From: Hugo Landau <hlandau@openssl.org>
Date: Mon, 16 Jan 2023 15:27:50 +0000 (+0000)
Subject: QUIC SSL: Buffer Management
X-Git-Tag: openssl-3.2.0-alpha1~522
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fe33e2c8c1a99b82509e1119235dd106118c3f84;p=thirdparty%2Fopenssl.git

QUIC SSL: Buffer Management

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
---

diff --git a/doc/man3/SSL_alloc_buffers.pod b/doc/man3/SSL_alloc_buffers.pod
index 678640a5693..d2d5b1e59b4 100644
--- a/doc/man3/SSL_alloc_buffers.pod
+++ b/doc/man3/SSL_alloc_buffers.pod
@@ -26,6 +26,9 @@ can be used to make sure the buffers are preallocated. This can be used to
 avoid allocation during data processing or with CRYPTO_set_mem_functions()
 to control where and how buffers are allocated.
 
+These functions are no-ops when used with QUIC SSL objects. For QUIC,
+SSL_free_buffers() always fails, and SSL_alloc_buffers() always succeeds.
+
 =head1 RETURN VALUES
 
 The following return values can occur:
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 11f6cb2be95..036cc83ca06 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -6583,6 +6583,10 @@ int SSL_free_buffers(SSL *ssl)
     if (sc == NULL)
         return 0;
 
+    /* QUIC buffers are always 'in use'. */
+    if (IS_QUIC_SSL(ssl))
+        return 0;
+
     rl = &sc->rlayer;
 
     return rl->rrlmethod->free_buffers(rl->rrl)
@@ -6597,6 +6601,10 @@ int SSL_alloc_buffers(SSL *ssl)
     if (sc == NULL)
         return 0;
 
+    /* QUIC always has buffers allocated. */
+    if (IS_QUIC_SSL(ssl))
+        return 1;
+
     rl = &sc->rlayer;
 
     return rl->rrlmethod->alloc_buffers(rl->rrl)
diff --git a/test/quicapitest.c b/test/quicapitest.c
index 52556743846..d85dbcff604 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -489,6 +489,11 @@ static int test_quic_forbidden_options(void)
         || !TEST_false(SSL_write_early_data(ssl, buf, sizeof(buf), &len)))
         goto err;
 
+    /* Buffer Management */
+    if (!TEST_true(SSL_allocate_buffers(ssl))
+        || !TEST_false(SSL_free_buffers(ssl)))
+        goto err;
+
     testresult = 1;
 err:
     SSL_free(ssl);