Don't treat the Tserver as connected until the handshake is confirmed

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20030)

diff --git a/include/internal/quic_channel.h b/include/internal/quic_channel.h
index 591c8cb76ef14fb4bfe369c4d21929ac35991c8e..d2503158e4a75ee73306d6317686506e8584d623 100644 (file)
--- a/include/internal/quic_channel.h
+++ b/include/internal/quic_channel.h
@@ -194,6 +194,7 @@ int ossl_quic_channel_is_terminated(const QUIC_CHANNEL *ch,
                                     QUIC_TERMINATE_CAUSE *cause);
 int ossl_quic_channel_is_active(const QUIC_CHANNEL *ch);
 int ossl_quic_channel_is_handshake_complete(const QUIC_CHANNEL *ch);
+int ossl_quic_channel_is_handshake_confirmed(const QUIC_CHANNEL *ch);
 
 SSL *ossl_quic_channel_get0_ssl(QUIC_CHANNEL *ch);
 

diff --git a/include/internal/quic_tserver.h b/include/internal/quic_tserver.h
index 9d7fab5d12621ef914f44fd6ef8fd2d0035fdb38..bfe5e329857c60e7d33262892d9086db4cb1f12d 100644 (file)
--- a/include/internal/quic_tserver.h
+++ b/include/internal/quic_tserver.h
@@ -60,7 +60,7 @@ int ossl_quic_tserver_tick(QUIC_TSERVER *srv);
 /*
  * Returns 1 if we have finished the TLS handshake
  */
-int ossl_quic_tserver_is_handshake_complete(QUIC_TSERVER *srv);
+int ossl_quic_tserver_is_handshake_confirmed(QUIC_TSERVER *srv);
 
 /* Returns 1 if the server is in any terminating or terminated state */
 int ossl_quic_tserver_is_term_any(QUIC_TSERVER *srv,

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index bbb88470be7dc4a59947367db89055d05188ce2a..cb820fffc89cb5a65ab71b9f34331b9bbd7d46f8 100644 (file)
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -433,6 +433,11 @@ int ossl_quic_channel_is_handshake_complete(const QUIC_CHANNEL *ch)
     return ch->handshake_complete;
 }
 
+int ossl_quic_channel_is_handshake_confirmed(const QUIC_CHANNEL *ch)
+{
+    return ch->handshake_confirmed;
+}
+
 /*
  * QUIC Channel: Callbacks from Miscellaneous Subsidiary Components
  * ================================================================

diff --git a/ssl/quic/quic_tserver.c b/ssl/quic/quic_tserver.c
index 444b59b746296b4ccf3a0ca9fcfe830de87e8d71..4c120d0d584d566555dd7d91bf69bae62a3232bf 100644 (file)
--- a/ssl/quic/quic_tserver.c
+++ b/ssl/quic/quic_tserver.c
@@ -167,9 +167,9 @@ int ossl_quic_tserver_is_terminated(QUIC_TSERVER *srv,
     return ossl_quic_channel_is_terminated(srv->ch, cause);
 }
 
-int ossl_quic_tserver_is_handshake_complete(QUIC_TSERVER *srv)
+int ossl_quic_tserver_is_handshake_confirmed(QUIC_TSERVER *srv)
 {
-    return ossl_quic_channel_is_handshake_complete(srv->ch);
+    return ossl_quic_channel_is_handshake_confirmed(srv->ch);
 }
 
 int ossl_quic_tserver_read(QUIC_TSERVER *srv,

diff --git a/test/helpers/quictestlib.c b/test/helpers/quictestlib.c
index 26d52600b2bd80753fad094fcce37e8e4b2c9b0d..017ba54b5bf6a6178eaec27d1d59d4683d6519ba 100644 (file)
--- a/test/helpers/quictestlib.c
+++ b/test/helpers/quictestlib.c
@@ -177,7 +177,7 @@ int qtest_create_quic_connection(QUIC_TSERVER *qtserv, SSL *clientssl)
             ossl_quic_tserver_tick(qtserv);
             servererr = ossl_quic_tserver_is_term_any(qtserv, NULL);
             if (!servererr)
-                rets = ossl_quic_tserver_is_handshake_complete(qtserv);
+                rets = ossl_quic_tserver_is_handshake_confirmed(qtserv);
         }
 
         if (clienterr && servererr)