]> git.ipfire.org Git - thirdparty/openssl.git/blame - ssl/quic/quic_impl.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
QUIC DISPATCH/APL: SSL_accept_stream, SSL_get_accept_queue_len
[thirdparty/openssl.git] / ssl / quic / quic_impl.c
CommitLineData
99e1cc7b
TM		 1/*
2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/macros.h>
11#include <openssl/objects.h>
22d53c88
HL		 12#include <openssl/sslerr.h>
13#include <crypto/rand.h>
99e1cc7b 14#include "quic_local.h"
2723d705 15#include "internal/quic_tls.h"
22d53c88
HL		 16#include "internal/quic_rx_depack.h"
17#include "internal/quic_error.h"
18#include "internal/time.h"
99e1cc7b 19
cb5c208b 20static void aon_write_finish(QUIC_XSO *xso);
23c04709 21static int create_channel(QUIC_CONNECTION *qc);
21c80696 22static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
8b7be3aa
HL		 23static int qc_try_create_default_xso_for_write(QUIC_CONNECTION *qc);
24static int qc_wait_for_default_xso_for_read(QUIC_CONNECTION *qc);
25static void quic_lock(QUIC_CONNECTION *qc);
26static void quic_unlock(QUIC_CONNECTION *qc);
27static int quic_do_handshake(QUIC_CONNECTION *qc);
22d53c88
HL		 28
29/*
30 * QUIC Front-End I/O API: Common Utilities
31 * ========================================
32 */
33
34/*
35 * Block until a predicate is met.
36 *
37 * Precondition: Must have a channel.
d7b1fadd 38 * Precondition: Must hold channel lock (unchecked).
22d53c88 39 */
d7b1fadd 40QUIC_NEEDS_LOCK
22d53c88
HL		 41static int block_until_pred(QUIC_CONNECTION *qc,
42 int (*pred)(void *arg), void *pred_arg,
43 uint32_t flags)
44{
45 QUIC_REACTOR *rtor;
46
47 assert(qc->ch != NULL);
48
49 rtor = ossl_quic_channel_get_reactor(qc->ch);
c019e1ef 50 return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
4847599b 51 qc->mutex);
22d53c88
HL		 52}
53
54/*
55 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
56 * rather than via ERR.
57 */
58static int quic_raise_normal_error(QUIC_CONNECTION *qc,
59 int err)
60{
61 qc->last_error = err;
62 return 0;
63}
64
65/*
66 * Raise a 'non-normal' error, meaning any error that is not reported via
67 * SSL_get_error() and must be reported via ERR.
e88cdb8e
HL		 68 *
69 * qc should be provided if available. In exceptional circumstances when qc is
70 * not known NULL may be passed. This should generally only happen when an
71 * expect_...() function defined below fails, which generally indicates a
72 * dispatch error or caller error.
22d53c88
HL		 73 */
74static int quic_raise_non_normal_error(QUIC_CONNECTION *qc,
75 const char *file,
76 int line,
77 const char *func,
78 int reason,
79 const char *fmt,
80 ...)
81{
82 va_list args;
83
84 ERR_new();
85 ERR_set_debug(file, line, func);
86
87 va_start(args, fmt);
88 ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
89 va_end(args);
90
e88cdb8e
HL		 91 if (qc != NULL)
92 qc->last_error = SSL_ERROR_SSL;
93
22d53c88
HL		 94 return 0;
95}
96
97#define QUIC_RAISE_NORMAL_ERROR(qc, err) \
98 quic_raise_normal_error((qc), (err))
99
100#define QUIC_RAISE_NON_NORMAL_ERROR(qc, reason, msg) \
101 quic_raise_non_normal_error((qc), \
102 OPENSSL_FILE, OPENSSL_LINE, \
103 OPENSSL_FUNC, \
104 (reason), \
105 (msg))
106
107/*
e88cdb8e
HL		 108 * QCTX is a utility structure which provides information we commonly wish to
109 * unwrap upon an API call being dispatched to us, namely:
110 *
111 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
112 * was passed);
113 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
114 * a QCSO with a default stream was passed);
115 * - whether a QSSO was passed (xso == NULL must not be used to determine this
116 * because it may be non-NULL when a QCSO is passed if that QCSO has a
117 * default stream).
118 */
119typedef struct qctx_st {
120 QUIC_CONNECTION *qc;
121 QUIC_XSO *xso;
122 int is_stream;
123} QCTX;
124
125/*
126 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
127 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
128 *
129 * After this returns 1, all fields of the passed QCTX are initialised.
130 * Returns 0 on failure. This function is intended to be used to provide API
131 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
22d53c88 132 */
e88cdb8e 133static int expect_quic(const SSL *s, QCTX *ctx)
22d53c88 134{
e88cdb8e
HL		 135 QUIC_CONNECTION *qc;
136 QUIC_XSO *xso;
137
138 ctx->qc = NULL;
139 ctx->xso = NULL;
140 ctx->is_stream = 0;
141
142 if (s == NULL)
8b7be3aa 143 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
22d53c88 144
e88cdb8e
HL		 145 switch (s->type) {
146 case SSL_TYPE_QUIC_CONNECTION:
147 qc = (QUIC_CONNECTION *)s;
148 ctx->qc = qc;
cb5c208b 149 ctx->xso = qc->default_xso;
e88cdb8e
HL		 150 ctx->is_stream = 0;
151 return 1;
152
153 case SSL_TYPE_QUIC_XSO:
154 xso = (QUIC_XSO *)s;
cb5c208b 155 ctx->qc = xso->conn;
e88cdb8e
HL		 156 ctx->xso = xso;
157 ctx->is_stream = 1;
158 return 1;
159
160 default:
161 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
162 }
163}
164
165/*
166 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
167 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
168 * stream.
21c80696
HL		 169 *
170 * remote_init determines if we expect the default XSO to be remotely created or
171 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
8b7be3aa
HL		 172 *
173 * Channel mutex is acquired and retained on success.
e88cdb8e 174 */
8b7be3aa
HL		 175QUIC_ACQUIRES_LOCK
176static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
177 QCTX *ctx)
e88cdb8e
HL		 178{
179 if (!expect_quic(s, ctx))
180 return 0;
181
8b7be3aa
HL		 182 quic_lock(ctx->qc);
183
21c80696 184 if (ctx->xso == NULL && remote_init >= 0) {
8b7be3aa
HL		 185 if (ossl_quic_channel_is_term_any(ctx->qc->ch)) {
186 QUIC_RAISE_NON_NORMAL_ERROR(ctx->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
187 goto err;
188 }
189
190 /* If we haven't finished the handshake, try to advance it. */
191 if (quic_do_handshake(ctx->qc) < 1)
192 /* ossl_quic_do_handshake raised error here */
193 goto err;
194
195 if (remote_init == 0) {
196 if (!qc_try_create_default_xso_for_write(ctx->qc))
197 goto err;
198 } else {
199 if (!qc_wait_for_default_xso_for_read(ctx->qc))
200 goto err;
201 }
202
21c80696
HL		 203 ctx->xso = ctx->qc->default_xso;
204 }
205
8b7be3aa
HL		 206 if (ctx->xso == NULL) {
207 QUIC_RAISE_NON_NORMAL_ERROR(ctx->qc, SSL_R_NO_STREAM, NULL);
208 goto err;
209 }
210
211 return 1; /* lock held */
e88cdb8e 212
8b7be3aa
HL		 213err:
214 quic_unlock(ctx->qc);
215 return 0;
e88cdb8e 216}
22d53c88 217
e88cdb8e
HL		 218/*
219 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
220 * be non-NULL if the QCSO has a default stream.
221 */
23c04709 222static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx)
e88cdb8e
HL		 223{
224 if (!expect_quic(s, ctx))
225 return 0;
226
227 if (ctx->is_stream)
8b7be3aa 228 return QUIC_RAISE_NON_NORMAL_ERROR(ctx->qc, SSL_R_CONN_USE_ONLY, NULL);
e88cdb8e
HL		 229
230 return 1;
22d53c88
HL		 231}
232
4847599b
HL		 233/*
234 * Ensures that the channel mutex is held for a method which touches channel
235 * state.
236 *
237 * Precondition: Channel mutex is not held (unchecked)
238 */
20f45743 239static void quic_lock(QUIC_CONNECTION *qc)
4847599b 240{
ffce2946 241 ossl_crypto_mutex_lock(qc->mutex);
4847599b
HL		 242}
243
244/* Precondition: Channel mutex is held (unchecked) */
245QUIC_NEEDS_LOCK
246static void quic_unlock(QUIC_CONNECTION *qc)
247{
ffce2946 248 ossl_crypto_mutex_unlock(qc->mutex);
4847599b
HL		 249}
250
251
22d53c88
HL		 252/*
253 * QUIC Front-End I/O API: Initialization
254 * ======================================
255 *
256 * SSL_new => ossl_quic_new
257 * ossl_quic_init
258 * SSL_reset => ossl_quic_reset
259 * SSL_clear => ossl_quic_clear
260 * ossl_quic_deinit
261 * SSL_free => ossl_quic_free
262 *
263 */
264
265/* SSL_new */
38b051a1
TM		 266SSL *ossl_quic_new(SSL_CTX *ctx)
267{
22d53c88
HL		 268 QUIC_CONNECTION *qc = NULL;
269 SSL *ssl_base = NULL;
a7f41885 270 SSL_CONNECTION *sc = NULL;
38b051a1
TM		 271
272 qc = OPENSSL_zalloc(sizeof(*qc));
273 if (qc == NULL)
274 goto err;
275
22d53c88
HL		 276 /* Initialise the QUIC_CONNECTION's stub header. */
277 ssl_base = &qc->ssl;
a7f41885 278 if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
22d53c88 279 ssl_base = NULL;
38b051a1
TM		 280 goto err;
281 }
38b051a1 282
4e3a55fd 283 qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
a7f41885
MC		 284 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL)
285 goto err;
a7f41885 286
ffce2946 287 if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)
4847599b
HL		 288 goto err;
289
f2f7c4f1
HL		 290 qc->is_thread_assisted
291 = (ssl_base->method == OSSL_QUIC_client_thread_method());
292
dfb9ae14
HL		 293 qc->as_server = 0; /* TODO(QUIC): server support */
294 qc->as_server_state = qc->as_server;
295
8b7be3aa 296 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
21c80696
HL		 297 qc->default_ssl_mode = qc->ssl.ctx->mode;
298 qc->default_blocking = 1;
8a90df34
HL		 299 qc->incoming_stream_reject_policy
300 = SSL_INCOMING_STREAM_REJECT_POLICY_AUTO;
21c80696 301 qc->last_error = SSL_ERROR_NONE;
a7f41885 302
23c04709
HL		 303 if (!create_channel(qc))
304 goto err;
305
21c80696
HL		 306 /*
307 * We do not create the default XSO yet. The reason for this is that the
308 * stream ID of the default XSO will depend on whether the stream is client
309 * or server-initiated, which depends on who transmits first. Since we do
310 * not know whether the application will be using a client-transmits-first
311 * or server-transmits-first protocol, we defer default XSO creation until
312 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
313 * we take that as a cue that the client is expecting a server-initiated
314 * stream, and vice versa if SSL_write() is called first.
315 */
22d53c88
HL		 316 return ssl_base;
317
38b051a1 318err:
2dbc39de
HL		 319 if (qc != NULL) {
320 ossl_quic_channel_free(qc->ch);
321 SSL_free(qc->tls);
322 }
22d53c88 323 OPENSSL_free(qc);
38b051a1
TM		 324 return NULL;
325}
326
22d53c88 327/* SSL_free */
a8489257 328QUIC_TAKES_LOCK
22d53c88
HL		 329void ossl_quic_free(SSL *s)
330{
072328dd 331 QCTX ctx;
22d53c88 332
072328dd
HL		 333 /* We should never be called on anything but a QSO. */
334 if (!expect_quic(s, &ctx))
22d53c88
HL		 335 return;
336
2dbc39de
HL		 337 if (ctx.is_stream) {
338 /*
339 * When a QSSO is freed, the XSO is freed immediately, because the XSO
340 * itself only contains API personality layer data. However the
341 * underlying QUIC_STREAM is not freed immediately but is instead marked
342 * as deleted for later collection.
343 */
344
345 quic_lock(ctx.qc);
346
347 assert(ctx.qc->num_xso > 0);
348 --ctx.qc->num_xso;
349
350 ctx.xso->stream->deleted = 1;
351
f20fdd16
HL		 352 /* Auto-conclude stream. */
353 /* TODO(QUIC): Do RESET_STREAM here instead of auto-conclude */
354 if (ctx.xso->stream->sstream != NULL)
355 ossl_quic_sstream_fin(ctx.xso->stream->sstream);
356
357 /* Update stream state. */
358 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.xso->conn->ch),
359 ctx.xso->stream);
360
2dbc39de
HL		 361 quic_unlock(ctx.qc);
362
363 /* Note: SSL_free calls OPENSSL_free(xso) for us */
364 return;
365 }
366
072328dd 367 quic_lock(ctx.qc);
f2f7c4f1 368
2dbc39de
HL		 369 /*
370 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
371 * stage, but is freed during the channel free when the whole QSM is freed.
372 */
21c80696
HL		 373 if (ctx.qc->default_xso != NULL) {
374 QUIC_XSO *xso = ctx.qc->default_xso;
375
376 quic_unlock(ctx.qc);
377 SSL_free(&xso->ssl);
378 quic_lock(ctx.qc);
379 }
2dbc39de
HL		 380
381 /* Ensure we have no remaining XSOs. */
382 assert(ctx.qc->num_xso == 0);
383
072328dd
HL		 384 if (ctx.qc->is_thread_assisted && ctx.qc->started) {
385 ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
386 ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
dbe7b51a 387 }
f2f7c4f1 388
072328dd 389 ossl_quic_channel_free(ctx.qc->ch);
22d53c88 390
072328dd
HL		 391 BIO_free(ctx.qc->net_rbio);
392 BIO_free(ctx.qc->net_wbio);
d1ac77b1 393
22d53c88 394 /* Note: SSL_free calls OPENSSL_free(qc) for us */
a7f41885 395
072328dd
HL		 396 SSL_free(ctx.qc->tls);
397 ossl_crypto_mutex_free(&ctx.qc->mutex); /* freed while still locked */
22d53c88
HL		 398}
399
400/* SSL method init */
38b051a1 401int ossl_quic_init(SSL *s)
99e1cc7b 402{
22d53c88
HL		 403 /* Same op as SSL_clear, forward the call. */
404 return ossl_quic_clear(s);
99e1cc7b
TM		 405}
406
22d53c88 407/* SSL method deinit */
38b051a1
TM		 408void ossl_quic_deinit(SSL *s)
409{
22d53c88 410 /* No-op. */
38b051a1
TM		 411}
412
22d53c88
HL		 413/* SSL_reset */
414int ossl_quic_reset(SSL *s)
415{
072328dd 416 QCTX ctx;
22d53c88 417
072328dd 418 if (!expect_quic(s, &ctx))
22d53c88
HL		 419 return 0;
420
c8b3fdc2 421 /* TODO(QUIC); Currently a no-op. */
22d53c88
HL		 422 return 1;
423}
424
425/* SSL_clear */
426int ossl_quic_clear(SSL *s)
99e1cc7b 427{
072328dd 428 QCTX ctx;
38b051a1 429
072328dd 430 if (!expect_quic(s, &ctx))
22d53c88
HL		 431 return 0;
432
c8b3fdc2 433 /* TODO(QUIC): Currently a no-op. */
22d53c88
HL		 434 return 1;
435}
38b051a1 436
b212d554
HL		 437void ossl_quic_conn_set_override_now_cb(SSL *s,
438 OSSL_TIME (*now_cb)(void *arg),
439 void *now_cb_arg)
440{
072328dd 441 QCTX ctx;
b212d554 442
072328dd
HL		 443 if (!expect_quic(s, &ctx))
444 return;
445
446 ctx.qc->override_now_cb = now_cb;
447 ctx.qc->override_now_cb_arg = now_cb_arg;
b212d554
HL		 448}
449
3b1ab5a3
HL		 450void ossl_quic_conn_force_assist_thread_wake(SSL *s)
451{
072328dd
HL		 452 QCTX ctx;
453
454 if (!expect_quic(s, &ctx))
455 return;
3b1ab5a3 456
072328dd
HL		 457 if (ctx.qc->is_thread_assisted && ctx.qc->started)
458 ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
3b1ab5a3
HL		 459}
460
22d53c88
HL		 461/*
462 * QUIC Front-End I/O API: Network BIO Configuration
463 * =================================================
464 *
465 * Handling the different BIOs is difficult:
466 *
467 * - It is more or less a requirement that we use non-blocking network I/O;
468 * we need to be able to have timeouts on recv() calls, and make best effort
469 * (non blocking) send() and recv() calls.
470 *
471 * The only sensible way to do this is to configure the socket into
472 * non-blocking mode. We could try to do select() before calling send() or
473 * recv() to get a guarantee that the call will not block, but this will
474 * probably run into issues with buggy OSes which generate spurious socket
475 * readiness events. In any case, relying on this to work reliably does not
476 * seem sane.
477 *
478 * Timeouts could be handled via setsockopt() socket timeout options, but
479 * this depends on OS support and adds another syscall to every network I/O
480 * operation. It also has obvious thread safety concerns if we want to move
481 * to concurrent use of a single socket at some later date.
482 *
483 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
484 * be made non-blocking. However some OSes (e.g. Windows) do not support
485 * this, so we cannot rely on this.
486 *
487 * As such, we need to configure any FD in non-blocking mode. This may
488 * confound users who pass a blocking socket to libssl. However, in practice
489 * it would be extremely strange for a user of QUIC to pass an FD to us,
490 * then also try and send receive traffic on the same socket(!). Thus the
491 * impact of this should be limited, and can be documented.
492 *
493 * - We support both blocking and non-blocking operation in terms of the API
494 * presented to the user. One prospect is to set the blocking mode based on
495 * whether the socket passed to us was already in blocking mode. However,
496 * Windows has no API for determining if a socket is in blocking mode (!),
497 * therefore this cannot be done portably. Currently therefore we expose an
498 * explicit API call to set this, and default to blocking mode.
499 *
500 * - We need to determine our initial destination UDP address. The "natural"
501 * way for a user to do this is to set the peer variable on a BIO_dgram.
502 * However, this has problems because BIO_dgram's peer variable is used for
503 * both transmission and reception. This means it can be constantly being
504 * changed to a malicious value (e.g. if some random unrelated entity on the
505 * network starts sending traffic to us) on every read call. This is not a
506 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
507 * calls only, which do not use this variable. However, we do need to let
508 * the user specify the peer in a 'normal' manner. The compromise here is
509 * that we grab the current peer value set at the time the write BIO is set
510 * and do not read the value again.
511 *
512 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
513 * Currently we do this by only supporting non-blocking mode.
514 *
515 */
516
517/*
518 * Determines what initial destination UDP address we should use, if possible.
519 * If this fails the client must set the destination address manually, or use a
520 * BIO which does not need a destination address.
521 */
522static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
523{
75b2920a 524 if (BIO_dgram_get_peer(net_wbio, peer) <= 0)
22d53c88
HL		 525 return 0;
526
527 return 1;
528}
529
072328dd 530void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
22d53c88 531{
072328dd
HL		 532 QCTX ctx;
533
534 if (!expect_quic(s, &ctx))
535 return;
536
537 if (ctx.qc->net_rbio == net_rbio)
38b051a1 538 return;
38b051a1 539
23c04709 540 if (!ossl_quic_channel_set_net_rbio(ctx.qc->ch, net_rbio))
22d53c88
HL		 541 return;
542
072328dd
HL		 543 BIO_free(ctx.qc->net_rbio);
544 ctx.qc->net_rbio = net_rbio;
22d53c88
HL		 545
546 /*
547 * If what we have is not pollable (e.g. a BIO_dgram_pair) disable blocking
548 * mode as we do not support it for non-pollable BIOs.
549 */
550 if (net_rbio != NULL) {
551 BIO_POLL_DESCRIPTOR d = {0};
552
553 if (!BIO_get_rpoll_descriptor(net_rbio, &d)
554 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
cb5c208b
HL		 555 ctx.qc->blocking = 0;
556 ctx.qc->default_blocking = 0;
072328dd 557 ctx.qc->can_poll_net_rbio = 0;
22d53c88 558 } else {
072328dd 559 ctx.qc->can_poll_net_rbio = 1;
22d53c88
HL		 560 }
561 }
99e1cc7b
TM		 562}
563
072328dd 564void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
38b051a1 565{
072328dd
HL		 566 QCTX ctx;
567
568 if (!expect_quic(s, &ctx))
22d53c88
HL		 569 return;
570
072328dd 571 if (ctx.qc->net_wbio == net_wbio)
22d53c88
HL		 572 return;
573
23c04709 574 if (!ossl_quic_channel_set_net_wbio(ctx.qc->ch, net_wbio))
072328dd
HL		 575 return;
576
577 BIO_free(ctx.qc->net_wbio);
578 ctx.qc->net_wbio = net_wbio;
22d53c88
HL		 579
580 if (net_wbio != NULL) {
581 BIO_POLL_DESCRIPTOR d = {0};
38b051a1 582
22d53c88
HL		 583 if (!BIO_get_wpoll_descriptor(net_wbio, &d)
584 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
cb5c208b
HL		 585 ctx.qc->blocking = 0;
586 ctx.qc->default_blocking = 0;
072328dd 587 ctx.qc->can_poll_net_wbio = 0;
22d53c88 588 } else {
072328dd 589 ctx.qc->can_poll_net_wbio = 1;
22d53c88 590 }
38b051a1 591
22d53c88
HL		 592 /*
593 * If we do not have a peer address yet, and we have not started trying
594 * to connect yet, try to autodetect one.
595 */
072328dd
HL		 596 if (BIO_ADDR_family(&ctx.qc->init_peer_addr) == AF_UNSPEC
597 && !ctx.qc->started) {
598 if (!csm_analyse_init_peer_addr(net_wbio, &ctx.qc->init_peer_addr))
22d53c88 599 /* best effort */
072328dd 600 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88 601
23c04709
HL		 602 ossl_quic_channel_set_peer_addr(ctx.qc->ch,
603 &ctx.qc->init_peer_addr);
22d53c88 604 }
38b051a1 605 }
22d53c88 606}
38b051a1 607
072328dd 608BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
22d53c88 609{
072328dd
HL		 610 QCTX ctx;
611
612 if (!expect_quic(s, &ctx))
613 return NULL;
614
615 return ctx.qc->net_rbio;
38b051a1
TM		 616}
617
072328dd 618BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
22d53c88 619{
072328dd
HL		 620 QCTX ctx;
621
622 if (!expect_quic(s, &ctx))
623 return NULL;
624
625 return ctx.qc->net_wbio;
22d53c88
HL		 626}
627
072328dd 628int ossl_quic_conn_get_blocking_mode(const SSL *s)
99e1cc7b 629{
072328dd
HL		 630 QCTX ctx;
631
632 if (!expect_quic(s, &ctx))
633 return 0;
634
cb5c208b
HL		 635 if (ctx.is_stream)
636 return ctx.xso->blocking;
637
072328dd 638 return ctx.qc->blocking;
22d53c88
HL		 639}
640
072328dd 641int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
22d53c88 642{
072328dd
HL		 643 QCTX ctx;
644
645 if (!expect_quic(s, &ctx))
646 return 0;
647
22d53c88
HL		 648 /* Cannot enable blocking mode if we do not have pollable FDs. */
649 if (blocking != 0 &&
072328dd
HL		 650 (!ctx.qc->can_poll_net_rbio || !ctx.qc->can_poll_net_wbio))
651 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_UNSUPPORTED, NULL);
22d53c88 652
cb5c208b
HL		 653 if (!ctx.is_stream) {
654 /*
655 * If called on a QCSO, update default and connection-level blocking
656 * modes.
657 */
658 ctx.qc->blocking = (blocking != 0);
659 ctx.qc->default_blocking = ctx.qc->blocking;
660 }
661
662 if (ctx.xso != NULL)
663 /*
664 * If called on a QSSO or QCSO with a default XSO, update blocking
665 * mode.
666 */
667 ctx.xso->blocking = (blocking != 0);
668
99e1cc7b
TM		 669 return 1;
670}
671
072328dd 672int ossl_quic_conn_set_initial_peer_addr(SSL *s,
22d53c88 673 const BIO_ADDR *peer_addr)
99e1cc7b 674{
072328dd
HL		 675 QCTX ctx;
676
677 if (!expect_quic(s, &ctx))
678 return 0;
679
680 if (ctx.qc->started)
681 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
22d53c88 682 NULL);
38b051a1 683
22d53c88 684 if (peer_addr == NULL) {
072328dd 685 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88
HL		 686 return 1;
687 }
38b051a1 688
072328dd 689 ctx.qc->init_peer_addr = *peer_addr;
99e1cc7b
TM		 690 return 1;
691}
692
22d53c88
HL		 693/*
694 * QUIC Front-End I/O API: Asynchronous I/O Management
695 * ===================================================
696 *
697 * (BIO/)SSL_tick => ossl_quic_tick
698 * (BIO/)SSL_get_tick_timeout => ossl_quic_get_tick_timeout
699 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
700 *
701 */
702
703/* Returns 1 if the connection is being used in blocking mode. */
cb5c208b 704static int qc_blocking_mode(const QUIC_CONNECTION *qc)
99e1cc7b 705{
22d53c88
HL		 706 return qc->blocking;
707}
38b051a1 708
cb5c208b
HL		 709static int xso_blocking_mode(const QUIC_XSO *xso)
710{
711 return xso->blocking
712 && xso->conn->can_poll_net_rbio
713 && xso->conn->can_poll_net_wbio;
714}
715
22d53c88 716/* SSL_tick; ticks the reactor. */
a8489257 717QUIC_TAKES_LOCK
072328dd 718int ossl_quic_tick(SSL *s)
22d53c88 719{
072328dd
HL		 720 QCTX ctx;
721
722 if (!expect_quic(s, &ctx))
723 return 0;
724
725 quic_lock(ctx.qc);
072328dd
HL		 726 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
727 quic_unlock(ctx.qc);
99e1cc7b
TM		 728 return 1;
729}
730
22d53c88
HL		 731/*
732 * SSL_get_tick_timeout. Get the time in milliseconds until the SSL object
733 * should be ticked by the application by calling SSL_tick(). tv is set to 0 if
734 * the object should be ticked immediately and tv->tv_sec is set to -1 if no
735 * timeout is currently active.
736 */
a8489257 737QUIC_TAKES_LOCK
072328dd 738int ossl_quic_get_tick_timeout(SSL *s, struct timeval *tv)
99e1cc7b 739{
072328dd 740 QCTX ctx;
a1660c94 741 OSSL_TIME deadline = ossl_time_infinite();
e44795bd 742
072328dd
HL		 743 if (!expect_quic(s, &ctx))
744 return 0;
a8489257 745
072328dd
HL		 746 quic_lock(ctx.qc);
747
23c04709
HL		 748 deadline
749 = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
22d53c88
HL		 750
751 if (ossl_time_is_infinite(deadline)) {
752 tv->tv_sec = -1;
753 tv->tv_usec = 0;
072328dd 754 quic_unlock(ctx.qc);
22d53c88
HL		 755 return 1;
756 }
757
a1660c94 758 *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, ossl_time_now()));
072328dd 759 quic_unlock(ctx.qc);
22d53c88
HL		 760 return 1;
761}
762
763/* SSL_get_rpoll_descriptor */
072328dd 764int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
22d53c88 765{
072328dd
HL		 766 QCTX ctx;
767
768 if (!expect_quic(s, &ctx))
e44795bd
TM		 769 return 0;
770
072328dd
HL		 771 if (desc == NULL || ctx.qc->net_rbio == NULL)
772 return 0;
773
774 return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
99e1cc7b
TM		 775}
776
22d53c88 777/* SSL_get_wpoll_descriptor */
072328dd 778int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
99e1cc7b 779{
072328dd
HL		 780 QCTX ctx;
781
782 if (!expect_quic(s, &ctx))
783 return 0;
784
785 if (desc == NULL || ctx.qc->net_wbio == NULL)
22d53c88
HL		 786 return 0;
787
072328dd 788 return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
99e1cc7b
TM		 789}
790
b639475a 791/* SSL_net_read_desired */
a8489257 792QUIC_TAKES_LOCK
072328dd 793int ossl_quic_get_net_read_desired(SSL *s)
99e1cc7b 794{
072328dd 795 QCTX ctx;
a8489257
HL		 796 int ret;
797
072328dd
HL		 798 if (!expect_quic(s, &ctx))
799 return 0;
800
801 quic_lock(ctx.qc);
072328dd
HL		 802 ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
803 quic_unlock(ctx.qc);
a8489257 804 return ret;
22d53c88 805}
e44795bd 806
b639475a 807/* SSL_net_write_desired */
a8489257 808QUIC_TAKES_LOCK
072328dd 809int ossl_quic_get_net_write_desired(SSL *s)
22d53c88 810{
a8489257 811 int ret;
072328dd
HL		 812 QCTX ctx;
813
814 if (!expect_quic(s, &ctx))
815 return 0;
a8489257 816
072328dd 817 quic_lock(ctx.qc);
072328dd
HL		 818 ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
819 quic_unlock(ctx.qc);
a8489257 820 return ret;
99e1cc7b
TM		 821}
822
22d53c88
HL		 823/*
824 * QUIC Front-End I/O API: Connection Lifecycle Operations
825 * =======================================================
826 *
827 * SSL_do_handshake => ossl_quic_do_handshake
828 * SSL_set_connect_state => ossl_quic_set_connect_state
829 * SSL_set_accept_state => ossl_quic_set_accept_state
830 * SSL_shutdown => ossl_quic_shutdown
831 * SSL_ctrl => ossl_quic_ctrl
832 * (BIO/)SSL_connect => ossl_quic_connect
833 * (BIO/)SSL_accept => ossl_quic_accept
834 *
835 */
836
837/* SSL_shutdown */
e8043229 838static int quic_shutdown_wait(void *arg)
99e1cc7b 839{
e8043229 840 QUIC_CONNECTION *qc = arg;
22d53c88 841
23c04709 842 return ossl_quic_channel_is_terminated(qc->ch);
e8043229 843}
22d53c88 844
a8489257 845QUIC_TAKES_LOCK
072328dd 846int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
e8043229
HL		 847 const SSL_SHUTDOWN_EX_ARGS *args,
848 size_t args_len)
849{
a8489257 850 int ret;
072328dd 851 QCTX ctx;
a8489257 852
072328dd
HL		 853 if (!expect_quic(s, &ctx))
854 return 0;
855
cb5c208b
HL		 856 if (ctx.is_stream)
857 /* TODO(QUIC): Semantics currently undefined for QSSOs */
858 return -1;
859
072328dd 860 quic_lock(ctx.qc);
a8489257 861
072328dd 862 ossl_quic_channel_local_close(ctx.qc->ch,
e8043229
HL		 863 args != NULL ? args->quic_error_code : 0);
864
1d40b151 865 /* TODO(QUIC): !SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH */
e8043229 866
072328dd
HL		 867 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
868 quic_unlock(ctx.qc);
e8043229 869 return 1;
a8489257 870 }
e8043229 871
cb5c208b 872 if (qc_blocking_mode(ctx.qc) && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0)
072328dd 873 block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
e8043229 874 else
072328dd 875 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
e8043229 876
072328dd
HL		 877 ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
878 quic_unlock(ctx.qc);
a8489257 879 return ret;
99e1cc7b
TM		 880}
881
22d53c88 882/* SSL_ctrl */
e44795bd 883long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
99e1cc7b 884{
072328dd 885 QCTX ctx;
38b051a1 886
072328dd 887 if (!expect_quic(s, &ctx))
38b051a1
TM		 888 return 0;
889
22d53c88
HL		 890 switch (cmd) {
891 case SSL_CTRL_MODE:
cb5c208b
HL		 892 /* If called on a QCSO, update the default mode. */
893 if (!ctx.is_stream)
894 ctx.qc->default_ssl_mode |= (uint32_t)larg;
895
896 /*
897 * If we were called on a QSSO or have a default stream, we also update
898 * that.
899 */
900 if (ctx.xso != NULL) {
901 /* Cannot enable EPW while AON write in progress. */
902 if (ctx.xso->aon_write_in_progress)
903 larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
904
905 ctx.xso->ssl_mode |= (uint32_t)larg;
906 return ctx.xso->ssl_mode;
907 }
dfc227bd 908
cb5c208b 909 return ctx.qc->default_ssl_mode;
22d53c88 910 case SSL_CTRL_CLEAR_MODE:
cb5c208b
HL		 911 if (!ctx.is_stream)
912 ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
913
914 if (ctx.xso != NULL) {
915 ctx.xso->ssl_mode &= ~(uint32_t)larg;
916 return ctx.xso->ssl_mode;
917 }
918
919 return ctx.qc->default_ssl_mode;
22d53c88 920 default:
f8ffab0d 921 /* Probably a TLS related ctrl. Defer to our internal SSL object */
072328dd 922 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
08e49012 923 }
22d53c88
HL		 924}
925
926/* SSL_set_connect_state */
072328dd 927void ossl_quic_set_connect_state(SSL *s)
22d53c88 928{
072328dd
HL		 929 QCTX ctx;
930
931 if (!expect_quic(s, &ctx))
932 return;
933
22d53c88 934 /* Cannot be changed after handshake started */
cb5c208b 935 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 936 return;
937
dfb9ae14 938 ctx.qc->as_server_state = 0;
22d53c88
HL		 939}
940
941/* SSL_set_accept_state */
072328dd 942void ossl_quic_set_accept_state(SSL *s)
22d53c88 943{
072328dd
HL		 944 QCTX ctx;
945
946 if (!expect_quic(s, &ctx))
947 return;
948
22d53c88 949 /* Cannot be changed after handshake started */
cb5c208b 950 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 951 return;
952
dfb9ae14 953 ctx.qc->as_server_state = 1;
22d53c88
HL		 954}
955
956/* SSL_do_handshake */
957struct quic_handshake_wait_args {
958 QUIC_CONNECTION *qc;
959};
960
961static int quic_handshake_wait(void *arg)
962{
963 struct quic_handshake_wait_args *args = arg;
964
965 if (!ossl_quic_channel_is_active(args->qc->ch))
966 return -1;
967
968 if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
969 return 1;
970
99e1cc7b
TM		 971 return 0;
972}
973
22d53c88 974static int configure_channel(QUIC_CONNECTION *qc)
99e1cc7b 975{
22d53c88 976 assert(qc->ch != NULL);
08e49012 977
d1ac77b1
HL		 978 if (!ossl_quic_channel_set_net_rbio(qc->ch, qc->net_rbio)
979 || !ossl_quic_channel_set_net_wbio(qc->ch, qc->net_wbio)
22d53c88
HL		 980 || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
981 return 0;
982
983 return 1;
984}
985
4847599b 986QUIC_NEEDS_LOCK
23c04709 987static int create_channel(QUIC_CONNECTION *qc)
22d53c88
HL		 988{
989 QUIC_CHANNEL_ARGS args = {0};
990
22d53c88
HL		 991 args.libctx = qc->ssl.ctx->libctx;
992 args.propq = qc->ssl.ctx->propq;
23c04709 993 args.is_server = qc->as_server;
2723d705 994 args.tls = qc->tls;
ffce2946 995 args.mutex = qc->mutex;
b212d554
HL		 996 args.now_cb = qc->override_now_cb;
997 args.now_cb_arg = qc->override_now_cb_arg;
22d53c88
HL		 998
999 qc->ch = ossl_quic_channel_new(&args);
1000 if (qc->ch == NULL)
1001 return 0;
1002
e8043229
HL		 1003 return 1;
1004}
1005
1006/*
1007 * Creates a channel and configures it with the information we have accumulated
1008 * via calls made to us from the application prior to starting a handshake
1009 * attempt.
1010 */
4847599b 1011QUIC_NEEDS_LOCK
23c04709 1012static int ensure_channel_started(QUIC_CONNECTION *qc)
e8043229 1013{
ffce2946 1014 if (!qc->started) {
ffce2946
HL		 1015 if (!configure_channel(qc)
1016 || !ossl_quic_channel_start(qc->ch))
1017 goto err;
f2f7c4f1 1018
ffce2946
HL		 1019 if (qc->is_thread_assisted)
1020 if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch))
1021 goto err;
1022 }
1023
22d53c88
HL		 1024 qc->started = 1;
1025 return 1;
f2f7c4f1
HL		 1026
1027err:
1028 ossl_quic_channel_free(qc->ch);
1029 qc->ch = NULL;
1030 return 0;
99e1cc7b
TM		 1031}
1032
4a530180
HL		 1033QUIC_NEEDS_LOCK
1034static int quic_do_handshake(QUIC_CONNECTION *qc)
99e1cc7b 1035{
22d53c88
HL		 1036 int ret;
1037
23c04709 1038 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1039 /* Handshake already completed. */
4a530180 1040 return 1;
ca41f6b7 1041
23c04709 1042 if (ossl_quic_channel_is_term_any(qc->ch))
4a530180 1043 return QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1044
ca41f6b7 1045 if (BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
22d53c88 1046 /* Peer address must have been set. */
44a1ac5d 1047 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
4a530180 1048 return -1; /* Non-protocol error */
ca41f6b7 1049 }
22d53c88 1050
dfb9ae14 1051 if (qc->as_server != qc->as_server_state) {
23c04709 1052 /* TODO(QUIC): Must match the method used to create the QCSO */
ca41f6b7 1053 QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
4a530180 1054 return -1; /* Non-protocol error */
ca41f6b7 1055 }
22d53c88 1056
ca41f6b7 1057 if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
22d53c88 1058 /* Need read and write BIOs. */
44a1ac5d 1059 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_BIO_NOT_SET, NULL);
4a530180 1060 return -1; /* Non-protocol error */
ca41f6b7 1061 }
22d53c88
HL		 1062
1063 /*
1064 * Start connection process. Note we may come here multiple times in
1065 * non-blocking mode, which is fine.
1066 */
23c04709 1067 if (!ensure_channel_started(qc)) {
ca41f6b7 1068 QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1069 return -1; /* Non-protocol error */
ca41f6b7 1070 }
22d53c88 1071
4a530180 1072 if (ossl_quic_channel_is_handshake_complete(qc->ch))
22d53c88 1073 /* The handshake is now done. */
4a530180 1074 return 1;
22d53c88 1075
cb5c208b 1076 if (qc_blocking_mode(qc)) {
22d53c88
HL		 1077 /* In blocking mode, wait for the handshake to complete. */
1078 struct quic_handshake_wait_args args;
1079
1080 args.qc = qc;
1081
1082 ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
ca41f6b7
HL		 1083 if (!ossl_quic_channel_is_active(qc->ch)) {
1084 QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
4a530180 1085 return 0; /* Shutdown before completion */
ca41f6b7
HL		 1086 } else if (ret <= 0) {
1087 QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1088 return -1; /* Non-protocol error */
ca41f6b7 1089 }
22d53c88
HL		 1090
1091 assert(ossl_quic_channel_is_handshake_complete(qc->ch));
4a530180 1092 return 1;
22d53c88 1093 } else {
ca41f6b7 1094 /* Try to advance the reactor. */
ccd31037 1095 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
ca41f6b7 1096
4a530180 1097 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1098 /* The handshake is now done. */
4a530180 1099 return 1;
ca41f6b7 1100
22d53c88 1101 /* Otherwise, indicate that the handshake isn't done yet. */
ca41f6b7 1102 QUIC_RAISE_NORMAL_ERROR(qc, SSL_ERROR_WANT_READ);
4a530180 1103 return -1; /* Non-protocol error */
22d53c88 1104 }
4a530180 1105}
a8489257 1106
4a530180 1107QUIC_TAKES_LOCK
072328dd 1108int ossl_quic_do_handshake(SSL *s)
4a530180
HL		 1109{
1110 int ret;
072328dd 1111 QCTX ctx;
4a530180 1112
072328dd
HL		 1113 if (!expect_quic(s, &ctx))
1114 return 0;
1115
1116 quic_lock(ctx.qc);
4a530180 1117
072328dd
HL		 1118 ret = quic_do_handshake(ctx.qc);
1119 quic_unlock(ctx.qc);
a8489257 1120 return ret;
99e1cc7b
TM		 1121}
1122
22d53c88
HL		 1123/* SSL_connect */
1124int ossl_quic_connect(SSL *s)
99e1cc7b 1125{
22d53c88 1126 /* Ensure we are in connect state (no-op if non-idle). */
072328dd 1127 ossl_quic_set_connect_state(s);
22d53c88
HL		 1128
1129 /* Begin or continue the handshake */
072328dd 1130 return ossl_quic_do_handshake(s);
99e1cc7b
TM		 1131}
1132
22d53c88
HL		 1133/* SSL_accept */
1134int ossl_quic_accept(SSL *s)
99e1cc7b 1135{
22d53c88 1136 /* Ensure we are in accept state (no-op if non-idle). */
072328dd 1137 ossl_quic_set_accept_state(s);
22d53c88
HL		 1138
1139 /* Begin or continue the handshake */
072328dd 1140 return ossl_quic_do_handshake(s);
99e1cc7b 1141}
e44795bd 1142
cb5c208b
HL		 1143/*
1144 * QUIC Front-End I/O API: Stream Lifecycle Operations
1145 * ===================================================
1146 *
1147 * SSL_stream_new => ossl_quic_conn_stream_new
1148 *
1149 */
21c80696
HL		 1150
1151/*
1152 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1153 * default XSO was created. Returns 0 if it was not (e.g. because it already
1154 * exists). Note that this is NOT an error condition.
1155 */
1156QUIC_NEEDS_LOCK
8b7be3aa 1157static int qc_try_create_default_xso_for_write(QUIC_CONNECTION *qc)
21c80696 1158{
8b7be3aa 1159 uint64_t flags = 0;
21c80696 1160
8b7be3aa
HL		 1161 if (qc->default_xso_created
1162 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
21c80696
HL		 1163 /*
1164 * We only do this once. If the user detaches a previously created
1165 * default XSO we don't auto-create another one.
1166 */
8b7be3aa 1167 return QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_NO_STREAM, NULL);
21c80696 1168
8b7be3aa
HL		 1169 /* Create a locally-initiated stream. */
1170 if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1171 flags |= SSL_STREAM_FLAG_UNI;
1172
1173 qc->default_xso = (QUIC_XSO *)ossl_quic_conn_stream_new(&qc->ssl, flags);
1174 if (qc->default_xso == NULL)
1175 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1176
1177 qc->default_xso_created = 1;
1178 return 1;
1179}
1180
1181struct quic_wait_for_stream_args {
1182 QUIC_CONNECTION *qc;
1183 QUIC_STREAM *qs;
1184 uint64_t expect_id;
1185};
1186
1187QUIC_NEEDS_LOCK
1188static int quic_wait_for_stream(void *arg)
1189{
1190 struct quic_wait_for_stream_args *args = arg;
1191
1192 if (!ossl_quic_channel_is_active(args->qc->ch)) {
1193 /* If connection is torn down due to an error while blocking, stop. */
1194 QUIC_RAISE_NON_NORMAL_ERROR(args->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1195 return -1;
1196 }
1197
1198 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1199 args->expect_id);
1200 if (args->qs != NULL)
1201 return 1; /* stream now exists */
1202
1203 return 0; /* did not get a stream, keep trying */
1204}
1205
1206QUIC_NEEDS_LOCK
1207static int qc_wait_for_default_xso_for_read(QUIC_CONNECTION *qc)
1208{
1209 /* Called on a QCSO and we don't currently have a default stream. */
1210 uint64_t expect_id;
1211 QUIC_STREAM *qs;
1212 int res;
1213 struct quic_wait_for_stream_args wargs;
1214
1215 /*
1216 * If default stream functionality is disabled or we already detached
1217 * one, don't make another default stream and just fail.
1218 */
1219 if (qc->default_xso_created
1220 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1221 return QUIC_RAISE_NON_NORMAL_ERROR(qc, SSL_R_NO_STREAM, NULL);
1222
1223 /*
1224 * The peer may have opened a stream since we last ticked. So tick and
1225 * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1226 * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1227 * first stream created by a peer must have an ordinal of 0.
1228 */
1229 expect_id = qc->as_server
1230 ? QUIC_STREAM_INITIATOR_CLIENT
1231 : QUIC_STREAM_INITIATOR_SERVER;
1232
1233 expect_id |= (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1234 ? QUIC_STREAM_DIR_UNI
1235 : QUIC_STREAM_DIR_BIDI;
1236
1237 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1238 expect_id);
1239 if (qs == NULL) {
1240 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1241
1242 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1243 expect_id);
1244 }
1245
1246 if (qs == NULL) {
1247 if (!qc_blocking_mode(qc))
1248 /* Non-blocking mode, so just bail immediately. */
1249 return QUIC_RAISE_NORMAL_ERROR(qc, SSL_ERROR_WANT_READ);
1250
1251 /* Block until we have a stream. */
1252 wargs.qc = qc;
1253 wargs.qs = NULL;
1254 wargs.expect_id = expect_id;
1255
1256 res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
1257 if (res == 0)
1258 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1259 else if (res < 0 || wargs.qs == NULL)
1260 /* quic_wait_for_stream raised error here */
21c80696 1261 return 0;
8b7be3aa
HL		 1262
1263 qs = wargs.qs;
21c80696
HL		 1264 }
1265
8b7be3aa
HL		 1266 /*
1267 * We now have qs != NULL. Make it the default stream, creating the
1268 * necessary XSO.
1269 */
1270 qc->default_xso = create_xso_from_stream(qc, qs);
1271 if (qc->default_xso == NULL)
1272 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1273
21c80696
HL		 1274 qc->default_xso_created = 1;
1275 return 1;
1276}
1277
1278QUIC_NEEDS_LOCK
1279static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
1280{
1281 QUIC_XSO *xso = NULL;
1282
1283 if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL)
1284 goto err;
1285
1286 if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO))
1287 goto err;
1288
1289 xso->conn = qc;
1290 xso->blocking = qc->default_blocking;
1291 xso->ssl_mode = qc->default_ssl_mode;
1292
1293 xso->stream = qs;
1294
1295 ++qc->num_xso;
1296 return xso;
1297
1298err:
1299 OPENSSL_free(xso);
1300 return NULL;
1301}
1302
1303QUIC_TAKES_LOCK
cb5c208b
HL		 1304SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
1305{
1306 QCTX ctx;
1307 QUIC_XSO *xso = NULL;
21c80696 1308 QUIC_STREAM *qs = NULL;
2dbc39de 1309 int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
cb5c208b
HL		 1310
1311 if (!expect_quic_conn_only(s, &ctx))
1312 return NULL;
1313
2dbc39de
HL		 1314 quic_lock(ctx.qc);
1315
1316 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1317 QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1318 goto err;
1319 }
1320
21c80696
HL		 1321 qs = ossl_quic_channel_new_stream_local(ctx.qc->ch, is_uni);
1322 if (qs == NULL)
2dbc39de 1323 goto err;
cb5c208b 1324
21c80696
HL		 1325 xso = create_xso_from_stream(ctx.qc, qs);
1326 if (xso == NULL)
cb5c208b
HL		 1327 goto err;
1328
8b7be3aa 1329 ctx.qc->default_xso_created = 1; /* inhibits default XSO */
2dbc39de 1330 quic_unlock(ctx.qc);
cb5c208b
HL		 1331 return &xso->ssl;
1332
1333err:
1334 OPENSSL_free(xso);
21c80696 1335 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(ctx.qc->ch), qs);
2dbc39de 1336 quic_unlock(ctx.qc);
cb5c208b
HL		 1337 return NULL;
1338}
1339
22d53c88
HL		 1340/*
1341 * QUIC Front-End I/O API: Steady-State Operations
1342 * ===============================================
1343 *
1344 * Here we dispatch calls to the steady-state front-end I/O API functions; that
1345 * is, the functions used during the established phase of a QUIC connection
1346 * (e.g. SSL_read, SSL_write).
1347 *
1348 * Each function must handle both blocking and non-blocking modes. As discussed
1349 * above, all QUIC I/O is implemented using non-blocking mode internally.
1350 *
1351 * SSL_get_error => partially implemented by ossl_quic_get_error
1352 * (BIO/)SSL_read => ossl_quic_read
1353 * (BIO/)SSL_write => ossl_quic_write
1354 * SSL_pending => ossl_quic_pending
a9979965 1355 * SSL_stream_conclude => ossl_quic_conn_stream_conclude
22d53c88
HL		 1356 */
1357
1358/* SSL_get_error */
072328dd 1359int ossl_quic_get_error(const SSL *s, int i)
e44795bd 1360{
072328dd
HL		 1361 QCTX ctx;
1362
1363 if (!expect_quic(s, &ctx))
1364 return 0;
1365
1366 return ctx.qc->last_error;
e44795bd
TM		 1367}
1368
22d53c88
HL		 1369/*
1370 * SSL_write
1371 * ---------
1372 *
1373 * The set of functions below provide the implementation of the public SSL_write
1374 * function. We must handle:
1375 *
1376 * - both blocking and non-blocking operation at the application level,
1377 * depending on how we are configured;
1378 *
1379 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
1380 *
1381 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1382 *
1383 */
4847599b 1384QUIC_NEEDS_LOCK
cb5c208b 1385static void quic_post_write(QUIC_XSO *xso, int did_append, int do_tick)
22d53c88
HL		 1386{
1387 /*
1388 * We have appended at least one byte to the stream.
1389 * Potentially mark stream as active, depending on FC.
1390 */
1391 if (did_append)
cb5c208b
HL		 1392 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
1393 xso->stream);
22d53c88
HL		 1394
1395 /*
1396 * Try and send.
1397 *
1398 * TODO(QUIC): It is probably inefficient to try and do this immediately,
1399 * plus we should eventually consider Nagle's algorithm.
1400 */
1401 if (do_tick)
cb5c208b 1402 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
22d53c88
HL		 1403}
1404
1405struct quic_write_again_args {
cb5c208b 1406 QUIC_XSO *xso;
22d53c88
HL		 1407 const unsigned char *buf;
1408 size_t len;
1409 size_t total_written;
1410};
1411
4847599b 1412QUIC_NEEDS_LOCK
22d53c88
HL		 1413static int quic_write_again(void *arg)
1414{
1415 struct quic_write_again_args *args = arg;
1416 size_t actual_written = 0;
1417
cb5c208b 1418 if (!ossl_quic_channel_is_active(args->xso->conn->ch))
22d53c88
HL		 1419 /* If connection is torn down due to an error while blocking, stop. */
1420 return -2;
1421
cb5c208b 1422 if (!ossl_quic_sstream_append(args->xso->stream->sstream,
22d53c88
HL		 1423 args->buf, args->len, &actual_written))
1424 return -2;
1425
cb5c208b 1426 quic_post_write(args->xso, actual_written > 0, 0);
22d53c88
HL		 1427
1428 args->buf += actual_written;
1429 args->len -= actual_written;
1430 args->total_written += actual_written;
1431
3f0c310b 1432 if (args->len == 0)
22d53c88
HL		 1433 /* Written everything, done. */
1434 return 1;
1435
1436 /* Not written everything yet, keep trying. */
1437 return 0;
1438}
1439
4847599b 1440QUIC_NEEDS_LOCK
cb5c208b 1441static int quic_write_blocking(QUIC_XSO *xso, const void *buf, size_t len,
22d53c88 1442 size_t *written)
e44795bd 1443{
22d53c88
HL		 1444 int res;
1445 struct quic_write_again_args args;
1446 size_t actual_written = 0;
1447
1448 /* First make a best effort to append as much of the data as possible. */
cb5c208b 1449 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len,
22d53c88
HL		 1450 &actual_written)) {
1451 /* Stream already finished or allocation error. */
1452 *written = 0;
cb5c208b 1453 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1454 }
1455
cb5c208b 1456 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 1457
1458 if (actual_written == len) {
1459 /* Managed to append everything on the first try. */
1460 *written = actual_written;
1461 return 1;
1462 }
1463
1464 /*
1465 * We did not manage to append all of the data immediately, so the stream
1466 * buffer has probably filled up. This means we need to block until some of
1467 * it is freed up.
1468 */
cb5c208b 1469 args.xso = xso;
22d53c88
HL		 1470 args.buf = (const unsigned char *)buf + actual_written;
1471 args.len = len - actual_written;
1472 args.total_written = 0;
1473
cb5c208b 1474 res = block_until_pred(xso->conn, quic_write_again, &args, 0);
22d53c88 1475 if (res <= 0) {
cb5c208b
HL		 1476 if (!ossl_quic_channel_is_active(xso->conn->ch))
1477 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1478 else
cb5c208b 1479 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1480 }
1481
1482 *written = args.total_written;
e44795bd
TM		 1483 return 1;
1484}
1485
ca41f6b7
HL		 1486/*
1487 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
1488 * write semantics.
1489 */
cb5c208b 1490static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
22d53c88
HL		 1491 size_t buf_len, size_t already_sent)
1492{
cb5c208b 1493 assert(!xso->aon_write_in_progress);
22d53c88 1494
cb5c208b
HL		 1495 xso->aon_write_in_progress = 1;
1496 xso->aon_buf_base = buf;
1497 xso->aon_buf_pos = already_sent;
1498 xso->aon_buf_len = buf_len;
22d53c88
HL		 1499}
1500
cb5c208b 1501static void aon_write_finish(QUIC_XSO *xso)
22d53c88 1502{
cb5c208b
HL		 1503 xso->aon_write_in_progress = 0;
1504 xso->aon_buf_base = NULL;
1505 xso->aon_buf_pos = 0;
1506 xso->aon_buf_len = 0;
22d53c88
HL		 1507}
1508
4847599b 1509QUIC_NEEDS_LOCK
cb5c208b 1510static int quic_write_nonblocking_aon(QUIC_XSO *xso, const void *buf,
22d53c88 1511 size_t len, size_t *written)
e44795bd 1512{
22d53c88
HL		 1513 const void *actual_buf;
1514 size_t actual_len, actual_written = 0;
1515 int accept_moving_buffer
cb5c208b 1516 = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
22d53c88 1517
cb5c208b 1518 if (xso->aon_write_in_progress) {
22d53c88
HL		 1519 /*
1520 * We are in the middle of an AON write (i.e., a previous write did not
75b2920a
HL		 1521 * manage to append all data to the SSTREAM and we have Enable Partial
1522 * Write (EPW) mode disabled.)
22d53c88 1523 */
cb5c208b
HL		 1524 if ((!accept_moving_buffer && xso->aon_buf_base != buf)
1525 || len != xso->aon_buf_len)
22d53c88
HL		 1526 /*
1527 * Pointer must not have changed if we are not in accept moving
1528 * buffer mode. Length must never change.
1529 */
cb5c208b 1530 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, SSL_R_BAD_WRITE_RETRY, NULL);
22d53c88 1531
cb5c208b
HL		 1532 actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
1533 actual_len = len - xso->aon_buf_pos;
22d53c88
HL		 1534 assert(actual_len > 0);
1535 } else {
1536 actual_buf = buf;
1537 actual_len = len;
1538 }
1539
1540 /* First make a best effort to append as much of the data as possible. */
cb5c208b 1541 if (!ossl_quic_sstream_append(xso->stream->sstream, actual_buf, actual_len,
22d53c88
HL		 1542 &actual_written)) {
1543 /* Stream already finished or allocation error. */
1544 *written = 0;
cb5c208b 1545 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1546 }
1547
cb5c208b 1548 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 1549
1550 if (actual_written == actual_len) {
1551 /* We have sent everything. */
cb5c208b 1552 if (xso->aon_write_in_progress) {
22d53c88
HL		 1553 /*
1554 * We have sent everything, and we were in the middle of an AON
1555 * write. The output write length is the total length of the AON
1556 * buffer, not however many bytes we managed to write to the stream
1557 * in this call.
1558 */
cb5c208b
HL		 1559 *written = xso->aon_buf_len;
1560 aon_write_finish(xso);
22d53c88
HL		 1561 } else {
1562 *written = actual_written;
1563 }
1564
1565 return 1;
1566 }
1567
cb5c208b 1568 if (xso->aon_write_in_progress) {
22d53c88
HL		 1569 /*
1570 * AON write is in progress but we have not written everything yet. We
1571 * may have managed to send zero bytes, or some number of bytes less
1572 * than the total remaining which need to be appended during this
1573 * AON operation.
1574 */
cb5c208b
HL		 1575 xso->aon_buf_pos += actual_written;
1576 assert(xso->aon_buf_pos < xso->aon_buf_len);
1577 return QUIC_RAISE_NORMAL_ERROR(xso->conn, SSL_ERROR_WANT_WRITE);
22d53c88
HL		 1578 }
1579
08e49012 1580 /*
22d53c88
HL		 1581 * Not in an existing AON operation but partial write is not enabled, so we
1582 * need to begin a new AON operation. However we needn't bother if we didn't
1583 * actually append anything.
08e49012 1584 */
22d53c88 1585 if (actual_written > 0)
cb5c208b 1586 aon_write_begin(xso, buf, len, actual_written);
e44795bd 1587
22d53c88
HL		 1588 /*
1589 * AON - We do not publicly admit to having appended anything until AON
1590 * completes.
1591 */
1592 *written = 0;
cb5c208b 1593 return QUIC_RAISE_NORMAL_ERROR(xso->conn, SSL_ERROR_WANT_WRITE);
e44795bd
TM		 1594}
1595
4847599b 1596QUIC_NEEDS_LOCK
cb5c208b 1597static int quic_write_nonblocking_epw(QUIC_XSO *xso, const void *buf, size_t len,
22d53c88 1598 size_t *written)
e44795bd 1599{
22d53c88 1600 /* Simple best effort operation. */
cb5c208b 1601 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len, written)) {
22d53c88
HL		 1602 /* Stream already finished or allocation error. */
1603 *written = 0;
cb5c208b 1604 return QUIC_RAISE_NON_NORMAL_ERROR(xso->conn, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1605 }
1606
cb5c208b 1607 quic_post_write(xso, *written > 0, 1);
e44795bd
TM		 1608 return 1;
1609}
d5ab48a1 1610
a8489257 1611QUIC_TAKES_LOCK
22d53c88 1612int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
d5ab48a1 1613{
a8489257 1614 int ret;
072328dd
HL		 1615 QCTX ctx;
1616 int partial_write;
22d53c88
HL		 1617
1618 *written = 0;
1619
8b7be3aa
HL		 1620 if (len == 0)
1621 return 1;
22d53c88 1622
8b7be3aa
HL		 1623 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
1624 return 0;
a8489257 1625
cb5c208b 1626 partial_write = ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0);
072328dd 1627
23c04709 1628 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
072328dd 1629 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 1630 goto out;
1631 }
22d53c88 1632
ca41f6b7
HL		 1633 /*
1634 * If we haven't finished the handshake, try to advance it.
1635 * We don't accept writes until the handshake is completed.
1636 */
072328dd 1637 if (quic_do_handshake(ctx.qc) < 1) {
a8489257
HL		 1638 ret = 0;
1639 goto out;
1640 }
ca41f6b7 1641
cb5c208b 1642 if (ctx.xso->stream == NULL || ctx.xso->stream->sstream == NULL) {
072328dd 1643 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 1644 goto out;
1645 }
22d53c88 1646
cb5c208b
HL		 1647 if (xso_blocking_mode(ctx.xso))
1648 ret = quic_write_blocking(ctx.xso, buf, len, written);
22d53c88 1649 else if (partial_write)
cb5c208b 1650 ret = quic_write_nonblocking_epw(ctx.xso, buf, len, written);
22d53c88 1651 else
cb5c208b 1652 ret = quic_write_nonblocking_aon(ctx.xso, buf, len, written);
a8489257
HL		 1653
1654out:
072328dd 1655 quic_unlock(ctx.qc);
a8489257 1656 return ret;
d5ab48a1
RL		 1657}
1658
1659/*
22d53c88
HL		 1660 * SSL_read
1661 * --------
d5ab48a1 1662 */
22d53c88
HL		 1663struct quic_read_again_args {
1664 QUIC_CONNECTION *qc;
1665 QUIC_STREAM *stream;
1666 void *buf;
1667 size_t len;
1668 size_t *bytes_read;
1669 int peek;
1670};
1671
4847599b 1672QUIC_NEEDS_LOCK
22d53c88
HL		 1673static int quic_read_actual(QUIC_CONNECTION *qc,
1674 QUIC_STREAM *stream,
1675 void *buf, size_t buf_len,
1676 size_t *bytes_read,
1677 int peek)
d5ab48a1 1678{
22d53c88
HL		 1679 int is_fin = 0;
1680
a9979965
HL		 1681 /* If the receive part of the stream is over, issue EOF. */
1682 if (stream->recv_fin_retired)
1683 return QUIC_RAISE_NORMAL_ERROR(qc, SSL_ERROR_ZERO_RETURN);
1684
22d53c88
HL		 1685 if (stream->rstream == NULL)
1686 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1687
1688 if (peek) {
1689 if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
1690 bytes_read, &is_fin))
1691 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1692
1693 } else {
1694 if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
1695 bytes_read, &is_fin))
1696 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1697 }
1698
1699 if (!peek) {
1700 if (*bytes_read > 0) {
1701 /*
1702 * We have read at least one byte from the stream. Inform stream-level
1703 * RXFC of the retirement of controlled bytes. Update the active stream
1704 * status (the RXFC may now want to emit a frame granting more credit to
1705 * the peer).
1706 */
1707 OSSL_RTT_INFO rtt_info;
d50e750e 1708
22d53c88
HL		 1709 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
1710
cb5c208b 1711 if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
22d53c88
HL		 1712 rtt_info.smoothed_rtt))
1713 return QUIC_RAISE_NON_NORMAL_ERROR(qc, ERR_R_INTERNAL_ERROR, NULL);
1714 }
1715
1716 if (is_fin)
1717 stream->recv_fin_retired = 1;
1718
1719 if (*bytes_read > 0)
1720 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
cb5c208b 1721 stream);
22d53c88
HL		 1722 }
1723
d5ab48a1
RL		 1724 return 1;
1725}
1726
4847599b 1727QUIC_NEEDS_LOCK
22d53c88 1728static int quic_read_again(void *arg)
d5ab48a1 1729{
22d53c88
HL		 1730 struct quic_read_again_args *args = arg;
1731
a9979965 1732 if (!ossl_quic_channel_is_active(args->qc->ch)) {
22d53c88 1733 /* If connection is torn down due to an error while blocking, stop. */
a9979965 1734 QUIC_RAISE_NON_NORMAL_ERROR(args->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
ca41f6b7 1735 return -1;
a9979965 1736 }
22d53c88
HL		 1737
1738 if (!quic_read_actual(args->qc, args->stream,
1739 args->buf, args->len, args->bytes_read,
1740 args->peek))
1741 return -1;
1742
1743 if (*args->bytes_read > 0)
1744 /* got at least one byte, the SSL_read op can finish now */
1745 return 1;
1746
81b6b43c 1747 return 0; /* did not read anything, keep trying */
d5ab48a1
RL		 1748}
1749
a8489257 1750QUIC_TAKES_LOCK
22d53c88 1751static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
d5ab48a1 1752{
a8489257 1753 int ret, res;
072328dd 1754 QCTX ctx;
22d53c88
HL		 1755 struct quic_read_again_args args;
1756
1757 *bytes_read = 0;
1758
8b7be3aa 1759 if (!expect_quic(s, &ctx))
22d53c88
HL		 1760 return 0;
1761
072328dd 1762 quic_lock(ctx.qc);
a8489257 1763
23c04709 1764 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
072328dd 1765 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 1766 goto out;
1767 }
22d53c88 1768
a9979965 1769 /* If we haven't finished the handshake, try to advance it. */
072328dd 1770 if (quic_do_handshake(ctx.qc) < 1) {
a8489257
HL		 1771 ret = 0; /* ossl_quic_do_handshake raised error here */
1772 goto out;
1773 }
22d53c88 1774
8b7be3aa
HL		 1775 if (ctx.xso == NULL) {
1776 /*
1777 * Called on a QCSO and we don't currently have a default stream.
1778 *
1779 * Wait until we get a stream initiated by the peer (blocking mode) or
1780 * fail if we don't have one yet (non-blocking mode).
1781 */
1782 if (!qc_wait_for_default_xso_for_read(ctx.qc)) {
1783 ret = 0; /* error already raised here */
1784 goto out;
1785 }
1786
1787 ctx.xso = ctx.qc->default_xso;
1788 }
1789
cb5c208b 1790 if (ctx.xso->stream == NULL) {
072328dd 1791 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 1792 goto out;
1793 }
22d53c88 1794
cb5c208b 1795 if (!quic_read_actual(ctx.qc, ctx.xso->stream, buf, len, bytes_read, peek)) {
a8489257
HL		 1796 ret = 0; /* quic_read_actual raised error here */
1797 goto out;
1798 }
22d53c88
HL		 1799
1800 if (*bytes_read > 0) {
1801 /*
1802 * Even though we succeeded, tick the reactor here to ensure we are
1803 * handling other aspects of the QUIC connection.
1804 */
072328dd 1805 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
a8489257 1806 ret = 1;
cb5c208b 1807 } else if (xso_blocking_mode(ctx.xso)) {
22d53c88
HL		 1808 /*
1809 * We were not able to read anything immediately, so our stream
1810 * buffer is empty. This means we need to block until we get
1811 * at least one byte.
1812 */
072328dd 1813 args.qc = ctx.qc;
cb5c208b 1814 args.stream = ctx.xso->stream;
22d53c88
HL		 1815 args.buf = buf;
1816 args.len = len;
1817 args.bytes_read = bytes_read;
1818 args.peek = peek;
1819
072328dd 1820 res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
a8489257 1821 if (res == 0) {
072328dd 1822 ret = QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 1823 goto out;
1824 } else if (res < 0) {
1825 ret = 0; /* quic_read_again raised error here */
1826 goto out;
1827 }
22d53c88 1828
a8489257 1829 ret = 1;
af8b52cf
HL		 1830 } else {
1831 /* We did not get any bytes and are not in blocking mode. */
072328dd 1832 ret = QUIC_RAISE_NORMAL_ERROR(ctx.qc, SSL_ERROR_WANT_READ);
af8b52cf 1833 }
a8489257
HL		 1834
1835out:
072328dd 1836 quic_unlock(ctx.qc);
a8489257 1837 return ret;
d5ab48a1
RL		 1838}
1839
22d53c88
HL		 1840int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
1841{
1842 return quic_read(s, buf, len, bytes_read, 0);
1843}
1844
1845int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
1846{
1847 return quic_read(s, buf, len, bytes_read, 1);
1848}
1849
1850/*
1851 * SSL_pending
1852 * -----------
1853 */
a8489257 1854QUIC_TAKES_LOCK
072328dd 1855static size_t ossl_quic_pending_int(const SSL *s)
22d53c88 1856{
072328dd 1857 QCTX ctx;
22d53c88
HL		 1858 size_t avail = 0;
1859 int fin = 0;
1860
8b7be3aa 1861 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
22d53c88
HL		 1862 return 0;
1863
cb5c208b 1864 if (ctx.xso->stream == NULL || ctx.xso->stream->rstream == NULL)
22d53c88 1865 /* Cannot raise errors here because we are const, just fail. */
a8489257 1866 goto out;
22d53c88 1867
cb5c208b 1868 if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin))
a8489257 1869 avail = 0;
22d53c88 1870
a8489257 1871out:
072328dd 1872 quic_unlock(ctx.qc);
22d53c88
HL		 1873 return avail;
1874}
1875
560470b5
MC		 1876size_t ossl_quic_pending(const SSL *s)
1877{
072328dd 1878 return ossl_quic_pending_int(s);
560470b5
MC		 1879}
1880
072328dd 1881int ossl_quic_has_pending(const SSL *s)
560470b5 1882{
072328dd 1883 return ossl_quic_pending_int(s) > 0;
560470b5
MC		 1884}
1885
a9979965
HL		 1886/*
1887 * SSL_stream_conclude
1888 * -------------------
1889 */
a8489257 1890QUIC_TAKES_LOCK
072328dd 1891int ossl_quic_conn_stream_conclude(SSL *s)
a9979965 1892{
072328dd
HL		 1893 QCTX ctx;
1894 QUIC_STREAM *qs;
1895
8b7be3aa 1896 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
072328dd
HL		 1897 return 0;
1898
cb5c208b 1899 qs = ctx.xso->stream;
a9979965 1900
a8489257 1901 if (qs == NULL || qs->sstream == NULL) {
072328dd 1902 quic_unlock(ctx.qc);
a8489257
HL		 1903 return 0;
1904 }
1905
072328dd 1906 if (!ossl_quic_channel_is_active(ctx.qc->ch)
a8489257 1907 || ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
072328dd 1908 quic_unlock(ctx.qc);
a9979965 1909 return 1;
a8489257 1910 }
a9979965
HL		 1911
1912 ossl_quic_sstream_fin(qs->sstream);
cb5c208b 1913 quic_post_write(ctx.xso, 1, 1);
072328dd 1914 quic_unlock(ctx.qc);
a9979965
HL		 1915 return 1;
1916}
1917
553a4e00
HL		 1918/*
1919 * SSL_inject_net_dgram
1920 * --------------------
1921 */
5129e594 1922QUIC_TAKES_LOCK
553a4e00
HL		 1923int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
1924 size_t buf_len,
1925 const BIO_ADDR *peer,
1926 const BIO_ADDR *local)
1927{
5129e594 1928 int ret;
072328dd 1929 QCTX ctx;
553a4e00
HL		 1930 QUIC_DEMUX *demux;
1931
072328dd 1932 if (!expect_quic(s, &ctx))
553a4e00
HL		 1933 return 0;
1934
072328dd 1935 quic_lock(ctx.qc);
5129e594 1936
072328dd 1937 demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
5129e594
HL		 1938 ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
1939
072328dd 1940 quic_unlock(ctx.qc);
5129e594 1941 return ret;
553a4e00
HL		 1942}
1943
020d0389
HL		 1944/*
1945 * SSL_get0_connection
1946 * -------------------
1947 */
1948SSL *ossl_quic_get0_connection(SSL *s)
1949{
1950 QCTX ctx;
1951
1952 if (!expect_quic(s, &ctx))
1953 return NULL;
1954
1955 return &ctx.qc->ssl;
1956}
1957
1bca3f1b
HL		 1958/*
1959 * SSL_get_stream_type
1960 * -------------------
1961 */
1962int ossl_quic_get_stream_type(SSL *s)
1963{
1964 QCTX ctx;
1965
1966 if (!expect_quic(s, &ctx))
1967 return SSL_STREAM_TYPE_NONE;
1968
1969 if (ctx.xso == NULL) {
1970 /*
1971 * If we are deferring XSO creation, assume single stream mode and
1972 * default to BIDI, as the deferred XSO which will be created will be
1973 * bidirectional.
1974 */
1975 if (!ctx.qc->default_xso_created)
1976 return SSL_STREAM_TYPE_BIDI;
1977 else
1978 return SSL_STREAM_TYPE_NONE;
1979 }
1980
1981 if (ossl_quic_stream_is_bidi(ctx.xso->stream))
1982 return SSL_STREAM_TYPE_BIDI;
1983
1984 if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
1985 return SSL_STREAM_TYPE_READ;
1986 else
1987 return SSL_STREAM_TYPE_WRITE;
1988}
1989
19cb0887
HL		 1990/*
1991 * SSL_get_stream_id
1992 * -----------------
1993 */
cb68ce9f 1994QUIC_TAKES_LOCK
19cb0887
HL		 1995uint64_t ossl_quic_get_stream_id(SSL *s)
1996{
1997 QCTX ctx;
8b7be3aa 1998 uint64_t id;
19cb0887 1999
8b7be3aa 2000 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
19cb0887
HL		 2001 return UINT64_MAX;
2002
8b7be3aa
HL		 2003 id = ctx.xso->stream->id;
2004 quic_unlock(ctx.qc);
2005
2006 return id;
2007}
2008
2009/*
2010 * SSL_set_default_stream_mode
2011 * ---------------------------
2012 */
cb68ce9f 2013QUIC_TAKES_LOCK
8b7be3aa
HL		 2014int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
2015{
2016 QCTX ctx;
2017
2018 if (!expect_quic_conn_only(s, &ctx))
2019 return 0;
2020
2021 quic_lock(ctx.qc);
2022
2023 if (ctx.qc->default_xso_created)
2024 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
2025 "too late to change default stream mode");
2026
2027 switch (mode) {
2028 case SSL_DEFAULT_STREAM_MODE_NONE:
2029 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
2030 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
2031 ctx.qc->default_stream_mode = mode;
2032 break;
2033 default:
2034 quic_unlock(ctx.qc);
2035 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_PASSED_INVALID_ARGUMENT,
2036 "bad default stream type");
2037 }
2038
2039 quic_unlock(ctx.qc);
2040 return 1;
2041}
2042
2043/*
2044 * SSL_detach_stream
2045 * -----------------
2046 */
cb68ce9f 2047QUIC_TAKES_LOCK
8b7be3aa
HL		 2048SSL *ossl_quic_detach_stream(SSL *s)
2049{
2050 QCTX ctx;
2051 QUIC_XSO *xso;
2052
2053 if (!expect_quic_conn_only(s, &ctx))
2054 return NULL;
2055
2056 quic_lock(ctx.qc);
2057
2058 xso = ctx.qc->default_xso;
2059 ctx.qc->default_xso = NULL;
2060
2061 /* Calling this function inhibits default XSO autocreation. */
2062 ctx.qc->default_xso_created = 1;
2063
2064 quic_unlock(ctx.qc);
2065
2066 return &xso->ssl;
2067}
2068
2069/*
2070 * SSL_attach_stream
2071 * -----------------
2072 */
cb68ce9f 2073QUIC_TAKES_LOCK
8b7be3aa
HL		 2074int ossl_quic_attach_stream(SSL *conn, SSL *stream)
2075{
2076 QCTX ctx;
2077
2078 if (!expect_quic_conn_only(conn, &ctx))
2079 return 0;
2080
2081 if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
2082 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_PASSED_NULL_PARAMETER,
2083 "stream to attach must be a valid QUIC stream");
2084
2085 quic_lock(ctx.qc);
2086
2087 if (ctx.qc->default_xso != NULL) {
2088 quic_unlock(ctx.qc);
2089 return QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
2090 "connection already has a default stream");
2091 }
2092
2093 ctx.qc->default_xso = (QUIC_XSO *)stream;
2094
2095 /* Calling this function inhibits default XSO autocreation. */
2096 ctx.qc->default_xso_created = 1;
2097
2098 quic_unlock(ctx.qc);
2099 return 1;
19cb0887
HL		 2100}
2101
8a90df34
HL		 2102/*
2103 * SSL_set_incoming_stream_reject_policy
2104 * -------------------------------------
2105 */
cb68ce9f 2106QUIC_TAKES_LOCK
8a90df34
HL		 2107int ossl_quic_set_incoming_stream_reject_policy(SSL *s, int policy,
2108 uint64_t aec)
2109{
2110 int ret = 1;
2111 QCTX ctx;
2112
2113 if (!expect_quic_conn_only(s, &ctx))
2114 return 0;
2115
2116 quic_lock(ctx.qc);
2117
2118 switch (policy) {
2119 case SSL_INCOMING_STREAM_REJECT_POLICY_AUTO:
2120 case SSL_INCOMING_STREAM_REJECT_POLICY_ACCEPT:
2121 case SSL_INCOMING_STREAM_REJECT_POLICY_REJECT:
2122 ctx.qc->incoming_stream_reject_policy = policy;
2123 ctx.qc->incoming_stream_reject_aec = aec;
2124 break;
2125
2126 default:
2127 ret = 0;
2128 break;
2129 }
2130
2131 quic_unlock(ctx.qc);
2132 return ret;
2133}
2134
cb68ce9f
HL		 2135/*
2136 * SSL_accept_stream
2137 * -----------------
2138 */
2139QUIC_NEEDS_LOCK
2140static int qc_get_effective_incoming_stream_reject_policy(QUIC_CONNECTION *qc)
2141{
2142 switch (qc->incoming_stream_reject_policy) {
2143 case SSL_INCOMING_STREAM_REJECT_POLICY_AUTO:
2144 if ((qc->default_xso == NULL && qc->default_xso_created)
2145 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
2146 return SSL_INCOMING_STREAM_REJECT_POLICY_ACCEPT;
2147 else
2148 return SSL_INCOMING_STREAM_REJECT_POLICY_REJECT;
2149
2150 default:
2151 return qc->incoming_stream_reject_policy;
2152 }
2153}
2154
2155struct wait_for_incoming_stream_args {
2156 QUIC_CONNECTION *qc;
2157 QUIC_STREAM *qs;
2158};
2159
2160QUIC_NEEDS_LOCK
2161static int wait_for_incoming_stream(void *arg)
2162{
2163 struct wait_for_incoming_stream_args *args = arg;
2164 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(args->qc->ch);
2165
2166 if (!ossl_quic_channel_is_active(args->qc->ch)) {
2167 /* If connection is torn down due to an error while blocking, stop. */
2168 QUIC_RAISE_NON_NORMAL_ERROR(args->qc, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2169 return -1;
2170 }
2171
2172 args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2173 if (args->qs != NULL)
2174 return 1; /* got a stream */
2175
2176 return 0; /* did not get a stream, keep trying */
2177}
2178
2179QUIC_TAKES_LOCK
2180SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
2181{
2182 QCTX ctx;
2183 int ret;
2184 SSL *new_s = NULL;
2185 QUIC_STREAM_MAP *qsm;
2186 QUIC_STREAM *qs;
2187 QUIC_XSO *xso;
2188
2189 if (!expect_quic_conn_only(s, &ctx))
2190 return NULL;
2191
2192 quic_lock(ctx.qc);
2193
2194 if (qc_get_effective_incoming_stream_reject_policy(ctx.qc)
2195 == SSL_INCOMING_STREAM_REJECT_POLICY_REJECT)
2196 goto out;
2197
2198 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2199
2200 qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2201 if (qs == NULL) {
2202 if (qc_blocking_mode(ctx.qc)
2203 && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
2204 struct wait_for_incoming_stream_args args;
2205
2206 args.qc = ctx.qc;
2207 args.qs = NULL;
2208
2209 ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
2210 if (ret == 0) {
2211 QUIC_RAISE_NON_NORMAL_ERROR(ctx.qc, ERR_R_INTERNAL_ERROR, NULL);
2212 goto out;
2213 } else if (ret < 0 || args.qs == NULL) {
2214 goto out;
2215 }
2216
2217 qs = args.qs;
2218 } else {
2219 goto out;
2220 }
2221 }
2222
2223 xso = create_xso_from_stream(ctx.qc, qs);
2224 if (xso == NULL)
2225 goto out;
2226
2227 ossl_quic_stream_map_remove_from_accept_queue(qsm, qs);
2228 new_s = &xso->ssl;
2229
2230 /* Calling this function inhibits default XSO autocreation. */
2231 ctx.qc->default_xso_created = 1;
2232
2233out:
2234 quic_unlock(ctx.qc);
2235 return new_s;
2236}
2237
2238/*
2239 * SSL_get_accept_stream_queue_len
2240 * -------------------------------
2241 */
2242QUIC_TAKES_LOCK
2243size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
2244{
2245 QCTX ctx;
2246 size_t v;
2247
2248 if (!expect_quic_conn_only(s, &ctx))
2249 return 0;
2250
2251 quic_lock(ctx.qc);
2252
2253 v = ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
2254
2255 quic_unlock(ctx.qc);
2256 return v;
2257}
2258
22d53c88
HL		 2259/*
2260 * QUIC Front-End I/O API: SSL_CTX Management
2261 * ==========================================
2262 */
2263
2264long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2265{
2266 switch (cmd) {
2267 default:
8a1a6d6d 2268 return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
22d53c88
HL		 2269 }
2270}
2271
2272long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
2273{
8a1a6d6d 2274 return ssl3_callback_ctrl(s, cmd, fp);
22d53c88
HL		 2275}
2276
2277long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
2278{
8a1a6d6d 2279 return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
22d53c88
HL		 2280}
2281
2282int ossl_quic_renegotiate_check(SSL *ssl, int initok)
2283{
2284 /* We never do renegotiation. */
2285 return 0;
2286}
2287
2288/*
d518854c
MC		 2289 * These functions define the TLSv1.2 (and below) ciphers that are supported by
2290 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
22d53c88 2291 */
22d53c88
HL		 2292
2293int ossl_quic_num_ciphers(void)
2294{
d518854c 2295 return 0;
22d53c88
HL		 2296}
2297
2298const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
2299{
d518854c 2300 return NULL;
d5ab48a1 2301}
A mirror of the official openssl repository