Coverage Report

Created: 2024-07-27 06:36

/src/openssl/ssl/quic/quic_impl.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <openssl/macros.h>
11
#include <openssl/objects.h>
12
#include <openssl/sslerr.h>
13
#include <crypto/rand.h>
14
#include "quic_local.h"
15
#include "internal/quic_tls.h"
16
#include "internal/quic_rx_depack.h"
17
#include "internal/quic_error.h"
18
#include "internal/quic_engine.h"
19
#include "internal/quic_port.h"
20
#include "internal/time.h"
21
22
typedef struct qctx_st QCTX;
23
24
static void aon_write_finish(QUIC_XSO *xso);
25
static int create_channel(QUIC_CONNECTION *qc);
26
static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
27
static int qc_try_create_default_xso_for_write(QCTX *ctx);
28
static int qc_wait_for_default_xso_for_read(QCTX *ctx, int peek);
29
static void quic_lock(QUIC_CONNECTION *qc);
30
static void quic_unlock(QUIC_CONNECTION *qc);
31
static void quic_lock_for_io(QCTX *ctx);
32
static int quic_do_handshake(QCTX *ctx);
33
static void qc_update_reject_policy(QUIC_CONNECTION *qc);
34
static void qc_touch_default_xso(QUIC_CONNECTION *qc);
35
static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch);
36
static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
37
                                        int touch, QUIC_XSO **old_xso);
38
static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock);
39
static int quic_validate_for_write(QUIC_XSO *xso, int *err);
40
static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active);
41
static int qc_blocking_mode(const QUIC_CONNECTION *qc);
42
static int xso_blocking_mode(const QUIC_XSO *xso);
43
static void qctx_maybe_autotick(QCTX *ctx);
44
static int qctx_should_autotick(QCTX *ctx);
45
46
/*
47
 * QUIC Front-End I/O API: Common Utilities
48
 * ========================================
49
 */
50
51
/*
52
 * Block until a predicate is met.
53
 *
54
 * Precondition: Must have a channel.
55
 * Precondition: Must hold channel lock (unchecked).
56
 */
57
QUIC_NEEDS_LOCK
58
static int block_until_pred(QUIC_CONNECTION *qc,
59
                            int (*pred)(void *arg), void *pred_arg,
60
                            uint32_t flags)
61
0
{
62
0
    QUIC_REACTOR *rtor;
63
64
0
    assert(qc->ch != NULL);
65
66
    /*
67
     * Any attempt to block auto-disables tick inhibition as otherwise we will
68
     * hang around forever.
69
     */
70
0
    ossl_quic_engine_set_inhibit_tick(qc->engine, 0);
71
72
0
    rtor = ossl_quic_channel_get_reactor(qc->ch);
73
0
    return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
74
0
                                              qc->mutex);
75
0
}
76
77
static OSSL_TIME get_time(QUIC_CONNECTION *qc)
78
0
{
79
0
    if (qc->override_now_cb != NULL)
80
0
        return qc->override_now_cb(qc->override_now_cb_arg);
81
0
    else
82
0
        return ossl_time_now();
83
0
}
84
85
static OSSL_TIME get_time_cb(void *arg)
86
0
{
87
0
    QUIC_CONNECTION *qc = arg;
88
89
0
    return get_time(qc);
90
0
}
91
92
/*
93
 * QCTX is a utility structure which provides information we commonly wish to
94
 * unwrap upon an API call being dispatched to us, namely:
95
 *
96
 *   - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
97
 *     was passed);
98
 *   - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
99
 *     a QCSO with a default stream was passed);
100
 *   - whether a QSSO was passed (xso == NULL must not be used to determine this
101
 *     because it may be non-NULL when a QCSO is passed if that QCSO has a
102
 *     default stream);
103
 *   - whether we are in "I/O context", meaning that non-normal errors can
104
 *     be reported via SSL_get_error() as well as via ERR. Functions such as
105
 *     SSL_read(), SSL_write() and SSL_do_handshake() are "I/O context"
106
 *     functions which are allowed to change the value returned by
107
 *     SSL_get_error. However, other functions (including functions which call
108
 *     SSL_do_handshake() implicitly) are not allowed to change the return value
109
 *     of SSL_get_error.
110
 */
111
struct qctx_st {
112
    QUIC_CONNECTION *qc;
113
    QUIC_XSO        *xso;
114
    int             is_stream, in_io;
115
};
116
117
QUIC_NEEDS_LOCK
118
static void quic_set_last_error(QCTX *ctx, int last_error)
119
0
{
120
0
    if (!ctx->in_io)
121
0
        return;
122
123
0
    if (ctx->is_stream && ctx->xso != NULL)
124
0
        ctx->xso->last_error = last_error;
125
0
    else if (!ctx->is_stream && ctx->qc != NULL)
126
0
        ctx->qc->last_error = last_error;
127
0
}
128
129
/*
130
 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
131
 * rather than via ERR. Note that normal errors must always be raised while
132
 * holding a lock.
133
 */
134
QUIC_NEEDS_LOCK
135
static int quic_raise_normal_error(QCTX *ctx,
136
                                   int err)
137
0
{
138
0
    assert(ctx->in_io);
139
0
    quic_set_last_error(ctx, err);
140
141
0
    return 0;
142
0
}
143
144
/*
145
 * Raise a 'non-normal' error, meaning any error that is not reported via
146
 * SSL_get_error() and must be reported via ERR.
147
 *
148
 * qc should be provided if available. In exceptional circumstances when qc is
149
 * not known NULL may be passed. This should generally only happen when an
150
 * expect_...() function defined below fails, which generally indicates a
151
 * dispatch error or caller error.
152
 *
153
 * ctx should be NULL if the connection lock is not held.
154
 */
155
static int quic_raise_non_normal_error(QCTX *ctx,
156
                                       const char *file,
157
                                       int line,
158
                                       const char *func,
159
                                       int reason,
160
                                       const char *fmt,
161
                                       ...)
162
0
{
163
0
    va_list args;
164
165
0
    if (ctx != NULL) {
166
0
        quic_set_last_error(ctx, SSL_ERROR_SSL);
167
168
0
        if (reason == SSL_R_PROTOCOL_IS_SHUTDOWN && ctx->qc != NULL)
169
0
            ossl_quic_channel_restore_err_state(ctx->qc->ch);
170
0
    }
171
172
0
    ERR_new();
173
0
    ERR_set_debug(file, line, func);
174
175
0
    va_start(args, fmt);
176
0
    ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
177
0
    va_end(args);
178
179
0
    return 0;
180
0
}
181
182
#define QUIC_RAISE_NORMAL_ERROR(ctx, err)                       \
183
0
    quic_raise_normal_error((ctx), (err))
184
185
#define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg)           \
186
0
    quic_raise_non_normal_error((ctx),                          \
187
0
                                OPENSSL_FILE, OPENSSL_LINE,     \
188
0
                                OPENSSL_FUNC,                   \
189
0
                                (reason),                       \
190
0
                                (msg))
191
192
/*
193
 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
194
 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
195
 *
196
 * After this returns 1, all fields of the passed QCTX are initialised.
197
 * Returns 0 on failure. This function is intended to be used to provide API
198
 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
199
 */
200
static int expect_quic(const SSL *s, QCTX *ctx)
201
0
{
202
0
    QUIC_CONNECTION *qc;
203
0
    QUIC_XSO *xso;
204
205
0
    ctx->qc         = NULL;
206
0
    ctx->xso        = NULL;
207
0
    ctx->is_stream  = 0;
208
209
0
    if (s == NULL)
210
0
        return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
211
212
0
    switch (s->type) {
213
0
    case SSL_TYPE_QUIC_CONNECTION:
214
0
        qc              = (QUIC_CONNECTION *)s;
215
0
        ctx->qc         = qc;
216
0
        ctx->xso        = qc->default_xso;
217
0
        ctx->is_stream  = 0;
218
0
        ctx->in_io      = 0;
219
0
        return 1;
220
221
0
    case SSL_TYPE_QUIC_XSO:
222
0
        xso             = (QUIC_XSO *)s;
223
0
        ctx->qc         = xso->conn;
224
0
        ctx->xso        = xso;
225
0
        ctx->is_stream  = 1;
226
0
        ctx->in_io      = 0;
227
0
        return 1;
228
229
0
    default:
230
0
        return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
231
0
    }
232
0
}
233
234
/*
235
 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
236
 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
237
 * stream.
238
 *
239
 * remote_init determines if we expect the default XSO to be remotely created or
240
 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
241
 *
242
 * Channel mutex is acquired and retained on success.
243
 */
244
QUIC_ACQUIRES_LOCK
245
static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
246
                                                    int in_io, QCTX *ctx)
247
0
{
248
0
    if (!expect_quic(s, ctx))
249
0
        return 0;
250
251
0
    if (in_io)
252
0
        quic_lock_for_io(ctx);
253
0
    else
254
0
        quic_lock(ctx->qc);
255
256
0
    if (ctx->xso == NULL && remote_init >= 0) {
257
0
        if (!quic_mutation_allowed(ctx->qc, /*req_active=*/0)) {
258
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
259
0
            goto err;
260
0
        }
261
262
        /* If we haven't finished the handshake, try to advance it. */
263
0
        if (quic_do_handshake(ctx) < 1)
264
            /* ossl_quic_do_handshake raised error here */
265
0
            goto err;
266
267
0
        if (remote_init == 0) {
268
0
            if (!qc_try_create_default_xso_for_write(ctx))
269
0
                goto err;
270
0
        } else {
271
0
            if (!qc_wait_for_default_xso_for_read(ctx, /*peek=*/0))
272
0
                goto err;
273
0
        }
274
275
0
        ctx->xso = ctx->qc->default_xso;
276
0
    }
277
278
0
    if (ctx->xso == NULL) {
279
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
280
0
        goto err;
281
0
    }
282
283
0
    return 1; /* coverity[missing_unlock]: lock held */
284
285
0
err:
286
0
    quic_unlock(ctx->qc);
287
0
    return 0;
288
0
}
289
290
/*
291
 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
292
 * be non-NULL if the QCSO has a default stream.
293
 */
294
static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx)
295
0
{
296
0
    if (!expect_quic(s, ctx))
297
0
        return 0;
298
299
0
    if (ctx->is_stream)
300
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_CONN_USE_ONLY, NULL);
301
302
0
    return 1;
303
0
}
304
305
/*
306
 * Ensures that the channel mutex is held for a method which touches channel
307
 * state.
308
 *
309
 * Precondition: Channel mutex is not held (unchecked)
310
 */
311
static void quic_lock(QUIC_CONNECTION *qc)
312
0
{
313
0
#if defined(OPENSSL_THREADS)
314
0
    ossl_crypto_mutex_lock(qc->mutex);
315
0
#endif
316
0
}
317
318
static void quic_lock_for_io(QCTX *ctx)
319
0
{
320
0
    quic_lock(ctx->qc);
321
0
    ctx->in_io = 1;
322
323
    /*
324
     * We are entering an I/O function so we must update the values returned by
325
     * SSL_get_error and SSL_want. Set no error. This will be overridden later
326
     * if a call to QUIC_RAISE_NORMAL_ERROR or QUIC_RAISE_NON_NORMAL_ERROR
327
     * occurs during the API call.
328
     */
329
0
    quic_set_last_error(ctx, SSL_ERROR_NONE);
330
0
}
331
332
/* Precondition: Channel mutex is held (unchecked) */
333
QUIC_NEEDS_LOCK
334
static void quic_unlock(QUIC_CONNECTION *qc)
335
0
{
336
0
#if defined(OPENSSL_THREADS)
337
0
    ossl_crypto_mutex_unlock(qc->mutex);
338
0
#endif
339
0
}
340
341
/*
342
 * This predicate is the criterion which should determine API call rejection for
343
 * *most* mutating API calls, particularly stream-related operations for send
344
 * parts.
345
 *
346
 * A call is rejected (this function returns 0) if shutdown is in progress
347
 * (stream flushing), or we are in a TERMINATING or TERMINATED state. If
348
 * req_active=1, the connection must be active (i.e., the IDLE state is also
349
 * rejected).
350
 */
351
static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active)
352
0
{
353
0
    if (qc->shutting_down || ossl_quic_channel_is_term_any(qc->ch))
354
0
        return 0;
355
356
0
    if (req_active && !ossl_quic_channel_is_active(qc->ch))
357
0
        return 0;
358
359
0
    return 1;
360
0
}
361
362
/*
363
 * QUIC Front-End I/O API: Initialization
364
 * ======================================
365
 *
366
 *         SSL_new                  => ossl_quic_new
367
 *                                     ossl_quic_init
368
 *         SSL_reset                => ossl_quic_reset
369
 *         SSL_clear                => ossl_quic_clear
370
 *                                     ossl_quic_deinit
371
 *         SSL_free                 => ossl_quic_free
372
 *
373
 *         SSL_set_options          => ossl_quic_set_options
374
 *         SSL_get_options          => ossl_quic_get_options
375
 *         SSL_clear_options        => ossl_quic_clear_options
376
 *
377
 */
378
379
/* SSL_new */
380
SSL *ossl_quic_new(SSL_CTX *ctx)
381
0
{
382
0
    QUIC_CONNECTION *qc = NULL;
383
0
    SSL *ssl_base = NULL;
384
0
    SSL_CONNECTION *sc = NULL;
385
386
0
    qc = OPENSSL_zalloc(sizeof(*qc));
387
0
    if (qc == NULL) {
388
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
389
0
        return NULL;
390
0
    }
391
0
#if defined(OPENSSL_THREADS)
392
0
    if ((qc->mutex = ossl_crypto_mutex_new()) == NULL) {
393
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
394
0
        goto err;
395
0
    }
396
0
#endif
397
398
    /* Initialise the QUIC_CONNECTION's stub header. */
399
0
    ssl_base = &qc->ssl;
400
0
    if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
401
0
        ssl_base = NULL;
402
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
403
0
        goto err;
404
0
    }
405
406
0
    qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
407
0
    if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL) {
408
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
409
0
        goto err;
410
0
    }
411
412
    /* override the user_ssl of the inner connection */
413
0
    sc->s3.flags |= TLS1_FLAGS_QUIC;
414
415
    /* Restrict options derived from the SSL_CTX. */
416
0
    sc->options &= OSSL_QUIC_PERMITTED_OPTIONS_CONN;
417
0
    sc->pha_enabled = 0;
418
419
0
#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
420
0
    qc->is_thread_assisted
421
0
        = (ssl_base->method == OSSL_QUIC_client_thread_method());
422
0
#endif
423
424
0
    qc->as_server       = 0; /* TODO(QUIC SERVER): add server support */
425
0
    qc->as_server_state = qc->as_server;
426
427
0
    qc->default_stream_mode     = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
428
0
    qc->default_ssl_mode        = qc->ssl.ctx->mode;
429
0
    qc->default_ssl_options     = qc->ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS;
430
0
    qc->desires_blocking        = 1;
431
0
    qc->blocking                = 0;
432
0
    qc->incoming_stream_policy  = SSL_INCOMING_STREAM_POLICY_AUTO;
433
0
    qc->last_error              = SSL_ERROR_NONE;
434
435
0
    if (!create_channel(qc))
436
0
        goto err;
437
438
0
    ossl_quic_channel_set_msg_callback(qc->ch, ctx->msg_callback, ssl_base);
439
0
    ossl_quic_channel_set_msg_callback_arg(qc->ch, ctx->msg_callback_arg);
440
441
0
    qc_update_reject_policy(qc);
442
443
    /*
444
     * We do not create the default XSO yet. The reason for this is that the
445
     * stream ID of the default XSO will depend on whether the stream is client
446
     * or server-initiated, which depends on who transmits first. Since we do
447
     * not know whether the application will be using a client-transmits-first
448
     * or server-transmits-first protocol, we defer default XSO creation until
449
     * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
450
     * we take that as a cue that the client is expecting a server-initiated
451
     * stream, and vice versa if SSL_write() is called first.
452
     */
453
0
    return ssl_base;
454
455
0
err:
456
0
    if (ssl_base == NULL) {
457
0
#if defined(OPENSSL_THREADS)
458
0
        ossl_crypto_mutex_free(&qc->mutex);
459
0
#endif
460
0
        OPENSSL_free(qc);
461
0
    } else {
462
0
        SSL_free(ssl_base);
463
0
    }
464
0
    return NULL;
465
0
}
466
467
/* SSL_free */
468
QUIC_TAKES_LOCK
469
void ossl_quic_free(SSL *s)
470
0
{
471
0
    QCTX ctx;
472
0
    int is_default;
473
474
    /* We should never be called on anything but a QSO. */
475
0
    if (!expect_quic(s, &ctx))
476
0
        return;
477
478
0
    quic_lock(ctx.qc);
479
480
0
    if (ctx.is_stream) {
481
        /*
482
         * When a QSSO is freed, the XSO is freed immediately, because the XSO
483
         * itself only contains API personality layer data. However the
484
         * underlying QUIC_STREAM is not freed immediately but is instead marked
485
         * as deleted for later collection.
486
         */
487
488
0
        assert(ctx.qc->num_xso > 0);
489
0
        --ctx.qc->num_xso;
490
491
        /* If a stream's send part has not been finished, auto-reset it. */
492
0
        if ((   ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_READY
493
0
             || ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_SEND)
494
0
            && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL))
495
0
            ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
496
0
                                                        ctx.xso->stream, 0);
497
498
        /* Do STOP_SENDING for the receive part, if applicable. */
499
0
        if (   ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_RECV
500
0
            || ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN)
501
0
            ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
502
0
                                                        ctx.xso->stream, 0);
503
504
        /* Update stream state. */
505
0
        ctx.xso->stream->deleted = 1;
506
0
        ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch),
507
0
                                          ctx.xso->stream);
508
509
0
        is_default = (ctx.xso == ctx.qc->default_xso);
510
0
        quic_unlock(ctx.qc);
511
512
        /*
513
         * Unref the connection in most cases; the XSO has a ref to the QC and
514
         * not vice versa. But for a default XSO, to avoid circular references,
515
         * the QC refs the XSO but the XSO does not ref the QC. If we are the
516
         * default XSO, we only get here when the QC is being torn down anyway,
517
         * so don't call SSL_free(qc) as we are already in it.
518
         */
519
0
        if (!is_default)
520
0
            SSL_free(&ctx.qc->ssl);
521
522
        /* Note: SSL_free calls OPENSSL_free(xso) for us */
523
0
        return;
524
0
    }
525
526
    /*
527
     * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
528
     * stage, but is freed during the channel free when the whole QSM is freed.
529
     */
530
0
    if (ctx.qc->default_xso != NULL) {
531
0
        QUIC_XSO *xso = ctx.qc->default_xso;
532
533
0
        quic_unlock(ctx.qc);
534
0
        SSL_free(&xso->ssl);
535
0
        quic_lock(ctx.qc);
536
0
        ctx.qc->default_xso = NULL;
537
0
    }
538
539
    /* Ensure we have no remaining XSOs. */
540
0
    assert(ctx.qc->num_xso == 0);
541
542
0
#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
543
0
    if (ctx.qc->is_thread_assisted && ctx.qc->started) {
544
0
        ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
545
0
        ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
546
0
    }
547
0
#endif
548
549
0
    SSL_free(ctx.qc->tls);
550
551
0
    ossl_quic_channel_free(ctx.qc->ch);
552
0
    ossl_quic_port_free(ctx.qc->port);
553
0
    ossl_quic_engine_free(ctx.qc->engine);
554
555
0
    BIO_free_all(ctx.qc->net_rbio);
556
0
    BIO_free_all(ctx.qc->net_wbio);
557
558
0
    quic_unlock(ctx.qc); /* tsan doesn't like freeing locked mutexes */
559
0
#if defined(OPENSSL_THREADS)
560
0
    ossl_crypto_mutex_free(&ctx.qc->mutex);
561
0
#endif
562
563
    /*
564
     * Note: SSL_free (that called this function) calls OPENSSL_free(ctx.qc) for
565
     * us
566
     */
567
0
}
568
569
/* SSL method init */
570
int ossl_quic_init(SSL *s)
571
0
{
572
    /* Same op as SSL_clear, forward the call. */
573
0
    return ossl_quic_clear(s);
574
0
}
575
576
/* SSL method deinit */
577
void ossl_quic_deinit(SSL *s)
578
0
{
579
    /* No-op. */
580
0
}
581
582
/* SSL_clear (ssl_reset method) */
583
int ossl_quic_reset(SSL *s)
584
0
{
585
0
    QCTX ctx;
586
587
0
    if (!expect_quic(s, &ctx))
588
0
        return 0;
589
590
0
    ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
591
0
    return 0;
592
0
}
593
594
/* ssl_clear method (unused) */
595
int ossl_quic_clear(SSL *s)
596
0
{
597
0
    QCTX ctx;
598
599
0
    if (!expect_quic(s, &ctx))
600
0
        return 0;
601
602
0
    ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED);
603
0
    return 0;
604
0
}
605
606
int ossl_quic_conn_set_override_now_cb(SSL *s,
607
                                       OSSL_TIME (*now_cb)(void *arg),
608
                                       void *now_cb_arg)
609
0
{
610
0
    QCTX ctx;
611
612
0
    if (!expect_quic(s, &ctx))
613
0
        return 0;
614
615
0
    quic_lock(ctx.qc);
616
617
0
    ctx.qc->override_now_cb     = now_cb;
618
0
    ctx.qc->override_now_cb_arg = now_cb_arg;
619
620
0
    quic_unlock(ctx.qc);
621
0
    return 1;
622
0
}
623
624
void ossl_quic_conn_force_assist_thread_wake(SSL *s)
625
0
{
626
0
    QCTX ctx;
627
628
0
    if (!expect_quic(s, &ctx))
629
0
        return;
630
631
0
#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
632
0
    if (ctx.qc->is_thread_assisted && ctx.qc->started)
633
0
        ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
634
0
#endif
635
0
}
636
637
QUIC_NEEDS_LOCK
638
static void qc_touch_default_xso(QUIC_CONNECTION *qc)
639
0
{
640
0
    qc->default_xso_created = 1;
641
0
    qc_update_reject_policy(qc);
642
0
}
643
644
/*
645
 * Changes default XSO. Allows caller to keep reference to the old default XSO
646
 * (if any). Reference to new XSO is transferred from caller.
647
 */
648
QUIC_NEEDS_LOCK
649
static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
650
                                        int touch,
651
                                        QUIC_XSO **old_xso)
652
0
{
653
0
    int refs;
654
655
0
    *old_xso = NULL;
656
657
0
    if (qc->default_xso != xso) {
658
0
        *old_xso = qc->default_xso; /* transfer old XSO ref to caller */
659
660
0
        qc->default_xso = xso;
661
662
0
        if (xso == NULL) {
663
            /*
664
             * Changing to not having a default XSO. XSO becomes standalone and
665
             * now has a ref to the QC.
666
             */
667
0
            if (!ossl_assert(SSL_up_ref(&qc->ssl)))
668
0
                return;
669
0
        } else {
670
            /*
671
             * Changing from not having a default XSO to having one. The new XSO
672
             * will have had a reference to the QC we need to drop to avoid a
673
             * circular reference.
674
             *
675
             * Currently we never change directly from one default XSO to
676
             * another, though this function would also still be correct if this
677
             * weren't the case.
678
             */
679
0
            assert(*old_xso == NULL);
680
681
0
            CRYPTO_DOWN_REF(&qc->ssl.references, &refs);
682
0
            assert(refs > 0);
683
0
        }
684
0
    }
685
686
0
    if (touch)
687
0
        qc_touch_default_xso(qc);
688
0
}
689
690
/*
691
 * Changes default XSO, releasing the reference to any previous default XSO.
692
 * Reference to new XSO is transferred from caller.
693
 */
694
QUIC_NEEDS_LOCK
695
static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch)
696
0
{
697
0
    QUIC_XSO *old_xso = NULL;
698
699
0
    qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso);
700
701
0
    if (old_xso != NULL)
702
0
        SSL_free(&old_xso->ssl);
703
0
}
704
705
QUIC_NEEDS_LOCK
706
static void xso_update_options(QUIC_XSO *xso)
707
0
{
708
0
    int cleanse = ((xso->ssl_options & SSL_OP_CLEANSE_PLAINTEXT) != 0);
709
710
0
    if (xso->stream->rstream != NULL)
711
0
        ossl_quic_rstream_set_cleanse(xso->stream->rstream, cleanse);
712
713
0
    if (xso->stream->sstream != NULL)
714
0
        ossl_quic_sstream_set_cleanse(xso->stream->sstream, cleanse);
715
0
}
716
717
/*
718
 * SSL_set_options
719
 * ---------------
720
 *
721
 * Setting options on a QCSO
722
 *   - configures the handshake-layer options;
723
 *   - configures the default data-plane options for new streams;
724
 *   - configures the data-plane options on the default XSO, if there is one.
725
 *
726
 * Setting options on a QSSO
727
 *   - configures data-plane options for that stream only.
728
 */
729
QUIC_TAKES_LOCK
730
static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_value)
731
0
{
732
0
    QCTX ctx;
733
0
    uint64_t hs_mask_value, hs_or_value, ret;
734
735
0
    if (!expect_quic(ssl, &ctx))
736
0
        return 0;
737
738
0
    quic_lock(ctx.qc);
739
740
0
    if (!ctx.is_stream) {
741
        /*
742
         * If we were called on the connection, we apply any handshake option
743
         * changes.
744
         */
745
0
        hs_mask_value = (mask_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
746
0
        hs_or_value   = (or_value   & OSSL_QUIC_PERMITTED_OPTIONS_CONN);
747
748
0
        SSL_clear_options(ctx.qc->tls, hs_mask_value);
749
0
        SSL_set_options(ctx.qc->tls, hs_or_value);
750
751
        /* Update defaults for new streams. */
752
0
        ctx.qc->default_ssl_options
753
0
            = ((ctx.qc->default_ssl_options & ~mask_value) | or_value)
754
0
              & OSSL_QUIC_PERMITTED_OPTIONS;
755
0
    }
756
757
0
    if (ctx.xso != NULL) {
758
0
        ctx.xso->ssl_options
759
0
            = ((ctx.xso->ssl_options & ~mask_value) | or_value)
760
0
            & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
761
762
0
        xso_update_options(ctx.xso);
763
0
    }
764
765
0
    ret = ctx.is_stream ? ctx.xso->ssl_options : ctx.qc->default_ssl_options;
766
767
0
    quic_unlock(ctx.qc);
768
0
    return ret;
769
0
}
770
771
uint64_t ossl_quic_set_options(SSL *ssl, uint64_t options)
772
0
{
773
0
    return quic_mask_or_options(ssl, 0, options);
774
0
}
775
776
/* SSL_clear_options */
777
uint64_t ossl_quic_clear_options(SSL *ssl, uint64_t options)
778
0
{
779
0
    return quic_mask_or_options(ssl, options, 0);
780
0
}
781
782
/* SSL_get_options */
783
uint64_t ossl_quic_get_options(const SSL *ssl)
784
0
{
785
0
    return quic_mask_or_options((SSL *)ssl, 0, 0);
786
0
}
787
788
/*
789
 * QUIC Front-End I/O API: Network BIO Configuration
790
 * =================================================
791
 *
792
 * Handling the different BIOs is difficult:
793
 *
794
 *   - It is more or less a requirement that we use non-blocking network I/O;
795
 *     we need to be able to have timeouts on recv() calls, and make best effort
796
 *     (non blocking) send() and recv() calls.
797
 *
798
 *     The only sensible way to do this is to configure the socket into
799
 *     non-blocking mode. We could try to do select() before calling send() or
800
 *     recv() to get a guarantee that the call will not block, but this will
801
 *     probably run into issues with buggy OSes which generate spurious socket
802
 *     readiness events. In any case, relying on this to work reliably does not
803
 *     seem sane.
804
 *
805
 *     Timeouts could be handled via setsockopt() socket timeout options, but
806
 *     this depends on OS support and adds another syscall to every network I/O
807
 *     operation. It also has obvious thread safety concerns if we want to move
808
 *     to concurrent use of a single socket at some later date.
809
 *
810
 *     Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
811
 *     be made non-blocking. However some OSes (e.g. Windows) do not support
812
 *     this, so we cannot rely on this.
813
 *
814
 *     As such, we need to configure any FD in non-blocking mode. This may
815
 *     confound users who pass a blocking socket to libssl. However, in practice
816
 *     it would be extremely strange for a user of QUIC to pass an FD to us,
817
 *     then also try and send receive traffic on the same socket(!). Thus the
818
 *     impact of this should be limited, and can be documented.
819
 *
820
 *   - We support both blocking and non-blocking operation in terms of the API
821
 *     presented to the user. One prospect is to set the blocking mode based on
822
 *     whether the socket passed to us was already in blocking mode. However,
823
 *     Windows has no API for determining if a socket is in blocking mode (!),
824
 *     therefore this cannot be done portably. Currently therefore we expose an
825
 *     explicit API call to set this, and default to blocking mode.
826
 *
827
 *   - We need to determine our initial destination UDP address. The "natural"
828
 *     way for a user to do this is to set the peer variable on a BIO_dgram.
829
 *     However, this has problems because BIO_dgram's peer variable is used for
830
 *     both transmission and reception. This means it can be constantly being
831
 *     changed to a malicious value (e.g. if some random unrelated entity on the
832
 *     network starts sending traffic to us) on every read call. This is not a
833
 *     direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
834
 *     calls only, which do not use this variable. However, we do need to let
835
 *     the user specify the peer in a 'normal' manner. The compromise here is
836
 *     that we grab the current peer value set at the time the write BIO is set
837
 *     and do not read the value again.
838
 *
839
 *   - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
840
 *     Currently we do this by only supporting non-blocking mode.
841
 *
842
 */
843
844
/*
845
 * Determines what initial destination UDP address we should use, if possible.
846
 * If this fails the client must set the destination address manually, or use a
847
 * BIO which does not need a destination address.
848
 */
849
static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
850
0
{
851
0
    if (BIO_dgram_detect_peer_addr(net_wbio, peer) <= 0)
852
0
        return 0;
853
854
0
    return 1;
855
0
}
856
857
static int qc_can_support_blocking_cached(QUIC_CONNECTION *qc)
858
0
{
859
0
    QUIC_REACTOR *rtor = ossl_quic_channel_get_reactor(qc->ch);
860
861
0
    return ossl_quic_reactor_can_poll_r(rtor)
862
0
        && ossl_quic_reactor_can_poll_w(rtor);
863
0
}
864
865
static void qc_update_can_support_blocking(QUIC_CONNECTION *qc)
866
0
{
867
0
    ossl_quic_port_update_poll_descriptors(qc->port); /* best effort */
868
0
}
869
870
static void qc_update_blocking_mode(QUIC_CONNECTION *qc)
871
0
{
872
0
    qc->blocking = qc->desires_blocking && qc_can_support_blocking_cached(qc);
873
0
}
874
875
void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
876
0
{
877
0
    QCTX ctx;
878
879
0
    if (!expect_quic(s, &ctx))
880
0
        return;
881
882
0
    if (ctx.qc->net_rbio == net_rbio)
883
0
        return;
884
885
0
    if (!ossl_quic_port_set_net_rbio(ctx.qc->port, net_rbio))
886
0
        return;
887
888
0
    BIO_free_all(ctx.qc->net_rbio);
889
0
    ctx.qc->net_rbio = net_rbio;
890
891
0
    if (net_rbio != NULL)
892
0
        BIO_set_nbio(net_rbio, 1); /* best effort autoconfig */
893
894
    /*
895
     * Determine if the current pair of read/write BIOs now set allows blocking
896
     * mode to be supported.
897
     */
898
0
    qc_update_can_support_blocking(ctx.qc);
899
0
    qc_update_blocking_mode(ctx.qc);
900
0
}
901
902
void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
903
0
{
904
0
    QCTX ctx;
905
906
0
    if (!expect_quic(s, &ctx))
907
0
        return;
908
909
0
    if (ctx.qc->net_wbio == net_wbio)
910
0
        return;
911
912
0
    if (!ossl_quic_port_set_net_wbio(ctx.qc->port, net_wbio))
913
0
        return;
914
915
0
    BIO_free_all(ctx.qc->net_wbio);
916
0
    ctx.qc->net_wbio = net_wbio;
917
918
0
    if (net_wbio != NULL)
919
0
        BIO_set_nbio(net_wbio, 1); /* best effort autoconfig */
920
921
    /*
922
     * Determine if the current pair of read/write BIOs now set allows blocking
923
     * mode to be supported.
924
     */
925
0
    qc_update_can_support_blocking(ctx.qc);
926
0
    qc_update_blocking_mode(ctx.qc);
927
0
}
928
929
BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
930
0
{
931
0
    QCTX ctx;
932
933
0
    if (!expect_quic(s, &ctx))
934
0
        return NULL;
935
936
0
    return ctx.qc->net_rbio;
937
0
}
938
939
BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
940
0
{
941
0
    QCTX ctx;
942
943
0
    if (!expect_quic(s, &ctx))
944
0
        return NULL;
945
946
0
    return ctx.qc->net_wbio;
947
0
}
948
949
int ossl_quic_conn_get_blocking_mode(const SSL *s)
950
0
{
951
0
    QCTX ctx;
952
953
0
    if (!expect_quic(s, &ctx))
954
0
        return 0;
955
956
0
    if (ctx.is_stream)
957
0
        return xso_blocking_mode(ctx.xso);
958
959
0
    return qc_blocking_mode(ctx.qc);
960
0
}
961
962
QUIC_TAKES_LOCK
963
int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
964
0
{
965
0
    int ret = 0;
966
0
    QCTX ctx;
967
968
0
    if (!expect_quic(s, &ctx))
969
0
        return 0;
970
971
0
    quic_lock(ctx.qc);
972
973
    /* Sanity check - can we support the request given the current network BIO? */
974
0
    if (blocking) {
975
        /*
976
         * If called directly on a QCSO, update our information on network BIO
977
         * capabilities.
978
         */
979
0
        if (!ctx.is_stream)
980
0
            qc_update_can_support_blocking(ctx.qc);
981
982
        /* Cannot enable blocking mode if we do not have pollable FDs. */
983
0
        if (!qc_can_support_blocking_cached(ctx.qc)) {
984
0
            ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
985
0
            goto out;
986
0
        }
987
0
    }
988
989
0
    if (!ctx.is_stream)
990
        /*
991
         * If called directly on a QCSO, update default and connection-level
992
         * blocking modes.
993
         */
994
0
        ctx.qc->desires_blocking = (blocking != 0);
995
996
0
    if (ctx.xso != NULL) {
997
        /*
998
         * If called on a QSSO or a QCSO with a default XSO, update the blocking
999
         * mode.
1000
         */
1001
0
        ctx.xso->desires_blocking       = (blocking != 0);
1002
0
        ctx.xso->desires_blocking_set   = 1;
1003
0
    }
1004
1005
0
    ret = 1;
1006
0
out:
1007
0
    qc_update_blocking_mode(ctx.qc);
1008
0
    quic_unlock(ctx.qc);
1009
0
    return ret;
1010
0
}
1011
1012
int ossl_quic_conn_set_initial_peer_addr(SSL *s,
1013
                                         const BIO_ADDR *peer_addr)
1014
0
{
1015
0
    QCTX ctx;
1016
1017
0
    if (!expect_quic(s, &ctx))
1018
0
        return 0;
1019
1020
0
    if (ctx.qc->started)
1021
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
1022
0
                                       NULL);
1023
1024
0
    if (peer_addr == NULL) {
1025
0
        BIO_ADDR_clear(&ctx.qc->init_peer_addr);
1026
0
        return 1;
1027
0
    }
1028
1029
0
    ctx.qc->init_peer_addr = *peer_addr;
1030
0
    return 1;
1031
0
}
1032
1033
/*
1034
 * QUIC Front-End I/O API: Asynchronous I/O Management
1035
 * ===================================================
1036
 *
1037
 *   (BIO/)SSL_handle_events        => ossl_quic_handle_events
1038
 *   (BIO/)SSL_get_event_timeout    => ossl_quic_get_event_timeout
1039
 *   (BIO/)SSL_get_poll_fd          => ossl_quic_get_poll_fd
1040
 *
1041
 */
1042
1043
/* Returns 1 if the connection is being used in blocking mode. */
1044
static int qc_blocking_mode(const QUIC_CONNECTION *qc)
1045
0
{
1046
0
    return qc->blocking;
1047
0
}
1048
1049
static int xso_blocking_mode(const QUIC_XSO *xso)
1050
0
{
1051
0
    if (xso->desires_blocking_set)
1052
0
        return xso->desires_blocking && qc_can_support_blocking_cached(xso->conn);
1053
0
    else
1054
        /* Only ever set if we can support blocking. */
1055
0
        return xso->conn->blocking;
1056
0
}
1057
1058
/* SSL_handle_events; performs QUIC I/O and timeout processing. */
1059
QUIC_TAKES_LOCK
1060
int ossl_quic_handle_events(SSL *s)
1061
0
{
1062
0
    QCTX ctx;
1063
1064
0
    if (!expect_quic(s, &ctx))
1065
0
        return 0;
1066
1067
0
    quic_lock(ctx.qc);
1068
0
    ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
1069
0
    quic_unlock(ctx.qc);
1070
0
    return 1;
1071
0
}
1072
1073
/*
1074
 * SSL_get_event_timeout. Get the time in milliseconds until the SSL object
1075
 * should next have events handled by the application by calling
1076
 * SSL_handle_events(). tv is set to 0 if the object should have events handled
1077
 * immediately. If no timeout is currently active, *is_infinite is set to 1 and
1078
 * the value of *tv is undefined.
1079
 */
1080
QUIC_TAKES_LOCK
1081
int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite)
1082
0
{
1083
0
    QCTX ctx;
1084
0
    OSSL_TIME deadline = ossl_time_infinite();
1085
1086
0
    if (!expect_quic(s, &ctx))
1087
0
        return 0;
1088
1089
0
    quic_lock(ctx.qc);
1090
1091
0
    deadline
1092
0
        = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
1093
1094
0
    if (ossl_time_is_infinite(deadline)) {
1095
0
        *is_infinite = 1;
1096
1097
        /*
1098
         * Robustness against faulty applications that don't check *is_infinite;
1099
         * harmless long timeout.
1100
         */
1101
0
        tv->tv_sec  = 1000000;
1102
0
        tv->tv_usec = 0;
1103
1104
0
        quic_unlock(ctx.qc);
1105
0
        return 1;
1106
0
    }
1107
1108
0
    *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, get_time(ctx.qc)));
1109
0
    *is_infinite = 0;
1110
0
    quic_unlock(ctx.qc);
1111
0
    return 1;
1112
0
}
1113
1114
/* SSL_get_rpoll_descriptor */
1115
int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
1116
0
{
1117
0
    QCTX ctx;
1118
1119
0
    if (!expect_quic(s, &ctx))
1120
0
        return 0;
1121
1122
0
    if (desc == NULL || ctx.qc->net_rbio == NULL)
1123
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
1124
0
                                       NULL);
1125
1126
0
    return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
1127
0
}
1128
1129
/* SSL_get_wpoll_descriptor */
1130
int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
1131
0
{
1132
0
    QCTX ctx;
1133
1134
0
    if (!expect_quic(s, &ctx))
1135
0
        return 0;
1136
1137
0
    if (desc == NULL || ctx.qc->net_wbio == NULL)
1138
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
1139
0
                                       NULL);
1140
1141
0
    return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
1142
0
}
1143
1144
/* SSL_net_read_desired */
1145
QUIC_TAKES_LOCK
1146
int ossl_quic_get_net_read_desired(SSL *s)
1147
0
{
1148
0
    QCTX ctx;
1149
0
    int ret;
1150
1151
0
    if (!expect_quic(s, &ctx))
1152
0
        return 0;
1153
1154
0
    quic_lock(ctx.qc);
1155
0
    ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
1156
0
    quic_unlock(ctx.qc);
1157
0
    return ret;
1158
0
}
1159
1160
/* SSL_net_write_desired */
1161
QUIC_TAKES_LOCK
1162
int ossl_quic_get_net_write_desired(SSL *s)
1163
0
{
1164
0
    int ret;
1165
0
    QCTX ctx;
1166
1167
0
    if (!expect_quic(s, &ctx))
1168
0
        return 0;
1169
1170
0
    quic_lock(ctx.qc);
1171
0
    ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
1172
0
    quic_unlock(ctx.qc);
1173
0
    return ret;
1174
0
}
1175
1176
/*
1177
 * QUIC Front-End I/O API: Connection Lifecycle Operations
1178
 * =======================================================
1179
 *
1180
 *         SSL_do_handshake         => ossl_quic_do_handshake
1181
 *         SSL_set_connect_state    => ossl_quic_set_connect_state
1182
 *         SSL_set_accept_state     => ossl_quic_set_accept_state
1183
 *         SSL_shutdown             => ossl_quic_shutdown
1184
 *         SSL_ctrl                 => ossl_quic_ctrl
1185
 *   (BIO/)SSL_connect              => ossl_quic_connect
1186
 *   (BIO/)SSL_accept               => ossl_quic_accept
1187
 *
1188
 */
1189
1190
QUIC_NEEDS_LOCK
1191
static void qc_shutdown_flush_init(QUIC_CONNECTION *qc)
1192
0
{
1193
0
    QUIC_STREAM_MAP *qsm;
1194
1195
0
    if (qc->shutting_down)
1196
0
        return;
1197
1198
0
    qsm = ossl_quic_channel_get_qsm(qc->ch);
1199
1200
0
    ossl_quic_stream_map_begin_shutdown_flush(qsm);
1201
0
    qc->shutting_down = 1;
1202
0
}
1203
1204
/* Returns 1 if all shutdown-flush streams have been done with. */
1205
QUIC_NEEDS_LOCK
1206
static int qc_shutdown_flush_finished(QUIC_CONNECTION *qc)
1207
0
{
1208
0
    QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
1209
1210
0
    return qc->shutting_down
1211
0
        && ossl_quic_stream_map_is_shutdown_flush_finished(qsm);
1212
0
}
1213
1214
/* SSL_shutdown */
1215
static int quic_shutdown_wait(void *arg)
1216
0
{
1217
0
    QUIC_CONNECTION *qc = arg;
1218
1219
0
    return ossl_quic_channel_is_terminated(qc->ch);
1220
0
}
1221
1222
/* Returns 1 if shutdown flush process has finished or is inapplicable. */
1223
static int quic_shutdown_flush_wait(void *arg)
1224
0
{
1225
0
    QUIC_CONNECTION *qc = arg;
1226
1227
0
    return ossl_quic_channel_is_term_any(qc->ch)
1228
0
        || qc_shutdown_flush_finished(qc);
1229
0
}
1230
1231
static int quic_shutdown_peer_wait(void *arg)
1232
0
{
1233
0
    QUIC_CONNECTION *qc = arg;
1234
0
    return ossl_quic_channel_is_term_any(qc->ch);
1235
0
}
1236
1237
QUIC_TAKES_LOCK
1238
int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
1239
                            const SSL_SHUTDOWN_EX_ARGS *args,
1240
                            size_t args_len)
1241
0
{
1242
0
    int ret;
1243
0
    QCTX ctx;
1244
0
    int stream_flush = ((flags & SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH) == 0);
1245
0
    int no_block = ((flags & SSL_SHUTDOWN_FLAG_NO_BLOCK) != 0);
1246
0
    int wait_peer = ((flags & SSL_SHUTDOWN_FLAG_WAIT_PEER) != 0);
1247
1248
0
    if (!expect_quic(s, &ctx))
1249
0
        return -1;
1250
1251
0
    if (ctx.is_stream) {
1252
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_CONN_USE_ONLY, NULL);
1253
0
        return -1;
1254
0
    }
1255
1256
0
    quic_lock(ctx.qc);
1257
1258
0
    if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
1259
0
        quic_unlock(ctx.qc);
1260
0
        return 1;
1261
0
    }
1262
1263
    /* Phase 1: Stream Flushing */
1264
0
    if (!wait_peer && stream_flush) {
1265
0
        qc_shutdown_flush_init(ctx.qc);
1266
1267
0
        if (!qc_shutdown_flush_finished(ctx.qc)) {
1268
0
            if (!no_block && qc_blocking_mode(ctx.qc)) {
1269
0
                ret = block_until_pred(ctx.qc, quic_shutdown_flush_wait, ctx.qc, 0);
1270
0
                if (ret < 1) {
1271
0
                    ret = 0;
1272
0
                    goto err;
1273
0
                }
1274
0
            } else {
1275
0
                qctx_maybe_autotick(&ctx);
1276
0
            }
1277
0
        }
1278
1279
0
        if (!qc_shutdown_flush_finished(ctx.qc)) {
1280
0
            quic_unlock(ctx.qc);
1281
0
            return 0; /* ongoing */
1282
0
        }
1283
0
    }
1284
1285
    /* Phase 2: Connection Closure */
1286
0
    if (wait_peer && !ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1287
0
        if (!no_block && qc_blocking_mode(ctx.qc)) {
1288
0
            ret = block_until_pred(ctx.qc, quic_shutdown_peer_wait, ctx.qc, 0);
1289
0
            if (ret < 1) {
1290
0
                ret = 0;
1291
0
                goto err;
1292
0
            }
1293
0
        } else {
1294
0
            qctx_maybe_autotick(&ctx);
1295
0
        }
1296
1297
0
        if (!ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1298
0
            ret = 0; /* peer hasn't closed yet - still not done */
1299
0
            goto err;
1300
0
        }
1301
1302
        /*
1303
         * We are at least terminating - go through the normal process of
1304
         * waiting until we are in the TERMINATED state.
1305
         */
1306
0
    }
1307
1308
    /* Block mutation ops regardless of if we did stream flush. */
1309
0
    ctx.qc->shutting_down = 1;
1310
1311
    /*
1312
     * This call is a no-op if we are already terminating, so it doesn't
1313
     * affect the wait_peer case.
1314
     */
1315
0
    ossl_quic_channel_local_close(ctx.qc->ch,
1316
0
                                  args != NULL ? args->quic_error_code : 0,
1317
0
                                  args != NULL ? args->quic_reason : NULL);
1318
1319
0
    SSL_set_shutdown(ctx.qc->tls, SSL_SENT_SHUTDOWN);
1320
1321
0
    if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
1322
0
        quic_unlock(ctx.qc);
1323
0
        return 1;
1324
0
    }
1325
1326
    /* Phase 3: Terminating Wait Time */
1327
0
    if (!no_block && qc_blocking_mode(ctx.qc)
1328
0
        && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0) {
1329
0
        ret = block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
1330
0
        if (ret < 1) {
1331
0
            ret = 0;
1332
0
            goto err;
1333
0
        }
1334
0
    } else {
1335
0
        qctx_maybe_autotick(&ctx);
1336
0
    }
1337
1338
0
    ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
1339
0
err:
1340
0
    quic_unlock(ctx.qc);
1341
0
    return ret;
1342
0
}
1343
1344
/* SSL_ctrl */
1345
long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
1346
0
{
1347
0
    QCTX ctx;
1348
1349
0
    if (!expect_quic(s, &ctx))
1350
0
        return 0;
1351
1352
0
    switch (cmd) {
1353
0
    case SSL_CTRL_MODE:
1354
        /* If called on a QCSO, update the default mode. */
1355
0
        if (!ctx.is_stream)
1356
0
            ctx.qc->default_ssl_mode |= (uint32_t)larg;
1357
1358
        /*
1359
         * If we were called on a QSSO or have a default stream, we also update
1360
         * that.
1361
         */
1362
0
        if (ctx.xso != NULL) {
1363
            /* Cannot enable EPW while AON write in progress. */
1364
0
            if (ctx.xso->aon_write_in_progress)
1365
0
                larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
1366
1367
0
            ctx.xso->ssl_mode |= (uint32_t)larg;
1368
0
            return ctx.xso->ssl_mode;
1369
0
        }
1370
1371
0
        return ctx.qc->default_ssl_mode;
1372
0
    case SSL_CTRL_CLEAR_MODE:
1373
0
        if (!ctx.is_stream)
1374
0
            ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
1375
1376
0
        if (ctx.xso != NULL) {
1377
0
            ctx.xso->ssl_mode &= ~(uint32_t)larg;
1378
0
            return ctx.xso->ssl_mode;
1379
0
        }
1380
1381
0
        return ctx.qc->default_ssl_mode;
1382
1383
0
    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1384
0
        ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
1385
        /* This ctrl also needs to be passed to the internal SSL object */
1386
0
        return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
1387
1388
0
    case DTLS_CTRL_GET_TIMEOUT: /* DTLSv1_get_timeout */
1389
0
        {
1390
0
            int is_infinite;
1391
1392
0
            if (!ossl_quic_get_event_timeout(s, parg, &is_infinite))
1393
0
                return 0;
1394
1395
0
            return !is_infinite;
1396
0
        }
1397
0
    case DTLS_CTRL_HANDLE_TIMEOUT: /* DTLSv1_handle_timeout */
1398
        /* For legacy compatibility with DTLS calls. */
1399
0
        return ossl_quic_handle_events(s) == 1 ? 1 : -1;
1400
1401
        /* Mask ctrls we shouldn't support for QUIC. */
1402
0
    case SSL_CTRL_GET_READ_AHEAD:
1403
0
    case SSL_CTRL_SET_READ_AHEAD:
1404
0
    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1405
0
    case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
1406
0
    case SSL_CTRL_SET_MAX_PIPELINES:
1407
0
        return 0;
1408
1409
0
    default:
1410
        /*
1411
         * Probably a TLS related ctrl. Send back to the frontend SSL_ctrl
1412
         * implementation. Either SSL_ctrl will handle it itself by direct
1413
         * access into handshake layer state, or failing that, it will be passed
1414
         * to the handshake layer via the SSL_METHOD vtable. If the ctrl is not
1415
         * supported by anything, the handshake layer's ctrl method will finally
1416
         * return 0.
1417
         */
1418
0
        return ossl_ctrl_internal(&ctx.qc->ssl, cmd, larg, parg, /*no_quic=*/1);
1419
0
    }
1420
0
}
1421
1422
/* SSL_set_connect_state */
1423
void ossl_quic_set_connect_state(SSL *s)
1424
0
{
1425
0
    QCTX ctx;
1426
1427
0
    if (!expect_quic(s, &ctx))
1428
0
        return;
1429
1430
    /* Cannot be changed after handshake started */
1431
0
    if (ctx.qc->started || ctx.is_stream)
1432
0
        return;
1433
1434
0
    ctx.qc->as_server_state = 0;
1435
0
}
1436
1437
/* SSL_set_accept_state */
1438
void ossl_quic_set_accept_state(SSL *s)
1439
0
{
1440
0
    QCTX ctx;
1441
1442
0
    if (!expect_quic(s, &ctx))
1443
0
        return;
1444
1445
    /* Cannot be changed after handshake started */
1446
0
    if (ctx.qc->started || ctx.is_stream)
1447
0
        return;
1448
1449
0
    ctx.qc->as_server_state = 1;
1450
0
}
1451
1452
/* SSL_do_handshake */
1453
struct quic_handshake_wait_args {
1454
    QUIC_CONNECTION     *qc;
1455
};
1456
1457
static int tls_wants_non_io_retry(QUIC_CONNECTION *qc)
1458
0
{
1459
0
    int want = SSL_want(qc->tls);
1460
1461
0
    if (want == SSL_X509_LOOKUP
1462
0
            || want == SSL_CLIENT_HELLO_CB
1463
0
            || want == SSL_RETRY_VERIFY)
1464
0
        return 1;
1465
1466
0
    return 0;
1467
0
}
1468
1469
static int quic_handshake_wait(void *arg)
1470
0
{
1471
0
    struct quic_handshake_wait_args *args = arg;
1472
1473
0
    if (!quic_mutation_allowed(args->qc, /*req_active=*/1))
1474
0
        return -1;
1475
1476
0
    if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
1477
0
        return 1;
1478
1479
0
    if (tls_wants_non_io_retry(args->qc))
1480
0
        return 1;
1481
1482
0
    return 0;
1483
0
}
1484
1485
static int configure_channel(QUIC_CONNECTION *qc)
1486
0
{
1487
0
    assert(qc->ch != NULL);
1488
1489
0
    if (!ossl_quic_port_set_net_rbio(qc->port, qc->net_rbio)
1490
0
        || !ossl_quic_port_set_net_wbio(qc->port, qc->net_wbio)
1491
0
        || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
1492
0
        return 0;
1493
1494
0
    return 1;
1495
0
}
1496
1497
QUIC_NEEDS_LOCK
1498
static int create_channel(QUIC_CONNECTION *qc)
1499
0
{
1500
0
    QUIC_ENGINE_ARGS engine_args = {0};
1501
0
    QUIC_PORT_ARGS port_args = {0};
1502
1503
0
    engine_args.libctx        = qc->ssl.ctx->libctx;
1504
0
    engine_args.propq         = qc->ssl.ctx->propq;
1505
0
    engine_args.mutex         = qc->mutex;
1506
0
    engine_args.now_cb        = get_time_cb;
1507
0
    engine_args.now_cb_arg    = qc;
1508
0
    qc->engine = ossl_quic_engine_new(&engine_args);
1509
0
    if (qc->engine == NULL) {
1510
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
1511
0
        return 0;
1512
0
    }
1513
1514
0
    port_args.channel_ctx = qc->ssl.ctx;
1515
0
    qc->port = ossl_quic_engine_create_port(qc->engine, &port_args);
1516
0
    if (qc->port == NULL) {
1517
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
1518
0
        ossl_quic_engine_free(qc->engine);
1519
0
        return 0;
1520
0
    }
1521
1522
0
    qc->ch = ossl_quic_port_create_outgoing(qc->port, qc->tls);
1523
0
    if (qc->ch == NULL) {
1524
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
1525
0
        ossl_quic_port_free(qc->port);
1526
0
        ossl_quic_engine_free(qc->engine);
1527
0
        return 0;
1528
0
    }
1529
1530
0
    return 1;
1531
0
}
1532
1533
/*
1534
 * Configures a channel with the information we have accumulated via calls made
1535
 * to us from the application prior to starting a handshake attempt.
1536
 */
1537
QUIC_NEEDS_LOCK
1538
static int ensure_channel_started(QCTX *ctx)
1539
0
{
1540
0
    QUIC_CONNECTION *qc = ctx->qc;
1541
1542
0
    if (!qc->started) {
1543
0
        if (!configure_channel(qc)) {
1544
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
1545
0
                                        "failed to configure channel");
1546
0
            return 0;
1547
0
        }
1548
1549
0
        if (!ossl_quic_channel_start(qc->ch)) {
1550
0
            ossl_quic_channel_restore_err_state(qc->ch);
1551
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
1552
0
                                        "failed to start channel");
1553
0
            return 0;
1554
0
        }
1555
1556
0
#if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
1557
0
        if (qc->is_thread_assisted)
1558
0
            if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch,
1559
0
                                                    qc->override_now_cb,
1560
0
                                                    qc->override_now_cb_arg)) {
1561
0
                QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR,
1562
0
                                            "failed to start assist thread");
1563
0
                return 0;
1564
0
            }
1565
0
#endif
1566
0
    }
1567
1568
0
    qc->started = 1;
1569
0
    return 1;
1570
0
}
1571
1572
QUIC_NEEDS_LOCK
1573
static int quic_do_handshake(QCTX *ctx)
1574
0
{
1575
0
    int ret;
1576
0
    QUIC_CONNECTION *qc = ctx->qc;
1577
1578
0
    if (ossl_quic_channel_is_handshake_complete(qc->ch))
1579
        /* Handshake already completed. */
1580
0
        return 1;
1581
1582
0
    if (!quic_mutation_allowed(qc, /*req_active=*/0))
1583
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1584
1585
0
    if (qc->as_server != qc->as_server_state) {
1586
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
1587
0
        return -1; /* Non-protocol error */
1588
0
    }
1589
1590
0
    if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
1591
        /* Need read and write BIOs. */
1592
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BIO_NOT_SET, NULL);
1593
0
        return -1; /* Non-protocol error */
1594
0
    }
1595
1596
    /*
1597
     * We need to determine our addressing mode. There are basically two
1598
     * ways we can use L4 addresses:
1599
     *
1600
     *   - Addressed mode, in which our BIO_sendmmsg calls have destination
1601
     *     addresses attached to them which we expect the underlying network BIO
1602
     *     to handle;
1603
     *
1604
     *   - Unaddressed mode, in which the BIO provided to us on the
1605
     *     network side neither provides us with L4 addresses nor is capable of
1606
     *     honouring ones we provide. We don't know where the QUIC traffic we
1607
     *     send ends up exactly and trust the application to know what it is
1608
     *     doing.
1609
     *
1610
     * Addressed mode is preferred because it enables support for connection
1611
     * migration, multipath, etc. in the future. Addressed mode is automatically
1612
     * enabled if we are using e.g. BIO_s_datagram, with or without
1613
     * BIO_s_connect.
1614
     *
1615
     * If we are passed a BIO_s_dgram_pair (or some custom BIO) we may have to
1616
     * use unaddressed mode unless that BIO supports capability flags indicating
1617
     * it can provide and honour L4 addresses.
1618
     *
1619
     * Our strategy for determining address mode is simple: we probe the
1620
     * underlying network BIOs for their capabilities. If the network BIOs
1621
     * support what we need, we use addressed mode. Otherwise, we use
1622
     * unaddressed mode.
1623
     *
1624
     * If addressed mode is chosen, we require an initial peer address to be
1625
     * set. If this is not set, we fail. If unaddressed mode is used, we do not
1626
     * require this, as such an address is superfluous, though it can be set if
1627
     * desired.
1628
     */
1629
0
    if (!qc->started && !qc->addressing_probe_done) {
1630
0
        long rcaps = BIO_dgram_get_effective_caps(qc->net_rbio);
1631
0
        long wcaps = BIO_dgram_get_effective_caps(qc->net_wbio);
1632
1633
0
        qc->addressed_mode_r = ((rcaps & BIO_DGRAM_CAP_PROVIDES_SRC_ADDR) != 0);
1634
0
        qc->addressed_mode_w = ((wcaps & BIO_DGRAM_CAP_HANDLES_DST_ADDR) != 0);
1635
0
        qc->addressing_probe_done = 1;
1636
0
    }
1637
1638
0
    if (!qc->started && qc->addressed_mode_w
1639
0
        && BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
1640
        /*
1641
         * We are trying to connect and are using addressed mode, which means we
1642
         * need an initial peer address; if we do not have a peer address yet,
1643
         * we should try to autodetect one.
1644
         *
1645
         * We do this as late as possible because some BIOs (e.g. BIO_s_connect)
1646
         * may not be able to provide us with a peer address until they have
1647
         * finished their own processing. They may not be able to perform this
1648
         * processing until an application has finished configuring that BIO
1649
         * (e.g. with setter calls), which might happen after SSL_set_bio is
1650
         * called.
1651
         */
1652
0
        if (!csm_analyse_init_peer_addr(qc->net_wbio, &qc->init_peer_addr))
1653
            /* best effort */
1654
0
            BIO_ADDR_clear(&qc->init_peer_addr);
1655
0
        else
1656
0
            ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr);
1657
0
    }
1658
1659
0
    if (!qc->started
1660
0
        && qc->addressed_mode_w
1661
0
        && BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
1662
        /*
1663
         * If we still don't have a peer address in addressed mode, we can't do
1664
         * anything.
1665
         */
1666
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
1667
0
        return -1; /* Non-protocol error */
1668
0
    }
1669
1670
    /*
1671
     * Start connection process. Note we may come here multiple times in
1672
     * non-blocking mode, which is fine.
1673
     */
1674
0
    if (!ensure_channel_started(ctx)) /* raises on failure */
1675
0
        return -1; /* Non-protocol error */
1676
1677
0
    if (ossl_quic_channel_is_handshake_complete(qc->ch))
1678
        /* The handshake is now done. */
1679
0
        return 1;
1680
1681
0
    if (!qc_blocking_mode(qc)) {
1682
        /* Try to advance the reactor. */
1683
0
        qctx_maybe_autotick(ctx);
1684
1685
0
        if (ossl_quic_channel_is_handshake_complete(qc->ch))
1686
            /* The handshake is now done. */
1687
0
            return 1;
1688
1689
0
        if (ossl_quic_channel_is_term_any(qc->ch)) {
1690
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1691
0
            return 0;
1692
0
        } else if (qc->desires_blocking) {
1693
            /*
1694
             * As a special case when doing a handshake when blocking mode is
1695
             * desired yet not available, see if the network BIOs have become
1696
             * poll descriptor-enabled. This supports BIOs such as BIO_s_connect
1697
             * which do late creation of socket FDs and therefore cannot expose
1698
             * a poll descriptor until after a network BIO is set on the QCSO.
1699
             */
1700
0
            assert(!qc->blocking);
1701
0
            qc_update_can_support_blocking(qc);
1702
0
            qc_update_blocking_mode(qc);
1703
0
        }
1704
0
    }
1705
1706
    /*
1707
     * We are either in blocking mode or just entered it due to the code above.
1708
     */
1709
0
    if (qc_blocking_mode(qc)) {
1710
        /* In blocking mode, wait for the handshake to complete. */
1711
0
        struct quic_handshake_wait_args args;
1712
1713
0
        args.qc     = qc;
1714
1715
0
        ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
1716
0
        if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
1717
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1718
0
            return 0; /* Shutdown before completion */
1719
0
        } else if (ret <= 0) {
1720
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1721
0
            return -1; /* Non-protocol error */
1722
0
        }
1723
1724
0
        if (tls_wants_non_io_retry(qc)) {
1725
0
            QUIC_RAISE_NORMAL_ERROR(ctx, SSL_get_error(qc->tls, 0));
1726
0
            return -1;
1727
0
        }
1728
1729
0
        assert(ossl_quic_channel_is_handshake_complete(qc->ch));
1730
0
        return 1;
1731
0
    }
1732
1733
0
    if (tls_wants_non_io_retry(qc)) {
1734
0
        QUIC_RAISE_NORMAL_ERROR(ctx, SSL_get_error(qc->tls, 0));
1735
0
        return -1;
1736
0
    }
1737
1738
    /*
1739
     * Otherwise, indicate that the handshake isn't done yet.
1740
     * We can only get here in non-blocking mode.
1741
     */
1742
0
    QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
1743
0
    return -1; /* Non-protocol error */
1744
0
}
1745
1746
QUIC_TAKES_LOCK
1747
int ossl_quic_do_handshake(SSL *s)
1748
0
{
1749
0
    int ret;
1750
0
    QCTX ctx;
1751
1752
0
    if (!expect_quic(s, &ctx))
1753
0
        return 0;
1754
1755
0
    quic_lock_for_io(&ctx);
1756
1757
0
    ret = quic_do_handshake(&ctx);
1758
0
    quic_unlock(ctx.qc);
1759
0
    return ret;
1760
0
}
1761
1762
/* SSL_connect */
1763
int ossl_quic_connect(SSL *s)
1764
0
{
1765
    /* Ensure we are in connect state (no-op if non-idle). */
1766
0
    ossl_quic_set_connect_state(s);
1767
1768
    /* Begin or continue the handshake */
1769
0
    return ossl_quic_do_handshake(s);
1770
0
}
1771
1772
/* SSL_accept */
1773
int ossl_quic_accept(SSL *s)
1774
0
{
1775
    /* Ensure we are in accept state (no-op if non-idle). */
1776
0
    ossl_quic_set_accept_state(s);
1777
1778
    /* Begin or continue the handshake */
1779
0
    return ossl_quic_do_handshake(s);
1780
0
}
1781
1782
/*
1783
 * QUIC Front-End I/O API: Stream Lifecycle Operations
1784
 * ===================================================
1785
 *
1786
 *         SSL_stream_new       => ossl_quic_conn_stream_new
1787
 *
1788
 */
1789
1790
/*
1791
 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1792
 * default XSO was created. Returns 0 if it was not (e.g. because it already
1793
 * exists). Note that this is NOT an error condition.
1794
 */
1795
QUIC_NEEDS_LOCK
1796
static int qc_try_create_default_xso_for_write(QCTX *ctx)
1797
0
{
1798
0
    uint64_t flags = 0;
1799
0
    QUIC_CONNECTION *qc = ctx->qc;
1800
1801
0
    if (qc->default_xso_created
1802
0
        || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1803
        /*
1804
         * We only do this once. If the user detaches a previously created
1805
         * default XSO we don't auto-create another one.
1806
         */
1807
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
1808
1809
    /* Create a locally-initiated stream. */
1810
0
    if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1811
0
        flags |= SSL_STREAM_FLAG_UNI;
1812
1813
0
    qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(ctx, flags,
1814
0
                                                            /*needs_lock=*/0),
1815
0
                       /*touch=*/0);
1816
0
    if (qc->default_xso == NULL)
1817
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1818
1819
0
    qc_touch_default_xso(qc);
1820
0
    return 1;
1821
0
}
1822
1823
struct quic_wait_for_stream_args {
1824
    QUIC_CONNECTION *qc;
1825
    QUIC_STREAM     *qs;
1826
    QCTX            *ctx;
1827
    uint64_t        expect_id;
1828
};
1829
1830
QUIC_NEEDS_LOCK
1831
static int quic_wait_for_stream(void *arg)
1832
0
{
1833
0
    struct quic_wait_for_stream_args *args = arg;
1834
1835
0
    if (!quic_mutation_allowed(args->qc, /*req_active=*/1)) {
1836
        /* If connection is torn down due to an error while blocking, stop. */
1837
0
        QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1838
0
        return -1;
1839
0
    }
1840
1841
0
    args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1842
0
                                              args->expect_id | QUIC_STREAM_DIR_BIDI);
1843
0
    if (args->qs == NULL)
1844
0
        args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1845
0
                                                  args->expect_id | QUIC_STREAM_DIR_UNI);
1846
1847
0
    if (args->qs != NULL)
1848
0
        return 1; /* stream now exists */
1849
1850
0
    return 0; /* did not get a stream, keep trying */
1851
0
}
1852
1853
QUIC_NEEDS_LOCK
1854
static int qc_wait_for_default_xso_for_read(QCTX *ctx, int peek)
1855
0
{
1856
    /* Called on a QCSO and we don't currently have a default stream. */
1857
0
    uint64_t expect_id;
1858
0
    QUIC_CONNECTION *qc = ctx->qc;
1859
0
    QUIC_STREAM *qs;
1860
0
    int res;
1861
0
    struct quic_wait_for_stream_args wargs;
1862
0
    OSSL_RTT_INFO rtt_info;
1863
1864
    /*
1865
     * If default stream functionality is disabled or we already detached
1866
     * one, don't make another default stream and just fail.
1867
     */
1868
0
    if (qc->default_xso_created
1869
0
        || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1870
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
1871
1872
    /*
1873
     * The peer may have opened a stream since we last ticked. So tick and
1874
     * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1875
     * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1876
     * first stream created by a peer must have an ordinal of 0.
1877
     */
1878
0
    expect_id = qc->as_server
1879
0
        ? QUIC_STREAM_INITIATOR_CLIENT
1880
0
        : QUIC_STREAM_INITIATOR_SERVER;
1881
1882
0
    qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1883
0
                                        expect_id | QUIC_STREAM_DIR_BIDI);
1884
0
    if (qs == NULL)
1885
0
        qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1886
0
                                            expect_id | QUIC_STREAM_DIR_UNI);
1887
1888
0
    if (qs == NULL) {
1889
0
        qctx_maybe_autotick(ctx);
1890
1891
0
        qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1892
0
                                            expect_id);
1893
0
    }
1894
1895
0
    if (qs == NULL) {
1896
0
        if (peek)
1897
0
            return 0;
1898
1899
0
        if (!qc_blocking_mode(qc))
1900
            /* Non-blocking mode, so just bail immediately. */
1901
0
            return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
1902
1903
        /* Block until we have a stream. */
1904
0
        wargs.qc        = qc;
1905
0
        wargs.qs        = NULL;
1906
0
        wargs.ctx       = ctx;
1907
0
        wargs.expect_id = expect_id;
1908
1909
0
        res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
1910
0
        if (res == 0)
1911
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1912
0
        else if (res < 0 || wargs.qs == NULL)
1913
            /* quic_wait_for_stream raised error here */
1914
0
            return 0;
1915
1916
0
        qs = wargs.qs;
1917
0
    }
1918
1919
    /*
1920
     * We now have qs != NULL. Remove it from the incoming stream queue so that
1921
     * it isn't also returned by any future SSL_accept_stream calls.
1922
     */
1923
0
    ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
1924
0
    ossl_quic_stream_map_remove_from_accept_queue(ossl_quic_channel_get_qsm(qc->ch),
1925
0
                                                  qs, rtt_info.smoothed_rtt);
1926
1927
    /*
1928
     * Now make qs the default stream, creating the necessary XSO.
1929
     */
1930
0
    qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0);
1931
0
    if (qc->default_xso == NULL)
1932
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1933
1934
0
    qc_touch_default_xso(qc); /* inhibits default XSO */
1935
0
    return 1;
1936
0
}
1937
1938
QUIC_NEEDS_LOCK
1939
static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
1940
0
{
1941
0
    QUIC_XSO *xso = NULL;
1942
1943
0
    if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL) {
1944
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
1945
0
        goto err;
1946
0
    }
1947
1948
0
    if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO)) {
1949
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
1950
0
        goto err;
1951
0
    }
1952
1953
    /* XSO refs QC */
1954
0
    if (!SSL_up_ref(&qc->ssl)) {
1955
0
        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SSL_LIB, NULL);
1956
0
        goto err;
1957
0
    }
1958
1959
0
    xso->conn       = qc;
1960
0
    xso->ssl_mode   = qc->default_ssl_mode;
1961
0
    xso->ssl_options
1962
0
        = qc->default_ssl_options & OSSL_QUIC_PERMITTED_OPTIONS_STREAM;
1963
0
    xso->last_error = SSL_ERROR_NONE;
1964
1965
0
    xso->stream     = qs;
1966
1967
0
    ++qc->num_xso;
1968
0
    xso_update_options(xso);
1969
0
    return xso;
1970
1971
0
err:
1972
0
    OPENSSL_free(xso);
1973
0
    return NULL;
1974
0
}
1975
1976
struct quic_new_stream_wait_args {
1977
    QUIC_CONNECTION *qc;
1978
    int is_uni;
1979
};
1980
1981
static int quic_new_stream_wait(void *arg)
1982
0
{
1983
0
    struct quic_new_stream_wait_args *args = arg;
1984
0
    QUIC_CONNECTION *qc = args->qc;
1985
1986
0
    if (!quic_mutation_allowed(qc, /*req_active=*/1))
1987
0
        return -1;
1988
1989
0
    if (ossl_quic_channel_is_new_local_stream_admissible(qc->ch, args->is_uni))
1990
0
        return 1;
1991
1992
0
    return 0;
1993
0
}
1994
1995
/* locking depends on need_lock */
1996
static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock)
1997
0
{
1998
0
    int ret;
1999
0
    QUIC_CONNECTION *qc = ctx->qc;
2000
0
    QUIC_XSO *xso = NULL;
2001
0
    QUIC_STREAM *qs = NULL;
2002
0
    int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
2003
0
    int no_blocking = ((flags & SSL_STREAM_FLAG_NO_BLOCK) != 0);
2004
0
    int advance = ((flags & SSL_STREAM_FLAG_ADVANCE) != 0);
2005
2006
0
    if (need_lock)
2007
0
        quic_lock(qc);
2008
2009
0
    if (!quic_mutation_allowed(qc, /*req_active=*/0)) {
2010
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2011
0
        goto err;
2012
0
    }
2013
2014
0
    if (!advance
2015
0
        && !ossl_quic_channel_is_new_local_stream_admissible(qc->ch, is_uni)) {
2016
0
        struct quic_new_stream_wait_args args;
2017
2018
        /*
2019
         * Stream count flow control currently doesn't permit this stream to be
2020
         * opened.
2021
         */
2022
0
        if (no_blocking || !qc_blocking_mode(qc)) {
2023
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_STREAM_COUNT_LIMITED, NULL);
2024
0
            goto err;
2025
0
        }
2026
2027
0
        args.qc     = qc;
2028
0
        args.is_uni = is_uni;
2029
2030
        /* Blocking mode - wait until we can get a stream. */
2031
0
        ret = block_until_pred(ctx->qc, quic_new_stream_wait, &args, 0);
2032
0
        if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
2033
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2034
0
            goto err; /* Shutdown before completion */
2035
0
        } else if (ret <= 0) {
2036
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2037
0
            goto err; /* Non-protocol error */
2038
0
        }
2039
0
    }
2040
2041
0
    qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni);
2042
0
    if (qs == NULL) {
2043
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2044
0
        goto err;
2045
0
    }
2046
2047
0
    xso = create_xso_from_stream(qc, qs);
2048
0
    if (xso == NULL)
2049
0
        goto err;
2050
2051
0
    qc_touch_default_xso(qc); /* inhibits default XSO */
2052
0
    if (need_lock)
2053
0
        quic_unlock(qc);
2054
2055
0
    return &xso->ssl;
2056
2057
0
err:
2058
0
    OPENSSL_free(xso);
2059
0
    ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs);
2060
0
    if (need_lock)
2061
0
        quic_unlock(qc);
2062
2063
0
    return NULL;
2064
2065
0
}
2066
2067
QUIC_TAKES_LOCK
2068
SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
2069
0
{
2070
0
    QCTX ctx;
2071
2072
0
    if (!expect_quic_conn_only(s, &ctx))
2073
0
        return NULL;
2074
2075
0
    return quic_conn_stream_new(&ctx, flags, /*need_lock=*/1);
2076
0
}
2077
2078
/*
2079
 * QUIC Front-End I/O API: Steady-State Operations
2080
 * ===============================================
2081
 *
2082
 * Here we dispatch calls to the steady-state front-end I/O API functions; that
2083
 * is, the functions used during the established phase of a QUIC connection
2084
 * (e.g. SSL_read, SSL_write).
2085
 *
2086
 * Each function must handle both blocking and non-blocking modes. As discussed
2087
 * above, all QUIC I/O is implemented using non-blocking mode internally.
2088
 *
2089
 *         SSL_get_error        => partially implemented by ossl_quic_get_error
2090
 *         SSL_want             => ossl_quic_want
2091
 *   (BIO/)SSL_read             => ossl_quic_read
2092
 *   (BIO/)SSL_write            => ossl_quic_write
2093
 *         SSL_pending          => ossl_quic_pending
2094
 *         SSL_stream_conclude  => ossl_quic_conn_stream_conclude
2095
 *         SSL_key_update       => ossl_quic_key_update
2096
 */
2097
2098
/* SSL_get_error */
2099
int ossl_quic_get_error(const SSL *s, int i)
2100
0
{
2101
0
    QCTX ctx;
2102
0
    int net_error, last_error;
2103
2104
0
    if (!expect_quic(s, &ctx))
2105
0
        return 0;
2106
2107
0
    quic_lock(ctx.qc);
2108
0
    net_error = ossl_quic_channel_net_error(ctx.qc->ch);
2109
0
    last_error = ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error;
2110
0
    quic_unlock(ctx.qc);
2111
2112
0
    if (net_error)
2113
0
        return SSL_ERROR_SYSCALL;
2114
2115
0
    return last_error;
2116
0
}
2117
2118
/* Converts a code returned by SSL_get_error to a code returned by SSL_want. */
2119
static int error_to_want(int error)
2120
0
{
2121
0
    switch (error) {
2122
0
    case SSL_ERROR_WANT_CONNECT: /* never used - UDP is connectionless */
2123
0
    case SSL_ERROR_WANT_ACCEPT:  /* never used - UDP is connectionless */
2124
0
    case SSL_ERROR_ZERO_RETURN:
2125
0
    default:
2126
0
        return SSL_NOTHING;
2127
2128
0
    case SSL_ERROR_WANT_READ:
2129
0
        return SSL_READING;
2130
2131
0
    case SSL_ERROR_WANT_WRITE:
2132
0
        return SSL_WRITING;
2133
2134
0
    case SSL_ERROR_WANT_RETRY_VERIFY:
2135
0
        return SSL_RETRY_VERIFY;
2136
2137
0
    case SSL_ERROR_WANT_CLIENT_HELLO_CB:
2138
0
        return SSL_CLIENT_HELLO_CB;
2139
2140
0
    case SSL_ERROR_WANT_X509_LOOKUP:
2141
0
        return SSL_X509_LOOKUP;
2142
0
    }
2143
0
}
2144
2145
/* SSL_want */
2146
int ossl_quic_want(const SSL *s)
2147
0
{
2148
0
    QCTX ctx;
2149
0
    int w;
2150
2151
0
    if (!expect_quic(s, &ctx))
2152
0
        return SSL_NOTHING;
2153
2154
0
    quic_lock(ctx.qc);
2155
2156
0
    w = error_to_want(ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error);
2157
2158
0
    quic_unlock(ctx.qc);
2159
0
    return w;
2160
0
}
2161
2162
/*
2163
 * SSL_write
2164
 * ---------
2165
 *
2166
 * The set of functions below provide the implementation of the public SSL_write
2167
 * function. We must handle:
2168
 *
2169
 *   - both blocking and non-blocking operation at the application level,
2170
 *     depending on how we are configured;
2171
 *
2172
 *   - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
2173
 *
2174
 *   - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
2175
 *
2176
 */
2177
QUIC_NEEDS_LOCK
2178
static void quic_post_write(QUIC_XSO *xso, int did_append,
2179
                            int did_append_all, uint64_t flags,
2180
                            int do_tick)
2181
0
{
2182
    /*
2183
     * We have appended at least one byte to the stream.
2184
     * Potentially mark stream as active, depending on FC.
2185
     */
2186
0
    if (did_append)
2187
0
        ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
2188
0
                                          xso->stream);
2189
2190
0
    if (did_append_all && (flags & SSL_WRITE_FLAG_CONCLUDE) != 0)
2191
0
        ossl_quic_sstream_fin(xso->stream->sstream);
2192
2193
    /*
2194
     * Try and send.
2195
     *
2196
     * TODO(QUIC FUTURE): It is probably inefficient to try and do this
2197
     * immediately, plus we should eventually consider Nagle's algorithm.
2198
     */
2199
0
    if (do_tick)
2200
0
        ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
2201
0
}
2202
2203
struct quic_write_again_args {
2204
    QUIC_XSO            *xso;
2205
    const unsigned char *buf;
2206
    size_t              len;
2207
    size_t              total_written;
2208
    int                 err;
2209
    uint64_t            flags;
2210
};
2211
2212
/*
2213
 * Absolute maximum write buffer size, enforced to prevent a rogue peer from
2214
 * deliberately inducing DoS. This has been chosen based on the optimal buffer
2215
 * size for an RTT of 500ms and a bandwidth of 100 Mb/s.
2216
 */
2217
0
#define MAX_WRITE_BUF_SIZE      (6 * 1024 * 1024)
2218
2219
/*
2220
 * Ensure spare buffer space available (up until a limit, at least).
2221
 */
2222
QUIC_NEEDS_LOCK
2223
static int sstream_ensure_spare(QUIC_SSTREAM *sstream, uint64_t spare)
2224
0
{
2225
0
    size_t cur_sz = ossl_quic_sstream_get_buffer_size(sstream);
2226
0
    size_t avail = ossl_quic_sstream_get_buffer_avail(sstream);
2227
0
    size_t spare_ = (spare > SIZE_MAX) ? SIZE_MAX : (size_t)spare;
2228
0
    size_t new_sz, growth;
2229
2230
0
    if (spare_ <= avail || cur_sz == MAX_WRITE_BUF_SIZE)
2231
0
        return 1;
2232
2233
0
    growth = spare_ - avail;
2234
0
    if (cur_sz + growth > MAX_WRITE_BUF_SIZE)
2235
0
        new_sz = MAX_WRITE_BUF_SIZE;
2236
0
    else
2237
0
        new_sz = cur_sz + growth;
2238
2239
0
    return ossl_quic_sstream_set_buffer_size(sstream, new_sz);
2240
0
}
2241
2242
/*
2243
 * Append to a QUIC_STREAM's QUIC_SSTREAM, ensuring buffer space is expanded
2244
 * as needed according to flow control.
2245
 */
2246
QUIC_NEEDS_LOCK
2247
static int xso_sstream_append(QUIC_XSO *xso, const unsigned char *buf,
2248
                              size_t len, size_t *actual_written)
2249
0
{
2250
0
    QUIC_SSTREAM *sstream = xso->stream->sstream;
2251
0
    uint64_t cur = ossl_quic_sstream_get_cur_size(sstream);
2252
0
    uint64_t cwm = ossl_quic_txfc_get_cwm(&xso->stream->txfc);
2253
0
    uint64_t permitted = (cwm >= cur ? cwm - cur : 0);
2254
2255
0
    if (len > permitted)
2256
0
        len = (size_t)permitted;
2257
2258
0
    if (!sstream_ensure_spare(sstream, len))
2259
0
        return 0;
2260
2261
0
    return ossl_quic_sstream_append(sstream, buf, len, actual_written);
2262
0
}
2263
2264
QUIC_NEEDS_LOCK
2265
static int quic_write_again(void *arg)
2266
0
{
2267
0
    struct quic_write_again_args *args = arg;
2268
0
    size_t actual_written = 0;
2269
2270
0
    if (!quic_mutation_allowed(args->xso->conn, /*req_active=*/1))
2271
        /* If connection is torn down due to an error while blocking, stop. */
2272
0
        return -2;
2273
2274
0
    if (!quic_validate_for_write(args->xso, &args->err))
2275
        /*
2276
         * Stream may have become invalid for write due to connection events
2277
         * while we blocked.
2278
         */
2279
0
        return -2;
2280
2281
0
    args->err = ERR_R_INTERNAL_ERROR;
2282
0
    if (!xso_sstream_append(args->xso, args->buf, args->len, &actual_written))
2283
0
        return -2;
2284
2285
0
    quic_post_write(args->xso, actual_written > 0,
2286
0
                    args->len == actual_written, args->flags, 0);
2287
2288
0
    args->buf           += actual_written;
2289
0
    args->len           -= actual_written;
2290
0
    args->total_written += actual_written;
2291
2292
0
    if (args->len == 0)
2293
        /* Written everything, done. */
2294
0
        return 1;
2295
2296
    /* Not written everything yet, keep trying. */
2297
0
    return 0;
2298
0
}
2299
2300
QUIC_NEEDS_LOCK
2301
static int quic_write_blocking(QCTX *ctx, const void *buf, size_t len,
2302
                               uint64_t flags, size_t *written)
2303
0
{
2304
0
    int res;
2305
0
    QUIC_XSO *xso = ctx->xso;
2306
0
    struct quic_write_again_args args;
2307
0
    size_t actual_written = 0;
2308
2309
    /* First make a best effort to append as much of the data as possible. */
2310
0
    if (!xso_sstream_append(xso, buf, len, &actual_written)) {
2311
        /* Stream already finished or allocation error. */
2312
0
        *written = 0;
2313
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2314
0
    }
2315
2316
0
    quic_post_write(xso, actual_written > 0, actual_written == len, flags, 1);
2317
2318
0
    if (actual_written == len) {
2319
        /* Managed to append everything on the first try. */
2320
0
        *written = actual_written;
2321
0
        return 1;
2322
0
    }
2323
2324
    /*
2325
     * We did not manage to append all of the data immediately, so the stream
2326
     * buffer has probably filled up. This means we need to block until some of
2327
     * it is freed up.
2328
     */
2329
0
    args.xso            = xso;
2330
0
    args.buf            = (const unsigned char *)buf + actual_written;
2331
0
    args.len            = len - actual_written;
2332
0
    args.total_written  = 0;
2333
0
    args.err            = ERR_R_INTERNAL_ERROR;
2334
0
    args.flags          = flags;
2335
2336
0
    res = block_until_pred(xso->conn, quic_write_again, &args, 0);
2337
0
    if (res <= 0) {
2338
0
        if (!quic_mutation_allowed(xso->conn, /*req_active=*/1))
2339
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2340
0
        else
2341
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, args.err, NULL);
2342
0
    }
2343
2344
0
    *written = args.total_written;
2345
0
    return 1;
2346
0
}
2347
2348
/*
2349
 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
2350
 * write semantics.
2351
 */
2352
static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
2353
                            size_t buf_len, size_t already_sent)
2354
0
{
2355
0
    assert(!xso->aon_write_in_progress);
2356
2357
0
    xso->aon_write_in_progress = 1;
2358
0
    xso->aon_buf_base          = buf;
2359
0
    xso->aon_buf_pos           = already_sent;
2360
0
    xso->aon_buf_len           = buf_len;
2361
0
}
2362
2363
static void aon_write_finish(QUIC_XSO *xso)
2364
0
{
2365
0
    xso->aon_write_in_progress   = 0;
2366
0
    xso->aon_buf_base            = NULL;
2367
0
    xso->aon_buf_pos             = 0;
2368
0
    xso->aon_buf_len             = 0;
2369
0
}
2370
2371
QUIC_NEEDS_LOCK
2372
static int quic_write_nonblocking_aon(QCTX *ctx, const void *buf,
2373
                                      size_t len, uint64_t flags,
2374
                                      size_t *written)
2375
0
{
2376
0
    QUIC_XSO *xso = ctx->xso;
2377
0
    const void *actual_buf;
2378
0
    size_t actual_len, actual_written = 0;
2379
0
    int accept_moving_buffer
2380
0
        = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
2381
2382
0
    if (xso->aon_write_in_progress) {
2383
        /*
2384
         * We are in the middle of an AON write (i.e., a previous write did not
2385
         * manage to append all data to the SSTREAM and we have Enable Partial
2386
         * Write (EPW) mode disabled.)
2387
         */
2388
0
        if ((!accept_moving_buffer && xso->aon_buf_base != buf)
2389
0
            || len != xso->aon_buf_len)
2390
            /*
2391
             * Pointer must not have changed if we are not in accept moving
2392
             * buffer mode. Length must never change.
2393
             */
2394
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BAD_WRITE_RETRY, NULL);
2395
2396
0
        actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
2397
0
        actual_len = len - xso->aon_buf_pos;
2398
0
        assert(actual_len > 0);
2399
0
    } else {
2400
0
        actual_buf = buf;
2401
0
        actual_len = len;
2402
0
    }
2403
2404
    /* First make a best effort to append as much of the data as possible. */
2405
0
    if (!xso_sstream_append(xso, actual_buf, actual_len, &actual_written)) {
2406
        /* Stream already finished or allocation error. */
2407
0
        *written = 0;
2408
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2409
0
    }
2410
2411
0
    quic_post_write(xso, actual_written > 0, actual_written == actual_len,
2412
0
                    flags, qctx_should_autotick(ctx));
2413
2414
0
    if (actual_written == actual_len) {
2415
        /* We have sent everything. */
2416
0
        if (xso->aon_write_in_progress) {
2417
            /*
2418
             * We have sent everything, and we were in the middle of an AON
2419
             * write. The output write length is the total length of the AON
2420
             * buffer, not however many bytes we managed to write to the stream
2421
             * in this call.
2422
             */
2423
0
            *written = xso->aon_buf_len;
2424
0
            aon_write_finish(xso);
2425
0
        } else {
2426
0
            *written = actual_written;
2427
0
        }
2428
2429
0
        return 1;
2430
0
    }
2431
2432
0
    if (xso->aon_write_in_progress) {
2433
        /*
2434
         * AON write is in progress but we have not written everything yet. We
2435
         * may have managed to send zero bytes, or some number of bytes less
2436
         * than the total remaining which need to be appended during this
2437
         * AON operation.
2438
         */
2439
0
        xso->aon_buf_pos += actual_written;
2440
0
        assert(xso->aon_buf_pos < xso->aon_buf_len);
2441
0
        return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
2442
0
    }
2443
2444
    /*
2445
     * Not in an existing AON operation but partial write is not enabled, so we
2446
     * need to begin a new AON operation. However we needn't bother if we didn't
2447
     * actually append anything.
2448
     */
2449
0
    if (actual_written > 0)
2450
0
        aon_write_begin(xso, buf, len, actual_written);
2451
2452
    /*
2453
     * AON - We do not publicly admit to having appended anything until AON
2454
     * completes.
2455
     */
2456
0
    *written = 0;
2457
0
    return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
2458
0
}
2459
2460
QUIC_NEEDS_LOCK
2461
static int quic_write_nonblocking_epw(QCTX *ctx, const void *buf, size_t len,
2462
                                      uint64_t flags, size_t *written)
2463
0
{
2464
0
    QUIC_XSO *xso = ctx->xso;
2465
2466
    /* Simple best effort operation. */
2467
0
    if (!xso_sstream_append(xso, buf, len, written)) {
2468
        /* Stream already finished or allocation error. */
2469
0
        *written = 0;
2470
0
        return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2471
0
    }
2472
2473
0
    quic_post_write(xso, *written > 0, *written == len, flags,
2474
0
                    qctx_should_autotick(ctx));
2475
2476
0
    if (*written == 0)
2477
        /* SSL_write_ex returns 0 if it didn't read anything. */
2478
0
        return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
2479
2480
0
    return 1;
2481
0
}
2482
2483
QUIC_NEEDS_LOCK
2484
static int quic_validate_for_write(QUIC_XSO *xso, int *err)
2485
0
{
2486
0
    QUIC_STREAM_MAP *qsm;
2487
2488
0
    if (xso == NULL || xso->stream == NULL) {
2489
0
        *err = ERR_R_INTERNAL_ERROR;
2490
0
        return 0;
2491
0
    }
2492
2493
0
    switch (xso->stream->send_state) {
2494
0
    default:
2495
0
    case QUIC_SSTREAM_STATE_NONE:
2496
0
        *err = SSL_R_STREAM_RECV_ONLY;
2497
0
        return 0;
2498
2499
0
    case QUIC_SSTREAM_STATE_READY:
2500
0
        qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
2501
2502
0
        if (!ossl_quic_stream_map_ensure_send_part_id(qsm, xso->stream)) {
2503
0
            *err = ERR_R_INTERNAL_ERROR;
2504
0
            return 0;
2505
0
        }
2506
2507
        /* FALLTHROUGH */
2508
0
    case QUIC_SSTREAM_STATE_SEND:
2509
0
    case QUIC_SSTREAM_STATE_DATA_SENT:
2510
0
    case QUIC_SSTREAM_STATE_DATA_RECVD:
2511
0
        if (ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL)) {
2512
0
            *err = SSL_R_STREAM_FINISHED;
2513
0
            return 0;
2514
0
        }
2515
2516
0
        return 1;
2517
2518
0
    case QUIC_SSTREAM_STATE_RESET_SENT:
2519
0
    case QUIC_SSTREAM_STATE_RESET_RECVD:
2520
0
        *err = SSL_R_STREAM_RESET;
2521
0
        return 0;
2522
0
    }
2523
0
}
2524
2525
QUIC_TAKES_LOCK
2526
int ossl_quic_write_flags(SSL *s, const void *buf, size_t len,
2527
                          uint64_t flags, size_t *written)
2528
0
{
2529
0
    int ret;
2530
0
    QCTX ctx;
2531
0
    int partial_write, err;
2532
2533
0
    *written = 0;
2534
2535
0
    if (len == 0) {
2536
        /* Do not autocreate default XSO for zero-length writes. */
2537
0
        if (!expect_quic(s, &ctx))
2538
0
            return 0;
2539
2540
0
        quic_lock_for_io(&ctx);
2541
0
    } else {
2542
0
        if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/1, &ctx))
2543
0
            return 0;
2544
0
    }
2545
2546
0
    partial_write = ((ctx.xso != NULL)
2547
0
        ? ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0) : 0);
2548
2549
0
    if ((flags & ~SSL_WRITE_FLAG_CONCLUDE) != 0) {
2550
0
        ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_UNSUPPORTED_WRITE_FLAG, NULL);
2551
0
        goto out;
2552
0
    }
2553
2554
0
    if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) {
2555
0
        ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2556
0
        goto out;
2557
0
    }
2558
2559
    /*
2560
     * If we haven't finished the handshake, try to advance it.
2561
     * We don't accept writes until the handshake is completed.
2562
     */
2563
0
    if (quic_do_handshake(&ctx) < 1) {
2564
0
        ret = 0;
2565
0
        goto out;
2566
0
    }
2567
2568
    /* Ensure correct stream state, stream send part not concluded, etc. */
2569
0
    if (len > 0 && !quic_validate_for_write(ctx.xso, &err)) {
2570
0
        ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
2571
0
        goto out;
2572
0
    }
2573
2574
0
    if (len == 0) {
2575
0
        if ((flags & SSL_WRITE_FLAG_CONCLUDE) != 0)
2576
0
            quic_post_write(ctx.xso, 0, 1, flags,
2577
0
                            qctx_should_autotick(&ctx));
2578
2579
0
        ret = 1;
2580
0
        goto out;
2581
0
    }
2582
2583
0
    if (xso_blocking_mode(ctx.xso))
2584
0
        ret = quic_write_blocking(&ctx, buf, len, flags, written);
2585
0
    else if (partial_write)
2586
0
        ret = quic_write_nonblocking_epw(&ctx, buf, len, flags, written);
2587
0
    else
2588
0
        ret = quic_write_nonblocking_aon(&ctx, buf, len, flags, written);
2589
2590
0
out:
2591
0
    quic_unlock(ctx.qc);
2592
0
    return ret;
2593
0
}
2594
2595
QUIC_TAKES_LOCK
2596
int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
2597
0
{
2598
0
    return ossl_quic_write_flags(s, buf, len, 0, written);
2599
0
}
2600
2601
/*
2602
 * SSL_read
2603
 * --------
2604
 */
2605
struct quic_read_again_args {
2606
    QCTX            *ctx;
2607
    QUIC_STREAM     *stream;
2608
    void            *buf;
2609
    size_t          len;
2610
    size_t          *bytes_read;
2611
    int             peek;
2612
};
2613
2614
QUIC_NEEDS_LOCK
2615
static int quic_validate_for_read(QUIC_XSO *xso, int *err, int *eos)
2616
0
{
2617
0
    QUIC_STREAM_MAP *qsm;
2618
2619
0
    *eos = 0;
2620
2621
0
    if (xso == NULL || xso->stream == NULL) {
2622
0
        *err = ERR_R_INTERNAL_ERROR;
2623
0
        return 0;
2624
0
    }
2625
2626
0
    switch (xso->stream->recv_state) {
2627
0
    default:
2628
0
    case QUIC_RSTREAM_STATE_NONE:
2629
0
        *err = SSL_R_STREAM_SEND_ONLY;
2630
0
        return 0;
2631
2632
0
    case QUIC_RSTREAM_STATE_RECV:
2633
0
    case QUIC_RSTREAM_STATE_SIZE_KNOWN:
2634
0
    case QUIC_RSTREAM_STATE_DATA_RECVD:
2635
0
        return 1;
2636
2637
0
    case QUIC_RSTREAM_STATE_DATA_READ:
2638
0
        *eos = 1;
2639
0
        return 0;
2640
2641
0
    case QUIC_RSTREAM_STATE_RESET_RECVD:
2642
0
        qsm = ossl_quic_channel_get_qsm(xso->conn->ch);
2643
0
        ossl_quic_stream_map_notify_app_read_reset_recv_part(qsm, xso->stream);
2644
2645
        /* FALLTHROUGH */
2646
0
    case QUIC_RSTREAM_STATE_RESET_READ:
2647
0
        *err = SSL_R_STREAM_RESET;
2648
0
        return 0;
2649
0
    }
2650
0
}
2651
2652
QUIC_NEEDS_LOCK
2653
static int quic_read_actual(QCTX *ctx,
2654
                            QUIC_STREAM *stream,
2655
                            void *buf, size_t buf_len,
2656
                            size_t *bytes_read,
2657
                            int peek)
2658
0
{
2659
0
    int is_fin = 0, err, eos;
2660
0
    QUIC_CONNECTION *qc = ctx->qc;
2661
2662
0
    if (!quic_validate_for_read(ctx->xso, &err, &eos)) {
2663
0
        if (eos) {
2664
0
            ctx->xso->retired_fin = 1;
2665
0
            return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
2666
0
        } else {
2667
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, err, NULL);
2668
0
        }
2669
0
    }
2670
2671
0
    if (peek) {
2672
0
        if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
2673
0
                                    bytes_read, &is_fin))
2674
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2675
2676
0
    } else {
2677
0
        if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
2678
0
                                    bytes_read, &is_fin))
2679
0
            return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2680
0
    }
2681
2682
0
    if (!peek) {
2683
0
        if (*bytes_read > 0) {
2684
            /*
2685
             * We have read at least one byte from the stream. Inform stream-level
2686
             * RXFC of the retirement of controlled bytes. Update the active stream
2687
             * status (the RXFC may now want to emit a frame granting more credit to
2688
             * the peer).
2689
             */
2690
0
            OSSL_RTT_INFO rtt_info;
2691
2692
0
            ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
2693
2694
0
            if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
2695
0
                                          rtt_info.smoothed_rtt))
2696
0
                return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
2697
0
        }
2698
2699
0
        if (is_fin && !peek) {
2700
0
            QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(ctx->qc->ch);
2701
2702
0
            ossl_quic_stream_map_notify_totally_read(qsm, ctx->xso->stream);
2703
0
        }
2704
2705
0
        if (*bytes_read > 0)
2706
0
            ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
2707
0
                                              stream);
2708
0
    }
2709
2710
0
    if (*bytes_read == 0 && is_fin) {
2711
0
        ctx->xso->retired_fin = 1;
2712
0
        return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
2713
0
    }
2714
2715
0
    return 1;
2716
0
}
2717
2718
QUIC_NEEDS_LOCK
2719
static int quic_read_again(void *arg)
2720
0
{
2721
0
    struct quic_read_again_args *args = arg;
2722
2723
0
    if (!quic_mutation_allowed(args->ctx->qc, /*req_active=*/1)) {
2724
        /* If connection is torn down due to an error while blocking, stop. */
2725
0
        QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2726
0
        return -1;
2727
0
    }
2728
2729
0
    if (!quic_read_actual(args->ctx, args->stream,
2730
0
                          args->buf, args->len, args->bytes_read,
2731
0
                          args->peek))
2732
0
        return -1;
2733
2734
0
    if (*args->bytes_read > 0)
2735
        /* got at least one byte, the SSL_read op can finish now */
2736
0
        return 1;
2737
2738
0
    return 0; /* did not read anything, keep trying */
2739
0
}
2740
2741
QUIC_TAKES_LOCK
2742
static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
2743
0
{
2744
0
    int ret, res;
2745
0
    QCTX ctx;
2746
0
    struct quic_read_again_args args;
2747
2748
0
    *bytes_read = 0;
2749
2750
0
    if (!expect_quic(s, &ctx))
2751
0
        return 0;
2752
2753
0
    quic_lock_for_io(&ctx);
2754
2755
0
    if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) {
2756
0
        ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2757
0
        goto out;
2758
0
    }
2759
2760
    /* If we haven't finished the handshake, try to advance it. */
2761
0
    if (quic_do_handshake(&ctx) < 1) {
2762
0
        ret = 0; /* ossl_quic_do_handshake raised error here */
2763
0
        goto out;
2764
0
    }
2765
2766
0
    if (ctx.xso == NULL) {
2767
        /*
2768
         * Called on a QCSO and we don't currently have a default stream.
2769
         *
2770
         * Wait until we get a stream initiated by the peer (blocking mode) or
2771
         * fail if we don't have one yet (non-blocking mode).
2772
         */
2773
0
        if (!qc_wait_for_default_xso_for_read(&ctx, /*peek=*/0)) {
2774
0
            ret = 0; /* error already raised here */
2775
0
            goto out;
2776
0
        }
2777
2778
0
        ctx.xso = ctx.qc->default_xso;
2779
0
    }
2780
2781
0
    if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
2782
0
        ret = 0; /* quic_read_actual raised error here */
2783
0
        goto out;
2784
0
    }
2785
2786
0
    if (*bytes_read > 0) {
2787
        /*
2788
         * Even though we succeeded, tick the reactor here to ensure we are
2789
         * handling other aspects of the QUIC connection.
2790
         */
2791
0
        qctx_maybe_autotick(&ctx);
2792
0
        ret = 1;
2793
0
    } else if (xso_blocking_mode(ctx.xso)) {
2794
        /*
2795
         * We were not able to read anything immediately, so our stream
2796
         * buffer is empty. This means we need to block until we get
2797
         * at least one byte.
2798
         */
2799
0
        args.ctx        = &ctx;
2800
0
        args.stream     = ctx.xso->stream;
2801
0
        args.buf        = buf;
2802
0
        args.len        = len;
2803
0
        args.bytes_read = bytes_read;
2804
0
        args.peek       = peek;
2805
2806
0
        res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
2807
0
        if (res == 0) {
2808
0
            ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
2809
0
            goto out;
2810
0
        } else if (res < 0) {
2811
0
            ret = 0; /* quic_read_again raised error here */
2812
0
            goto out;
2813
0
        }
2814
2815
0
        ret = 1;
2816
0
    } else {
2817
        /*
2818
         * We did not get any bytes and are not in blocking mode.
2819
         * Tick to see if this delivers any more.
2820
         */
2821
0
        qctx_maybe_autotick(&ctx);
2822
2823
        /* Try the read again. */
2824
0
        if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
2825
0
            ret = 0; /* quic_read_actual raised error here */
2826
0
            goto out;
2827
0
        }
2828
2829
0
        if (*bytes_read > 0)
2830
0
            ret = 1; /* Succeeded this time. */
2831
0
        else
2832
0
            ret = QUIC_RAISE_NORMAL_ERROR(&ctx, SSL_ERROR_WANT_READ);
2833
0
    }
2834
2835
0
out:
2836
0
    quic_unlock(ctx.qc);
2837
0
    return ret;
2838
0
}
2839
2840
int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
2841
0
{
2842
0
    return quic_read(s, buf, len, bytes_read, 0);
2843
0
}
2844
2845
int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
2846
0
{
2847
0
    return quic_read(s, buf, len, bytes_read, 1);
2848
0
}
2849
2850
/*
2851
 * SSL_pending
2852
 * -----------
2853
 */
2854
2855
QUIC_TAKES_LOCK
2856
static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
2857
0
{
2858
0
    QCTX ctx;
2859
0
    size_t avail = 0;
2860
2861
0
    if (!expect_quic(s, &ctx))
2862
0
        return 0;
2863
2864
0
    quic_lock(ctx.qc);
2865
2866
0
    if (ctx.xso == NULL) {
2867
        /* No XSO yet, but there might be a default XSO eligible to be created. */
2868
0
        if (qc_wait_for_default_xso_for_read(&ctx, /*peek=*/1)) {
2869
0
            ctx.xso = ctx.qc->default_xso;
2870
0
        } else {
2871
0
            QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_NO_STREAM, NULL);
2872
0
            goto out;
2873
0
        }
2874
0
    }
2875
2876
0
    if (ctx.xso->stream == NULL) {
2877
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
2878
0
        goto out;
2879
0
    }
2880
2881
0
    if (check_channel)
2882
0
        avail = ossl_quic_stream_recv_pending(ctx.xso->stream,
2883
0
                                              /*include_fin=*/1)
2884
0
             || ossl_quic_channel_has_pending(ctx.qc->ch)
2885
0
             || ossl_quic_channel_is_term_any(ctx.qc->ch);
2886
0
    else
2887
0
        avail = ossl_quic_stream_recv_pending(ctx.xso->stream,
2888
0
                                              /*include_fin=*/0);
2889
2890
0
out:
2891
0
    quic_unlock(ctx.qc);
2892
0
    return avail;
2893
0
}
2894
2895
size_t ossl_quic_pending(const SSL *s)
2896
0
{
2897
0
    return ossl_quic_pending_int(s, /*check_channel=*/0);
2898
0
}
2899
2900
int ossl_quic_has_pending(const SSL *s)
2901
0
{
2902
    /* Do we have app-side pending data or pending URXEs or RXEs? */
2903
0
    return ossl_quic_pending_int(s, /*check_channel=*/1) > 0;
2904
0
}
2905
2906
/*
2907
 * SSL_stream_conclude
2908
 * -------------------
2909
 */
2910
QUIC_TAKES_LOCK
2911
int ossl_quic_conn_stream_conclude(SSL *s)
2912
0
{
2913
0
    QCTX ctx;
2914
0
    QUIC_STREAM *qs;
2915
0
    int err;
2916
2917
0
    if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
2918
0
        return 0;
2919
2920
0
    qs = ctx.xso->stream;
2921
2922
0
    if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
2923
0
        quic_unlock(ctx.qc);
2924
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2925
0
    }
2926
2927
0
    if (!quic_validate_for_write(ctx.xso, &err)) {
2928
0
        quic_unlock(ctx.qc);
2929
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
2930
0
    }
2931
2932
0
    if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
2933
0
        quic_unlock(ctx.qc);
2934
0
        return 1;
2935
0
    }
2936
2937
0
    ossl_quic_sstream_fin(qs->sstream);
2938
0
    quic_post_write(ctx.xso, 1, 0, 0, qctx_should_autotick(&ctx));
2939
0
    quic_unlock(ctx.qc);
2940
0
    return 1;
2941
0
}
2942
2943
/*
2944
 * SSL_inject_net_dgram
2945
 * --------------------
2946
 */
2947
QUIC_TAKES_LOCK
2948
int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
2949
                         size_t buf_len,
2950
                         const BIO_ADDR *peer,
2951
                         const BIO_ADDR *local)
2952
0
{
2953
0
    int ret;
2954
0
    QCTX ctx;
2955
0
    QUIC_DEMUX *demux;
2956
2957
0
    if (!expect_quic(s, &ctx))
2958
0
        return 0;
2959
2960
0
    quic_lock(ctx.qc);
2961
2962
0
    demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
2963
0
    ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
2964
2965
0
    quic_unlock(ctx.qc);
2966
0
    return ret;
2967
0
}
2968
2969
/*
2970
 * SSL_get0_connection
2971
 * -------------------
2972
 */
2973
SSL *ossl_quic_get0_connection(SSL *s)
2974
0
{
2975
0
    QCTX ctx;
2976
2977
0
    if (!expect_quic(s, &ctx))
2978
0
        return NULL;
2979
2980
0
    return &ctx.qc->ssl;
2981
0
}
2982
2983
/*
2984
 * SSL_get_stream_type
2985
 * -------------------
2986
 */
2987
int ossl_quic_get_stream_type(SSL *s)
2988
0
{
2989
0
    QCTX ctx;
2990
2991
0
    if (!expect_quic(s, &ctx))
2992
0
        return SSL_STREAM_TYPE_BIDI;
2993
2994
0
    if (ctx.xso == NULL) {
2995
        /*
2996
         * If deferred XSO creation has yet to occur, proceed according to the
2997
         * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
2998
         * what kind of stream will be created yet, so return BIDI on the basis
2999
         * that at this time, the client still has the option of calling
3000
         * SSL_read() or SSL_write() first.
3001
         */
3002
0
        if (ctx.qc->default_xso_created
3003
0
            || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
3004
0
            return SSL_STREAM_TYPE_NONE;
3005
0
        else
3006
0
            return SSL_STREAM_TYPE_BIDI;
3007
0
    }
3008
3009
0
    if (ossl_quic_stream_is_bidi(ctx.xso->stream))
3010
0
        return SSL_STREAM_TYPE_BIDI;
3011
3012
0
    if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
3013
0
        return SSL_STREAM_TYPE_READ;
3014
0
    else
3015
0
        return SSL_STREAM_TYPE_WRITE;
3016
0
}
3017
3018
/*
3019
 * SSL_get_stream_id
3020
 * -----------------
3021
 */
3022
QUIC_TAKES_LOCK
3023
uint64_t ossl_quic_get_stream_id(SSL *s)
3024
0
{
3025
0
    QCTX ctx;
3026
0
    uint64_t id;
3027
3028
0
    if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx))
3029
0
        return UINT64_MAX;
3030
3031
0
    id = ctx.xso->stream->id;
3032
0
    quic_unlock(ctx.qc);
3033
3034
0
    return id;
3035
0
}
3036
3037
/*
3038
 * SSL_is_stream_local
3039
 * -------------------
3040
 */
3041
QUIC_TAKES_LOCK
3042
int ossl_quic_is_stream_local(SSL *s)
3043
0
{
3044
0
    QCTX ctx;
3045
0
    int is_local;
3046
3047
0
    if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx))
3048
0
        return -1;
3049
3050
0
    is_local = ossl_quic_stream_is_local_init(ctx.xso->stream);
3051
0
    quic_unlock(ctx.qc);
3052
3053
0
    return is_local;
3054
0
}
3055
3056
/*
3057
 * SSL_set_default_stream_mode
3058
 * ---------------------------
3059
 */
3060
QUIC_TAKES_LOCK
3061
int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
3062
0
{
3063
0
    QCTX ctx;
3064
3065
0
    if (!expect_quic_conn_only(s, &ctx))
3066
0
        return 0;
3067
3068
0
    quic_lock(ctx.qc);
3069
3070
0
    if (ctx.qc->default_xso_created) {
3071
0
        quic_unlock(ctx.qc);
3072
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
3073
0
                                       "too late to change default stream mode");
3074
0
    }
3075
3076
0
    switch (mode) {
3077
0
    case SSL_DEFAULT_STREAM_MODE_NONE:
3078
0
    case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
3079
0
    case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
3080
0
        ctx.qc->default_stream_mode = mode;
3081
0
        break;
3082
0
    default:
3083
0
        quic_unlock(ctx.qc);
3084
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
3085
0
                                       "bad default stream type");
3086
0
    }
3087
3088
0
    quic_unlock(ctx.qc);
3089
0
    return 1;
3090
0
}
3091
3092
/*
3093
 * SSL_detach_stream
3094
 * -----------------
3095
 */
3096
QUIC_TAKES_LOCK
3097
SSL *ossl_quic_detach_stream(SSL *s)
3098
0
{
3099
0
    QCTX ctx;
3100
0
    QUIC_XSO *xso = NULL;
3101
3102
0
    if (!expect_quic_conn_only(s, &ctx))
3103
0
        return NULL;
3104
3105
0
    quic_lock(ctx.qc);
3106
3107
    /* Calling this function inhibits default XSO autocreation. */
3108
    /* QC ref to any default XSO is transferred to us and to caller. */
3109
0
    qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso);
3110
3111
0
    quic_unlock(ctx.qc);
3112
3113
0
    return xso != NULL ? &xso->ssl : NULL;
3114
0
}
3115
3116
/*
3117
 * SSL_attach_stream
3118
 * -----------------
3119
 */
3120
QUIC_TAKES_LOCK
3121
int ossl_quic_attach_stream(SSL *conn, SSL *stream)
3122
0
{
3123
0
    QCTX ctx;
3124
0
    QUIC_XSO *xso;
3125
0
    int nref;
3126
3127
0
    if (!expect_quic_conn_only(conn, &ctx))
3128
0
        return 0;
3129
3130
0
    if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
3131
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_NULL_PARAMETER,
3132
0
                                       "stream to attach must be a valid QUIC stream");
3133
3134
0
    xso = (QUIC_XSO *)stream;
3135
3136
0
    quic_lock(ctx.qc);
3137
3138
0
    if (ctx.qc->default_xso != NULL) {
3139
0
        quic_unlock(ctx.qc);
3140
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
3141
0
                                       "connection already has a default stream");
3142
0
    }
3143
3144
    /*
3145
     * It is a caller error for the XSO being attached as a default XSO to have
3146
     * more than one ref.
3147
     */
3148
0
    if (!CRYPTO_GET_REF(&xso->ssl.references, &nref)) {
3149
0
        quic_unlock(ctx.qc);
3150
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR,
3151
0
                                       "ref");
3152
0
    }
3153
3154
0
    if (nref != 1) {
3155
0
        quic_unlock(ctx.qc);
3156
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
3157
0
                                       "stream being attached must have "
3158
0
                                       "only 1 reference");
3159
0
    }
3160
3161
    /* Caller's reference to the XSO is transferred to us. */
3162
    /* Calling this function inhibits default XSO autocreation. */
3163
0
    qc_set_default_xso(ctx.qc, xso, /*touch=*/1);
3164
3165
0
    quic_unlock(ctx.qc);
3166
0
    return 1;
3167
0
}
3168
3169
/*
3170
 * SSL_set_incoming_stream_policy
3171
 * ------------------------------
3172
 */
3173
QUIC_NEEDS_LOCK
3174
static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc)
3175
0
{
3176
0
    switch (qc->incoming_stream_policy) {
3177
0
        case SSL_INCOMING_STREAM_POLICY_AUTO:
3178
0
            if ((qc->default_xso == NULL && !qc->default_xso_created)
3179
0
                || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
3180
0
                return SSL_INCOMING_STREAM_POLICY_ACCEPT;
3181
0
            else
3182
0
                return SSL_INCOMING_STREAM_POLICY_REJECT;
3183
3184
0
        default:
3185
0
            return qc->incoming_stream_policy;
3186
0
    }
3187
0
}
3188
3189
QUIC_NEEDS_LOCK
3190
static void qc_update_reject_policy(QUIC_CONNECTION *qc)
3191
0
{
3192
0
    int policy = qc_get_effective_incoming_stream_policy(qc);
3193
0
    int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT);
3194
3195
0
    ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch,
3196
0
                                                      enable_reject,
3197
0
                                                      qc->incoming_stream_aec);
3198
0
}
3199
3200
QUIC_TAKES_LOCK
3201
int ossl_quic_set_incoming_stream_policy(SSL *s, int policy,
3202
                                         uint64_t aec)
3203
0
{
3204
0
    int ret = 1;
3205
0
    QCTX ctx;
3206
3207
0
    if (!expect_quic_conn_only(s, &ctx))
3208
0
        return 0;
3209
3210
0
    quic_lock(ctx.qc);
3211
3212
0
    switch (policy) {
3213
0
    case SSL_INCOMING_STREAM_POLICY_AUTO:
3214
0
    case SSL_INCOMING_STREAM_POLICY_ACCEPT:
3215
0
    case SSL_INCOMING_STREAM_POLICY_REJECT:
3216
0
        ctx.qc->incoming_stream_policy = policy;
3217
0
        ctx.qc->incoming_stream_aec    = aec;
3218
0
        break;
3219
3220
0
    default:
3221
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
3222
0
        ret = 0;
3223
0
        break;
3224
0
    }
3225
3226
0
    qc_update_reject_policy(ctx.qc);
3227
0
    quic_unlock(ctx.qc);
3228
0
    return ret;
3229
0
}
3230
3231
/*
3232
 * SSL_get_value, SSL_set_value
3233
 * ----------------------------
3234
 */
3235
QUIC_TAKES_LOCK
3236
static int qc_getset_idle_timeout(QCTX *ctx, uint32_t class_,
3237
                                  uint64_t *p_value_out, uint64_t *p_value_in)
3238
0
{
3239
0
    int ret = 0;
3240
0
    uint64_t value_out = 0, value_in;
3241
3242
0
    quic_lock(ctx->qc);
3243
3244
0
    switch (class_) {
3245
0
    case SSL_VALUE_CLASS_FEATURE_REQUEST:
3246
0
        value_out = ossl_quic_channel_get_max_idle_timeout_request(ctx->qc->ch);
3247
3248
0
        if (p_value_in != NULL) {
3249
0
            value_in = *p_value_in;
3250
0
            if (value_in > OSSL_QUIC_VLINT_MAX) {
3251
0
                QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT,
3252
0
                                            NULL);
3253
0
                goto err;
3254
0
            }
3255
3256
0
            if (ossl_quic_channel_have_generated_transport_params(ctx->qc->ch)) {
3257
0
                QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_FEATURE_NOT_RENEGOTIABLE,
3258
0
                                            NULL);
3259
0
                goto err;
3260
0
            }
3261
3262
0
            ossl_quic_channel_set_max_idle_timeout_request(ctx->qc->ch, value_in);
3263
0
        }
3264
0
        break;
3265
3266
0
    case SSL_VALUE_CLASS_FEATURE_PEER_REQUEST:
3267
0
    case SSL_VALUE_CLASS_FEATURE_NEGOTIATED:
3268
0
        if (p_value_in != NULL) {
3269
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_OP,
3270
0
                                        NULL);
3271
0
            goto err;
3272
0
        }
3273
3274
0
        if (!ossl_quic_channel_is_handshake_complete(ctx->qc->ch)) {
3275
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_FEATURE_NEGOTIATION_NOT_COMPLETE,
3276
0
                                        NULL);
3277
0
            goto err;
3278
0
        }
3279
3280
0
        value_out = (class_ == SSL_VALUE_CLASS_FEATURE_NEGOTIATED)
3281
0
            ? ossl_quic_channel_get_max_idle_timeout_actual(ctx->qc->ch)
3282
0
            : ossl_quic_channel_get_max_idle_timeout_peer_request(ctx->qc->ch);
3283
0
        break;
3284
3285
0
    default:
3286
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS,
3287
0
                                    NULL);
3288
0
        goto err;
3289
0
    }
3290
3291
0
    ret = 1;
3292
0
err:
3293
0
    quic_unlock(ctx->qc);
3294
0
    if (ret && p_value_out != NULL)
3295
0
        *p_value_out = value_out;
3296
3297
0
    return ret;
3298
0
}
3299
3300
QUIC_TAKES_LOCK
3301
static int qc_get_stream_avail(QCTX *ctx, uint32_t class_,
3302
                               int is_uni, int is_remote,
3303
                               uint64_t *value)
3304
0
{
3305
0
    int ret = 0;
3306
3307
0
    if (class_ != SSL_VALUE_CLASS_GENERIC) {
3308
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS,
3309
0
                                    NULL);
3310
0
        return 0;
3311
0
    }
3312
3313
0
    quic_lock(ctx->qc);
3314
3315
0
    *value = is_remote
3316
0
        ? ossl_quic_channel_get_remote_stream_count_avail(ctx->qc->ch, is_uni)
3317
0
        : ossl_quic_channel_get_local_stream_count_avail(ctx->qc->ch, is_uni);
3318
3319
0
    ret = 1;
3320
0
    quic_unlock(ctx->qc);
3321
0
    return ret;
3322
0
}
3323
3324
QUIC_NEEDS_LOCK
3325
static int qctx_should_autotick(QCTX *ctx)
3326
0
{
3327
0
    int event_handling_mode;
3328
3329
0
    if (ctx->is_stream) {
3330
0
        event_handling_mode = ctx->xso->event_handling_mode;
3331
0
        if (event_handling_mode != SSL_VALUE_EVENT_HANDLING_MODE_INHERIT)
3332
0
            return event_handling_mode != SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT;
3333
0
    }
3334
3335
0
    event_handling_mode = ctx->qc->event_handling_mode;
3336
0
    return event_handling_mode != SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT;
3337
0
}
3338
3339
QUIC_NEEDS_LOCK
3340
static void qctx_maybe_autotick(QCTX *ctx)
3341
0
{
3342
0
    if (!qctx_should_autotick(ctx))
3343
0
        return;
3344
3345
0
    ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx->qc->ch), 0);
3346
0
}
3347
3348
QUIC_TAKES_LOCK
3349
static int qc_getset_event_handling(QCTX *ctx, uint32_t class_,
3350
                                    uint64_t *p_value_out,
3351
                                    uint64_t *p_value_in)
3352
0
{
3353
0
    int ret = 0;
3354
0
    uint64_t value_out = 0;
3355
3356
0
    quic_lock(ctx->qc);
3357
3358
0
    if (class_ != SSL_VALUE_CLASS_GENERIC) {
3359
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS,
3360
0
                                    NULL);
3361
0
        goto err;
3362
0
    }
3363
3364
0
    if (p_value_in != NULL) {
3365
0
        switch (*p_value_in) {
3366
0
        case SSL_VALUE_EVENT_HANDLING_MODE_INHERIT:
3367
0
        case SSL_VALUE_EVENT_HANDLING_MODE_IMPLICIT:
3368
0
        case SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT:
3369
0
            break;
3370
0
        default:
3371
0
            QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT,
3372
0
                                        NULL);
3373
0
            goto err;
3374
0
        }
3375
3376
0
        value_out = *p_value_in;
3377
0
        if (ctx->is_stream)
3378
0
            ctx->xso->event_handling_mode = (int)value_out;
3379
0
        else
3380
0
            ctx->qc->event_handling_mode = (int)value_out;
3381
0
    } else {
3382
0
        value_out = ctx->is_stream
3383
0
            ? ctx->xso->event_handling_mode
3384
0
            : ctx->qc->event_handling_mode;
3385
0
    }
3386
3387
0
    ret = 1;
3388
0
err:
3389
0
    quic_unlock(ctx->qc);
3390
0
    if (ret && p_value_out != NULL)
3391
0
        *p_value_out = value_out;
3392
3393
0
    return ret;
3394
0
}
3395
3396
QUIC_TAKES_LOCK
3397
static int qc_get_stream_write_buf_stat(QCTX *ctx, uint32_t class_,
3398
                                        uint64_t *p_value_out,
3399
                                        size_t (*getter)(QUIC_SSTREAM *sstream))
3400
0
{
3401
0
    int ret = 0;
3402
0
    size_t value = 0;
3403
3404
0
    quic_lock(ctx->qc);
3405
3406
0
    if (class_ != SSL_VALUE_CLASS_GENERIC) {
3407
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS,
3408
0
                                    NULL);
3409
0
        goto err;
3410
0
    }
3411
3412
0
    if (ctx->xso == NULL) {
3413
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
3414
0
        goto err;
3415
0
    }
3416
3417
0
    if (!ossl_quic_stream_has_send(ctx->xso->stream)) {
3418
0
        QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_STREAM_RECV_ONLY, NULL);
3419
0
        goto err;
3420
0
    }
3421
3422
0
    if (ossl_quic_stream_has_send_buffer(ctx->xso->stream))
3423
0
        value = getter(ctx->xso->stream->sstream);
3424
3425
0
    ret = 1;
3426
0
err:
3427
0
    quic_unlock(ctx->qc);
3428
0
    *p_value_out = (uint64_t)value;
3429
0
    return ret;
3430
0
}
3431
3432
QUIC_NEEDS_LOCK
3433
static int expect_quic_for_value(SSL *s, QCTX *ctx, uint32_t id)
3434
0
{
3435
0
    switch (id) {
3436
0
    case SSL_VALUE_EVENT_HANDLING_MODE:
3437
0
    case SSL_VALUE_STREAM_WRITE_BUF_SIZE:
3438
0
    case SSL_VALUE_STREAM_WRITE_BUF_USED:
3439
0
    case SSL_VALUE_STREAM_WRITE_BUF_AVAIL:
3440
0
        return expect_quic(s, ctx);
3441
0
    default:
3442
0
        return expect_quic_conn_only(s, ctx);
3443
0
    }
3444
0
}
3445
3446
QUIC_TAKES_LOCK
3447
int ossl_quic_get_value_uint(SSL *s, uint32_t class_, uint32_t id,
3448
                             uint64_t *value)
3449
0
{
3450
0
    QCTX ctx;
3451
3452
0
    if (!expect_quic_for_value(s, &ctx, id))
3453
0
        return 0;
3454
3455
0
    if (value == NULL)
3456
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx,
3457
0
                                           ERR_R_PASSED_INVALID_ARGUMENT, NULL);
3458
3459
0
    switch (id) {
3460
0
    case SSL_VALUE_QUIC_IDLE_TIMEOUT:
3461
0
        return qc_getset_idle_timeout(&ctx, class_, value, NULL);
3462
3463
0
    case SSL_VALUE_QUIC_STREAM_BIDI_LOCAL_AVAIL:
3464
0
        return qc_get_stream_avail(&ctx, class_, /*uni=*/0, /*remote=*/0, value);
3465
0
    case SSL_VALUE_QUIC_STREAM_BIDI_REMOTE_AVAIL:
3466
0
        return qc_get_stream_avail(&ctx, class_, /*uni=*/0, /*remote=*/1, value);
3467
0
    case SSL_VALUE_QUIC_STREAM_UNI_LOCAL_AVAIL:
3468
0
        return qc_get_stream_avail(&ctx, class_, /*uni=*/1, /*remote=*/0, value);
3469
0
    case SSL_VALUE_QUIC_STREAM_UNI_REMOTE_AVAIL:
3470
0
        return qc_get_stream_avail(&ctx, class_, /*uni=*/1, /*remote=*/1, value);
3471
3472
0
    case SSL_VALUE_EVENT_HANDLING_MODE:
3473
0
        return qc_getset_event_handling(&ctx, class_, value, NULL);
3474
3475
0
    case SSL_VALUE_STREAM_WRITE_BUF_SIZE:
3476
0
        return qc_get_stream_write_buf_stat(&ctx, class_, value,
3477
0
                                            ossl_quic_sstream_get_buffer_size);
3478
0
    case SSL_VALUE_STREAM_WRITE_BUF_USED:
3479
0
        return qc_get_stream_write_buf_stat(&ctx, class_, value,
3480
0
                                            ossl_quic_sstream_get_buffer_used);
3481
0
    case SSL_VALUE_STREAM_WRITE_BUF_AVAIL:
3482
0
        return qc_get_stream_write_buf_stat(&ctx, class_, value,
3483
0
                                            ossl_quic_sstream_get_buffer_avail);
3484
3485
0
    default:
3486
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx,
3487
0
                                           SSL_R_UNSUPPORTED_CONFIG_VALUE, NULL);
3488
0
    }
3489
3490
0
    return 1;
3491
0
}
3492
3493
QUIC_TAKES_LOCK
3494
int ossl_quic_set_value_uint(SSL *s, uint32_t class_, uint32_t id,
3495
                             uint64_t value)
3496
0
{
3497
0
    QCTX ctx;
3498
3499
0
    if (!expect_quic_for_value(s, &ctx, id))
3500
0
        return 0;
3501
3502
0
    switch (id) {
3503
0
    case SSL_VALUE_QUIC_IDLE_TIMEOUT:
3504
0
        return qc_getset_idle_timeout(&ctx, class_, NULL, &value);
3505
3506
0
    case SSL_VALUE_EVENT_HANDLING_MODE:
3507
0
        return qc_getset_event_handling(&ctx, class_, NULL, &value);
3508
3509
0
    default:
3510
0
        return QUIC_RAISE_NON_NORMAL_ERROR(&ctx,
3511
0
                                           SSL_R_UNSUPPORTED_CONFIG_VALUE, NULL);
3512
0
    }
3513
3514
0
    return 1;
3515
0
}
3516
3517
/*
3518
 * SSL_accept_stream
3519
 * -----------------
3520
 */
3521
struct wait_for_incoming_stream_args {
3522
    QCTX            *ctx;
3523
    QUIC_STREAM     *qs;
3524
};
3525
3526
QUIC_NEEDS_LOCK
3527
static int wait_for_incoming_stream(void *arg)
3528
0
{
3529
0
    struct wait_for_incoming_stream_args *args = arg;
3530
0
    QUIC_CONNECTION *qc = args->ctx->qc;
3531
0
    QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
3532
3533
0
    if (!quic_mutation_allowed(qc, /*req_active=*/1)) {
3534
        /* If connection is torn down due to an error while blocking, stop. */
3535
0
        QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
3536
0
        return -1;
3537
0
    }
3538
3539
0
    args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
3540
0
    if (args->qs != NULL)
3541
0
        return 1; /* got a stream */
3542
3543
0
    return 0; /* did not get a stream, keep trying */
3544
0
}
3545
3546
QUIC_TAKES_LOCK
3547
SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
3548
0
{
3549
0
    QCTX ctx;
3550
0
    int ret;
3551
0
    SSL *new_s = NULL;
3552
0
    QUIC_STREAM_MAP *qsm;
3553
0
    QUIC_STREAM *qs;
3554
0
    QUIC_XSO *xso;
3555
0
    OSSL_RTT_INFO rtt_info;
3556
3557
0
    if (!expect_quic_conn_only(s, &ctx))
3558
0
        return NULL;
3559
3560
0
    quic_lock(ctx.qc);
3561
3562
0
    if (qc_get_effective_incoming_stream_policy(ctx.qc)
3563
0
        == SSL_INCOMING_STREAM_POLICY_REJECT) {
3564
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
3565
0
        goto out;
3566
0
    }
3567
3568
0
    qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
3569
3570
0
    qs = ossl_quic_stream_map_peek_accept_queue(qsm);
3571
0
    if (qs == NULL) {
3572
0
        if (qc_blocking_mode(ctx.qc)
3573
0
            && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
3574
0
            struct wait_for_incoming_stream_args args;
3575
3576
0
            args.ctx = &ctx;
3577
0
            args.qs = NULL;
3578
3579
0
            ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
3580
0
            if (ret == 0) {
3581
0
                QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
3582
0
                goto out;
3583
0
            } else if (ret < 0 || args.qs == NULL) {
3584
0
                goto out;
3585
0
            }
3586
3587
0
            qs = args.qs;
3588
0
        } else {
3589
0
            goto out;
3590
0
        }
3591
0
    }
3592
3593
0
    xso = create_xso_from_stream(ctx.qc, qs);
3594
0
    if (xso == NULL)
3595
0
        goto out;
3596
3597
0
    ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info);
3598
0
    ossl_quic_stream_map_remove_from_accept_queue(qsm, qs,
3599
0
                                                  rtt_info.smoothed_rtt);
3600
0
    new_s = &xso->ssl;
3601
3602
    /* Calling this function inhibits default XSO autocreation. */
3603
0
    qc_touch_default_xso(ctx.qc); /* inhibits default XSO */
3604
3605
0
out:
3606
0
    quic_unlock(ctx.qc);
3607
0
    return new_s;
3608
0
}
3609
3610
/*
3611
 * SSL_get_accept_stream_queue_len
3612
 * -------------------------------
3613
 */
3614
QUIC_TAKES_LOCK
3615
size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
3616
0
{
3617
0
    QCTX ctx;
3618
0
    size_t v;
3619
3620
0
    if (!expect_quic_conn_only(s, &ctx))
3621
0
        return 0;
3622
3623
0
    quic_lock(ctx.qc);
3624
3625
0
    v = ossl_quic_stream_map_get_total_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
3626
3627
0
    quic_unlock(ctx.qc);
3628
0
    return v;
3629
0
}
3630
3631
/*
3632
 * SSL_stream_reset
3633
 * ----------------
3634
 */
3635
int ossl_quic_stream_reset(SSL *ssl,
3636
                           const SSL_STREAM_RESET_ARGS *args,
3637
                           size_t args_len)
3638
0
{
3639
0
    QCTX ctx;
3640
0
    QUIC_STREAM_MAP *qsm;
3641
0
    QUIC_STREAM *qs;
3642
0
    uint64_t error_code;
3643
0
    int ok, err;
3644
3645
0
    if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, /*io=*/0, &ctx))
3646
0
        return 0;
3647
3648
0
    qsm         = ossl_quic_channel_get_qsm(ctx.qc->ch);
3649
0
    qs          = ctx.xso->stream;
3650
0
    error_code  = (args != NULL ? args->quic_error_code : 0);
3651
3652
0
    if (!quic_validate_for_write(ctx.xso, &err)) {
3653
0
        ok = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
3654
0
        goto err;
3655
0
    }
3656
3657
0
    ok = ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code);
3658
0
    if (ok)
3659
0
        ctx.xso->requested_reset = 1;
3660
3661
0
err:
3662
0
    quic_unlock(ctx.qc);
3663
0
    return ok;
3664
0
}
3665
3666
/*
3667
 * SSL_get_stream_read_state
3668
 * -------------------------
3669
 */
3670
static void quic_classify_stream(QUIC_CONNECTION *qc,
3671
                                 QUIC_STREAM *qs,
3672
                                 int is_write,
3673
                                 int *state,
3674
                                 uint64_t *app_error_code)
3675
0
{
3676
0
    int local_init;
3677
0
    uint64_t final_size;
3678
3679
0
    local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server);
3680
3681
0
    if (app_error_code != NULL)
3682
0
        *app_error_code = UINT64_MAX;
3683
0
    else
3684
0
        app_error_code = &final_size; /* throw away value */
3685
3686
0
    if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) {
3687
        /*
3688
         * Unidirectional stream and this direction of transmission doesn't
3689
         * exist.
3690
         */
3691
0
        *state = SSL_STREAM_STATE_WRONG_DIR;
3692
0
    } else if (ossl_quic_channel_is_term_any(qc->ch)) {
3693
        /* Connection already closed. */
3694
0
        *state = SSL_STREAM_STATE_CONN_CLOSED;
3695
0
    } else if (!is_write && qs->recv_state == QUIC_RSTREAM_STATE_DATA_READ) {
3696
        /* Application has read a FIN. */
3697
0
        *state = SSL_STREAM_STATE_FINISHED;
3698
0
    } else if ((!is_write && qs->stop_sending)
3699
0
               || (is_write && ossl_quic_stream_send_is_reset(qs))) {
3700
        /*
3701
         * Stream has been reset locally. FIN takes precedence over this for the
3702
         * read case as the application need not care if the stream is reset
3703
         * after a FIN has been successfully processed.
3704
         */
3705
0
        *state          = SSL_STREAM_STATE_RESET_LOCAL;
3706
0
        *app_error_code = !is_write
3707
0
            ? qs->stop_sending_aec
3708
0
            : qs->reset_stream_aec;
3709
0
    } else if ((!is_write && ossl_quic_stream_recv_is_reset(qs))
3710
0
               || (is_write && qs->peer_stop_sending)) {
3711
        /*
3712
         * Stream has been reset remotely. */
3713
0
        *state          = SSL_STREAM_STATE_RESET_REMOTE;
3714
0
        *app_error_code = !is_write
3715
0
            ? qs->peer_reset_stream_aec
3716
0
            : qs->peer_stop_sending_aec;
3717
0
    } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream,
3718
0
                                                            &final_size)) {
3719
        /*
3720
         * Stream has been finished. Stream reset takes precedence over this for
3721
         * the write case as peer may not have received all data.
3722
         */
3723
0
        *state = SSL_STREAM_STATE_FINISHED;
3724
0
    } else {
3725
        /* Stream still healthy. */
3726
0
        *state = SSL_STREAM_STATE_OK;
3727
0
    }
3728
0
}
3729
3730
static int quic_get_stream_state(SSL *ssl, int is_write)
3731
0
{
3732
0
    QCTX ctx;
3733
0
    int state;
3734
3735
0
    if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
3736
0
        return SSL_STREAM_STATE_NONE;
3737
3738
0
    quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL);
3739
0
    quic_unlock(ctx.qc);
3740
0
    return state;
3741
0
}
3742
3743
int ossl_quic_get_stream_read_state(SSL *ssl)
3744
0
{
3745
0
    return quic_get_stream_state(ssl, /*is_write=*/0);
3746
0
}
3747
3748
/*
3749
 * SSL_get_stream_write_state
3750
 * --------------------------
3751
 */
3752
int ossl_quic_get_stream_write_state(SSL *ssl)
3753
0
{
3754
0
    return quic_get_stream_state(ssl, /*is_write=*/1);
3755
0
}
3756
3757
/*
3758
 * SSL_get_stream_read_error_code
3759
 * ------------------------------
3760
 */
3761
static int quic_get_stream_error_code(SSL *ssl, int is_write,
3762
                                      uint64_t *app_error_code)
3763
0
{
3764
0
    QCTX ctx;
3765
0
    int state;
3766
3767
0
    if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
3768
0
        return -1;
3769
3770
0
    quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0,
3771
0
                         &state, app_error_code);
3772
3773
0
    quic_unlock(ctx.qc);
3774
0
    switch (state) {
3775
0
        case SSL_STREAM_STATE_FINISHED:
3776
0
             return 0;
3777
0
        case SSL_STREAM_STATE_RESET_LOCAL:
3778
0
        case SSL_STREAM_STATE_RESET_REMOTE:
3779
0
             return 1;
3780
0
        default:
3781
0
             return -1;
3782
0
    }
3783
0
}
3784
3785
int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code)
3786
0
{
3787
0
    return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code);
3788
0
}
3789
3790
/*
3791
 * SSL_get_stream_write_error_code
3792
 * -------------------------------
3793
 */
3794
int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code)
3795
0
{
3796
0
    return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code);
3797
0
}
3798
3799
/*
3800
 * Write buffer size mutation
3801
 * --------------------------
3802
 */
3803
int ossl_quic_set_write_buffer_size(SSL *ssl, size_t size)
3804
0
{
3805
0
    int ret = 0;
3806
0
    QCTX ctx;
3807
3808
0
    if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx))
3809
0
        return 0;
3810
3811
0
    if (!ossl_quic_stream_has_send(ctx.xso->stream)) {
3812
        /* Called on a unidirectional receive-only stream - error. */
3813
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
3814
0
        goto out;
3815
0
    }
3816
3817
0
    if (!ossl_quic_stream_has_send_buffer(ctx.xso->stream)) {
3818
        /*
3819
         * If the stream has a send part but we have disposed of it because we
3820
         * no longer need it, this is a no-op.
3821
         */
3822
0
        ret = 1;
3823
0
        goto out;
3824
0
    }
3825
3826
0
    if (!ossl_quic_sstream_set_buffer_size(ctx.xso->stream->sstream, size)) {
3827
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
3828
0
        goto out;
3829
0
    }
3830
3831
0
    ret = 1;
3832
3833
0
out:
3834
0
    quic_unlock(ctx.qc);
3835
0
    return ret;
3836
0
}
3837
3838
/*
3839
 * SSL_get_conn_close_info
3840
 * -----------------------
3841
 */
3842
int ossl_quic_get_conn_close_info(SSL *ssl,
3843
                                  SSL_CONN_CLOSE_INFO *info,
3844
                                  size_t info_len)
3845
0
{
3846
0
    QCTX ctx;
3847
0
    const QUIC_TERMINATE_CAUSE *tc;
3848
3849
0
    if (!expect_quic_conn_only(ssl, &ctx))
3850
0
        return -1;
3851
3852
0
    tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
3853
0
    if (tc == NULL)
3854
0
        return 0;
3855
3856
0
    info->error_code    = tc->error_code;
3857
0
    info->frame_type    = tc->frame_type;
3858
0
    info->reason        = tc->reason;
3859
0
    info->reason_len    = tc->reason_len;
3860
0
    info->flags         = 0;
3861
0
    if (!tc->remote)
3862
0
        info->flags |= SSL_CONN_CLOSE_FLAG_LOCAL;
3863
0
    if (!tc->app)
3864
0
        info->flags |= SSL_CONN_CLOSE_FLAG_TRANSPORT;
3865
0
    return 1;
3866
0
}
3867
3868
/*
3869
 * SSL_key_update
3870
 * --------------
3871
 */
3872
int ossl_quic_key_update(SSL *ssl, int update_type)
3873
0
{
3874
0
    QCTX ctx;
3875
3876
0
    if (!expect_quic_conn_only(ssl, &ctx))
3877
0
        return 0;
3878
3879
0
    switch (update_type) {
3880
0
    case SSL_KEY_UPDATE_NOT_REQUESTED:
3881
        /*
3882
         * QUIC signals peer key update implicily by triggering a local
3883
         * spontaneous TXKU. Silently upgrade this to SSL_KEY_UPDATE_REQUESTED.
3884
         */
3885
0
    case SSL_KEY_UPDATE_REQUESTED:
3886
0
        break;
3887
3888
0
    default:
3889
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
3890
0
        return 0;
3891
0
    }
3892
3893
0
    quic_lock(ctx.qc);
3894
3895
    /* Attempt to perform a TXKU. */
3896
0
    if (!ossl_quic_channel_trigger_txku(ctx.qc->ch)) {
3897
0
        QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_TOO_MANY_KEY_UPDATES, NULL);
3898
0
        quic_unlock(ctx.qc);
3899
0
        return 0;
3900
0
    }
3901
3902
0
    quic_unlock(ctx.qc);
3903
0
    return 1;
3904
0
}
3905
3906
/*
3907
 * SSL_get_key_update_type
3908
 * -----------------------
3909
 */
3910
int ossl_quic_get_key_update_type(const SSL *s)
3911
0
{
3912
    /*
3913
     * We always handle key updates immediately so a key update is never
3914
     * pending.
3915
     */
3916
0
    return SSL_KEY_UPDATE_NONE;
3917
0
}
3918
3919
/*
3920
 * QUIC Front-End I/O API: SSL_CTX Management
3921
 * ==========================================
3922
 */
3923
3924
long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3925
0
{
3926
0
    switch (cmd) {
3927
0
    default:
3928
0
        return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
3929
0
    }
3930
0
}
3931
3932
long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3933
0
{
3934
0
    QCTX ctx;
3935
3936
0
    if (!expect_quic_conn_only(s, &ctx))
3937
0
        return 0;
3938
3939
0
    switch (cmd) {
3940
0
    case SSL_CTRL_SET_MSG_CALLBACK:
3941
0
        ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp,
3942
0
                                           &ctx.qc->ssl);
3943
        /* This callback also needs to be set on the internal SSL object */
3944
0
        return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);;
3945
3946
0
    default:
3947
        /* Probably a TLS related ctrl. Defer to our internal SSL object */
3948
0
        return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);
3949
0
    }
3950
0
}
3951
3952
long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3953
0
{
3954
0
    return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
3955
0
}
3956
3957
int ossl_quic_renegotiate_check(SSL *ssl, int initok)
3958
0
{
3959
    /* We never do renegotiation. */
3960
0
    return 0;
3961
0
}
3962
3963
const SSL_CIPHER *ossl_quic_get_cipher_by_char(const unsigned char *p)
3964
0
{
3965
0
    const SSL_CIPHER *ciph = ssl3_get_cipher_by_char(p);
3966
3967
0
    if ((ciph->algorithm2 & SSL_QUIC) == 0)
3968
0
        return NULL;
3969
3970
0
    return ciph;
3971
0
}
3972
3973
/*
3974
 * These functions define the TLSv1.2 (and below) ciphers that are supported by
3975
 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
3976
 */
3977
3978
int ossl_quic_num_ciphers(void)
3979
0
{
3980
0
    return 0;
3981
0
}
3982
3983
const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
3984
0
{
3985
0
    return NULL;
3986
0
}
3987
3988
/*
3989
 * SSL_get_shutdown()
3990
 * ------------------
3991
 */
3992
int ossl_quic_get_shutdown(const SSL *s)
3993
0
{
3994
0
    QCTX ctx;
3995
0
    int shut = 0;
3996
3997
0
    if (!expect_quic_conn_only(s, &ctx))
3998
0
        return 0;
3999
4000
0
    if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
4001
0
        shut |= SSL_SENT_SHUTDOWN;
4002
0
        if (!ossl_quic_channel_is_closing(ctx.qc->ch))
4003
0
            shut |= SSL_RECEIVED_SHUTDOWN;
4004
0
    }
4005
4006
0
    return shut;
4007
0
}
4008
4009
/*
4010
 * QUIC Polling Support APIs
4011
 * =========================
4012
 */
4013
4014
/* Do we have the R (read) condition? */
4015
QUIC_NEEDS_LOCK
4016
static int test_poll_event_r(QUIC_XSO *xso)
4017
0
{
4018
0
    int fin = 0;
4019
0
    size_t avail = 0;
4020
4021
0
    return ossl_quic_stream_has_recv_buffer(xso->stream)
4022
0
        && ossl_quic_rstream_available(xso->stream->rstream, &avail, &fin)
4023
0
        && (avail > 0 || (fin && !xso->retired_fin));
4024
0
}
4025
4026
/* Do we have the ER (exception: read) condition? */
4027
QUIC_NEEDS_LOCK
4028
static int test_poll_event_er(QUIC_XSO *xso)
4029
0
{
4030
0
    return ossl_quic_stream_has_recv(xso->stream)
4031
0
        && ossl_quic_stream_recv_is_reset(xso->stream)
4032
0
        && !xso->retired_fin;
4033
0
}
4034
4035
/* Do we have the W (write) condition? */
4036
QUIC_NEEDS_LOCK
4037
static int test_poll_event_w(QUIC_XSO *xso)
4038
0
{
4039
0
    return !xso->conn->shutting_down
4040
0
        && ossl_quic_stream_has_send_buffer(xso->stream)
4041
0
        && ossl_quic_sstream_get_buffer_avail(xso->stream->sstream)
4042
0
        && !ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL)
4043
0
        && quic_mutation_allowed(xso->conn, /*req_active=*/1);
4044
0
}
4045
4046
/* Do we have the EW (exception: write) condition? */
4047
QUIC_NEEDS_LOCK
4048
static int test_poll_event_ew(QUIC_XSO *xso)
4049
0
{
4050
0
    return ossl_quic_stream_has_send(xso->stream)
4051
0
        && xso->stream->peer_stop_sending
4052
0
        && !xso->requested_reset
4053
0
        && !xso->conn->shutting_down;
4054
0
}
4055
4056
/* Do we have the EC (exception: connection) condition? */
4057
QUIC_NEEDS_LOCK
4058
static int test_poll_event_ec(QUIC_CONNECTION *qc)
4059
0
{
4060
0
    return ossl_quic_channel_is_term_any(qc->ch);
4061
0
}
4062
4063
/* Do we have the ECD (exception: connection drained) condition? */
4064
QUIC_NEEDS_LOCK
4065
static int test_poll_event_ecd(QUIC_CONNECTION *qc)
4066
0
{
4067
0
    return ossl_quic_channel_is_terminated(qc->ch);
4068
0
}
4069
4070
/* Do we have the IS (incoming: stream) condition? */
4071
QUIC_NEEDS_LOCK
4072
static int test_poll_event_is(QUIC_CONNECTION *qc, int is_uni)
4073
0
{
4074
0
    return ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(qc->ch),
4075
0
                                                     is_uni);
4076
0
}
4077
4078
/* Do we have the OS (outgoing: stream) condition? */
4079
QUIC_NEEDS_LOCK
4080
static int test_poll_event_os(QUIC_CONNECTION *qc, int is_uni)
4081
0
{
4082
    /* Is it currently possible for us to make an outgoing stream? */
4083
0
    return quic_mutation_allowed(qc, /*req_active=*/1)
4084
0
        && ossl_quic_channel_get_local_stream_count_avail(qc->ch, is_uni) > 0;
4085
0
}
4086
4087
QUIC_TAKES_LOCK
4088
int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick,
4089
                               uint64_t *p_revents)
4090
0
{
4091
0
    QCTX ctx;
4092
0
    uint64_t revents = 0;
4093
4094
0
    if (!expect_quic(ssl, &ctx))
4095
0
        return 0;
4096
4097
0
    quic_lock(ctx.qc);
4098
4099
0
    if (do_tick)
4100
0
        ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
4101
4102
0
    if (ctx.xso != NULL) {
4103
        /* SSL object has a stream component. */
4104
4105
0
        if ((events & SSL_POLL_EVENT_R) != 0
4106
0
            && test_poll_event_r(ctx.xso))
4107
0
            revents |= SSL_POLL_EVENT_R;
4108
4109
0
        if ((events & SSL_POLL_EVENT_ER) != 0
4110
0
            && test_poll_event_er(ctx.xso))
4111
0
            revents |= SSL_POLL_EVENT_ER;
4112
4113
0
        if ((events & SSL_POLL_EVENT_W) != 0
4114
0
            && test_poll_event_w(ctx.xso))
4115
0
            revents |= SSL_POLL_EVENT_W;
4116
4117
0
        if ((events & SSL_POLL_EVENT_EW) != 0
4118
0
            && test_poll_event_ew(ctx.xso))
4119
0
            revents |= SSL_POLL_EVENT_EW;
4120
0
    }
4121
4122
0
    if (!ctx.is_stream) {
4123
0
        if ((events & SSL_POLL_EVENT_EC) != 0
4124
0
            && test_poll_event_ec(ctx.qc))
4125
0
            revents |= SSL_POLL_EVENT_EC;
4126
4127
0
        if ((events & SSL_POLL_EVENT_ECD) != 0
4128
0
            && test_poll_event_ecd(ctx.qc))
4129
0
            revents |= SSL_POLL_EVENT_ECD;
4130
4131
0
        if ((events & SSL_POLL_EVENT_ISB) != 0
4132
0
            && test_poll_event_is(ctx.qc, /*uni=*/0))
4133
0
            revents |= SSL_POLL_EVENT_ISB;
4134
4135
0
        if ((events & SSL_POLL_EVENT_ISU) != 0
4136
0
            && test_poll_event_is(ctx.qc, /*uni=*/1))
4137
0
            revents |= SSL_POLL_EVENT_ISU;
4138
4139
0
        if ((events & SSL_POLL_EVENT_OSB) != 0
4140
0
            && test_poll_event_os(ctx.qc, /*uni=*/0))
4141
0
            revents |= SSL_POLL_EVENT_OSB;
4142
4143
0
        if ((events & SSL_POLL_EVENT_OSU) != 0
4144
0
            && test_poll_event_os(ctx.qc, /*uni=*/1))
4145
0
            revents |= SSL_POLL_EVENT_OSU;
4146
0
    }
4147
4148
0
    quic_unlock(ctx.qc);
4149
0
    *p_revents = revents;
4150
0
    return 1;
4151
0
}
4152
4153
/*
4154
 * Internal Testing APIs
4155
 * =====================
4156
 */
4157
4158
QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s)
4159
0
{
4160
0
    QCTX ctx;
4161
4162
0
    if (!expect_quic_conn_only(s, &ctx))
4163
0
        return NULL;
4164
4165
0
    return ctx.qc->ch;
4166
0
}
4167
4168
int ossl_quic_set_diag_title(SSL_CTX *ctx, const char *title)
4169
0
{
4170
0
#ifndef OPENSSL_NO_QLOG
4171
0
    OPENSSL_free(ctx->qlog_title);
4172
0
    ctx->qlog_title = NULL;
4173
4174
0
    if (title == NULL)
4175
0
        return 1;
4176
4177
0
    if ((ctx->qlog_title = OPENSSL_strdup(title)) == NULL)
4178
0
        return 0;
4179
0
#endif
4180
4181
0
    return 1;
4182
0
}