From: Hugo Landau <hlandau@openssl.org>
Date: Mon, 16 Jan 2023 15:32:18 +0000 (+0000)
Subject: QUIC SSL: Forbid pipeline-related operations
X-Git-Tag: openssl-3.2.0-alpha1~519
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=38c0ff1f404a25bc6711a2055efd92a20820ec38;p=thirdparty%2Fopenssl.git

QUIC SSL: Forbid pipeline-related operations

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d6edc5be165..f27bbdfecc6 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2930,7 +2930,7 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
         sc->max_cert_list = (size_t)larg;
         return l;
     case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
-        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH || IS_QUIC_SSL(s))
             return 0;
 #ifndef OPENSSL_NO_KTLS
         if (sc->wbio != NULL && BIO_get_ktls_send(sc->wbio))
@@ -2942,12 +2942,12 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
         sc->rlayer.wrlmethod->set_max_frag_len(sc->rlayer.wrl, larg);
         return 1;
     case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
-        if ((size_t)larg > sc->max_send_fragment || larg == 0)
+        if ((size_t)larg > sc->max_send_fragment || larg == 0 || IS_QUIC_SSL(s))
             return 0;
         sc->split_send_fragment = larg;
         return 1;
     case SSL_CTRL_SET_MAX_PIPELINES:
-        if (larg < 1 || larg > SSL_MAX_PIPELINES)
+        if (larg < 1 || larg > SSL_MAX_PIPELINES || IS_QUIC_SSL(s))
             return 0;
         sc->max_pipelines = larg;
         if (sc->rlayer.rrlmethod->set_max_pipelines != NULL)
diff --git a/test/quicapitest.c b/test/quicapitest.c
index 2784f981983..ce745a67daf 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -494,6 +494,12 @@ static int test_quic_forbidden_options(void)
         || !TEST_false(SSL_free_buffers(ssl)))
         goto err;
 
+    /* Pipelining */
+    if (!TEST_false(SSL_set_max_send_fragment(ssl, 2))
+        || !TEST_false(SSL_set_split_send_fragment(ssl, 2))
+        || !TEST_false(SSL_set_max_pipelines(ssl, 2)))
+        goto err;
+
     /* HRR */
     if  (!TEST_false(SSL_stateless(ssl)))
         goto err;