2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/macros.h>
11 #include <openssl/objects.h>
12 #include <openssl/sslerr.h>
13 #include <crypto/rand.h>
14 #include "quic_local.h"
15 #include "internal/quic_tls.h"
16 #include "internal/quic_rx_depack.h"
17 #include "internal/quic_error.h"
18 #include "internal/time.h"
20 typedef struct qctx_st QCTX
;
22 static void aon_write_finish(QUIC_XSO
*xso
);
23 static int create_channel(QUIC_CONNECTION
*qc
);
24 static QUIC_XSO
*create_xso_from_stream(QUIC_CONNECTION
*qc
, QUIC_STREAM
*qs
);
25 static int qc_try_create_default_xso_for_write(QCTX
*ctx
);
26 static int qc_wait_for_default_xso_for_read(QCTX
*ctx
);
27 static void quic_lock(QUIC_CONNECTION
*qc
);
28 static void quic_unlock(QUIC_CONNECTION
*qc
);
29 static void quic_lock_for_io(QCTX
*ctx
);
30 static int quic_do_handshake(QCTX
*ctx
);
31 static void qc_update_reject_policy(QUIC_CONNECTION
*qc
);
32 static void qc_touch_default_xso(QUIC_CONNECTION
*qc
);
33 static void qc_set_default_xso(QUIC_CONNECTION
*qc
, QUIC_XSO
*xso
, int touch
);
34 static void qc_set_default_xso_keep_ref(QUIC_CONNECTION
*qc
, QUIC_XSO
*xso
,
35 int touch
, QUIC_XSO
**old_xso
);
36 static SSL
*quic_conn_stream_new(QCTX
*ctx
, uint64_t flags
, int need_lock
);
37 static int quic_validate_for_write(QUIC_XSO
*xso
, int *err
);
38 static int quic_mutation_allowed(QUIC_CONNECTION
*qc
, int req_active
);
39 static int qc_blocking_mode(const QUIC_CONNECTION
*qc
);
40 static int xso_blocking_mode(const QUIC_XSO
*xso
);
43 * QUIC Front-End I/O API: Common Utilities
44 * ========================================
48 * Block until a predicate is met.
50 * Precondition: Must have a channel.
51 * Precondition: Must hold channel lock (unchecked).
54 static int block_until_pred(QUIC_CONNECTION
*qc
,
55 int (*pred
)(void *arg
), void *pred_arg
,
60 assert(qc
->ch
!= NULL
);
63 * Any attempt to block auto-disables tick inhibition as otherwise we will
64 * hang around forever.
66 ossl_quic_channel_set_inhibit_tick(qc
->ch
, 0);
68 rtor
= ossl_quic_channel_get_reactor(qc
->ch
);
69 return ossl_quic_reactor_block_until_pred(rtor
, pred
, pred_arg
, flags
,
73 static OSSL_TIME
get_time(QUIC_CONNECTION
*qc
)
75 if (qc
->override_now_cb
!= NULL
)
76 return qc
->override_now_cb(qc
->override_now_cb_arg
);
78 return ossl_time_now();
81 static OSSL_TIME
get_time_cb(void *arg
)
83 QUIC_CONNECTION
*qc
= arg
;
89 * QCTX is a utility structure which provides information we commonly wish to
90 * unwrap upon an API call being dispatched to us, namely:
92 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
94 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
95 * a QCSO with a default stream was passed);
96 * - whether a QSSO was passed (xso == NULL must not be used to determine this
97 * because it may be non-NULL when a QCSO is passed if that QCSO has a
99 * - whether we are in "I/O context", meaning that non-normal errors can
100 * be reported via SSL_get_error() as well as via ERR. Functions such as
101 * SSL_read(), SSL_write() and SSL_do_handshake() are "I/O context"
102 * functions which are allowed to change the value returned by
103 * SSL_get_error. However, other functions (including functions which call
104 * SSL_do_handshake() implicitly) are not allowed to change the return value
110 int is_stream
, in_io
;
114 static void quic_set_last_error(QCTX
*ctx
, int last_error
)
119 if (ctx
->is_stream
&& ctx
->xso
!= NULL
)
120 ctx
->xso
->last_error
= last_error
;
121 else if (!ctx
->is_stream
&& ctx
->qc
!= NULL
)
122 ctx
->qc
->last_error
= last_error
;
126 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
127 * rather than via ERR. Note that normal errors must always be raised while
131 static int quic_raise_normal_error(QCTX
*ctx
,
135 quic_set_last_error(ctx
, err
);
141 * Raise a 'non-normal' error, meaning any error that is not reported via
142 * SSL_get_error() and must be reported via ERR.
144 * qc should be provided if available. In exceptional circumstances when qc is
145 * not known NULL may be passed. This should generally only happen when an
146 * expect_...() function defined below fails, which generally indicates a
147 * dispatch error or caller error.
149 * ctx should be NULL if the connection lock is not held.
151 static int quic_raise_non_normal_error(QCTX
*ctx
,
162 quic_set_last_error(ctx
, SSL_ERROR_SSL
);
164 if (reason
== SSL_R_PROTOCOL_IS_SHUTDOWN
&& ctx
->qc
!= NULL
)
165 ossl_quic_channel_restore_err_state(ctx
->qc
->ch
);
169 ERR_set_debug(file
, line
, func
);
172 ERR_vset_error(ERR_LIB_SSL
, reason
, fmt
, args
);
178 #define QUIC_RAISE_NORMAL_ERROR(ctx, err) \
179 quic_raise_normal_error((ctx), (err))
181 #define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg) \
182 quic_raise_non_normal_error((ctx), \
183 OPENSSL_FILE, OPENSSL_LINE, \
189 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
190 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
192 * After this returns 1, all fields of the passed QCTX are initialised.
193 * Returns 0 on failure. This function is intended to be used to provide API
194 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
196 static int expect_quic(const SSL
*s
, QCTX
*ctx
)
206 return QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_PASSED_NULL_PARAMETER
, NULL
);
209 case SSL_TYPE_QUIC_CONNECTION
:
210 qc
= (QUIC_CONNECTION
*)s
;
212 ctx
->xso
= qc
->default_xso
;
217 case SSL_TYPE_QUIC_XSO
:
226 return QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_INTERNAL_ERROR
, NULL
);
231 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
232 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
235 * remote_init determines if we expect the default XSO to be remotely created or
236 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
238 * Channel mutex is acquired and retained on success.
241 static int ossl_unused
expect_quic_with_stream_lock(const SSL
*s
, int remote_init
,
242 int in_io
, QCTX
*ctx
)
244 if (!expect_quic(s
, ctx
))
248 quic_lock_for_io(ctx
);
252 if (ctx
->xso
== NULL
&& remote_init
>= 0) {
253 if (!quic_mutation_allowed(ctx
->qc
, /*req_active=*/0)) {
254 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
258 /* If we haven't finished the handshake, try to advance it. */
259 if (quic_do_handshake(ctx
) < 1)
260 /* ossl_quic_do_handshake raised error here */
263 if (remote_init
== 0) {
264 if (!qc_try_create_default_xso_for_write(ctx
))
267 if (!qc_wait_for_default_xso_for_read(ctx
))
271 ctx
->xso
= ctx
->qc
->default_xso
;
274 if (ctx
->xso
== NULL
) {
275 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_NO_STREAM
, NULL
);
279 return 1; /* coverity[missing_unlock]: lock held */
282 quic_unlock(ctx
->qc
);
287 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
288 * be non-NULL if the QCSO has a default stream.
290 static int ossl_unused
expect_quic_conn_only(const SSL
*s
, QCTX
*ctx
)
292 if (!expect_quic(s
, ctx
))
296 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_CONN_USE_ONLY
, NULL
);
302 * Ensures that the channel mutex is held for a method which touches channel
305 * Precondition: Channel mutex is not held (unchecked)
307 static void quic_lock(QUIC_CONNECTION
*qc
)
309 #if defined(OPENSSL_THREADS)
310 ossl_crypto_mutex_lock(qc
->mutex
);
314 static void quic_lock_for_io(QCTX
*ctx
)
320 * We are entering an I/O function so we must update the values returned by
321 * SSL_get_error and SSL_want. Set no error. This will be overridden later
322 * if a call to QUIC_RAISE_NORMAL_ERROR or QUIC_RAISE_NON_NORMAL_ERROR
323 * occurs during the API call.
325 quic_set_last_error(ctx
, SSL_ERROR_NONE
);
328 /* Precondition: Channel mutex is held (unchecked) */
330 static void quic_unlock(QUIC_CONNECTION
*qc
)
332 #if defined(OPENSSL_THREADS)
333 ossl_crypto_mutex_unlock(qc
->mutex
);
338 * This predicate is the criterion which should determine API call rejection for
339 * *most* mutating API calls, particularly stream-related operations for send
342 * A call is rejected (this function returns 0) if shutdown is in progress
343 * (stream flushing), or we are in a TERMINATING or TERMINATED state. If
344 * req_active=1, the connection must be active (i.e., the IDLE state is also
347 static int quic_mutation_allowed(QUIC_CONNECTION
*qc
, int req_active
)
349 if (qc
->shutting_down
|| ossl_quic_channel_is_term_any(qc
->ch
))
352 if (req_active
&& !ossl_quic_channel_is_active(qc
->ch
))
359 * QUIC Front-End I/O API: Initialization
360 * ======================================
362 * SSL_new => ossl_quic_new
364 * SSL_reset => ossl_quic_reset
365 * SSL_clear => ossl_quic_clear
367 * SSL_free => ossl_quic_free
369 * SSL_set_options => ossl_quic_set_options
370 * SSL_get_options => ossl_quic_get_options
371 * SSL_clear_options => ossl_quic_clear_options
376 SSL
*ossl_quic_new(SSL_CTX
*ctx
)
378 QUIC_CONNECTION
*qc
= NULL
;
379 SSL
*ssl_base
= NULL
;
380 SSL_CONNECTION
*sc
= NULL
;
382 qc
= OPENSSL_zalloc(sizeof(*qc
));
384 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_CRYPTO_LIB
, NULL
);
388 /* Initialise the QUIC_CONNECTION's stub header. */
390 if (!ossl_ssl_init(ssl_base
, ctx
, ctx
->method
, SSL_TYPE_QUIC_CONNECTION
)) {
392 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_INTERNAL_ERROR
, NULL
);
396 qc
->tls
= ossl_ssl_connection_new_int(ctx
, TLS_method());
397 if (qc
->tls
== NULL
|| (sc
= SSL_CONNECTION_FROM_SSL(qc
->tls
)) == NULL
) {
398 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_INTERNAL_ERROR
, NULL
);
402 /* override the user_ssl of the inner connection */
403 sc
->s3
.flags
|= TLS1_FLAGS_QUIC
;
405 /* Restrict options derived from the SSL_CTX. */
406 sc
->options
&= OSSL_QUIC_PERMITTED_OPTIONS_CONN
;
409 #if defined(OPENSSL_THREADS)
410 if ((qc
->mutex
= ossl_crypto_mutex_new()) == NULL
) {
411 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_CRYPTO_LIB
, NULL
);
416 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
417 qc
->is_thread_assisted
418 = (ssl_base
->method
== OSSL_QUIC_client_thread_method());
421 qc
->as_server
= 0; /* TODO(QUIC SERVER): add server support */
422 qc
->as_server_state
= qc
->as_server
;
424 qc
->default_stream_mode
= SSL_DEFAULT_STREAM_MODE_AUTO_BIDI
;
425 qc
->default_ssl_mode
= qc
->ssl
.ctx
->mode
;
426 qc
->default_ssl_options
= qc
->ssl
.ctx
->options
& OSSL_QUIC_PERMITTED_OPTIONS
;
427 qc
->desires_blocking
= 1;
429 qc
->incoming_stream_policy
= SSL_INCOMING_STREAM_POLICY_AUTO
;
430 qc
->last_error
= SSL_ERROR_NONE
;
432 if (!create_channel(qc
))
435 ossl_quic_channel_set_msg_callback(qc
->ch
, ctx
->msg_callback
, ssl_base
);
436 ossl_quic_channel_set_msg_callback_arg(qc
->ch
, ctx
->msg_callback_arg
);
438 qc_update_reject_policy(qc
);
441 * We do not create the default XSO yet. The reason for this is that the
442 * stream ID of the default XSO will depend on whether the stream is client
443 * or server-initiated, which depends on who transmits first. Since we do
444 * not know whether the application will be using a client-transmits-first
445 * or server-transmits-first protocol, we defer default XSO creation until
446 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
447 * we take that as a cue that the client is expecting a server-initiated
448 * stream, and vice versa if SSL_write() is called first.
454 #if defined(OPENSSL_THREADS)
455 ossl_crypto_mutex_free(qc
->mutex
);
457 ossl_quic_channel_free(qc
->ch
);
466 void ossl_quic_free(SSL
*s
)
471 /* We should never be called on anything but a QSO. */
472 if (!expect_quic(s
, &ctx
))
479 * When a QSSO is freed, the XSO is freed immediately, because the XSO
480 * itself only contains API personality layer data. However the
481 * underlying QUIC_STREAM is not freed immediately but is instead marked
482 * as deleted for later collection.
485 assert(ctx
.qc
->num_xso
> 0);
488 /* If a stream's send part has not been finished, auto-reset it. */
489 if (( ctx
.xso
->stream
->send_state
== QUIC_SSTREAM_STATE_READY
490 || ctx
.xso
->stream
->send_state
== QUIC_SSTREAM_STATE_SEND
)
491 && !ossl_quic_sstream_get_final_size(ctx
.xso
->stream
->sstream
, NULL
))
492 ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx
.qc
->ch
),
495 /* Do STOP_SENDING for the receive part, if applicable. */
496 if ( ctx
.xso
->stream
->recv_state
== QUIC_RSTREAM_STATE_RECV
497 || ctx
.xso
->stream
->recv_state
== QUIC_RSTREAM_STATE_SIZE_KNOWN
)
498 ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx
.qc
->ch
),
501 /* Update stream state. */
502 ctx
.xso
->stream
->deleted
= 1;
503 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx
.qc
->ch
),
506 is_default
= (ctx
.xso
== ctx
.qc
->default_xso
);
510 * Unref the connection in most cases; the XSO has a ref to the QC and
511 * not vice versa. But for a default XSO, to avoid circular references,
512 * the QC refs the XSO but the XSO does not ref the QC. If we are the
513 * default XSO, we only get here when the QC is being torn down anyway,
514 * so don't call SSL_free(qc) as we are already in it.
517 SSL_free(&ctx
.qc
->ssl
);
519 /* Note: SSL_free calls OPENSSL_free(xso) for us */
524 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
525 * stage, but is freed during the channel free when the whole QSM is freed.
527 if (ctx
.qc
->default_xso
!= NULL
) {
528 QUIC_XSO
*xso
= ctx
.qc
->default_xso
;
533 ctx
.qc
->default_xso
= NULL
;
536 /* Ensure we have no remaining XSOs. */
537 assert(ctx
.qc
->num_xso
== 0);
539 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
540 if (ctx
.qc
->is_thread_assisted
&& ctx
.qc
->started
) {
541 ossl_quic_thread_assist_wait_stopped(&ctx
.qc
->thread_assist
);
542 ossl_quic_thread_assist_cleanup(&ctx
.qc
->thread_assist
);
546 ossl_quic_channel_free(ctx
.qc
->ch
);
548 BIO_free(ctx
.qc
->net_rbio
);
549 BIO_free(ctx
.qc
->net_wbio
);
551 /* Note: SSL_free calls OPENSSL_free(qc) for us */
553 SSL_free(ctx
.qc
->tls
);
554 quic_unlock(ctx
.qc
); /* tsan doesn't like freeing locked mutexes */
555 #if defined(OPENSSL_THREADS)
556 ossl_crypto_mutex_free(&ctx
.qc
->mutex
);
560 /* SSL method init */
561 int ossl_quic_init(SSL
*s
)
563 /* Same op as SSL_clear, forward the call. */
564 return ossl_quic_clear(s
);
567 /* SSL method deinit */
568 void ossl_quic_deinit(SSL
*s
)
573 /* SSL_clear (ssl_reset method) */
574 int ossl_quic_reset(SSL
*s
)
578 if (!expect_quic(s
, &ctx
))
581 ERR_raise(ERR_LIB_SSL
, ERR_R_UNSUPPORTED
);
585 /* ssl_clear method (unused) */
586 int ossl_quic_clear(SSL
*s
)
590 if (!expect_quic(s
, &ctx
))
593 ERR_raise(ERR_LIB_SSL
, ERR_R_UNSUPPORTED
);
597 int ossl_quic_conn_set_override_now_cb(SSL
*s
,
598 OSSL_TIME (*now_cb
)(void *arg
),
603 if (!expect_quic(s
, &ctx
))
608 ctx
.qc
->override_now_cb
= now_cb
;
609 ctx
.qc
->override_now_cb_arg
= now_cb_arg
;
615 void ossl_quic_conn_force_assist_thread_wake(SSL
*s
)
619 if (!expect_quic(s
, &ctx
))
622 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
623 if (ctx
.qc
->is_thread_assisted
&& ctx
.qc
->started
)
624 ossl_quic_thread_assist_notify_deadline_changed(&ctx
.qc
->thread_assist
);
629 static void qc_touch_default_xso(QUIC_CONNECTION
*qc
)
631 qc
->default_xso_created
= 1;
632 qc_update_reject_policy(qc
);
636 * Changes default XSO. Allows caller to keep reference to the old default XSO
637 * (if any). Reference to new XSO is transferred from caller.
640 static void qc_set_default_xso_keep_ref(QUIC_CONNECTION
*qc
, QUIC_XSO
*xso
,
648 if (qc
->default_xso
!= xso
) {
649 *old_xso
= qc
->default_xso
; /* transfer old XSO ref to caller */
651 qc
->default_xso
= xso
;
655 * Changing to not having a default XSO. XSO becomes standalone and
656 * now has a ref to the QC.
658 if (!ossl_assert(SSL_up_ref(&qc
->ssl
)))
662 * Changing from not having a default XSO to having one. The new XSO
663 * will have had a reference to the QC we need to drop to avoid a
664 * circular reference.
666 * Currently we never change directly from one default XSO to
667 * another, though this function would also still be correct if this
670 assert(*old_xso
== NULL
);
672 CRYPTO_DOWN_REF(&qc
->ssl
.references
, &refs
);
678 qc_touch_default_xso(qc
);
682 * Changes default XSO, releasing the reference to any previous default XSO.
683 * Reference to new XSO is transferred from caller.
686 static void qc_set_default_xso(QUIC_CONNECTION
*qc
, QUIC_XSO
*xso
, int touch
)
688 QUIC_XSO
*old_xso
= NULL
;
690 qc_set_default_xso_keep_ref(qc
, xso
, touch
, &old_xso
);
693 SSL_free(&old_xso
->ssl
);
697 static void xso_update_options(QUIC_XSO
*xso
)
699 int cleanse
= ((xso
->ssl_options
& SSL_OP_CLEANSE_PLAINTEXT
) != 0);
701 if (xso
->stream
->rstream
!= NULL
)
702 ossl_quic_rstream_set_cleanse(xso
->stream
->rstream
, cleanse
);
704 if (xso
->stream
->sstream
!= NULL
)
705 ossl_quic_sstream_set_cleanse(xso
->stream
->sstream
, cleanse
);
712 * Setting options on a QCSO
713 * - configures the handshake-layer options;
714 * - configures the default data-plane options for new streams;
715 * - configures the data-plane options on the default XSO, if there is one.
717 * Setting options on a QSSO
718 * - configures data-plane options for that stream only.
721 static uint64_t quic_mask_or_options(SSL
*ssl
, uint64_t mask_value
, uint64_t or_value
)
724 uint64_t hs_mask_value
, hs_or_value
, ret
;
726 if (!expect_quic(ssl
, &ctx
))
731 if (!ctx
.is_stream
) {
733 * If we were called on the connection, we apply any handshake option
736 hs_mask_value
= (mask_value
& OSSL_QUIC_PERMITTED_OPTIONS_CONN
);
737 hs_or_value
= (or_value
& OSSL_QUIC_PERMITTED_OPTIONS_CONN
);
739 SSL_clear_options(ctx
.qc
->tls
, hs_mask_value
);
740 SSL_set_options(ctx
.qc
->tls
, hs_or_value
);
742 /* Update defaults for new streams. */
743 ctx
.qc
->default_ssl_options
744 = ((ctx
.qc
->default_ssl_options
& ~mask_value
) | or_value
)
745 & OSSL_QUIC_PERMITTED_OPTIONS
;
748 if (ctx
.xso
!= NULL
) {
750 = ((ctx
.xso
->ssl_options
& ~mask_value
) | or_value
)
751 & OSSL_QUIC_PERMITTED_OPTIONS_STREAM
;
753 xso_update_options(ctx
.xso
);
756 ret
= ctx
.is_stream
? ctx
.xso
->ssl_options
: ctx
.qc
->default_ssl_options
;
762 uint64_t ossl_quic_set_options(SSL
*ssl
, uint64_t options
)
764 return quic_mask_or_options(ssl
, 0, options
);
767 /* SSL_clear_options */
768 uint64_t ossl_quic_clear_options(SSL
*ssl
, uint64_t options
)
770 return quic_mask_or_options(ssl
, options
, 0);
773 /* SSL_get_options */
774 uint64_t ossl_quic_get_options(const SSL
*ssl
)
776 return quic_mask_or_options((SSL
*)ssl
, 0, 0);
780 * QUIC Front-End I/O API: Network BIO Configuration
781 * =================================================
783 * Handling the different BIOs is difficult:
785 * - It is more or less a requirement that we use non-blocking network I/O;
786 * we need to be able to have timeouts on recv() calls, and make best effort
787 * (non blocking) send() and recv() calls.
789 * The only sensible way to do this is to configure the socket into
790 * non-blocking mode. We could try to do select() before calling send() or
791 * recv() to get a guarantee that the call will not block, but this will
792 * probably run into issues with buggy OSes which generate spurious socket
793 * readiness events. In any case, relying on this to work reliably does not
796 * Timeouts could be handled via setsockopt() socket timeout options, but
797 * this depends on OS support and adds another syscall to every network I/O
798 * operation. It also has obvious thread safety concerns if we want to move
799 * to concurrent use of a single socket at some later date.
801 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
802 * be made non-blocking. However some OSes (e.g. Windows) do not support
803 * this, so we cannot rely on this.
805 * As such, we need to configure any FD in non-blocking mode. This may
806 * confound users who pass a blocking socket to libssl. However, in practice
807 * it would be extremely strange for a user of QUIC to pass an FD to us,
808 * then also try and send receive traffic on the same socket(!). Thus the
809 * impact of this should be limited, and can be documented.
811 * - We support both blocking and non-blocking operation in terms of the API
812 * presented to the user. One prospect is to set the blocking mode based on
813 * whether the socket passed to us was already in blocking mode. However,
814 * Windows has no API for determining if a socket is in blocking mode (!),
815 * therefore this cannot be done portably. Currently therefore we expose an
816 * explicit API call to set this, and default to blocking mode.
818 * - We need to determine our initial destination UDP address. The "natural"
819 * way for a user to do this is to set the peer variable on a BIO_dgram.
820 * However, this has problems because BIO_dgram's peer variable is used for
821 * both transmission and reception. This means it can be constantly being
822 * changed to a malicious value (e.g. if some random unrelated entity on the
823 * network starts sending traffic to us) on every read call. This is not a
824 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
825 * calls only, which do not use this variable. However, we do need to let
826 * the user specify the peer in a 'normal' manner. The compromise here is
827 * that we grab the current peer value set at the time the write BIO is set
828 * and do not read the value again.
830 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
831 * Currently we do this by only supporting non-blocking mode.
836 * Determines what initial destination UDP address we should use, if possible.
837 * If this fails the client must set the destination address manually, or use a
838 * BIO which does not need a destination address.
840 static int csm_analyse_init_peer_addr(BIO
*net_wbio
, BIO_ADDR
*peer
)
842 if (BIO_dgram_detect_peer_addr(net_wbio
, peer
) <= 0)
848 static int qc_can_support_blocking_cached(QUIC_CONNECTION
*qc
)
850 QUIC_REACTOR
*rtor
= ossl_quic_channel_get_reactor(qc
->ch
);
852 return ossl_quic_reactor_can_poll_r(rtor
)
853 && ossl_quic_reactor_can_poll_w(rtor
);
856 static void qc_update_can_support_blocking(QUIC_CONNECTION
*qc
)
858 ossl_quic_channel_update_poll_descriptors(qc
->ch
); /* best effort */
861 static void qc_update_blocking_mode(QUIC_CONNECTION
*qc
)
863 qc
->blocking
= qc
->desires_blocking
&& qc_can_support_blocking_cached(qc
);
866 void ossl_quic_conn_set0_net_rbio(SSL
*s
, BIO
*net_rbio
)
870 if (!expect_quic(s
, &ctx
))
873 if (ctx
.qc
->net_rbio
== net_rbio
)
876 if (!ossl_quic_channel_set_net_rbio(ctx
.qc
->ch
, net_rbio
))
879 BIO_free(ctx
.qc
->net_rbio
);
880 ctx
.qc
->net_rbio
= net_rbio
;
882 if (net_rbio
!= NULL
)
883 BIO_set_nbio(net_rbio
, 1); /* best effort autoconfig */
886 * Determine if the current pair of read/write BIOs now set allows blocking
887 * mode to be supported.
889 qc_update_can_support_blocking(ctx
.qc
);
890 qc_update_blocking_mode(ctx
.qc
);
893 void ossl_quic_conn_set0_net_wbio(SSL
*s
, BIO
*net_wbio
)
897 if (!expect_quic(s
, &ctx
))
900 if (ctx
.qc
->net_wbio
== net_wbio
)
903 if (!ossl_quic_channel_set_net_wbio(ctx
.qc
->ch
, net_wbio
))
906 BIO_free(ctx
.qc
->net_wbio
);
907 ctx
.qc
->net_wbio
= net_wbio
;
909 if (net_wbio
!= NULL
)
910 BIO_set_nbio(net_wbio
, 1); /* best effort autoconfig */
913 * Determine if the current pair of read/write BIOs now set allows blocking
914 * mode to be supported.
916 qc_update_can_support_blocking(ctx
.qc
);
917 qc_update_blocking_mode(ctx
.qc
);
920 BIO
*ossl_quic_conn_get_net_rbio(const SSL
*s
)
924 if (!expect_quic(s
, &ctx
))
927 return ctx
.qc
->net_rbio
;
930 BIO
*ossl_quic_conn_get_net_wbio(const SSL
*s
)
934 if (!expect_quic(s
, &ctx
))
937 return ctx
.qc
->net_wbio
;
940 int ossl_quic_conn_get_blocking_mode(const SSL
*s
)
944 if (!expect_quic(s
, &ctx
))
948 return xso_blocking_mode(ctx
.xso
);
950 return qc_blocking_mode(ctx
.qc
);
954 int ossl_quic_conn_set_blocking_mode(SSL
*s
, int blocking
)
959 if (!expect_quic(s
, &ctx
))
964 /* Sanity check - can we support the request given the current network BIO? */
967 * If called directly on a QCSO, update our information on network BIO
971 qc_update_can_support_blocking(ctx
.qc
);
973 /* Cannot enable blocking mode if we do not have pollable FDs. */
974 if (!qc_can_support_blocking_cached(ctx
.qc
)) {
975 ret
= QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_UNSUPPORTED
, NULL
);
982 * If called directly on a QCSO, update default and connection-level
985 ctx
.qc
->desires_blocking
= (blocking
!= 0);
987 if (ctx
.xso
!= NULL
) {
989 * If called on a QSSO or a QCSO with a default XSO, update the blocking
992 ctx
.xso
->desires_blocking
= (blocking
!= 0);
993 ctx
.xso
->desires_blocking_set
= 1;
998 qc_update_blocking_mode(ctx
.qc
);
1003 int ossl_quic_conn_set_initial_peer_addr(SSL
*s
,
1004 const BIO_ADDR
*peer_addr
)
1008 if (!expect_quic(s
, &ctx
))
1011 if (ctx
.qc
->started
)
1012 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
,
1015 if (peer_addr
== NULL
) {
1016 BIO_ADDR_clear(&ctx
.qc
->init_peer_addr
);
1020 ctx
.qc
->init_peer_addr
= *peer_addr
;
1025 * QUIC Front-End I/O API: Asynchronous I/O Management
1026 * ===================================================
1028 * (BIO/)SSL_handle_events => ossl_quic_handle_events
1029 * (BIO/)SSL_get_event_timeout => ossl_quic_get_event_timeout
1030 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
1034 /* Returns 1 if the connection is being used in blocking mode. */
1035 static int qc_blocking_mode(const QUIC_CONNECTION
*qc
)
1037 return qc
->blocking
;
1040 static int xso_blocking_mode(const QUIC_XSO
*xso
)
1042 if (xso
->desires_blocking_set
)
1043 return xso
->desires_blocking
&& qc_can_support_blocking_cached(xso
->conn
);
1045 /* Only ever set if we can support blocking. */
1046 return xso
->conn
->blocking
;
1049 /* SSL_handle_events; performs QUIC I/O and timeout processing. */
1051 int ossl_quic_handle_events(SSL
*s
)
1055 if (!expect_quic(s
, &ctx
))
1059 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx
.qc
->ch
), 0);
1060 quic_unlock(ctx
.qc
);
1065 * SSL_get_event_timeout. Get the time in milliseconds until the SSL object
1066 * should next have events handled by the application by calling
1067 * SSL_handle_events(). tv is set to 0 if the object should have events handled
1068 * immediately. If no timeout is currently active, *is_infinite is set to 1 and
1069 * the value of *tv is undefined.
1072 int ossl_quic_get_event_timeout(SSL
*s
, struct timeval
*tv
, int *is_infinite
)
1075 OSSL_TIME deadline
= ossl_time_infinite();
1077 if (!expect_quic(s
, &ctx
))
1083 = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx
.qc
->ch
));
1085 if (ossl_time_is_infinite(deadline
)) {
1089 * Robustness against faulty applications that don't check *is_infinite;
1090 * harmless long timeout.
1092 tv
->tv_sec
= 1000000;
1095 quic_unlock(ctx
.qc
);
1099 *tv
= ossl_time_to_timeval(ossl_time_subtract(deadline
, get_time(ctx
.qc
)));
1101 quic_unlock(ctx
.qc
);
1105 /* SSL_get_rpoll_descriptor */
1106 int ossl_quic_get_rpoll_descriptor(SSL
*s
, BIO_POLL_DESCRIPTOR
*desc
)
1110 if (!expect_quic(s
, &ctx
))
1113 if (desc
== NULL
|| ctx
.qc
->net_rbio
== NULL
)
1114 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_INVALID_ARGUMENT
,
1117 return BIO_get_rpoll_descriptor(ctx
.qc
->net_rbio
, desc
);
1120 /* SSL_get_wpoll_descriptor */
1121 int ossl_quic_get_wpoll_descriptor(SSL
*s
, BIO_POLL_DESCRIPTOR
*desc
)
1125 if (!expect_quic(s
, &ctx
))
1128 if (desc
== NULL
|| ctx
.qc
->net_wbio
== NULL
)
1129 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_INVALID_ARGUMENT
,
1132 return BIO_get_wpoll_descriptor(ctx
.qc
->net_wbio
, desc
);
1135 /* SSL_net_read_desired */
1137 int ossl_quic_get_net_read_desired(SSL
*s
)
1142 if (!expect_quic(s
, &ctx
))
1146 ret
= ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx
.qc
->ch
));
1147 quic_unlock(ctx
.qc
);
1151 /* SSL_net_write_desired */
1153 int ossl_quic_get_net_write_desired(SSL
*s
)
1158 if (!expect_quic(s
, &ctx
))
1162 ret
= ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx
.qc
->ch
));
1163 quic_unlock(ctx
.qc
);
1168 * QUIC Front-End I/O API: Connection Lifecycle Operations
1169 * =======================================================
1171 * SSL_do_handshake => ossl_quic_do_handshake
1172 * SSL_set_connect_state => ossl_quic_set_connect_state
1173 * SSL_set_accept_state => ossl_quic_set_accept_state
1174 * SSL_shutdown => ossl_quic_shutdown
1175 * SSL_ctrl => ossl_quic_ctrl
1176 * (BIO/)SSL_connect => ossl_quic_connect
1177 * (BIO/)SSL_accept => ossl_quic_accept
1182 static void qc_shutdown_flush_init(QUIC_CONNECTION
*qc
)
1184 QUIC_STREAM_MAP
*qsm
;
1186 if (qc
->shutting_down
)
1189 qsm
= ossl_quic_channel_get_qsm(qc
->ch
);
1191 ossl_quic_stream_map_begin_shutdown_flush(qsm
);
1192 qc
->shutting_down
= 1;
1195 /* Returns 1 if all shutdown-flush streams have been done with. */
1197 static int qc_shutdown_flush_finished(QUIC_CONNECTION
*qc
)
1199 QUIC_STREAM_MAP
*qsm
= ossl_quic_channel_get_qsm(qc
->ch
);
1201 return qc
->shutting_down
1202 && ossl_quic_stream_map_is_shutdown_flush_finished(qsm
);
1206 static int quic_shutdown_wait(void *arg
)
1208 QUIC_CONNECTION
*qc
= arg
;
1210 return ossl_quic_channel_is_terminated(qc
->ch
);
1213 /* Returns 1 if shutdown flush process has finished or is inapplicable. */
1214 static int quic_shutdown_flush_wait(void *arg
)
1216 QUIC_CONNECTION
*qc
= arg
;
1218 return ossl_quic_channel_is_term_any(qc
->ch
)
1219 || qc_shutdown_flush_finished(qc
);
1222 static int quic_shutdown_peer_wait(void *arg
)
1224 QUIC_CONNECTION
*qc
= arg
;
1225 return ossl_quic_channel_is_term_any(qc
->ch
);
1229 int ossl_quic_conn_shutdown(SSL
*s
, uint64_t flags
,
1230 const SSL_SHUTDOWN_EX_ARGS
*args
,
1235 int stream_flush
= ((flags
& SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH
) == 0);
1236 int no_block
= ((flags
& SSL_SHUTDOWN_FLAG_NO_BLOCK
) != 0);
1237 int wait_peer
= ((flags
& SSL_SHUTDOWN_FLAG_WAIT_PEER
) != 0);
1239 if (!expect_quic(s
, &ctx
))
1242 if (ctx
.is_stream
) {
1243 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, SSL_R_CONN_USE_ONLY
, NULL
);
1249 if (ossl_quic_channel_is_terminated(ctx
.qc
->ch
)) {
1250 quic_unlock(ctx
.qc
);
1254 /* Phase 1: Stream Flushing */
1255 if (!wait_peer
&& stream_flush
) {
1256 qc_shutdown_flush_init(ctx
.qc
);
1258 if (!qc_shutdown_flush_finished(ctx
.qc
)) {
1259 if (!no_block
&& qc_blocking_mode(ctx
.qc
)) {
1260 ret
= block_until_pred(ctx
.qc
, quic_shutdown_flush_wait
, ctx
.qc
, 0);
1266 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx
.qc
->ch
), 0);
1270 if (!qc_shutdown_flush_finished(ctx
.qc
)) {
1271 quic_unlock(ctx
.qc
);
1272 return 0; /* ongoing */
1276 /* Phase 2: Connection Closure */
1277 if (wait_peer
&& !ossl_quic_channel_is_term_any(ctx
.qc
->ch
)) {
1278 if (!no_block
&& qc_blocking_mode(ctx
.qc
)) {
1279 ret
= block_until_pred(ctx
.qc
, quic_shutdown_peer_wait
, ctx
.qc
, 0);
1285 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx
.qc
->ch
), 0);
1288 if (!ossl_quic_channel_is_term_any(ctx
.qc
->ch
)) {
1289 ret
= 0; /* peer hasn't closed yet - still not done */
1294 * We are at least terminating - go through the normal process of
1295 * waiting until we are in the TERMINATED state.
1299 /* Block mutation ops regardless of if we did stream flush. */
1300 ctx
.qc
->shutting_down
= 1;
1303 * This call is a no-op if we are already terminating, so it doesn't
1304 * affect the wait_peer case.
1306 ossl_quic_channel_local_close(ctx
.qc
->ch
,
1307 args
!= NULL
? args
->quic_error_code
: 0,
1308 args
!= NULL
? args
->quic_reason
: NULL
);
1310 SSL_set_shutdown(ctx
.qc
->tls
, SSL_SENT_SHUTDOWN
);
1312 if (ossl_quic_channel_is_terminated(ctx
.qc
->ch
)) {
1313 quic_unlock(ctx
.qc
);
1317 /* Phase 3: Terminating Wait Time */
1318 if (!no_block
&& qc_blocking_mode(ctx
.qc
)
1319 && (flags
& SSL_SHUTDOWN_FLAG_RAPID
) == 0) {
1320 ret
= block_until_pred(ctx
.qc
, quic_shutdown_wait
, ctx
.qc
, 0);
1326 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx
.qc
->ch
), 0);
1329 ret
= ossl_quic_channel_is_terminated(ctx
.qc
->ch
);
1331 quic_unlock(ctx
.qc
);
1336 long ossl_quic_ctrl(SSL
*s
, int cmd
, long larg
, void *parg
)
1340 if (!expect_quic(s
, &ctx
))
1345 /* If called on a QCSO, update the default mode. */
1347 ctx
.qc
->default_ssl_mode
|= (uint32_t)larg
;
1350 * If we were called on a QSSO or have a default stream, we also update
1353 if (ctx
.xso
!= NULL
) {
1354 /* Cannot enable EPW while AON write in progress. */
1355 if (ctx
.xso
->aon_write_in_progress
)
1356 larg
&= ~SSL_MODE_ENABLE_PARTIAL_WRITE
;
1358 ctx
.xso
->ssl_mode
|= (uint32_t)larg
;
1359 return ctx
.xso
->ssl_mode
;
1362 return ctx
.qc
->default_ssl_mode
;
1363 case SSL_CTRL_CLEAR_MODE
:
1365 ctx
.qc
->default_ssl_mode
&= ~(uint32_t)larg
;
1367 if (ctx
.xso
!= NULL
) {
1368 ctx
.xso
->ssl_mode
&= ~(uint32_t)larg
;
1369 return ctx
.xso
->ssl_mode
;
1372 return ctx
.qc
->default_ssl_mode
;
1374 case SSL_CTRL_SET_MSG_CALLBACK_ARG
:
1375 ossl_quic_channel_set_msg_callback_arg(ctx
.qc
->ch
, parg
);
1376 /* This ctrl also needs to be passed to the internal SSL object */
1377 return SSL_ctrl(ctx
.qc
->tls
, cmd
, larg
, parg
);
1379 case DTLS_CTRL_GET_TIMEOUT
: /* DTLSv1_get_timeout */
1383 if (!ossl_quic_get_event_timeout(s
, parg
, &is_infinite
))
1386 return !is_infinite
;
1388 case DTLS_CTRL_HANDLE_TIMEOUT
: /* DTLSv1_handle_timeout */
1389 /* For legacy compatibility with DTLS calls. */
1390 return ossl_quic_handle_events(s
) == 1 ? 1 : -1;
1392 /* Mask ctrls we shouldn't support for QUIC. */
1393 case SSL_CTRL_GET_READ_AHEAD
:
1394 case SSL_CTRL_SET_READ_AHEAD
:
1395 case SSL_CTRL_SET_MAX_SEND_FRAGMENT
:
1396 case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT
:
1397 case SSL_CTRL_SET_MAX_PIPELINES
:
1402 * Probably a TLS related ctrl. Send back to the frontend SSL_ctrl
1403 * implementation. Either SSL_ctrl will handle it itself by direct
1404 * access into handshake layer state, or failing that, it will be passed
1405 * to the handshake layer via the SSL_METHOD vtable. If the ctrl is not
1406 * supported by anything, the handshake layer's ctrl method will finally
1409 return ossl_ctrl_internal(&ctx
.qc
->ssl
, cmd
, larg
, parg
, /*no_quic=*/1);
1413 /* SSL_set_connect_state */
1414 void ossl_quic_set_connect_state(SSL
*s
)
1418 if (!expect_quic(s
, &ctx
))
1421 /* Cannot be changed after handshake started */
1422 if (ctx
.qc
->started
|| ctx
.is_stream
)
1425 ctx
.qc
->as_server_state
= 0;
1428 /* SSL_set_accept_state */
1429 void ossl_quic_set_accept_state(SSL
*s
)
1433 if (!expect_quic(s
, &ctx
))
1436 /* Cannot be changed after handshake started */
1437 if (ctx
.qc
->started
|| ctx
.is_stream
)
1440 ctx
.qc
->as_server_state
= 1;
1443 /* SSL_do_handshake */
1444 struct quic_handshake_wait_args
{
1445 QUIC_CONNECTION
*qc
;
1448 static int quic_handshake_wait(void *arg
)
1450 struct quic_handshake_wait_args
*args
= arg
;
1452 if (!quic_mutation_allowed(args
->qc
, /*req_active=*/1))
1455 if (ossl_quic_channel_is_handshake_complete(args
->qc
->ch
))
1461 static int configure_channel(QUIC_CONNECTION
*qc
)
1463 assert(qc
->ch
!= NULL
);
1465 if (!ossl_quic_channel_set_net_rbio(qc
->ch
, qc
->net_rbio
)
1466 || !ossl_quic_channel_set_net_wbio(qc
->ch
, qc
->net_wbio
)
1467 || !ossl_quic_channel_set_peer_addr(qc
->ch
, &qc
->init_peer_addr
))
1474 static int create_channel(QUIC_CONNECTION
*qc
)
1476 QUIC_CHANNEL_ARGS args
= {0};
1478 args
.libctx
= qc
->ssl
.ctx
->libctx
;
1479 args
.propq
= qc
->ssl
.ctx
->propq
;
1480 args
.is_server
= qc
->as_server
;
1482 args
.mutex
= qc
->mutex
;
1483 args
.now_cb
= get_time_cb
;
1484 args
.now_cb_arg
= qc
;
1486 qc
->ch
= ossl_quic_channel_new(&args
);
1487 if (qc
->ch
== NULL
) {
1488 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_INTERNAL_ERROR
, NULL
);
1496 * Configures a channel with the information we have accumulated via calls made
1497 * to us from the application prior to starting a handshake attempt.
1500 static int ensure_channel_started(QCTX
*ctx
)
1502 QUIC_CONNECTION
*qc
= ctx
->qc
;
1505 if (!configure_channel(qc
)) {
1506 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
,
1507 "failed to configure channel");
1511 if (!ossl_quic_channel_start(qc
->ch
)) {
1512 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
,
1513 "failed to start channel");
1517 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
1518 if (qc
->is_thread_assisted
)
1519 if (!ossl_quic_thread_assist_init_start(&qc
->thread_assist
, qc
->ch
)) {
1520 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
,
1521 "failed to start assist thread");
1532 static int quic_do_handshake(QCTX
*ctx
)
1535 QUIC_CONNECTION
*qc
= ctx
->qc
;
1537 if (ossl_quic_channel_is_handshake_complete(qc
->ch
))
1538 /* Handshake already completed. */
1541 if (!quic_mutation_allowed(qc
, /*req_active=*/0))
1542 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
1544 if (qc
->as_server
!= qc
->as_server_state
) {
1545 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_PASSED_INVALID_ARGUMENT
, NULL
);
1546 return -1; /* Non-protocol error */
1549 if (qc
->net_rbio
== NULL
|| qc
->net_wbio
== NULL
) {
1550 /* Need read and write BIOs. */
1551 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_BIO_NOT_SET
, NULL
);
1552 return -1; /* Non-protocol error */
1556 * We need to determine our addressing mode. There are basically two
1557 * ways we can use L4 addresses:
1559 * - Addressed mode, in which our BIO_sendmmsg calls have destination
1560 * addresses attached to them which we expect the underlying network BIO
1563 * - Unaddressed mode, in which the BIO provided to us on the
1564 * network side neither provides us with L4 addresses nor is capable of
1565 * honouring ones we provide. We don't know where the QUIC traffic we
1566 * send ends up exactly and trust the application to know what it is
1569 * Addressed mode is preferred because it enables support for connection
1570 * migration, multipath, etc. in the future. Addressed mode is automatically
1571 * enabled if we are using e.g. BIO_s_datagram, with or without
1574 * If we are passed a BIO_s_dgram_pair (or some custom BIO) we may have to
1575 * use unaddressed mode unless that BIO supports capability flags indicating
1576 * it can provide and honour L4 addresses.
1578 * Our strategy for determining address mode is simple: we probe the
1579 * underlying network BIOs for their capabilities. If the network BIOs
1580 * support what we need, we use addressed mode. Otherwise, we use
1583 * If addressed mode is chosen, we require an initial peer address to be
1584 * set. If this is not set, we fail. If unaddressed mode is used, we do not
1585 * require this, as such an address is superfluous, though it can be set if
1588 if (!qc
->started
&& !qc
->addressing_probe_done
) {
1589 long rcaps
= BIO_dgram_get_effective_caps(qc
->net_rbio
);
1590 long wcaps
= BIO_dgram_get_effective_caps(qc
->net_wbio
);
1592 qc
->addressed_mode_r
= ((rcaps
& BIO_DGRAM_CAP_PROVIDES_SRC_ADDR
) != 0);
1593 qc
->addressed_mode_w
= ((wcaps
& BIO_DGRAM_CAP_HANDLES_DST_ADDR
) != 0);
1594 qc
->addressing_probe_done
= 1;
1597 if (!qc
->started
&& qc
->addressed_mode_w
1598 && BIO_ADDR_family(&qc
->init_peer_addr
) == AF_UNSPEC
) {
1600 * We are trying to connect and are using addressed mode, which means we
1601 * need an initial peer address; if we do not have a peer address yet,
1602 * we should try to autodetect one.
1604 * We do this as late as possible because some BIOs (e.g. BIO_s_connect)
1605 * may not be able to provide us with a peer address until they have
1606 * finished their own processing. They may not be able to perform this
1607 * processing until an application has finished configuring that BIO
1608 * (e.g. with setter calls), which might happen after SSL_set_bio is
1611 if (!csm_analyse_init_peer_addr(qc
->net_wbio
, &qc
->init_peer_addr
))
1613 BIO_ADDR_clear(&qc
->init_peer_addr
);
1615 ossl_quic_channel_set_peer_addr(qc
->ch
, &qc
->init_peer_addr
);
1619 && qc
->addressed_mode_w
1620 && BIO_ADDR_family(&qc
->init_peer_addr
) == AF_UNSPEC
) {
1622 * If we still don't have a peer address in addressed mode, we can't do
1625 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET
, NULL
);
1626 return -1; /* Non-protocol error */
1630 * Start connection process. Note we may come here multiple times in
1631 * non-blocking mode, which is fine.
1633 if (!ensure_channel_started(ctx
)) /* raises on failure */
1634 return -1; /* Non-protocol error */
1636 if (ossl_quic_channel_is_handshake_complete(qc
->ch
))
1637 /* The handshake is now done. */
1640 if (!qc_blocking_mode(qc
)) {
1641 /* Try to advance the reactor. */
1642 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc
->ch
), 0);
1644 if (ossl_quic_channel_is_handshake_complete(qc
->ch
))
1645 /* The handshake is now done. */
1648 if (ossl_quic_channel_is_term_any(qc
->ch
)) {
1649 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
1651 } else if (qc
->desires_blocking
) {
1653 * As a special case when doing a handshake when blocking mode is
1654 * desired yet not available, see if the network BIOs have become
1655 * poll descriptor-enabled. This supports BIOs such as BIO_s_connect
1656 * which do late creation of socket FDs and therefore cannot expose
1657 * a poll descriptor until after a network BIO is set on the QCSO.
1659 assert(!qc
->blocking
);
1660 qc_update_can_support_blocking(qc
);
1661 qc_update_blocking_mode(qc
);
1666 * We are either in blocking mode or just entered it due to the code above.
1668 if (qc_blocking_mode(qc
)) {
1669 /* In blocking mode, wait for the handshake to complete. */
1670 struct quic_handshake_wait_args args
;
1674 ret
= block_until_pred(qc
, quic_handshake_wait
, &args
, 0);
1675 if (!quic_mutation_allowed(qc
, /*req_active=*/1)) {
1676 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
1677 return 0; /* Shutdown before completion */
1678 } else if (ret
<= 0) {
1679 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
1680 return -1; /* Non-protocol error */
1683 assert(ossl_quic_channel_is_handshake_complete(qc
->ch
));
1688 * Otherwise, indicate that the handshake isn't done yet.
1689 * We can only get here in non-blocking mode.
1691 QUIC_RAISE_NORMAL_ERROR(ctx
, SSL_ERROR_WANT_READ
);
1692 return -1; /* Non-protocol error */
1696 int ossl_quic_do_handshake(SSL
*s
)
1701 if (!expect_quic(s
, &ctx
))
1704 quic_lock_for_io(&ctx
);
1706 ret
= quic_do_handshake(&ctx
);
1707 quic_unlock(ctx
.qc
);
1712 int ossl_quic_connect(SSL
*s
)
1714 /* Ensure we are in connect state (no-op if non-idle). */
1715 ossl_quic_set_connect_state(s
);
1717 /* Begin or continue the handshake */
1718 return ossl_quic_do_handshake(s
);
1722 int ossl_quic_accept(SSL
*s
)
1724 /* Ensure we are in accept state (no-op if non-idle). */
1725 ossl_quic_set_accept_state(s
);
1727 /* Begin or continue the handshake */
1728 return ossl_quic_do_handshake(s
);
1732 * QUIC Front-End I/O API: Stream Lifecycle Operations
1733 * ===================================================
1735 * SSL_stream_new => ossl_quic_conn_stream_new
1740 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1741 * default XSO was created. Returns 0 if it was not (e.g. because it already
1742 * exists). Note that this is NOT an error condition.
1745 static int qc_try_create_default_xso_for_write(QCTX
*ctx
)
1748 QUIC_CONNECTION
*qc
= ctx
->qc
;
1750 if (qc
->default_xso_created
1751 || qc
->default_stream_mode
== SSL_DEFAULT_STREAM_MODE_NONE
)
1753 * We only do this once. If the user detaches a previously created
1754 * default XSO we don't auto-create another one.
1756 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_NO_STREAM
, NULL
);
1758 /* Create a locally-initiated stream. */
1759 if (qc
->default_stream_mode
== SSL_DEFAULT_STREAM_MODE_AUTO_UNI
)
1760 flags
|= SSL_STREAM_FLAG_UNI
;
1762 qc_set_default_xso(qc
, (QUIC_XSO
*)quic_conn_stream_new(ctx
, flags
,
1765 if (qc
->default_xso
== NULL
)
1766 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
1768 qc_touch_default_xso(qc
);
1772 struct quic_wait_for_stream_args
{
1773 QUIC_CONNECTION
*qc
;
1780 static int quic_wait_for_stream(void *arg
)
1782 struct quic_wait_for_stream_args
*args
= arg
;
1784 if (!quic_mutation_allowed(args
->qc
, /*req_active=*/1)) {
1785 /* If connection is torn down due to an error while blocking, stop. */
1786 QUIC_RAISE_NON_NORMAL_ERROR(args
->ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
1790 args
->qs
= ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args
->qc
->ch
),
1791 args
->expect_id
| QUIC_STREAM_DIR_BIDI
);
1792 if (args
->qs
== NULL
)
1793 args
->qs
= ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args
->qc
->ch
),
1794 args
->expect_id
| QUIC_STREAM_DIR_UNI
);
1796 if (args
->qs
!= NULL
)
1797 return 1; /* stream now exists */
1799 return 0; /* did not get a stream, keep trying */
1803 static int qc_wait_for_default_xso_for_read(QCTX
*ctx
)
1805 /* Called on a QCSO and we don't currently have a default stream. */
1807 QUIC_CONNECTION
*qc
= ctx
->qc
;
1810 struct quic_wait_for_stream_args wargs
;
1813 * If default stream functionality is disabled or we already detached
1814 * one, don't make another default stream and just fail.
1816 if (qc
->default_xso_created
1817 || qc
->default_stream_mode
== SSL_DEFAULT_STREAM_MODE_NONE
)
1818 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_NO_STREAM
, NULL
);
1821 * The peer may have opened a stream since we last ticked. So tick and
1822 * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1823 * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1824 * first stream created by a peer must have an ordinal of 0.
1826 expect_id
= qc
->as_server
1827 ? QUIC_STREAM_INITIATOR_CLIENT
1828 : QUIC_STREAM_INITIATOR_SERVER
;
1830 qs
= ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc
->ch
),
1831 expect_id
| QUIC_STREAM_DIR_BIDI
);
1833 qs
= ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc
->ch
),
1834 expect_id
| QUIC_STREAM_DIR_UNI
);
1837 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc
->ch
), 0);
1839 qs
= ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc
->ch
),
1844 if (!qc_blocking_mode(qc
))
1845 /* Non-blocking mode, so just bail immediately. */
1846 return QUIC_RAISE_NORMAL_ERROR(ctx
, SSL_ERROR_WANT_READ
);
1848 /* Block until we have a stream. */
1852 wargs
.expect_id
= expect_id
;
1854 res
= block_until_pred(qc
, quic_wait_for_stream
, &wargs
, 0);
1856 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
1857 else if (res
< 0 || wargs
.qs
== NULL
)
1858 /* quic_wait_for_stream raised error here */
1865 * We now have qs != NULL. Make it the default stream, creating the
1868 qc_set_default_xso(qc
, create_xso_from_stream(qc
, qs
), /*touch=*/0);
1869 if (qc
->default_xso
== NULL
)
1870 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
1872 qc_touch_default_xso(qc
); /* inhibits default XSO */
1877 static QUIC_XSO
*create_xso_from_stream(QUIC_CONNECTION
*qc
, QUIC_STREAM
*qs
)
1879 QUIC_XSO
*xso
= NULL
;
1881 if ((xso
= OPENSSL_zalloc(sizeof(*xso
))) == NULL
) {
1882 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_CRYPTO_LIB
, NULL
);
1886 if (!ossl_ssl_init(&xso
->ssl
, qc
->ssl
.ctx
, qc
->ssl
.method
, SSL_TYPE_QUIC_XSO
)) {
1887 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_INTERNAL_ERROR
, NULL
);
1892 if (!SSL_up_ref(&qc
->ssl
)) {
1893 QUIC_RAISE_NON_NORMAL_ERROR(NULL
, ERR_R_SSL_LIB
, NULL
);
1898 xso
->ssl_mode
= qc
->default_ssl_mode
;
1900 = qc
->default_ssl_options
& OSSL_QUIC_PERMITTED_OPTIONS_STREAM
;
1901 xso
->last_error
= SSL_ERROR_NONE
;
1906 xso_update_options(xso
);
1914 struct quic_new_stream_wait_args
{
1915 QUIC_CONNECTION
*qc
;
1919 static int quic_new_stream_wait(void *arg
)
1921 struct quic_new_stream_wait_args
*args
= arg
;
1922 QUIC_CONNECTION
*qc
= args
->qc
;
1924 if (!quic_mutation_allowed(qc
, /*req_active=*/1))
1927 if (ossl_quic_channel_is_new_local_stream_admissible(qc
->ch
, args
->is_uni
))
1933 /* locking depends on need_lock */
1934 static SSL
*quic_conn_stream_new(QCTX
*ctx
, uint64_t flags
, int need_lock
)
1937 QUIC_CONNECTION
*qc
= ctx
->qc
;
1938 QUIC_XSO
*xso
= NULL
;
1939 QUIC_STREAM
*qs
= NULL
;
1940 int is_uni
= ((flags
& SSL_STREAM_FLAG_UNI
) != 0);
1941 int no_blocking
= ((flags
& SSL_STREAM_FLAG_NO_BLOCK
) != 0);
1942 int advance
= ((flags
& SSL_STREAM_FLAG_ADVANCE
) != 0);
1947 if (!quic_mutation_allowed(qc
, /*req_active=*/0)) {
1948 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
1953 && !ossl_quic_channel_is_new_local_stream_admissible(qc
->ch
, is_uni
)) {
1954 struct quic_new_stream_wait_args args
;
1957 * Stream count flow control currently doesn't permit this stream to be
1960 if (no_blocking
|| !qc_blocking_mode(qc
)) {
1961 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_STREAM_COUNT_LIMITED
, NULL
);
1966 args
.is_uni
= is_uni
;
1968 /* Blocking mode - wait until we can get a stream. */
1969 ret
= block_until_pred(ctx
->qc
, quic_new_stream_wait
, &args
, 0);
1970 if (!quic_mutation_allowed(qc
, /*req_active=*/1)) {
1971 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
1972 goto err
; /* Shutdown before completion */
1973 } else if (ret
<= 0) {
1974 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
1975 goto err
; /* Non-protocol error */
1979 qs
= ossl_quic_channel_new_stream_local(qc
->ch
, is_uni
);
1981 QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
1985 xso
= create_xso_from_stream(qc
, qs
);
1989 qc_touch_default_xso(qc
); /* inhibits default XSO */
1997 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc
->ch
), qs
);
2006 SSL
*ossl_quic_conn_stream_new(SSL
*s
, uint64_t flags
)
2010 if (!expect_quic_conn_only(s
, &ctx
))
2013 return quic_conn_stream_new(&ctx
, flags
, /*need_lock=*/1);
2017 * QUIC Front-End I/O API: Steady-State Operations
2018 * ===============================================
2020 * Here we dispatch calls to the steady-state front-end I/O API functions; that
2021 * is, the functions used during the established phase of a QUIC connection
2022 * (e.g. SSL_read, SSL_write).
2024 * Each function must handle both blocking and non-blocking modes. As discussed
2025 * above, all QUIC I/O is implemented using non-blocking mode internally.
2027 * SSL_get_error => partially implemented by ossl_quic_get_error
2028 * (BIO/)SSL_read => ossl_quic_read
2029 * (BIO/)SSL_write => ossl_quic_write
2030 * SSL_pending => ossl_quic_pending
2031 * SSL_stream_conclude => ossl_quic_conn_stream_conclude
2032 * SSL_key_update => ossl_quic_key_update
2036 int ossl_quic_get_error(const SSL
*s
, int i
)
2039 int net_error
, last_error
;
2041 if (!expect_quic(s
, &ctx
))
2045 net_error
= ossl_quic_channel_net_error(ctx
.qc
->ch
);
2046 last_error
= ctx
.is_stream
? ctx
.xso
->last_error
: ctx
.qc
->last_error
;
2047 quic_unlock(ctx
.qc
);
2050 return SSL_ERROR_SYSCALL
;
2059 * The set of functions below provide the implementation of the public SSL_write
2060 * function. We must handle:
2062 * - both blocking and non-blocking operation at the application level,
2063 * depending on how we are configured;
2065 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
2067 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
2071 static void quic_post_write(QUIC_XSO
*xso
, int did_append
, int do_tick
)
2074 * We have appended at least one byte to the stream.
2075 * Potentially mark stream as active, depending on FC.
2078 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso
->conn
->ch
),
2084 * TODO(QUIC FUTURE): It is probably inefficient to try and do this
2085 * immediately, plus we should eventually consider Nagle's algorithm.
2088 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso
->conn
->ch
), 0);
2091 struct quic_write_again_args
{
2093 const unsigned char *buf
;
2095 size_t total_written
;
2100 static int quic_write_again(void *arg
)
2102 struct quic_write_again_args
*args
= arg
;
2103 size_t actual_written
= 0;
2105 if (!quic_mutation_allowed(args
->xso
->conn
, /*req_active=*/1))
2106 /* If connection is torn down due to an error while blocking, stop. */
2109 if (!quic_validate_for_write(args
->xso
, &args
->err
))
2111 * Stream may have become invalid for write due to connection events
2116 args
->err
= ERR_R_INTERNAL_ERROR
;
2117 if (!ossl_quic_sstream_append(args
->xso
->stream
->sstream
,
2118 args
->buf
, args
->len
, &actual_written
))
2121 quic_post_write(args
->xso
, actual_written
> 0, 0);
2123 args
->buf
+= actual_written
;
2124 args
->len
-= actual_written
;
2125 args
->total_written
+= actual_written
;
2128 /* Written everything, done. */
2131 /* Not written everything yet, keep trying. */
2136 static int quic_write_blocking(QCTX
*ctx
, const void *buf
, size_t len
,
2140 QUIC_XSO
*xso
= ctx
->xso
;
2141 struct quic_write_again_args args
;
2142 size_t actual_written
= 0;
2144 /* First make a best effort to append as much of the data as possible. */
2145 if (!ossl_quic_sstream_append(xso
->stream
->sstream
, buf
, len
,
2147 /* Stream already finished or allocation error. */
2149 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2152 quic_post_write(xso
, actual_written
> 0, 1);
2154 if (actual_written
== len
) {
2155 /* Managed to append everything on the first try. */
2156 *written
= actual_written
;
2161 * We did not manage to append all of the data immediately, so the stream
2162 * buffer has probably filled up. This means we need to block until some of
2166 args
.buf
= (const unsigned char *)buf
+ actual_written
;
2167 args
.len
= len
- actual_written
;
2168 args
.total_written
= 0;
2169 args
.err
= ERR_R_INTERNAL_ERROR
;
2171 res
= block_until_pred(xso
->conn
, quic_write_again
, &args
, 0);
2173 if (!quic_mutation_allowed(xso
->conn
, /*req_active=*/1))
2174 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
2176 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, args
.err
, NULL
);
2179 *written
= args
.total_written
;
2184 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
2187 static void aon_write_begin(QUIC_XSO
*xso
, const unsigned char *buf
,
2188 size_t buf_len
, size_t already_sent
)
2190 assert(!xso
->aon_write_in_progress
);
2192 xso
->aon_write_in_progress
= 1;
2193 xso
->aon_buf_base
= buf
;
2194 xso
->aon_buf_pos
= already_sent
;
2195 xso
->aon_buf_len
= buf_len
;
2198 static void aon_write_finish(QUIC_XSO
*xso
)
2200 xso
->aon_write_in_progress
= 0;
2201 xso
->aon_buf_base
= NULL
;
2202 xso
->aon_buf_pos
= 0;
2203 xso
->aon_buf_len
= 0;
2207 static int quic_write_nonblocking_aon(QCTX
*ctx
, const void *buf
,
2208 size_t len
, size_t *written
)
2210 QUIC_XSO
*xso
= ctx
->xso
;
2211 const void *actual_buf
;
2212 size_t actual_len
, actual_written
= 0;
2213 int accept_moving_buffer
2214 = ((xso
->ssl_mode
& SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
) != 0);
2216 if (xso
->aon_write_in_progress
) {
2218 * We are in the middle of an AON write (i.e., a previous write did not
2219 * manage to append all data to the SSTREAM and we have Enable Partial
2220 * Write (EPW) mode disabled.)
2222 if ((!accept_moving_buffer
&& xso
->aon_buf_base
!= buf
)
2223 || len
!= xso
->aon_buf_len
)
2225 * Pointer must not have changed if we are not in accept moving
2226 * buffer mode. Length must never change.
2228 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, SSL_R_BAD_WRITE_RETRY
, NULL
);
2230 actual_buf
= (unsigned char *)buf
+ xso
->aon_buf_pos
;
2231 actual_len
= len
- xso
->aon_buf_pos
;
2232 assert(actual_len
> 0);
2238 /* First make a best effort to append as much of the data as possible. */
2239 if (!ossl_quic_sstream_append(xso
->stream
->sstream
, actual_buf
, actual_len
,
2241 /* Stream already finished or allocation error. */
2243 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2246 quic_post_write(xso
, actual_written
> 0, 1);
2248 if (actual_written
== actual_len
) {
2249 /* We have sent everything. */
2250 if (xso
->aon_write_in_progress
) {
2252 * We have sent everything, and we were in the middle of an AON
2253 * write. The output write length is the total length of the AON
2254 * buffer, not however many bytes we managed to write to the stream
2257 *written
= xso
->aon_buf_len
;
2258 aon_write_finish(xso
);
2260 *written
= actual_written
;
2266 if (xso
->aon_write_in_progress
) {
2268 * AON write is in progress but we have not written everything yet. We
2269 * may have managed to send zero bytes, or some number of bytes less
2270 * than the total remaining which need to be appended during this
2273 xso
->aon_buf_pos
+= actual_written
;
2274 assert(xso
->aon_buf_pos
< xso
->aon_buf_len
);
2275 return QUIC_RAISE_NORMAL_ERROR(ctx
, SSL_ERROR_WANT_WRITE
);
2279 * Not in an existing AON operation but partial write is not enabled, so we
2280 * need to begin a new AON operation. However we needn't bother if we didn't
2281 * actually append anything.
2283 if (actual_written
> 0)
2284 aon_write_begin(xso
, buf
, len
, actual_written
);
2287 * AON - We do not publicly admit to having appended anything until AON
2291 return QUIC_RAISE_NORMAL_ERROR(ctx
, SSL_ERROR_WANT_WRITE
);
2295 static int quic_write_nonblocking_epw(QCTX
*ctx
, const void *buf
, size_t len
,
2298 QUIC_XSO
*xso
= ctx
->xso
;
2300 /* Simple best effort operation. */
2301 if (!ossl_quic_sstream_append(xso
->stream
->sstream
, buf
, len
, written
)) {
2302 /* Stream already finished or allocation error. */
2304 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2307 quic_post_write(xso
, *written
> 0, 1);
2312 static int quic_validate_for_write(QUIC_XSO
*xso
, int *err
)
2314 QUIC_STREAM_MAP
*qsm
;
2316 if (xso
== NULL
|| xso
->stream
== NULL
) {
2317 *err
= ERR_R_INTERNAL_ERROR
;
2321 switch (xso
->stream
->send_state
) {
2323 case QUIC_SSTREAM_STATE_NONE
:
2324 *err
= SSL_R_STREAM_RECV_ONLY
;
2327 case QUIC_SSTREAM_STATE_READY
:
2328 qsm
= ossl_quic_channel_get_qsm(xso
->conn
->ch
);
2330 if (!ossl_quic_stream_map_ensure_send_part_id(qsm
, xso
->stream
)) {
2331 *err
= ERR_R_INTERNAL_ERROR
;
2336 case QUIC_SSTREAM_STATE_SEND
:
2337 case QUIC_SSTREAM_STATE_DATA_SENT
:
2338 case QUIC_SSTREAM_STATE_DATA_RECVD
:
2339 if (ossl_quic_sstream_get_final_size(xso
->stream
->sstream
, NULL
)) {
2340 *err
= SSL_R_STREAM_FINISHED
;
2346 case QUIC_SSTREAM_STATE_RESET_SENT
:
2347 case QUIC_SSTREAM_STATE_RESET_RECVD
:
2348 *err
= SSL_R_STREAM_RESET
;
2354 int ossl_quic_write(SSL
*s
, const void *buf
, size_t len
, size_t *written
)
2358 int partial_write
, err
;
2362 if (!expect_quic_with_stream_lock(s
, /*remote_init=*/0, /*io=*/1, &ctx
))
2365 partial_write
= ((ctx
.xso
->ssl_mode
& SSL_MODE_ENABLE_PARTIAL_WRITE
) != 0);
2367 if (!quic_mutation_allowed(ctx
.qc
, /*req_active=*/0)) {
2368 ret
= QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
2373 * If we haven't finished the handshake, try to advance it.
2374 * We don't accept writes until the handshake is completed.
2376 if (quic_do_handshake(&ctx
) < 1) {
2381 /* Ensure correct stream state, stream send part not concluded, etc. */
2382 if (!quic_validate_for_write(ctx
.xso
, &err
)) {
2383 ret
= QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, err
, NULL
);
2392 if (xso_blocking_mode(ctx
.xso
))
2393 ret
= quic_write_blocking(&ctx
, buf
, len
, written
);
2394 else if (partial_write
)
2395 ret
= quic_write_nonblocking_epw(&ctx
, buf
, len
, written
);
2397 ret
= quic_write_nonblocking_aon(&ctx
, buf
, len
, written
);
2400 quic_unlock(ctx
.qc
);
2408 struct quic_read_again_args
{
2410 QUIC_STREAM
*stream
;
2418 static int quic_validate_for_read(QUIC_XSO
*xso
, int *err
, int *eos
)
2420 QUIC_STREAM_MAP
*qsm
;
2424 if (xso
== NULL
|| xso
->stream
== NULL
) {
2425 *err
= ERR_R_INTERNAL_ERROR
;
2429 switch (xso
->stream
->recv_state
) {
2431 case QUIC_RSTREAM_STATE_NONE
:
2432 *err
= SSL_R_STREAM_SEND_ONLY
;
2435 case QUIC_RSTREAM_STATE_RECV
:
2436 case QUIC_RSTREAM_STATE_SIZE_KNOWN
:
2437 case QUIC_RSTREAM_STATE_DATA_RECVD
:
2440 case QUIC_RSTREAM_STATE_DATA_READ
:
2444 case QUIC_RSTREAM_STATE_RESET_RECVD
:
2445 qsm
= ossl_quic_channel_get_qsm(xso
->conn
->ch
);
2446 ossl_quic_stream_map_notify_app_read_reset_recv_part(qsm
, xso
->stream
);
2449 case QUIC_RSTREAM_STATE_RESET_READ
:
2450 *err
= SSL_R_STREAM_RESET
;
2456 static int quic_read_actual(QCTX
*ctx
,
2457 QUIC_STREAM
*stream
,
2458 void *buf
, size_t buf_len
,
2462 int is_fin
= 0, err
, eos
;
2463 QUIC_CONNECTION
*qc
= ctx
->qc
;
2465 if (!quic_validate_for_read(ctx
->xso
, &err
, &eos
)) {
2467 return QUIC_RAISE_NORMAL_ERROR(ctx
, SSL_ERROR_ZERO_RETURN
);
2469 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, err
, NULL
);
2473 if (!ossl_quic_rstream_peek(stream
->rstream
, buf
, buf_len
,
2474 bytes_read
, &is_fin
))
2475 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2478 if (!ossl_quic_rstream_read(stream
->rstream
, buf
, buf_len
,
2479 bytes_read
, &is_fin
))
2480 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2484 if (*bytes_read
> 0) {
2486 * We have read at least one byte from the stream. Inform stream-level
2487 * RXFC of the retirement of controlled bytes. Update the active stream
2488 * status (the RXFC may now want to emit a frame granting more credit to
2491 OSSL_RTT_INFO rtt_info
;
2493 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc
->ch
), &rtt_info
);
2495 if (!ossl_quic_rxfc_on_retire(&stream
->rxfc
, *bytes_read
,
2496 rtt_info
.smoothed_rtt
))
2497 return QUIC_RAISE_NON_NORMAL_ERROR(ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2500 if (is_fin
&& !peek
) {
2501 QUIC_STREAM_MAP
*qsm
= ossl_quic_channel_get_qsm(ctx
->qc
->ch
);
2503 ossl_quic_stream_map_notify_totally_read(qsm
, ctx
->xso
->stream
);
2506 if (*bytes_read
> 0)
2507 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc
->ch
),
2511 if (*bytes_read
== 0 && is_fin
)
2512 return QUIC_RAISE_NORMAL_ERROR(ctx
, SSL_ERROR_ZERO_RETURN
);
2518 static int quic_read_again(void *arg
)
2520 struct quic_read_again_args
*args
= arg
;
2522 if (!quic_mutation_allowed(args
->ctx
->qc
, /*req_active=*/1)) {
2523 /* If connection is torn down due to an error while blocking, stop. */
2524 QUIC_RAISE_NON_NORMAL_ERROR(args
->ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
2528 if (!quic_read_actual(args
->ctx
, args
->stream
,
2529 args
->buf
, args
->len
, args
->bytes_read
,
2533 if (*args
->bytes_read
> 0)
2534 /* got at least one byte, the SSL_read op can finish now */
2537 return 0; /* did not read anything, keep trying */
2541 static int quic_read(SSL
*s
, void *buf
, size_t len
, size_t *bytes_read
, int peek
)
2545 struct quic_read_again_args args
;
2549 if (!expect_quic(s
, &ctx
))
2552 quic_lock_for_io(&ctx
);
2554 if (!quic_mutation_allowed(ctx
.qc
, /*req_active=*/0)) {
2555 ret
= QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
2559 /* If we haven't finished the handshake, try to advance it. */
2560 if (quic_do_handshake(&ctx
) < 1) {
2561 ret
= 0; /* ossl_quic_do_handshake raised error here */
2565 if (ctx
.xso
== NULL
) {
2567 * Called on a QCSO and we don't currently have a default stream.
2569 * Wait until we get a stream initiated by the peer (blocking mode) or
2570 * fail if we don't have one yet (non-blocking mode).
2572 if (!qc_wait_for_default_xso_for_read(&ctx
)) {
2573 ret
= 0; /* error already raised here */
2577 ctx
.xso
= ctx
.qc
->default_xso
;
2580 if (!quic_read_actual(&ctx
, ctx
.xso
->stream
, buf
, len
, bytes_read
, peek
)) {
2581 ret
= 0; /* quic_read_actual raised error here */
2585 if (*bytes_read
> 0) {
2587 * Even though we succeeded, tick the reactor here to ensure we are
2588 * handling other aspects of the QUIC connection.
2590 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx
.qc
->ch
), 0);
2592 } else if (xso_blocking_mode(ctx
.xso
)) {
2594 * We were not able to read anything immediately, so our stream
2595 * buffer is empty. This means we need to block until we get
2596 * at least one byte.
2599 args
.stream
= ctx
.xso
->stream
;
2602 args
.bytes_read
= bytes_read
;
2605 res
= block_until_pred(ctx
.qc
, quic_read_again
, &args
, 0);
2607 ret
= QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2609 } else if (res
< 0) {
2610 ret
= 0; /* quic_read_again raised error here */
2617 * We did not get any bytes and are not in blocking mode.
2618 * Tick to see if this delivers any more.
2620 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx
.qc
->ch
), 0);
2622 /* Try the read again. */
2623 if (!quic_read_actual(&ctx
, ctx
.xso
->stream
, buf
, len
, bytes_read
, peek
)) {
2624 ret
= 0; /* quic_read_actual raised error here */
2628 if (*bytes_read
> 0)
2629 ret
= 1; /* Succeeded this time. */
2631 ret
= QUIC_RAISE_NORMAL_ERROR(&ctx
, SSL_ERROR_WANT_READ
);
2635 quic_unlock(ctx
.qc
);
2639 int ossl_quic_read(SSL
*s
, void *buf
, size_t len
, size_t *bytes_read
)
2641 return quic_read(s
, buf
, len
, bytes_read
, 0);
2644 int ossl_quic_peek(SSL
*s
, void *buf
, size_t len
, size_t *bytes_read
)
2646 return quic_read(s
, buf
, len
, bytes_read
, 1);
2655 static size_t ossl_quic_pending_int(const SSL
*s
, int check_channel
)
2662 if (!expect_quic(s
, &ctx
))
2667 if (ctx
.xso
== NULL
) {
2668 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, SSL_R_NO_STREAM
, NULL
);
2672 if (ctx
.xso
->stream
== NULL
2673 || !ossl_quic_stream_has_recv_buffer(ctx
.xso
->stream
)) {
2674 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
2678 if (!ossl_quic_rstream_available(ctx
.xso
->stream
->rstream
, &avail
, &fin
))
2681 if (avail
== 0 && check_channel
&& ossl_quic_channel_has_pending(ctx
.qc
->ch
))
2685 quic_unlock(ctx
.qc
);
2689 size_t ossl_quic_pending(const SSL
*s
)
2691 return ossl_quic_pending_int(s
, /*check_channel=*/0);
2694 int ossl_quic_has_pending(const SSL
*s
)
2696 /* Do we have app-side pending data or pending URXEs or RXEs? */
2697 return ossl_quic_pending_int(s
, /*check_channel=*/1) > 0;
2701 * SSL_stream_conclude
2702 * -------------------
2705 int ossl_quic_conn_stream_conclude(SSL
*s
)
2711 if (!expect_quic_with_stream_lock(s
, /*remote_init=*/0, /*io=*/0, &ctx
))
2714 qs
= ctx
.xso
->stream
;
2716 if (!quic_mutation_allowed(ctx
.qc
, /*req_active=*/1)) {
2717 quic_unlock(ctx
.qc
);
2718 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
2721 if (!quic_validate_for_write(ctx
.xso
, &err
)) {
2722 quic_unlock(ctx
.qc
);
2723 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, err
, NULL
);
2726 if (ossl_quic_sstream_get_final_size(qs
->sstream
, NULL
)) {
2727 quic_unlock(ctx
.qc
);
2731 ossl_quic_sstream_fin(qs
->sstream
);
2732 quic_post_write(ctx
.xso
, 1, 1);
2733 quic_unlock(ctx
.qc
);
2738 * SSL_inject_net_dgram
2739 * --------------------
2742 int SSL_inject_net_dgram(SSL
*s
, const unsigned char *buf
,
2744 const BIO_ADDR
*peer
,
2745 const BIO_ADDR
*local
)
2751 if (!expect_quic(s
, &ctx
))
2756 demux
= ossl_quic_channel_get0_demux(ctx
.qc
->ch
);
2757 ret
= ossl_quic_demux_inject(demux
, buf
, buf_len
, peer
, local
);
2759 quic_unlock(ctx
.qc
);
2764 * SSL_get0_connection
2765 * -------------------
2767 SSL
*ossl_quic_get0_connection(SSL
*s
)
2771 if (!expect_quic(s
, &ctx
))
2774 return &ctx
.qc
->ssl
;
2778 * SSL_get_stream_type
2779 * -------------------
2781 int ossl_quic_get_stream_type(SSL
*s
)
2785 if (!expect_quic(s
, &ctx
))
2786 return SSL_STREAM_TYPE_BIDI
;
2788 if (ctx
.xso
== NULL
) {
2790 * If deferred XSO creation has yet to occur, proceed according to the
2791 * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
2792 * what kind of stream will be created yet, so return BIDI on the basis
2793 * that at this time, the client still has the option of calling
2794 * SSL_read() or SSL_write() first.
2796 if (ctx
.qc
->default_xso_created
2797 || ctx
.qc
->default_stream_mode
== SSL_DEFAULT_STREAM_MODE_NONE
)
2798 return SSL_STREAM_TYPE_NONE
;
2800 return SSL_STREAM_TYPE_BIDI
;
2803 if (ossl_quic_stream_is_bidi(ctx
.xso
->stream
))
2804 return SSL_STREAM_TYPE_BIDI
;
2806 if (ossl_quic_stream_is_server_init(ctx
.xso
->stream
) != ctx
.qc
->as_server
)
2807 return SSL_STREAM_TYPE_READ
;
2809 return SSL_STREAM_TYPE_WRITE
;
2817 uint64_t ossl_quic_get_stream_id(SSL
*s
)
2822 if (!expect_quic_with_stream_lock(s
, /*remote_init=*/-1, /*io=*/0, &ctx
))
2825 id
= ctx
.xso
->stream
->id
;
2826 quic_unlock(ctx
.qc
);
2832 * SSL_is_stream_local
2833 * -------------------
2836 int ossl_quic_is_stream_local(SSL
*s
)
2841 if (!expect_quic_with_stream_lock(s
, /*remote_init=*/-1, /*io=*/0, &ctx
))
2844 is_local
= ossl_quic_stream_is_local_init(ctx
.xso
->stream
);
2845 quic_unlock(ctx
.qc
);
2851 * SSL_set_default_stream_mode
2852 * ---------------------------
2855 int ossl_quic_set_default_stream_mode(SSL
*s
, uint32_t mode
)
2859 if (!expect_quic_conn_only(s
, &ctx
))
2864 if (ctx
.qc
->default_xso_created
) {
2865 quic_unlock(ctx
.qc
);
2866 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
,
2867 "too late to change default stream mode");
2871 case SSL_DEFAULT_STREAM_MODE_NONE
:
2872 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI
:
2873 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI
:
2874 ctx
.qc
->default_stream_mode
= mode
;
2877 quic_unlock(ctx
.qc
);
2878 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_INVALID_ARGUMENT
,
2879 "bad default stream type");
2882 quic_unlock(ctx
.qc
);
2891 SSL
*ossl_quic_detach_stream(SSL
*s
)
2894 QUIC_XSO
*xso
= NULL
;
2896 if (!expect_quic_conn_only(s
, &ctx
))
2901 /* Calling this function inhibits default XSO autocreation. */
2902 /* QC ref to any default XSO is transferred to us and to caller. */
2903 qc_set_default_xso_keep_ref(ctx
.qc
, NULL
, /*touch=*/1, &xso
);
2905 quic_unlock(ctx
.qc
);
2907 return xso
!= NULL
? &xso
->ssl
: NULL
;
2915 int ossl_quic_attach_stream(SSL
*conn
, SSL
*stream
)
2921 if (!expect_quic_conn_only(conn
, &ctx
))
2924 if (stream
== NULL
|| stream
->type
!= SSL_TYPE_QUIC_XSO
)
2925 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_NULL_PARAMETER
,
2926 "stream to attach must be a valid QUIC stream");
2928 xso
= (QUIC_XSO
*)stream
;
2932 if (ctx
.qc
->default_xso
!= NULL
) {
2933 quic_unlock(ctx
.qc
);
2934 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
,
2935 "connection already has a default stream");
2939 * It is a caller error for the XSO being attached as a default XSO to have
2940 * more than one ref.
2942 if (!CRYPTO_GET_REF(&xso
->ssl
.references
, &nref
)) {
2943 quic_unlock(ctx
.qc
);
2944 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_INTERNAL_ERROR
,
2949 quic_unlock(ctx
.qc
);
2950 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_INVALID_ARGUMENT
,
2951 "stream being attached must have "
2952 "only 1 reference");
2955 /* Caller's reference to the XSO is transferred to us. */
2956 /* Calling this function inhibits default XSO autocreation. */
2957 qc_set_default_xso(ctx
.qc
, xso
, /*touch=*/1);
2959 quic_unlock(ctx
.qc
);
2964 * SSL_set_incoming_stream_policy
2965 * ------------------------------
2968 static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION
*qc
)
2970 switch (qc
->incoming_stream_policy
) {
2971 case SSL_INCOMING_STREAM_POLICY_AUTO
:
2972 if ((qc
->default_xso
== NULL
&& !qc
->default_xso_created
)
2973 || qc
->default_stream_mode
== SSL_DEFAULT_STREAM_MODE_NONE
)
2974 return SSL_INCOMING_STREAM_POLICY_ACCEPT
;
2976 return SSL_INCOMING_STREAM_POLICY_REJECT
;
2979 return qc
->incoming_stream_policy
;
2984 static void qc_update_reject_policy(QUIC_CONNECTION
*qc
)
2986 int policy
= qc_get_effective_incoming_stream_policy(qc
);
2987 int enable_reject
= (policy
== SSL_INCOMING_STREAM_POLICY_REJECT
);
2989 ossl_quic_channel_set_incoming_stream_auto_reject(qc
->ch
,
2991 qc
->incoming_stream_aec
);
2995 int ossl_quic_set_incoming_stream_policy(SSL
*s
, int policy
,
3001 if (!expect_quic_conn_only(s
, &ctx
))
3007 case SSL_INCOMING_STREAM_POLICY_AUTO
:
3008 case SSL_INCOMING_STREAM_POLICY_ACCEPT
:
3009 case SSL_INCOMING_STREAM_POLICY_REJECT
:
3010 ctx
.qc
->incoming_stream_policy
= policy
;
3011 ctx
.qc
->incoming_stream_aec
= aec
;
3015 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_INVALID_ARGUMENT
, NULL
);
3020 qc_update_reject_policy(ctx
.qc
);
3021 quic_unlock(ctx
.qc
);
3029 struct wait_for_incoming_stream_args
{
3035 static int wait_for_incoming_stream(void *arg
)
3037 struct wait_for_incoming_stream_args
*args
= arg
;
3038 QUIC_CONNECTION
*qc
= args
->ctx
->qc
;
3039 QUIC_STREAM_MAP
*qsm
= ossl_quic_channel_get_qsm(qc
->ch
);
3041 if (!quic_mutation_allowed(qc
, /*req_active=*/1)) {
3042 /* If connection is torn down due to an error while blocking, stop. */
3043 QUIC_RAISE_NON_NORMAL_ERROR(args
->ctx
, SSL_R_PROTOCOL_IS_SHUTDOWN
, NULL
);
3047 args
->qs
= ossl_quic_stream_map_peek_accept_queue(qsm
);
3048 if (args
->qs
!= NULL
)
3049 return 1; /* got a stream */
3051 return 0; /* did not get a stream, keep trying */
3055 SSL
*ossl_quic_accept_stream(SSL
*s
, uint64_t flags
)
3060 QUIC_STREAM_MAP
*qsm
;
3063 OSSL_RTT_INFO rtt_info
;
3065 if (!expect_quic_conn_only(s
, &ctx
))
3070 if (qc_get_effective_incoming_stream_policy(ctx
.qc
)
3071 == SSL_INCOMING_STREAM_POLICY_REJECT
) {
3072 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
, NULL
);
3076 qsm
= ossl_quic_channel_get_qsm(ctx
.qc
->ch
);
3078 qs
= ossl_quic_stream_map_peek_accept_queue(qsm
);
3080 if (qc_blocking_mode(ctx
.qc
)
3081 && (flags
& SSL_ACCEPT_STREAM_NO_BLOCK
) == 0) {
3082 struct wait_for_incoming_stream_args args
;
3087 ret
= block_until_pred(ctx
.qc
, wait_for_incoming_stream
, &args
, 0);
3089 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
3091 } else if (ret
< 0 || args
.qs
== NULL
) {
3101 xso
= create_xso_from_stream(ctx
.qc
, qs
);
3105 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx
.qc
->ch
), &rtt_info
);
3106 ossl_quic_stream_map_remove_from_accept_queue(qsm
, qs
,
3107 rtt_info
.smoothed_rtt
);
3110 /* Calling this function inhibits default XSO autocreation. */
3111 qc_touch_default_xso(ctx
.qc
); /* inhibits default XSO */
3114 quic_unlock(ctx
.qc
);
3119 * SSL_get_accept_stream_queue_len
3120 * -------------------------------
3123 size_t ossl_quic_get_accept_stream_queue_len(SSL
*s
)
3128 if (!expect_quic_conn_only(s
, &ctx
))
3133 v
= ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx
.qc
->ch
));
3135 quic_unlock(ctx
.qc
);
3143 int ossl_quic_stream_reset(SSL
*ssl
,
3144 const SSL_STREAM_RESET_ARGS
*args
,
3148 QUIC_STREAM_MAP
*qsm
;
3150 uint64_t error_code
;
3153 if (!expect_quic_with_stream_lock(ssl
, /*remote_init=*/0, /*io=*/0, &ctx
))
3156 qsm
= ossl_quic_channel_get_qsm(ctx
.qc
->ch
);
3157 qs
= ctx
.xso
->stream
;
3158 error_code
= (args
!= NULL
? args
->quic_error_code
: 0);
3160 if (!quic_validate_for_write(ctx
.xso
, &err
)) {
3161 ok
= QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, err
, NULL
);
3165 ok
= ossl_quic_stream_map_reset_stream_send_part(qsm
, qs
, error_code
);
3168 quic_unlock(ctx
.qc
);
3173 * SSL_get_stream_read_state
3174 * -------------------------
3176 static void quic_classify_stream(QUIC_CONNECTION
*qc
,
3180 uint64_t *app_error_code
)
3183 uint64_t final_size
;
3185 local_init
= (ossl_quic_stream_is_server_init(qs
) == qc
->as_server
);
3187 if (app_error_code
!= NULL
)
3188 *app_error_code
= UINT64_MAX
;
3190 app_error_code
= &final_size
; /* throw away value */
3192 if (!ossl_quic_stream_is_bidi(qs
) && local_init
!= is_write
) {
3194 * Unidirectional stream and this direction of transmission doesn't
3197 *state
= SSL_STREAM_STATE_WRONG_DIR
;
3198 } else if (ossl_quic_channel_is_term_any(qc
->ch
)) {
3199 /* Connection already closed. */
3200 *state
= SSL_STREAM_STATE_CONN_CLOSED
;
3201 } else if (!is_write
&& qs
->recv_state
== QUIC_RSTREAM_STATE_DATA_READ
) {
3202 /* Application has read a FIN. */
3203 *state
= SSL_STREAM_STATE_FINISHED
;
3204 } else if ((!is_write
&& qs
->stop_sending
)
3205 || (is_write
&& ossl_quic_stream_send_is_reset(qs
))) {
3207 * Stream has been reset locally. FIN takes precedence over this for the
3208 * read case as the application need not care if the stream is reset
3209 * after a FIN has been successfully processed.
3211 *state
= SSL_STREAM_STATE_RESET_LOCAL
;
3212 *app_error_code
= !is_write
3213 ? qs
->stop_sending_aec
3214 : qs
->reset_stream_aec
;
3215 } else if ((!is_write
&& ossl_quic_stream_recv_is_reset(qs
))
3216 || (is_write
&& qs
->peer_stop_sending
)) {
3218 * Stream has been reset remotely. */
3219 *state
= SSL_STREAM_STATE_RESET_REMOTE
;
3220 *app_error_code
= !is_write
3221 ? qs
->peer_reset_stream_aec
3222 : qs
->peer_stop_sending_aec
;
3223 } else if (is_write
&& ossl_quic_sstream_get_final_size(qs
->sstream
,
3226 * Stream has been finished. Stream reset takes precedence over this for
3227 * the write case as peer may not have received all data.
3229 *state
= SSL_STREAM_STATE_FINISHED
;
3231 /* Stream still healthy. */
3232 *state
= SSL_STREAM_STATE_OK
;
3236 static int quic_get_stream_state(SSL
*ssl
, int is_write
)
3241 if (!expect_quic_with_stream_lock(ssl
, /*remote_init=*/-1, /*io=*/0, &ctx
))
3242 return SSL_STREAM_STATE_NONE
;
3244 quic_classify_stream(ctx
.qc
, ctx
.xso
->stream
, is_write
, &state
, NULL
);
3245 quic_unlock(ctx
.qc
);
3249 int ossl_quic_get_stream_read_state(SSL
*ssl
)
3251 return quic_get_stream_state(ssl
, /*is_write=*/0);
3255 * SSL_get_stream_write_state
3256 * --------------------------
3258 int ossl_quic_get_stream_write_state(SSL
*ssl
)
3260 return quic_get_stream_state(ssl
, /*is_write=*/1);
3264 * SSL_get_stream_read_error_code
3265 * ------------------------------
3267 static int quic_get_stream_error_code(SSL
*ssl
, int is_write
,
3268 uint64_t *app_error_code
)
3273 if (!expect_quic_with_stream_lock(ssl
, /*remote_init=*/-1, /*io=*/0, &ctx
))
3276 quic_classify_stream(ctx
.qc
, ctx
.xso
->stream
, /*is_write=*/0,
3277 &state
, app_error_code
);
3279 quic_unlock(ctx
.qc
);
3281 case SSL_STREAM_STATE_FINISHED
:
3283 case SSL_STREAM_STATE_RESET_LOCAL
:
3284 case SSL_STREAM_STATE_RESET_REMOTE
:
3291 int ossl_quic_get_stream_read_error_code(SSL
*ssl
, uint64_t *app_error_code
)
3293 return quic_get_stream_error_code(ssl
, /*is_write=*/0, app_error_code
);
3297 * SSL_get_stream_write_error_code
3298 * -------------------------------
3300 int ossl_quic_get_stream_write_error_code(SSL
*ssl
, uint64_t *app_error_code
)
3302 return quic_get_stream_error_code(ssl
, /*is_write=*/1, app_error_code
);
3306 * Write buffer size mutation
3307 * --------------------------
3309 int ossl_quic_set_write_buffer_size(SSL
*ssl
, size_t size
)
3314 if (!expect_quic_with_stream_lock(ssl
, /*remote_init=*/-1, /*io=*/0, &ctx
))
3317 if (!ossl_quic_stream_has_send(ctx
.xso
->stream
)) {
3318 /* Called on a unidirectional receive-only stream - error. */
3319 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
, NULL
);
3323 if (!ossl_quic_stream_has_send_buffer(ctx
.xso
->stream
)) {
3325 * If the stream has a send part but we have disposed of it because we
3326 * no longer need it, this is a no-op.
3332 if (!ossl_quic_sstream_set_buffer_size(ctx
.xso
->stream
->sstream
, size
)) {
3333 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_INTERNAL_ERROR
, NULL
);
3340 quic_unlock(ctx
.qc
);
3345 * SSL_get_conn_close_info
3346 * -----------------------
3348 int ossl_quic_get_conn_close_info(SSL
*ssl
,
3349 SSL_CONN_CLOSE_INFO
*info
,
3353 const QUIC_TERMINATE_CAUSE
*tc
;
3355 if (!expect_quic_conn_only(ssl
, &ctx
))
3358 tc
= ossl_quic_channel_get_terminate_cause(ctx
.qc
->ch
);
3362 info
->error_code
= tc
->error_code
;
3363 info
->reason
= tc
->reason
;
3364 info
->reason_len
= tc
->reason_len
;
3367 info
->flags
|= SSL_CONN_CLOSE_FLAG_LOCAL
;
3369 info
->flags
|= SSL_CONN_CLOSE_FLAG_TRANSPORT
;
3377 int ossl_quic_key_update(SSL
*ssl
, int update_type
)
3381 if (!expect_quic_conn_only(ssl
, &ctx
))
3384 switch (update_type
) {
3385 case SSL_KEY_UPDATE_NOT_REQUESTED
:
3387 * QUIC signals peer key update implicily by triggering a local
3388 * spontaneous TXKU. Silently upgrade this to SSL_KEY_UPDATE_REQUESTED.
3390 case SSL_KEY_UPDATE_REQUESTED
:
3394 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, ERR_R_PASSED_INVALID_ARGUMENT
, NULL
);
3400 /* Attempt to perform a TXKU. */
3401 if (!ossl_quic_channel_trigger_txku(ctx
.qc
->ch
)) {
3402 QUIC_RAISE_NON_NORMAL_ERROR(&ctx
, SSL_R_TOO_MANY_KEY_UPDATES
, NULL
);
3403 quic_unlock(ctx
.qc
);
3407 quic_unlock(ctx
.qc
);
3412 * SSL_get_key_update_type
3413 * -----------------------
3415 int ossl_quic_get_key_update_type(const SSL
*s
)
3418 * We always handle key updates immediately so a key update is never
3421 return SSL_KEY_UPDATE_NONE
;
3425 * QUIC Front-End I/O API: SSL_CTX Management
3426 * ==========================================
3429 long ossl_quic_ctx_ctrl(SSL_CTX
*ctx
, int cmd
, long larg
, void *parg
)
3433 return ssl3_ctx_ctrl(ctx
, cmd
, larg
, parg
);
3437 long ossl_quic_callback_ctrl(SSL
*s
, int cmd
, void (*fp
) (void))
3441 if (!expect_quic_conn_only(s
, &ctx
))
3445 case SSL_CTRL_SET_MSG_CALLBACK
:
3446 ossl_quic_channel_set_msg_callback(ctx
.qc
->ch
, (ossl_msg_cb
)fp
,
3448 /* This callback also needs to be set on the internal SSL object */
3449 return ssl3_callback_ctrl(ctx
.qc
->tls
, cmd
, fp
);;
3452 /* Probably a TLS related ctrl. Defer to our internal SSL object */
3453 return ssl3_callback_ctrl(ctx
.qc
->tls
, cmd
, fp
);
3457 long ossl_quic_ctx_callback_ctrl(SSL_CTX
*ctx
, int cmd
, void (*fp
) (void))
3459 return ssl3_ctx_callback_ctrl(ctx
, cmd
, fp
);
3462 int ossl_quic_renegotiate_check(SSL
*ssl
, int initok
)
3464 /* We never do renegotiation. */
3469 * These functions define the TLSv1.2 (and below) ciphers that are supported by
3470 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
3473 int ossl_quic_num_ciphers(void)
3478 const SSL_CIPHER
*ossl_quic_get_cipher(unsigned int u
)
3484 * Internal Testing APIs
3485 * =====================
3488 QUIC_CHANNEL
*ossl_quic_conn_get_channel(SSL
*s
)
3492 if (!expect_quic_conn_only(s
, &ctx
))