From: Neil Horman <nhorman@openssl.org>
Date: Wed, 15 Jan 2025 21:21:09 +0000 (-0500)
Subject: Augment client side recieve code to store NEW_TOKENS
X-Git-Tag: openssl-3.5.0-alpha1~238
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0f71ebec26a4dc41c249a7d7ade1a8bfe43497fc;p=thirdparty%2Fopenssl.git

Augment client side recieve code to store NEW_TOKENS

Start storing new tokens in our new cache

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26517)
---

diff --git a/include/internal/quic_port.h b/include/internal/quic_port.h
index 8465958a6f9..5c392346d0a 100644
--- a/include/internal/quic_port.h
+++ b/include/internal/quic_port.h
@@ -113,6 +113,7 @@ BIO *ossl_quic_port_get_net_rbio(QUIC_PORT *port);
 BIO *ossl_quic_port_get_net_wbio(QUIC_PORT *port);
 int ossl_quic_port_set_net_rbio(QUIC_PORT *port, BIO *net_rbio);
 int ossl_quic_port_set_net_wbio(QUIC_PORT *port, BIO *net_wbio);
+SSL_CTX *ossl_quic_port_get_channel_ctx(QUIC_PORT *port);
 
 /*
  * Re-poll the network BIOs already set to determine if their support for
diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h
index da00816940d..e95af55de90 100644
--- a/include/internal/quic_ssl.h
+++ b/include/internal/quic_ssl.h
@@ -30,7 +30,7 @@ void ossl_quic_free_token_store(SSL_TOKEN_STORE_HANDLE *hdl);
 SSL_TOKEN_STORE_HANDLE *ossl_quic_get_token_store(SSL_CTX *ctx);
 int ossl_quic_set_token_store(SSL_CTX *ctx, SSL_TOKEN_STORE_HANDLE *hdl);
 int ossl_quic_update_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
-                                uint8_t *token, size_t token_len);
+                                const uint8_t *token, size_t token_len);
 int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
                              uint8_t **token, size_t *token_len);
 
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index cccad727d5c..72b4d4bae43 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4809,7 +4809,7 @@ static QUIC_TOKEN *ossl_quic_build_new_token(BIO_ADDR *peer, uint8_t *token,
 }
 
 int ossl_quic_update_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
-                                uint8_t *token, size_t token_len)
+                                const uint8_t *token, size_t token_len)
 {
     SSL_TOKEN_STORE *c = ctx->tokencache;
     QUIC_TOKEN *tok, *old = NULL;
@@ -4817,7 +4817,7 @@ int ossl_quic_update_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
     if (ctx->tokencache == NULL)
         return 0;
 
-    tok = ossl_quic_build_new_token(peer, token, token_len);
+    tok = ossl_quic_build_new_token(peer, (uint8_t *)token, token_len);
     if (tok == NULL)
         return 0;
 
diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index da658c8a5be..29b0edf878b 100644
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -440,6 +440,11 @@ int ossl_quic_port_set_net_wbio(QUIC_PORT *port, BIO *net_wbio)
     return 1;
 }
 
+SSL_CTX *ossl_quic_port_get_channel_ctx(QUIC_PORT *port)
+{
+    return port->channel_ctx;
+}
+
 /*
  * QUIC Port: Channel Lifecycle
  * ============================
diff --git a/ssl/quic/quic_rx_depack.c b/ssl/quic/quic_rx_depack.c
index 679d6cc3e02..cc0fdf856ea 100644
--- a/ssl/quic/quic_rx_depack.c
+++ b/ssl/quic/quic_rx_depack.c
@@ -350,7 +350,9 @@ static int depack_do_frame_new_token(PACKET *pkt, QUIC_CHANNEL *ch,
         return 0;
     }
 
-    /* TODO(QUIC FUTURE): ADD CODE to send |token| to the session manager */
+    /* store the new token in our token cache */
+    ossl_quic_update_peer_token(ossl_quic_port_get_channel_ctx(ch->port),
+                                &ch->cur_peer_addr, token, token_len);
 
     return 1;
 }