[thirdparty/openssl.git] / ssl / quic / quic_local.h

/*
 * Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#ifndef OSSL_QUIC_LOCAL_H
# define OSSL_QUIC_LOCAL_H

# include <openssl/ssl.h>
# include "internal/quic_ssl.h"       /* QUIC_CONNECTION */
# include "internal/quic_txp.h"
# include "internal/quic_statm.h"
# include "internal/quic_demux.h"
# include "internal/quic_record_rx.h"
# include "internal/quic_tls.h"
# include "internal/quic_fc.h"
# include "internal/quic_stream.h"
# include "internal/quic_channel.h"
# include "internal/quic_reactor.h"
# include "internal/quic_thread_assist.h"
# include "../ssl_local.h"

# ifndef OPENSSL_NO_QUIC

/*
 * QUIC stream SSL object (QSSO) type. This implements the API personality layer
 * for QSSO objects, wrapping the QUIC-native QUIC_STREAM object and tracking
 * state required by the libssl API personality.
 */
struct quic_xso_st {
    /* SSL object common header. */
    struct ssl_st                   ssl;

    /* The connection this stream is associated with. Always non-NULL. */
    QUIC_CONNECTION                 *conn;

    /* The stream object. Always non-NULL for as long as the XSO exists. */
    QUIC_STREAM                     *stream;

    /*
     * Has this stream been logically configured into blocking mode? Only
     * meaningful if desires_blocking_set is 1. Ignored if blocking is not
     * currently possible given QUIC_CONNECTION configuration.
     */
    unsigned int                    desires_blocking        : 1;

    /*
     * Has SSL_set_blocking_mode been called on this stream? If not set, we
     * inherit from the QUIC_CONNECTION blocking state.
     */
    unsigned int                    desires_blocking_set    : 1;

    /* The application has retired a FIN (i.e. SSL_ERROR_ZERO_RETURN). */
    unsigned int                    retired_fin             : 1;

    /*
     * The application has requested a reset. Not set for reflexive
     * STREAM_RESETs caused by peer STOP_SENDING.
     */
    unsigned int                    requested_reset         : 1;

    /*
     * This state tracks SSL_write all-or-nothing (AON) write semantics
     * emulation.
     *
     * Example chronology:
     *
     *   t=0:  aon_write_in_progress=0
     *   t=1:  SSL_write(ssl, b1, l1) called;
     *         too big to enqueue into sstream at once, SSL_ERROR_WANT_WRITE;
     *         aon_write_in_progress=1; aon_buf_base=b1; aon_buf_len=l1;
     *         aon_buf_pos < l1 (depends on how much room was in sstream);
     *   t=2:  SSL_write(ssl, b2, l2);
     *         b2 must equal b1 (validated unless ACCEPT_MOVING_WRITE_BUFFER)
     *         l2 must equal l1 (always validated)
     *         append into sstream from [b2 + aon_buf_pos, b2 + aon_buf_len)
     *         if done, aon_write_in_progress=0
     *
     */
    /* Is an AON write in progress? */
    unsigned int                    aon_write_in_progress   : 1;

    /* Event handling mode. One of SSL_QUIC_VALUE_EVENT_HANDLING. */
    unsigned int                    event_handling_mode     : 2;

    /*
     * The base buffer pointer the caller passed us for the initial AON write
     * call. We use this for validation purposes unless
     * ACCEPT_MOVING_WRITE_BUFFER is enabled.
     *
     * NOTE: We never dereference this, as the caller might pass a different
     * (but identical) buffer if using ACCEPT_MOVING_WRITE_BUFFER. It is for
     * validation by pointer comparison only.
     */
    const unsigned char             *aon_buf_base;
    /* The total length of the AON buffer being sent, in bytes. */
    size_t                          aon_buf_len;
    /*
     * The position in the AON buffer up to which we have successfully sent data
     * so far.
     */
    size_t                          aon_buf_pos;

    /* SSL_set_mode */
    uint32_t                        ssl_mode;

    /* SSL_set_options */
    uint64_t                        ssl_options;

    /*
     * Last 'normal' error during an app-level I/O operation, used by
     * SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
     * and SSL_ERROR_WANT_WRITE.
     */
    int                             last_error;
};

struct quic_conn_st {
    /*
     * ssl_st is a common header for ordinary SSL objects, QUIC connection
     * objects and QUIC stream objects, allowing objects of these different
     * types to be disambiguated at runtime and providing some common fields.
     *
     * Note: This must come first in the QUIC_CONNECTION structure.
     */
    struct ssl_st                   ssl;

    SSL                             *tls;

    /* The QUIC engine representing the QUIC event domain. */
    QUIC_ENGINE                     *engine;

    /* The QUIC port representing the QUIC listener and socket. */
    QUIC_PORT                       *port;

    /*
     * The QUIC channel providing the core QUIC connection implementation. Note
     * that this is not instantiated until we actually start trying to do the
     * handshake. This is to allow us to gather information like whether we are
     * going to be in client or server mode before committing to instantiating
     * the channel, since we want to determine the channel arguments based on
     * that.
     *
     * The channel remains available after connection termination until the SSL
     * object is freed, thus (ch != NULL) iff (started == 1).
     */
    QUIC_CHANNEL                    *ch;

    /*
     * The mutex used to synchronise access to the QUIC_CHANNEL. We own this but
     * provide it to the channel.
     */
    CRYPTO_MUTEX                    *mutex;

    /*
     * If we have a default stream attached, this is the internal XSO
     * object. If there is no default stream, this is NULL.
     */
    QUIC_XSO                        *default_xso;

    /* The network read and write BIOs. */
    BIO                             *net_rbio, *net_wbio;

    /* Initial peer L4 address. */
    BIO_ADDR                        init_peer_addr;

#  ifndef OPENSSL_NO_QUIC_THREAD_ASSIST
    /* Manages thread for QUIC thread assisted mode. */
    QUIC_THREAD_ASSIST              thread_assist;
#  endif

    /* If non-NULL, used instead of ossl_time_now(). Used for testing. */
    OSSL_TIME                       (*override_now_cb)(void *arg);
    void                            *override_now_cb_arg;

    /* Number of XSOs allocated. Includes the default XSO, if any. */
    size_t                          num_xso;

    /* Have we started? */
    unsigned int                    started                 : 1;

    /*
     * This is 1 if we were instantiated using a QUIC server method
     * (for future use).
     */
    unsigned int                    as_server               : 1;

    /*
     * Has the application called SSL_set_accept_state? We require this to be
     * congruent with the value of as_server.
     */
    unsigned int                    as_server_state         : 1;

    /* Are we using thread assisted mode? Never changes after init. */
    unsigned int                    is_thread_assisted      : 1;

    /* Do connection-level operations (e.g. handshakes) run in blocking mode? */
    unsigned int                    blocking                : 1;

    /* Does the application want blocking mode? */
    unsigned int                    desires_blocking        : 1;

    /* Have we created a default XSO yet? */
    unsigned int                    default_xso_created     : 1;

    /*
     * Pre-TERMINATING shutdown phase in which we are flushing streams.
     * Monotonically transitions to 1.
     * New streams cannot be created in this state.
     */
    unsigned int                    shutting_down           : 1;

    /* Have we probed the BIOs for addressing support? */
    unsigned int                    addressing_probe_done   : 1;

    /* Are we using addressed mode (BIO_sendmmsg with non-NULL peer)? */
    unsigned int                    addressed_mode_w        : 1;
    unsigned int                    addressed_mode_r        : 1;

    /* Event handling mode. One of SSL_QUIC_VALUE_EVENT_HANDLING. */
    unsigned int                    event_handling_mode     : 2;

    /* Default stream type. Defaults to SSL_DEFAULT_STREAM_MODE_AUTO_BIDI. */
    uint32_t                        default_stream_mode;

    /* SSL_set_mode. This is not used directly but inherited by new XSOs. */
    uint32_t                        default_ssl_mode;

    /* SSL_set_options. This is not used directly but inherited by new XSOs. */
    uint64_t                        default_ssl_options;

    /* SSL_set_incoming_stream_policy. */
    int                             incoming_stream_policy;
    uint64_t                        incoming_stream_aec;

    /*
     * Last 'normal' error during an app-level I/O operation, used by
     * SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
     * and SSL_ERROR_WANT_WRITE.
     */
    int                             last_error;
};

/* Internal calls to the QUIC CSM which come from various places. */
int ossl_quic_conn_on_handshake_confirmed(QUIC_CONNECTION *qc);

/*
 * To be called when a protocol violation occurs. The connection is torn down
 * with the given error code, which should be a OSSL_QUIC_ERR_* value. Reason
 * string is optional and copied if provided. frame_type should be 0 if not
 * applicable.
 */
void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION *qc,
                                         uint64_t error_code,
                                         uint64_t frame_type,
                                         const char *reason);

void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc,
                                         OSSL_QUIC_FRAME_CONN_CLOSE *f);

int ossl_quic_trace(int write_p, int version, int content_type,
                    const void *buf, size_t msglen, SSL *ssl, void *arg);

#  define OSSL_QUIC_ANY_VERSION 0xFFFFF
#  define IS_QUIC_METHOD(m) \
    ((m) == OSSL_QUIC_client_method() || \
     (m) == OSSL_QUIC_client_thread_method())
#  define IS_QUIC_CTX(ctx)          IS_QUIC_METHOD((ctx)->method)

#  define QUIC_CONNECTION_FROM_SSL_int(ssl, c)   \
     ((ssl) == NULL ? NULL                       \
      : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
         ? (c QUIC_CONNECTION *)(ssl)            \
         : NULL))

#  define QUIC_XSO_FROM_SSL_int(ssl, c)                             \
    ((ssl) == NULL                                                  \
     ? NULL                                                         \
     : (((ssl)->type == SSL_TYPE_QUIC_XSO                           \
        ? (c QUIC_XSO *)(ssl)                                       \
        : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION                  \
           ? (c QUIC_XSO *)((QUIC_CONNECTION *)(ssl))->default_xso  \
           : NULL))))

#  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c)               \
     ((ssl) == NULL ? NULL                                       \
      : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION                 \
         ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \
         : NULL))

#  define IS_QUIC(ssl) ((ssl) != NULL                                   \
                        && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION     \
                            || (ssl)->type == SSL_TYPE_QUIC_XSO))
# else
#  define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
#  define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
#  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
#  define IS_QUIC(ssl) 0
#  define IS_QUIC_CTX(ctx) 0
#  define IS_QUIC_METHOD(m) 0
# endif

# define QUIC_CONNECTION_FROM_SSL(ssl) \
    QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \
    QUIC_CONNECTION_FROM_SSL_int(ssl, const)
# define QUIC_XSO_FROM_SSL(ssl) \
    QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
# define QUIC_XSO_FROM_CONST_SSL(ssl) \
    QUIC_XSO_FROM_SSL_int(ssl, const)
# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
    SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
    SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const)

# define IMPLEMENT_quic_meth_func(version, func_name, q_accept, \
                                 q_connect, enc_data) \
const SSL_METHOD *func_name(void)  \
        { \
        static const SSL_METHOD func_name##_data= { \
                version, \
                0, \
                0, \
                ossl_quic_new, \
                ossl_quic_free, \
                ossl_quic_reset, \
                ossl_quic_init, \
                NULL /* clear */, \
                ossl_quic_deinit, \
                q_accept, \
                q_connect, \
                ossl_quic_read, \
                ossl_quic_peek, \
                ossl_quic_write, \
                NULL /* shutdown */, \
                NULL /* renegotiate */, \
                ossl_quic_renegotiate_check, \
                NULL /* read_bytes */, \
                NULL /* write_bytes */, \
                NULL /* dispatch_alert */, \
                ossl_quic_ctrl, \
                ossl_quic_ctx_ctrl, \
                ossl_quic_get_cipher_by_char, \
                NULL /* put_cipher_by_char */, \
                ossl_quic_pending, \
                ossl_quic_num_ciphers, \
                ossl_quic_get_cipher, \
                tls1_default_timeout, \
                &enc_data, \
                ssl_undefined_void_function, \
                ossl_quic_callback_ctrl, \
                ossl_quic_ctx_callback_ctrl, \
        }; \
        return &func_name##_data; \
        }

#endif
Commit	Line	Data
99e1cc7b	1	/*
b6461792	2	* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
99e1cc7b TM	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#ifndef OSSL_QUIC_LOCAL_H
	11	# define OSSL_QUIC_LOCAL_H
	12
	13	# include <openssl/ssl.h>
d5ab48a1	14	# include "internal/quic_ssl.h" /* QUIC_CONNECTION */
22d53c88 HL	15	# include "internal/quic_txp.h"
	16	# include "internal/quic_statm.h"
	17	# include "internal/quic_demux.h"
	18	# include "internal/quic_record_rx.h"
2723d705	19	# include "internal/quic_tls.h"
a17c713a TM	20	# include "internal/quic_fc.h"
a17c713a TM	21	# include "internal/quic_stream.h"
22d53c88 HL	22	# include "internal/quic_channel.h"
22d53c88 HL	23	# include "internal/quic_reactor.h"
f2f7c4f1	24	# include "internal/quic_thread_assist.h"
99e1cc7b TM	25	# include "../ssl_local.h"
99e1cc7b TM	26
22d53c88	27	# ifndef OPENSSL_NO_QUIC
a17c713a	28
cb5c208b	29	/*
571aff4b	30	* QUIC stream SSL object (QSSO) type. This implements the API personality layer
cb5c208b HL	31	* for QSSO objects, wrapping the QUIC-native QUIC_STREAM object and tracking
	32	* state required by the libssl API personality.
	33	*/
	34	struct quic_xso_st {
	35	/* SSL object common header. */
	36	struct ssl_st ssl;
	37
	38	/* The connection this stream is associated with. Always non-NULL. */
	39	QUIC_CONNECTION *conn;
	40
	41	/* The stream object. Always non-NULL for as long as the XSO exists. */
	42	QUIC_STREAM *stream;
	43
51e671e2 HL	44	/*
	45	* Has this stream been logically configured into blocking mode? Only
	46	* meaningful if desires_blocking_set is 1. Ignored if blocking is not
	47	* currently possible given QUIC_CONNECTION configuration.
	48	*/
	49	unsigned int desires_blocking : 1;
	50
	51	/*
	52	* Has SSL_set_blocking_mode been called on this stream? If not set, we
	53	* inherit from the QUIC_CONNECTION blocking state.
	54	*/
	55	unsigned int desires_blocking_set : 1;
cb5c208b	56
6ba77d67 HL	57	/* The application has retired a FIN (i.e. SSL_ERROR_ZERO_RETURN). */
	58	unsigned int retired_fin : 1;
	59
	60	/*
	61	* The application has requested a reset. Not set for reflexive
	62	* STREAM_RESETs caused by peer STOP_SENDING.
	63	*/
	64	unsigned int requested_reset : 1;
	65
cb5c208b HL	66	/*
	67	* This state tracks SSL_write all-or-nothing (AON) write semantics
	68	* emulation.
	69	*
	70	* Example chronology:
	71	*
	72	* t=0: aon_write_in_progress=0
	73	* t=1: SSL_write(ssl, b1, l1) called;
	74	* too big to enqueue into sstream at once, SSL_ERROR_WANT_WRITE;
	75	* aon_write_in_progress=1; aon_buf_base=b1; aon_buf_len=l1;
	76	* aon_buf_pos < l1 (depends on how much room was in sstream);
	77	* t=2: SSL_write(ssl, b2, l2);
	78	* b2 must equal b1 (validated unless ACCEPT_MOVING_WRITE_BUFFER)
	79	* l2 must equal l1 (always validated)
	80	* append into sstream from [b2 + aon_buf_pos, b2 + aon_buf_len)
10fe5e29	81	* if done, aon_write_in_progress=0
cb5c208b HL	82	*
	83	*/
	84	/* Is an AON write in progress? */
	85	unsigned int aon_write_in_progress : 1;
965f68f3 HL	86
	87	/* Event handling mode. One of SSL_QUIC_VALUE_EVENT_HANDLING. */
	88	unsigned int event_handling_mode : 2;
	89
cb5c208b HL	90	/*
	91	* The base buffer pointer the caller passed us for the initial AON write
	92	* call. We use this for validation purposes unless
	93	* ACCEPT_MOVING_WRITE_BUFFER is enabled.
	94	*
	95	* NOTE: We never dereference this, as the caller might pass a different
	96	* (but identical) buffer if using ACCEPT_MOVING_WRITE_BUFFER. It is for
	97	* validation by pointer comparison only.
	98	*/
	99	const unsigned char *aon_buf_base;
	100	/* The total length of the AON buffer being sent, in bytes. */
	101	size_t aon_buf_len;
	102	/*
	103	* The position in the AON buffer up to which we have successfully sent data
	104	* so far.
	105	*/
	106	size_t aon_buf_pos;
	107
	108	/* SSL_set_mode */
	109	uint32_t ssl_mode;
faa3a180	110
db2f98c4 HL	111	/* SSL_set_options */
	112	uint64_t ssl_options;
	113
faa3a180 HL	114	/*
	115	* Last 'normal' error during an app-level I/O operation, used by
	116	* SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
	117	* and SSL_ERROR_WANT_WRITE.
	118	*/
	119	int last_error;
cb5c208b HL	120	};
cb5c208b HL	121
a17c713a	122	struct quic_conn_st {
22d53c88 HL	123	/*
	124	* ssl_st is a common header for ordinary SSL objects, QUIC connection
	125	* objects and QUIC stream objects, allowing objects of these different
	126	* types to be disambiguated at runtime and providing some common fields.
	127	*
	128	* Note: This must come first in the QUIC_CONNECTION structure.
	129	*/
	130	struct ssl_st ssl;
	131
	132	SSL *tls;
	133
22739cc3 HL	134	/* The QUIC engine representing the QUIC event domain. */
	135	QUIC_ENGINE *engine;
	136
f7671012 HL	137	/* The QUIC port representing the QUIC listener and socket. */
	138	QUIC_PORT *port;
	139
22d53c88 HL	140	/*
	141	* The QUIC channel providing the core QUIC connection implementation. Note
	142	* that this is not instantiated until we actually start trying to do the
	143	* handshake. This is to allow us to gather information like whether we are
	144	* going to be in client or server mode before committing to instantiating
	145	* the channel, since we want to determine the channel arguments based on
	146	* that.
	147	*
	148	* The channel remains available after connection termination until the SSL
	149	* object is freed, thus (ch != NULL) iff (started == 1).
	150	*/
	151	QUIC_CHANNEL *ch;
	152
4847599b HL	153	/*
	154	* The mutex used to synchronise access to the QUIC_CHANNEL. We own this but
	155	* provide it to the channel.
	156	*/
c4208a6a	157	CRYPTO_MUTEX *mutex;
4847599b	158
cb5c208b HL	159	/*
	160	* If we have a default stream attached, this is the internal XSO
	161	* object. If there is no default stream, this is NULL.
	162	*/
	163	QUIC_XSO *default_xso;
22d53c88 HL	164
	165	/* The network read and write BIOs. */
	166	BIO net_rbio, net_wbio;
	167
	168	/* Initial peer L4 address. */
	169	BIO_ADDR init_peer_addr;
	170
9cf091a3	171	# ifndef OPENSSL_NO_QUIC_THREAD_ASSIST
f2f7c4f1 HL	172	/* Manages thread for QUIC thread assisted mode. */
f2f7c4f1 HL	173	QUIC_THREAD_ASSIST thread_assist;
9cf091a3	174	# endif
f2f7c4f1	175
b212d554 HL	176	/* If non-NULL, used instead of ossl_time_now(). Used for testing. */
	177	OSSL_TIME (override_now_cb)(void arg);
	178	void *override_now_cb_arg;
	179
2dbc39de HL	180	/* Number of XSOs allocated. Includes the default XSO, if any. */
	181	size_t num_xso;
	182
22d53c88 HL	183	/* Have we started? */
	184	unsigned int started : 1;
	185
22d53c88	186	/*
dfb9ae14 HL	187	* This is 1 if we were instantiated using a QUIC server method
dfb9ae14 HL	188	* (for future use).
22d53c88 HL	189	*/
	190	unsigned int as_server : 1;
	191
dfb9ae14 HL	192	/*
	193	* Has the application called SSL_set_accept_state? We require this to be
	194	* congruent with the value of as_server.
	195	*/
	196	unsigned int as_server_state : 1;
	197
f2f7c4f1 HL	198	/* Are we using thread assisted mode? Never changes after init. */
	199	unsigned int is_thread_assisted : 1;
	200
cb5c208b HL	201	/* Do connection-level operations (e.g. handshakes) run in blocking mode? */
cb5c208b HL	202	unsigned int blocking : 1;
22d53c88	203
51e671e2 HL	204	/* Does the application want blocking mode? */
51e671e2 HL	205	unsigned int desires_blocking : 1;
cb5c208b	206
21c80696 HL	207	/* Have we created a default XSO yet? */
	208	unsigned int default_xso_created : 1;
	209
8a2e9aba HL	210	/*
	211	* Pre-TERMINATING shutdown phase in which we are flushing streams.
	212	* Monotonically transitions to 1.
	213	* New streams cannot be created in this state.
	214	*/
	215	unsigned int shutting_down : 1;
	216
62665fc2 HL	217	/* Have we probed the BIOs for addressing support? */
	218	unsigned int addressing_probe_done : 1;
	219
	220	/* Are we using addressed mode (BIO_sendmmsg with non-NULL peer)? */
3760747f HL	221	unsigned int addressed_mode_w : 1;
3760747f HL	222	unsigned int addressed_mode_r : 1;
62665fc2	223
965f68f3 HL	224	/* Event handling mode. One of SSL_QUIC_VALUE_EVENT_HANDLING. */
	225	unsigned int event_handling_mode : 2;
	226
8b7be3aa HL	227	/* Default stream type. Defaults to SSL_DEFAULT_STREAM_MODE_AUTO_BIDI. */
	228	uint32_t default_stream_mode;
	229
cb5c208b HL	230	/* SSL_set_mode. This is not used directly but inherited by new XSOs. */
cb5c208b HL	231	uint32_t default_ssl_mode;
22d53c88	232
db2f98c4 HL	233	/* SSL_set_options. This is not used directly but inherited by new XSOs. */
	234	uint64_t default_ssl_options;
	235
83df44ae HL	236	/* SSL_set_incoming_stream_policy. */
	237	int incoming_stream_policy;
	238	uint64_t incoming_stream_aec;
8a90df34	239
22d53c88 HL	240	/*
	241	* Last 'normal' error during an app-level I/O operation, used by
	242	* SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
	243	* and SSL_ERROR_WANT_WRITE.
	244	*/
	245	int last_error;
d5ab48a1	246	};
38b051a1	247
22d53c88 HL	248	/* Internal calls to the QUIC CSM which come from various places. */
	249	int ossl_quic_conn_on_handshake_confirmed(QUIC_CONNECTION *qc);
	250
	251	/*
	252	* To be called when a protocol violation occurs. The connection is torn down
4b4b9c9e HL	253	* with the given error code, which should be a OSSL_QUIC_ERR_* value. Reason
	254	* string is optional and copied if provided. frame_type should be 0 if not
	255	* applicable.
22d53c88 HL	256	*/
	257	void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION *qc,
	258	uint64_t error_code,
	259	uint64_t frame_type,
	260	const char *reason);
	261
	262	void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc,
	263	OSSL_QUIC_FRAME_CONN_CLOSE *f);
	264
45aac107 MC	265	int ossl_quic_trace(int write_p, int version, int content_type,
	266	const void buf, size_t msglen, SSL ssl, void *arg);
	267
d6e7ebba HL	268	# define OSSL_QUIC_ANY_VERSION 0xFFFFF
	269	# define IS_QUIC_METHOD(m) \
	270	((m) == OSSL_QUIC_client_method() \|\| \
	271	(m) == OSSL_QUIC_client_thread_method())
09d56d20	272	# define IS_QUIC_CTX(ctx) IS_QUIC_METHOD((ctx)->method)
22d53c88 HL	273
	274	# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \
	275	((ssl) == NULL ? NULL \
	276	: ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
	277	? (c QUIC_CONNECTION *)(ssl) \
	278	: NULL))
	279
cb5c208b HL	280	# define QUIC_XSO_FROM_SSL_int(ssl, c) \
	281	((ssl) == NULL \
	282	? NULL \
	283	: (((ssl)->type == SSL_TYPE_QUIC_XSO \
	284	? (c QUIC_XSO *)(ssl) \
	285	: ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
	286	? (c QUIC_XSO )((QUIC_CONNECTION )(ssl))->default_xso \
	287	: NULL))))
22d53c88 HL	288
	289	# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) \
	290	((ssl) == NULL ? NULL \
	291	: ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
	292	? (c SSL_CONNECTION )((c QUIC_CONNECTION )(ssl))->tls \
	293	: NULL))
3e5a47d4 HL	294
	295	# define IS_QUIC(ssl) ((ssl) != NULL \
	296	&& ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
	297	\|\| (ssl)->type == SSL_TYPE_QUIC_XSO))
22d53c88 HL	298	# else
22d53c88 HL	299	# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
f8636c7e	300	# define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
22d53c88	301	# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
3e5a47d4	302	# define IS_QUIC(ssl) 0
d6e7ebba HL	303	# define IS_QUIC_CTX(ctx) 0
d6e7ebba HL	304	# define IS_QUIC_METHOD(m) 0
22d53c88	305	# endif
38b051a1 TM	306
	307	# define QUIC_CONNECTION_FROM_SSL(ssl) \
	308	QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
	309	# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \
	310	QUIC_CONNECTION_FROM_SSL_int(ssl, const)
f8636c7e HL	311	# define QUIC_XSO_FROM_SSL(ssl) \
	312	QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
	313	# define QUIC_XSO_FROM_CONST_SSL(ssl) \
	314	QUIC_XSO_FROM_SSL_int(ssl, const)
38b051a1 TM	315	# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
	316	SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
	317	# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
	318	SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const)
	319
08e49012 TM	320	# define IMPLEMENT_quic_meth_func(version, func_name, q_accept, \
08e49012 TM	321	q_connect, enc_data) \
99e1cc7b TM	322	const SSL_METHOD *func_name(void) \
	323	{ \
	324	static const SSL_METHOD func_name##_data= { \
	325	version, \
	326	0, \
	327	0, \
	328	ossl_quic_new, \
99e1cc7b	329	ossl_quic_free, \
38b051a1 TM	330	ossl_quic_reset, \
38b051a1 TM	331	ossl_quic_init, \
44cb36d0	332	NULL /* clear */, \
38b051a1	333	ossl_quic_deinit, \
08e49012 TM	334	q_accept, \
08e49012 TM	335	q_connect, \
99e1cc7b TM	336	ossl_quic_read, \
	337	ossl_quic_peek, \
	338	ossl_quic_write, \
e8043229	339	NULL /* shutdown */, \
99e1cc7b	340	NULL /* renegotiate */, \
e44795bd	341	ossl_quic_renegotiate_check, \
99e1cc7b TM	342	NULL /* read_bytes */, \
	343	NULL /* write_bytes */, \
	344	NULL /* dispatch_alert */, \
	345	ossl_quic_ctrl, \
	346	ossl_quic_ctx_ctrl, \
547ea588	347	ossl_quic_get_cipher_by_char, \
99e1cc7b TM	348	NULL /* put_cipher_by_char */, \
99e1cc7b TM	349	ossl_quic_pending, \
e44795bd TM	350	ossl_quic_num_ciphers, \
e44795bd TM	351	ossl_quic_get_cipher, \
22d53c88	352	tls1_default_timeout, \
99e1cc7b TM	353	&enc_data, \
	354	ssl_undefined_void_function, \
	355	ossl_quic_callback_ctrl, \
	356	ossl_quic_ctx_callback_ctrl, \
	357	}; \
	358	return &func_name##_data; \
	359	}
	360
99e1cc7b	361	#endif