From: Hugo Landau <hlandau@openssl.org>
Date: Mon, 16 Jan 2023 15:22:41 +0000 (+0000)
Subject: QUIC: Implement SSL_rstate_string(_long)
X-Git-Tag: openssl-3.2.0-alpha1~526
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9ea0e7299223d10f61eee4db62ed0d4aec8f52e4;p=thirdparty%2Fopenssl.git

QUIC: Implement SSL_rstate_string(_long)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
---

diff --git a/doc/man3/SSL_rstate_string.pod b/doc/man3/SSL_rstate_string.pod
index 46680a0ef62..1df65e199a7 100644
--- a/doc/man3/SSL_rstate_string.pod
+++ b/doc/man3/SSL_rstate_string.pod
@@ -48,6 +48,8 @@ The read state is unknown. This should never happen.
 
 =back
 
+When used with QUIC SSL objects, these functions always return "unknown".
+
 =head1 SEE ALSO
 
 L<ssl(7)>
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index f9806e97991..fe41568de9e 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -170,8 +170,16 @@ void SSL_set_default_read_buffer_len(SSL *s, size_t len)
 const char *SSL_rstate_string_long(const SSL *s)
 {
     const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+    const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
+#endif
     const char *lng;
 
+#ifndef OPENSSL_NO_QUIC
+    if (qc != NULL)
+        return "unknown";
+#endif
+
     if (sc == NULL)
         return NULL;
 
@@ -186,8 +194,16 @@ const char *SSL_rstate_string_long(const SSL *s)
 const char *SSL_rstate_string(const SSL *s)
 {
     const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+    const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
+#endif
     const char *shrt;
 
+#ifndef OPENSSL_NO_QUIC
+    if (qc != NULL)
+        return "unknown";
+#endif
+
     if (sc == NULL)
         return NULL;
 
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 4288721eb2e..cad4e5f6877 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -6974,6 +6974,12 @@ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
 void SSL_set_post_handshake_auth(SSL *ssl, int val)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl);
+#ifndef OPENSSL_NO_QUIC
+    QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+    if (qc != NULL)
+        return;
+#endif
 
     if (sc == NULL)
         return;
@@ -6984,6 +6990,14 @@ void SSL_set_post_handshake_auth(SSL *ssl, int val)
 int SSL_verify_client_post_handshake(SSL *ssl)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl);
+#ifndef OPENSSL_NO_QUIC
+    QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+    if (qc != NULL) {
+        ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION);
+        return 0;
+    }
+#endif
 
     if (sc == NULL)
         return 0;