From: Hugo Landau <hlandau@openssl.org>
Date: Thu, 4 Apr 2024 11:58:02 +0000 (+0100)
Subject: QUIC APL: When creating a default XSO, no further streams can arrive after connection... 
X-Git-Tag: openssl-3.5.0-alpha1~404
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2176e0467e5b382da2e663a30adb76fa289c0879;p=thirdparty%2Fopenssl.git

QUIC APL: When creating a default XSO, no further streams can arrive after connection terminastion

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24037)
---

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 62c421b06de..de6b79f2480 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -2052,9 +2052,12 @@ static int qc_wait_for_default_xso_for_read(QCTX *ctx, int peek)
         if (peek)
             return 0;
 
-        if (!qctx_blocking(ctx))
+        if (ossl_quic_channel_is_term_any(qc->ch)) {
+            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
+        } else if (!qctx_blocking(ctx)) {
             /* Non-blocking mode, so just bail immediately. */
             return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
+        }
 
         /* Block until we have a stream. */
         wargs.qc        = qc;