From: Hugo Landau <hlandau@openssl.org>
Date: Thu, 29 Jun 2023 12:48:57 +0000 (+0100)
Subject: Minor updates
X-Git-Tag: openssl-3.2.0-alpha1~509
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6e5550a1045bb03afb40dac29f82cbc7158dbfc3;p=thirdparty%2Fopenssl.git

Minor updates

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
---

diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
index e06a273cb11..5f5872ee672 100644
--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod
+++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
@@ -25,8 +25,6 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated
  void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
                              unsigned int *len);
 
-
-
  void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
                                             int (*cb)(SSL *ssl,
                                                       const unsigned char **out,
diff --git a/include/internal/statem.h b/include/internal/statem.h
index c19aba2976e..db0b214a325 100644
--- a/include/internal/statem.h
+++ b/include/internal/statem.h
@@ -6,8 +6,8 @@
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
  */
-#ifndef STATEM_H
-# define STATEM_H
+#ifndef OSSL_INTERNAL_STATEM_H
+# define OSSL_INTERNAL_STATEM_H
 
 /*****************************************************************************
  *                                                                           *
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index a918983398e..c0232495da0 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -331,8 +331,8 @@ SSL *ossl_quic_new(SSL_CTX *ctx)
     sc->s3.flags |= TLS1_FLAGS_QUIC;
 
     /* Restrict options derived from the SSL_CTX. */
-    sc->options     &= OSSL_QUIC_PERMITTED_OPTIONS;
-    sc->pha_enabled  = 0;
+    sc->options &= OSSL_QUIC_PERMITTED_OPTIONS;
+    sc->pha_enabled = 0;
 
 #if defined(OPENSSL_THREADS)
     if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index e5dfa4f610a..f53465efec6 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -765,10 +765,8 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method)
 
     s->mode = ctx->mode;
     s->max_cert_list = ctx->max_cert_list;
-    if (!IS_QUIC_CTX(ctx)) {
-        s->max_early_data = ctx->max_early_data;
-        s->recv_max_early_data = ctx->recv_max_early_data;
-    }
+    s->max_early_data = ctx->max_early_data;
+    s->recv_max_early_data = ctx->recv_max_early_data;
 
     s->num_tickets = ctx->num_tickets;
     s->pha_enabled = ctx->pha_enabled;
@@ -5657,6 +5655,9 @@ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx)
 
 int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
 {
+    if (IS_QUIC_CTX(ctx) && block_size > 1)
+        return 0;
+
     /* block size of 0 or 1 is basically no padding */
     if (block_size == 1)
         ctx->block_padding = 0;
diff --git a/test/quicapitest.c b/test/quicapitest.c
index 463ee1510de..626b79eaf1f 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -479,9 +479,7 @@ static int test_quic_forbidden_options(void)
         goto err;
 
     /* Max early data */
-    if (!TEST_false(SSL_get_recv_max_early_data(ssl))
-        || !TEST_false(SSL_get_max_early_data(ssl))
-        || !TEST_false(SSL_set_recv_max_early_data(ssl, 1))
+    if (!TEST_false(SSL_set_recv_max_early_data(ssl, 1))
         || !TEST_false(SSL_set_max_early_data(ssl, 1)))
         goto err;