From f13ef23371a3d2453af601b2efbf5d9f5238d111 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 23 Jan 2025 17:42:56 +0100 Subject: [PATCH] Clean up a few further TODO(QUIC SERVER) These are either already implemented or not relevant for the QUIC server MVP. Reviewed-by: Neil Horman Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/26544) --- include/internal/quic_engine.h | 2 +- include/internal/quic_port.h | 2 +- ssl/quic/quic_channel.c | 16 ++-------------- ssl/quic/quic_impl.c | 2 +- 4 files changed, 5 insertions(+), 17 deletions(-) diff --git a/include/internal/quic_engine.h b/include/internal/quic_engine.h index b2c6b38f0d5..17eb18bdbd4 100644 --- a/include/internal/quic_engine.h +++ b/include/internal/quic_engine.h @@ -28,7 +28,7 @@ * represents a single QUIC connection. All QUIC_PORT instances must belong * to a QUIC_ENGINE. * - * TODO(QUIC SERVER): Currently a QUIC_PORT belongs to a single QUIC_CHANNEL. + * TODO(QUIC FUTURE): Currently a QUIC_PORT belongs to a single QUIC_CHANNEL. * This will cease to be the case once connection migration and/or multipath is * implemented, so in future a channel might be associated with multiple ports. * diff --git a/include/internal/quic_port.h b/include/internal/quic_port.h index 6dda25db84f..8465958a6f9 100644 --- a/include/internal/quic_port.h +++ b/include/internal/quic_port.h @@ -85,7 +85,7 @@ QUIC_CHANNEL *ossl_quic_port_create_outgoing(QUIC_PORT *port, SSL *tls); /* * Create an incoming channel using this port. * - * TODO(QUIC SERVER): temporary TSERVER use only - will be removed. + * TODO(QUIC FUTURE): temporary TSERVER use only - will be removed. */ QUIC_CHANNEL *ossl_quic_port_create_incoming(QUIC_PORT *port, SSL *tls); diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index d8ec096b34b..19d0513059d 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -23,16 +23,6 @@ #include "quic_port_local.h" #include "quic_engine_local.h" -/* - * NOTE: While this channel implementation currently has basic server support, - * this functionality has been implemented for internal testing purposes and is - * not suitable for network use. In particular, it does not implement address - * validation, anti-amplification or retry logic. - * - * TODO(QUIC SERVER): Implement address validation and anti-amplification - * TODO(QUIC SERVER): Implement retry logic - */ - #define INIT_CRYPTO_RECV_BUF_LEN 16384 #define INIT_CRYPTO_SEND_BUF_LEN 16384 #define INIT_APP_BUF_LEN 8192 @@ -1539,10 +1529,8 @@ static int ch_on_transport_params(const unsigned char *params, } /* - * We must ensure a client doesn't send them because we don't have - * processing for them. - * - * TODO(QUIC SERVER): remove this restriction + * RFC 9000 s. 18.2: This transport parameter MUST NOT be sent + * by a client but MAY be sent by a server. */ if (ch->is_server) { reason = TP_REASON_SERVER_ONLY("STATELESS_RESET_TOKEN"); diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 0abc13126cb..16b5fb0f3c5 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -594,7 +594,7 @@ SSL *ossl_quic_new(SSL_CTX *ctx) = ((ctx->domain_flags & SSL_DOMAIN_FLAG_THREAD_ASSISTED) != 0); #endif - qc->as_server = 0; /* TODO(QUIC SERVER): add server support */ + qc->as_server = 0; qc->as_server_state = qc->as_server; if (!create_channel(qc, ctx)) -- 2.47.2