2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #ifndef OSSL_QUIC_LOCAL_H
11 # define OSSL_QUIC_LOCAL_H
13 # include <openssl/ssl.h>
14 # include "internal/quic_ssl.h" /* QUIC_CONNECTION */
15 # include "internal/quic_txp.h"
16 # include "internal/quic_statm.h"
17 # include "internal/quic_demux.h"
18 # include "internal/quic_record_rx.h"
19 # include "internal/quic_dummy_handshake.h"
20 # include "internal/quic_fc.h"
21 # include "internal/quic_stream.h"
22 # include "internal/quic_channel.h"
23 # include "internal/quic_reactor.h"
24 # include "../ssl_local.h"
26 # ifndef OPENSSL_NO_QUIC
30 * ssl_st is a common header for ordinary SSL objects, QUIC connection
31 * objects and QUIC stream objects, allowing objects of these different
32 * types to be disambiguated at runtime and providing some common fields.
34 * Note: This must come first in the QUIC_CONNECTION structure.
41 * The QUIC channel providing the core QUIC connection implementation. Note
42 * that this is not instantiated until we actually start trying to do the
43 * handshake. This is to allow us to gather information like whether we are
44 * going to be in client or server mode before committing to instantiating
45 * the channel, since we want to determine the channel arguments based on
48 * The channel remains available after connection termination until the SSL
49 * object is freed, thus (ch != NULL) iff (started == 1).
53 /* Our single bidirectional application data stream. */
56 /* The network read and write BIOs. */
57 BIO
*net_rbio
, *net_wbio
;
59 /* Initial peer L4 address. */
60 BIO_ADDR init_peer_addr
;
62 /* Have we started? */
63 unsigned int started
: 1;
65 /* Are we in blocking mode? */
66 unsigned int blocking
: 1;
68 /* Can the read and write network BIOs support blocking? */
69 unsigned int can_poll_net_rbio
: 1;
70 unsigned int can_poll_net_wbio
: 1;
73 * Has the application called SSL_set_accept_state? We do not support this
74 * but track it here so we can reject a subsequent handshake call.
76 unsigned int as_server
: 1;
79 * This state tracks SSL_write all-or-nothing (AON) write semantics
84 * t=0: aon_write_in_progress=0
85 * t=1: SSL_write(ssl, b1, l1) called;
86 * too big to enqueue into sstream at once, SSL_ERROR_WANT_WRITE;
87 * aon_write_in_progress=1; aon_buf_base=b1; aon_buf_len=l1;
88 * aon_buf_pos < l1 (depends on how much room was in sstream);
89 * t=2: SSL_write(ssl, b2, l2);
90 * b2 must equal b1 (validated unless ACCEPT_MOVING_WRITE_BUFFER)
91 * l2 must equal l1 (always validated)
92 * append into sstream from [b2 + aon_buf_pos, b2 + aon_buf_len)
93 * if done, aon_write_in_progess=0
96 /* Is an AON write in progress? */
97 unsigned int aon_write_in_progress
: 1;
99 * The base buffer pointer the caller passed us for the initial AON write
100 * call. We use this for validation purposes unless
101 * ACCEPT_MOVING_WRITE_BUFFER is enabled.
103 * NOTE: We never dereference this, as the caller might pass a different
104 * (but identical) buffer if using ACCEPT_MOVING_WRITE_BUFFER. It is for
105 * validation by pointer comparison only.
107 const unsigned char *aon_buf_base
;
108 /* The total length of the AON buffer being sent, in bytes. */
111 * The position in the AON buffer up to which we have successfully sent data
120 * Last 'normal' error during an app-level I/O operation, used by
121 * SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
122 * and SSL_ERROR_WANT_WRITE.
127 /* Internal calls to the QUIC CSM which come from various places. */
128 int ossl_quic_conn_on_handshake_confirmed(QUIC_CONNECTION
*qc
);
131 * To be called when a protocol violation occurs. The connection is torn down
132 * with the given error code, which should be a QUIC_ERR_* value. Reason string
133 * is optional and copied if provided. frame_type should be 0 if not applicable.
135 void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION
*qc
,
140 void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION
*qc
,
141 OSSL_QUIC_FRAME_CONN_CLOSE
*f
);
143 # define OSSL_QUIC_ANY_VERSION 0xFFFFF
145 # define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \
146 ((ssl) == NULL ? NULL \
147 : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
148 ? (c QUIC_CONNECTION *)(ssl) \
151 # define QUIC_STREAM_FROM_SSL_int(ssl, c) \
152 ((ssl) == NULL ? NULL \
153 : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
154 || (ssl)->type == SSL_TYPE_QUIC_STREAM \
155 ? (c QUIC_STREAM *)(ssl) \
158 # define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) \
159 ((ssl) == NULL ? NULL \
160 : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
161 ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \
164 # define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
165 # define QUIC_STREAM_FROM_SSL_int(ssl, c) NULL
166 # define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
169 # define QUIC_CONNECTION_FROM_SSL(ssl) \
170 QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
171 # define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \
172 QUIC_CONNECTION_FROM_SSL_int(ssl, const)
173 # define QUIC_STREAM_FROM_SSL(ssl) \
174 QUIC_STREAM_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
175 # define QUIC_STREAM_FROM_CONST_SSL(ssl) \
176 QUIC_STREAM_FROM_SSL_int(ssl, const)
177 # define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
178 SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
179 # define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
180 SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const)
182 # define IMPLEMENT_quic_meth_func(version, func_name, q_accept, \
183 q_connect, enc_data) \
184 const SSL_METHOD *func_name(void) \
186 static const SSL_METHOD func_name##_data= { \
201 ossl_quic_shutdown, \
202 NULL /* renegotiate */, \
203 ossl_quic_renegotiate_check, \
204 NULL /* read_bytes */, \
205 NULL /* write_bytes */, \
206 NULL /* dispatch_alert */, \
208 ossl_quic_ctx_ctrl, \
209 NULL /* get_cipher_by_char */, \
210 NULL /* put_cipher_by_char */, \
212 ossl_quic_num_ciphers, \
213 ossl_quic_get_cipher, \
214 tls1_default_timeout, \
216 ssl_undefined_void_function, \
217 ossl_quic_callback_ctrl, \
218 ossl_quic_ctx_callback_ctrl, \
220 return &func_name##_data; \