From fe33e2c8c1a99b82509e1119235dd106118c3f84 Mon Sep 17 00:00:00 2001
From: Hugo Landau <hlandau@openssl.org>
Date: Mon, 16 Jan 2023 15:27:50 +0000
Subject: [PATCH] QUIC SSL: Buffer Management

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
---
 doc/man3/SSL_alloc_buffers.pod | 3 +++
 ssl/ssl_lib.c                  | 8 ++++++++
 test/quicapitest.c             | 5 +++++
 3 files changed, 16 insertions(+)

diff --git a/doc/man3/SSL_alloc_buffers.pod b/doc/man3/SSL_alloc_buffers.pod
index 678640a5693..d2d5b1e59b4 100644
--- a/doc/man3/SSL_alloc_buffers.pod
+++ b/doc/man3/SSL_alloc_buffers.pod
@@ -26,6 +26,9 @@ can be used to make sure the buffers are preallocated. This can be used to
 avoid allocation during data processing or with CRYPTO_set_mem_functions()
 to control where and how buffers are allocated.
 
+These functions are no-ops when used with QUIC SSL objects. For QUIC,
+SSL_free_buffers() always fails, and SSL_alloc_buffers() always succeeds.
+
 =head1 RETURN VALUES
 
 The following return values can occur:
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 11f6cb2be95..036cc83ca06 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -6583,6 +6583,10 @@ int SSL_free_buffers(SSL *ssl)
     if (sc == NULL)
         return 0;
 
+    /* QUIC buffers are always 'in use'. */
+    if (IS_QUIC_SSL(ssl))
+        return 0;
+
     rl = &sc->rlayer;
 
     return rl->rrlmethod->free_buffers(rl->rrl)
@@ -6597,6 +6601,10 @@ int SSL_alloc_buffers(SSL *ssl)
     if (sc == NULL)
         return 0;
 
+    /* QUIC always has buffers allocated. */
+    if (IS_QUIC_SSL(ssl))
+        return 1;
+
     rl = &sc->rlayer;
 
     return rl->rrlmethod->alloc_buffers(rl->rrl)
diff --git a/test/quicapitest.c b/test/quicapitest.c
index 52556743846..d85dbcff604 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -489,6 +489,11 @@ static int test_quic_forbidden_options(void)
         || !TEST_false(SSL_write_early_data(ssl, buf, sizeof(buf), &len)))
         goto err;
 
+    /* Buffer Management */
+    if (!TEST_true(SSL_allocate_buffers(ssl))
+        || !TEST_false(SSL_free_buffers(ssl)))
+        goto err;
+
     testresult = 1;
 err:
     SSL_free(ssl);
-- 
2.47.2