]> git.ipfire.org Git - thirdparty/openssl.git/blame - ssl/quic/quic_impl.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
BIO_s_dgram_pair: Correct implementation of BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE
[thirdparty/openssl.git] / ssl / quic / quic_impl.c
CommitLineData
99e1cc7b
TM		 1/*
2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/macros.h>
11#include <openssl/objects.h>
22d53c88
HL		 12#include <openssl/sslerr.h>
13#include <crypto/rand.h>
99e1cc7b 14#include "quic_local.h"
2723d705 15#include "internal/quic_tls.h"
22d53c88
HL		 16#include "internal/quic_rx_depack.h"
17#include "internal/quic_error.h"
18#include "internal/time.h"
99e1cc7b 19
faa3a180
HL		 20typedef struct qctx_st QCTX;
21
cb5c208b 22static void aon_write_finish(QUIC_XSO *xso);
23c04709 23static int create_channel(QUIC_CONNECTION *qc);
21c80696 24static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
faa3a180
HL		 25static int qc_try_create_default_xso_for_write(QCTX *ctx);
26static int qc_wait_for_default_xso_for_read(QCTX *ctx);
8b7be3aa
HL		 27static void quic_lock(QUIC_CONNECTION *qc);
28static void quic_unlock(QUIC_CONNECTION *qc);
faa3a180 29static int quic_do_handshake(QCTX *ctx);
995ff282
HL		 30static void qc_update_reject_policy(QUIC_CONNECTION *qc);
31static void qc_touch_default_xso(QUIC_CONNECTION *qc);
32static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch);
9cab4bd5
HL		 33static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
34 int touch, QUIC_XSO **old_xso);
faa3a180 35static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock);
abfe3d51 36static int quic_validate_for_write(QUIC_XSO *xso, int *err);
6d6b3a03 37static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active);
51e671e2
HL		 38static int qc_blocking_mode(const QUIC_CONNECTION *qc);
39static int xso_blocking_mode(const QUIC_XSO *xso);
22d53c88
HL		 40
41/*
42 * QUIC Front-End I/O API: Common Utilities
43 * ========================================
44 */
45
46/*
47 * Block until a predicate is met.
48 *
49 * Precondition: Must have a channel.
d7b1fadd 50 * Precondition: Must hold channel lock (unchecked).
22d53c88 51 */
d7b1fadd 52QUIC_NEEDS_LOCK
22d53c88
HL		 53static int block_until_pred(QUIC_CONNECTION *qc,
54 int (*pred)(void *arg), void *pred_arg,
55 uint32_t flags)
56{
57 QUIC_REACTOR *rtor;
58
59 assert(qc->ch != NULL);
60
cae02d2b
HL		 61 /*
62 * Any attempt to block auto-disables tick inhibition as otherwise we will
63 * hang around forever.
64 */
65 ossl_quic_channel_set_inhibit_tick(qc->ch, 0);
66
22d53c88 67 rtor = ossl_quic_channel_get_reactor(qc->ch);
c019e1ef 68 return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
4847599b 69 qc->mutex);
22d53c88
HL		 70}
71
e3e9794a
HL		 72static OSSL_TIME get_time(QUIC_CONNECTION *qc)
73{
74 if (qc->override_now_cb != NULL)
75 return qc->override_now_cb(qc->override_now_cb_arg);
76 else
77 return ossl_time_now();
78}
79
80static OSSL_TIME get_time_cb(void *arg)
81{
82 QUIC_CONNECTION *qc = arg;
83
84 return get_time(qc);
85}
86
faa3a180
HL		 87/*
88 * QCTX is a utility structure which provides information we commonly wish to
89 * unwrap upon an API call being dispatched to us, namely:
90 *
91 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
92 * was passed);
93 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
94 * a QCSO with a default stream was passed);
95 * - whether a QSSO was passed (xso == NULL must not be used to determine this
96 * because it may be non-NULL when a QCSO is passed if that QCSO has a
a954f761
HL		 97 * default stream);
98 * - whether we are in "I/O context", meaning that non-normal errors can
99 * be reported via SSL_get_error() as well as via ERR. Functions such as
100 * SSL_read(), SSL_write() and SSL_do_handshake() are "I/O context"
101 * functions which are allowed to change the value returned by
102 * SSL_get_error. However, other functions (including functions which call
103 * SSL_do_handshake() implicitly) are not allowed to change the return value
104 * of SSL_get_error.
faa3a180
HL		 105 */
106struct qctx_st {
107 QUIC_CONNECTION *qc;
108 QUIC_XSO *xso;
a954f761 109 int is_stream, in_io;
faa3a180
HL		 110};
111
22d53c88
HL		 112/*
113 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
faa3a180
HL		 114 * rather than via ERR. Note that normal errors must always be raised while
115 * holding a lock.
22d53c88 116 */
faa3a180
HL		 117QUIC_NEEDS_LOCK
118static int quic_raise_normal_error(QCTX *ctx,
22d53c88
HL		 119 int err)
120{
faa3a180
HL		 121 if (ctx->is_stream)
122 ctx->xso->last_error = err;
123 else
124 ctx->qc->last_error = err;
125
22d53c88
HL		 126 return 0;
127}
128
129/*
130 * Raise a 'non-normal' error, meaning any error that is not reported via
131 * SSL_get_error() and must be reported via ERR.
e88cdb8e
HL		 132 *
133 * qc should be provided if available. In exceptional circumstances when qc is
134 * not known NULL may be passed. This should generally only happen when an
135 * expect_...() function defined below fails, which generally indicates a
136 * dispatch error or caller error.
faa3a180
HL		 137 *
138 * ctx should be NULL if the connection lock is not held.
22d53c88 139 */
a954f761 140static int quic_raise_non_normal_error(QCTX *ctx,
22d53c88
HL		 141 const char *file,
142 int line,
143 const char *func,
144 int reason,
145 const char *fmt,
146 ...)
147{
148 va_list args;
149
faa3a180 150 if (ctx != NULL) {
a954f761 151 if (ctx->in_io && ctx->is_stream && ctx->xso != NULL)
faa3a180 152 ctx->xso->last_error = SSL_ERROR_SSL;
a954f761 153 else if (ctx->in_io && !ctx->is_stream && ctx->qc != NULL)
faa3a180 154 ctx->qc->last_error = SSL_ERROR_SSL;
9c3ea4e1
TM		 155
156 if (reason == SSL_R_PROTOCOL_IS_SHUTDOWN && ctx->qc != NULL)
157 ossl_quic_channel_restore_err_state(ctx->qc->ch);
faa3a180 158 }
e88cdb8e 159
9c3ea4e1
TM		 160 ERR_new();
161 ERR_set_debug(file, line, func);
162
163 va_start(args, fmt);
164 ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
165 va_end(args);
166
22d53c88
HL		 167 return 0;
168}
169
faa3a180
HL		 170#define QUIC_RAISE_NORMAL_ERROR(ctx, err) \
171 quic_raise_normal_error((ctx), (err))
22d53c88 172
faa3a180 173#define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg) \
a954f761 174 quic_raise_non_normal_error((ctx), \
22d53c88
HL		 175 OPENSSL_FILE, OPENSSL_LINE, \
176 OPENSSL_FUNC, \
177 (reason), \
178 (msg))
179
e88cdb8e
HL		 180/*
181 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
182 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
183 *
184 * After this returns 1, all fields of the passed QCTX are initialised.
185 * Returns 0 on failure. This function is intended to be used to provide API
186 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
22d53c88 187 */
e88cdb8e 188static int expect_quic(const SSL *s, QCTX *ctx)
22d53c88 189{
e88cdb8e
HL		 190 QUIC_CONNECTION *qc;
191 QUIC_XSO *xso;
192
193 ctx->qc = NULL;
194 ctx->xso = NULL;
195 ctx->is_stream = 0;
196
197 if (s == NULL)
a954f761 198 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
22d53c88 199
e88cdb8e
HL		 200 switch (s->type) {
201 case SSL_TYPE_QUIC_CONNECTION:
202 qc = (QUIC_CONNECTION *)s;
203 ctx->qc = qc;
cb5c208b 204 ctx->xso = qc->default_xso;
e88cdb8e 205 ctx->is_stream = 0;
a954f761 206 ctx->in_io = 0;
e88cdb8e
HL		 207 return 1;
208
209 case SSL_TYPE_QUIC_XSO:
210 xso = (QUIC_XSO *)s;
cb5c208b 211 ctx->qc = xso->conn;
e88cdb8e
HL		 212 ctx->xso = xso;
213 ctx->is_stream = 1;
a954f761 214 ctx->in_io = 0;
e88cdb8e
HL		 215 return 1;
216
217 default:
a954f761 218 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
e88cdb8e
HL		 219 }
220}
221
222/*
223 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
224 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
225 * stream.
21c80696
HL		 226 *
227 * remote_init determines if we expect the default XSO to be remotely created or
228 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
8b7be3aa
HL		 229 *
230 * Channel mutex is acquired and retained on success.
e88cdb8e 231 */
8b7be3aa
HL		 232QUIC_ACQUIRES_LOCK
233static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
a954f761 234 int in_io, QCTX *ctx)
e88cdb8e
HL		 235{
236 if (!expect_quic(s, ctx))
237 return 0;
238
a954f761 239 ctx->in_io = in_io;
8b7be3aa
HL		 240 quic_lock(ctx->qc);
241
21c80696 242 if (ctx->xso == NULL && remote_init >= 0) {
6d6b3a03 243 if (!quic_mutation_allowed(ctx->qc, /*req_active=*/0)) {
faa3a180 244 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
8b7be3aa
HL		 245 goto err;
246 }
247
248 /* If we haven't finished the handshake, try to advance it. */
faa3a180 249 if (quic_do_handshake(ctx) < 1)
8b7be3aa
HL		 250 /* ossl_quic_do_handshake raised error here */
251 goto err;
252
253 if (remote_init == 0) {
faa3a180 254 if (!qc_try_create_default_xso_for_write(ctx))
8b7be3aa
HL		 255 goto err;
256 } else {
faa3a180 257 if (!qc_wait_for_default_xso_for_read(ctx))
8b7be3aa
HL		 258 goto err;
259 }
260
21c80696
HL		 261 ctx->xso = ctx->qc->default_xso;
262 }
263
8b7be3aa 264 if (ctx->xso == NULL) {
a954f761 265 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
8b7be3aa
HL		 266 goto err;
267 }
268
23406e30 269 return 1; /* coverity[missing_unlock]: lock held */
e88cdb8e 270
8b7be3aa
HL		 271err:
272 quic_unlock(ctx->qc);
273 return 0;
e88cdb8e 274}
22d53c88 275
e88cdb8e
HL		 276/*
277 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
278 * be non-NULL if the QCSO has a default stream.
279 */
a954f761 280static int ossl_unused expect_quic_conn_only(const SSL *s, int in_io, QCTX *ctx)
e88cdb8e
HL		 281{
282 if (!expect_quic(s, ctx))
283 return 0;
284
a954f761 285 ctx->in_io = in_io;
e88cdb8e 286 if (ctx->is_stream)
a954f761 287 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_CONN_USE_ONLY, NULL);
e88cdb8e
HL		 288
289 return 1;
22d53c88
HL		 290}
291
4847599b
HL		 292/*
293 * Ensures that the channel mutex is held for a method which touches channel
294 * state.
295 *
296 * Precondition: Channel mutex is not held (unchecked)
297 */
20f45743 298static void quic_lock(QUIC_CONNECTION *qc)
4847599b 299{
629b408c 300#if defined(OPENSSL_THREADS)
ffce2946 301 ossl_crypto_mutex_lock(qc->mutex);
629b408c 302#endif
4847599b
HL		 303}
304
305/* Precondition: Channel mutex is held (unchecked) */
306QUIC_NEEDS_LOCK
307static void quic_unlock(QUIC_CONNECTION *qc)
308{
629b408c 309#if defined(OPENSSL_THREADS)
ffce2946 310 ossl_crypto_mutex_unlock(qc->mutex);
629b408c 311#endif
4847599b
HL		 312}
313
6d6b3a03
HL		 314/*
315 * This predicate is the criterion which should determine API call rejection for
316 * *most* mutating API calls, particularly stream-related operations for send
317 * parts.
318 *
319 * A call is rejected (this function returns 0) if shutdown is in progress
320 * (stream flushing), or we are in a TERMINATING or TERMINATED state. If
321 * req_active=1, the connection must be active (i.e., the IDLE state is also
322 * rejected).
323 */
324static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active)
325{
326 if (qc->shutting_down || ossl_quic_channel_is_term_any(qc->ch))
327 return 0;
328
329 if (req_active && !ossl_quic_channel_is_active(qc->ch))
330 return 0;
331
332 return 1;
333}
4847599b 334
22d53c88
HL		 335/*
336 * QUIC Front-End I/O API: Initialization
337 * ======================================
338 *
339 * SSL_new => ossl_quic_new
340 * ossl_quic_init
341 * SSL_reset => ossl_quic_reset
342 * SSL_clear => ossl_quic_clear
343 * ossl_quic_deinit
344 * SSL_free => ossl_quic_free
345 *
f0d9757c
HL		 346 * SSL_set_options => ossl_quic_set_options
347 * SSL_get_options => ossl_quic_get_options
348 * SSL_clear_options => ossl_quic_clear_options
349 *
22d53c88
HL		 350 */
351
352/* SSL_new */
38b051a1
TM		 353SSL *ossl_quic_new(SSL_CTX *ctx)
354{
22d53c88
HL		 355 QUIC_CONNECTION *qc = NULL;
356 SSL *ssl_base = NULL;
a7f41885 357 SSL_CONNECTION *sc = NULL;
38b051a1
TM		 358
359 qc = OPENSSL_zalloc(sizeof(*qc));
8ee3ee10 360 if (qc == NULL) {
a954f761 361 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
38b051a1 362 goto err;
8ee3ee10 363 }
38b051a1 364
22d53c88
HL		 365 /* Initialise the QUIC_CONNECTION's stub header. */
366 ssl_base = &qc->ssl;
a7f41885 367 if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
22d53c88 368 ssl_base = NULL;
a954f761 369 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
38b051a1
TM		 370 goto err;
371 }
38b051a1 372
4e3a55fd 373 qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
8ee3ee10 374 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL) {
a954f761 375 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
8ee3ee10
TM		 376 goto err;
377 }
f0d9757c 378
43788fb3 379 /* override the user_ssl of the inner connection */
f082205b 380 sc->s3.flags |= TLS1_FLAGS_QUIC;
a7f41885 381
f0d9757c 382 /* Restrict options derived from the SSL_CTX. */
db2f98c4 383 sc->options &= OSSL_QUIC_PERMITTED_OPTIONS_CONN;
6e5550a1 384 sc->pha_enabled = 0;
f0d9757c 385
629b408c 386#if defined(OPENSSL_THREADS)
8ee3ee10 387 if ((qc->mutex = ossl_crypto_mutex_new()) == NULL) {
a954f761 388 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
4847599b 389 goto err;
8ee3ee10 390 }
629b408c 391#endif
4847599b 392
629b408c 393#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
f2f7c4f1
HL		 394 qc->is_thread_assisted
395 = (ssl_base->method == OSSL_QUIC_client_thread_method());
629b408c 396#endif
f2f7c4f1 397
44cb36d0 398 qc->as_server = 0; /* TODO(QUIC SERVER): add server support */
dfb9ae14
HL		 399 qc->as_server_state = qc->as_server;
400
8b7be3aa 401 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
21c80696 402 qc->default_ssl_mode = qc->ssl.ctx->mode;
db2f98c4 403 qc->default_ssl_options = qc->ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS;
51e671e2
HL		 404 qc->desires_blocking = 1;
405 qc->blocking = 0;
83df44ae 406 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO;
21c80696 407 qc->last_error = SSL_ERROR_NONE;
a7f41885 408
23c04709
HL		 409 if (!create_channel(qc))
410 goto err;
411
5cf99b40
MC		 412 ossl_quic_channel_set_msg_callback(qc->ch, ctx->msg_callback, ssl_base);
413 ossl_quic_channel_set_msg_callback_arg(qc->ch, ctx->msg_callback_arg);
414
995ff282
HL		 415 qc_update_reject_policy(qc);
416
21c80696
HL		 417 /*
418 * We do not create the default XSO yet. The reason for this is that the
419 * stream ID of the default XSO will depend on whether the stream is client
420 * or server-initiated, which depends on who transmits first. Since we do
421 * not know whether the application will be using a client-transmits-first
422 * or server-transmits-first protocol, we defer default XSO creation until
423 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
424 * we take that as a cue that the client is expecting a server-initiated
425 * stream, and vice versa if SSL_write() is called first.
426 */
22d53c88
HL		 427 return ssl_base;
428
38b051a1 429err:
2dbc39de 430 if (qc != NULL) {
629b408c
HL		 431#if defined(OPENSSL_THREADS)
432 ossl_crypto_mutex_free(qc->mutex);
433#endif
2dbc39de
HL		 434 ossl_quic_channel_free(qc->ch);
435 SSL_free(qc->tls);
436 }
22d53c88 437 OPENSSL_free(qc);
38b051a1
TM		 438 return NULL;
439}
440
22d53c88 441/* SSL_free */
a8489257 442QUIC_TAKES_LOCK
22d53c88
HL		 443void ossl_quic_free(SSL *s)
444{
072328dd 445 QCTX ctx;
9cab4bd5 446 int is_default;
22d53c88 447
072328dd
HL		 448 /* We should never be called on anything but a QSO. */
449 if (!expect_quic(s, &ctx))
22d53c88
HL		 450 return;
451
22b1a96f
HL		 452 quic_lock(ctx.qc);
453
2dbc39de
HL		 454 if (ctx.is_stream) {
455 /*
456 * When a QSSO is freed, the XSO is freed immediately, because the XSO
457 * itself only contains API personality layer data. However the
458 * underlying QUIC_STREAM is not freed immediately but is instead marked
459 * as deleted for later collection.
460 */
461
2dbc39de
HL		 462 assert(ctx.qc->num_xso > 0);
463 --ctx.qc->num_xso;
464
9aaafc26 465 /* If a stream's send part has not been finished, auto-reset it. */
2f018d14
HL		 466 if (( ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_READY
467 || ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_SEND)
9aaafc26
HL		 468 && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL))
469 ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
470 ctx.xso->stream, 0);
2dbc39de 471
9aaafc26 472 /* Do STOP_SENDING for the receive part, if applicable. */
2f018d14
HL		 473 if ( ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_RECV
474 || ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN)
9aaafc26
HL		 475 ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
476 ctx.xso->stream, 0);
f20fdd16
HL		 477
478 /* Update stream state. */
9aaafc26
HL		 479 ctx.xso->stream->deleted = 1;
480 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch),
f20fdd16
HL		 481 ctx.xso->stream);
482
9cab4bd5 483 is_default = (ctx.xso == ctx.qc->default_xso);
2dbc39de
HL		 484 quic_unlock(ctx.qc);
485
9cab4bd5
HL		 486 /*
487 * Unref the connection in most cases; the XSO has a ref to the QC and
488 * not vice versa. But for a default XSO, to avoid circular references,
489 * the QC refs the XSO but the XSO does not ref the QC. If we are the
490 * default XSO, we only get here when the QC is being torn down anyway,
491 * so don't call SSL_free(qc) as we are already in it.
492 */
493 if (!is_default)
494 SSL_free(&ctx.qc->ssl);
495
2dbc39de
HL		 496 /* Note: SSL_free calls OPENSSL_free(xso) for us */
497 return;
498 }
499
2dbc39de
HL		 500 /*
501 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
502 * stage, but is freed during the channel free when the whole QSM is freed.
503 */
21c80696
HL		 504 if (ctx.qc->default_xso != NULL) {
505 QUIC_XSO *xso = ctx.qc->default_xso;
506
507 quic_unlock(ctx.qc);
508 SSL_free(&xso->ssl);
509 quic_lock(ctx.qc);
9cab4bd5 510 ctx.qc->default_xso = NULL;
21c80696 511 }
2dbc39de
HL		 512
513 /* Ensure we have no remaining XSOs. */
514 assert(ctx.qc->num_xso == 0);
515
629b408c 516#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
072328dd
HL		 517 if (ctx.qc->is_thread_assisted && ctx.qc->started) {
518 ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
519 ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
dbe7b51a 520 }
629b408c 521#endif
f2f7c4f1 522
072328dd 523 ossl_quic_channel_free(ctx.qc->ch);
22d53c88 524
072328dd
HL		 525 BIO_free(ctx.qc->net_rbio);
526 BIO_free(ctx.qc->net_wbio);
d1ac77b1 527
22d53c88 528 /* Note: SSL_free calls OPENSSL_free(qc) for us */
a7f41885 529
072328dd 530 SSL_free(ctx.qc->tls);
45b7c7e0 531 quic_unlock(ctx.qc); /* tsan doesn't like freeing locked mutexes */
629b408c 532#if defined(OPENSSL_THREADS)
45b7c7e0 533 ossl_crypto_mutex_free(&ctx.qc->mutex);
629b408c 534#endif
22d53c88
HL		 535}
536
537/* SSL method init */
38b051a1 538int ossl_quic_init(SSL *s)
99e1cc7b 539{
22d53c88
HL		 540 /* Same op as SSL_clear, forward the call. */
541 return ossl_quic_clear(s);
99e1cc7b
TM		 542}
543
22d53c88 544/* SSL method deinit */
38b051a1
TM		 545void ossl_quic_deinit(SSL *s)
546{
22d53c88 547 /* No-op. */
38b051a1
TM		 548}
549
5f69db39 550/* SSL_clear (ssl_reset method) */
22d53c88
HL		 551int ossl_quic_reset(SSL *s)
552{
072328dd 553 QCTX ctx;
22d53c88 554
072328dd 555 if (!expect_quic(s, &ctx))
22d53c88
HL		 556 return 0;
557
96014840 558 ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
5f69db39 559 return 0;
22d53c88
HL		 560}
561
5f69db39 562/* ssl_clear method (unused) */
22d53c88 563int ossl_quic_clear(SSL *s)
99e1cc7b 564{
072328dd 565 QCTX ctx;
38b051a1 566
072328dd 567 if (!expect_quic(s, &ctx))
22d53c88
HL		 568 return 0;
569
44cb36d0 570 /* TODO(QUIC FUTURE): Currently a no-op. */
22d53c88
HL		 571 return 1;
572}
38b051a1 573
e3e9794a
HL		 574int ossl_quic_conn_set_override_now_cb(SSL *s,
575 OSSL_TIME (*now_cb)(void *arg),
576 void *now_cb_arg)
b212d554 577{
072328dd 578 QCTX ctx;
b212d554 579
072328dd 580 if (!expect_quic(s, &ctx))
e3e9794a
HL		 581 return 0;
582
583 quic_lock(ctx.qc);
072328dd
HL		 584
585 ctx.qc->override_now_cb = now_cb;
586 ctx.qc->override_now_cb_arg = now_cb_arg;
e3e9794a
HL		 587
588 quic_unlock(ctx.qc);
589 return 1;
b212d554
HL		 590}
591
3b1ab5a3
HL		 592void ossl_quic_conn_force_assist_thread_wake(SSL *s)
593{
072328dd
HL		 594 QCTX ctx;
595
596 if (!expect_quic(s, &ctx))
597 return;
3b1ab5a3 598
629b408c 599#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
072328dd
HL		 600 if (ctx.qc->is_thread_assisted && ctx.qc->started)
601 ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
629b408c 602#endif
3b1ab5a3
HL		 603}
604
995ff282
HL		 605QUIC_NEEDS_LOCK
606static void qc_touch_default_xso(QUIC_CONNECTION *qc)
607{
608 qc->default_xso_created = 1;
609 qc_update_reject_policy(qc);
610}
611
9cab4bd5
HL		 612/*
613 * Changes default XSO. Allows caller to keep reference to the old default XSO
614 * (if any). Reference to new XSO is transferred from caller.
615 */
995ff282 616QUIC_NEEDS_LOCK
9cab4bd5
HL		 617static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
618 int touch,
619 QUIC_XSO **old_xso)
995ff282 620{
9cab4bd5
HL		 621 int refs;
622
623 *old_xso = NULL;
624
625 if (qc->default_xso != xso) {
626 *old_xso = qc->default_xso; /* transfer old XSO ref to caller */
627
628 qc->default_xso = xso;
629
630 if (xso == NULL) {
631 /*
632 * Changing to not having a default XSO. XSO becomes standalone and
633 * now has a ref to the QC.
634 */
635 if (!ossl_assert(SSL_up_ref(&qc->ssl)))
636 return;
637 } else {
638 /*
639 * Changing from not having a default XSO to having one. The new XSO
640 * will have had a reference to the QC we need to drop to avoid a
641 * circular reference.
3a61a96c
HL		 642 *
643 * Currently we never change directly from one default XSO to
644 * another, though this function would also still be correct if this
645 * weren't the case.
9cab4bd5 646 */
3a61a96c
HL		 647 assert(*old_xso == NULL);
648
4eecc6aa 649 CRYPTO_DOWN_REF(&qc->ssl.references, &refs);
9cab4bd5
HL		 650 assert(refs > 0);
651 }
652 }
653
995ff282
HL		 654 if (touch)
655 qc_touch_default_xso(qc);
656}
657
9cab4bd5
HL		 658/*
659 * Changes default XSO, releasing the reference to any previous default XSO.
660 * Reference to new XSO is transferred from caller.
661 */
662QUIC_NEEDS_LOCK
663static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch)
664{
665 QUIC_XSO *old_xso = NULL;
666
667 qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso);
668
669 if (old_xso != NULL)
670 SSL_free(&old_xso->ssl);
671}
672
db2f98c4
HL		 673QUIC_NEEDS_LOCK
674static void xso_update_options(QUIC_XSO *xso)
675{
676 int cleanse = ((xso->ssl_options & SSL_OP_CLEANSE_PLAINTEXT) != 0);
677
678 if (xso->stream->rstream != NULL)
679 ossl_quic_rstream_set_cleanse(xso->stream->rstream, cleanse);
680
681 if (xso->stream->sstream != NULL)
682 ossl_quic_sstream_set_cleanse(xso->stream->sstream, cleanse);
683}
684
685/*
686 * SSL_set_options
687 * ---------------
688 *
689 * Setting options on a QCSO
690 * - configures the handshake-layer options;
691 * - configures the default data-plane options for new streams;
692 * - configures the data-plane options on the default XSO, if there is one.
693 *
694 * Setting options on a QSSO
695 * - configures data-plane options for that stream only.
696 */
d6e7ebba 697QUIC_TAKES_LOCK
f0d9757c
HL		 698static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_value)
699{
700 QCTX ctx;
db2f98c4 701 uint64_t hs_mask_value, hs_or_value, ret;
f0d9757c 702
d6e7ebba 703 if (!expect_quic(ssl, &ctx))
f0d9757c
HL		 704 return 0;
705
d6e7ebba
HL		 706 quic_lock(ctx.qc);
707
db2f98c4
HL		 708 if (!ctx.is_stream) {
709 /*
710 * If we were called on the connection, we apply any handshake option
711 * changes.
712 */
713 hs_mask_value = (mask_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
714 hs_or_value = (or_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
f0d9757c 715
db2f98c4
HL		 716 SSL_clear_options(ctx.qc->tls, hs_mask_value);
717 SSL_set_options(ctx.qc->tls, hs_or_value);
d6e7ebba 718
db2f98c4
HL		 719 /* Update defaults for new streams. */
720 ctx.qc->default_ssl_options
721 = ((ctx.qc->default_ssl_options & ~mask_value) | or_value)
722 & OSSL_QUIC_PERMITTED_OPTIONS;
723 }
18ca1c8f 724
db2f98c4
HL		 725 if (ctx.xso != NULL) {
726 ctx.xso->ssl_options
727 = ((ctx.xso->ssl_options & ~mask_value) | or_value)
728 & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
729
730 xso_update_options(ctx.xso);
18ca1c8f 731 }
f0d9757c 732
db2f98c4
HL		 733 ret = ctx.is_stream ? ctx.xso->ssl_options : ctx.qc->default_ssl_options;
734
f0d9757c 735 quic_unlock(ctx.qc);
db2f98c4 736 return ret;
f0d9757c
HL		 737}
738
739uint64_t ossl_quic_set_options(SSL *ssl, uint64_t options)
740{
d6e7ebba 741 return quic_mask_or_options(ssl, 0, options);
f0d9757c
HL		 742}
743
744/* SSL_clear_options */
745uint64_t ossl_quic_clear_options(SSL *ssl, uint64_t options)
746{
747 return quic_mask_or_options(ssl, options, 0);
748}
749
750/* SSL_get_options */
751uint64_t ossl_quic_get_options(const SSL *ssl)
752{
753 return quic_mask_or_options((SSL *)ssl, 0, 0);
754}
755
22d53c88
HL		 756/*
757 * QUIC Front-End I/O API: Network BIO Configuration
758 * =================================================
759 *
760 * Handling the different BIOs is difficult:
761 *
762 * - It is more or less a requirement that we use non-blocking network I/O;
763 * we need to be able to have timeouts on recv() calls, and make best effort
764 * (non blocking) send() and recv() calls.
765 *
766 * The only sensible way to do this is to configure the socket into
767 * non-blocking mode. We could try to do select() before calling send() or
768 * recv() to get a guarantee that the call will not block, but this will
769 * probably run into issues with buggy OSes which generate spurious socket
770 * readiness events. In any case, relying on this to work reliably does not
771 * seem sane.
772 *
773 * Timeouts could be handled via setsockopt() socket timeout options, but
774 * this depends on OS support and adds another syscall to every network I/O
775 * operation. It also has obvious thread safety concerns if we want to move
776 * to concurrent use of a single socket at some later date.
777 *
778 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
779 * be made non-blocking. However some OSes (e.g. Windows) do not support
780 * this, so we cannot rely on this.
781 *
782 * As such, we need to configure any FD in non-blocking mode. This may
783 * confound users who pass a blocking socket to libssl. However, in practice
784 * it would be extremely strange for a user of QUIC to pass an FD to us,
785 * then also try and send receive traffic on the same socket(!). Thus the
786 * impact of this should be limited, and can be documented.
787 *
788 * - We support both blocking and non-blocking operation in terms of the API
789 * presented to the user. One prospect is to set the blocking mode based on
790 * whether the socket passed to us was already in blocking mode. However,
791 * Windows has no API for determining if a socket is in blocking mode (!),
792 * therefore this cannot be done portably. Currently therefore we expose an
793 * explicit API call to set this, and default to blocking mode.
794 *
795 * - We need to determine our initial destination UDP address. The "natural"
796 * way for a user to do this is to set the peer variable on a BIO_dgram.
797 * However, this has problems because BIO_dgram's peer variable is used for
798 * both transmission and reception. This means it can be constantly being
799 * changed to a malicious value (e.g. if some random unrelated entity on the
800 * network starts sending traffic to us) on every read call. This is not a
801 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
802 * calls only, which do not use this variable. However, we do need to let
803 * the user specify the peer in a 'normal' manner. The compromise here is
804 * that we grab the current peer value set at the time the write BIO is set
805 * and do not read the value again.
806 *
807 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
808 * Currently we do this by only supporting non-blocking mode.
809 *
810 */
811
812/*
813 * Determines what initial destination UDP address we should use, if possible.
814 * If this fails the client must set the destination address manually, or use a
815 * BIO which does not need a destination address.
816 */
817static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
818{
75b2920a 819 if (BIO_dgram_get_peer(net_wbio, peer) <= 0)
22d53c88
HL		 820 return 0;
821
822 return 1;
823}
824
51e671e2
HL		 825static int qc_can_support_blocking_cached(QUIC_CONNECTION *qc)
826{
827 QUIC_REACTOR *rtor = ossl_quic_channel_get_reactor(qc->ch);
828
829 return ossl_quic_reactor_can_poll_r(rtor)
830 && ossl_quic_reactor_can_poll_w(rtor);
831}
832
833static void qc_update_can_support_blocking(QUIC_CONNECTION *qc)
834{
835 ossl_quic_channel_update_poll_descriptors(qc->ch); /* best effort */
836}
837
838static void qc_update_blocking_mode(QUIC_CONNECTION *qc)
839{
840 qc->blocking = qc->desires_blocking && qc_can_support_blocking_cached(qc);
841}
842
072328dd 843void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
22d53c88 844{
072328dd
HL		 845 QCTX ctx;
846
847 if (!expect_quic(s, &ctx))
848 return;
849
850 if (ctx.qc->net_rbio == net_rbio)
38b051a1 851 return;
38b051a1 852
23c04709 853 if (!ossl_quic_channel_set_net_rbio(ctx.qc->ch, net_rbio))
22d53c88
HL		 854 return;
855
072328dd
HL		 856 BIO_free(ctx.qc->net_rbio);
857 ctx.qc->net_rbio = net_rbio;
22d53c88 858
51e671e2
HL		 859 if (net_rbio != NULL)
860 BIO_set_nbio(net_rbio, 1); /* best effort autoconfig */
861
22d53c88 862 /*
51e671e2
HL		 863 * Determine if the current pair of read/write BIOs now set allows blocking
864 * mode to be supported.
22d53c88 865 */
51e671e2
HL		 866 qc_update_can_support_blocking(ctx.qc);
867 qc_update_blocking_mode(ctx.qc);
99e1cc7b
TM		 868}
869
072328dd 870void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
38b051a1 871{
072328dd
HL		 872 QCTX ctx;
873
874 if (!expect_quic(s, &ctx))
22d53c88
HL		 875 return;
876
072328dd 877 if (ctx.qc->net_wbio == net_wbio)
22d53c88
HL		 878 return;
879
23c04709 880 if (!ossl_quic_channel_set_net_wbio(ctx.qc->ch, net_wbio))
072328dd
HL		 881 return;
882
883 BIO_free(ctx.qc->net_wbio);
884 ctx.qc->net_wbio = net_wbio;
22d53c88 885
51e671e2 886 if (net_wbio != NULL)
0818c170 887 BIO_set_nbio(net_wbio, 1); /* best effort autoconfig */
51e671e2
HL		 888
889 /*
890 * Determine if the current pair of read/write BIOs now set allows blocking
891 * mode to be supported.
892 */
893 qc_update_can_support_blocking(ctx.qc);
894 qc_update_blocking_mode(ctx.qc);
22d53c88 895}
38b051a1 896
072328dd 897BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
22d53c88 898{
072328dd
HL		 899 QCTX ctx;
900
901 if (!expect_quic(s, &ctx))
902 return NULL;
903
904 return ctx.qc->net_rbio;
38b051a1
TM		 905}
906
072328dd 907BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
22d53c88 908{
072328dd
HL		 909 QCTX ctx;
910
911 if (!expect_quic(s, &ctx))
912 return NULL;
913
914 return ctx.qc->net_wbio;
22d53c88
HL		 915}
916
072328dd 917int ossl_quic_conn_get_blocking_mode(const SSL *s)
99e1cc7b 918{
072328dd
HL		 919 QCTX ctx;
920
921 if (!expect_quic(s, &ctx))
922 return 0;
923
cb5c208b 924 if (ctx.is_stream)
51e671e2 925 return xso_blocking_mode(ctx.xso);
cb5c208b 926
51e671e2 927 return qc_blocking_mode(ctx.qc);
22d53c88
HL		 928}
929
51e671e2 930QUIC_TAKES_LOCK
072328dd 931int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
22d53c88 932{
51e671e2 933 int ret = 0;
072328dd
HL		 934 QCTX ctx;
935
936 if (!expect_quic(s, &ctx))
937 return 0;
938
51e671e2 939 quic_lock(ctx.qc);
22d53c88 940
51e671e2
HL		 941 /* Sanity check - can we support the request given the current network BIO? */
942 if (blocking) {
cb5c208b 943 /*
51e671e2
HL		 944 * If called directly on a QCSO, update our information on network BIO
945 * capabilities.
cb5c208b 946 */
51e671e2
HL		 947 if (!ctx.is_stream)
948 qc_update_can_support_blocking(ctx.qc);
949
950 /* Cannot enable blocking mode if we do not have pollable FDs. */
951 if (!qc_can_support_blocking_cached(ctx.qc)) {
952 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
953 goto out;
954 }
cb5c208b
HL		 955 }
956
51e671e2
HL		 957 if (!ctx.is_stream)
958 /*
959 * If called directly on a QCSO, update default and connection-level
960 * blocking modes.
961 */
962 ctx.qc->desires_blocking = (blocking != 0);
963
964 if (ctx.xso != NULL) {
cb5c208b 965 /*
51e671e2 966 * If called on a QSSO or a QCSO with a default XSO, update the blocking
cb5c208b
HL		 967 * mode.
968 */
51e671e2
HL		 969 ctx.xso->desires_blocking = (blocking != 0);
970 ctx.xso->desires_blocking_set = 1;
971 }
cb5c208b 972
51e671e2
HL		 973 ret = 1;
974out:
975 qc_update_blocking_mode(ctx.qc);
976 quic_unlock(ctx.qc);
977 return ret;
99e1cc7b
TM		 978}
979
072328dd 980int ossl_quic_conn_set_initial_peer_addr(SSL *s,
22d53c88 981 const BIO_ADDR *peer_addr)
99e1cc7b 982{
072328dd
HL		 983 QCTX ctx;
984
985 if (!expect_quic(s, &ctx))
986 return 0;
987
988 if (ctx.qc->started)
a954f761 989 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
8ee3ee10 990 NULL);
38b051a1 991
22d53c88 992 if (peer_addr == NULL) {
072328dd 993 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88
HL		 994 return 1;
995 }
38b051a1 996
072328dd 997 ctx.qc->init_peer_addr = *peer_addr;
99e1cc7b
TM		 998 return 1;
999}
1000
22d53c88
HL		 1001/*
1002 * QUIC Front-End I/O API: Asynchronous I/O Management
1003 * ===================================================
1004 *
6084e04b
HL		 1005 * (BIO/)SSL_handle_events => ossl_quic_handle_events
1006 * (BIO/)SSL_get_event_timeout => ossl_quic_get_event_timeout
22d53c88
HL		 1007 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
1008 *
1009 */
1010
1011/* Returns 1 if the connection is being used in blocking mode. */
cb5c208b 1012static int qc_blocking_mode(const QUIC_CONNECTION *qc)
99e1cc7b 1013{
22d53c88
HL		 1014 return qc->blocking;
1015}
38b051a1 1016
cb5c208b
HL		 1017static int xso_blocking_mode(const QUIC_XSO *xso)
1018{
51e671e2
HL		 1019 if (xso->desires_blocking_set)
1020 return xso->desires_blocking && qc_can_support_blocking_cached(xso->conn);
1021 else
1022 /* Only ever set if we can support blocking. */
1023 return xso->conn->blocking;
cb5c208b
HL		 1024}
1025
b626a0f1 1026/* SSL_handle_events; performs QUIC I/O and timeout processing. */
a8489257 1027QUIC_TAKES_LOCK
6084e04b 1028int ossl_quic_handle_events(SSL *s)
22d53c88 1029{
072328dd
HL		 1030 QCTX ctx;
1031
1032 if (!expect_quic(s, &ctx))
1033 return 0;
1034
1035 quic_lock(ctx.qc);
072328dd
HL		 1036 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
1037 quic_unlock(ctx.qc);
99e1cc7b
TM		 1038 return 1;
1039}
1040
22d53c88 1041/*
6084e04b 1042 * SSL_get_event_timeout. Get the time in milliseconds until the SSL object
b626a0f1
HL		 1043 * should next have events handled by the application by calling
1044 * SSL_handle_events(). tv is set to 0 if the object should have events handled
1045 * immediately. If no timeout is currently active, *is_infinite is set to 1 and
1046 * the value of *tv is undefined.
22d53c88 1047 */
a8489257 1048QUIC_TAKES_LOCK
7ea49713 1049int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite)
99e1cc7b 1050{
072328dd 1051 QCTX ctx;
a1660c94 1052 OSSL_TIME deadline = ossl_time_infinite();
e44795bd 1053
072328dd
HL		 1054 if (!expect_quic(s, &ctx))
1055 return 0;
a8489257 1056
072328dd
HL		 1057 quic_lock(ctx.qc);
1058
23c04709
HL		 1059 deadline
1060 = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
22d53c88
HL		 1061
1062 if (ossl_time_is_infinite(deadline)) {
7ea49713
HL		 1063 *is_infinite = 1;
1064
1065 /*
1066 * Robustness against faulty applications that don't check *is_infinite;
1067 * harmless long timeout.
1068 */
1069 tv->tv_sec = 1000000;
22d53c88 1070 tv->tv_usec = 0;
7ea49713 1071
072328dd 1072 quic_unlock(ctx.qc);
22d53c88
HL		 1073 return 1;
1074 }
1075
e3e9794a 1076 *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, get_time(ctx.qc)));
7ea49713 1077 *is_infinite = 0;
072328dd 1078 quic_unlock(ctx.qc);
22d53c88
HL		 1079 return 1;
1080}
1081
1082/* SSL_get_rpoll_descriptor */
072328dd 1083int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
22d53c88 1084{
072328dd
HL		 1085 QCTX ctx;
1086
1087 if (!expect_quic(s, &ctx))
e44795bd
TM		 1088 return 0;
1089
8ee3ee10 1090 if (desc == NULL || ctx.qc->net_rbio == NULL)
a954f761 1091 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
8ee3ee10 1092 NULL);
072328dd
HL		 1093
1094 return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
99e1cc7b
TM		 1095}
1096
22d53c88 1097/* SSL_get_wpoll_descriptor */
072328dd 1098int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
99e1cc7b 1099{
072328dd
HL		 1100 QCTX ctx;
1101
1102 if (!expect_quic(s, &ctx))
1103 return 0;
1104
8ee3ee10 1105 if (desc == NULL || ctx.qc->net_wbio == NULL)
a954f761 1106 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
8ee3ee10 1107 NULL);
22d53c88 1108
072328dd 1109 return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
99e1cc7b
TM		 1110}
1111
b639475a 1112/* SSL_net_read_desired */
a8489257 1113QUIC_TAKES_LOCK
072328dd 1114int ossl_quic_get_net_read_desired(SSL *s)
99e1cc7b 1115{
072328dd 1116 QCTX ctx;
a8489257
HL		 1117 int ret;
1118
072328dd
HL		 1119 if (!expect_quic(s, &ctx))
1120 return 0;
1121
1122 quic_lock(ctx.qc);
072328dd
HL		 1123 ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
1124 quic_unlock(ctx.qc);
a8489257 1125 return ret;
22d53c88 1126}
e44795bd 1127
b639475a 1128/* SSL_net_write_desired */
a8489257 1129QUIC_TAKES_LOCK
072328dd 1130int ossl_quic_get_net_write_desired(SSL *s)
22d53c88 1131{
a8489257 1132 int ret;
072328dd
HL		 1133 QCTX ctx;
1134
1135 if (!expect_quic(s, &ctx))
1136 return 0;
a8489257 1137
072328dd 1138 quic_lock(ctx.qc);
072328dd
HL		 1139 ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
1140 quic_unlock(ctx.qc);
a8489257 1141 return ret;
99e1cc7b
TM		 1142}
1143
22d53c88
HL		 1144/*
1145 * QUIC Front-End I/O API: Connection Lifecycle Operations
1146 * =======================================================
1147 *
1148 * SSL_do_handshake => ossl_quic_do_handshake
1149 * SSL_set_connect_state => ossl_quic_set_connect_state
1150 * SSL_set_accept_state => ossl_quic_set_accept_state
1151 * SSL_shutdown => ossl_quic_shutdown
1152 * SSL_ctrl => ossl_quic_ctrl
1153 * (BIO/)SSL_connect => ossl_quic_connect
1154 * (BIO/)SSL_accept => ossl_quic_accept
1155 *
1156 */
1157
8a2e9aba
HL		 1158QUIC_NEEDS_LOCK
1159static void qc_shutdown_flush_init(QUIC_CONNECTION *qc)
1160{
1161 QUIC_STREAM_MAP *qsm;
1162
1163 if (qc->shutting_down)
1164 return;
1165
1166 qsm = ossl_quic_channel_get_qsm(qc->ch);
1167
1168 ossl_quic_stream_map_begin_shutdown_flush(qsm);
1169 qc->shutting_down = 1;
1170}
1171
1172/* Returns 1 if all shutdown-flush streams have been done with. */
1173QUIC_NEEDS_LOCK
1174static int qc_shutdown_flush_finished(QUIC_CONNECTION *qc)
1175{
1176 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
1177
1178 return qc->shutting_down
1179 && ossl_quic_stream_map_is_shutdown_flush_finished(qsm);
1180}
1181
22d53c88 1182/* SSL_shutdown */
e8043229 1183static int quic_shutdown_wait(void *arg)
99e1cc7b 1184{
e8043229 1185 QUIC_CONNECTION *qc = arg;
22d53c88 1186
23c04709 1187 return ossl_quic_channel_is_terminated(qc->ch);
e8043229 1188}
22d53c88 1189
8a2e9aba
HL		 1190/* Returns 1 if shutdown flush process has finished or is inapplicable. */
1191static int quic_shutdown_flush_wait(void *arg)
1192{
1193 QUIC_CONNECTION *qc = arg;
1194
1195 return ossl_quic_channel_is_term_any(qc->ch)
1196 || qc_shutdown_flush_finished(qc);
1197}
1198
25a0c4b9
HL		 1199static int quic_shutdown_peer_wait(void *arg)
1200{
1201 QUIC_CONNECTION *qc = arg;
1202 return ossl_quic_channel_is_term_any(qc->ch);
1203}
1204
a8489257 1205QUIC_TAKES_LOCK
072328dd 1206int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
e8043229
HL		 1207 const SSL_SHUTDOWN_EX_ARGS *args,
1208 size_t args_len)
1209{
a8489257 1210 int ret;
072328dd 1211 QCTX ctx;
8a2e9aba 1212 int stream_flush = ((flags & SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH) == 0);
25a0c4b9
HL		 1213 int no_block = ((flags & SSL_SHUTDOWN_FLAG_NO_BLOCK) != 0);
1214 int wait_peer = ((flags & SSL_SHUTDOWN_FLAG_WAIT_PEER) != 0);
a8489257 1215
072328dd 1216 if (!expect_quic(s, &ctx))
63fac76c 1217 return -1;
072328dd 1218
8ee3ee10 1219 if (ctx.is_stream) {
a954f761 1220 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_CONN_USE_ONLY, NULL);
cb5c208b 1221 return -1;
8ee3ee10 1222 }
cb5c208b 1223
072328dd 1224 quic_lock(ctx.qc);
a8489257 1225
63fac76c
HL		 1226 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
1227 quic_unlock(ctx.qc);
1228 return 1;
1229 }
1230
8a2e9aba 1231 /* Phase 1: Stream Flushing */
25a0c4b9 1232 if (!wait_peer && stream_flush) {
8a2e9aba
HL		 1233 qc_shutdown_flush_init(ctx.qc);
1234
1235 if (!qc_shutdown_flush_finished(ctx.qc)) {
25a0c4b9 1236 if (!no_block && qc_blocking_mode(ctx.qc)) {
23406e30
HL		 1237 ret = block_until_pred(ctx.qc, quic_shutdown_flush_wait, ctx.qc, 0);
1238 if (ret < 1) {
1239 ret = 0;
1240 goto err;
1241 }
1242 } else {
8a2e9aba 1243 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
23406e30 1244 }
8a2e9aba
HL		 1245 }
1246
1247 if (!qc_shutdown_flush_finished(ctx.qc)) {
1248 quic_unlock(ctx.qc);
1249 return 0; /* ongoing */
1250 }
1251 }
1252
1253 /* Phase 2: Connection Closure */
25a0c4b9
HL		 1254 if (wait_peer && !ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1255 if (!no_block && qc_blocking_mode(ctx.qc)) {
1256 ret = block_until_pred(ctx.qc, quic_shutdown_peer_wait, ctx.qc, 0);
1257 if (ret < 1) {
1258 ret = 0;
1259 goto err;
1260 }
1261 } else {
1262 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
1263 }
1264
1265 if (!ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1266 ret = 0; /* peer hasn't closed yet - still not done */
1267 goto err;
1268 }
1269
1270 /*
1271 * We are at least terminating - go through the normal process of
1272 * waiting until we are in the TERMINATED state.
1273 */
1274 }
1275
1276 /* Block mutation ops regardless of if we did stream flush. */
1277 ctx.qc->shutting_down = 1;
1278
1279 /*
1280 * This call is a no-op if we are already terminating, so it doesn't
1281 * affect the wait_peer case.
1282 */
072328dd 1283 ossl_quic_channel_local_close(ctx.qc->ch,
40c8c756
HL		 1284 args != NULL ? args->quic_error_code : 0,
1285 args != NULL ? args->quic_reason : NULL);
e8043229 1286
f219abef
MC		 1287 SSL_set_shutdown(ctx.qc->tls, SSL_SENT_SHUTDOWN);
1288
072328dd
HL		 1289 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
1290 quic_unlock(ctx.qc);
e8043229 1291 return 1;
a8489257 1292 }
e8043229 1293
8a2e9aba 1294 /* Phase 3: Terminating Wait Time */
25a0c4b9
HL		 1295 if (!no_block && qc_blocking_mode(ctx.qc)
1296 && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0) {
23406e30
HL		 1297 ret = block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
1298 if (ret < 1) {
1299 ret = 0;
1300 goto err;
1301 }
1302 } else {
072328dd 1303 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
23406e30 1304 }
e8043229 1305
072328dd 1306 ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
23406e30 1307err:
072328dd 1308 quic_unlock(ctx.qc);
a8489257 1309 return ret;
99e1cc7b
TM		 1310}
1311
22d53c88 1312/* SSL_ctrl */
e44795bd 1313long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
99e1cc7b 1314{
072328dd 1315 QCTX ctx;
38b051a1 1316
072328dd 1317 if (!expect_quic(s, &ctx))
38b051a1
TM		 1318 return 0;
1319
22d53c88
HL		 1320 switch (cmd) {
1321 case SSL_CTRL_MODE:
cb5c208b
HL		 1322 /* If called on a QCSO, update the default mode. */
1323 if (!ctx.is_stream)
1324 ctx.qc->default_ssl_mode |= (uint32_t)larg;
1325
1326 /*
1327 * If we were called on a QSSO or have a default stream, we also update
1328 * that.
1329 */
1330 if (ctx.xso != NULL) {
1331 /* Cannot enable EPW while AON write in progress. */
1332 if (ctx.xso->aon_write_in_progress)
1333 larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
1334
1335 ctx.xso->ssl_mode |= (uint32_t)larg;
1336 return ctx.xso->ssl_mode;
1337 }
dfc227bd 1338
cb5c208b 1339 return ctx.qc->default_ssl_mode;
22d53c88 1340 case SSL_CTRL_CLEAR_MODE:
cb5c208b
HL		 1341 if (!ctx.is_stream)
1342 ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
1343
1344 if (ctx.xso != NULL) {
1345 ctx.xso->ssl_mode &= ~(uint32_t)larg;
1346 return ctx.xso->ssl_mode;
1347 }
1348
1349 return ctx.qc->default_ssl_mode;
63dfde87
MC		 1350
1351 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
5cf99b40 1352 ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
63dfde87
MC		 1353 /* This ctrl also needs to be passed to the internal SSL object */
1354 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
1355
2f90ea3d
HL		 1356 case DTLS_CTRL_GET_TIMEOUT: /* DTLSv1_get_timeout */
1357 {
1358 int is_infinite;
1359
1360 if (!ossl_quic_get_event_timeout(s, parg, &is_infinite))
1361 return 0;
1362
1363 return !is_infinite;
1364 }
1365 case DTLS_CTRL_HANDLE_TIMEOUT: /* DTLSv1_handle_timeout */
1366 /* For legacy compatibility with DTLS calls. */
1367 return ossl_quic_handle_events(s) == 1 ? 1 : -1;
c5b882a8
HL		 1368
1369 /* Mask ctrls we shouldn't support for QUIC. */
1370 case SSL_CTRL_GET_READ_AHEAD:
1371 case SSL_CTRL_SET_READ_AHEAD:
1372 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1373 case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
1374 case SSL_CTRL_SET_MAX_PIPELINES:
1375 return 0;
1376
22d53c88 1377 default:
c5b882a8
HL		 1378 /*
1379 * Probably a TLS related ctrl. Send back to the frontend SSL_ctrl
1380 * implementation. Either SSL_ctrl will handle it itself by direct
1381 * access into handshake layer state, or failing that, it will be passed
1382 * to the handshake layer via the SSL_METHOD vtable. If the ctrl is not
1383 * supported by anything, the handshake layer's ctrl method will finally
1384 * return 0.
1385 */
1386 return ossl_ctrl_internal(&ctx.qc->ssl, cmd, larg, parg, /*no_quic=*/1);
08e49012 1387 }
22d53c88
HL		 1388}
1389
1390/* SSL_set_connect_state */
072328dd 1391void ossl_quic_set_connect_state(SSL *s)
22d53c88 1392{
072328dd
HL		 1393 QCTX ctx;
1394
1395 if (!expect_quic(s, &ctx))
1396 return;
1397
22d53c88 1398 /* Cannot be changed after handshake started */
cb5c208b 1399 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 1400 return;
1401
dfb9ae14 1402 ctx.qc->as_server_state = 0;
22d53c88
HL		 1403}
1404
1405/* SSL_set_accept_state */
072328dd 1406void ossl_quic_set_accept_state(SSL *s)
22d53c88 1407{
072328dd
HL		 1408 QCTX ctx;
1409
1410 if (!expect_quic(s, &ctx))
1411 return;
1412
22d53c88 1413 /* Cannot be changed after handshake started */
cb5c208b 1414 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 1415 return;
1416
dfb9ae14 1417 ctx.qc->as_server_state = 1;
22d53c88
HL		 1418}
1419
1420/* SSL_do_handshake */
1421struct quic_handshake_wait_args {
1422 QUIC_CONNECTION *qc;
1423};
1424
1425static int quic_handshake_wait(void *arg)
1426{
1427 struct quic_handshake_wait_args *args = arg;
1428
6d6b3a03 1429 if (!quic_mutation_allowed(args->qc, /*req_active=*/1))
22d53c88
HL		 1430 return -1;
1431
1432 if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
1433 return 1;
1434
99e1cc7b
TM		 1435 return 0;
1436}
1437
22d53c88 1438static int configure_channel(QUIC_CONNECTION *qc)
99e1cc7b 1439{
22d53c88 1440 assert(qc->ch != NULL);
08e49012 1441
d1ac77b1
HL		 1442 if (!ossl_quic_channel_set_net_rbio(qc->ch, qc->net_rbio)
1443 || !ossl_quic_channel_set_net_wbio(qc->ch, qc->net_wbio)
22d53c88
HL		 1444 || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
1445 return 0;
1446
1447 return 1;
1448}
1449
4847599b 1450QUIC_NEEDS_LOCK
23c04709 1451static int create_channel(QUIC_CONNECTION *qc)
22d53c88
HL		 1452{
1453 QUIC_CHANNEL_ARGS args = {0};
1454
5cf99b40
MC		 1455 args.libctx = qc->ssl.ctx->libctx;
1456 args.propq = qc->ssl.ctx->propq;
1457 args.is_server = qc->as_server;
1458 args.tls = qc->tls;
1459 args.mutex = qc->mutex;
e3e9794a
HL		 1460 args.now_cb = get_time_cb;
1461 args.now_cb_arg = qc;
22d53c88
HL		 1462
1463 qc->ch = ossl_quic_channel_new(&args);
8ee3ee10 1464 if (qc->ch == NULL) {
a954f761 1465 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
22d53c88 1466 return 0;
8ee3ee10 1467 }
22d53c88 1468
e8043229
HL		 1469 return 1;
1470}
1471
1472/*
2e176011
HL		 1473 * Configures a channel with the information we have accumulated via calls made
1474 * to us from the application prior to starting a handshake attempt.
e8043229 1475 */
4847599b 1476QUIC_NEEDS_LOCK
2e176011 1477static int ensure_channel_started(QCTX *ctx)
e8043229 1478{
2e176011
HL		 1479 QUIC_CONNECTION *qc = ctx->qc;
1480
ffce2946 1481 if (!qc->started) {
2e176011
HL		 1482 if (!configure_channel(qc)) {
1483 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
1484 "failed to configure channel");
1485 return 0;
1486 }
1487
1488 if (!ossl_quic_channel_start(qc->ch)) {
1489 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
1490 "failed to start channel");
1491 return 0;
1492 }
f2f7c4f1 1493
629b408c 1494#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
ffce2946 1495 if (qc->is_thread_assisted)
2e176011
HL		 1496 if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch)) {
1497 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
1498 "failed to start assist thread");
1499 return 0;
1500 }
629b408c 1501#endif
ffce2946
HL		 1502 }
1503
22d53c88
HL		 1504 qc->started = 1;
1505 return 1;
99e1cc7b
TM		 1506}
1507
4a530180 1508QUIC_NEEDS_LOCK
faa3a180 1509static int quic_do_handshake(QCTX *ctx)
99e1cc7b 1510{
22d53c88 1511 int ret;
faa3a180 1512 QUIC_CONNECTION *qc = ctx->qc;
22d53c88 1513
23c04709 1514 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1515 /* Handshake already completed. */
4a530180 1516 return 1;
ca41f6b7 1517
6d6b3a03 1518 if (!quic_mutation_allowed(qc, /*req_active=*/0))
faa3a180 1519 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1520
ca41f6b7 1521 if (BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
22d53c88 1522 /* Peer address must have been set. */
a954f761 1523 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
4a530180 1524 return -1; /* Non-protocol error */
ca41f6b7 1525 }
22d53c88 1526
dfb9ae14 1527 if (qc->as_server != qc->as_server_state) {
a954f761 1528 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
4a530180 1529 return -1; /* Non-protocol error */
ca41f6b7 1530 }
22d53c88 1531
ca41f6b7 1532 if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
22d53c88 1533 /* Need read and write BIOs. */
a954f761 1534 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BIO_NOT_SET, NULL);
4a530180 1535 return -1; /* Non-protocol error */
ca41f6b7 1536 }
22d53c88
HL		 1537
1538 /*
1539 * Start connection process. Note we may come here multiple times in
1540 * non-blocking mode, which is fine.
1541 */
2e176011 1542 if (!ensure_channel_started(qc)) /* raises on failure */
4a530180 1543 return -1; /* Non-protocol error */
22d53c88 1544
4a530180 1545 if (ossl_quic_channel_is_handshake_complete(qc->ch))
22d53c88 1546 /* The handshake is now done. */
4a530180 1547 return 1;
22d53c88 1548
51e671e2
HL		 1549 if (!qc_blocking_mode(qc)) {
1550 /* Try to advance the reactor. */
1551 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1552
1553 if (ossl_quic_channel_is_handshake_complete(qc->ch))
1554 /* The handshake is now done. */
1555 return 1;
1556
1557 if (ossl_quic_channel_is_term_any(qc->ch)) {
1558 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1559 return 0;
1560 } else if (qc->desires_blocking) {
1561 /*
1562 * As a special case when doing a handshake when blocking mode is
1563 * desired yet not available, see if the network BIOs have become
1564 * poll descriptor-enabled. This supports BIOs such as BIO_s_connect
1565 * which do late creation of socket FDs and therefore cannot expose
1566 * a poll descriptor until after a network BIO is set on the QCSO.
1567 */
1568 assert(!qc->blocking);
1569 qc_update_can_support_blocking(qc);
1570 qc_update_blocking_mode(qc);
1571 }
1572 }
1573
1574 /*
1575 * We are either in blocking mode or just entered it due to the code above.
1576 */
cb5c208b 1577 if (qc_blocking_mode(qc)) {
22d53c88
HL		 1578 /* In blocking mode, wait for the handshake to complete. */
1579 struct quic_handshake_wait_args args;
1580
1581 args.qc = qc;
1582
1583 ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
6d6b3a03 1584 if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
faa3a180 1585 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
4a530180 1586 return 0; /* Shutdown before completion */
ca41f6b7 1587 } else if (ret <= 0) {
a954f761 1588 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1589 return -1; /* Non-protocol error */
ca41f6b7 1590 }
22d53c88
HL		 1591
1592 assert(ossl_quic_channel_is_handshake_complete(qc->ch));
4a530180 1593 return 1;
22d53c88 1594 }
51e671e2
HL		 1595
1596 /*
1597 * Otherwise, indicate that the handshake isn't done yet.
1598 * We can only get here in non-blocking mode.
1599 */
1600 QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
1601 return -1; /* Non-protocol error */
4a530180 1602}
a8489257 1603
4a530180 1604QUIC_TAKES_LOCK
072328dd 1605int ossl_quic_do_handshake(SSL *s)
4a530180
HL		 1606{
1607 int ret;
072328dd 1608 QCTX ctx;
4a530180 1609
072328dd
HL		 1610 if (!expect_quic(s, &ctx))
1611 return 0;
1612
a954f761 1613 ctx.in_io = 1;
072328dd 1614 quic_lock(ctx.qc);
4a530180 1615
faa3a180 1616 ret = quic_do_handshake(&ctx);
072328dd 1617 quic_unlock(ctx.qc);
a8489257 1618 return ret;
99e1cc7b
TM		 1619}
1620
22d53c88
HL		 1621/* SSL_connect */
1622int ossl_quic_connect(SSL *s)
99e1cc7b 1623{
22d53c88 1624 /* Ensure we are in connect state (no-op if non-idle). */
072328dd 1625 ossl_quic_set_connect_state(s);
22d53c88
HL		 1626
1627 /* Begin or continue the handshake */
072328dd 1628 return ossl_quic_do_handshake(s);
99e1cc7b
TM		 1629}
1630
22d53c88
HL		 1631/* SSL_accept */
1632int ossl_quic_accept(SSL *s)
99e1cc7b 1633{
22d53c88 1634 /* Ensure we are in accept state (no-op if non-idle). */
072328dd 1635 ossl_quic_set_accept_state(s);
22d53c88
HL		 1636
1637 /* Begin or continue the handshake */
072328dd 1638 return ossl_quic_do_handshake(s);
99e1cc7b 1639}
e44795bd 1640
cb5c208b
HL		 1641/*
1642 * QUIC Front-End I/O API: Stream Lifecycle Operations
1643 * ===================================================
1644 *
1645 * SSL_stream_new => ossl_quic_conn_stream_new
1646 *
1647 */
21c80696
HL		 1648
1649/*
1650 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1651 * default XSO was created. Returns 0 if it was not (e.g. because it already
1652 * exists). Note that this is NOT an error condition.
1653 */
1654QUIC_NEEDS_LOCK
faa3a180 1655static int qc_try_create_default_xso_for_write(QCTX *ctx)
21c80696 1656{
8b7be3aa 1657 uint64_t flags = 0;
faa3a180 1658 QUIC_CONNECTION *qc = ctx->qc;
21c80696 1659
8b7be3aa
HL		 1660 if (qc->default_xso_created
1661 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
21c80696
HL		 1662 /*
1663 * We only do this once. If the user detaches a previously created
1664 * default XSO we don't auto-create another one.
1665 */
faa3a180 1666 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
21c80696 1667
8b7be3aa
HL		 1668 /* Create a locally-initiated stream. */
1669 if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1670 flags |= SSL_STREAM_FLAG_UNI;
1671
faa3a180 1672 qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(ctx, flags,
13ac037d 1673 /*needs_lock=*/0),
995ff282 1674 /*touch=*/0);
8b7be3aa 1675 if (qc->default_xso == NULL)
faa3a180 1676 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
8b7be3aa 1677
995ff282 1678 qc_touch_default_xso(qc);
8b7be3aa
HL		 1679 return 1;
1680}
1681
1682struct quic_wait_for_stream_args {
1683 QUIC_CONNECTION *qc;
1684 QUIC_STREAM *qs;
faa3a180 1685 QCTX *ctx;
8b7be3aa
HL		 1686 uint64_t expect_id;
1687};
1688
1689QUIC_NEEDS_LOCK
1690static int quic_wait_for_stream(void *arg)
1691{
1692 struct quic_wait_for_stream_args *args = arg;
1693
6d6b3a03 1694 if (!quic_mutation_allowed(args->qc, /*req_active=*/1)) {
8b7be3aa 1695 /* If connection is torn down due to an error while blocking, stop. */
faa3a180 1696 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
8b7be3aa
HL		 1697 return -1;
1698 }
1699
1700 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
acc6fde0
HL		 1701 args->expect_id | QUIC_STREAM_DIR_BIDI);
1702 if (args->qs == NULL)
1703 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1704 args->expect_id | QUIC_STREAM_DIR_UNI);
1705
8b7be3aa
HL		 1706 if (args->qs != NULL)
1707 return 1; /* stream now exists */
1708
1709 return 0; /* did not get a stream, keep trying */
1710}
1711
1712QUIC_NEEDS_LOCK
faa3a180 1713static int qc_wait_for_default_xso_for_read(QCTX *ctx)
8b7be3aa
HL		 1714{
1715 /* Called on a QCSO and we don't currently have a default stream. */
1716 uint64_t expect_id;
faa3a180 1717 QUIC_CONNECTION *qc = ctx->qc;
8b7be3aa
HL		 1718 QUIC_STREAM *qs;
1719 int res;
1720 struct quic_wait_for_stream_args wargs;
1721
1722 /*
1723 * If default stream functionality is disabled or we already detached
1724 * one, don't make another default stream and just fail.
1725 */
1726 if (qc->default_xso_created
1727 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
faa3a180 1728 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
8b7be3aa
HL		 1729
1730 /*
1731 * The peer may have opened a stream since we last ticked. So tick and
1732 * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1733 * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1734 * first stream created by a peer must have an ordinal of 0.
1735 */
1736 expect_id = qc->as_server
1737 ? QUIC_STREAM_INITIATOR_CLIENT
1738 : QUIC_STREAM_INITIATOR_SERVER;
1739
8b7be3aa 1740 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
acc6fde0
HL		 1741 expect_id | QUIC_STREAM_DIR_BIDI);
1742 if (qs == NULL)
1743 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1744 expect_id | QUIC_STREAM_DIR_UNI);
1745
8b7be3aa
HL		 1746 if (qs == NULL) {
1747 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1748
1749 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1750 expect_id);
1751 }
1752
1753 if (qs == NULL) {
1754 if (!qc_blocking_mode(qc))
1755 /* Non-blocking mode, so just bail immediately. */
faa3a180 1756 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
8b7be3aa
HL		 1757
1758 /* Block until we have a stream. */
1759 wargs.qc = qc;
1760 wargs.qs = NULL;
faa3a180 1761 wargs.ctx = ctx;
8b7be3aa
HL		 1762 wargs.expect_id = expect_id;
1763
1764 res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
1765 if (res == 0)
faa3a180 1766 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
8b7be3aa
HL		 1767 else if (res < 0 || wargs.qs == NULL)
1768 /* quic_wait_for_stream raised error here */
21c80696 1769 return 0;
8b7be3aa
HL		 1770
1771 qs = wargs.qs;
21c80696
HL		 1772 }
1773
8b7be3aa
HL		 1774 /*
1775 * We now have qs != NULL. Make it the default stream, creating the
1776 * necessary XSO.
1777 */
995ff282 1778 qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0);
8b7be3aa 1779 if (qc->default_xso == NULL)
a954f761 1780 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
8b7be3aa 1781
995ff282 1782 qc_touch_default_xso(qc); /* inhibits default XSO */
21c80696
HL		 1783 return 1;
1784}
1785
1786QUIC_NEEDS_LOCK
1787static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
1788{
1789 QUIC_XSO *xso = NULL;
1790
8ee3ee10 1791 if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL) {
a954f761 1792 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
21c80696 1793 goto err;
8ee3ee10 1794 }
21c80696 1795
8ee3ee10 1796 if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO)) {
a954f761 1797 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
21c80696 1798 goto err;
8ee3ee10 1799 }
21c80696 1800
9cab4bd5 1801 /* XSO refs QC */
8ee3ee10 1802 if (!SSL_up_ref(&qc->ssl)) {
a954f761 1803 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SSL_LIB, NULL);
9cab4bd5 1804 goto err;
8ee3ee10 1805 }
9cab4bd5 1806
21c80696 1807 xso->conn = qc;
21c80696 1808 xso->ssl_mode = qc->default_ssl_mode;
db2f98c4
HL		 1809 xso->ssl_options
1810 = qc->default_ssl_options & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
faa3a180 1811 xso->last_error = SSL_ERROR_NONE;
21c80696
HL		 1812
1813 xso->stream = qs;
1814
1815 ++qc->num_xso;
db2f98c4 1816 xso_update_options(xso);
21c80696
HL		 1817 return xso;
1818
1819err:
1820 OPENSSL_free(xso);
1821 return NULL;
1822}
1823
9d6bd3d3
HL		 1824struct quic_new_stream_wait_args {
1825 QUIC_CONNECTION *qc;
1826 int is_uni;
1827};
1828
1829static int quic_new_stream_wait(void *arg)
1830{
1831 struct quic_new_stream_wait_args *args = arg;
1832 QUIC_CONNECTION *qc = args->qc;
1833
1834 if (!quic_mutation_allowed(qc, /*req_active=*/1))
1835 return -1;
1836
1837 if (ossl_quic_channel_is_new_local_stream_admissible(qc->ch, args->is_uni))
1838 return 1;
1839
1840 return 0;
1841}
1842
13ac037d 1843/* locking depends on need_lock */
faa3a180 1844static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock)
cb5c208b 1845{
9d6bd3d3 1846 int ret;
faa3a180 1847 QUIC_CONNECTION *qc = ctx->qc;
cb5c208b 1848 QUIC_XSO *xso = NULL;
21c80696 1849 QUIC_STREAM *qs = NULL;
2dbc39de 1850 int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
9d6bd3d3
HL		 1851 int no_blocking = ((flags & SSL_STREAM_FLAG_NO_BLOCK) != 0);
1852 int advance = ((flags & SSL_STREAM_FLAG_ADVANCE) != 0);
cb5c208b 1853
13ac037d
HL		 1854 if (need_lock)
1855 quic_lock(qc);
2dbc39de 1856
6d6b3a03 1857 if (!quic_mutation_allowed(qc, /*req_active=*/0)) {
a954f761 1858 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2dbc39de
HL		 1859 goto err;
1860 }
1861
9d6bd3d3
HL		 1862 if (!advance
1863 && !ossl_quic_channel_is_new_local_stream_admissible(qc->ch, is_uni)) {
1864 struct quic_new_stream_wait_args args;
1865
1866 /*
1867 * Stream count flow control currently doesn't permit this stream to be
1868 * opened.
1869 */
1870 if (no_blocking || !qc_blocking_mode(qc)) {
96fe5e5f 1871 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_STREAM_COUNT_LIMITED, NULL);
9d6bd3d3
HL		 1872 goto err;
1873 }
1874
1875 args.qc = qc;
1876 args.is_uni = is_uni;
1877
1878 /* Blocking mode - wait until we can get a stream. */
1879 ret = block_until_pred(ctx->qc, quic_new_stream_wait, &args, 0);
1880 if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
96fe5e5f 1881 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
9d6bd3d3
HL		 1882 goto err; /* Shutdown before completion */
1883 } else if (ret <= 0) {
96fe5e5f 1884 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
9d6bd3d3
HL		 1885 goto err; /* Non-protocol error */
1886 }
1887 }
1888
13ac037d 1889 qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni);
96014840 1890 if (qs == NULL) {
a954f761 1891 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2dbc39de 1892 goto err;
96014840 1893 }
cb5c208b 1894
13ac037d 1895 xso = create_xso_from_stream(qc, qs);
8ee3ee10 1896 if (xso == NULL)
cb5c208b
HL		 1897 goto err;
1898
13ac037d
HL		 1899 qc_touch_default_xso(qc); /* inhibits default XSO */
1900 if (need_lock)
1901 quic_unlock(qc);
1902
cb5c208b
HL		 1903 return &xso->ssl;
1904
1905err:
1906 OPENSSL_free(xso);
13ac037d
HL		 1907 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs);
1908 if (need_lock)
1909 quic_unlock(qc);
1910
cb5c208b 1911 return NULL;
13ac037d
HL		 1912
1913}
1914
1915QUIC_TAKES_LOCK
1916SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
1917{
1918 QCTX ctx;
1919
a954f761 1920 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
13ac037d
HL		 1921 return NULL;
1922
faa3a180 1923 return quic_conn_stream_new(&ctx, flags, /*need_lock=*/1);
cb5c208b
HL		 1924}
1925
22d53c88
HL		 1926/*
1927 * QUIC Front-End I/O API: Steady-State Operations
1928 * ===============================================
1929 *
1930 * Here we dispatch calls to the steady-state front-end I/O API functions; that
1931 * is, the functions used during the established phase of a QUIC connection
1932 * (e.g. SSL_read, SSL_write).
1933 *
1934 * Each function must handle both blocking and non-blocking modes. As discussed
1935 * above, all QUIC I/O is implemented using non-blocking mode internally.
1936 *
1937 * SSL_get_error => partially implemented by ossl_quic_get_error
1938 * (BIO/)SSL_read => ossl_quic_read
1939 * (BIO/)SSL_write => ossl_quic_write
1940 * SSL_pending => ossl_quic_pending
a9979965 1941 * SSL_stream_conclude => ossl_quic_conn_stream_conclude
2525109f 1942 * SSL_key_update => ossl_quic_key_update
22d53c88
HL		 1943 */
1944
1945/* SSL_get_error */
072328dd 1946int ossl_quic_get_error(const SSL *s, int i)
e44795bd 1947{
072328dd 1948 QCTX ctx;
5c3474ea 1949 int net_error, last_error;
072328dd
HL		 1950
1951 if (!expect_quic(s, &ctx))
1952 return 0;
1953
5c3474ea
TM		 1954 quic_lock(ctx.qc);
1955 net_error = ossl_quic_channel_net_error(ctx.qc->ch);
1956 last_error = ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error;
1957 quic_unlock(ctx.qc);
1958
1959 if (net_error)
1960 return SSL_ERROR_SYSCALL;
1961
1962 return last_error;
e44795bd
TM		 1963}
1964
22d53c88
HL		 1965/*
1966 * SSL_write
1967 * ---------
1968 *
1969 * The set of functions below provide the implementation of the public SSL_write
1970 * function. We must handle:
1971 *
1972 * - both blocking and non-blocking operation at the application level,
1973 * depending on how we are configured;
1974 *
1975 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
1976 *
1977 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1978 *
1979 */
4847599b 1980QUIC_NEEDS_LOCK
cb5c208b 1981static void quic_post_write(QUIC_XSO *xso, int did_append, int do_tick)
22d53c88
HL		 1982{
1983 /*
1984 * We have appended at least one byte to the stream.
1985 * Potentially mark stream as active, depending on FC.
1986 */
1987 if (did_append)
cb5c208b
HL		 1988 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
1989 xso->stream);
22d53c88
HL		 1990
1991 /*
1992 * Try and send.
1993 *
44cb36d0
TM		 1994 * TODO(QUIC FUTURE): It is probably inefficient to try and do this
1995 * immediately, plus we should eventually consider Nagle's algorithm.
22d53c88
HL		 1996 */
1997 if (do_tick)
cb5c208b 1998 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
22d53c88
HL		 1999}
2000
2001struct quic_write_again_args {
cb5c208b 2002 QUIC_XSO *xso;
22d53c88
HL		 2003 const unsigned char *buf;
2004 size_t len;
2005 size_t total_written;
abfe3d51 2006 int err;
22d53c88
HL		 2007};
2008
4847599b 2009QUIC_NEEDS_LOCK
22d53c88
HL		 2010static int quic_write_again(void *arg)
2011{
2012 struct quic_write_again_args *args = arg;
2013 size_t actual_written = 0;
2014
6d6b3a03 2015 if (!quic_mutation_allowed(args->xso->conn, /*req_active=*/1))
22d53c88
HL		 2016 /* If connection is torn down due to an error while blocking, stop. */
2017 return -2;
2018
abfe3d51
HL		 2019 if (!quic_validate_for_write(args->xso, &args->err))
2020 /*
2021 * Stream may have become invalid for write due to connection events
2022 * while we blocked.
2023 */
2024 return -2;
2025
2026 args->err = ERR_R_INTERNAL_ERROR;
cb5c208b 2027 if (!ossl_quic_sstream_append(args->xso->stream->sstream,
22d53c88
HL		 2028 args->buf, args->len, &actual_written))
2029 return -2;
2030
cb5c208b 2031 quic_post_write(args->xso, actual_written > 0, 0);
22d53c88
HL		 2032
2033 args->buf += actual_written;
2034 args->len -= actual_written;
2035 args->total_written += actual_written;
2036
3f0c310b 2037 if (args->len == 0)
22d53c88
HL		 2038 /* Written everything, done. */
2039 return 1;
2040
2041 /* Not written everything yet, keep trying. */
2042 return 0;
2043}
2044
4847599b 2045QUIC_NEEDS_LOCK
faa3a180 2046static int quic_write_blocking(QCTX *ctx, const void *buf, size_t len,
22d53c88 2047 size_t *written)
e44795bd 2048{
22d53c88 2049 int res;
faa3a180 2050 QUIC_XSO *xso = ctx->xso;
22d53c88
HL		 2051 struct quic_write_again_args args;
2052 size_t actual_written = 0;
2053
2054 /* First make a best effort to append as much of the data as possible. */
cb5c208b 2055 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len,
22d53c88
HL		 2056 &actual_written)) {
2057 /* Stream already finished or allocation error. */
2058 *written = 0;
faa3a180 2059 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2060 }
2061
cb5c208b 2062 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 2063
2064 if (actual_written == len) {
2065 /* Managed to append everything on the first try. */
2066 *written = actual_written;
2067 return 1;
2068 }
2069
2070 /*
2071 * We did not manage to append all of the data immediately, so the stream
2072 * buffer has probably filled up. This means we need to block until some of
2073 * it is freed up.
2074 */
cb5c208b 2075 args.xso = xso;
22d53c88
HL		 2076 args.buf = (const unsigned char *)buf + actual_written;
2077 args.len = len - actual_written;
2078 args.total_written = 0;
abfe3d51 2079 args.err = ERR_R_INTERNAL_ERROR;
22d53c88 2080
cb5c208b 2081 res = block_until_pred(xso->conn, quic_write_again, &args, 0);
22d53c88 2082 if (res <= 0) {
6d6b3a03 2083 if (!quic_mutation_allowed(xso->conn, /*req_active=*/1))
faa3a180 2084 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 2085 else
abfe3d51 2086 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, args.err, NULL);
22d53c88
HL		 2087 }
2088
2089 *written = args.total_written;
e44795bd
TM		 2090 return 1;
2091}
2092
ca41f6b7
HL		 2093/*
2094 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
2095 * write semantics.
2096 */
cb5c208b 2097static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
22d53c88
HL		 2098 size_t buf_len, size_t already_sent)
2099{
cb5c208b 2100 assert(!xso->aon_write_in_progress);
22d53c88 2101
cb5c208b
HL		 2102 xso->aon_write_in_progress = 1;
2103 xso->aon_buf_base = buf;
2104 xso->aon_buf_pos = already_sent;
2105 xso->aon_buf_len = buf_len;
22d53c88
HL		 2106}
2107
cb5c208b 2108static void aon_write_finish(QUIC_XSO *xso)
22d53c88 2109{
cb5c208b
HL		 2110 xso->aon_write_in_progress = 0;
2111 xso->aon_buf_base = NULL;
2112 xso->aon_buf_pos = 0;
2113 xso->aon_buf_len = 0;
22d53c88
HL		 2114}
2115
4847599b 2116QUIC_NEEDS_LOCK
faa3a180 2117static int quic_write_nonblocking_aon(QCTX *ctx, const void *buf,
22d53c88 2118 size_t len, size_t *written)
e44795bd 2119{
faa3a180 2120 QUIC_XSO *xso = ctx->xso;
22d53c88
HL		 2121 const void *actual_buf;
2122 size_t actual_len, actual_written = 0;
2123 int accept_moving_buffer
cb5c208b 2124 = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
22d53c88 2125
cb5c208b 2126 if (xso->aon_write_in_progress) {
22d53c88
HL		 2127 /*
2128 * We are in the middle of an AON write (i.e., a previous write did not
75b2920a
HL		 2129 * manage to append all data to the SSTREAM and we have Enable Partial
2130 * Write (EPW) mode disabled.)
22d53c88 2131 */
cb5c208b
HL		 2132 if ((!accept_moving_buffer && xso->aon_buf_base != buf)
2133 || len != xso->aon_buf_len)
22d53c88
HL		 2134 /*
2135 * Pointer must not have changed if we are not in accept moving
2136 * buffer mode. Length must never change.
2137 */
faa3a180 2138 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BAD_WRITE_RETRY, NULL);
22d53c88 2139
cb5c208b
HL		 2140 actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
2141 actual_len = len - xso->aon_buf_pos;
22d53c88
HL		 2142 assert(actual_len > 0);
2143 } else {
2144 actual_buf = buf;
2145 actual_len = len;
2146 }
2147
2148 /* First make a best effort to append as much of the data as possible. */
cb5c208b 2149 if (!ossl_quic_sstream_append(xso->stream->sstream, actual_buf, actual_len,
22d53c88
HL		 2150 &actual_written)) {
2151 /* Stream already finished or allocation error. */
2152 *written = 0;
faa3a180 2153 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2154 }
2155
cb5c208b 2156 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 2157
2158 if (actual_written == actual_len) {
2159 /* We have sent everything. */
cb5c208b 2160 if (xso->aon_write_in_progress) {
22d53c88
HL		 2161 /*
2162 * We have sent everything, and we were in the middle of an AON
2163 * write. The output write length is the total length of the AON
2164 * buffer, not however many bytes we managed to write to the stream
2165 * in this call.
2166 */
cb5c208b
HL		 2167 *written = xso->aon_buf_len;
2168 aon_write_finish(xso);
22d53c88
HL		 2169 } else {
2170 *written = actual_written;
2171 }
2172
2173 return 1;
2174 }
2175
cb5c208b 2176 if (xso->aon_write_in_progress) {
22d53c88
HL		 2177 /*
2178 * AON write is in progress but we have not written everything yet. We
2179 * may have managed to send zero bytes, or some number of bytes less
2180 * than the total remaining which need to be appended during this
2181 * AON operation.
2182 */
cb5c208b
HL		 2183 xso->aon_buf_pos += actual_written;
2184 assert(xso->aon_buf_pos < xso->aon_buf_len);
faa3a180 2185 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
22d53c88
HL		 2186 }
2187
08e49012 2188 /*
22d53c88
HL		 2189 * Not in an existing AON operation but partial write is not enabled, so we
2190 * need to begin a new AON operation. However we needn't bother if we didn't
2191 * actually append anything.
08e49012 2192 */
22d53c88 2193 if (actual_written > 0)
cb5c208b 2194 aon_write_begin(xso, buf, len, actual_written);
e44795bd 2195
22d53c88
HL		 2196 /*
2197 * AON - We do not publicly admit to having appended anything until AON
2198 * completes.
2199 */
2200 *written = 0;
faa3a180 2201 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
e44795bd
TM		 2202}
2203
4847599b 2204QUIC_NEEDS_LOCK
faa3a180 2205static int quic_write_nonblocking_epw(QCTX *ctx, const void *buf, size_t len,
22d53c88 2206 size_t *written)
e44795bd 2207{
faa3a180
HL		 2208 QUIC_XSO *xso = ctx->xso;
2209
22d53c88 2210 /* Simple best effort operation. */
cb5c208b 2211 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len, written)) {
22d53c88
HL		 2212 /* Stream already finished or allocation error. */
2213 *written = 0;
faa3a180 2214 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2215 }
2216
cb5c208b 2217 quic_post_write(xso, *written > 0, 1);
e44795bd
TM		 2218 return 1;
2219}
d5ab48a1 2220
abfe3d51
HL		 2221QUIC_NEEDS_LOCK
2222static int quic_validate_for_write(QUIC_XSO *xso, int *err)
2223{
2224 QUIC_STREAM_MAP *qsm;
2225
2226 if (xso == NULL || xso->stream == NULL) {
2227 *err = ERR_R_INTERNAL_ERROR;
2228 return 0;
2229 }
2230
2231 switch (xso->stream->send_state) {
2232 default:
2233 case QUIC_SSTREAM_STATE_NONE:
2234 *err = SSL_R_STREAM_RECV_ONLY;
2235 return 0;
2236
2237 case QUIC_SSTREAM_STATE_READY:
2238 qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
2239
2240 if (!ossl_quic_stream_map_ensure_send_part_id(qsm, xso->stream)) {
2241 *err = ERR_R_INTERNAL_ERROR;
2242 return 0;
2243 }
2244
2245 /* FALLTHROUGH */
2246 case QUIC_SSTREAM_STATE_SEND:
2247 case QUIC_SSTREAM_STATE_DATA_SENT:
2248 case QUIC_SSTREAM_STATE_DATA_RECVD:
2249 if (ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL)) {
2250 *err = SSL_R_STREAM_FINISHED;
2251 return 0;
2252 }
2253
2254 return 1;
2255
2256 case QUIC_SSTREAM_STATE_RESET_SENT:
2257 case QUIC_SSTREAM_STATE_RESET_RECVD:
2258 *err = SSL_R_STREAM_RESET;
2259 return 0;
2260 }
2261}
2262
a8489257 2263QUIC_TAKES_LOCK
22d53c88 2264int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
d5ab48a1 2265{
a8489257 2266 int ret;
072328dd 2267 QCTX ctx;
abfe3d51 2268 int partial_write, err;
22d53c88
HL		 2269
2270 *written = 0;
2271
a954f761 2272 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/1, &ctx))
8b7be3aa 2273 return 0;
a8489257 2274
cb5c208b 2275 partial_write = ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0);
072328dd 2276
6d6b3a03 2277 if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) {
faa3a180 2278 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 2279 goto out;
2280 }
22d53c88 2281
ca41f6b7
HL		 2282 /*
2283 * If we haven't finished the handshake, try to advance it.
2284 * We don't accept writes until the handshake is completed.
2285 */
faa3a180 2286 if (quic_do_handshake(&ctx) < 1) {
a8489257
HL		 2287 ret = 0;
2288 goto out;
2289 }
ca41f6b7 2290
abfe3d51
HL		 2291 /* Ensure correct stream state, stream send part not concluded, etc. */
2292 if (!quic_validate_for_write(ctx.xso, &err)) {
2293 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
a8489257
HL		 2294 goto out;
2295 }
22d53c88 2296
33f6ad17
MC		 2297 if (len == 0) {
2298 ret = 1;
2299 goto out;
2300 }
2301
cb5c208b 2302 if (xso_blocking_mode(ctx.xso))
faa3a180 2303 ret = quic_write_blocking(&ctx, buf, len, written);
22d53c88 2304 else if (partial_write)
faa3a180 2305 ret = quic_write_nonblocking_epw(&ctx, buf, len, written);
22d53c88 2306 else
faa3a180 2307 ret = quic_write_nonblocking_aon(&ctx, buf, len, written);
a8489257
HL		 2308
2309out:
072328dd 2310 quic_unlock(ctx.qc);
a8489257 2311 return ret;
d5ab48a1
RL		 2312}
2313
2314/*
22d53c88
HL		 2315 * SSL_read
2316 * --------
d5ab48a1 2317 */
22d53c88 2318struct quic_read_again_args {
faa3a180 2319 QCTX *ctx;
22d53c88
HL		 2320 QUIC_STREAM *stream;
2321 void *buf;
2322 size_t len;
2323 size_t *bytes_read;
2324 int peek;
2325};
2326
e0bd2825
HL		 2327QUIC_NEEDS_LOCK
2328static int quic_validate_for_read(QUIC_XSO *xso, int *err, int *eos)
2329{
08d4b7eb 2330 QUIC_STREAM_MAP *qsm;
e0bd2825 2331
5ed3a435
HL		 2332 *eos = 0;
2333
e0bd2825
HL		 2334 if (xso == NULL || xso->stream == NULL) {
2335 *err = ERR_R_INTERNAL_ERROR;
2336 return 0;
2337 }
2338
2339 switch (xso->stream->recv_state) {
2340 default:
2341 case QUIC_RSTREAM_STATE_NONE:
2342 *err = SSL_R_STREAM_SEND_ONLY;
2343 return 0;
2344
2345 case QUIC_RSTREAM_STATE_RECV:
2346 case QUIC_RSTREAM_STATE_SIZE_KNOWN:
2347 case QUIC_RSTREAM_STATE_DATA_RECVD:
2348 return 1;
2349
2350 case QUIC_RSTREAM_STATE_DATA_READ:
2351 *eos = 1;
2352 return 0;
2353
2354 case QUIC_RSTREAM_STATE_RESET_RECVD:
08d4b7eb
HL		 2355 qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
2356 ossl_quic_stream_map_notify_app_read_reset_recv_part(qsm, xso->stream);
2357
2358 /* FALLTHROUGH */
e0bd2825
HL		 2359 case QUIC_RSTREAM_STATE_RESET_READ:
2360 *err = SSL_R_STREAM_RESET;
2361 return 0;
2362 }
2363}
2364
4847599b 2365QUIC_NEEDS_LOCK
faa3a180 2366static int quic_read_actual(QCTX *ctx,
22d53c88
HL		 2367 QUIC_STREAM *stream,
2368 void *buf, size_t buf_len,
2369 size_t *bytes_read,
2370 int peek)
d5ab48a1 2371{
e0bd2825 2372 int is_fin = 0, err, eos;
faa3a180 2373 QUIC_CONNECTION *qc = ctx->qc;
22d53c88 2374
e0bd2825
HL		 2375 if (!quic_validate_for_read(ctx->xso, &err, &eos)) {
2376 if (eos)
2377 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
2378 else
2379 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, err, NULL);
2380 }
2381
22d53c88
HL		 2382 if (peek) {
2383 if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
2384 bytes_read, &is_fin))
faa3a180 2385 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2386
2387 } else {
2388 if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
2389 bytes_read, &is_fin))
faa3a180 2390 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2391 }
2392
2393 if (!peek) {
2394 if (*bytes_read > 0) {
2395 /*
2396 * We have read at least one byte from the stream. Inform stream-level
2397 * RXFC of the retirement of controlled bytes. Update the active stream
2398 * status (the RXFC may now want to emit a frame granting more credit to
2399 * the peer).
2400 */
2401 OSSL_RTT_INFO rtt_info;
d50e750e 2402
22d53c88
HL		 2403 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
2404
cb5c208b 2405 if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
22d53c88 2406 rtt_info.smoothed_rtt))
faa3a180 2407 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2408 }
2409
08d4b7eb
HL		 2410 if (is_fin && !peek) {
2411 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(ctx->qc->ch);
2412
2413 ossl_quic_stream_map_notify_totally_read(qsm, ctx->xso->stream);
2414 }
22d53c88
HL		 2415
2416 if (*bytes_read > 0)
2417 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
cb5c208b 2418 stream);
22d53c88
HL		 2419 }
2420
72622c0b
MC		 2421 if (*bytes_read == 0 && is_fin)
2422 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
2423
d5ab48a1
RL		 2424 return 1;
2425}
2426
4847599b 2427QUIC_NEEDS_LOCK
22d53c88 2428static int quic_read_again(void *arg)
d5ab48a1 2429{
22d53c88
HL		 2430 struct quic_read_again_args *args = arg;
2431
6d6b3a03 2432 if (!quic_mutation_allowed(args->ctx->qc, /*req_active=*/1)) {
22d53c88 2433 /* If connection is torn down due to an error while blocking, stop. */
faa3a180 2434 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
ca41f6b7 2435 return -1;
a9979965 2436 }
22d53c88 2437
faa3a180 2438 if (!quic_read_actual(args->ctx, args->stream,
22d53c88
HL		 2439 args->buf, args->len, args->bytes_read,
2440 args->peek))
2441 return -1;
2442
2443 if (*args->bytes_read > 0)
2444 /* got at least one byte, the SSL_read op can finish now */
2445 return 1;
2446
81b6b43c 2447 return 0; /* did not read anything, keep trying */
d5ab48a1
RL		 2448}
2449
a8489257 2450QUIC_TAKES_LOCK
22d53c88 2451static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
d5ab48a1 2452{
a8489257 2453 int ret, res;
072328dd 2454 QCTX ctx;
22d53c88
HL		 2455 struct quic_read_again_args args;
2456
2457 *bytes_read = 0;
2458
8b7be3aa 2459 if (!expect_quic(s, &ctx))
22d53c88
HL		 2460 return 0;
2461
a954f761 2462 ctx.in_io = 1;
072328dd 2463 quic_lock(ctx.qc);
a8489257 2464
6d6b3a03 2465 if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) {
faa3a180 2466 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 2467 goto out;
2468 }
22d53c88 2469
a9979965 2470 /* If we haven't finished the handshake, try to advance it. */
faa3a180 2471 if (quic_do_handshake(&ctx) < 1) {
a8489257
HL		 2472 ret = 0; /* ossl_quic_do_handshake raised error here */
2473 goto out;
2474 }
22d53c88 2475
8b7be3aa
HL		 2476 if (ctx.xso == NULL) {
2477 /*
2478 * Called on a QCSO and we don't currently have a default stream.
2479 *
2480 * Wait until we get a stream initiated by the peer (blocking mode) or
2481 * fail if we don't have one yet (non-blocking mode).
2482 */
faa3a180 2483 if (!qc_wait_for_default_xso_for_read(&ctx)) {
8b7be3aa
HL		 2484 ret = 0; /* error already raised here */
2485 goto out;
2486 }
2487
2488 ctx.xso = ctx.qc->default_xso;
2489 }
2490
faa3a180 2491 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
a8489257
HL		 2492 ret = 0; /* quic_read_actual raised error here */
2493 goto out;
2494 }
22d53c88
HL		 2495
2496 if (*bytes_read > 0) {
2497 /*
2498 * Even though we succeeded, tick the reactor here to ensure we are
2499 * handling other aspects of the QUIC connection.
2500 */
072328dd 2501 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
a8489257 2502 ret = 1;
cb5c208b 2503 } else if (xso_blocking_mode(ctx.xso)) {
22d53c88
HL		 2504 /*
2505 * We were not able to read anything immediately, so our stream
2506 * buffer is empty. This means we need to block until we get
2507 * at least one byte.
2508 */
faa3a180 2509 args.ctx = &ctx;
cb5c208b 2510 args.stream = ctx.xso->stream;
22d53c88
HL		 2511 args.buf = buf;
2512 args.len = len;
2513 args.bytes_read = bytes_read;
2514 args.peek = peek;
2515
072328dd 2516 res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
a8489257 2517 if (res == 0) {
faa3a180 2518 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 2519 goto out;
2520 } else if (res < 0) {
2521 ret = 0; /* quic_read_again raised error here */
2522 goto out;
2523 }
22d53c88 2524
a8489257 2525 ret = 1;
af8b52cf 2526 } else {
780b2527
HL		 2527 /*
2528 * We did not get any bytes and are not in blocking mode.
2529 * Tick to see if this delivers any more.
2530 */
2531 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
2532
2533 /* Try the read again. */
2534 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
2535 ret = 0; /* quic_read_actual raised error here */
2536 goto out;
2537 }
2538
2539 if (*bytes_read > 0)
2540 ret = 1; /* Succeeded this time. */
2541 else
2542 ret = QUIC_RAISE_NORMAL_ERROR(&ctx, SSL_ERROR_WANT_READ);
af8b52cf 2543 }
a8489257
HL		 2544
2545out:
072328dd 2546 quic_unlock(ctx.qc);
a8489257 2547 return ret;
d5ab48a1
RL		 2548}
2549
22d53c88
HL		 2550int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
2551{
2552 return quic_read(s, buf, len, bytes_read, 0);
2553}
2554
2555int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
2556{
2557 return quic_read(s, buf, len, bytes_read, 1);
2558}
2559
2560/*
2561 * SSL_pending
2562 * -----------
2563 */
9280d26a 2564
a8489257 2565QUIC_TAKES_LOCK
d6e7ebba 2566static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
22d53c88 2567{
072328dd 2568 QCTX ctx;
433d107a 2569 size_t avail = 0;
22d53c88
HL		 2570 int fin = 0;
2571
c31f0612
MC		 2572
2573 if (!expect_quic(s, &ctx))
22d53c88
HL		 2574 return 0;
2575
c31f0612
MC		 2576 quic_lock(ctx.qc);
2577
8ee3ee10 2578 if (ctx.xso == NULL) {
a954f761 2579 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_NO_STREAM, NULL);
c31f0612 2580 goto out;
8ee3ee10 2581 }
c31f0612 2582
2f018d14 2583 if (ctx.xso->stream == NULL
8ee3ee10 2584 || !ossl_quic_stream_has_recv_buffer(ctx.xso->stream)) {
a954f761 2585 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
a8489257 2586 goto out;
8ee3ee10 2587 }
22d53c88 2588
cb5c208b 2589 if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin))
a8489257 2590 avail = 0;
22d53c88 2591
d6e7ebba
HL		 2592 if (avail == 0 && check_channel && ossl_quic_channel_has_pending(ctx.qc->ch))
2593 avail = 1;
2594
a8489257 2595out:
072328dd 2596 quic_unlock(ctx.qc);
22d53c88
HL		 2597 return avail;
2598}
2599
560470b5
MC		 2600size_t ossl_quic_pending(const SSL *s)
2601{
d6e7ebba 2602 return ossl_quic_pending_int(s, /*check_channel=*/0);
560470b5
MC		 2603}
2604
072328dd 2605int ossl_quic_has_pending(const SSL *s)
560470b5 2606{
9280d26a 2607 /* Do we have app-side pending data or pending URXEs or RXEs? */
d6e7ebba 2608 return ossl_quic_pending_int(s, /*check_channel=*/1) > 0;
560470b5
MC		 2609}
2610
a9979965
HL		 2611/*
2612 * SSL_stream_conclude
2613 * -------------------
2614 */
a8489257 2615QUIC_TAKES_LOCK
072328dd 2616int ossl_quic_conn_stream_conclude(SSL *s)
a9979965 2617{
072328dd
HL		 2618 QCTX ctx;
2619 QUIC_STREAM *qs;
abfe3d51 2620 int err;
072328dd 2621
a954f761 2622 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
072328dd
HL		 2623 return 0;
2624
cb5c208b 2625 qs = ctx.xso->stream;
a9979965 2626
6d6b3a03 2627 if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
072328dd 2628 quic_unlock(ctx.qc);
abfe3d51
HL		 2629 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2630 }
2631
2632 if (!quic_validate_for_write(ctx.xso, &err)) {
2633 quic_unlock(ctx.qc);
2634 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
a8489257
HL		 2635 }
2636
2f018d14 2637 if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
072328dd 2638 quic_unlock(ctx.qc);
a9979965 2639 return 1;
a8489257 2640 }
a9979965
HL		 2641
2642 ossl_quic_sstream_fin(qs->sstream);
cb5c208b 2643 quic_post_write(ctx.xso, 1, 1);
072328dd 2644 quic_unlock(ctx.qc);
a9979965
HL		 2645 return 1;
2646}
2647
553a4e00
HL		 2648/*
2649 * SSL_inject_net_dgram
2650 * --------------------
2651 */
5129e594 2652QUIC_TAKES_LOCK
553a4e00
HL		 2653int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
2654 size_t buf_len,
2655 const BIO_ADDR *peer,
2656 const BIO_ADDR *local)
2657{
5129e594 2658 int ret;
072328dd 2659 QCTX ctx;
553a4e00
HL		 2660 QUIC_DEMUX *demux;
2661
072328dd 2662 if (!expect_quic(s, &ctx))
553a4e00
HL		 2663 return 0;
2664
072328dd 2665 quic_lock(ctx.qc);
5129e594 2666
072328dd 2667 demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
5129e594
HL		 2668 ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
2669
072328dd 2670 quic_unlock(ctx.qc);
5129e594 2671 return ret;
553a4e00
HL		 2672}
2673
020d0389
HL		 2674/*
2675 * SSL_get0_connection
2676 * -------------------
2677 */
2678SSL *ossl_quic_get0_connection(SSL *s)
2679{
2680 QCTX ctx;
2681
2682 if (!expect_quic(s, &ctx))
2683 return NULL;
2684
2685 return &ctx.qc->ssl;
2686}
2687
1bca3f1b
HL		 2688/*
2689 * SSL_get_stream_type
2690 * -------------------
2691 */
2692int ossl_quic_get_stream_type(SSL *s)
2693{
2694 QCTX ctx;
2695
2696 if (!expect_quic(s, &ctx))
59c5c016 2697 return SSL_STREAM_TYPE_BIDI;
1bca3f1b
HL		 2698
2699 if (ctx.xso == NULL) {
2700 /*
59c5c016
HL		 2701 * If deferred XSO creation has yet to occur, proceed according to the
2702 * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
2703 * what kind of stream will be created yet, so return BIDI on the basis
2704 * that at this time, the client still has the option of calling
2705 * SSL_read() or SSL_write() first.
1bca3f1b 2706 */
59c5c016
HL		 2707 if (ctx.qc->default_xso_created
2708 || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1bca3f1b 2709 return SSL_STREAM_TYPE_NONE;
59c5c016
HL		 2710 else
2711 return SSL_STREAM_TYPE_BIDI;
1bca3f1b
HL		 2712 }
2713
2714 if (ossl_quic_stream_is_bidi(ctx.xso->stream))
2715 return SSL_STREAM_TYPE_BIDI;
2716
2717 if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
2718 return SSL_STREAM_TYPE_READ;
2719 else
2720 return SSL_STREAM_TYPE_WRITE;
2721}
2722
19cb0887
HL		 2723/*
2724 * SSL_get_stream_id
2725 * -----------------
2726 */
cb68ce9f 2727QUIC_TAKES_LOCK
19cb0887
HL		 2728uint64_t ossl_quic_get_stream_id(SSL *s)
2729{
2730 QCTX ctx;
8b7be3aa 2731 uint64_t id;
19cb0887 2732
a954f761 2733 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx))
19cb0887
HL		 2734 return UINT64_MAX;
2735
8b7be3aa
HL		 2736 id = ctx.xso->stream->id;
2737 quic_unlock(ctx.qc);
2738
2739 return id;
2740}
2741
2742/*
2743 * SSL_set_default_stream_mode
2744 * ---------------------------
2745 */
cb68ce9f 2746QUIC_TAKES_LOCK
8b7be3aa
HL		 2747int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
2748{
2749 QCTX ctx;
2750
a954f761 2751 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
8b7be3aa
HL		 2752 return 0;
2753
2754 quic_lock(ctx.qc);
2755
4669a3d7
HL		 2756 if (ctx.qc->default_xso_created) {
2757 quic_unlock(ctx.qc);
a954f761 2758 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
8ee3ee10 2759 "too late to change default stream mode");
4669a3d7 2760 }
8b7be3aa
HL		 2761
2762 switch (mode) {
2763 case SSL_DEFAULT_STREAM_MODE_NONE:
2764 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
2765 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
2766 ctx.qc->default_stream_mode = mode;
2767 break;
2768 default:
2769 quic_unlock(ctx.qc);
a954f761 2770 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
8ee3ee10 2771 "bad default stream type");
8b7be3aa
HL		 2772 }
2773
2774 quic_unlock(ctx.qc);
2775 return 1;
2776}
2777
2778/*
2779 * SSL_detach_stream
2780 * -----------------
2781 */
cb68ce9f 2782QUIC_TAKES_LOCK
8b7be3aa
HL		 2783SSL *ossl_quic_detach_stream(SSL *s)
2784{
2785 QCTX ctx;
9cab4bd5 2786 QUIC_XSO *xso = NULL;
8b7be3aa 2787
a954f761 2788 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
8b7be3aa
HL		 2789 return NULL;
2790
2791 quic_lock(ctx.qc);
2792
8b7be3aa 2793 /* Calling this function inhibits default XSO autocreation. */
9cab4bd5
HL		 2794 /* QC ref to any default XSO is transferred to us and to caller. */
2795 qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso);
8b7be3aa
HL		 2796
2797 quic_unlock(ctx.qc);
2798
9cab4bd5 2799 return xso != NULL ? &xso->ssl : NULL;
8b7be3aa
HL		 2800}
2801
2802/*
2803 * SSL_attach_stream
2804 * -----------------
2805 */
cb68ce9f 2806QUIC_TAKES_LOCK
8b7be3aa
HL		 2807int ossl_quic_attach_stream(SSL *conn, SSL *stream)
2808{
2809 QCTX ctx;
9cab4bd5
HL		 2810 QUIC_XSO *xso;
2811 int nref;
8b7be3aa 2812
a954f761 2813 if (!expect_quic_conn_only(conn, /*io=*/0, &ctx))
8b7be3aa
HL		 2814 return 0;
2815
2816 if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
a954f761 2817 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_NULL_PARAMETER,
8ee3ee10 2818 "stream to attach must be a valid QUIC stream");
8b7be3aa 2819
9cab4bd5
HL		 2820 xso = (QUIC_XSO *)stream;
2821
8b7be3aa
HL		 2822 quic_lock(ctx.qc);
2823
2824 if (ctx.qc->default_xso != NULL) {
2825 quic_unlock(ctx.qc);
a954f761 2826 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
8ee3ee10 2827 "connection already has a default stream");
8b7be3aa
HL		 2828 }
2829
9cab4bd5
HL		 2830 /*
2831 * It is a caller error for the XSO being attached as a default XSO to have
2832 * more than one ref.
2833 */
4eecc6aa 2834 if (!CRYPTO_GET_REF(&xso->ssl.references, &nref)) {
9cab4bd5 2835 quic_unlock(ctx.qc);
a954f761 2836 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR,
8ee3ee10 2837 "ref");
9cab4bd5
HL		 2838 }
2839
2840 if (nref != 1) {
2841 quic_unlock(ctx.qc);
a954f761 2842 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
8ee3ee10
TM		 2843 "stream being attached must have "
2844 "only 1 reference");
9cab4bd5
HL		 2845 }
2846
2847 /* Caller's reference to the XSO is transferred to us. */
8b7be3aa 2848 /* Calling this function inhibits default XSO autocreation. */
9cab4bd5 2849 qc_set_default_xso(ctx.qc, xso, /*touch=*/1);
8b7be3aa
HL		 2850
2851 quic_unlock(ctx.qc);
2852 return 1;
19cb0887
HL		 2853}
2854
8a90df34 2855/*
83df44ae
HL		 2856 * SSL_set_incoming_stream_policy
2857 * ------------------------------
8a90df34 2858 */
995ff282 2859QUIC_NEEDS_LOCK
83df44ae 2860static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc)
995ff282 2861{
83df44ae
HL		 2862 switch (qc->incoming_stream_policy) {
2863 case SSL_INCOMING_STREAM_POLICY_AUTO:
995ff282
HL		 2864 if ((qc->default_xso == NULL && !qc->default_xso_created)
2865 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
83df44ae 2866 return SSL_INCOMING_STREAM_POLICY_ACCEPT;
995ff282 2867 else
83df44ae 2868 return SSL_INCOMING_STREAM_POLICY_REJECT;
995ff282
HL		 2869
2870 default:
83df44ae 2871 return qc->incoming_stream_policy;
995ff282
HL		 2872 }
2873}
2874
2875QUIC_NEEDS_LOCK
2876static void qc_update_reject_policy(QUIC_CONNECTION *qc)
2877{
83df44ae
HL		 2878 int policy = qc_get_effective_incoming_stream_policy(qc);
2879 int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT);
995ff282
HL		 2880
2881 ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch,
2882 enable_reject,
83df44ae 2883 qc->incoming_stream_aec);
995ff282
HL		 2884}
2885
cb68ce9f 2886QUIC_TAKES_LOCK
83df44ae
HL		 2887int ossl_quic_set_incoming_stream_policy(SSL *s, int policy,
2888 uint64_t aec)
8a90df34
HL		 2889{
2890 int ret = 1;
2891 QCTX ctx;
2892
a954f761 2893 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
8a90df34
HL		 2894 return 0;
2895
2896 quic_lock(ctx.qc);
2897
2898 switch (policy) {
83df44ae
HL		 2899 case SSL_INCOMING_STREAM_POLICY_AUTO:
2900 case SSL_INCOMING_STREAM_POLICY_ACCEPT:
2901 case SSL_INCOMING_STREAM_POLICY_REJECT:
2902 ctx.qc->incoming_stream_policy = policy;
2903 ctx.qc->incoming_stream_aec = aec;
8a90df34
HL		 2904 break;
2905
2906 default:
a954f761 2907 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
8a90df34
HL		 2908 ret = 0;
2909 break;
2910 }
2911
995ff282 2912 qc_update_reject_policy(ctx.qc);
8a90df34
HL		 2913 quic_unlock(ctx.qc);
2914 return ret;
2915}
2916
cb68ce9f
HL		 2917/*
2918 * SSL_accept_stream
2919 * -----------------
2920 */
cb68ce9f 2921struct wait_for_incoming_stream_args {
faa3a180 2922 QCTX *ctx;
cb68ce9f
HL		 2923 QUIC_STREAM *qs;
2924};
2925
2926QUIC_NEEDS_LOCK
2927static int wait_for_incoming_stream(void *arg)
2928{
2929 struct wait_for_incoming_stream_args *args = arg;
faa3a180
HL		 2930 QUIC_CONNECTION *qc = args->ctx->qc;
2931 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
cb68ce9f 2932
6d6b3a03 2933 if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
cb68ce9f 2934 /* If connection is torn down due to an error while blocking, stop. */
faa3a180 2935 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
cb68ce9f
HL		 2936 return -1;
2937 }
2938
2939 args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2940 if (args->qs != NULL)
2941 return 1; /* got a stream */
2942
2943 return 0; /* did not get a stream, keep trying */
2944}
2945
2946QUIC_TAKES_LOCK
2947SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
2948{
2949 QCTX ctx;
2950 int ret;
2951 SSL *new_s = NULL;
2952 QUIC_STREAM_MAP *qsm;
2953 QUIC_STREAM *qs;
2954 QUIC_XSO *xso;
90cecc40 2955 OSSL_RTT_INFO rtt_info;
cb68ce9f 2956
a954f761 2957 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
cb68ce9f
HL		 2958 return NULL;
2959
2960 quic_lock(ctx.qc);
2961
83df44ae 2962 if (qc_get_effective_incoming_stream_policy(ctx.qc)
8ee3ee10 2963 == SSL_INCOMING_STREAM_POLICY_REJECT) {
a954f761 2964 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
cb68ce9f 2965 goto out;
8ee3ee10 2966 }
cb68ce9f
HL		 2967
2968 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2969
2970 qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2971 if (qs == NULL) {
2972 if (qc_blocking_mode(ctx.qc)
2973 && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
2974 struct wait_for_incoming_stream_args args;
2975
faa3a180 2976 args.ctx = &ctx;
cb68ce9f
HL		 2977 args.qs = NULL;
2978
2979 ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
2980 if (ret == 0) {
faa3a180 2981 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
cb68ce9f
HL		 2982 goto out;
2983 } else if (ret < 0 || args.qs == NULL) {
2984 goto out;
2985 }
2986
2987 qs = args.qs;
2988 } else {
2989 goto out;
2990 }
2991 }
2992
2993 xso = create_xso_from_stream(ctx.qc, qs);
2994 if (xso == NULL)
2995 goto out;
2996
90cecc40
HL		 2997 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info);
2998 ossl_quic_stream_map_remove_from_accept_queue(qsm, qs,
2999 rtt_info.smoothed_rtt);
cb68ce9f
HL		 3000 new_s = &xso->ssl;
3001
3002 /* Calling this function inhibits default XSO autocreation. */
995ff282 3003 qc_touch_default_xso(ctx.qc); /* inhibits default XSO */
cb68ce9f
HL		 3004
3005out:
3006 quic_unlock(ctx.qc);
3007 return new_s;
3008}
3009
3010/*
3011 * SSL_get_accept_stream_queue_len
3012 * -------------------------------
3013 */
3014QUIC_TAKES_LOCK
3015size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
3016{
3017 QCTX ctx;
3018 size_t v;
3019
a954f761 3020 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
cb68ce9f
HL		 3021 return 0;
3022
3023 quic_lock(ctx.qc);
3024
3025 v = ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
3026
3027 quic_unlock(ctx.qc);
3028 return v;
3029}
3030
c3a04ea2
HL		 3031/*
3032 * SSL_stream_reset
3033 * ----------------
3034 */
3035int ossl_quic_stream_reset(SSL *ssl,
3036 const SSL_STREAM_RESET_ARGS *args,
3037 size_t args_len)
3038{
3039 QCTX ctx;
3040 QUIC_STREAM_MAP *qsm;
3041 QUIC_STREAM *qs;
3042 uint64_t error_code;
e0bd2825 3043 int ok, err;
c3a04ea2 3044
a954f761 3045 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, /*io=*/0, &ctx))
c3a04ea2
HL		 3046 return 0;
3047
3048 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
3049 qs = ctx.xso->stream;
3050 error_code = (args != NULL ? args->quic_error_code : 0);
3051
1d547f8f
HL		 3052 if (!quic_validate_for_write(ctx.xso, &err)) {
3053 ok = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
3054 goto err;
3055 }
e0bd2825 3056
2f018d14 3057 ok = ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code);
c3a04ea2 3058
1d547f8f 3059err:
c3a04ea2 3060 quic_unlock(ctx.qc);
2f018d14 3061 return ok;
c3a04ea2
HL		 3062}
3063
3064/*
3065 * SSL_get_stream_read_state
3066 * -------------------------
3067 */
3068static void quic_classify_stream(QUIC_CONNECTION *qc,
3069 QUIC_STREAM *qs,
3070 int is_write,
3071 int *state,
3072 uint64_t *app_error_code)
3073{
3074 int local_init;
3075 uint64_t final_size;
3076
3077 local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server);
3078
3079 if (app_error_code != NULL)
3080 *app_error_code = UINT64_MAX;
3081 else
3082 app_error_code = &final_size; /* throw away value */
3083
3084 if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) {
3085 /*
3086 * Unidirectional stream and this direction of transmission doesn't
3087 * exist.
3088 */
3089 *state = SSL_STREAM_STATE_WRONG_DIR;
3090 } else if (ossl_quic_channel_is_term_any(qc->ch)) {
3091 /* Connection already closed. */
3092 *state = SSL_STREAM_STATE_CONN_CLOSED;
5ed3a435 3093 } else if (!is_write && qs->recv_state == QUIC_RSTREAM_STATE_DATA_READ) {
c3a04ea2
HL		 3094 /* Application has read a FIN. */
3095 *state = SSL_STREAM_STATE_FINISHED;
3096 } else if ((!is_write && qs->stop_sending)
2f018d14 3097 || (is_write && ossl_quic_stream_send_is_reset(qs))) {
c3a04ea2
HL		 3098 /*
3099 * Stream has been reset locally. FIN takes precedence over this for the
3100 * read case as the application need not care if the stream is reset
3101 * after a FIN has been successfully processed.
3102 */
3103 *state = SSL_STREAM_STATE_RESET_LOCAL;
3104 *app_error_code = !is_write
3105 ? qs->stop_sending_aec
3106 : qs->reset_stream_aec;
2f018d14 3107 } else if ((!is_write && ossl_quic_stream_recv_is_reset(qs))
c3a04ea2
HL		 3108 || (is_write && qs->peer_stop_sending)) {
3109 /*
3110 * Stream has been reset remotely. */
3111 *state = SSL_STREAM_STATE_RESET_REMOTE;
3112 *app_error_code = !is_write
3113 ? qs->peer_reset_stream_aec
3114 : qs->peer_stop_sending_aec;
3115 } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream,
3116 &final_size)) {
3117 /*
3118 * Stream has been finished. Stream reset takes precedence over this for
3119 * the write case as peer may not have received all data.
3120 */
3121 *state = SSL_STREAM_STATE_FINISHED;
3122 } else {
3123 /* Stream still healthy. */
3124 *state = SSL_STREAM_STATE_OK;
3125 }
3126}
3127
3128static int quic_get_stream_state(SSL *ssl, int is_write)
3129{
3130 QCTX ctx;
3131 int state;
3132
a954f761 3133 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
c3a04ea2
HL		 3134 return SSL_STREAM_STATE_NONE;
3135
3136 quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL);
3137 quic_unlock(ctx.qc);
3138 return state;
3139}
3140
3141int ossl_quic_get_stream_read_state(SSL *ssl)
3142{
3143 return quic_get_stream_state(ssl, /*is_write=*/0);
3144}
3145
3146/*
3147 * SSL_get_stream_write_state
3148 * --------------------------
3149 */
3150int ossl_quic_get_stream_write_state(SSL *ssl)
3151{
3152 return quic_get_stream_state(ssl, /*is_write=*/1);
3153}
3154
3155/*
3156 * SSL_get_stream_read_error_code
3157 * ------------------------------
3158 */
3159static int quic_get_stream_error_code(SSL *ssl, int is_write,
3160 uint64_t *app_error_code)
3161{
3162 QCTX ctx;
3163 int state;
3164
a954f761 3165 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
c3a04ea2
HL		 3166 return -1;
3167
3168 quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0,
3169 &state, app_error_code);
3170
3171 quic_unlock(ctx.qc);
3172 switch (state) {
3173 case SSL_STREAM_STATE_FINISHED:
3174 return 0;
3175 case SSL_STREAM_STATE_RESET_LOCAL:
3176 case SSL_STREAM_STATE_RESET_REMOTE:
3177 return 1;
3178 default:
3179 return -1;
3180 }
3181}
3182
3183int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code)
3184{
3185 return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code);
3186}
3187
3188/*
3189 * SSL_get_stream_write_error_code
3190 * -------------------------------
3191 */
3192int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code)
3193{
3194 return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code);
3195}
3196
3415677e
HL		 3197/*
3198 * Write buffer size mutation
3199 * --------------------------
3200 */
3201int ossl_quic_set_write_buffer_size(SSL *ssl, size_t size)
3202{
3203 int ret = 0;
3204 QCTX ctx;
3205
a954f761 3206 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
3415677e
HL		 3207 return 0;
3208
96014840 3209 if (!ossl_quic_stream_has_send(ctx.xso->stream)) {
3415677e 3210 /* Called on a unidirectional receive-only stream - error. */
a954f761 3211 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
3415677e 3212 goto out;
96014840 3213 }
3415677e
HL		 3214
3215 if (!ossl_quic_stream_has_send_buffer(ctx.xso->stream)) {
3216 /*
3217 * If the stream has a send part but we have disposed of it because we
3218 * no longer need it, this is a no-op.
3219 */
3220 ret = 1;
3221 goto out;
3222 }
3223
96014840 3224 if (!ossl_quic_sstream_set_buffer_size(ctx.xso->stream->sstream, size)) {
a954f761 3225 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
3415677e 3226 goto out;
96014840 3227 }
3415677e
HL		 3228
3229 ret = 1;
3230
3231out:
3232 quic_unlock(ctx.qc);
3233 return ret;
3234}
3235
c3a04ea2
HL		 3236/*
3237 * SSL_get_conn_close_info
3238 * -----------------------
3239 */
3240int ossl_quic_get_conn_close_info(SSL *ssl,
3241 SSL_CONN_CLOSE_INFO *info,
3242 size_t info_len)
3243{
3244 QCTX ctx;
3245 const QUIC_TERMINATE_CAUSE *tc;
3246
a954f761 3247 if (!expect_quic_conn_only(ssl, /*io=*/0, &ctx))
c3a04ea2
HL		 3248 return -1;
3249
3250 tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
3251 if (tc == NULL)
3252 return 0;
3253
3254 info->error_code = tc->error_code;
40c8c756
HL		 3255 info->reason = tc->reason;
3256 info->reason_len = tc->reason_len;
c3a04ea2
HL		 3257 info->is_local = !tc->remote;
3258 info->is_transport = !tc->app;
3259 return 1;
3260}
3261
2525109f
HL		 3262/*
3263 * SSL_key_update
3264 * --------------
3265 */
3266int ossl_quic_key_update(SSL *ssl, int update_type)
3267{
3268 QCTX ctx;
3269
a954f761 3270 if (!expect_quic_conn_only(ssl, /*io=*/0, &ctx))
2525109f
HL		 3271 return 0;
3272
3273 switch (update_type) {
3274 case SSL_KEY_UPDATE_NOT_REQUESTED:
3275 /*
3276 * QUIC signals peer key update implicily by triggering a local
3277 * spontaneous TXKU. Silently upgrade this to SSL_KEY_UPDATE_REQUESTED.
3278 */
3279 case SSL_KEY_UPDATE_REQUESTED:
3280 break;
3281
3282 default:
a954f761 3283 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
2525109f
HL		 3284 return 0;
3285 }
3286
3287 quic_lock(ctx.qc);
3288
3289 /* Attempt to perform a TXKU. */
3290 if (!ossl_quic_channel_trigger_txku(ctx.qc->ch)) {
a954f761 3291 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_TOO_MANY_KEY_UPDATES, NULL);
2525109f
HL		 3292 quic_unlock(ctx.qc);
3293 return 0;
3294 }
3295
3296 quic_unlock(ctx.qc);
3297 return 1;
3298}
3299
3300/*
3301 * SSL_get_key_update_type
3302 * -----------------------
3303 */
3304int ossl_quic_get_key_update_type(const SSL *s)
3305{
3306 /*
3307 * We always handle key updates immediately so a key update is never
3308 * pending.
3309 */
3310 return SSL_KEY_UPDATE_NONE;
3311}
3312
22d53c88
HL		 3313/*
3314 * QUIC Front-End I/O API: SSL_CTX Management
3315 * ==========================================
3316 */
3317
3318long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3319{
3320 switch (cmd) {
3321 default:
8a1a6d6d 3322 return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
22d53c88
HL		 3323 }
3324}
3325
3326long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3327{
63dfde87
MC		 3328 QCTX ctx;
3329
a954f761 3330 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
63dfde87
MC		 3331 return 0;
3332
3333 switch (cmd) {
3334 case SSL_CTRL_SET_MSG_CALLBACK:
5cf99b40
MC		 3335 ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp,
3336 &ctx.qc->ssl);
63dfde87
MC		 3337 /* This callback also needs to be set on the internal SSL object */
3338 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);;
3339
3340 default:
3341 /* Probably a TLS related ctrl. Defer to our internal SSL object */
3342 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);
3343 }
22d53c88
HL		 3344}
3345
3346long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3347{
8a1a6d6d 3348 return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
22d53c88
HL		 3349}
3350
3351int ossl_quic_renegotiate_check(SSL *ssl, int initok)
3352{
3353 /* We never do renegotiation. */
3354 return 0;
3355}
3356
3357/*
d518854c
MC		 3358 * These functions define the TLSv1.2 (and below) ciphers that are supported by
3359 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
22d53c88 3360 */
22d53c88
HL		 3361
3362int ossl_quic_num_ciphers(void)
3363{
d518854c 3364 return 0;
22d53c88
HL		 3365}
3366
3367const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
3368{
d518854c 3369 return NULL;
d5ab48a1 3370}
16f3b542
HL		 3371
3372/*
3373 * Internal Testing APIs
3374 * =====================
3375 */
3376
3377QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s)
3378{
3379 QCTX ctx;
3380
a954f761 3381 if (!expect_quic_conn_only(s, /*io=*/0, &ctx))
16f3b542
HL		 3382 return NULL;
3383
3384 return ctx.qc->ch;
3385}
A mirror of the official openssl repository