From: Hugo Landau <hlandau@openssl.org>
Date: Thu, 11 Jan 2024 07:39:10 +0000 (+0000)
Subject: QUIC APL: Introduce QUIC listener SSL object type (QLSO)
X-Git-Tag: openssl-3.5.0-alpha1~463
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e0ffd21e22182bbf3d13c2d61efbb9cda5261a5e;p=thirdparty%2Fopenssl.git

QUIC APL: Introduce QUIC listener SSL object type (QLSO)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23334)
---

diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h
index 4fc7a21a521..5d1b739725b 100644
--- a/include/internal/quic_ssl.h
+++ b/include/internal/quic_ssl.h
@@ -45,6 +45,7 @@ int ossl_quic_renegotiate_check(SSL *ssl, int initok);
 
 typedef struct quic_conn_st QUIC_CONNECTION;
 typedef struct quic_xso_st QUIC_XSO;
+typedef struct quic_listener_st QUIC_LISTENER;
 
 int ossl_quic_do_handshake(SSL *s);
 void ossl_quic_set_connect_state(SSL *s);
diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h
index d6518fd6b45..d9e82c6a1e3 100644
--- a/ssl/quic/quic_local.h
+++ b/ssl/quic/quic_local.h
@@ -119,6 +119,10 @@ struct quic_xso_st {
     int                             last_error;
 };
 
+/*
+ * QUIC connection SSL object (QCSO) type. This implements the API personality
+ * layer for QCSO objects, wrapping the QUIC-native QUIC_CHANNEL object.
+ */
 struct quic_conn_st {
     /*
      * ssl_st is a common header for ordinary SSL objects, QUIC connection
@@ -245,6 +249,15 @@ struct quic_conn_st {
     int                             last_error;
 };
 
+/*
+ * QUIC listener SSL object (QLSO) type. This implements the API personality
+ * layer for QLSO objects, wrapping the QUIC-native QUIC_PORT object.
+ */
+struct quic_listener_st {
+    /* Common header for SSL objects. */
+    struct ssl_st                   ssl;
+};
+
 /* Internal calls to the QUIC CSM which come from various places. */
 int ossl_quic_conn_on_handshake_confirmed(QUIC_CONNECTION *qc);
 
@@ -292,14 +305,26 @@ int ossl_quic_trace(int write_p, int version, int content_type,
          ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \
          : NULL))
 
-#  define IS_QUIC(ssl) ((ssl) != NULL                                   \
-                        && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION     \
-                            || (ssl)->type == SSL_TYPE_QUIC_XSO))
+#  define QUIC_LISTENER_FROM_SSL_int(ssl, c)                            \
+    ((ssl) == NULL                                                      \
+     ? NULL                                                             \
+     : ((ssl)->type == SSL_TYPE_QUIC_LISTENER                           \
+        ? (c QUIC_LISTENER *)(ssl)                                      \
+        : NULL))
+
+#  define IS_QUIC_CS(ssl) ((ssl) != NULL                                \
+                           && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION  \
+                               || (ssl)->type == SSL_TYPE_QUIC_XSO))
+
+#  define IS_QUIC(ssl)                                                  \
+    ((ssl) != NULL && SSL_TYPE_IS_QUIC((ssl)->type))
 # else
 #  define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
 #  define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
+#  define QUIC_LISTENER_FROM_SSL_int(ssl, c) NULL
 #  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
 #  define IS_QUIC(ssl) 0
+#  define IS_QUIC_CS(ssl) 0
 #  define IS_QUIC_CTX(ctx) 0
 #  define IS_QUIC_METHOD(m) 0
 # endif
@@ -312,6 +337,10 @@ int ossl_quic_trace(int write_p, int version, int content_type,
     QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
 # define QUIC_XSO_FROM_CONST_SSL(ssl) \
     QUIC_XSO_FROM_SSL_int(ssl, const)
+# define QUIC_LISTENER_FROM_SSL(ssl) \
+    QUIC_LISTENER_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+# define QUIC_LISTENER_FROM_CONST_SSL(ssl) \
+    QUIC_LISTENER_FROM_SSL_int(ssl, const)
 # define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
     SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
 # define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 546aa9d0aff..1d61e5b6ebd 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -991,11 +991,7 @@ int SSL_is_tls(const SSL *s)
 
 int SSL_is_quic(const SSL *s)
 {
-#ifndef OPENSSL_NO_QUIC
-    if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
-        return 1;
-#endif
-    return 0;
+    return IS_QUIC(s);
 }
 
 int SSL_up_ref(SSL *s)
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 28dcec8b96d..31fbe3a8ea5 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -1216,9 +1216,12 @@ typedef struct ossl_quic_tls_callbacks_st {
 
 typedef struct cert_pkey_st CERT_PKEY;
 
-#define SSL_TYPE_SSL_CONNECTION  0
-#define SSL_TYPE_QUIC_CONNECTION 1
-#define SSL_TYPE_QUIC_XSO        2
+#define SSL_TYPE_SSL_CONNECTION     0
+#define SSL_TYPE_QUIC_CONNECTION    0x80
+#define SSL_TYPE_QUIC_XSO           0x81
+#define SSL_TYPE_QUIC_LISTENER      0x82
+
+#define SSL_TYPE_IS_QUIC(x)         (((x) & 0x80) != 0)
 
 struct ssl_st {
     int type;