Do not implicitly start connection with SSL_handle_events() or SSL_poll()

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25069)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index f6ddba43c5d3db0dd496047c7d611838cea9e244..539d6d9b7892a8e6e5597f17bff1bb2677c8b586 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -1065,7 +1065,8 @@ int ossl_quic_handle_events(SSL *s)
         return 0;
 
     quic_lock(ctx.qc);
-    ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
+    if (ctx.qc->started)
+        ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
     quic_unlock(ctx.qc);
     return 1;
 }
@@ -4100,6 +4101,13 @@ int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick,
 
     quic_lock(ctx.qc);
 
+    if (!ctx.qc->started) {
+        /* We can only try to write on non-started connection. */
+        if ((events & SSL_POLL_EVENT_W) != 0)
+            revents |= SSL_POLL_EVENT_W;
+        goto end;
+    }
+
     if (do_tick)
         ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
 
@@ -4149,6 +4157,7 @@ int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick,
             revents |= SSL_POLL_EVENT_OSU;
     }
 
+ end:
     quic_unlock(ctx.qc);
     *p_revents = revents;
     return 1;