From: Neil Horman <nhorman@openssl.org>
Date: Sat, 25 Oct 2025 11:21:42 +0000 (-0400)
Subject: Ignore RecordPadding option in config file for QUIC objects
X-Git-Tag: 3.6-PRE-CLANG-FORMAT-WEBKIT~38
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4d898618d619214b9054814c5cc55ffe3a006f5f;p=thirdparty%2Fopenssl.git

Ignore RecordPadding option in config file for QUIC objects

QUIC connections always pad data at the packet level during packet
encryption, and so have no ability to do padding at the record level.

We want to be able to inform the user of this condition when
applications call SSL_set_block_padding_ex directly by returning an
error, we have no idea of what kind of SSL objects are created when the
config file is written.

As such, silently ignore this config file option when QUIC objects are created.

Fixes #28953

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29193)
---

diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index cb994ba7dee..3b84f16074e 100644
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -409,6 +409,11 @@ Padding attempts to pad TLSv1.3 records so that they are a multiple of the set
 length on send. A value of 0 or 1 turns off padding as relevant. Otherwise, the
 values must be >1 or <=16384.
 
+Note that, for QUIC objects, padding is always performed at the
+packet level, and so cannot be done at the record level.  Given that, when the
+config file is created, there is no knowledge of what kind of SSL objects are
+being created, this option is silently ignored for QUIC objects.
+
 =item B<SignatureAlgorithms>
 
 This sets the supported signature algorithms for TLSv1.2 and TLSv1.3.
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 3d835ab33c9..dd12946040d 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -694,12 +694,30 @@ static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value)
      * All we care about are non-negative values,
      * the setters check the range
      */
-    if (cctx->ctx)
-        rv = SSL_CTX_set_block_padding_ex(cctx->ctx, (size_t)block_padding,
+    if (cctx->ctx) {
+        /*
+         * QUIC always pads TLS data at the packet level, and as such, attempting
+         * to set block padding at the record level fails in calls to SSL_CTX_set_block_padding_ex.
+         * However, when configuring record padding via config file, we have no idea if we are
+         * going to create TCP or QUIC based SSL's, so silently ignore this configuration option
+         * for QUIC.
+         */
+        if (SSL_CTX_is_quic(cctx->ctx))
+            rv = 1;
+        else
+            rv = SSL_CTX_set_block_padding_ex(cctx->ctx, (size_t)block_padding,
+                                              (size_t)hs_padding);
+    }
+    if (cctx->ssl) {
+        /*
+         * As above, ignore this config option for QUIC
+         */
+        if (SSL_is_quic(cctx->ssl))
+            rv = 1;
+        else
+            rv = SSL_set_block_padding_ex(cctx->ssl, (size_t)block_padding,
                                           (size_t)hs_padding);
-    if (cctx->ssl)
-        rv = SSL_set_block_padding_ex(cctx->ssl, (size_t)block_padding,
-                                      (size_t)hs_padding);
+    }
 out:
     OPENSSL_free(copy);
     return rv;