HL		 80 */
81static int quic_raise_non_normal_error(QUIC_CONNECTION *qc,
82 const char *file,
83 int line,
84 const char *func,
85 int reason,
86 const char *fmt,
87 ...)
88{
89 va_list args;
90
91 ERR_new();
92 ERR_set_debug(file, line, func);
93
94 va_start(args, fmt);
95 ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
96 va_end(args);
97
e88cdb8e
HL		 98 if (qc != NULL)
99 qc->last_error = SSL_ERROR_SSL;
100
22d53c88
HL		 101 return 0;
102}
103
104#define QUIC_RAISE_NORMAL_ERROR(qc, err) \
105 quic_raise_normal_error((qc), (err))
106
107#define QUIC_RAISE_NON_NORMAL_ERROR(qc, reason, msg) \
108 quic_raise_non_normal_error((qc), \
109 OPENSSL_FILE, OPENSSL_LINE, \
110 OPENSSL_FUNC, \
111 (reason), \
112 (msg))
113
114/*
e88cdb8e
HL		 115 * QCTX is a utility structure which provides information we commonly wish to
116 * unwrap upon an API call being dispatched to us, namely:
117 *
118 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
119 * was passed);
120 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
121 * a QCSO with a default stream was passed);
122 * - whether a QSSO was passed (xso == NULL must not be used to determine this
123 * because it may be non-NULL when a QCSO is passed if that QCSO has a
124 * default stream).
125 */
126typedef struct qctx_st {
127 QUIC_CONNECTION *qc;
128 QUIC_XSO *xso;
129 int is_stream;
130} QCTX;
131
132/*
133 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
134 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
135 *
136 * After this returns 1, all fields of the passed QCTX are initialised.
137 * Returns 0 on failure. This function is intended to be used to provide API
138 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
22d53c88 139 */
e88cdb8e 140static int expect_quic(const SSL *s, QCTX *ctx)
22d53c88 141{
e88cdb8e
HL		 142 QUIC_CONNECTION *qc;
143 QUIC_XSO *xso;
144
145 ctx->qc = NULL;
146 ctx->xso = NULL;
147 ctx->is_stream = 0;
148
149 if (s == NULL)
8b7be3aa 150 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
22d53c88 151
e88cdb8e
HL		 152 switch (s->type) {
153 case SSL_TYPE_QUIC_CONNECTION:
154 qc = (QUIC_CONNECTION *)s;
155 ctx->qc = qc;
cb5c208b 156 ctx->xso = qc->default_xso;
e88cdb8e
HL		 157 ctx->is_stream = 0;
158 return 1;
159
160 case SSL_TYPE_QUIC_XSO:
161 xso = (QUIC_XSO *)s;
cb5c208b 162 ctx->qc = xso->conn;
e88cdb8e
HL		 163 ctx->xso = xso;
164 ctx->is_stream = 1;
165 return 1;
166
167 default:
168 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
169 }
170}
171
172/*
173 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
174 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
175 * stream.
21c80696
HL		 176 *
177 * remote_init determines if we expect the default XSO to be remotely created or
178 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
8b7be3aa
HL		 179 *
180 * Channel mutex is acquired and retained on success.
e88cdb8e 181 */
8b7be3aa
HL		 182QUIC_ACQUIRES_LOCK
183static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
184 QCTX *ctx)
e88cdb8e
HL		 185{
186 if (!expect_quic(s, ctx))
187 return 0;
188
8b7be3aa
HL		 189 quic_lock(ctx->qc);
190
21c80696 191 if (ctx->xso == NULL && remote_init >= 0) {
8b7be3aa
HL		 192 if (ossl_quic_channel_is_term_any(ctx->qc->ch)) {
193 QUIC_RAISE_NON_NORMAL_ERROR(ctx->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
194 goto err;
195 }
196
197 /* If we haven't finished the handshake, try to advance it. */
198 if (quic_do_handshake(ctx->qc) < 1)
199 /* ossl_quic_do_handshake raised error here */
200 goto err;
201
202 if (remote_init == 0) {
203 if (!qc_try_create_default_xso_for_write(ctx->qc))
204 goto err;
205 } else {
206 if (!qc_wait_for_default_xso_for_read(ctx->qc))
207 goto err;
208 }
209
21c80696
HL		 210 ctx->xso = ctx->qc->default_xso;
211 }
212
8b7be3aa
HL		 213 if (ctx->xso == NULL) {
214 QUIC_RAISE_NON_NORMAL_ERROR(ctx->qc, SSL_R_NO_STREAM, NULL);
215 goto err;
216 }
217
218 return 1; /* lock held */
e88cdb8e 219
8b7be3aa
HL		 220err:
221 quic_unlock(ctx->qc);
222 return 0;
e88cdb8e 223}
22d53c88 224
e88cdb8e
HL		 225/*
226 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
227 * be non-NULL if the QCSO has a default stream.
228 */
23c04709 229static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx)
e88cdb8e
HL		 230{
231 if (!expect_quic(s, ctx))
232 return 0;
233
234 if (ctx->is_stream)
8b7be3aa 235 return QUIC_RAISE_NON_NORMAL_ERROR(ctx->qc, SSL_R_CONN_USE_ONLY, NULL);
e88cdb8e
HL		 236
237 return 1;
22d53c88
HL		 238}
239
4847599b
HL		 240/*
241 * Ensures that the channel mutex is held for a method which touches channel
242 * state.
243 *
244 * Precondition: Channel mutex is not held (unchecked)
245 */
20f45743 246static void quic_lock(QUIC_CONNECTION *qc)
4847599b 247{
ffce2946 248 ossl_crypto_mutex_lock(qc->mutex);
4847599b
HL		 249}
250
251/* Precondition: Channel mutex is held (unchecked) */
252QUIC_NEEDS_LOCK
253static void quic_unlock(QUIC_CONNECTION *qc)
254{
ffce2946 255 ossl_crypto_mutex_unlock(qc->mutex);
4847599b
HL		 256}
257
258
22d53c88
HL		 259/*
260 * QUIC Front-End I/O API: Initialization
261 * ======================================
262 *
263 * SSL_new => ossl_quic_new
264 * ossl_quic_init
265 * SSL_reset => ossl_quic_reset
266 * SSL_clear => ossl_quic_clear
267 * ossl_quic_deinit
268 * SSL_free => ossl_quic_free
269 *
270 */
271
272/* SSL_new */
38b051a1
TM		 273SSL *ossl_quic_new(SSL_CTX *ctx)
274{
22d53c88
HL		 275 QUIC_CONNECTION *qc = NULL;
276 SSL *ssl_base = NULL;
a7f41885 277 SSL_CONNECTION *sc = NULL;
38b051a1
TM		 278
279 qc = OPENSSL_zalloc(sizeof(*qc));
280 if (qc == NULL)
281 goto err;
282
22d53c88
HL		 283 /* Initialise the QUIC_CONNECTION's stub header. */
284 ssl_base = &qc->ssl;
a7f41885 285 if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
22d53c88 286 ssl_base = NULL;
38b051a1
TM		 287 goto err;
288 }
38b051a1 289
4e3a55fd 290 qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
a7f41885
MC		 291 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL)
292 goto err;
a7f41885 293
ffce2946 294 if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)
4847599b
HL		 295 goto err;
296
f2f7c4f1
HL		 297 qc->is_thread_assisted
298 = (ssl_base->method == OSSL_QUIC_client_thread_method());
299
dfb9ae14
HL		 300 qc->as_server = 0; /* TODO(QUIC): server support */
301 qc->as_server_state = qc->as_server;
302
8b7be3aa 303 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
21c80696
HL		 304 qc->default_ssl_mode = qc->ssl.ctx->mode;
305 qc->default_blocking = 1;
83df44ae 306 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO;
21c80696 307 qc->last_error = SSL_ERROR_NONE;
a7f41885 308
23c04709
HL		 309 if (!create_channel(qc))
310 goto err;
311
995ff282
HL		 312 qc_update_reject_policy(qc);
313
21c80696
HL		 314 /*
315 * We do not create the default XSO yet. The reason for this is that the
316 * stream ID of the default XSO will depend on whether the stream is client
317 * or server-initiated, which depends on who transmits first. Since we do
318 * not know whether the application will be using a client-transmits-first
319 * or server-transmits-first protocol, we defer default XSO creation until
320 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
321 * we take that as a cue that the client is expecting a server-initiated
322 * stream, and vice versa if SSL_write() is called first.
323 */
22d53c88
HL		 324 return ssl_base;
325
38b051a1 326err:
2dbc39de
HL		 327 if (qc != NULL) {
328 ossl_quic_channel_free(qc->ch);
329 SSL_free(qc->tls);
330 }
22d53c88 331 OPENSSL_free(qc);
38b051a1
TM		 332 return NULL;
333}
334
22d53c88 335/* SSL_free */
a8489257 336QUIC_TAKES_LOCK
22d53c88
HL		 337void ossl_quic_free(SSL *s)
338{
072328dd 339 QCTX ctx;
9cab4bd5 340 int is_default;
22d53c88 341
072328dd
HL		 342 /* We should never be called on anything but a QSO. */
343 if (!expect_quic(s, &ctx))
22d53c88
HL		 344 return;
345
22b1a96f
HL		 346 quic_lock(ctx.qc);
347
2dbc39de
HL		 348 if (ctx.is_stream) {
349 /*
350 * When a QSSO is freed, the XSO is freed immediately, because the XSO
351 * itself only contains API personality layer data. However the
352 * underlying QUIC_STREAM is not freed immediately but is instead marked
353 * as deleted for later collection.
354 */
355
2dbc39de
HL		 356 assert(ctx.qc->num_xso > 0);
357 --ctx.qc->num_xso;
358
9aaafc26
HL		 359 /* If a stream's send part has not been finished, auto-reset it. */
360 if (ctx.xso->stream->sstream != NULL
361 && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL))
362 ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
363 ctx.xso->stream, 0);
2dbc39de 364
9aaafc26
HL		 365 /* Do STOP_SENDING for the receive part, if applicable. */
366 if (ctx.xso->stream->rstream != NULL)
367 ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
368 ctx.xso->stream, 0);
f20fdd16
HL		 369
370 /* Update stream state. */
9aaafc26
HL		 371 ctx.xso->stream->deleted = 1;
372 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch),
f20fdd16
HL		 373 ctx.xso->stream);
374
9cab4bd5 375 is_default = (ctx.xso == ctx.qc->default_xso);
2dbc39de
HL		 376 quic_unlock(ctx.qc);
377
9cab4bd5
HL		 378 /*
379 * Unref the connection in most cases; the XSO has a ref to the QC and
380 * not vice versa. But for a default XSO, to avoid circular references,
381 * the QC refs the XSO but the XSO does not ref the QC. If we are the
382 * default XSO, we only get here when the QC is being torn down anyway,
383 * so don't call SSL_free(qc) as we are already in it.
384 */
385 if (!is_default)
386 SSL_free(&ctx.qc->ssl);
387
2dbc39de
HL		 388 /* Note: SSL_free calls OPENSSL_free(xso) for us */
389 return;
390 }
391
2dbc39de
HL		 392 /*
393 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
394 * stage, but is freed during the channel free when the whole QSM is freed.
395 */
21c80696
HL		 396 if (ctx.qc->default_xso != NULL) {
397 QUIC_XSO *xso = ctx.qc->default_xso;
398
399 quic_unlock(ctx.qc);
400 SSL_free(&xso->ssl);
401 quic_lock(ctx.qc);
9cab4bd5 402 ctx.qc->default_xso = NULL;
21c80696 403 }
2dbc39de
HL		 404
405 /* Ensure we have no remaining XSOs. */
406 assert(ctx.qc->num_xso == 0);
407
072328dd
HL		 408 if (ctx.qc->is_thread_assisted && ctx.qc->started) {
409 ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
410 ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
dbe7b51a 411 }
f2f7c4f1 412
072328dd 413 ossl_quic_channel_free(ctx.qc->ch);
22d53c88 414
072328dd
HL		 415 BIO_free(ctx.qc->net_rbio);
416 BIO_free(ctx.qc->net_wbio);
d1ac77b1 417
22d53c88 418 /* Note: SSL_free calls OPENSSL_free(qc) for us */
a7f41885 419
072328dd
HL		 420 SSL_free(ctx.qc->tls);
421 ossl_crypto_mutex_free(&ctx.qc->mutex); /* freed while still locked */
22d53c88
HL		 422}
423
424/* SSL method init */
38b051a1 425int ossl_quic_init(SSL *s)
99e1cc7b 426{
22d53c88
HL		 427 /* Same op as SSL_clear, forward the call. */
428 return ossl_quic_clear(s);
99e1cc7b
TM		 429}
430
22d53c88 431/* SSL method deinit */
38b051a1
TM		 432void ossl_quic_deinit(SSL *s)
433{
22d53c88 434 /* No-op. */
38b051a1
TM		 435}
436
22d53c88
HL		 437/* SSL_reset */
438int ossl_quic_reset(SSL *s)
439{
072328dd 440 QCTX ctx;
22d53c88 441
072328dd 442 if (!expect_quic(s, &ctx))
22d53c88
HL		 443 return 0;
444
c8b3fdc2 445 /* TODO(QUIC); Currently a no-op. */
22d53c88
HL		 446 return 1;
447}
448
449/* SSL_clear */
450int ossl_quic_clear(SSL *s)
99e1cc7b 451{
072328dd 452 QCTX ctx;
38b051a1 453
072328dd 454 if (!expect_quic(s, &ctx))
22d53c88
HL		 455 return 0;
456
c8b3fdc2 457 /* TODO(QUIC): Currently a no-op. */
22d53c88
HL		 458 return 1;
459}
38b051a1 460
b212d554
HL		 461void ossl_quic_conn_set_override_now_cb(SSL *s,
462 OSSL_TIME (*now_cb)(void *arg),
463 void *now_cb_arg)
464{
072328dd 465 QCTX ctx;
b212d554 466
072328dd
HL		 467 if (!expect_quic(s, &ctx))
468 return;
469
470 ctx.qc->override_now_cb = now_cb;
471 ctx.qc->override_now_cb_arg = now_cb_arg;
b212d554
HL		 472}
473
3b1ab5a3
HL		 474void ossl_quic_conn_force_assist_thread_wake(SSL *s)
475{
072328dd
HL		 476 QCTX ctx;
477
478 if (!expect_quic(s, &ctx))
479 return;
3b1ab5a3 480
072328dd
HL		 481 if (ctx.qc->is_thread_assisted && ctx.qc->started)
482 ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
3b1ab5a3
HL		 483}
484
995ff282
HL		 485QUIC_NEEDS_LOCK
486static void qc_touch_default_xso(QUIC_CONNECTION *qc)
487{
488 qc->default_xso_created = 1;
489 qc_update_reject_policy(qc);
490}
491
9cab4bd5
HL		 492/*
493 * Changes default XSO. Allows caller to keep reference to the old default XSO
494 * (if any). Reference to new XSO is transferred from caller.
495 */
995ff282 496QUIC_NEEDS_LOCK
9cab4bd5
HL		 497static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
498 int touch,
499 QUIC_XSO **old_xso)
995ff282 500{
9cab4bd5
HL		 501 int refs;
502
503 *old_xso = NULL;
504
505 if (qc->default_xso != xso) {
506 *old_xso = qc->default_xso; /* transfer old XSO ref to caller */
507
508 qc->default_xso = xso;
509
510 if (xso == NULL) {
511 /*
512 * Changing to not having a default XSO. XSO becomes standalone and
513 * now has a ref to the QC.
514 */
515 if (!ossl_assert(SSL_up_ref(&qc->ssl)))
516 return;
517 } else {
518 /*
519 * Changing from not having a default XSO to having one. The new XSO
520 * will have had a reference to the QC we need to drop to avoid a
521 * circular reference.
3a61a96c
HL		 522 *
523 * Currently we never change directly from one default XSO to
524 * another, though this function would also still be correct if this
525 * weren't the case.
9cab4bd5 526 */
3a61a96c
HL		 527 assert(*old_xso == NULL);
528
9cab4bd5
HL		 529 CRYPTO_DOWN_REF(&qc->ssl.references, &refs, &qc->ssl.lock);
530 assert(refs > 0);
531 }
532 }
533
995ff282
HL		 534 if (touch)
535 qc_touch_default_xso(qc);
536}
537
9cab4bd5
HL		 538/*
539 * Changes default XSO, releasing the reference to any previous default XSO.
540 * Reference to new XSO is transferred from caller.
541 */
542QUIC_NEEDS_LOCK
543static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch)
544{
545 QUIC_XSO *old_xso = NULL;
546
547 qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso);
548
549 if (old_xso != NULL)
550 SSL_free(&old_xso->ssl);
551}
552
22d53c88
HL		 553/*
554 * QUIC Front-End I/O API: Network BIO Configuration
555 * =================================================
556 *
557 * Handling the different BIOs is difficult:
558 *
559 * - It is more or less a requirement that we use non-blocking network I/O;
560 * we need to be able to have timeouts on recv() calls, and make best effort
561 * (non blocking) send() and recv() calls.
562 *
563 * The only sensible way to do this is to configure the socket into
564 * non-blocking mode. We could try to do select() before calling send() or
565 * recv() to get a guarantee that the call will not block, but this will
566 * probably run into issues with buggy OSes which generate spurious socket
567 * readiness events. In any case, relying on this to work reliably does not
568 * seem sane.
569 *
570 * Timeouts could be handled via setsockopt() socket timeout options, but
571 * this depends on OS support and adds another syscall to every network I/O
572 * operation. It also has obvious thread safety concerns if we want to move
573 * to concurrent use of a single socket at some later date.
574 *
575 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
576 * be made non-blocking. However some OSes (e.g. Windows) do not support
577 * this, so we cannot rely on this.
578 *
579 * As such, we need to configure any FD in non-blocking mode. This may
580 * confound users who pass a blocking socket to libssl. However, in practice
581 * it would be extremely strange for a user of QUIC to pass an FD to us,
582 * then also try and send receive traffic on the same socket(!). Thus the
583 * impact of this should be limited, and can be documented.
584 *
585 * - We support both blocking and non-blocking operation in terms of the API
586 * presented to the user. One prospect is to set the blocking mode based on
587 * whether the socket passed to us was already in blocking mode. However,
588 * Windows has no API for determining if a socket is in blocking mode (!),
589 * therefore this cannot be done portably. Currently therefore we expose an
590 * explicit API call to set this, and default to blocking mode.
591 *
592 * - We need to determine our initial destination UDP address. The "natural"
593 * way for a user to do this is to set the peer variable on a BIO_dgram.
594 * However, this has problems because BIO_dgram's peer variable is used for
595 * both transmission and reception. This means it can be constantly being
596 * changed to a malicious value (e.g. if some random unrelated entity on the
597 * network starts sending traffic to us) on every read call. This is not a
598 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
599 * calls only, which do not use this variable. However, we do need to let
600 * the user specify the peer in a 'normal' manner. The compromise here is
601 * that we grab the current peer value set at the time the write BIO is set
602 * and do not read the value again.
603 *
604 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
605 * Currently we do this by only supporting non-blocking mode.
606 *
607 */
608
609/*
610 * Determines what initial destination UDP address we should use, if possible.
611 * If this fails the client must set the destination address manually, or use a
612 * BIO which does not need a destination address.
613 */
614static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
615{
75b2920a 616 if (BIO_dgram_get_peer(net_wbio, peer) <= 0)
22d53c88
HL		 617 return 0;
618
619 return 1;
620}
621
072328dd 622void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
22d53c88 623{
072328dd
HL		 624 QCTX ctx;
625
626 if (!expect_quic(s, &ctx))
627 return;
628
629 if (ctx.qc->net_rbio == net_rbio)
38b051a1 630 return;
38b051a1 631
23c04709 632 if (!ossl_quic_channel_set_net_rbio(ctx.qc->ch, net_rbio))
22d53c88
HL		 633 return;
634
072328dd
HL		 635 BIO_free(ctx.qc->net_rbio);
636 ctx.qc->net_rbio = net_rbio;
22d53c88
HL		 637
638 /*
639 * If what we have is not pollable (e.g. a BIO_dgram_pair) disable blocking
640 * mode as we do not support it for non-pollable BIOs.
641 */
642 if (net_rbio != NULL) {
643 BIO_POLL_DESCRIPTOR d = {0};
644
645 if (!BIO_get_rpoll_descriptor(net_rbio, &d)
646 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
cb5c208b
HL		 647 ctx.qc->blocking = 0;
648 ctx.qc->default_blocking = 0;
072328dd 649 ctx.qc->can_poll_net_rbio = 0;
22d53c88 650 } else {
072328dd 651 ctx.qc->can_poll_net_rbio = 1;
22d53c88
HL		 652 }
653 }
99e1cc7b
TM		 654}
655
072328dd 656void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
38b051a1 657{
072328dd
HL		 658 QCTX ctx;
659
660 if (!expect_quic(s, &ctx))
22d53c88
HL		 661 return;
662
072328dd 663 if (ctx.qc->net_wbio == net_wbio)
22d53c88
HL		 664 return;
665
23c04709 666 if (!ossl_quic_channel_set_net_wbio(ctx.qc->ch, net_wbio))
072328dd
HL		 667 return;
668
669 BIO_free(ctx.qc->net_wbio);
670 ctx.qc->net_wbio = net_wbio;
22d53c88
HL		 671
672 if (net_wbio != NULL) {
673 BIO_POLL_DESCRIPTOR d = {0};
38b051a1 674
22d53c88
HL		 675 if (!BIO_get_wpoll_descriptor(net_wbio, &d)
676 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
cb5c208b
HL		 677 ctx.qc->blocking = 0;
678 ctx.qc->default_blocking = 0;
072328dd 679 ctx.qc->can_poll_net_wbio = 0;
22d53c88 680 } else {
072328dd 681 ctx.qc->can_poll_net_wbio = 1;
22d53c88 682 }
38b051a1 683
22d53c88
HL		 684 /*
685 * If we do not have a peer address yet, and we have not started trying
686 * to connect yet, try to autodetect one.
687 */
072328dd
HL		 688 if (BIO_ADDR_family(&ctx.qc->init_peer_addr) == AF_UNSPEC
689 && !ctx.qc->started) {
690 if (!csm_analyse_init_peer_addr(net_wbio, &ctx.qc->init_peer_addr))
22d53c88 691 /* best effort */
072328dd 692 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88 693
23c04709
HL		 694 ossl_quic_channel_set_peer_addr(ctx.qc->ch,
695 &ctx.qc->init_peer_addr);
22d53c88 696 }
38b051a1 697 }
22d53c88 698}
38b051a1 699
072328dd 700BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
22d53c88 701{
072328dd
HL		 702 QCTX ctx;
703
704 if (!expect_quic(s, &ctx))
705 return NULL;
706
707 return ctx.qc->net_rbio;
38b051a1
TM		 708}
709
072328dd 710BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
22d53c88 711{
072328dd
HL		 712 QCTX ctx;
713
714 if (!expect_quic(s, &ctx))
715 return NULL;
716
717 return ctx.qc->net_wbio;
22d53c88
HL		 718}
719
072328dd 720int ossl_quic_conn_get_blocking_mode(const SSL *s)
99e1cc7b 721{
072328dd
HL		 722 QCTX ctx;
723
724 if (!expect_quic(s, &ctx))
725 return 0;
726
cb5c208b
HL		 727 if (ctx.is_stream)
728 return ctx.xso->blocking;
729
072328dd 730 return ctx.qc->blocking;
22d53c88
HL		 731}
732
072328dd 733int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
22d53c88 734{
072328dd
HL		 735 QCTX ctx;
736
737 if (!expect_quic(s, &ctx))
738 return 0;
739
22d53c88
HL		 740 /* Cannot enable blocking mode if we do not have pollable FDs. */
741 if (blocking != 0 &&
072328dd
HL		 742 (!ctx.qc->can_poll_net_rbio || !ctx.qc->can_poll_net_wbio))
743 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_UNSUPPORTED, NULL);
22d53c88 744
cb5c208b
HL		 745 if (!ctx.is_stream) {
746 /*
747 * If called on a QCSO, update default and connection-level blocking
748 * modes.
749 */
750 ctx.qc->blocking = (blocking != 0);
751 ctx.qc->default_blocking = ctx.qc->blocking;
752 }
753
754 if (ctx.xso != NULL)
755 /*
756 * If called on a QSSO or QCSO with a default XSO, update blocking
757 * mode.
758 */
759 ctx.xso->blocking = (blocking != 0);
760
99e1cc7b
TM		 761 return 1;
762}
763
072328dd 764int ossl_quic_conn_set_initial_peer_addr(SSL *s,
22d53c88 765 const BIO_ADDR *peer_addr)
99e1cc7b 766{
072328dd
HL		 767 QCTX ctx;
768
769 if (!expect_quic(s, &ctx))
770 return 0;
771
772 if (ctx.qc->started)
773 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
22d53c88 774 NULL);
38b051a1 775
22d53c88 776 if (peer_addr == NULL) {
072328dd 777 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88
HL		 778 return 1;
779 }
38b051a1 780
072328dd 781 ctx.qc->init_peer_addr = *peer_addr;
99e1cc7b
TM		 782 return 1;
783}
784
22d53c88
HL		 785/*
786 * QUIC Front-End I/O API: Asynchronous I/O Management
787 * ===================================================
788 *
789 * (BIO/)SSL_tick => ossl_quic_tick
790 * (BIO/)SSL_get_tick_timeout => ossl_quic_get_tick_timeout
791 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
792 *
793 */
794
795/* Returns 1 if the connection is being used in blocking mode. */
cb5c208b 796static int qc_blocking_mode(const QUIC_CONNECTION *qc)
99e1cc7b 797{
22d53c88
HL		 798 return qc->blocking;
799}
38b051a1 800
cb5c208b
HL		 801static int xso_blocking_mode(const QUIC_XSO *xso)
802{
803 return xso->blocking
804 && xso->conn->can_poll_net_rbio
805 && xso->conn->can_poll_net_wbio;
806}
807
22d53c88 808/* SSL_tick; ticks the reactor. */
a8489257 809QUIC_TAKES_LOCK
072328dd 810int ossl_quic_tick(SSL *s)
22d53c88 811{
072328dd
HL		 812 QCTX ctx;
813
814 if (!expect_quic(s, &ctx))
815 return 0;
816
817 quic_lock(ctx.qc);
072328dd
HL		 818 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
819 quic_unlock(ctx.qc);
99e1cc7b
TM		 820 return 1;
821}
822
22d53c88
HL		 823/*
824 * SSL_get_tick_timeout. Get the time in milliseconds until the SSL object
825 * should be ticked by the application by calling SSL_tick(). tv is set to 0 if
826 * the object should be ticked immediately and tv->tv_sec is set to -1 if no
827 * timeout is currently active.
828 */
a8489257 829QUIC_TAKES_LOCK
072328dd 830int ossl_quic_get_tick_timeout(SSL *s, struct timeval *tv)
99e1cc7b 831{
072328dd 832 QCTX ctx;
a1660c94 833 OSSL_TIME deadline = ossl_time_infinite();
e44795bd 834
072328dd
HL		 835 if (!expect_quic(s, &ctx))
836 return 0;
a8489257 837
072328dd
HL		 838 quic_lock(ctx.qc);
839
23c04709
HL		 840 deadline
841 = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
22d53c88
HL		 842
843 if (ossl_time_is_infinite(deadline)) {
844 tv->tv_sec = -1;
845 tv->tv_usec = 0;
072328dd 846 quic_unlock(ctx.qc);
22d53c88
HL		 847 return 1;
848 }
849
a1660c94 850 *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, ossl_time_now()));
072328dd 851 quic_unlock(ctx.qc);
22d53c88
HL		 852 return 1;
853}
854
855/* SSL_get_rpoll_descriptor */
072328dd 856int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
22d53c88 857{
072328dd
HL		 858 QCTX ctx;
859
860 if (!expect_quic(s, &ctx))
e44795bd
TM		 861 return 0;
862
072328dd
HL		 863 if (desc == NULL || ctx.qc->net_rbio == NULL)
864 return 0;
865
866 return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
99e1cc7b
TM		 867}
868
22d53c88 869/* SSL_get_wpoll_descriptor */
072328dd 870int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
99e1cc7b 871{
072328dd
HL		 872 QCTX ctx;
873
874 if (!expect_quic(s, &ctx))
875 return 0;
876
877 if (desc == NULL || ctx.qc->net_wbio == NULL)
22d53c88
HL		 878 return 0;
879
072328dd 880 return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
99e1cc7b
TM		 881}
882
b639475a 883/* SSL_net_read_desired */
a8489257 884QUIC_TAKES_LOCK
072328dd 885int ossl_quic_get_net_read_desired(SSL *s)
99e1cc7b 886{
072328dd 887 QCTX ctx;
a8489257
HL		 888 int ret;
889
072328dd
HL		 890 if (!expect_quic(s, &ctx))
891 return 0;
892
893 quic_lock(ctx.qc);
072328dd
HL		 894 ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
895 quic_unlock(ctx.qc);
a8489257 896 return ret;
22d53c88 897}
e44795bd 898
b639475a 899/* SSL_net_write_desired */
a8489257 900QUIC_TAKES_LOCK
072328dd 901int ossl_quic_get_net_write_desired(SSL *s)
22d53c88 902{
a8489257 903 int ret;
072328dd
HL		 904 QCTX ctx;
905
906 if (!expect_quic(s, &ctx))
907 return 0;
a8489257 908
072328dd 909 quic_lock(ctx.qc);
072328dd
HL		 910 ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
911 quic_unlock(ctx.qc);
a8489257 912 return ret;
99e1cc7b
TM		 913}
914
22d53c88
HL		 915/*
916 * QUIC Front-End I/O API: Connection Lifecycle Operations
917 * =======================================================
918 *
919 * SSL_do_handshake => ossl_quic_do_handshake
920 * SSL_set_connect_state => ossl_quic_set_connect_state
921 * SSL_set_accept_state => ossl_quic_set_accept_state
922 * SSL_shutdown => ossl_quic_shutdown
923 * SSL_ctrl => ossl_quic_ctrl
924 * (BIO/)SSL_connect => ossl_quic_connect
925 * (BIO/)SSL_accept => ossl_quic_accept
926 *
927 */
928
929/* SSL_shutdown */
e8043229 930static int quic_shutdown_wait(void *arg)
99e1cc7b 931{
e8043229 932 QUIC_CONNECTION *qc = arg;
22d53c88 933
23c04709 934 return ossl_quic_channel_is_terminated(qc->ch);
e8043229 935}
22d53c88 936
a8489257 937QUIC_TAKES_LOCK
072328dd 938int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
e8043229
HL		 939 const SSL_SHUTDOWN_EX_ARGS *args,
940 size_t args_len)
941{
a8489257 942 int ret;
072328dd 943 QCTX ctx;
a8489257 944
072328dd
HL		 945 if (!expect_quic(s, &ctx))
946 return 0;
947
cb5c208b
HL		 948 if (ctx.is_stream)
949 /* TODO(QUIC): Semantics currently undefined for QSSOs */
950 return -1;
951
072328dd 952 quic_lock(ctx.qc);
a8489257 953
072328dd 954 ossl_quic_channel_local_close(ctx.qc->ch,
e8043229
HL		 955 args != NULL ? args->quic_error_code : 0);
956
1d40b151 957 /* TODO(QUIC): !SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH */
e8043229 958
072328dd
HL		 959 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
960 quic_unlock(ctx.qc);
e8043229 961 return 1;
a8489257 962 }
e8043229 963
cb5c208b 964 if (qc_blocking_mode(ctx.qc) && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0)
072328dd 965 block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
e8043229 966 else
072328dd 967 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
e8043229 968
072328dd
HL		 969 ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
970 quic_unlock(ctx.qc);
a8489257 971 return ret;
99e1cc7b
TM		 972}
973
22d53c88 974/* SSL_ctrl */
e44795bd 975long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
99e1cc7b 976{
072328dd 977 QCTX ctx;
38b051a1 978
072328dd 979 if (!expect_quic(s, &ctx))
38b051a1
TM		 980 return 0;
981
22d53c88
HL		 982 switch (cmd) {
983 case SSL_CTRL_MODE:
cb5c208b
HL		 984 /* If called on a QCSO, update the default mode. */
985 if (!ctx.is_stream)
986 ctx.qc->default_ssl_mode |= (uint32_t)larg;
987
988 /*
989 * If we were called on a QSSO or have a default stream, we also update
990 * that.
991 */
992 if (ctx.xso != NULL) {
993 /* Cannot enable EPW while AON write in progress. */
994 if (ctx.xso->aon_write_in_progress)
995 larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
996
997 ctx.xso->ssl_mode |= (uint32_t)larg;
998 return ctx.xso->ssl_mode;
999 }
dfc227bd 1000
cb5c208b 1001 return ctx.qc->default_ssl_mode;
22d53c88 1002 case SSL_CTRL_CLEAR_MODE:
cb5c208b
HL		 1003 if (!ctx.is_stream)
1004 ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
1005
1006 if (ctx.xso != NULL) {
1007 ctx.xso->ssl_mode &= ~(uint32_t)larg;
1008 return ctx.xso->ssl_mode;
1009 }
1010
1011 return ctx.qc->default_ssl_mode;
22d53c88 1012 default:
f8ffab0d 1013 /* Probably a TLS related ctrl. Defer to our internal SSL object */
072328dd 1014 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
08e49012 1015 }
22d53c88
HL		 1016}
1017
1018/* SSL_set_connect_state */
072328dd 1019void ossl_quic_set_connect_state(SSL *s)
22d53c88 1020{
072328dd
HL		 1021 QCTX ctx;
1022
1023 if (!expect_quic(s, &ctx))
1024 return;
1025
22d53c88 1026 /* Cannot be changed after handshake started */
cb5c208b 1027 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 1028 return;
1029
dfb9ae14 1030 ctx.qc->as_server_state = 0;
22d53c88
HL		 1031}
1032
1033/* SSL_set_accept_state */
072328dd 1034void ossl_quic_set_accept_state(SSL *s)
22d53c88 1035{
072328dd
HL		 1036 QCTX ctx;
1037
1038 if (!expect_quic(s, &ctx))
1039 return;
1040
22d53c88 1041 /* Cannot be changed after handshake started */
cb5c208b 1042 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 1043 return;
1044
dfb9ae14 1045 ctx.qc->as_server_state = 1;
22d53c88
HL		 1046}
1047
1048/* SSL_do_handshake */
1049struct quic_handshake_wait_args {
1050 QUIC_CONNECTION *qc;
1051};
1052
1053static int quic_handshake_wait(void *arg)
1054{
1055 struct quic_handshake_wait_args *args = arg;
1056
1057 if (!ossl_quic_channel_is_active(args->qc->ch))
1058 return -1;
1059
1060 if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
1061 return 1;
1062
99e1cc7b
TM		 1063 return 0;
1064}
1065
22d53c88 1066static int configure_channel(QUIC_CONNECTION *qc)
99e1cc7b 1067{
22d53c88 1068 assert(qc->ch != NULL);
08e49012 1069
d1ac77b1
HL		 1070 if (!ossl_quic_channel_set_net_rbio(qc->ch, qc->net_rbio)
1071 || !ossl_quic_channel_set_net_wbio(qc->ch, qc->net_wbio)
22d53c88
HL		 1072 || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
1073 return 0;
1074
1075 return 1;
1076}
1077
4847599b 1078QUIC_NEEDS_LOCK
23c04709 1079static int create_channel(QUIC_CONNECTION *qc)
22d53c88
HL		 1080{
1081 QUIC_CHANNEL_ARGS args = {0};
1082
22d53c88
HL		 1083 args.libctx = qc->ssl.ctx->libctx;
1084 args.propq = qc->ssl.ctx->propq;
23c04709 1085 args.is_server = qc->as_server;
2723d705 1086 args.tls = qc->tls;
ffce2946 1087 args.mutex = qc->mutex;
b212d554
HL		 1088 args.now_cb = qc->override_now_cb;
1089 args.now_cb_arg = qc->override_now_cb_arg;
22d53c88
HL		 1090
1091 qc->ch = ossl_quic_channel_new(&args);
1092 if (qc->ch == NULL)
1093 return 0;
1094
e8043229
HL		 1095 return 1;
1096}
1097
1098/*
1099 * Creates a channel and configures it with the information we have accumulated
1100 * via calls made to us from the application prior to starting a handshake
1101 * attempt.
1102 */
4847599b 1103QUIC_NEEDS_LOCK
23c04709 1104static int ensure_channel_started(QUIC_CONNECTION *qc)
e8043229 1105{
ffce2946 1106 if (!qc->started) {
ffce2946
HL		 1107 if (!configure_channel(qc)
1108 || !ossl_quic_channel_start(qc->ch))
1109 goto err;
f2f7c4f1 1110
ffce2946
HL		 1111 if (qc->is_thread_assisted)
1112 if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch))
1113 goto err;
1114 }
1115
22d53c88
HL		 1116 qc->started = 1;
1117 return 1;
f2f7c4f1
HL		 1118
1119err:
1120 ossl_quic_channel_free(qc->ch);
1121 qc->ch = NULL;
1122 return 0;
99e1cc7b
TM		 1123}
1124
4a530180
HL		 1125QUIC_NEEDS_LOCK
1126static int quic_do_handshake(QUIC_CONNECTION *qc)
99e1cc7b 1127{
22d53c88
HL		 1128 int ret;
1129
23c04709 1130 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1131 /* Handshake already completed. */
4a530180 1132 return 1;
ca41f6b7 1133
23c04709 1134 if (ossl_quic_channel_is_term_any(qc->ch))
4a530180 1135 return QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1136
ca41f6b7 1137 if (BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
22d53c88 1138 /* Peer address must have been set. */
44a1ac5d 1139 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
4a530180 1140 return -1; /* Non-protocol error */
ca41f6b7 1141 }
22d53c88 1142
dfb9ae14 1143 if (qc->as_server != qc->as_server_state) {
23c04709 1144 /* TODO(QUIC): Must match the method used to create the QCSO */
ca41f6b7 1145 QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
4a530180 1146 return -1; /* Non-protocol error */
ca41f6b7 1147 }
22d53c88 1148
ca41f6b7 1149 if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
22d53c88 1150 /* Need read and write BIOs. */
44a1ac5d 1151 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_BIO_NOT_SET, NULL);
4a530180 1152 return -1; /* Non-protocol error */
ca41f6b7 1153 }
22d53c88
HL		 1154
1155 /*
1156 * Start connection process. Note we may come here multiple times in
1157 * non-blocking mode, which is fine.
1158 */
23c04709 1159 if (!ensure_channel_started(qc)) {
ca41f6b7 1160 QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1161 return -1; /* Non-protocol error */
ca41f6b7 1162 }
22d53c88 1163
4a530180 1164 if (ossl_quic_channel_is_handshake_complete(qc->ch))
22d53c88 1165 /* The handshake is now done. */
4a530180 1166 return 1;
22d53c88 1167
cb5c208b 1168 if (qc_blocking_mode(qc)) {
22d53c88
HL		 1169 /* In blocking mode, wait for the handshake to complete. */
1170 struct quic_handshake_wait_args args;
1171
1172 args.qc = qc;
1173
1174 ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
ca41f6b7
HL		 1175 if (!ossl_quic_channel_is_active(qc->ch)) {
1176 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
4a530180 1177 return 0; /* Shutdown before completion */
ca41f6b7
HL		 1178 } else if (ret <= 0) {
1179 QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1180 return -1; /* Non-protocol error */
ca41f6b7 1181 }
22d53c88
HL		 1182
1183 assert(ossl_quic_channel_is_handshake_complete(qc->ch));
4a530180 1184 return 1;
22d53c88 1185 } else {
ca41f6b7 1186 /* Try to advance the reactor. */
ccd31037 1187 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
ca41f6b7 1188
4a530180 1189 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1190 /* The handshake is now done. */
4a530180 1191 return 1;
ca41f6b7 1192
22d53c88 1193 /* Otherwise, indicate that the handshake isn't done yet. */
ca41f6b7 1194 QUIC_RAISE_NORMAL_ERROR(qc, SSL_ERROR_WANT_READ);
4a530180 1195 return -1; /* Non-protocol error */
22d53c88 1196 }
4a530180 1197}
a8489257 1198
4a530180 1199QUIC_TAKES_LOCK
072328dd 1200int ossl_quic_do_handshake(SSL *s)
4a530180
HL		 1201{
1202 int ret;
072328dd 1203 QCTX ctx;
4a530180 1204
072328dd
HL		 1205 if (!expect_quic(s, &ctx))
1206 return 0;
1207
1208 quic_lock(ctx.qc);
4a530180 1209
072328dd
HL		 1210 ret = quic_do_handshake(ctx.qc);
1211 quic_unlock(ctx.qc);
a8489257 1212 return ret;
99e1cc7b
TM		 1213}
1214
22d53c88
HL		 1215/* SSL_connect */
1216int ossl_quic_connect(SSL *s)
99e1cc7b 1217{
22d53c88 1218 /* Ensure we are in connect state (no-op if non-idle). */
072328dd 1219 ossl_quic_set_connect_state(s);
22d53c88
HL		 1220
1221 /* Begin or continue the handshake */
072328dd 1222 return ossl_quic_do_handshake(s);
99e1cc7b
TM		 1223}
1224
22d53c88
HL		 1225/* SSL_accept */
1226int ossl_quic_accept(SSL *s)
99e1cc7b 1227{
22d53c88 1228 /* Ensure we are in accept state (no-op if non-idle). */
072328dd 1229 ossl_quic_set_accept_state(s);
22d53c88
HL		 1230
1231 /* Begin or continue the handshake */
072328dd 1232 return ossl_quic_do_handshake(s);
99e1cc7b 1233}
e44795bd 1234
cb5c208b
HL		 1235/*
1236 * QUIC Front-End I/O API: Stream Lifecycle Operations
1237 * ===================================================
1238 *
1239 * SSL_stream_new => ossl_quic_conn_stream_new
1240 *
1241 */
21c80696
HL		 1242
1243/*
1244 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1245 * default XSO was created. Returns 0 if it was not (e.g. because it already
1246 * exists). Note that this is NOT an error condition.
1247 */
1248QUIC_NEEDS_LOCK
8b7be3aa 1249static int qc_try_create_default_xso_for_write(QUIC_CONNECTION *qc)
21c80696 1250{
8b7be3aa 1251 uint64_t flags = 0;
21c80696 1252
8b7be3aa
HL		 1253 if (qc->default_xso_created
1254 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
21c80696
HL		 1255 /*
1256 * We only do this once. If the user detaches a previously created
1257 * default XSO we don't auto-create another one.
1258 */
8b7be3aa 1259 return QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_NO_STREAM, NULL);
21c80696 1260
8b7be3aa
HL		 1261 /* Create a locally-initiated stream. */
1262 if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1263 flags |= SSL_STREAM_FLAG_UNI;
1264
13ac037d
HL		 1265 qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(qc, flags,
1266 /*needs_lock=*/0),
995ff282 1267 /*touch=*/0);
8b7be3aa
HL		 1268 if (qc->default_xso == NULL)
1269 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1270
995ff282 1271 qc_touch_default_xso(qc);
8b7be3aa
HL		 1272 return 1;
1273}
1274
1275struct quic_wait_for_stream_args {
1276 QUIC_CONNECTION *qc;
1277 QUIC_STREAM *qs;
1278 uint64_t expect_id;
1279};
1280
1281QUIC_NEEDS_LOCK
1282static int quic_wait_for_stream(void *arg)
1283{
1284 struct quic_wait_for_stream_args *args = arg;
1285
1286 if (!ossl_quic_channel_is_active(args->qc->ch)) {
1287 /* If connection is torn down due to an error while blocking, stop. */
1288 QUIC_RAISE_NON_NORMAL_ERROR(args->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1289 return -1;
1290 }
1291
1292 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
acc6fde0
HL		 1293 args->expect_id | QUIC_STREAM_DIR_BIDI);
1294 if (args->qs == NULL)
1295 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1296 args->expect_id | QUIC_STREAM_DIR_UNI);
1297
8b7be3aa
HL		 1298 if (args->qs != NULL)
1299 return 1; /* stream now exists */
1300
1301 return 0; /* did not get a stream, keep trying */
1302}
1303
1304QUIC_NEEDS_LOCK
1305static int qc_wait_for_default_xso_for_read(QUIC_CONNECTION *qc)
1306{
1307 /* Called on a QCSO and we don't currently have a default stream. */
1308 uint64_t expect_id;
1309 QUIC_STREAM *qs;
1310 int res;
1311 struct quic_wait_for_stream_args wargs;
1312
1313 /*
1314 * If default stream functionality is disabled or we already detached
1315 * one, don't make another default stream and just fail.
1316 */
1317 if (qc->default_xso_created
1318 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1319 return QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_NO_STREAM, NULL);
1320
1321 /*
1322 * The peer may have opened a stream since we last ticked. So tick and
1323 * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1324 * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1325 * first stream created by a peer must have an ordinal of 0.
1326 */
1327 expect_id = qc->as_server
1328 ? QUIC_STREAM_INITIATOR_CLIENT
1329 : QUIC_STREAM_INITIATOR_SERVER;
1330
8b7be3aa 1331 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
acc6fde0
HL		 1332 expect_id | QUIC_STREAM_DIR_BIDI);
1333 if (qs == NULL)
1334 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1335 expect_id | QUIC_STREAM_DIR_UNI);
1336
8b7be3aa
HL		 1337 if (qs == NULL) {
1338 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1339
1340 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1341 expect_id);
1342 }
1343
1344 if (qs == NULL) {
1345 if (!qc_blocking_mode(qc))
1346 /* Non-blocking mode, so just bail immediately. */
1347 return QUIC_RAISE_NORMAL_ERROR(qc, SSL_ERROR_WANT_READ);
1348
1349 /* Block until we have a stream. */
1350 wargs.qc = qc;
1351 wargs.qs = NULL;
1352 wargs.expect_id = expect_id;
1353
1354 res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
1355 if (res == 0)
1356 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1357 else if (res < 0 || wargs.qs == NULL)
1358 /* quic_wait_for_stream raised error here */
21c80696 1359 return 0;
8b7be3aa
HL		 1360
1361 qs = wargs.qs;
21c80696
HL		 1362 }
1363
8b7be3aa
HL		 1364 /*
1365 * We now have qs != NULL. Make it the default stream, creating the
1366 * necessary XSO.
1367 */
995ff282 1368 qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0);
8b7be3aa
HL		 1369 if (qc->default_xso == NULL)
1370 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1371
995ff282 1372 qc_touch_default_xso(qc); /* inhibits default XSO */
21c80696
HL		 1373 return 1;
1374}
1375
1376QUIC_NEEDS_LOCK
1377static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
1378{
1379 QUIC_XSO *xso = NULL;
1380
1381 if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL)
1382 goto err;
1383
1384 if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO))
1385 goto err;
1386
9cab4bd5
HL		 1387 /* XSO refs QC */
1388 if (!SSL_up_ref(&qc->ssl))
1389 goto err;
1390
21c80696
HL		 1391 xso->conn = qc;
1392 xso->blocking = qc->default_blocking;
1393 xso->ssl_mode = qc->default_ssl_mode;
1394
1395 xso->stream = qs;
1396
1397 ++qc->num_xso;
1398 return xso;
1399
1400err:
1401 OPENSSL_free(xso);
1402 return NULL;
1403}
1404
13ac037d
HL		 1405/* locking depends on need_lock */
1406static SSL *quic_conn_stream_new(QUIC_CONNECTION *qc, uint64_t flags,
1407 int need_lock)
cb5c208b 1408{
cb5c208b 1409 QUIC_XSO *xso = NULL;
21c80696 1410 QUIC_STREAM *qs = NULL;
2dbc39de 1411 int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
cb5c208b 1412
13ac037d
HL		 1413 if (need_lock)
1414 quic_lock(qc);
2dbc39de 1415
13ac037d
HL		 1416 if (ossl_quic_channel_is_term_any(qc->ch)) {
1417 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2dbc39de
HL		 1418 goto err;
1419 }
1420
13ac037d 1421 qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni);
21c80696 1422 if (qs == NULL)
2dbc39de 1423 goto err;
cb5c208b 1424
13ac037d 1425 xso = create_xso_from_stream(qc, qs);
21c80696 1426 if (xso == NULL)
cb5c208b
HL		 1427 goto err;
1428
13ac037d
HL		 1429 qc_touch_default_xso(qc); /* inhibits default XSO */
1430 if (need_lock)
1431 quic_unlock(qc);
1432
cb5c208b
HL		 1433 return &xso->ssl;
1434
1435err:
1436 OPENSSL_free(xso);
13ac037d
HL		 1437 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs);
1438 if (need_lock)
1439 quic_unlock(qc);
1440
cb5c208b 1441 return NULL;
13ac037d
HL		 1442
1443}
1444
1445QUIC_TAKES_LOCK
1446SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
1447{
1448 QCTX ctx;
1449
1450 if (!expect_quic_conn_only(s, &ctx))
1451 return NULL;
1452
1453 return quic_conn_stream_new(ctx.qc, flags, /*need_lock=*/1);
cb5c208b
HL		 1454}
1455
22d53c88
HL		 1456/*
1457 * QUIC Front-End I/O API: Steady-State Operations
1458 * ===============================================
1459 *
1460 * Here we dispatch calls to the steady-state front-end I/O API functions; that
1461 * is, the functions used during the established phase of a QUIC connection
1462 * (e.g. SSL_read, SSL_write).
1463 *
1464 * Each function must handle both blocking and non-blocking modes. As discussed
1465 * above, all QUIC I/O is implemented using non-blocking mode internally.
1466 *
1467 * SSL_get_error => partially implemented by ossl_quic_get_error
1468 * (BIO/)SSL_read => ossl_quic_read
1469 * (BIO/)SSL_write => ossl_quic_write
1470 * SSL_pending => ossl_quic_pending
a9979965 1471 * SSL_stream_conclude => ossl_quic_conn_stream_conclude
22d53c88
HL		 1472 */
1473
1474/* SSL_get_error */
072328dd 1475int ossl_quic_get_error(const SSL *s, int i)
e44795bd 1476{
072328dd
HL		 1477 QCTX ctx;
1478
1479 if (!expect_quic(s, &ctx))
1480 return 0;
1481
1482 return ctx.qc->last_error;
e44795bd
TM		 1483}
1484
22d53c88
HL		 1485/*
1486 * SSL_write
1487 * ---------
1488 *
1489 * The set of functions below provide the implementation of the public SSL_write
1490 * function. We must handle:
1491 *
1492 * - both blocking and non-blocking operation at the application level,
1493 * depending on how we are configured;
1494 *
1495 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
1496 *
1497 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1498 *
1499 */
4847599b 1500QUIC_NEEDS_LOCK
cb5c208b 1501static void quic_post_write(QUIC_XSO *xso, int did_append, int do_tick)
22d53c88
HL		 1502{
1503 /*
1504 * We have appended at least one byte to the stream.
1505 * Potentially mark stream as active, depending on FC.
1506 */
1507 if (did_append)
cb5c208b
HL		 1508 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
1509 xso->stream);
22d53c88
HL		 1510
1511 /*
1512 * Try and send.
1513 *
1514 * TODO(QUIC): It is probably inefficient to try and do this immediately,
1515 * plus we should eventually consider Nagle's algorithm.
1516 */
1517 if (do_tick)
cb5c208b 1518 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
22d53c88
HL		 1519}
1520
1521struct quic_write_again_args {
cb5c208b 1522 QUIC_XSO *xso;
22d53c88
HL		 1523 const unsigned char *buf;
1524 size_t len;
1525 size_t total_written;
1526};
1527
4847599b 1528QUIC_NEEDS_LOCK
22d53c88
HL		 1529static int quic_write_again(void *arg)
1530{
1531 struct quic_write_again_args *args = arg;
1532 size_t actual_written = 0;
1533
cb5c208b 1534 if (!ossl_quic_channel_is_active(args->xso->conn->ch))
22d53c88
HL		 1535 /* If connection is torn down due to an error while blocking, stop. */
1536 return -2;
1537
cb5c208b 1538 if (!ossl_quic_sstream_append(args->xso->stream->sstream,
22d53c88
HL		 1539 args->buf, args->len, &actual_written))
1540 return -2;
1541
cb5c208b 1542 quic_post_write(args->xso, actual_written > 0, 0);
22d53c88
HL		 1543
1544 args->buf += actual_written;
1545 args->len -= actual_written;
1546 args->total_written += actual_written;
1547
3f0c310b 1548 if (args->len == 0)
22d53c88
HL		 1549 /* Written everything, done. */
1550 return 1;
1551
1552 /* Not written everything yet, keep trying. */
1553 return 0;
1554}
1555
4847599b 1556QUIC_NEEDS_LOCK
cb5c208b 1557static int quic_write_blocking(QUIC_XSO *xso, const void *buf, size_t len,
22d53c88 1558 size_t *written)
e44795bd 1559{
22d53c88
HL		 1560 int res;
1561 struct quic_write_again_args args;
1562 size_t actual_written = 0;
1563
1564 /* First make a best effort to append as much of the data as possible. */
cb5c208b 1565 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len,
22d53c88
HL		 1566 &actual_written)) {
1567 /* Stream already finished or allocation error. */
1568 *written = 0;
cb5c208b 1569 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1570 }
1571
cb5c208b 1572 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 1573
1574 if (actual_written == len) {
1575 /* Managed to append everything on the first try. */
1576 *written = actual_written;
1577 return 1;
1578 }
1579
1580 /*
1581 * We did not manage to append all of the data immediately, so the stream
1582 * buffer has probably filled up. This means we need to block until some of
1583 * it is freed up.
1584 */
cb5c208b 1585 args.xso = xso;
22d53c88
HL		 1586 args.buf = (const unsigned char *)buf + actual_written;
1587 args.len = len - actual_written;
1588 args.total_written = 0;
1589
cb5c208b 1590 res = block_until_pred(xso->conn, quic_write_again, &args, 0);
22d53c88 1591 if (res <= 0) {
cb5c208b
HL		 1592 if (!ossl_quic_channel_is_active(xso->conn->ch))
1593 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1594 else
cb5c208b 1595 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1596 }
1597
1598 *written = args.total_written;
e44795bd
TM		 1599 return 1;
1600}
1601
ca41f6b7
HL		 1602/*
1603 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
1604 * write semantics.
1605 */
cb5c208b 1606static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
22d53c88
HL		 1607 size_t buf_len, size_t already_sent)
1608{
cb5c208b 1609 assert(!xso->aon_write_in_progress);
22d53c88 1610
cb5c208b
HL		 1611 xso->aon_write_in_progress = 1;
1612 xso->aon_buf_base = buf;
1613 xso->aon_buf_pos = already_sent;
1614 xso->aon_buf_len = buf_len;
22d53c88
HL		 1615}
1616
cb5c208b 1617static void aon_write_finish(QUIC_XSO *xso)
22d53c88 1618{
cb5c208b
HL		 1619 xso->aon_write_in_progress = 0;
1620 xso->aon_buf_base = NULL;
1621 xso->aon_buf_pos = 0;
1622 xso->aon_buf_len = 0;
22d53c88
HL		 1623}
1624
4847599b 1625QUIC_NEEDS_LOCK
cb5c208b 1626static int quic_write_nonblocking_aon(QUIC_XSO *xso, const void *buf,
22d53c88 1627 size_t len, size_t *written)
e44795bd 1628{
22d53c88
HL		 1629 const void *actual_buf;
1630 size_t actual_len, actual_written = 0;
1631 int accept_moving_buffer
cb5c208b 1632 = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
22d53c88 1633
cb5c208b 1634 if (xso->aon_write_in_progress) {
22d53c88
HL		 1635 /*
1636 * We are in the middle of an AON write (i.e., a previous write did not
75b2920a
HL		 1637 * manage to append all data to the SSTREAM and we have Enable Partial
1638 * Write (EPW) mode disabled.)
22d53c88 1639 */
cb5c208b
HL		 1640 if ((!accept_moving_buffer && xso->aon_buf_base != buf)
1641 || len != xso->aon_buf_len)
22d53c88
HL		 1642 /*
1643 * Pointer must not have changed if we are not in accept moving
1644 * buffer mode. Length must never change.
1645 */
cb5c208b 1646 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, SSL_R_BAD_WRITE_RETRY, NULL);
22d53c88 1647
cb5c208b
HL		 1648 actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
1649 actual_len = len - xso->aon_buf_pos;
22d53c88
HL		 1650 assert(actual_len > 0);
1651 } else {
1652 actual_buf = buf;
1653 actual_len = len;
1654 }
1655
1656 /* First make a best effort to append as much of the data as possible. */
cb5c208b 1657 if (!ossl_quic_sstream_append(xso->stream->sstream, actual_buf, actual_len,
22d53c88
HL		 1658 &actual_written)) {
1659 /* Stream already finished or allocation error. */
1660 *written = 0;
cb5c208b 1661 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1662 }
1663
cb5c208b 1664 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 1665
1666 if (actual_written == actual_len) {
1667 /* We have sent everything. */
cb5c208b 1668 if (xso->aon_write_in_progress) {
22d53c88
HL		 1669 /*
1670 * We have sent everything, and we were in the middle of an AON
1671 * write. The output write length is the total length of the AON
1672 * buffer, not however many bytes we managed to write to the stream
1673 * in this call.
1674 */
cb5c208b
HL		 1675 *written = xso->aon_buf_len;
1676 aon_write_finish(xso);
22d53c88
HL		 1677 } else {
1678 *written = actual_written;
1679 }
1680
1681 return 1;
1682 }
1683
cb5c208b 1684 if (xso->aon_write_in_progress) {
22d53c88
HL		 1685 /*
1686 * AON write is in progress but we have not written everything yet. We
1687 * may have managed to send zero bytes, or some number of bytes less
1688 * than the total remaining which need to be appended during this
1689 * AON operation.
1690 */
cb5c208b
HL		 1691 xso->aon_buf_pos += actual_written;
1692 assert(xso->aon_buf_pos < xso->aon_buf_len);
1693 return QUIC_RAISE_NORMAL_ERROR(xso->conn, SSL_ERROR_WANT_WRITE);
22d53c88
HL		 1694 }
1695
08e49012 1696 /*
22d53c88
HL		 1697 * Not in an existing AON operation but partial write is not enabled, so we
1698 * need to begin a new AON operation. However we needn't bother if we didn't
1699 * actually append anything.
08e49012 1700 */
22d53c88 1701 if (actual_written > 0)
cb5c208b 1702 aon_write_begin(xso, buf, len, actual_written);
e44795bd 1703
22d53c88
HL		 1704 /*
1705 * AON - We do not publicly admit to having appended anything until AON
1706 * completes.
1707 */
1708 *written = 0;
cb5c208b 1709 return QUIC_RAISE_NORMAL_ERROR(xso->conn, SSL_ERROR_WANT_WRITE);
e44795bd
TM		 1710}
1711
4847599b 1712QUIC_NEEDS_LOCK
cb5c208b 1713static int quic_write_nonblocking_epw(QUIC_XSO *xso, const void *buf, size_t len,
22d53c88 1714 size_t *written)
e44795bd 1715{
22d53c88 1716 /* Simple best effort operation. */
cb5c208b 1717 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len, written)) {
22d53c88
HL		 1718 /* Stream already finished or allocation error. */
1719 *written = 0;
cb5c208b 1720 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1721 }
1722
cb5c208b 1723 quic_post_write(xso, *written > 0, 1);
e44795bd
TM		 1724 return 1;
1725}
d5ab48a1 1726
a8489257 1727QUIC_TAKES_LOCK
22d53c88 1728int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
d5ab48a1 1729{
a8489257 1730 int ret;
072328dd
HL		 1731 QCTX ctx;
1732 int partial_write;
22d53c88
HL		 1733
1734 *written = 0;
1735
8b7be3aa
HL		 1736 if (len == 0)
1737 return 1;
22d53c88 1738
8b7be3aa
HL		 1739 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
1740 return 0;
a8489257 1741
cb5c208b 1742 partial_write = ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0);
072328dd 1743
23c04709 1744 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
072328dd 1745 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 1746 goto out;
1747 }
22d53c88 1748
ca41f6b7
HL		 1749 /*
1750 * If we haven't finished the handshake, try to advance it.
1751 * We don't accept writes until the handshake is completed.
1752 */
072328dd 1753 if (quic_do_handshake(ctx.qc) < 1) {
a8489257
HL		 1754 ret = 0;
1755 goto out;
1756 }
ca41f6b7 1757
cb5c208b 1758 if (ctx.xso->stream == NULL || ctx.xso->stream->sstream == NULL) {
072328dd 1759 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 1760 goto out;
1761 }
22d53c88 1762
cb5c208b
HL		 1763 if (xso_blocking_mode(ctx.xso))
1764 ret = quic_write_blocking(ctx.xso, buf, len, written);
22d53c88 1765 else if (partial_write)
cb5c208b 1766 ret = quic_write_nonblocking_epw(ctx.xso, buf, len, written);
22d53c88 1767 else
cb5c208b 1768 ret = quic_write_nonblocking_aon(ctx.xso, buf, len, written);
a8489257
HL		 1769
1770out:
072328dd 1771 quic_unlock(ctx.qc);
a8489257 1772 return ret;
d5ab48a1
RL		 1773}
1774
1775/*
22d53c88
HL		 1776 * SSL_read
1777 * --------
d5ab48a1 1778 */
22d53c88
HL		 1779struct quic_read_again_args {
1780 QUIC_CONNECTION *qc;
1781 QUIC_STREAM *stream;
1782 void *buf;
1783 size_t len;
1784 size_t *bytes_read;
1785 int peek;
1786};
1787
4847599b 1788QUIC_NEEDS_LOCK
22d53c88
HL		 1789static int quic_read_actual(QUIC_CONNECTION *qc,
1790 QUIC_STREAM *stream,
1791 void *buf, size_t buf_len,
1792 size_t *bytes_read,
1793 int peek)
d5ab48a1 1794{
22d53c88
HL		 1795 int is_fin = 0;
1796
a9979965
HL		 1797 /* If the receive part of the stream is over, issue EOF. */
1798 if (stream->recv_fin_retired)
1799 return QUIC_RAISE_NORMAL_ERROR(qc, SSL_ERROR_ZERO_RETURN);
1800
22d53c88
HL		 1801 if (stream->rstream == NULL)
1802 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1803
1804 if (peek) {
1805 if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
1806 bytes_read, &is_fin))
1807 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1808
1809 } else {
1810 if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
1811 bytes_read, &is_fin))
1812 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1813 }
1814
1815 if (!peek) {
1816 if (*bytes_read > 0) {
1817 /*
1818 * We have read at least one byte from the stream. Inform stream-level
1819 * RXFC of the retirement of controlled bytes. Update the active stream
1820 * status (the RXFC may now want to emit a frame granting more credit to
1821 * the peer).
1822 */
1823 OSSL_RTT_INFO rtt_info;
d50e750e 1824
22d53c88
HL		 1825 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
1826
cb5c208b 1827 if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
22d53c88
HL		 1828 rtt_info.smoothed_rtt))
1829 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1830 }
1831
1832 if (is_fin)
1833 stream->recv_fin_retired = 1;
1834
1835 if (*bytes_read > 0)
1836 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
cb5c208b 1837 stream);
22d53c88
HL		 1838 }
1839
d5ab48a1
RL		 1840 return 1;
1841}
1842
4847599b 1843QUIC_NEEDS_LOCK
22d53c88 1844static int quic_read_again(void *arg)
d5ab48a1 1845{
22d53c88
HL		 1846 struct quic_read_again_args *args = arg;
1847
a9979965 1848 if (!ossl_quic_channel_is_active(args->qc->ch)) {
22d53c88 1849 /* If connection is torn down due to an error while blocking, stop. */
a9979965 1850 QUIC_RAISE_NON_NORMAL_ERROR(args->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
ca41f6b7 1851 return -1;
a9979965 1852 }
22d53c88
HL		 1853
1854 if (!quic_read_actual(args->qc, args->stream,
1855 args->buf, args->len, args->bytes_read,
1856 args->peek))
1857 return -1;
1858
1859 if (*args->bytes_read > 0)
1860 /* got at least one byte, the SSL_read op can finish now */
1861 return 1;
1862
81b6b43c 1863 return 0; /* did not read anything, keep trying */
d5ab48a1
RL		 1864}
1865
a8489257 1866QUIC_TAKES_LOCK
22d53c88 1867static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
d5ab48a1 1868{
a8489257 1869 int ret, res;
072328dd 1870 QCTX ctx;
22d53c88
HL		 1871 struct quic_read_again_args args;
1872
1873 *bytes_read = 0;
1874
8b7be3aa 1875 if (!expect_quic(s, &ctx))
22d53c88
HL		 1876 return 0;
1877
072328dd 1878 quic_lock(ctx.qc);
a8489257 1879
23c04709 1880 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
072328dd 1881 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 1882 goto out;
1883 }
22d53c88 1884
a9979965 1885 /* If we haven't finished the handshake, try to advance it. */
072328dd 1886 if (quic_do_handshake(ctx.qc) < 1) {
a8489257
HL		 1887 ret = 0; /* ossl_quic_do_handshake raised error here */
1888 goto out;
1889 }
22d53c88 1890
8b7be3aa
HL		 1891 if (ctx.xso == NULL) {
1892 /*
1893 * Called on a QCSO and we don't currently have a default stream.
1894 *
1895 * Wait until we get a stream initiated by the peer (blocking mode) or
1896 * fail if we don't have one yet (non-blocking mode).
1897 */
1898 if (!qc_wait_for_default_xso_for_read(ctx.qc)) {
1899 ret = 0; /* error already raised here */
1900 goto out;
1901 }
1902
1903 ctx.xso = ctx.qc->default_xso;
1904 }
1905
cb5c208b 1906 if (ctx.xso->stream == NULL) {
072328dd 1907 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 1908 goto out;
1909 }
22d53c88 1910
cb5c208b 1911 if (!quic_read_actual(ctx.qc, ctx.xso->stream, buf, len, bytes_read, peek)) {
a8489257
HL		 1912 ret = 0; /* quic_read_actual raised error here */
1913 goto out;
1914 }
22d53c88
HL		 1915
1916 if (*bytes_read > 0) {
1917 /*
1918 * Even though we succeeded, tick the reactor here to ensure we are
1919 * handling other aspects of the QUIC connection.
1920 */
072328dd 1921 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
a8489257 1922 ret = 1;
cb5c208b 1923 } else if (xso_blocking_mode(ctx.xso)) {
22d53c88
HL		 1924 /*
1925 * We were not able to read anything immediately, so our stream
1926 * buffer is empty. This means we need to block until we get
1927 * at least one byte.
1928 */
072328dd 1929 args.qc = ctx.qc;
cb5c208b 1930 args.stream = ctx.xso->stream;
22d53c88
HL		 1931 args.buf = buf;
1932 args.len = len;
1933 args.bytes_read = bytes_read;
1934 args.peek = peek;
1935
072328dd 1936 res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
a8489257 1937 if (res == 0) {
072328dd 1938 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 1939 goto out;
1940 } else if (res < 0) {
1941 ret = 0; /* quic_read_again raised error here */
1942 goto out;
1943 }
22d53c88 1944
a8489257 1945 ret = 1;
af8b52cf
HL		 1946 } else {
1947 /* We did not get any bytes and are not in blocking mode. */
072328dd 1948 ret = QUIC_RAISE_NORMAL_ERROR(ctx.qc, SSL_ERROR_WANT_READ);
af8b52cf 1949 }
a8489257
HL		 1950
1951out:
072328dd 1952 quic_unlock(ctx.qc);
a8489257 1953 return ret;
d5ab48a1
RL		 1954}
1955
22d53c88
HL		 1956int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
1957{
1958 return quic_read(s, buf, len, bytes_read, 0);
1959}
1960
1961int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
1962{
1963 return quic_read(s, buf, len, bytes_read, 1);
1964}
1965
1966/*
1967 * SSL_pending
1968 * -----------
1969 */
a8489257 1970QUIC_TAKES_LOCK
072328dd 1971static size_t ossl_quic_pending_int(const SSL *s)
22d53c88 1972{
072328dd 1973 QCTX ctx;
433d107a 1974 size_t avail = 0;
22d53c88
HL		 1975 int fin = 0;
1976
8b7be3aa 1977 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
22d53c88
HL		 1978 return 0;
1979
cb5c208b 1980 if (ctx.xso->stream == NULL || ctx.xso->stream->rstream == NULL)
22d53c88 1981 /* Cannot raise errors here because we are const, just fail. */
a8489257 1982 goto out;
22d53c88 1983
cb5c208b 1984 if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin))
a8489257 1985 avail = 0;
22d53c88 1986
a8489257 1987out:
072328dd 1988 quic_unlock(ctx.qc);
22d53c88
HL		 1989 return avail;
1990}
1991
560470b5
MC		 1992size_t ossl_quic_pending(const SSL *s)
1993{
072328dd 1994 return ossl_quic_pending_int(s);
560470b5
MC		 1995}
1996
072328dd 1997int ossl_quic_has_pending(const SSL *s)
560470b5 1998{
072328dd 1999 return ossl_quic_pending_int(s) > 0;
560470b5
MC		 2000}
2001
a9979965
HL		 2002/*
2003 * SSL_stream_conclude
2004 * -------------------
2005 */
a8489257 2006QUIC_TAKES_LOCK
072328dd 2007int ossl_quic_conn_stream_conclude(SSL *s)
a9979965 2008{
072328dd
HL		 2009 QCTX ctx;
2010 QUIC_STREAM *qs;
2011
8b7be3aa 2012 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
072328dd
HL		 2013 return 0;
2014
cb5c208b 2015 qs = ctx.xso->stream;
a9979965 2016
a8489257 2017 if (qs == NULL || qs->sstream == NULL) {
072328dd 2018 quic_unlock(ctx.qc);
a8489257
HL		 2019 return 0;
2020 }
2021
072328dd 2022 if (!ossl_quic_channel_is_active(ctx.qc->ch)
a8489257 2023 || ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
072328dd 2024 quic_unlock(ctx.qc);
a9979965 2025 return 1;
a8489257 2026 }
a9979965
HL		 2027
2028 ossl_quic_sstream_fin(qs->sstream);
cb5c208b 2029 quic_post_write(ctx.xso, 1, 1);
072328dd 2030 quic_unlock(ctx.qc);
a9979965
HL		 2031 return 1;
2032}
2033
553a4e00
HL		 2034/*
2035 * SSL_inject_net_dgram
2036 * --------------------
2037 */
5129e594 2038QUIC_TAKES_LOCK
553a4e00
HL		 2039int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
2040 size_t buf_len,
2041 const BIO_ADDR *peer,
2042 const BIO_ADDR *local)
2043{
5129e594 2044 int ret;
072328dd 2045 QCTX ctx;
553a4e00
HL		 2046 QUIC_DEMUX *demux;
2047
072328dd 2048 if (!expect_quic(s, &ctx))
553a4e00
HL		 2049 return 0;
2050
072328dd 2051 quic_lock(ctx.qc);
5129e594 2052
072328dd 2053 demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
5129e594
HL		 2054 ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
2055
072328dd 2056 quic_unlock(ctx.qc);
5129e594 2057 return ret;
553a4e00
HL		 2058}
2059
020d0389
HL		 2060/*
2061 * SSL_get0_connection
2062 * -------------------
2063 */
2064SSL *ossl_quic_get0_connection(SSL *s)
2065{
2066 QCTX ctx;
2067
2068 if (!expect_quic(s, &ctx))
2069 return NULL;
2070
2071 return &ctx.qc->ssl;
2072}
2073
1bca3f1b
HL		 2074/*
2075 * SSL_get_stream_type
2076 * -------------------
2077 */
2078int ossl_quic_get_stream_type(SSL *s)
2079{
2080 QCTX ctx;
2081
2082 if (!expect_quic(s, &ctx))
59c5c016 2083 return SSL_STREAM_TYPE_BIDI;
1bca3f1b
HL		 2084
2085 if (ctx.xso == NULL) {
2086 /*
59c5c016
HL		 2087 * If deferred XSO creation has yet to occur, proceed according to the
2088 * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
2089 * what kind of stream will be created yet, so return BIDI on the basis
2090 * that at this time, the client still has the option of calling
2091 * SSL_read() or SSL_write() first.
1bca3f1b 2092 */
59c5c016
HL		 2093 if (ctx.qc->default_xso_created
2094 || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1bca3f1b 2095 return SSL_STREAM_TYPE_NONE;
59c5c016
HL		 2096 else
2097 return SSL_STREAM_TYPE_BIDI;
1bca3f1b
HL		 2098 }
2099
2100 if (ossl_quic_stream_is_bidi(ctx.xso->stream))
2101 return SSL_STREAM_TYPE_BIDI;
2102
2103 if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
2104 return SSL_STREAM_TYPE_READ;
2105 else
2106 return SSL_STREAM_TYPE_WRITE;
2107}
2108
19cb0887
HL		 2109/*
2110 * SSL_get_stream_id
2111 * -----------------
2112 */
cb68ce9f 2113QUIC_TAKES_LOCK
19cb0887
HL		 2114uint64_t ossl_quic_get_stream_id(SSL *s)
2115{
2116 QCTX ctx;
8b7be3aa 2117 uint64_t id;
19cb0887 2118
8b7be3aa 2119 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
19cb0887
HL		 2120 return UINT64_MAX;
2121
8b7be3aa
HL		 2122 id = ctx.xso->stream->id;
2123 quic_unlock(ctx.qc);
2124
2125 return id;
2126}
2127
2128/*
2129 * SSL_set_default_stream_mode
2130 * ---------------------------
2131 */
cb68ce9f 2132QUIC_TAKES_LOCK
8b7be3aa
HL		 2133int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
2134{
2135 QCTX ctx;
2136
2137 if (!expect_quic_conn_only(s, &ctx))
2138 return 0;
2139
2140 quic_lock(ctx.qc);
2141
2142 if (ctx.qc->default_xso_created)
2143 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
2144 "too late to change default stream mode");
2145
2146 switch (mode) {
2147 case SSL_DEFAULT_STREAM_MODE_NONE:
2148 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
2149 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
2150 ctx.qc->default_stream_mode = mode;
2151 break;
2152 default:
2153 quic_unlock(ctx.qc);
2154 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_PASSED_INVALID_ARGUMENT,
2155 "bad default stream type");
2156 }
2157
2158 quic_unlock(ctx.qc);
2159 return 1;
2160}
2161
2162/*
2163 * SSL_detach_stream
2164 * -----------------
2165 */
cb68ce9f 2166QUIC_TAKES_LOCK
8b7be3aa
HL		 2167SSL *ossl_quic_detach_stream(SSL *s)
2168{
2169 QCTX ctx;
9cab4bd5 2170 QUIC_XSO *xso = NULL;
8b7be3aa
HL		 2171
2172 if (!expect_quic_conn_only(s, &ctx))
2173 return NULL;
2174
2175 quic_lock(ctx.qc);
2176
8b7be3aa 2177 /* Calling this function inhibits default XSO autocreation. */
9cab4bd5
HL		 2178 /* QC ref to any default XSO is transferred to us and to caller. */
2179 qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso);
8b7be3aa
HL		 2180
2181 quic_unlock(ctx.qc);
2182
9cab4bd5 2183 return xso != NULL ? &xso->ssl : NULL;
8b7be3aa
HL		 2184}
2185
2186/*
2187 * SSL_attach_stream
2188 * -----------------
2189 */
cb68ce9f 2190QUIC_TAKES_LOCK
8b7be3aa
HL		 2191int ossl_quic_attach_stream(SSL *conn, SSL *stream)
2192{
2193 QCTX ctx;
9cab4bd5
HL		 2194 QUIC_XSO *xso;
2195 int nref;
8b7be3aa
HL		 2196
2197 if (!expect_quic_conn_only(conn, &ctx))
2198 return 0;
2199
2200 if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
2201 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_PASSED_NULL_PARAMETER,
2202 "stream to attach must be a valid QUIC stream");
2203
9cab4bd5
HL		 2204 xso = (QUIC_XSO *)stream;
2205
8b7be3aa
HL		 2206 quic_lock(ctx.qc);
2207
2208 if (ctx.qc->default_xso != NULL) {
2209 quic_unlock(ctx.qc);
2210 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
2211 "connection already has a default stream");
2212 }
2213
9cab4bd5
HL		 2214 /*
2215 * It is a caller error for the XSO being attached as a default XSO to have
2216 * more than one ref.
2217 */
2218 if (!CRYPTO_GET_REF(&xso->ssl.references, &nref, &xso->ssl.lock)) {
2219 quic_unlock(ctx.qc);
2220 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR,
2221 "ref");
2222 }
2223
2224 if (nref != 1) {
2225 quic_unlock(ctx.qc);
2226 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_PASSED_INVALID_ARGUMENT,
2227 "stream being attached must have "
2228 "only 1 reference");
2229 }
2230
2231 /* Caller's reference to the XSO is transferred to us. */
8b7be3aa 2232 /* Calling this function inhibits default XSO autocreation. */
9cab4bd5 2233 qc_set_default_xso(ctx.qc, xso, /*touch=*/1);
8b7be3aa
HL		 2234
2235 quic_unlock(ctx.qc);
2236 return 1;
19cb0887
HL		 2237}
2238
8a90df34 2239/*
83df44ae
HL		 2240 * SSL_set_incoming_stream_policy
2241 * ------------------------------
8a90df34 2242 */
995ff282 2243QUIC_NEEDS_LOCK
83df44ae 2244static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc)
995ff282 2245{
83df44ae
HL		 2246 switch (qc->incoming_stream_policy) {
2247 case SSL_INCOMING_STREAM_POLICY_AUTO:
995ff282
HL		 2248 if ((qc->default_xso == NULL && !qc->default_xso_created)
2249 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
83df44ae 2250 return SSL_INCOMING_STREAM_POLICY_ACCEPT;
995ff282 2251 else
83df44ae 2252 return SSL_INCOMING_STREAM_POLICY_REJECT;
995ff282
HL		 2253
2254 default:
83df44ae 2255 return qc->incoming_stream_policy;
995ff282
HL		 2256 }
2257}
2258
2259QUIC_NEEDS_LOCK
2260static void qc_update_reject_policy(QUIC_CONNECTION *qc)
2261{
83df44ae
HL		 2262 int policy = qc_get_effective_incoming_stream_policy(qc);
2263 int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT);
995ff282
HL		 2264
2265 ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch,
2266 enable_reject,
83df44ae 2267 qc->incoming_stream_aec);
995ff282
HL		 2268}
2269
cb68ce9f 2270QUIC_TAKES_LOCK
83df44ae
HL		 2271int ossl_quic_set_incoming_stream_policy(SSL *s, int policy,
2272 uint64_t aec)
8a90df34
HL		 2273{
2274 int ret = 1;
2275 QCTX ctx;
2276
2277 if (!expect_quic_conn_only(s, &ctx))
2278 return 0;
2279
2280 quic_lock(ctx.qc);
2281
2282 switch (policy) {
83df44ae
HL		 2283 case SSL_INCOMING_STREAM_POLICY_AUTO:
2284 case SSL_INCOMING_STREAM_POLICY_ACCEPT:
2285 case SSL_INCOMING_STREAM_POLICY_REJECT:
2286 ctx.qc->incoming_stream_policy = policy;
2287 ctx.qc->incoming_stream_aec = aec;
8a90df34
HL		 2288 break;
2289
2290 default:
2291 ret = 0;
2292 break;
2293 }
2294
995ff282 2295 qc_update_reject_policy(ctx.qc);
8a90df34
HL		 2296 quic_unlock(ctx.qc);
2297 return ret;
2298}
2299
cb68ce9f
HL		 2300/*
2301 * SSL_accept_stream
2302 * -----------------
2303 */
cb68ce9f
HL		 2304struct wait_for_incoming_stream_args {
2305 QUIC_CONNECTION *qc;
2306 QUIC_STREAM *qs;
2307};
2308
2309QUIC_NEEDS_LOCK
2310static int wait_for_incoming_stream(void *arg)
2311{
2312 struct wait_for_incoming_stream_args *args = arg;
2313 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(args->qc->ch);
2314
2315 if (!ossl_quic_channel_is_active(args->qc->ch)) {
2316 /* If connection is torn down due to an error while blocking, stop. */
2317 QUIC_RAISE_NON_NORMAL_ERROR(args->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2318 return -1;
2319 }
2320
2321 args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2322 if (args->qs != NULL)
2323 return 1; /* got a stream */
2324
2325 return 0; /* did not get a stream, keep trying */
2326}
2327
2328QUIC_TAKES_LOCK
2329SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
2330{
2331 QCTX ctx;
2332 int ret;
2333 SSL *new_s = NULL;
2334 QUIC_STREAM_MAP *qsm;
2335 QUIC_STREAM *qs;
2336 QUIC_XSO *xso;
90cecc40 2337 OSSL_RTT_INFO rtt_info;
cb68ce9f
HL		 2338
2339 if (!expect_quic_conn_only(s, &ctx))
2340 return NULL;
2341
2342 quic_lock(ctx.qc);
2343
83df44ae
HL		 2344 if (qc_get_effective_incoming_stream_policy(ctx.qc)
2345 == SSL_INCOMING_STREAM_POLICY_REJECT)
cb68ce9f
HL		 2346 goto out;
2347
2348 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2349
2350 qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2351 if (qs == NULL) {
2352 if (qc_blocking_mode(ctx.qc)
2353 && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
2354 struct wait_for_incoming_stream_args args;
2355
2356 args.qc = ctx.qc;
2357 args.qs = NULL;
2358
2359 ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
2360 if (ret == 0) {
2361 QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
2362 goto out;
2363 } else if (ret < 0 || args.qs == NULL) {
2364 goto out;
2365 }
2366
2367 qs = args.qs;
2368 } else {
2369 goto out;
2370 }
2371 }
2372
2373 xso = create_xso_from_stream(ctx.qc, qs);
2374 if (xso == NULL)
2375 goto out;
2376
90cecc40
HL		 2377 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info);
2378 ossl_quic_stream_map_remove_from_accept_queue(qsm, qs,
2379 rtt_info.smoothed_rtt);
cb68ce9f
HL		 2380 new_s = &xso->ssl;
2381
2382 /* Calling this function inhibits default XSO autocreation. */
995ff282 2383 qc_touch_default_xso(ctx.qc); /* inhibits default XSO */
cb68ce9f
HL		 2384
2385out:
2386 quic_unlock(ctx.qc);
2387 return new_s;
2388}
2389
2390/*
2391 * SSL_get_accept_stream_queue_len
2392 * -------------------------------
2393 */
2394QUIC_TAKES_LOCK
2395size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
2396{
2397 QCTX ctx;
2398 size_t v;
2399
2400 if (!expect_quic_conn_only(s, &ctx))
2401 return 0;
2402
2403 quic_lock(ctx.qc);
2404
2405 v = ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
2406
2407 quic_unlock(ctx.qc);
2408 return v;
2409}
2410
c3a04ea2
HL		 2411/*
2412 * SSL_stream_reset
2413 * ----------------
2414 */
2415int ossl_quic_stream_reset(SSL *ssl,
2416 const SSL_STREAM_RESET_ARGS *args,
2417 size_t args_len)
2418{
2419 QCTX ctx;
2420 QUIC_STREAM_MAP *qsm;
2421 QUIC_STREAM *qs;
2422 uint64_t error_code;
2423
2424 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, &ctx))
2425 return 0;
2426
2427 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2428 qs = ctx.xso->stream;
2429 error_code = (args != NULL ? args->quic_error_code : 0);
2430
2431 ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code);
2432
2433 quic_unlock(ctx.qc);
2434 return 1;
2435}
2436
2437/*
2438 * SSL_get_stream_read_state
2439 * -------------------------
2440 */
2441static void quic_classify_stream(QUIC_CONNECTION *qc,
2442 QUIC_STREAM *qs,
2443 int is_write,
2444 int *state,
2445 uint64_t *app_error_code)
2446{
2447 int local_init;
2448 uint64_t final_size;
2449
2450 local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server);
2451
2452 if (app_error_code != NULL)
2453 *app_error_code = UINT64_MAX;
2454 else
2455 app_error_code = &final_size; /* throw away value */
2456
2457 if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) {
2458 /*
2459 * Unidirectional stream and this direction of transmission doesn't
2460 * exist.
2461 */
2462 *state = SSL_STREAM_STATE_WRONG_DIR;
2463 } else if (ossl_quic_channel_is_term_any(qc->ch)) {
2464 /* Connection already closed. */
2465 *state = SSL_STREAM_STATE_CONN_CLOSED;
2466 } else if (!is_write && qs->recv_fin_retired) {
2467 /* Application has read a FIN. */
2468 *state = SSL_STREAM_STATE_FINISHED;
2469 } else if ((!is_write && qs->stop_sending)
2470 || (is_write && qs->reset_stream)) {
2471 /*
2472 * Stream has been reset locally. FIN takes precedence over this for the
2473 * read case as the application need not care if the stream is reset
2474 * after a FIN has been successfully processed.
2475 */
2476 *state = SSL_STREAM_STATE_RESET_LOCAL;
2477 *app_error_code = !is_write
2478 ? qs->stop_sending_aec
2479 : qs->reset_stream_aec;
2480 } else if ((!is_write && qs->peer_reset_stream)
2481 || (is_write && qs->peer_stop_sending)) {
2482 /*
2483 * Stream has been reset remotely. */
2484 *state = SSL_STREAM_STATE_RESET_REMOTE;
2485 *app_error_code = !is_write
2486 ? qs->peer_reset_stream_aec
2487 : qs->peer_stop_sending_aec;
2488 } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream,
2489 &final_size)) {
2490 /*
2491 * Stream has been finished. Stream reset takes precedence over this for
2492 * the write case as peer may not have received all data.
2493 */
2494 *state = SSL_STREAM_STATE_FINISHED;
2495 } else {
2496 /* Stream still healthy. */
2497 *state = SSL_STREAM_STATE_OK;
2498 }
2499}
2500
2501static int quic_get_stream_state(SSL *ssl, int is_write)
2502{
2503 QCTX ctx;
2504 int state;
2505
2506 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
2507 return SSL_STREAM_STATE_NONE;
2508
2509 quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL);
2510 quic_unlock(ctx.qc);
2511 return state;
2512}
2513
2514int ossl_quic_get_stream_read_state(SSL *ssl)
2515{
2516 return quic_get_stream_state(ssl, /*is_write=*/0);
2517}
2518
2519/*
2520 * SSL_get_stream_write_state
2521 * --------------------------
2522 */
2523int ossl_quic_get_stream_write_state(SSL *ssl)
2524{
2525 return quic_get_stream_state(ssl, /*is_write=*/1);
2526}
2527
2528/*
2529 * SSL_get_stream_read_error_code
2530 * ------------------------------
2531 */
2532static int quic_get_stream_error_code(SSL *ssl, int is_write,
2533 uint64_t *app_error_code)
2534{
2535 QCTX ctx;
2536 int state;
2537
2538 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
2539 return -1;
2540
2541 quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0,
2542 &state, app_error_code);
2543
2544 quic_unlock(ctx.qc);
2545 switch (state) {
2546 case SSL_STREAM_STATE_FINISHED:
2547 return 0;
2548 case SSL_STREAM_STATE_RESET_LOCAL:
2549 case SSL_STREAM_STATE_RESET_REMOTE:
2550 return 1;
2551 default:
2552 return -1;
2553 }
2554}
2555
2556int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code)
2557{
2558 return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code);
2559}
2560
2561/*
2562 * SSL_get_stream_write_error_code
2563 * -------------------------------
2564 */
2565int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code)
2566{
2567 return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code);
2568}
2569
2570/*
2571 * SSL_get_conn_close_info
2572 * -----------------------
2573 */
2574int ossl_quic_get_conn_close_info(SSL *ssl,
2575 SSL_CONN_CLOSE_INFO *info,
2576 size_t info_len)
2577{
2578 QCTX ctx;
2579 const QUIC_TERMINATE_CAUSE *tc;
2580
2581 if (!expect_quic_conn_only(ssl, &ctx))
2582 return -1;
2583
2584 tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
2585 if (tc == NULL)
2586 return 0;
2587
2588 info->error_code = tc->error_code;
2589 info->reason = NULL; /* TODO(QUIC): Wire reason */
2590 info->reason_len = 0;
2591 info->is_local = !tc->remote;
2592 info->is_transport = !tc->app;
2593 return 1;
2594}
2595
22d53c88
HL		 2596/*
2597 * QUIC Front-End I/O API: SSL_CTX Management
2598 * ==========================================
2599 */
2600
2601long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2602{
2603 switch (cmd) {
2604 default:
8a1a6d6d 2605 return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
22d53c88
HL		 2606 }
2607}
2608
2609long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
2610{
8a1a6d6d 2611 return ssl3_callback_ctrl(s, cmd, fp);
22d53c88
HL		 2612}
2613
2614long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
2615{
8a1a6d6d 2616 return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
22d53c88
HL		 2617}
2618
2619int ossl_quic_renegotiate_check(SSL *ssl, int initok)
2620{
2621 /* We never do renegotiation. */
2622 return 0;
2623}
2624
2625/*
d518854c
MC		 2626 * These functions define the TLSv1.2 (and below) ciphers that are supported by
2627 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
22d53c88 2628 */
22d53c88
HL		 2629
2630int ossl_quic_num_ciphers(void)
2631{
d518854c 2632 return 0;
22d53c88
HL		 2633}
2634
2635const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
2636{
d518854c 2637 return NULL;
d5ab48a1 2638}
A mirror of the official openssl repository