From: Hugo Landau Date: Mon, 16 Jan 2023 15:18:12 +0000 (+0000) Subject: QUIC SSL Behaviours: Allow detection of an SSL connection used for QUIC handshake X-Git-Tag: openssl-3.2.0-alpha1~532 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=43788fb3ac7221a699e56c38c1e9b8b4f8de4071;p=thirdparty%2Fopenssl.git QUIC SSL Behaviours: Allow detection of an SSL connection used for QUIC handshake Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/20061) --- diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h index 3007a31d52a..2747a9d65be 100644 --- a/include/openssl/ssl3.h +++ b/include/openssl/ssl3.h @@ -307,6 +307,9 @@ extern "C" { /* Set if extended master secret extension required on renegotiation */ # define TLS1_FLAGS_REQUIRED_EXTMS 0x1000 +/* Set if this is the QUIC handshake layer */ +# define TLS1_FLAGS_QUIC 0x2000 + # define SSL3_MT_HELLO_REQUEST 0 # define SSL3_MT_CLIENT_HELLO 1 # define SSL3_MT_SERVER_HELLO 2 diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index bbd995d5174..9d2624102eb 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -322,6 +322,9 @@ SSL *ossl_quic_new(SSL_CTX *ctx) qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method()); if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL) goto err; + /* override the user_ssl of the inner connection */ + sc->user_ssl = ssl_base; + sc->flags |= TLS1_FLAGS_QUIC; #if defined(OPENSSL_THREADS) if ((qc->mutex = ossl_crypto_mutex_new()) == NULL) diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 1c01377e14b..890c757c96f 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -311,6 +311,8 @@ # define SSL_READ_ETM(s) (s->s3.flags & TLS1_FLAGS_ENCRYPT_THEN_MAC_READ) # define SSL_WRITE_ETM(s) (s->s3.flags & TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE) +# define SSL_IS_QUIC_HANDSHAKE(s) (((s)->s3.flags & TLS1_FLAGS_QUIC) != 0) + /* alert_dispatch values */ /* No alert pending */