]> git.ipfire.org Git - thirdparty/openssl.git/blame - ssl/quic/quic_impl.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
QUIC APL: Validate receive stream state
[thirdparty/openssl.git] / ssl / quic / quic_impl.c
CommitLineData
99e1cc7b
TM		 1/*
2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/macros.h>
11#include <openssl/objects.h>
22d53c88
HL		 12#include <openssl/sslerr.h>
13#include <crypto/rand.h>
99e1cc7b 14#include "quic_local.h"
2723d705 15#include "internal/quic_tls.h"
22d53c88
HL		 16#include "internal/quic_rx_depack.h"
17#include "internal/quic_error.h"
18#include "internal/time.h"
99e1cc7b 19
faa3a180
HL		 20typedef struct qctx_st QCTX;
21
cb5c208b 22static void aon_write_finish(QUIC_XSO *xso);
23c04709 23static int create_channel(QUIC_CONNECTION *qc);
21c80696 24static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
faa3a180
HL		 25static int qc_try_create_default_xso_for_write(QCTX *ctx);
26static int qc_wait_for_default_xso_for_read(QCTX *ctx);
8b7be3aa
HL		 27static void quic_lock(QUIC_CONNECTION *qc);
28static void quic_unlock(QUIC_CONNECTION *qc);
faa3a180 29static int quic_do_handshake(QCTX *ctx);
995ff282
HL		 30static void qc_update_reject_policy(QUIC_CONNECTION *qc);
31static void qc_touch_default_xso(QUIC_CONNECTION *qc);
32static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch);
9cab4bd5
HL		 33static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
34 int touch, QUIC_XSO **old_xso);
faa3a180 35static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock);
abfe3d51 36static int quic_validate_for_write(QUIC_XSO *xso, int *err);
22d53c88
HL		 37
38/*
39 * QUIC Front-End I/O API: Common Utilities
40 * ========================================
41 */
42
43/*
44 * Block until a predicate is met.
45 *
46 * Precondition: Must have a channel.
d7b1fadd 47 * Precondition: Must hold channel lock (unchecked).
22d53c88 48 */
d7b1fadd 49QUIC_NEEDS_LOCK
22d53c88
HL		 50static int block_until_pred(QUIC_CONNECTION *qc,
51 int (*pred)(void *arg), void *pred_arg,
52 uint32_t flags)
53{
54 QUIC_REACTOR *rtor;
55
56 assert(qc->ch != NULL);
57
58 rtor = ossl_quic_channel_get_reactor(qc->ch);
c019e1ef 59 return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
4847599b 60 qc->mutex);
22d53c88
HL		 61}
62
e3e9794a
HL		 63static OSSL_TIME get_time(QUIC_CONNECTION *qc)
64{
65 if (qc->override_now_cb != NULL)
66 return qc->override_now_cb(qc->override_now_cb_arg);
67 else
68 return ossl_time_now();
69}
70
71static OSSL_TIME get_time_cb(void *arg)
72{
73 QUIC_CONNECTION *qc = arg;
74
75 return get_time(qc);
76}
77
faa3a180
HL		 78/*
79 * QCTX is a utility structure which provides information we commonly wish to
80 * unwrap upon an API call being dispatched to us, namely:
81 *
82 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
83 * was passed);
84 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
85 * a QCSO with a default stream was passed);
86 * - whether a QSSO was passed (xso == NULL must not be used to determine this
87 * because it may be non-NULL when a QCSO is passed if that QCSO has a
88 * default stream).
89 */
90struct qctx_st {
91 QUIC_CONNECTION *qc;
92 QUIC_XSO *xso;
93 int is_stream;
94};
95
22d53c88
HL		 96/*
97 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
faa3a180
HL		 98 * rather than via ERR. Note that normal errors must always be raised while
99 * holding a lock.
22d53c88 100 */
faa3a180
HL		 101QUIC_NEEDS_LOCK
102static int quic_raise_normal_error(QCTX *ctx,
22d53c88
HL		 103 int err)
104{
faa3a180
HL		 105 if (ctx->is_stream)
106 ctx->xso->last_error = err;
107 else
108 ctx->qc->last_error = err;
109
22d53c88
HL		 110 return 0;
111}
112
113/*
114 * Raise a 'non-normal' error, meaning any error that is not reported via
115 * SSL_get_error() and must be reported via ERR.
e88cdb8e
HL		 116 *
117 * qc should be provided if available. In exceptional circumstances when qc is
118 * not known NULL may be passed. This should generally only happen when an
119 * expect_...() function defined below fails, which generally indicates a
120 * dispatch error or caller error.
faa3a180
HL		 121 *
122 * ctx should be NULL if the connection lock is not held.
22d53c88 123 */
faa3a180 124static int quic_raise_non_normal_error(QCTX *ctx,
22d53c88
HL		 125 const char *file,
126 int line,
127 const char *func,
128 int reason,
129 const char *fmt,
130 ...)
131{
132 va_list args;
133
faa3a180
HL		 134 if (ctx != NULL) {
135 if (ctx->is_stream && ctx->xso != NULL)
136 ctx->xso->last_error = SSL_ERROR_SSL;
137 else if (!ctx->is_stream && ctx->qc != NULL)
138 ctx->qc->last_error = SSL_ERROR_SSL;
9c3ea4e1
TM		 139
140 if (reason == SSL_R_PROTOCOL_IS_SHUTDOWN && ctx->qc != NULL)
141 ossl_quic_channel_restore_err_state(ctx->qc->ch);
faa3a180 142 }
e88cdb8e 143
9c3ea4e1
TM		 144 ERR_new();
145 ERR_set_debug(file, line, func);
146
147 va_start(args, fmt);
148 ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
149 va_end(args);
150
22d53c88
HL		 151 return 0;
152}
153
faa3a180
HL		 154#define QUIC_RAISE_NORMAL_ERROR(ctx, err) \
155 quic_raise_normal_error((ctx), (err))
22d53c88 156
faa3a180
HL		 157#define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg) \
158 quic_raise_non_normal_error((ctx), \
22d53c88
HL		 159 OPENSSL_FILE, OPENSSL_LINE, \
160 OPENSSL_FUNC, \
161 (reason), \
162 (msg))
163
e88cdb8e
HL		 164/*
165 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
166 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
167 *
168 * After this returns 1, all fields of the passed QCTX are initialised.
169 * Returns 0 on failure. This function is intended to be used to provide API
170 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
22d53c88 171 */
e88cdb8e 172static int expect_quic(const SSL *s, QCTX *ctx)
22d53c88 173{
e88cdb8e
HL		 174 QUIC_CONNECTION *qc;
175 QUIC_XSO *xso;
176
177 ctx->qc = NULL;
178 ctx->xso = NULL;
179 ctx->is_stream = 0;
180
181 if (s == NULL)
8b7be3aa 182 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
22d53c88 183
e88cdb8e
HL		 184 switch (s->type) {
185 case SSL_TYPE_QUIC_CONNECTION:
186 qc = (QUIC_CONNECTION *)s;
187 ctx->qc = qc;
cb5c208b 188 ctx->xso = qc->default_xso;
e88cdb8e
HL		 189 ctx->is_stream = 0;
190 return 1;
191
192 case SSL_TYPE_QUIC_XSO:
193 xso = (QUIC_XSO *)s;
cb5c208b 194 ctx->qc = xso->conn;
e88cdb8e
HL		 195 ctx->xso = xso;
196 ctx->is_stream = 1;
197 return 1;
198
199 default:
200 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
201 }
202}
203
204/*
205 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
206 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
207 * stream.
21c80696
HL		 208 *
209 * remote_init determines if we expect the default XSO to be remotely created or
210 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
8b7be3aa
HL		 211 *
212 * Channel mutex is acquired and retained on success.
e88cdb8e 213 */
8b7be3aa
HL		 214QUIC_ACQUIRES_LOCK
215static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
216 QCTX *ctx)
e88cdb8e
HL		 217{
218 if (!expect_quic(s, ctx))
219 return 0;
220
8b7be3aa
HL		 221 quic_lock(ctx->qc);
222
21c80696 223 if (ctx->xso == NULL && remote_init >= 0) {
8b7be3aa 224 if (ossl_quic_channel_is_term_any(ctx->qc->ch)) {
faa3a180 225 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
8b7be3aa
HL		 226 goto err;
227 }
228
229 /* If we haven't finished the handshake, try to advance it. */
faa3a180 230 if (quic_do_handshake(ctx) < 1)
8b7be3aa
HL		 231 /* ossl_quic_do_handshake raised error here */
232 goto err;
233
234 if (remote_init == 0) {
faa3a180 235 if (!qc_try_create_default_xso_for_write(ctx))
8b7be3aa
HL		 236 goto err;
237 } else {
faa3a180 238 if (!qc_wait_for_default_xso_for_read(ctx))
8b7be3aa
HL		 239 goto err;
240 }
241
21c80696
HL		 242 ctx->xso = ctx->qc->default_xso;
243 }
244
8b7be3aa 245 if (ctx->xso == NULL) {
faa3a180 246 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
8b7be3aa
HL		 247 goto err;
248 }
249
250 return 1; /* lock held */
e88cdb8e 251
8b7be3aa
HL		 252err:
253 quic_unlock(ctx->qc);
254 return 0;
e88cdb8e 255}
22d53c88 256
e88cdb8e
HL		 257/*
258 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
259 * be non-NULL if the QCSO has a default stream.
260 */
23c04709 261static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx)
e88cdb8e
HL		 262{
263 if (!expect_quic(s, ctx))
264 return 0;
265
266 if (ctx->is_stream)
faa3a180 267 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_CONN_USE_ONLY, NULL);
e88cdb8e
HL		 268
269 return 1;
22d53c88
HL		 270}
271
4847599b
HL		 272/*
273 * Ensures that the channel mutex is held for a method which touches channel
274 * state.
275 *
276 * Precondition: Channel mutex is not held (unchecked)
277 */
20f45743 278static void quic_lock(QUIC_CONNECTION *qc)
4847599b 279{
629b408c 280#if defined(OPENSSL_THREADS)
ffce2946 281 ossl_crypto_mutex_lock(qc->mutex);
629b408c 282#endif
4847599b
HL		 283}
284
285/* Precondition: Channel mutex is held (unchecked) */
286QUIC_NEEDS_LOCK
287static void quic_unlock(QUIC_CONNECTION *qc)
288{
629b408c 289#if defined(OPENSSL_THREADS)
ffce2946 290 ossl_crypto_mutex_unlock(qc->mutex);
629b408c 291#endif
4847599b
HL		 292}
293
294
22d53c88
HL		 295/*
296 * QUIC Front-End I/O API: Initialization
297 * ======================================
298 *
299 * SSL_new => ossl_quic_new
300 * ossl_quic_init
301 * SSL_reset => ossl_quic_reset
302 * SSL_clear => ossl_quic_clear
303 * ossl_quic_deinit
304 * SSL_free => ossl_quic_free
305 *
f0d9757c
HL		 306 * SSL_set_options => ossl_quic_set_options
307 * SSL_get_options => ossl_quic_get_options
308 * SSL_clear_options => ossl_quic_clear_options
309 *
22d53c88
HL		 310 */
311
312/* SSL_new */
38b051a1
TM		 313SSL *ossl_quic_new(SSL_CTX *ctx)
314{
22d53c88
HL		 315 QUIC_CONNECTION *qc = NULL;
316 SSL *ssl_base = NULL;
a7f41885 317 SSL_CONNECTION *sc = NULL;
38b051a1
TM		 318
319 qc = OPENSSL_zalloc(sizeof(*qc));
320 if (qc == NULL)
321 goto err;
322
22d53c88
HL		 323 /* Initialise the QUIC_CONNECTION's stub header. */
324 ssl_base = &qc->ssl;
a7f41885 325 if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
22d53c88 326 ssl_base = NULL;
38b051a1
TM		 327 goto err;
328 }
38b051a1 329
4e3a55fd 330 qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
a7f41885
MC		 331 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL)
332 goto err;
f0d9757c 333
43788fb3 334 /* override the user_ssl of the inner connection */
f082205b 335 sc->s3.flags |= TLS1_FLAGS_QUIC;
a7f41885 336
f0d9757c 337 /* Restrict options derived from the SSL_CTX. */
db2f98c4 338 sc->options &= OSSL_QUIC_PERMITTED_OPTIONS_CONN;
6e5550a1 339 sc->pha_enabled = 0;
f0d9757c 340
629b408c 341#if defined(OPENSSL_THREADS)
ffce2946 342 if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)
4847599b 343 goto err;
629b408c 344#endif
4847599b 345
629b408c 346#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
f2f7c4f1
HL		 347 qc->is_thread_assisted
348 = (ssl_base->method == OSSL_QUIC_client_thread_method());
629b408c 349#endif
f2f7c4f1 350
dfb9ae14
HL		 351 qc->as_server = 0; /* TODO(QUIC): server support */
352 qc->as_server_state = qc->as_server;
353
8b7be3aa 354 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
21c80696 355 qc->default_ssl_mode = qc->ssl.ctx->mode;
db2f98c4 356 qc->default_ssl_options = qc->ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS;
21c80696 357 qc->default_blocking = 1;
fb4a2bba 358 qc->blocking = 1;
83df44ae 359 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO;
21c80696 360 qc->last_error = SSL_ERROR_NONE;
a7f41885 361
23c04709
HL		 362 if (!create_channel(qc))
363 goto err;
364
5cf99b40
MC		 365 ossl_quic_channel_set_msg_callback(qc->ch, ctx->msg_callback, ssl_base);
366 ossl_quic_channel_set_msg_callback_arg(qc->ch, ctx->msg_callback_arg);
367
995ff282
HL		 368 qc_update_reject_policy(qc);
369
21c80696
HL		 370 /*
371 * We do not create the default XSO yet. The reason for this is that the
372 * stream ID of the default XSO will depend on whether the stream is client
373 * or server-initiated, which depends on who transmits first. Since we do
374 * not know whether the application will be using a client-transmits-first
375 * or server-transmits-first protocol, we defer default XSO creation until
376 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
377 * we take that as a cue that the client is expecting a server-initiated
378 * stream, and vice versa if SSL_write() is called first.
379 */
22d53c88
HL		 380 return ssl_base;
381
38b051a1 382err:
2dbc39de 383 if (qc != NULL) {
629b408c
HL		 384#if defined(OPENSSL_THREADS)
385 ossl_crypto_mutex_free(qc->mutex);
386#endif
2dbc39de
HL		 387 ossl_quic_channel_free(qc->ch);
388 SSL_free(qc->tls);
389 }
22d53c88 390 OPENSSL_free(qc);
38b051a1
TM		 391 return NULL;
392}
393
22d53c88 394/* SSL_free */
a8489257 395QUIC_TAKES_LOCK
22d53c88
HL		 396void ossl_quic_free(SSL *s)
397{
072328dd 398 QCTX ctx;
9cab4bd5 399 int is_default;
22d53c88 400
072328dd
HL		 401 /* We should never be called on anything but a QSO. */
402 if (!expect_quic(s, &ctx))
22d53c88
HL		 403 return;
404
22b1a96f
HL		 405 quic_lock(ctx.qc);
406
2dbc39de
HL		 407 if (ctx.is_stream) {
408 /*
409 * When a QSSO is freed, the XSO is freed immediately, because the XSO
410 * itself only contains API personality layer data. However the
411 * underlying QUIC_STREAM is not freed immediately but is instead marked
412 * as deleted for later collection.
413 */
414
2dbc39de
HL		 415 assert(ctx.qc->num_xso > 0);
416 --ctx.qc->num_xso;
417
9aaafc26 418 /* If a stream's send part has not been finished, auto-reset it. */
2f018d14
HL		 419 if (( ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_READY
420 || ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_SEND)
9aaafc26
HL		 421 && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL))
422 ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
423 ctx.xso->stream, 0);
2dbc39de 424
9aaafc26 425 /* Do STOP_SENDING for the receive part, if applicable. */
2f018d14
HL		 426 if ( ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_RECV
427 || ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN)
9aaafc26
HL		 428 ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
429 ctx.xso->stream, 0);
f20fdd16
HL		 430
431 /* Update stream state. */
9aaafc26
HL		 432 ctx.xso->stream->deleted = 1;
433 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch),
f20fdd16
HL		 434 ctx.xso->stream);
435
9cab4bd5 436 is_default = (ctx.xso == ctx.qc->default_xso);
2dbc39de
HL		 437 quic_unlock(ctx.qc);
438
9cab4bd5
HL		 439 /*
440 * Unref the connection in most cases; the XSO has a ref to the QC and
441 * not vice versa. But for a default XSO, to avoid circular references,
442 * the QC refs the XSO but the XSO does not ref the QC. If we are the
443 * default XSO, we only get here when the QC is being torn down anyway,
444 * so don't call SSL_free(qc) as we are already in it.
445 */
446 if (!is_default)
447 SSL_free(&ctx.qc->ssl);
448
2dbc39de
HL		 449 /* Note: SSL_free calls OPENSSL_free(xso) for us */
450 return;
451 }
452
2dbc39de
HL		 453 /*
454 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
455 * stage, but is freed during the channel free when the whole QSM is freed.
456 */
21c80696
HL		 457 if (ctx.qc->default_xso != NULL) {
458 QUIC_XSO *xso = ctx.qc->default_xso;
459
460 quic_unlock(ctx.qc);
461 SSL_free(&xso->ssl);
462 quic_lock(ctx.qc);
9cab4bd5 463 ctx.qc->default_xso = NULL;
21c80696 464 }
2dbc39de
HL		 465
466 /* Ensure we have no remaining XSOs. */
467 assert(ctx.qc->num_xso == 0);
468
629b408c 469#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
072328dd
HL		 470 if (ctx.qc->is_thread_assisted && ctx.qc->started) {
471 ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
472 ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
dbe7b51a 473 }
629b408c 474#endif
f2f7c4f1 475
072328dd 476 ossl_quic_channel_free(ctx.qc->ch);
22d53c88 477
072328dd
HL		 478 BIO_free(ctx.qc->net_rbio);
479 BIO_free(ctx.qc->net_wbio);
d1ac77b1 480
22d53c88 481 /* Note: SSL_free calls OPENSSL_free(qc) for us */
a7f41885 482
072328dd 483 SSL_free(ctx.qc->tls);
45b7c7e0 484 quic_unlock(ctx.qc); /* tsan doesn't like freeing locked mutexes */
629b408c 485#if defined(OPENSSL_THREADS)
45b7c7e0 486 ossl_crypto_mutex_free(&ctx.qc->mutex);
629b408c 487#endif
22d53c88
HL		 488}
489
490/* SSL method init */
38b051a1 491int ossl_quic_init(SSL *s)
99e1cc7b 492{
22d53c88
HL		 493 /* Same op as SSL_clear, forward the call. */
494 return ossl_quic_clear(s);
99e1cc7b
TM		 495}
496
22d53c88 497/* SSL method deinit */
38b051a1
TM		 498void ossl_quic_deinit(SSL *s)
499{
22d53c88 500 /* No-op. */
38b051a1
TM		 501}
502
5f69db39 503/* SSL_clear (ssl_reset method) */
22d53c88
HL		 504int ossl_quic_reset(SSL *s)
505{
072328dd 506 QCTX ctx;
22d53c88 507
072328dd 508 if (!expect_quic(s, &ctx))
22d53c88
HL		 509 return 0;
510
5f69db39
HL		 511 /* Not supported. */
512 return 0;
22d53c88
HL		 513}
514
5f69db39 515/* ssl_clear method (unused) */
22d53c88 516int ossl_quic_clear(SSL *s)
99e1cc7b 517{
072328dd 518 QCTX ctx;
38b051a1 519
072328dd 520 if (!expect_quic(s, &ctx))
22d53c88
HL		 521 return 0;
522
c8b3fdc2 523 /* TODO(QUIC): Currently a no-op. */
22d53c88
HL		 524 return 1;
525}
38b051a1 526
e3e9794a
HL		 527int ossl_quic_conn_set_override_now_cb(SSL *s,
528 OSSL_TIME (*now_cb)(void *arg),
529 void *now_cb_arg)
b212d554 530{
072328dd 531 QCTX ctx;
b212d554 532
072328dd 533 if (!expect_quic(s, &ctx))
e3e9794a
HL		 534 return 0;
535
536 quic_lock(ctx.qc);
072328dd
HL		 537
538 ctx.qc->override_now_cb = now_cb;
539 ctx.qc->override_now_cb_arg = now_cb_arg;
e3e9794a
HL		 540
541 quic_unlock(ctx.qc);
542 return 1;
b212d554
HL		 543}
544
3b1ab5a3
HL		 545void ossl_quic_conn_force_assist_thread_wake(SSL *s)
546{
072328dd
HL		 547 QCTX ctx;
548
549 if (!expect_quic(s, &ctx))
550 return;
3b1ab5a3 551
629b408c 552#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
072328dd
HL		 553 if (ctx.qc->is_thread_assisted && ctx.qc->started)
554 ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
629b408c 555#endif
3b1ab5a3
HL		 556}
557
995ff282
HL		 558QUIC_NEEDS_LOCK
559static void qc_touch_default_xso(QUIC_CONNECTION *qc)
560{
561 qc->default_xso_created = 1;
562 qc_update_reject_policy(qc);
563}
564
9cab4bd5
HL		 565/*
566 * Changes default XSO. Allows caller to keep reference to the old default XSO
567 * (if any). Reference to new XSO is transferred from caller.
568 */
995ff282 569QUIC_NEEDS_LOCK
9cab4bd5
HL		 570static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
571 int touch,
572 QUIC_XSO **old_xso)
995ff282 573{
9cab4bd5
HL		 574 int refs;
575
576 *old_xso = NULL;
577
578 if (qc->default_xso != xso) {
579 *old_xso = qc->default_xso; /* transfer old XSO ref to caller */
580
581 qc->default_xso = xso;
582
583 if (xso == NULL) {
584 /*
585 * Changing to not having a default XSO. XSO becomes standalone and
586 * now has a ref to the QC.
587 */
588 if (!ossl_assert(SSL_up_ref(&qc->ssl)))
589 return;
590 } else {
591 /*
592 * Changing from not having a default XSO to having one. The new XSO
593 * will have had a reference to the QC we need to drop to avoid a
594 * circular reference.
3a61a96c
HL		 595 *
596 * Currently we never change directly from one default XSO to
597 * another, though this function would also still be correct if this
598 * weren't the case.
9cab4bd5 599 */
3a61a96c
HL		 600 assert(*old_xso == NULL);
601
4eecc6aa 602 CRYPTO_DOWN_REF(&qc->ssl.references, &refs);
9cab4bd5
HL		 603 assert(refs > 0);
604 }
605 }
606
995ff282
HL		 607 if (touch)
608 qc_touch_default_xso(qc);
609}
610
9cab4bd5
HL		 611/*
612 * Changes default XSO, releasing the reference to any previous default XSO.
613 * Reference to new XSO is transferred from caller.
614 */
615QUIC_NEEDS_LOCK
616static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch)
617{
618 QUIC_XSO *old_xso = NULL;
619
620 qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso);
621
622 if (old_xso != NULL)
623 SSL_free(&old_xso->ssl);
624}
625
db2f98c4
HL		 626QUIC_NEEDS_LOCK
627static void xso_update_options(QUIC_XSO *xso)
628{
629 int cleanse = ((xso->ssl_options & SSL_OP_CLEANSE_PLAINTEXT) != 0);
630
631 if (xso->stream->rstream != NULL)
632 ossl_quic_rstream_set_cleanse(xso->stream->rstream, cleanse);
633
634 if (xso->stream->sstream != NULL)
635 ossl_quic_sstream_set_cleanse(xso->stream->sstream, cleanse);
636}
637
638/*
639 * SSL_set_options
640 * ---------------
641 *
642 * Setting options on a QCSO
643 * - configures the handshake-layer options;
644 * - configures the default data-plane options for new streams;
645 * - configures the data-plane options on the default XSO, if there is one.
646 *
647 * Setting options on a QSSO
648 * - configures data-plane options for that stream only.
649 */
d6e7ebba 650QUIC_TAKES_LOCK
f0d9757c
HL		 651static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_value)
652{
653 QCTX ctx;
db2f98c4 654 uint64_t hs_mask_value, hs_or_value, ret;
f0d9757c 655
d6e7ebba 656 if (!expect_quic(ssl, &ctx))
f0d9757c
HL		 657 return 0;
658
d6e7ebba
HL		 659 quic_lock(ctx.qc);
660
db2f98c4
HL		 661 if (!ctx.is_stream) {
662 /*
663 * If we were called on the connection, we apply any handshake option
664 * changes.
665 */
666 hs_mask_value = (mask_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
667 hs_or_value = (or_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
f0d9757c 668
db2f98c4
HL		 669 SSL_clear_options(ctx.qc->tls, hs_mask_value);
670 SSL_set_options(ctx.qc->tls, hs_or_value);
d6e7ebba 671
db2f98c4
HL		 672 /* Update defaults for new streams. */
673 ctx.qc->default_ssl_options
674 = ((ctx.qc->default_ssl_options & ~mask_value) | or_value)
675 & OSSL_QUIC_PERMITTED_OPTIONS;
676 }
18ca1c8f 677
db2f98c4
HL		 678 if (ctx.xso != NULL) {
679 ctx.xso->ssl_options
680 = ((ctx.xso->ssl_options & ~mask_value) | or_value)
681 & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
682
683 xso_update_options(ctx.xso);
18ca1c8f 684 }
f0d9757c 685
db2f98c4
HL		 686 ret = ctx.is_stream ? ctx.xso->ssl_options : ctx.qc->default_ssl_options;
687
f0d9757c 688 quic_unlock(ctx.qc);
db2f98c4 689 return ret;
f0d9757c
HL		 690}
691
692uint64_t ossl_quic_set_options(SSL *ssl, uint64_t options)
693{
d6e7ebba 694 return quic_mask_or_options(ssl, 0, options);
f0d9757c
HL		 695}
696
697/* SSL_clear_options */
698uint64_t ossl_quic_clear_options(SSL *ssl, uint64_t options)
699{
700 return quic_mask_or_options(ssl, options, 0);
701}
702
703/* SSL_get_options */
704uint64_t ossl_quic_get_options(const SSL *ssl)
705{
706 return quic_mask_or_options((SSL *)ssl, 0, 0);
707}
708
22d53c88
HL		 709/*
710 * QUIC Front-End I/O API: Network BIO Configuration
711 * =================================================
712 *
713 * Handling the different BIOs is difficult:
714 *
715 * - It is more or less a requirement that we use non-blocking network I/O;
716 * we need to be able to have timeouts on recv() calls, and make best effort
717 * (non blocking) send() and recv() calls.
718 *
719 * The only sensible way to do this is to configure the socket into
720 * non-blocking mode. We could try to do select() before calling send() or
721 * recv() to get a guarantee that the call will not block, but this will
722 * probably run into issues with buggy OSes which generate spurious socket
723 * readiness events. In any case, relying on this to work reliably does not
724 * seem sane.
725 *
726 * Timeouts could be handled via setsockopt() socket timeout options, but
727 * this depends on OS support and adds another syscall to every network I/O
728 * operation. It also has obvious thread safety concerns if we want to move
729 * to concurrent use of a single socket at some later date.
730 *
731 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
732 * be made non-blocking. However some OSes (e.g. Windows) do not support
733 * this, so we cannot rely on this.
734 *
735 * As such, we need to configure any FD in non-blocking mode. This may
736 * confound users who pass a blocking socket to libssl. However, in practice
737 * it would be extremely strange for a user of QUIC to pass an FD to us,
738 * then also try and send receive traffic on the same socket(!). Thus the
739 * impact of this should be limited, and can be documented.
740 *
741 * - We support both blocking and non-blocking operation in terms of the API
742 * presented to the user. One prospect is to set the blocking mode based on
743 * whether the socket passed to us was already in blocking mode. However,
744 * Windows has no API for determining if a socket is in blocking mode (!),
745 * therefore this cannot be done portably. Currently therefore we expose an
746 * explicit API call to set this, and default to blocking mode.
747 *
748 * - We need to determine our initial destination UDP address. The "natural"
749 * way for a user to do this is to set the peer variable on a BIO_dgram.
750 * However, this has problems because BIO_dgram's peer variable is used for
751 * both transmission and reception. This means it can be constantly being
752 * changed to a malicious value (e.g. if some random unrelated entity on the
753 * network starts sending traffic to us) on every read call. This is not a
754 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
755 * calls only, which do not use this variable. However, we do need to let
756 * the user specify the peer in a 'normal' manner. The compromise here is
757 * that we grab the current peer value set at the time the write BIO is set
758 * and do not read the value again.
759 *
760 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
761 * Currently we do this by only supporting non-blocking mode.
762 *
763 */
764
765/*
766 * Determines what initial destination UDP address we should use, if possible.
767 * If this fails the client must set the destination address manually, or use a
768 * BIO which does not need a destination address.
769 */
770static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
771{
75b2920a 772 if (BIO_dgram_get_peer(net_wbio, peer) <= 0)
22d53c88
HL		 773 return 0;
774
775 return 1;
776}
777
072328dd 778void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
22d53c88 779{
072328dd
HL		 780 QCTX ctx;
781
782 if (!expect_quic(s, &ctx))
783 return;
784
785 if (ctx.qc->net_rbio == net_rbio)
38b051a1 786 return;
38b051a1 787
23c04709 788 if (!ossl_quic_channel_set_net_rbio(ctx.qc->ch, net_rbio))
22d53c88
HL		 789 return;
790
072328dd
HL		 791 BIO_free(ctx.qc->net_rbio);
792 ctx.qc->net_rbio = net_rbio;
22d53c88
HL		 793
794 /*
795 * If what we have is not pollable (e.g. a BIO_dgram_pair) disable blocking
796 * mode as we do not support it for non-pollable BIOs.
797 */
798 if (net_rbio != NULL) {
799 BIO_POLL_DESCRIPTOR d = {0};
800
801 if (!BIO_get_rpoll_descriptor(net_rbio, &d)
802 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
cb5c208b
HL		 803 ctx.qc->blocking = 0;
804 ctx.qc->default_blocking = 0;
072328dd 805 ctx.qc->can_poll_net_rbio = 0;
22d53c88 806 } else {
072328dd 807 ctx.qc->can_poll_net_rbio = 1;
22d53c88
HL		 808 }
809 }
99e1cc7b
TM		 810}
811
072328dd 812void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
38b051a1 813{
072328dd
HL		 814 QCTX ctx;
815
816 if (!expect_quic(s, &ctx))
22d53c88
HL		 817 return;
818
072328dd 819 if (ctx.qc->net_wbio == net_wbio)
22d53c88
HL		 820 return;
821
23c04709 822 if (!ossl_quic_channel_set_net_wbio(ctx.qc->ch, net_wbio))
072328dd
HL		 823 return;
824
825 BIO_free(ctx.qc->net_wbio);
826 ctx.qc->net_wbio = net_wbio;
22d53c88
HL		 827
828 if (net_wbio != NULL) {
829 BIO_POLL_DESCRIPTOR d = {0};
38b051a1 830
22d53c88
HL		 831 if (!BIO_get_wpoll_descriptor(net_wbio, &d)
832 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
cb5c208b
HL		 833 ctx.qc->blocking = 0;
834 ctx.qc->default_blocking = 0;
072328dd 835 ctx.qc->can_poll_net_wbio = 0;
22d53c88 836 } else {
072328dd 837 ctx.qc->can_poll_net_wbio = 1;
22d53c88 838 }
38b051a1 839
22d53c88
HL		 840 /*
841 * If we do not have a peer address yet, and we have not started trying
842 * to connect yet, try to autodetect one.
843 */
072328dd
HL		 844 if (BIO_ADDR_family(&ctx.qc->init_peer_addr) == AF_UNSPEC
845 && !ctx.qc->started) {
846 if (!csm_analyse_init_peer_addr(net_wbio, &ctx.qc->init_peer_addr))
22d53c88 847 /* best effort */
072328dd 848 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88 849
23c04709
HL		 850 ossl_quic_channel_set_peer_addr(ctx.qc->ch,
851 &ctx.qc->init_peer_addr);
22d53c88 852 }
38b051a1 853 }
22d53c88 854}
38b051a1 855
072328dd 856BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
22d53c88 857{
072328dd
HL		 858 QCTX ctx;
859
860 if (!expect_quic(s, &ctx))
861 return NULL;
862
863 return ctx.qc->net_rbio;
38b051a1
TM		 864}
865
072328dd 866BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
22d53c88 867{
072328dd
HL		 868 QCTX ctx;
869
870 if (!expect_quic(s, &ctx))
871 return NULL;
872
873 return ctx.qc->net_wbio;
22d53c88
HL		 874}
875
072328dd 876int ossl_quic_conn_get_blocking_mode(const SSL *s)
99e1cc7b 877{
072328dd
HL		 878 QCTX ctx;
879
880 if (!expect_quic(s, &ctx))
881 return 0;
882
cb5c208b
HL		 883 if (ctx.is_stream)
884 return ctx.xso->blocking;
885
072328dd 886 return ctx.qc->blocking;
22d53c88
HL		 887}
888
072328dd 889int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
22d53c88 890{
072328dd
HL		 891 QCTX ctx;
892
893 if (!expect_quic(s, &ctx))
894 return 0;
895
22d53c88
HL		 896 /* Cannot enable blocking mode if we do not have pollable FDs. */
897 if (blocking != 0 &&
072328dd 898 (!ctx.qc->can_poll_net_rbio || !ctx.qc->can_poll_net_wbio))
faa3a180 899 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
22d53c88 900
cb5c208b
HL		 901 if (!ctx.is_stream) {
902 /*
903 * If called on a QCSO, update default and connection-level blocking
904 * modes.
905 */
906 ctx.qc->blocking = (blocking != 0);
907 ctx.qc->default_blocking = ctx.qc->blocking;
908 }
909
910 if (ctx.xso != NULL)
911 /*
912 * If called on a QSSO or QCSO with a default XSO, update blocking
913 * mode.
914 */
915 ctx.xso->blocking = (blocking != 0);
916
99e1cc7b
TM		 917 return 1;
918}
919
072328dd 920int ossl_quic_conn_set_initial_peer_addr(SSL *s,
22d53c88 921 const BIO_ADDR *peer_addr)
99e1cc7b 922{
072328dd
HL		 923 QCTX ctx;
924
925 if (!expect_quic(s, &ctx))
926 return 0;
927
928 if (ctx.qc->started)
faa3a180 929 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
22d53c88 930 NULL);
38b051a1 931
22d53c88 932 if (peer_addr == NULL) {
072328dd 933 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
22d53c88
HL		 934 return 1;
935 }
38b051a1 936
072328dd 937 ctx.qc->init_peer_addr = *peer_addr;
99e1cc7b
TM		 938 return 1;
939}
940
22d53c88
HL		 941/*
942 * QUIC Front-End I/O API: Asynchronous I/O Management
943 * ===================================================
944 *
6084e04b
HL		 945 * (BIO/)SSL_handle_events => ossl_quic_handle_events
946 * (BIO/)SSL_get_event_timeout => ossl_quic_get_event_timeout
22d53c88
HL		 947 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
948 *
949 */
950
951/* Returns 1 if the connection is being used in blocking mode. */
cb5c208b 952static int qc_blocking_mode(const QUIC_CONNECTION *qc)
99e1cc7b 953{
22d53c88
HL		 954 return qc->blocking;
955}
38b051a1 956
cb5c208b
HL		 957static int xso_blocking_mode(const QUIC_XSO *xso)
958{
959 return xso->blocking
960 && xso->conn->can_poll_net_rbio
961 && xso->conn->can_poll_net_wbio;
962}
963
b626a0f1 964/* SSL_handle_events; performs QUIC I/O and timeout processing. */
a8489257 965QUIC_TAKES_LOCK
6084e04b 966int ossl_quic_handle_events(SSL *s)
22d53c88 967{
072328dd
HL		 968 QCTX ctx;
969
970 if (!expect_quic(s, &ctx))
971 return 0;
972
973 quic_lock(ctx.qc);
072328dd
HL		 974 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
975 quic_unlock(ctx.qc);
99e1cc7b
TM		 976 return 1;
977}
978
22d53c88 979/*
6084e04b 980 * SSL_get_event_timeout. Get the time in milliseconds until the SSL object
b626a0f1
HL		 981 * should next have events handled by the application by calling
982 * SSL_handle_events(). tv is set to 0 if the object should have events handled
983 * immediately. If no timeout is currently active, *is_infinite is set to 1 and
984 * the value of *tv is undefined.
22d53c88 985 */
a8489257 986QUIC_TAKES_LOCK
7ea49713 987int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite)
99e1cc7b 988{
072328dd 989 QCTX ctx;
a1660c94 990 OSSL_TIME deadline = ossl_time_infinite();
e44795bd 991
072328dd
HL		 992 if (!expect_quic(s, &ctx))
993 return 0;
a8489257 994
072328dd
HL		 995 quic_lock(ctx.qc);
996
23c04709
HL		 997 deadline
998 = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
22d53c88
HL		 999
1000 if (ossl_time_is_infinite(deadline)) {
7ea49713
HL		 1001 *is_infinite = 1;
1002
1003 /*
1004 * Robustness against faulty applications that don't check *is_infinite;
1005 * harmless long timeout.
1006 */
1007 tv->tv_sec = 1000000;
22d53c88 1008 tv->tv_usec = 0;
7ea49713 1009
072328dd 1010 quic_unlock(ctx.qc);
22d53c88
HL		 1011 return 1;
1012 }
1013
e3e9794a 1014 *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, get_time(ctx.qc)));
7ea49713 1015 *is_infinite = 0;
072328dd 1016 quic_unlock(ctx.qc);
22d53c88
HL		 1017 return 1;
1018}
1019
1020/* SSL_get_rpoll_descriptor */
072328dd 1021int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
22d53c88 1022{
072328dd
HL		 1023 QCTX ctx;
1024
1025 if (!expect_quic(s, &ctx))
e44795bd
TM		 1026 return 0;
1027
072328dd
HL		 1028 if (desc == NULL || ctx.qc->net_rbio == NULL)
1029 return 0;
1030
1031 return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
99e1cc7b
TM		 1032}
1033
22d53c88 1034/* SSL_get_wpoll_descriptor */
072328dd 1035int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
99e1cc7b 1036{
072328dd
HL		 1037 QCTX ctx;
1038
1039 if (!expect_quic(s, &ctx))
1040 return 0;
1041
1042 if (desc == NULL || ctx.qc->net_wbio == NULL)
22d53c88
HL		 1043 return 0;
1044
072328dd 1045 return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
99e1cc7b
TM		 1046}
1047
b639475a 1048/* SSL_net_read_desired */
a8489257 1049QUIC_TAKES_LOCK
072328dd 1050int ossl_quic_get_net_read_desired(SSL *s)
99e1cc7b 1051{
072328dd 1052 QCTX ctx;
a8489257
HL		 1053 int ret;
1054
072328dd
HL		 1055 if (!expect_quic(s, &ctx))
1056 return 0;
1057
1058 quic_lock(ctx.qc);
072328dd
HL		 1059 ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
1060 quic_unlock(ctx.qc);
a8489257 1061 return ret;
22d53c88 1062}
e44795bd 1063
b639475a 1064/* SSL_net_write_desired */
a8489257 1065QUIC_TAKES_LOCK
072328dd 1066int ossl_quic_get_net_write_desired(SSL *s)
22d53c88 1067{
a8489257 1068 int ret;
072328dd
HL		 1069 QCTX ctx;
1070
1071 if (!expect_quic(s, &ctx))
1072 return 0;
a8489257 1073
072328dd 1074 quic_lock(ctx.qc);
072328dd
HL		 1075 ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
1076 quic_unlock(ctx.qc);
a8489257 1077 return ret;
99e1cc7b
TM		 1078}
1079
22d53c88
HL		 1080/*
1081 * QUIC Front-End I/O API: Connection Lifecycle Operations
1082 * =======================================================
1083 *
1084 * SSL_do_handshake => ossl_quic_do_handshake
1085 * SSL_set_connect_state => ossl_quic_set_connect_state
1086 * SSL_set_accept_state => ossl_quic_set_accept_state
1087 * SSL_shutdown => ossl_quic_shutdown
1088 * SSL_ctrl => ossl_quic_ctrl
1089 * (BIO/)SSL_connect => ossl_quic_connect
1090 * (BIO/)SSL_accept => ossl_quic_accept
1091 *
1092 */
1093
1094/* SSL_shutdown */
e8043229 1095static int quic_shutdown_wait(void *arg)
99e1cc7b 1096{
e8043229 1097 QUIC_CONNECTION *qc = arg;
22d53c88 1098
23c04709 1099 return ossl_quic_channel_is_terminated(qc->ch);
e8043229 1100}
22d53c88 1101
a8489257 1102QUIC_TAKES_LOCK
072328dd 1103int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
e8043229
HL		 1104 const SSL_SHUTDOWN_EX_ARGS *args,
1105 size_t args_len)
1106{
a8489257 1107 int ret;
072328dd 1108 QCTX ctx;
a8489257 1109
072328dd
HL		 1110 if (!expect_quic(s, &ctx))
1111 return 0;
1112
cb5c208b
HL		 1113 if (ctx.is_stream)
1114 /* TODO(QUIC): Semantics currently undefined for QSSOs */
1115 return -1;
1116
072328dd 1117 quic_lock(ctx.qc);
a8489257 1118
072328dd 1119 ossl_quic_channel_local_close(ctx.qc->ch,
e8043229
HL		 1120 args != NULL ? args->quic_error_code : 0);
1121
1d40b151 1122 /* TODO(QUIC): !SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH */
e8043229 1123
072328dd
HL		 1124 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
1125 quic_unlock(ctx.qc);
e8043229 1126 return 1;
a8489257 1127 }
e8043229 1128
cb5c208b 1129 if (qc_blocking_mode(ctx.qc) && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0)
072328dd 1130 block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
e8043229 1131 else
072328dd 1132 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
e8043229 1133
072328dd
HL		 1134 ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
1135 quic_unlock(ctx.qc);
a8489257 1136 return ret;
99e1cc7b
TM		 1137}
1138
22d53c88 1139/* SSL_ctrl */
e44795bd 1140long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
99e1cc7b 1141{
072328dd 1142 QCTX ctx;
38b051a1 1143
072328dd 1144 if (!expect_quic(s, &ctx))
38b051a1
TM		 1145 return 0;
1146
22d53c88
HL		 1147 switch (cmd) {
1148 case SSL_CTRL_MODE:
cb5c208b
HL		 1149 /* If called on a QCSO, update the default mode. */
1150 if (!ctx.is_stream)
1151 ctx.qc->default_ssl_mode |= (uint32_t)larg;
1152
1153 /*
1154 * If we were called on a QSSO or have a default stream, we also update
1155 * that.
1156 */
1157 if (ctx.xso != NULL) {
1158 /* Cannot enable EPW while AON write in progress. */
1159 if (ctx.xso->aon_write_in_progress)
1160 larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
1161
1162 ctx.xso->ssl_mode |= (uint32_t)larg;
1163 return ctx.xso->ssl_mode;
1164 }
dfc227bd 1165
cb5c208b 1166 return ctx.qc->default_ssl_mode;
22d53c88 1167 case SSL_CTRL_CLEAR_MODE:
cb5c208b
HL		 1168 if (!ctx.is_stream)
1169 ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
1170
1171 if (ctx.xso != NULL) {
1172 ctx.xso->ssl_mode &= ~(uint32_t)larg;
1173 return ctx.xso->ssl_mode;
1174 }
1175
1176 return ctx.qc->default_ssl_mode;
63dfde87
MC		 1177
1178 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
5cf99b40 1179 ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
63dfde87
MC		 1180 /* This ctrl also needs to be passed to the internal SSL object */
1181 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
1182
2f90ea3d
HL		 1183 case DTLS_CTRL_GET_TIMEOUT: /* DTLSv1_get_timeout */
1184 {
1185 int is_infinite;
1186
1187 if (!ossl_quic_get_event_timeout(s, parg, &is_infinite))
1188 return 0;
1189
1190 return !is_infinite;
1191 }
1192 case DTLS_CTRL_HANDLE_TIMEOUT: /* DTLSv1_handle_timeout */
1193 /* For legacy compatibility with DTLS calls. */
1194 return ossl_quic_handle_events(s) == 1 ? 1 : -1;
22d53c88 1195 default:
f8ffab0d 1196 /* Probably a TLS related ctrl. Defer to our internal SSL object */
072328dd 1197 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
08e49012 1198 }
22d53c88
HL		 1199}
1200
1201/* SSL_set_connect_state */
072328dd 1202void ossl_quic_set_connect_state(SSL *s)
22d53c88 1203{
072328dd
HL		 1204 QCTX ctx;
1205
1206 if (!expect_quic(s, &ctx))
1207 return;
1208
22d53c88 1209 /* Cannot be changed after handshake started */
cb5c208b 1210 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 1211 return;
1212
dfb9ae14 1213 ctx.qc->as_server_state = 0;
22d53c88
HL		 1214}
1215
1216/* SSL_set_accept_state */
072328dd 1217void ossl_quic_set_accept_state(SSL *s)
22d53c88 1218{
072328dd
HL		 1219 QCTX ctx;
1220
1221 if (!expect_quic(s, &ctx))
1222 return;
1223
22d53c88 1224 /* Cannot be changed after handshake started */
cb5c208b 1225 if (ctx.qc->started || ctx.is_stream)
22d53c88
HL		 1226 return;
1227
dfb9ae14 1228 ctx.qc->as_server_state = 1;
22d53c88
HL		 1229}
1230
1231/* SSL_do_handshake */
1232struct quic_handshake_wait_args {
1233 QUIC_CONNECTION *qc;
1234};
1235
1236static int quic_handshake_wait(void *arg)
1237{
1238 struct quic_handshake_wait_args *args = arg;
1239
1240 if (!ossl_quic_channel_is_active(args->qc->ch))
1241 return -1;
1242
1243 if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
1244 return 1;
1245
99e1cc7b
TM		 1246 return 0;
1247}
1248
22d53c88 1249static int configure_channel(QUIC_CONNECTION *qc)
99e1cc7b 1250{
22d53c88 1251 assert(qc->ch != NULL);
08e49012 1252
d1ac77b1
HL		 1253 if (!ossl_quic_channel_set_net_rbio(qc->ch, qc->net_rbio)
1254 || !ossl_quic_channel_set_net_wbio(qc->ch, qc->net_wbio)
22d53c88
HL		 1255 || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
1256 return 0;
1257
1258 return 1;
1259}
1260
4847599b 1261QUIC_NEEDS_LOCK
23c04709 1262static int create_channel(QUIC_CONNECTION *qc)
22d53c88
HL		 1263{
1264 QUIC_CHANNEL_ARGS args = {0};
1265
5cf99b40
MC		 1266 args.libctx = qc->ssl.ctx->libctx;
1267 args.propq = qc->ssl.ctx->propq;
1268 args.is_server = qc->as_server;
1269 args.tls = qc->tls;
1270 args.mutex = qc->mutex;
e3e9794a
HL		 1271 args.now_cb = get_time_cb;
1272 args.now_cb_arg = qc;
22d53c88
HL		 1273
1274 qc->ch = ossl_quic_channel_new(&args);
1275 if (qc->ch == NULL)
1276 return 0;
1277
e8043229
HL		 1278 return 1;
1279}
1280
1281/*
1282 * Creates a channel and configures it with the information we have accumulated
1283 * via calls made to us from the application prior to starting a handshake
1284 * attempt.
1285 */
4847599b 1286QUIC_NEEDS_LOCK
23c04709 1287static int ensure_channel_started(QUIC_CONNECTION *qc)
e8043229 1288{
ffce2946 1289 if (!qc->started) {
ffce2946
HL		 1290 if (!configure_channel(qc)
1291 || !ossl_quic_channel_start(qc->ch))
1292 goto err;
f2f7c4f1 1293
629b408c 1294#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
ffce2946
HL		 1295 if (qc->is_thread_assisted)
1296 if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch))
1297 goto err;
629b408c 1298#endif
ffce2946
HL		 1299 }
1300
22d53c88
HL		 1301 qc->started = 1;
1302 return 1;
f2f7c4f1
HL		 1303
1304err:
1305 ossl_quic_channel_free(qc->ch);
1306 qc->ch = NULL;
1307 return 0;
99e1cc7b
TM		 1308}
1309
4a530180 1310QUIC_NEEDS_LOCK
faa3a180 1311static int quic_do_handshake(QCTX *ctx)
99e1cc7b 1312{
22d53c88 1313 int ret;
faa3a180 1314 QUIC_CONNECTION *qc = ctx->qc;
22d53c88 1315
23c04709 1316 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1317 /* Handshake already completed. */
4a530180 1318 return 1;
ca41f6b7 1319
23c04709 1320 if (ossl_quic_channel_is_term_any(qc->ch))
faa3a180 1321 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1322
ca41f6b7 1323 if (BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
22d53c88 1324 /* Peer address must have been set. */
faa3a180 1325 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
4a530180 1326 return -1; /* Non-protocol error */
ca41f6b7 1327 }
22d53c88 1328
dfb9ae14 1329 if (qc->as_server != qc->as_server_state) {
23c04709 1330 /* TODO(QUIC): Must match the method used to create the QCSO */
faa3a180 1331 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
4a530180 1332 return -1; /* Non-protocol error */
ca41f6b7 1333 }
22d53c88 1334
ca41f6b7 1335 if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
22d53c88 1336 /* Need read and write BIOs. */
faa3a180 1337 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BIO_NOT_SET, NULL);
4a530180 1338 return -1; /* Non-protocol error */
ca41f6b7 1339 }
22d53c88
HL		 1340
1341 /*
1342 * Start connection process. Note we may come here multiple times in
1343 * non-blocking mode, which is fine.
1344 */
23c04709 1345 if (!ensure_channel_started(qc)) {
faa3a180 1346 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1347 return -1; /* Non-protocol error */
ca41f6b7 1348 }
22d53c88 1349
4a530180 1350 if (ossl_quic_channel_is_handshake_complete(qc->ch))
22d53c88 1351 /* The handshake is now done. */
4a530180 1352 return 1;
22d53c88 1353
cb5c208b 1354 if (qc_blocking_mode(qc)) {
22d53c88
HL		 1355 /* In blocking mode, wait for the handshake to complete. */
1356 struct quic_handshake_wait_args args;
1357
1358 args.qc = qc;
1359
1360 ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
ca41f6b7 1361 if (!ossl_quic_channel_is_active(qc->ch)) {
faa3a180 1362 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
4a530180 1363 return 0; /* Shutdown before completion */
ca41f6b7 1364 } else if (ret <= 0) {
faa3a180 1365 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
4a530180 1366 return -1; /* Non-protocol error */
ca41f6b7 1367 }
22d53c88
HL		 1368
1369 assert(ossl_quic_channel_is_handshake_complete(qc->ch));
4a530180 1370 return 1;
22d53c88 1371 } else {
ca41f6b7 1372 /* Try to advance the reactor. */
ccd31037 1373 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
ca41f6b7 1374
4a530180 1375 if (ossl_quic_channel_is_handshake_complete(qc->ch))
ca41f6b7 1376 /* The handshake is now done. */
4a530180 1377 return 1;
ca41f6b7 1378
22d53c88 1379 /* Otherwise, indicate that the handshake isn't done yet. */
faa3a180 1380 QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
4a530180 1381 return -1; /* Non-protocol error */
22d53c88 1382 }
4a530180 1383}
a8489257 1384
4a530180 1385QUIC_TAKES_LOCK
072328dd 1386int ossl_quic_do_handshake(SSL *s)
4a530180
HL		 1387{
1388 int ret;
072328dd 1389 QCTX ctx;
4a530180 1390
072328dd
HL		 1391 if (!expect_quic(s, &ctx))
1392 return 0;
1393
1394 quic_lock(ctx.qc);
4a530180 1395
faa3a180 1396 ret = quic_do_handshake(&ctx);
072328dd 1397 quic_unlock(ctx.qc);
a8489257 1398 return ret;
99e1cc7b
TM		 1399}
1400
22d53c88
HL		 1401/* SSL_connect */
1402int ossl_quic_connect(SSL *s)
99e1cc7b 1403{
22d53c88 1404 /* Ensure we are in connect state (no-op if non-idle). */
072328dd 1405 ossl_quic_set_connect_state(s);
22d53c88
HL		 1406
1407 /* Begin or continue the handshake */
072328dd 1408 return ossl_quic_do_handshake(s);
99e1cc7b
TM		 1409}
1410
22d53c88
HL		 1411/* SSL_accept */
1412int ossl_quic_accept(SSL *s)
99e1cc7b 1413{
22d53c88 1414 /* Ensure we are in accept state (no-op if non-idle). */
072328dd 1415 ossl_quic_set_accept_state(s);
22d53c88
HL		 1416
1417 /* Begin or continue the handshake */
072328dd 1418 return ossl_quic_do_handshake(s);
99e1cc7b 1419}
e44795bd 1420
cb5c208b
HL		 1421/*
1422 * QUIC Front-End I/O API: Stream Lifecycle Operations
1423 * ===================================================
1424 *
1425 * SSL_stream_new => ossl_quic_conn_stream_new
1426 *
1427 */
21c80696
HL		 1428
1429/*
1430 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1431 * default XSO was created. Returns 0 if it was not (e.g. because it already
1432 * exists). Note that this is NOT an error condition.
1433 */
1434QUIC_NEEDS_LOCK
faa3a180 1435static int qc_try_create_default_xso_for_write(QCTX *ctx)
21c80696 1436{
8b7be3aa 1437 uint64_t flags = 0;
faa3a180 1438 QUIC_CONNECTION *qc = ctx->qc;
21c80696 1439
8b7be3aa
HL		 1440 if (qc->default_xso_created
1441 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
21c80696
HL		 1442 /*
1443 * We only do this once. If the user detaches a previously created
1444 * default XSO we don't auto-create another one.
1445 */
faa3a180 1446 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
21c80696 1447
8b7be3aa
HL		 1448 /* Create a locally-initiated stream. */
1449 if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1450 flags |= SSL_STREAM_FLAG_UNI;
1451
faa3a180 1452 qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(ctx, flags,
13ac037d 1453 /*needs_lock=*/0),
995ff282 1454 /*touch=*/0);
8b7be3aa 1455 if (qc->default_xso == NULL)
faa3a180 1456 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
8b7be3aa 1457
995ff282 1458 qc_touch_default_xso(qc);
8b7be3aa
HL		 1459 return 1;
1460}
1461
1462struct quic_wait_for_stream_args {
1463 QUIC_CONNECTION *qc;
1464 QUIC_STREAM *qs;
faa3a180 1465 QCTX *ctx;
8b7be3aa
HL		 1466 uint64_t expect_id;
1467};
1468
1469QUIC_NEEDS_LOCK
1470static int quic_wait_for_stream(void *arg)
1471{
1472 struct quic_wait_for_stream_args *args = arg;
1473
1474 if (!ossl_quic_channel_is_active(args->qc->ch)) {
1475 /* If connection is torn down due to an error while blocking, stop. */
faa3a180 1476 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
8b7be3aa
HL		 1477 return -1;
1478 }
1479
1480 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
acc6fde0
HL		 1481 args->expect_id | QUIC_STREAM_DIR_BIDI);
1482 if (args->qs == NULL)
1483 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1484 args->expect_id | QUIC_STREAM_DIR_UNI);
1485
8b7be3aa
HL		 1486 if (args->qs != NULL)
1487 return 1; /* stream now exists */
1488
1489 return 0; /* did not get a stream, keep trying */
1490}
1491
1492QUIC_NEEDS_LOCK
faa3a180 1493static int qc_wait_for_default_xso_for_read(QCTX *ctx)
8b7be3aa
HL		 1494{
1495 /* Called on a QCSO and we don't currently have a default stream. */
1496 uint64_t expect_id;
faa3a180 1497 QUIC_CONNECTION *qc = ctx->qc;
8b7be3aa
HL		 1498 QUIC_STREAM *qs;
1499 int res;
1500 struct quic_wait_for_stream_args wargs;
1501
1502 /*
1503 * If default stream functionality is disabled or we already detached
1504 * one, don't make another default stream and just fail.
1505 */
1506 if (qc->default_xso_created
1507 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
faa3a180 1508 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
8b7be3aa
HL		 1509
1510 /*
1511 * The peer may have opened a stream since we last ticked. So tick and
1512 * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1513 * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1514 * first stream created by a peer must have an ordinal of 0.
1515 */
1516 expect_id = qc->as_server
1517 ? QUIC_STREAM_INITIATOR_CLIENT
1518 : QUIC_STREAM_INITIATOR_SERVER;
1519
8b7be3aa 1520 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
acc6fde0
HL		 1521 expect_id | QUIC_STREAM_DIR_BIDI);
1522 if (qs == NULL)
1523 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1524 expect_id | QUIC_STREAM_DIR_UNI);
1525
8b7be3aa
HL		 1526 if (qs == NULL) {
1527 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1528
1529 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1530 expect_id);
1531 }
1532
1533 if (qs == NULL) {
1534 if (!qc_blocking_mode(qc))
1535 /* Non-blocking mode, so just bail immediately. */
faa3a180 1536 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
8b7be3aa
HL		 1537
1538 /* Block until we have a stream. */
1539 wargs.qc = qc;
1540 wargs.qs = NULL;
faa3a180 1541 wargs.ctx = ctx;
8b7be3aa
HL		 1542 wargs.expect_id = expect_id;
1543
1544 res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
1545 if (res == 0)
faa3a180 1546 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
8b7be3aa
HL		 1547 else if (res < 0 || wargs.qs == NULL)
1548 /* quic_wait_for_stream raised error here */
21c80696 1549 return 0;
8b7be3aa
HL		 1550
1551 qs = wargs.qs;
21c80696
HL		 1552 }
1553
8b7be3aa
HL		 1554 /*
1555 * We now have qs != NULL. Make it the default stream, creating the
1556 * necessary XSO.
1557 */
995ff282 1558 qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0);
8b7be3aa 1559 if (qc->default_xso == NULL)
faa3a180 1560 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
8b7be3aa 1561
995ff282 1562 qc_touch_default_xso(qc); /* inhibits default XSO */
21c80696
HL		 1563 return 1;
1564}
1565
1566QUIC_NEEDS_LOCK
1567static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
1568{
1569 QUIC_XSO *xso = NULL;
1570
1571 if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL)
1572 goto err;
1573
1574 if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO))
1575 goto err;
1576
9cab4bd5
HL		 1577 /* XSO refs QC */
1578 if (!SSL_up_ref(&qc->ssl))
1579 goto err;
1580
21c80696
HL		 1581 xso->conn = qc;
1582 xso->blocking = qc->default_blocking;
1583 xso->ssl_mode = qc->default_ssl_mode;
db2f98c4
HL		 1584 xso->ssl_options
1585 = qc->default_ssl_options & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
faa3a180 1586 xso->last_error = SSL_ERROR_NONE;
21c80696
HL		 1587
1588 xso->stream = qs;
1589
1590 ++qc->num_xso;
db2f98c4 1591 xso_update_options(xso);
21c80696
HL		 1592 return xso;
1593
1594err:
1595 OPENSSL_free(xso);
1596 return NULL;
1597}
1598
13ac037d 1599/* locking depends on need_lock */
faa3a180 1600static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock)
cb5c208b 1601{
faa3a180 1602 QUIC_CONNECTION *qc = ctx->qc;
cb5c208b 1603 QUIC_XSO *xso = NULL;
21c80696 1604 QUIC_STREAM *qs = NULL;
2dbc39de 1605 int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
cb5c208b 1606
13ac037d
HL		 1607 if (need_lock)
1608 quic_lock(qc);
2dbc39de 1609
13ac037d 1610 if (ossl_quic_channel_is_term_any(qc->ch)) {
faa3a180 1611 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2dbc39de
HL		 1612 goto err;
1613 }
1614
13ac037d 1615 qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni);
21c80696 1616 if (qs == NULL)
2dbc39de 1617 goto err;
cb5c208b 1618
13ac037d 1619 xso = create_xso_from_stream(qc, qs);
21c80696 1620 if (xso == NULL)
cb5c208b
HL		 1621 goto err;
1622
13ac037d
HL		 1623 qc_touch_default_xso(qc); /* inhibits default XSO */
1624 if (need_lock)
1625 quic_unlock(qc);
1626
cb5c208b
HL		 1627 return &xso->ssl;
1628
1629err:
1630 OPENSSL_free(xso);
13ac037d
HL		 1631 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs);
1632 if (need_lock)
1633 quic_unlock(qc);
1634
cb5c208b 1635 return NULL;
13ac037d
HL		 1636
1637}
1638
1639QUIC_TAKES_LOCK
1640SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
1641{
1642 QCTX ctx;
1643
1644 if (!expect_quic_conn_only(s, &ctx))
1645 return NULL;
1646
faa3a180 1647 return quic_conn_stream_new(&ctx, flags, /*need_lock=*/1);
cb5c208b
HL		 1648}
1649
22d53c88
HL		 1650/*
1651 * QUIC Front-End I/O API: Steady-State Operations
1652 * ===============================================
1653 *
1654 * Here we dispatch calls to the steady-state front-end I/O API functions; that
1655 * is, the functions used during the established phase of a QUIC connection
1656 * (e.g. SSL_read, SSL_write).
1657 *
1658 * Each function must handle both blocking and non-blocking modes. As discussed
1659 * above, all QUIC I/O is implemented using non-blocking mode internally.
1660 *
1661 * SSL_get_error => partially implemented by ossl_quic_get_error
1662 * (BIO/)SSL_read => ossl_quic_read
1663 * (BIO/)SSL_write => ossl_quic_write
1664 * SSL_pending => ossl_quic_pending
a9979965 1665 * SSL_stream_conclude => ossl_quic_conn_stream_conclude
2525109f 1666 * SSL_key_update => ossl_quic_key_update
22d53c88
HL		 1667 */
1668
1669/* SSL_get_error */
072328dd 1670int ossl_quic_get_error(const SSL *s, int i)
e44795bd 1671{
072328dd 1672 QCTX ctx;
5c3474ea 1673 int net_error, last_error;
072328dd
HL		 1674
1675 if (!expect_quic(s, &ctx))
1676 return 0;
1677
5c3474ea
TM		 1678 quic_lock(ctx.qc);
1679 net_error = ossl_quic_channel_net_error(ctx.qc->ch);
1680 last_error = ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error;
1681 quic_unlock(ctx.qc);
1682
1683 if (net_error)
1684 return SSL_ERROR_SYSCALL;
1685
1686 return last_error;
e44795bd
TM		 1687}
1688
22d53c88
HL		 1689/*
1690 * SSL_write
1691 * ---------
1692 *
1693 * The set of functions below provide the implementation of the public SSL_write
1694 * function. We must handle:
1695 *
1696 * - both blocking and non-blocking operation at the application level,
1697 * depending on how we are configured;
1698 *
1699 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
1700 *
1701 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1702 *
1703 */
4847599b 1704QUIC_NEEDS_LOCK
cb5c208b 1705static void quic_post_write(QUIC_XSO *xso, int did_append, int do_tick)
22d53c88
HL		 1706{
1707 /*
1708 * We have appended at least one byte to the stream.
1709 * Potentially mark stream as active, depending on FC.
1710 */
1711 if (did_append)
cb5c208b
HL		 1712 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
1713 xso->stream);
22d53c88
HL		 1714
1715 /*
1716 * Try and send.
1717 *
1718 * TODO(QUIC): It is probably inefficient to try and do this immediately,
1719 * plus we should eventually consider Nagle's algorithm.
1720 */
1721 if (do_tick)
cb5c208b 1722 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
22d53c88
HL		 1723}
1724
1725struct quic_write_again_args {
cb5c208b 1726 QUIC_XSO *xso;
22d53c88
HL		 1727 const unsigned char *buf;
1728 size_t len;
1729 size_t total_written;
abfe3d51 1730 int err;
22d53c88
HL		 1731};
1732
4847599b 1733QUIC_NEEDS_LOCK
22d53c88
HL		 1734static int quic_write_again(void *arg)
1735{
1736 struct quic_write_again_args *args = arg;
1737 size_t actual_written = 0;
1738
cb5c208b 1739 if (!ossl_quic_channel_is_active(args->xso->conn->ch))
22d53c88
HL		 1740 /* If connection is torn down due to an error while blocking, stop. */
1741 return -2;
1742
abfe3d51
HL		 1743 if (!quic_validate_for_write(args->xso, &args->err))
1744 /*
1745 * Stream may have become invalid for write due to connection events
1746 * while we blocked.
1747 */
1748 return -2;
1749
1750 args->err = ERR_R_INTERNAL_ERROR;
cb5c208b 1751 if (!ossl_quic_sstream_append(args->xso->stream->sstream,
22d53c88
HL		 1752 args->buf, args->len, &actual_written))
1753 return -2;
1754
cb5c208b 1755 quic_post_write(args->xso, actual_written > 0, 0);
22d53c88
HL		 1756
1757 args->buf += actual_written;
1758 args->len -= actual_written;
1759 args->total_written += actual_written;
1760
3f0c310b 1761 if (args->len == 0)
22d53c88
HL		 1762 /* Written everything, done. */
1763 return 1;
1764
1765 /* Not written everything yet, keep trying. */
1766 return 0;
1767}
1768
4847599b 1769QUIC_NEEDS_LOCK
faa3a180 1770static int quic_write_blocking(QCTX *ctx, const void *buf, size_t len,
22d53c88 1771 size_t *written)
e44795bd 1772{
22d53c88 1773 int res;
faa3a180 1774 QUIC_XSO *xso = ctx->xso;
22d53c88
HL		 1775 struct quic_write_again_args args;
1776 size_t actual_written = 0;
1777
1778 /* First make a best effort to append as much of the data as possible. */
cb5c208b 1779 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len,
22d53c88
HL		 1780 &actual_written)) {
1781 /* Stream already finished or allocation error. */
1782 *written = 0;
faa3a180 1783 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1784 }
1785
cb5c208b 1786 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 1787
1788 if (actual_written == len) {
1789 /* Managed to append everything on the first try. */
1790 *written = actual_written;
1791 return 1;
1792 }
1793
1794 /*
1795 * We did not manage to append all of the data immediately, so the stream
1796 * buffer has probably filled up. This means we need to block until some of
1797 * it is freed up.
1798 */
cb5c208b 1799 args.xso = xso;
22d53c88
HL		 1800 args.buf = (const unsigned char *)buf + actual_written;
1801 args.len = len - actual_written;
1802 args.total_written = 0;
abfe3d51 1803 args.err = ERR_R_INTERNAL_ERROR;
22d53c88 1804
cb5c208b 1805 res = block_until_pred(xso->conn, quic_write_again, &args, 0);
22d53c88 1806 if (res <= 0) {
cb5c208b 1807 if (!ossl_quic_channel_is_active(xso->conn->ch))
faa3a180 1808 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
22d53c88 1809 else
abfe3d51 1810 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, args.err, NULL);
22d53c88
HL		 1811 }
1812
1813 *written = args.total_written;
e44795bd
TM		 1814 return 1;
1815}
1816
ca41f6b7
HL		 1817/*
1818 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
1819 * write semantics.
1820 */
cb5c208b 1821static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
22d53c88
HL		 1822 size_t buf_len, size_t already_sent)
1823{
cb5c208b 1824 assert(!xso->aon_write_in_progress);
22d53c88 1825
cb5c208b
HL		 1826 xso->aon_write_in_progress = 1;
1827 xso->aon_buf_base = buf;
1828 xso->aon_buf_pos = already_sent;
1829 xso->aon_buf_len = buf_len;
22d53c88
HL		 1830}
1831
cb5c208b 1832static void aon_write_finish(QUIC_XSO *xso)
22d53c88 1833{
cb5c208b
HL		 1834 xso->aon_write_in_progress = 0;
1835 xso->aon_buf_base = NULL;
1836 xso->aon_buf_pos = 0;
1837 xso->aon_buf_len = 0;
22d53c88
HL		 1838}
1839
4847599b 1840QUIC_NEEDS_LOCK
faa3a180 1841static int quic_write_nonblocking_aon(QCTX *ctx, const void *buf,
22d53c88 1842 size_t len, size_t *written)
e44795bd 1843{
faa3a180 1844 QUIC_XSO *xso = ctx->xso;
22d53c88
HL		 1845 const void *actual_buf;
1846 size_t actual_len, actual_written = 0;
1847 int accept_moving_buffer
cb5c208b 1848 = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
22d53c88 1849
cb5c208b 1850 if (xso->aon_write_in_progress) {
22d53c88
HL		 1851 /*
1852 * We are in the middle of an AON write (i.e., a previous write did not
75b2920a
HL		 1853 * manage to append all data to the SSTREAM and we have Enable Partial
1854 * Write (EPW) mode disabled.)
22d53c88 1855 */
cb5c208b
HL		 1856 if ((!accept_moving_buffer && xso->aon_buf_base != buf)
1857 || len != xso->aon_buf_len)
22d53c88
HL		 1858 /*
1859 * Pointer must not have changed if we are not in accept moving
1860 * buffer mode. Length must never change.
1861 */
faa3a180 1862 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BAD_WRITE_RETRY, NULL);
22d53c88 1863
cb5c208b
HL		 1864 actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
1865 actual_len = len - xso->aon_buf_pos;
22d53c88
HL		 1866 assert(actual_len > 0);
1867 } else {
1868 actual_buf = buf;
1869 actual_len = len;
1870 }
1871
1872 /* First make a best effort to append as much of the data as possible. */
cb5c208b 1873 if (!ossl_quic_sstream_append(xso->stream->sstream, actual_buf, actual_len,
22d53c88
HL		 1874 &actual_written)) {
1875 /* Stream already finished or allocation error. */
1876 *written = 0;
faa3a180 1877 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1878 }
1879
cb5c208b 1880 quic_post_write(xso, actual_written > 0, 1);
22d53c88
HL		 1881
1882 if (actual_written == actual_len) {
1883 /* We have sent everything. */
cb5c208b 1884 if (xso->aon_write_in_progress) {
22d53c88
HL		 1885 /*
1886 * We have sent everything, and we were in the middle of an AON
1887 * write. The output write length is the total length of the AON
1888 * buffer, not however many bytes we managed to write to the stream
1889 * in this call.
1890 */
cb5c208b
HL		 1891 *written = xso->aon_buf_len;
1892 aon_write_finish(xso);
22d53c88
HL		 1893 } else {
1894 *written = actual_written;
1895 }
1896
1897 return 1;
1898 }
1899
cb5c208b 1900 if (xso->aon_write_in_progress) {
22d53c88
HL		 1901 /*
1902 * AON write is in progress but we have not written everything yet. We
1903 * may have managed to send zero bytes, or some number of bytes less
1904 * than the total remaining which need to be appended during this
1905 * AON operation.
1906 */
cb5c208b
HL		 1907 xso->aon_buf_pos += actual_written;
1908 assert(xso->aon_buf_pos < xso->aon_buf_len);
faa3a180 1909 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
22d53c88
HL		 1910 }
1911
08e49012 1912 /*
22d53c88
HL		 1913 * Not in an existing AON operation but partial write is not enabled, so we
1914 * need to begin a new AON operation. However we needn't bother if we didn't
1915 * actually append anything.
08e49012 1916 */
22d53c88 1917 if (actual_written > 0)
cb5c208b 1918 aon_write_begin(xso, buf, len, actual_written);
e44795bd 1919
22d53c88
HL		 1920 /*
1921 * AON - We do not publicly admit to having appended anything until AON
1922 * completes.
1923 */
1924 *written = 0;
faa3a180 1925 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
e44795bd
TM		 1926}
1927
4847599b 1928QUIC_NEEDS_LOCK
faa3a180 1929static int quic_write_nonblocking_epw(QCTX *ctx, const void *buf, size_t len,
22d53c88 1930 size_t *written)
e44795bd 1931{
faa3a180
HL		 1932 QUIC_XSO *xso = ctx->xso;
1933
22d53c88 1934 /* Simple best effort operation. */
cb5c208b 1935 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len, written)) {
22d53c88
HL		 1936 /* Stream already finished or allocation error. */
1937 *written = 0;
faa3a180 1938 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 1939 }
1940
cb5c208b 1941 quic_post_write(xso, *written > 0, 1);
e44795bd
TM		 1942 return 1;
1943}
d5ab48a1 1944
abfe3d51
HL		 1945QUIC_NEEDS_LOCK
1946static int quic_validate_for_write(QUIC_XSO *xso, int *err)
1947{
1948 QUIC_STREAM_MAP *qsm;
1949
1950 if (xso == NULL || xso->stream == NULL) {
1951 *err = ERR_R_INTERNAL_ERROR;
1952 return 0;
1953 }
1954
1955 switch (xso->stream->send_state) {
1956 default:
1957 case QUIC_SSTREAM_STATE_NONE:
1958 *err = SSL_R_STREAM_RECV_ONLY;
1959 return 0;
1960
1961 case QUIC_SSTREAM_STATE_READY:
1962 qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
1963
1964 if (!ossl_quic_stream_map_ensure_send_part_id(qsm, xso->stream)) {
1965 *err = ERR_R_INTERNAL_ERROR;
1966 return 0;
1967 }
1968
1969 /* FALLTHROUGH */
1970 case QUIC_SSTREAM_STATE_SEND:
1971 case QUIC_SSTREAM_STATE_DATA_SENT:
1972 case QUIC_SSTREAM_STATE_DATA_RECVD:
1973 if (ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL)) {
1974 *err = SSL_R_STREAM_FINISHED;
1975 return 0;
1976 }
1977
1978 return 1;
1979
1980 case QUIC_SSTREAM_STATE_RESET_SENT:
1981 case QUIC_SSTREAM_STATE_RESET_RECVD:
1982 *err = SSL_R_STREAM_RESET;
1983 return 0;
1984 }
1985}
1986
a8489257 1987QUIC_TAKES_LOCK
22d53c88 1988int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
d5ab48a1 1989{
a8489257 1990 int ret;
072328dd 1991 QCTX ctx;
abfe3d51 1992 int partial_write, err;
22d53c88
HL		 1993
1994 *written = 0;
1995
8b7be3aa
HL		 1996 if (len == 0)
1997 return 1;
22d53c88 1998
8b7be3aa
HL		 1999 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
2000 return 0;
a8489257 2001
cb5c208b 2002 partial_write = ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0);
072328dd 2003
23c04709 2004 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
faa3a180 2005 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 2006 goto out;
2007 }
22d53c88 2008
ca41f6b7
HL		 2009 /*
2010 * If we haven't finished the handshake, try to advance it.
2011 * We don't accept writes until the handshake is completed.
2012 */
faa3a180 2013 if (quic_do_handshake(&ctx) < 1) {
a8489257
HL		 2014 ret = 0;
2015 goto out;
2016 }
ca41f6b7 2017
abfe3d51
HL		 2018 /* Ensure correct stream state, stream send part not concluded, etc. */
2019 if (!quic_validate_for_write(ctx.xso, &err)) {
2020 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
a8489257
HL		 2021 goto out;
2022 }
22d53c88 2023
cb5c208b 2024 if (xso_blocking_mode(ctx.xso))
faa3a180 2025 ret = quic_write_blocking(&ctx, buf, len, written);
22d53c88 2026 else if (partial_write)
faa3a180 2027 ret = quic_write_nonblocking_epw(&ctx, buf, len, written);
22d53c88 2028 else
faa3a180 2029 ret = quic_write_nonblocking_aon(&ctx, buf, len, written);
a8489257
HL		 2030
2031out:
072328dd 2032 quic_unlock(ctx.qc);
a8489257 2033 return ret;
d5ab48a1
RL		 2034}
2035
2036/*
22d53c88
HL		 2037 * SSL_read
2038 * --------
d5ab48a1 2039 */
22d53c88 2040struct quic_read_again_args {
faa3a180 2041 QCTX *ctx;
22d53c88
HL		 2042 QUIC_STREAM *stream;
2043 void *buf;
2044 size_t len;
2045 size_t *bytes_read;
2046 int peek;
2047};
2048
e0bd2825
HL		 2049QUIC_NEEDS_LOCK
2050static int quic_validate_for_read(QUIC_XSO *xso, int *err, int *eos)
2051{
2052 *eos = 0;
2053
2054 if (xso == NULL || xso->stream == NULL) {
2055 *err = ERR_R_INTERNAL_ERROR;
2056 return 0;
2057 }
2058
2059 switch (xso->stream->recv_state) {
2060 default:
2061 case QUIC_RSTREAM_STATE_NONE:
2062 *err = SSL_R_STREAM_SEND_ONLY;
2063 return 0;
2064
2065 case QUIC_RSTREAM_STATE_RECV:
2066 case QUIC_RSTREAM_STATE_SIZE_KNOWN:
2067 case QUIC_RSTREAM_STATE_DATA_RECVD:
2068 return 1;
2069
2070 case QUIC_RSTREAM_STATE_DATA_READ:
2071 *eos = 1;
2072 return 0;
2073
2074 case QUIC_RSTREAM_STATE_RESET_RECVD:
2075 case QUIC_RSTREAM_STATE_RESET_READ:
2076 *err = SSL_R_STREAM_RESET;
2077 return 0;
2078 }
2079}
2080
4847599b 2081QUIC_NEEDS_LOCK
faa3a180 2082static int quic_read_actual(QCTX *ctx,
22d53c88
HL		 2083 QUIC_STREAM *stream,
2084 void *buf, size_t buf_len,
2085 size_t *bytes_read,
2086 int peek)
d5ab48a1 2087{
e0bd2825 2088 int is_fin = 0, err, eos;
faa3a180 2089 QUIC_CONNECTION *qc = ctx->qc;
22d53c88 2090
e0bd2825
HL		 2091 if (!quic_validate_for_read(ctx->xso, &err, &eos)) {
2092 if (eos)
2093 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
2094 else
2095 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, err, NULL);
2096 }
2097
a9979965
HL		 2098 /* If the receive part of the stream is over, issue EOF. */
2099 if (stream->recv_fin_retired)
e0bd2825 2100 /* XXX TODO REMOVE */
faa3a180 2101 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
a9979965 2102
22d53c88
HL		 2103 if (peek) {
2104 if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
2105 bytes_read, &is_fin))
faa3a180 2106 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2107
2108 } else {
2109 if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
2110 bytes_read, &is_fin))
faa3a180 2111 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2112 }
2113
2114 if (!peek) {
2115 if (*bytes_read > 0) {
2116 /*
2117 * We have read at least one byte from the stream. Inform stream-level
2118 * RXFC of the retirement of controlled bytes. Update the active stream
2119 * status (the RXFC may now want to emit a frame granting more credit to
2120 * the peer).
2121 */
2122 OSSL_RTT_INFO rtt_info;
d50e750e 2123
22d53c88
HL		 2124 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
2125
cb5c208b 2126 if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
22d53c88 2127 rtt_info.smoothed_rtt))
faa3a180 2128 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
22d53c88
HL		 2129 }
2130
2131 if (is_fin)
2132 stream->recv_fin_retired = 1;
2133
2134 if (*bytes_read > 0)
2135 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
cb5c208b 2136 stream);
22d53c88
HL		 2137 }
2138
d5ab48a1
RL		 2139 return 1;
2140}
2141
4847599b 2142QUIC_NEEDS_LOCK
22d53c88 2143static int quic_read_again(void *arg)
d5ab48a1 2144{
22d53c88
HL		 2145 struct quic_read_again_args *args = arg;
2146
faa3a180 2147 if (!ossl_quic_channel_is_active(args->ctx->qc->ch)) {
22d53c88 2148 /* If connection is torn down due to an error while blocking, stop. */
faa3a180 2149 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
ca41f6b7 2150 return -1;
a9979965 2151 }
22d53c88 2152
faa3a180 2153 if (!quic_read_actual(args->ctx, args->stream,
22d53c88
HL		 2154 args->buf, args->len, args->bytes_read,
2155 args->peek))
2156 return -1;
2157
2158 if (*args->bytes_read > 0)
2159 /* got at least one byte, the SSL_read op can finish now */
2160 return 1;
2161
81b6b43c 2162 return 0; /* did not read anything, keep trying */
d5ab48a1
RL		 2163}
2164
a8489257 2165QUIC_TAKES_LOCK
22d53c88 2166static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
d5ab48a1 2167{
a8489257 2168 int ret, res;
072328dd 2169 QCTX ctx;
22d53c88
HL		 2170 struct quic_read_again_args args;
2171
2172 *bytes_read = 0;
2173
8b7be3aa 2174 if (!expect_quic(s, &ctx))
22d53c88
HL		 2175 return 0;
2176
072328dd 2177 quic_lock(ctx.qc);
a8489257 2178
23c04709 2179 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
faa3a180 2180 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
a8489257
HL		 2181 goto out;
2182 }
22d53c88 2183
a9979965 2184 /* If we haven't finished the handshake, try to advance it. */
faa3a180 2185 if (quic_do_handshake(&ctx) < 1) {
a8489257
HL		 2186 ret = 0; /* ossl_quic_do_handshake raised error here */
2187 goto out;
2188 }
22d53c88 2189
8b7be3aa
HL		 2190 if (ctx.xso == NULL) {
2191 /*
2192 * Called on a QCSO and we don't currently have a default stream.
2193 *
2194 * Wait until we get a stream initiated by the peer (blocking mode) or
2195 * fail if we don't have one yet (non-blocking mode).
2196 */
faa3a180 2197 if (!qc_wait_for_default_xso_for_read(&ctx)) {
8b7be3aa
HL		 2198 ret = 0; /* error already raised here */
2199 goto out;
2200 }
2201
2202 ctx.xso = ctx.qc->default_xso;
2203 }
2204
faa3a180 2205 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
a8489257
HL		 2206 ret = 0; /* quic_read_actual raised error here */
2207 goto out;
2208 }
22d53c88
HL		 2209
2210 if (*bytes_read > 0) {
2211 /*
2212 * Even though we succeeded, tick the reactor here to ensure we are
2213 * handling other aspects of the QUIC connection.
2214 */
072328dd 2215 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
a8489257 2216 ret = 1;
cb5c208b 2217 } else if (xso_blocking_mode(ctx.xso)) {
22d53c88
HL		 2218 /*
2219 * We were not able to read anything immediately, so our stream
2220 * buffer is empty. This means we need to block until we get
2221 * at least one byte.
2222 */
faa3a180 2223 args.ctx = &ctx;
cb5c208b 2224 args.stream = ctx.xso->stream;
22d53c88
HL		 2225 args.buf = buf;
2226 args.len = len;
2227 args.bytes_read = bytes_read;
2228 args.peek = peek;
2229
072328dd 2230 res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
a8489257 2231 if (res == 0) {
faa3a180 2232 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
a8489257
HL		 2233 goto out;
2234 } else if (res < 0) {
2235 ret = 0; /* quic_read_again raised error here */
2236 goto out;
2237 }
22d53c88 2238
a8489257 2239 ret = 1;
af8b52cf 2240 } else {
780b2527
HL		 2241 /*
2242 * We did not get any bytes and are not in blocking mode.
2243 * Tick to see if this delivers any more.
2244 */
2245 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
2246
2247 /* Try the read again. */
2248 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
2249 ret = 0; /* quic_read_actual raised error here */
2250 goto out;
2251 }
2252
2253 if (*bytes_read > 0)
2254 ret = 1; /* Succeeded this time. */
2255 else
2256 ret = QUIC_RAISE_NORMAL_ERROR(&ctx, SSL_ERROR_WANT_READ);
af8b52cf 2257 }
a8489257
HL		 2258
2259out:
072328dd 2260 quic_unlock(ctx.qc);
a8489257 2261 return ret;
d5ab48a1
RL		 2262}
2263
22d53c88
HL		 2264int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
2265{
2266 return quic_read(s, buf, len, bytes_read, 0);
2267}
2268
2269int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
2270{
2271 return quic_read(s, buf, len, bytes_read, 1);
2272}
2273
2274/*
2275 * SSL_pending
2276 * -----------
2277 */
9280d26a 2278
a8489257 2279QUIC_TAKES_LOCK
d6e7ebba 2280static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
22d53c88 2281{
072328dd 2282 QCTX ctx;
433d107a 2283 size_t avail = 0;
22d53c88
HL		 2284 int fin = 0;
2285
8b7be3aa 2286 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
22d53c88
HL		 2287 return 0;
2288
2f018d14
HL		 2289 if (ctx.xso->stream == NULL
2290 || !ossl_quic_stream_has_recv_buffer(ctx.xso->stream))
22d53c88 2291 /* Cannot raise errors here because we are const, just fail. */
a8489257 2292 goto out;
22d53c88 2293
cb5c208b 2294 if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin))
a8489257 2295 avail = 0;
22d53c88 2296
d6e7ebba
HL		 2297 if (avail == 0 && check_channel && ossl_quic_channel_has_pending(ctx.qc->ch))
2298 avail = 1;
2299
a8489257 2300out:
072328dd 2301 quic_unlock(ctx.qc);
22d53c88
HL		 2302 return avail;
2303}
2304
560470b5
MC		 2305size_t ossl_quic_pending(const SSL *s)
2306{
d6e7ebba 2307 return ossl_quic_pending_int(s, /*check_channel=*/0);
560470b5
MC		 2308}
2309
072328dd 2310int ossl_quic_has_pending(const SSL *s)
560470b5 2311{
9280d26a 2312 /* Do we have app-side pending data or pending URXEs or RXEs? */
d6e7ebba 2313 return ossl_quic_pending_int(s, /*check_channel=*/1) > 0;
560470b5
MC		 2314}
2315
a9979965
HL		 2316/*
2317 * SSL_stream_conclude
2318 * -------------------
2319 */
a8489257 2320QUIC_TAKES_LOCK
072328dd 2321int ossl_quic_conn_stream_conclude(SSL *s)
a9979965 2322{
072328dd
HL		 2323 QCTX ctx;
2324 QUIC_STREAM *qs;
abfe3d51 2325 int err;
072328dd 2326
8b7be3aa 2327 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
072328dd
HL		 2328 return 0;
2329
cb5c208b 2330 qs = ctx.xso->stream;
a9979965 2331
abfe3d51 2332 if (!ossl_quic_channel_is_active(ctx.qc->ch)) {
072328dd 2333 quic_unlock(ctx.qc);
abfe3d51
HL		 2334 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2335 }
2336
2337 if (!quic_validate_for_write(ctx.xso, &err)) {
2338 quic_unlock(ctx.qc);
2339 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
a8489257
HL		 2340 }
2341
2f018d14 2342 if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
072328dd 2343 quic_unlock(ctx.qc);
a9979965 2344 return 1;
a8489257 2345 }
a9979965
HL		 2346
2347 ossl_quic_sstream_fin(qs->sstream);
cb5c208b 2348 quic_post_write(ctx.xso, 1, 1);
072328dd 2349 quic_unlock(ctx.qc);
a9979965
HL		 2350 return 1;
2351}
2352
553a4e00
HL		 2353/*
2354 * SSL_inject_net_dgram
2355 * --------------------
2356 */
5129e594 2357QUIC_TAKES_LOCK
553a4e00
HL		 2358int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
2359 size_t buf_len,
2360 const BIO_ADDR *peer,
2361 const BIO_ADDR *local)
2362{
5129e594 2363 int ret;
072328dd 2364 QCTX ctx;
553a4e00
HL		 2365 QUIC_DEMUX *demux;
2366
072328dd 2367 if (!expect_quic(s, &ctx))
553a4e00
HL		 2368 return 0;
2369
072328dd 2370 quic_lock(ctx.qc);
5129e594 2371
072328dd 2372 demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
5129e594
HL		 2373 ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
2374
072328dd 2375 quic_unlock(ctx.qc);
5129e594 2376 return ret;
553a4e00
HL		 2377}
2378
020d0389
HL		 2379/*
2380 * SSL_get0_connection
2381 * -------------------
2382 */
2383SSL *ossl_quic_get0_connection(SSL *s)
2384{
2385 QCTX ctx;
2386
2387 if (!expect_quic(s, &ctx))
2388 return NULL;
2389
2390 return &ctx.qc->ssl;
2391}
2392
1bca3f1b
HL		 2393/*
2394 * SSL_get_stream_type
2395 * -------------------
2396 */
2397int ossl_quic_get_stream_type(SSL *s)
2398{
2399 QCTX ctx;
2400
2401 if (!expect_quic(s, &ctx))
59c5c016 2402 return SSL_STREAM_TYPE_BIDI;
1bca3f1b
HL		 2403
2404 if (ctx.xso == NULL) {
2405 /*
59c5c016
HL		 2406 * If deferred XSO creation has yet to occur, proceed according to the
2407 * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
2408 * what kind of stream will be created yet, so return BIDI on the basis
2409 * that at this time, the client still has the option of calling
2410 * SSL_read() or SSL_write() first.
1bca3f1b 2411 */
59c5c016
HL		 2412 if (ctx.qc->default_xso_created
2413 || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1bca3f1b 2414 return SSL_STREAM_TYPE_NONE;
59c5c016
HL		 2415 else
2416 return SSL_STREAM_TYPE_BIDI;
1bca3f1b
HL		 2417 }
2418
2419 if (ossl_quic_stream_is_bidi(ctx.xso->stream))
2420 return SSL_STREAM_TYPE_BIDI;
2421
2422 if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
2423 return SSL_STREAM_TYPE_READ;
2424 else
2425 return SSL_STREAM_TYPE_WRITE;
2426}
2427
19cb0887
HL		 2428/*
2429 * SSL_get_stream_id
2430 * -----------------
2431 */
cb68ce9f 2432QUIC_TAKES_LOCK
19cb0887
HL		 2433uint64_t ossl_quic_get_stream_id(SSL *s)
2434{
2435 QCTX ctx;
8b7be3aa 2436 uint64_t id;
19cb0887 2437
8b7be3aa 2438 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
19cb0887
HL		 2439 return UINT64_MAX;
2440
8b7be3aa
HL		 2441 id = ctx.xso->stream->id;
2442 quic_unlock(ctx.qc);
2443
2444 return id;
2445}
2446
2447/*
2448 * SSL_set_default_stream_mode
2449 * ---------------------------
2450 */
cb68ce9f 2451QUIC_TAKES_LOCK
8b7be3aa
HL		 2452int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
2453{
2454 QCTX ctx;
2455
2456 if (!expect_quic_conn_only(s, &ctx))
2457 return 0;
2458
2459 quic_lock(ctx.qc);
2460
2461 if (ctx.qc->default_xso_created)
faa3a180 2462 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
8b7be3aa
HL		 2463 "too late to change default stream mode");
2464
2465 switch (mode) {
2466 case SSL_DEFAULT_STREAM_MODE_NONE:
2467 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
2468 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
2469 ctx.qc->default_stream_mode = mode;
2470 break;
2471 default:
2472 quic_unlock(ctx.qc);
faa3a180 2473 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
8b7be3aa
HL		 2474 "bad default stream type");
2475 }
2476
2477 quic_unlock(ctx.qc);
2478 return 1;
2479}
2480
2481/*
2482 * SSL_detach_stream
2483 * -----------------
2484 */
cb68ce9f 2485QUIC_TAKES_LOCK
8b7be3aa
HL		 2486SSL *ossl_quic_detach_stream(SSL *s)
2487{
2488 QCTX ctx;
9cab4bd5 2489 QUIC_XSO *xso = NULL;
8b7be3aa
HL		 2490
2491 if (!expect_quic_conn_only(s, &ctx))
2492 return NULL;
2493
2494 quic_lock(ctx.qc);
2495
8b7be3aa 2496 /* Calling this function inhibits default XSO autocreation. */
9cab4bd5
HL		 2497 /* QC ref to any default XSO is transferred to us and to caller. */
2498 qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso);
8b7be3aa
HL		 2499
2500 quic_unlock(ctx.qc);
2501
9cab4bd5 2502 return xso != NULL ? &xso->ssl : NULL;
8b7be3aa
HL		 2503}
2504
2505/*
2506 * SSL_attach_stream
2507 * -----------------
2508 */
cb68ce9f 2509QUIC_TAKES_LOCK
8b7be3aa
HL		 2510int ossl_quic_attach_stream(SSL *conn, SSL *stream)
2511{
2512 QCTX ctx;
9cab4bd5
HL		 2513 QUIC_XSO *xso;
2514 int nref;
8b7be3aa
HL		 2515
2516 if (!expect_quic_conn_only(conn, &ctx))
2517 return 0;
2518
2519 if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
faa3a180 2520 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_NULL_PARAMETER,
8b7be3aa
HL		 2521 "stream to attach must be a valid QUIC stream");
2522
9cab4bd5
HL		 2523 xso = (QUIC_XSO *)stream;
2524
8b7be3aa
HL		 2525 quic_lock(ctx.qc);
2526
2527 if (ctx.qc->default_xso != NULL) {
2528 quic_unlock(ctx.qc);
faa3a180 2529 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
8b7be3aa
HL		 2530 "connection already has a default stream");
2531 }
2532
9cab4bd5
HL		 2533 /*
2534 * It is a caller error for the XSO being attached as a default XSO to have
2535 * more than one ref.
2536 */
4eecc6aa 2537 if (!CRYPTO_GET_REF(&xso->ssl.references, &nref)) {
9cab4bd5 2538 quic_unlock(ctx.qc);
faa3a180 2539 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR,
9cab4bd5
HL		 2540 "ref");
2541 }
2542
2543 if (nref != 1) {
2544 quic_unlock(ctx.qc);
faa3a180 2545 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
9cab4bd5
HL		 2546 "stream being attached must have "
2547 "only 1 reference");
2548 }
2549
2550 /* Caller's reference to the XSO is transferred to us. */
8b7be3aa 2551 /* Calling this function inhibits default XSO autocreation. */
9cab4bd5 2552 qc_set_default_xso(ctx.qc, xso, /*touch=*/1);
8b7be3aa
HL		 2553
2554 quic_unlock(ctx.qc);
2555 return 1;
19cb0887
HL		 2556}
2557
8a90df34 2558/*
83df44ae
HL		 2559 * SSL_set_incoming_stream_policy
2560 * ------------------------------
8a90df34 2561 */
995ff282 2562QUIC_NEEDS_LOCK
83df44ae 2563static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc)
995ff282 2564{
83df44ae
HL		 2565 switch (qc->incoming_stream_policy) {
2566 case SSL_INCOMING_STREAM_POLICY_AUTO:
995ff282
HL		 2567 if ((qc->default_xso == NULL && !qc->default_xso_created)
2568 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
83df44ae 2569 return SSL_INCOMING_STREAM_POLICY_ACCEPT;
995ff282 2570 else
83df44ae 2571 return SSL_INCOMING_STREAM_POLICY_REJECT;
995ff282
HL		 2572
2573 default:
83df44ae 2574 return qc->incoming_stream_policy;
995ff282
HL		 2575 }
2576}
2577
2578QUIC_NEEDS_LOCK
2579static void qc_update_reject_policy(QUIC_CONNECTION *qc)
2580{
83df44ae
HL		 2581 int policy = qc_get_effective_incoming_stream_policy(qc);
2582 int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT);
995ff282
HL		 2583
2584 ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch,
2585 enable_reject,
83df44ae 2586 qc->incoming_stream_aec);
995ff282
HL		 2587}
2588
cb68ce9f 2589QUIC_TAKES_LOCK
83df44ae
HL		 2590int ossl_quic_set_incoming_stream_policy(SSL *s, int policy,
2591 uint64_t aec)
8a90df34
HL		 2592{
2593 int ret = 1;
2594 QCTX ctx;
2595
2596 if (!expect_quic_conn_only(s, &ctx))
2597 return 0;
2598
2599 quic_lock(ctx.qc);
2600
2601 switch (policy) {
83df44ae
HL		 2602 case SSL_INCOMING_STREAM_POLICY_AUTO:
2603 case SSL_INCOMING_STREAM_POLICY_ACCEPT:
2604 case SSL_INCOMING_STREAM_POLICY_REJECT:
2605 ctx.qc->incoming_stream_policy = policy;
2606 ctx.qc->incoming_stream_aec = aec;
8a90df34
HL		 2607 break;
2608
2609 default:
2610 ret = 0;
2611 break;
2612 }
2613
995ff282 2614 qc_update_reject_policy(ctx.qc);
8a90df34
HL		 2615 quic_unlock(ctx.qc);
2616 return ret;
2617}
2618
cb68ce9f
HL		 2619/*
2620 * SSL_accept_stream
2621 * -----------------
2622 */
cb68ce9f 2623struct wait_for_incoming_stream_args {
faa3a180 2624 QCTX *ctx;
cb68ce9f
HL		 2625 QUIC_STREAM *qs;
2626};
2627
2628QUIC_NEEDS_LOCK
2629static int wait_for_incoming_stream(void *arg)
2630{
2631 struct wait_for_incoming_stream_args *args = arg;
faa3a180
HL		 2632 QUIC_CONNECTION *qc = args->ctx->qc;
2633 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
cb68ce9f 2634
faa3a180 2635 if (!ossl_quic_channel_is_active(qc->ch)) {
cb68ce9f 2636 /* If connection is torn down due to an error while blocking, stop. */
faa3a180 2637 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
cb68ce9f
HL		 2638 return -1;
2639 }
2640
2641 args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2642 if (args->qs != NULL)
2643 return 1; /* got a stream */
2644
2645 return 0; /* did not get a stream, keep trying */
2646}
2647
2648QUIC_TAKES_LOCK
2649SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
2650{
2651 QCTX ctx;
2652 int ret;
2653 SSL *new_s = NULL;
2654 QUIC_STREAM_MAP *qsm;
2655 QUIC_STREAM *qs;
2656 QUIC_XSO *xso;
90cecc40 2657 OSSL_RTT_INFO rtt_info;
cb68ce9f
HL		 2658
2659 if (!expect_quic_conn_only(s, &ctx))
2660 return NULL;
2661
2662 quic_lock(ctx.qc);
2663
83df44ae
HL		 2664 if (qc_get_effective_incoming_stream_policy(ctx.qc)
2665 == SSL_INCOMING_STREAM_POLICY_REJECT)
cb68ce9f
HL		 2666 goto out;
2667
2668 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2669
2670 qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2671 if (qs == NULL) {
2672 if (qc_blocking_mode(ctx.qc)
2673 && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
2674 struct wait_for_incoming_stream_args args;
2675
faa3a180 2676 args.ctx = &ctx;
cb68ce9f
HL		 2677 args.qs = NULL;
2678
2679 ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
2680 if (ret == 0) {
faa3a180 2681 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
cb68ce9f
HL		 2682 goto out;
2683 } else if (ret < 0 || args.qs == NULL) {
2684 goto out;
2685 }
2686
2687 qs = args.qs;
2688 } else {
2689 goto out;
2690 }
2691 }
2692
2693 xso = create_xso_from_stream(ctx.qc, qs);
2694 if (xso == NULL)
2695 goto out;
2696
90cecc40
HL		 2697 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info);
2698 ossl_quic_stream_map_remove_from_accept_queue(qsm, qs,
2699 rtt_info.smoothed_rtt);
cb68ce9f
HL		 2700 new_s = &xso->ssl;
2701
2702 /* Calling this function inhibits default XSO autocreation. */
995ff282 2703 qc_touch_default_xso(ctx.qc); /* inhibits default XSO */
cb68ce9f
HL		 2704
2705out:
2706 quic_unlock(ctx.qc);
2707 return new_s;
2708}
2709
2710/*
2711 * SSL_get_accept_stream_queue_len
2712 * -------------------------------
2713 */
2714QUIC_TAKES_LOCK
2715size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
2716{
2717 QCTX ctx;
2718 size_t v;
2719
2720 if (!expect_quic_conn_only(s, &ctx))
2721 return 0;
2722
2723 quic_lock(ctx.qc);
2724
2725 v = ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
2726
2727 quic_unlock(ctx.qc);
2728 return v;
2729}
2730
c3a04ea2
HL		 2731/*
2732 * SSL_stream_reset
2733 * ----------------
2734 */
2735int ossl_quic_stream_reset(SSL *ssl,
2736 const SSL_STREAM_RESET_ARGS *args,
2737 size_t args_len)
2738{
2739 QCTX ctx;
2740 QUIC_STREAM_MAP *qsm;
2741 QUIC_STREAM *qs;
2742 uint64_t error_code;
e0bd2825 2743 int ok, err;
c3a04ea2
HL		 2744
2745 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, &ctx))
2746 return 0;
2747
2748 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2749 qs = ctx.xso->stream;
2750 error_code = (args != NULL ? args->quic_error_code : 0);
2751
e0bd2825
HL		 2752 if (!quic_validate_for_write(ctx.xso, &err))
2753 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
2754
2f018d14 2755 ok = ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code);
c3a04ea2
HL		 2756
2757 quic_unlock(ctx.qc);
2f018d14 2758 return ok;
c3a04ea2
HL		 2759}
2760
2761/*
2762 * SSL_get_stream_read_state
2763 * -------------------------
2764 */
2765static void quic_classify_stream(QUIC_CONNECTION *qc,
2766 QUIC_STREAM *qs,
2767 int is_write,
2768 int *state,
2769 uint64_t *app_error_code)
2770{
2771 int local_init;
2772 uint64_t final_size;
2773
2774 local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server);
2775
2776 if (app_error_code != NULL)
2777 *app_error_code = UINT64_MAX;
2778 else
2779 app_error_code = &final_size; /* throw away value */
2780
2781 if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) {
2782 /*
2783 * Unidirectional stream and this direction of transmission doesn't
2784 * exist.
2785 */
2786 *state = SSL_STREAM_STATE_WRONG_DIR;
2787 } else if (ossl_quic_channel_is_term_any(qc->ch)) {
2788 /* Connection already closed. */
2789 *state = SSL_STREAM_STATE_CONN_CLOSED;
2790 } else if (!is_write && qs->recv_fin_retired) {
2791 /* Application has read a FIN. */
2792 *state = SSL_STREAM_STATE_FINISHED;
2793 } else if ((!is_write && qs->stop_sending)
2f018d14 2794 || (is_write && ossl_quic_stream_send_is_reset(qs))) {
c3a04ea2
HL		 2795 /*
2796 * Stream has been reset locally. FIN takes precedence over this for the
2797 * read case as the application need not care if the stream is reset
2798 * after a FIN has been successfully processed.
2799 */
2800 *state = SSL_STREAM_STATE_RESET_LOCAL;
2801 *app_error_code = !is_write
2802 ? qs->stop_sending_aec
2803 : qs->reset_stream_aec;
2f018d14 2804 } else if ((!is_write && ossl_quic_stream_recv_is_reset(qs))
c3a04ea2
HL		 2805 || (is_write && qs->peer_stop_sending)) {
2806 /*
2807 * Stream has been reset remotely. */
2808 *state = SSL_STREAM_STATE_RESET_REMOTE;
2809 *app_error_code = !is_write
2810 ? qs->peer_reset_stream_aec
2811 : qs->peer_stop_sending_aec;
2812 } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream,
2813 &final_size)) {
2814 /*
2815 * Stream has been finished. Stream reset takes precedence over this for
2816 * the write case as peer may not have received all data.
2817 */
2818 *state = SSL_STREAM_STATE_FINISHED;
2819 } else {
2820 /* Stream still healthy. */
2821 *state = SSL_STREAM_STATE_OK;
2822 }
2823}
2824
2825static int quic_get_stream_state(SSL *ssl, int is_write)
2826{
2827 QCTX ctx;
2828 int state;
2829
2830 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
2831 return SSL_STREAM_STATE_NONE;
2832
2833 quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL);
2834 quic_unlock(ctx.qc);
2835 return state;
2836}
2837
2838int ossl_quic_get_stream_read_state(SSL *ssl)
2839{
2840 return quic_get_stream_state(ssl, /*is_write=*/0);
2841}
2842
2843/*
2844 * SSL_get_stream_write_state
2845 * --------------------------
2846 */
2847int ossl_quic_get_stream_write_state(SSL *ssl)
2848{
2849 return quic_get_stream_state(ssl, /*is_write=*/1);
2850}
2851
2852/*
2853 * SSL_get_stream_read_error_code
2854 * ------------------------------
2855 */
2856static int quic_get_stream_error_code(SSL *ssl, int is_write,
2857 uint64_t *app_error_code)
2858{
2859 QCTX ctx;
2860 int state;
2861
2862 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
2863 return -1;
2864
2865 quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0,
2866 &state, app_error_code);
2867
2868 quic_unlock(ctx.qc);
2869 switch (state) {
2870 case SSL_STREAM_STATE_FINISHED:
2871 return 0;
2872 case SSL_STREAM_STATE_RESET_LOCAL:
2873 case SSL_STREAM_STATE_RESET_REMOTE:
2874 return 1;
2875 default:
2876 return -1;
2877 }
2878}
2879
2880int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code)
2881{
2882 return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code);
2883}
2884
2885/*
2886 * SSL_get_stream_write_error_code
2887 * -------------------------------
2888 */
2889int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code)
2890{
2891 return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code);
2892}
2893
2894/*
2895 * SSL_get_conn_close_info
2896 * -----------------------
2897 */
2898int ossl_quic_get_conn_close_info(SSL *ssl,
2899 SSL_CONN_CLOSE_INFO *info,
2900 size_t info_len)
2901{
2902 QCTX ctx;
2903 const QUIC_TERMINATE_CAUSE *tc;
2904
2905 if (!expect_quic_conn_only(ssl, &ctx))
2906 return -1;
2907
2908 tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
2909 if (tc == NULL)
2910 return 0;
2911
2912 info->error_code = tc->error_code;
2913 info->reason = NULL; /* TODO(QUIC): Wire reason */
2914 info->reason_len = 0;
2915 info->is_local = !tc->remote;
2916 info->is_transport = !tc->app;
2917 return 1;
2918}
2919
2525109f
HL		 2920/*
2921 * SSL_key_update
2922 * --------------
2923 */
2924int ossl_quic_key_update(SSL *ssl, int update_type)
2925{
2926 QCTX ctx;
2927
2928 if (!expect_quic_conn_only(ssl, &ctx))
2929 return 0;
2930
2931 switch (update_type) {
2932 case SSL_KEY_UPDATE_NOT_REQUESTED:
2933 /*
2934 * QUIC signals peer key update implicily by triggering a local
2935 * spontaneous TXKU. Silently upgrade this to SSL_KEY_UPDATE_REQUESTED.
2936 */
2937 case SSL_KEY_UPDATE_REQUESTED:
2938 break;
2939
2940 default:
2941 /* Unknown type - error. */
2942 return 0;
2943 }
2944
2945 quic_lock(ctx.qc);
2946
2947 /* Attempt to perform a TXKU. */
2948 if (!ossl_quic_channel_trigger_txku(ctx.qc->ch)) {
2949 quic_unlock(ctx.qc);
2950 return 0;
2951 }
2952
2953 quic_unlock(ctx.qc);
2954 return 1;
2955}
2956
2957/*
2958 * SSL_get_key_update_type
2959 * -----------------------
2960 */
2961int ossl_quic_get_key_update_type(const SSL *s)
2962{
2963 /*
2964 * We always handle key updates immediately so a key update is never
2965 * pending.
2966 */
2967 return SSL_KEY_UPDATE_NONE;
2968}
2969
22d53c88
HL		 2970/*
2971 * QUIC Front-End I/O API: SSL_CTX Management
2972 * ==========================================
2973 */
2974
2975long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2976{
2977 switch (cmd) {
2978 default:
8a1a6d6d 2979 return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
22d53c88
HL		 2980 }
2981}
2982
2983long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
2984{
63dfde87
MC		 2985 QCTX ctx;
2986
2987 if (!expect_quic_conn_only(s, &ctx))
2988 return 0;
2989
2990 switch (cmd) {
2991 case SSL_CTRL_SET_MSG_CALLBACK:
5cf99b40
MC		 2992 ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp,
2993 &ctx.qc->ssl);
63dfde87
MC		 2994 /* This callback also needs to be set on the internal SSL object */
2995 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);;
2996
2997 default:
2998 /* Probably a TLS related ctrl. Defer to our internal SSL object */
2999 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);
3000 }
22d53c88
HL		 3001}
3002
3003long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3004{
8a1a6d6d 3005 return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
22d53c88
HL		 3006}
3007
3008int ossl_quic_renegotiate_check(SSL *ssl, int initok)
3009{
3010 /* We never do renegotiation. */
3011 return 0;
3012}
3013
3014/*
d518854c
MC		 3015 * These functions define the TLSv1.2 (and below) ciphers that are supported by
3016 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
22d53c88 3017 */
22d53c88
HL		 3018
3019int ossl_quic_num_ciphers(void)
3020{
d518854c 3021 return 0;
22d53c88
HL		 3022}
3023
3024const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
3025{
d518854c 3026 return NULL;
d5ab48a1 3027}
16f3b542
HL		 3028
3029/*
3030 * Internal Testing APIs
3031 * =====================
3032 */
3033
3034QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s)
3035{
3036 QCTX ctx;
3037
3038 if (!expect_quic_conn_only(s, &ctx))
3039 return NULL;
3040
3041 return ctx.qc->ch;
3042}
A mirror of the official openssl repository