Lines Matching +full:stream +full:- +full:mode +full:- +full:support
1 .\" -*- mode: troff; coding: utf-8 -*-
57 .IX Title "OPENSSL-QUIC 7ossl"
58 .TH OPENSSL-QUIC 7ossl 2025-09-30 3.5.4 OpenSSL
64 openssl\-quic \- OpenSSL QUIC
67 OpenSSL 3.2 and later features support for the QUIC transport protocol.
75 support in. QUIC clients can use \fBOSSL_QUIC_client_method\fR\|(3) or
82 Default stream mode versus multi-stream mode for clients;
84 The changes to existing libssl APIs which are driven by QUIC-related
92 New, QUIC-specific APIs.
96 stream mode, which is intended to provide compatibility with existing non-QUIC
97 application usage patterns. In this mode, the connection has a single stream
99 connection SSL object read and write from that stream. Whether the stream is
100 client-initiated or server-initiated from a QUIC perspective depends on whether
103 Default stream mode is primarily for compatibility with existing applications.
104 For new applications utilizing QUIC, it's recommended to disable this mode and
105 instead adopt the multi-stream API. See the RECOMMENDATIONS FOR NEW APPLICATIONS
107 .SS "Default Stream Mode"
108 .IX Subsection "Default Stream Mode"
109 A QUIC client connection can be used in either default stream mode or
110 multi-stream mode. By default, a newly created QUIC connection SSL object uses
111 default stream mode.
113 In default stream mode, a stream is implicitly created and bound to the QUIC
115 connection SSL object work by default and are mapped to that stream.
117 When default stream mode is used, any API function which can be called on a QUIC
118 stream SSL object can also be called on a QUIC connection SSL object, in which
119 case it affects the default stream bound to the connection.
121 The identity of a QUIC stream, including its stream ID, varies depending on
122 whether a stream is client-initiated or server-initiated. In default stream
123 mode, if a client application calls \fBSSL_read\fR\|(3) first before any call to
125 is using a server-initiated stream, and the \fBSSL_read\fR\|(3) call will not
126 complete (either blocking, or failing appropriately if nonblocking mode is
127 configured) until the server initiates a stream. Conversely, if the client
129 connection, it is assumed that a client-initiated stream is to be used
130 and such a stream is created automatically.
132 Default stream mode is intended to aid compatibility with legacy applications.
133 New applications adopting QUIC should use multi-stream mode, described below,
134 and avoid use of the default stream functionality.
136 It is possible to use additional streams in default stream mode using
138 stream policy will need to be changed using \fBSSL_set_incoming_stream_policy\fR\|(3)
140 using additional streams are strongly recommended to use multi-stream mode
143 Calling \fBSSL_new_stream\fR\|(3) or \fBSSL_accept_stream\fR\|(3) before a default stream
145 creation of a default stream.
146 .SS "Multi-Stream Mode"
147 .IX Subsection "Multi-Stream Mode"
148 The recommended usage mode for new applications adopting QUIC is multi-stream
149 mode, in which no default stream is attached to the QUIC connection SSL object
152 \&\fBSSL_accept_stream\fR\|(3) to create individual stream SSL objects for sending and
155 To use multi-stream mode, call \fBSSL_set_default_stream_mode\fR\|(3) with an
157 to initiating the connection. The default stream mode cannot be changed after
160 When multi-stream mode is used, meaning that no default stream is associated
162 QUIC stream fail if called on the QUIC connection SSL object. For example, calls
179 \&\fBBIO_s_dgram_pair\fR\|(3) provides BIO pair-like functionality but with datagram
183 \&\fBBIO_s_dgram_mem\fR\|(3) provides a simple memory BIO-like interface but with
197 Traditionally, whether the application-level I/O APIs (such as \fBSSL_read\fR\|(3)
201 application-level blocking mode using \fBSSL_set_blocking_mode\fR\|(3). See
204 Network-level I/O must always be performed in a nonblocking manner. The
205 application can still enjoy blocking semantics for calls to application-level
208 in nonblocking mode. For application-level blocking functionality, see
220 RFC-conformant QUIC shutdown process may take an extended amount of time. This
221 may not be suitable for short-lived processes which should exit immediately
222 after their usage of a QUIC connection is completed. A rapid shutdown mode
227 reflect the flow control state of the QUIC stream associated with the SSL
230 When used in nonblocking mode, \fBSSL_ERROR_WANT_READ\fR indicates that the
231 receive part of a QUIC stream does not currently have any more data available to
232 be read, and \fBSSL_ERROR_WANT_WRITE\fR indicates that the stream's internal buffer
240 loops need to use these functions; see \fBAPPLICATION-DRIVEN EVENT LOOPS\fR for
247 Whether QUIC operates in a client or server mode is determined by the
267 \&\fBSSL_stateless\fR\|(3) support
276 Post-Handshake Client Authentication is not available as QUIC prohibits its use.
285 CCM mode is not currently supported.
290 but calls to the relevant functions are treated as no-ops:
304 \&\fBTHREAD ASSISTED MODE\fR.
317 using QUIC. The socket must be configured in nonblocking mode. You may or may
319 address; see the \fBQUIC-SPECIFIC APIS\fR section for details.
348 Changes needed: The custom BIO must be re-architected to have datagram
359 in blocking mode or not. Traditionally, an SSL object has automatically operated
360 in blocking or nonblocking mode based on whether the underlying network BIO
361 operates in blocking or nonblocking mode. QUIC requires the use of a
362 nonblocking network BIO, therefore the blocking mode at the application level
364 \&\fBSSL_set_blocking_mode\fR\|(3) API. The default mode is blocking. If an application
366 it must add a call to \fBSSL_set_blocking_mode\fR\|(3) to disable blocking mode.
368 If your client application does not choose to use thread assisted mode, it must
371 regularly. If the SSL object is used in blocking mode, an ongoing blocking call
388 Client applications which use thread assisted mode do not need to be concerned
390 are handled in a timely manner. See \fBTHREAD ASSISTED MODE\fR for details.
395 QUIC stream to receive or provide application data, not to to determine if
401 \&\fBSSL_shutdown_ex\fR\|(3) API instead. See \fBQUIC-SPECIFIC APIS\fR for details.
411 to manage its own polling and event loop; see \fBAPPLICATION-DRIVEN EVENT LOOPS\fR.
421 Whether thread assisted mode will be used (see \fBTHREAD ASSISTED MODE\fR).
426 Applications which wish to implement QUIC-specific protocols should be aware of
427 the APIs listed under \fBQUIC-SPECIFIC APIS\fR which provide access to
428 QUIC-specific functionality. For example, \fBSSL_stream_conclude\fR\|(3) can be used
429 to indicate the end of the sending part of a stream, and \fBSSL_shutdown_ex\fR\|(3)
433 applications avoid use of the default stream mode and use the multi-stream API
436 .SH "QUIC-SPECIFIC APIS"
437 .IX Header "QUIC-SPECIFIC APIS"
452 This is a non-specific I/O operation which makes a best effort attempt to
468 in a protocol-agnostic manner.
471 client-only usage. The listener interface may expand to support additional
476 \&\fIssl\fR. See \fBSSL_new_domain\fR\|(3) and \fBopenssl\-quic\-concurrency\fR\|(7) for details
495 nonblocking mode, NULL is returned.
511 detail in \fBopenssl\-quic\-concurrency\fR\|(7).
526 These functions facilitate operation in nonblocking mode.
539 These functions facilitate operation in nonblocking mode and are used in
557 QUIC stream. This corresponds to the FIN flag in the QUIC RFC. The receiving
558 part of a stream remains usable.
561 This allows an application to indicate the non-normal termination of the sending
562 part of a stream. This corresponds to the RESET_STREAM frame in the QUIC RFC.
565 This allows an application to determine the current stream states for the
566 sending and receiving parts of a stream respectively.
570 signalled by a peer which has performed a non-normal stream termination of the
571 respective sending or receiving part of a stream, if any.
578 Gets the QUIC connection SSL object from a QUIC stream SSL object.
581 Returns 1 if an SSL object is not a QUIC stream SSL object.
584 Provides information on the kind of QUIC stream which is attached
588 Returns the QUIC stream ID which the QUIC protocol has associated with a QUIC
589 stream.
592 Creates a new QUIC stream SSL object representing a new, locally-initiated QUIC
593 stream.
596 Potentially yields a new QUIC stream SSL object representing a new
597 remotely-initiated QUIC stream, blocking until one is available if the
601 Provides information on the number of pending remotely-initiated streams.
604 Configures how incoming, remotely-initiated streams are handled. The incoming
605 stream policy can be used to automatically reject streams created by the peer,
609 Used to configure or disable default stream mode; see the MODES OF OPERATION
613 facilitate QUIC-specific requirements and are closely associated with its use:
631 sockets being used with datagram semantics. This allows an alternative mode
644 Local addressing support refers to the ability of a BIO with datagram semantics
647 BIO can support local addressing and to enable local addressing support if it
653 .SH "THREAD ASSISTED MODE"
654 .IX Header "THREAD ASSISTED MODE"
655 The optional thread assisted mode for clients can be used with
656 \&\fBOSSL_QUIC_client_thread_method\fR\|(3). In this mode, a background thread is
668 threading support is not available or not supported by OpenSSL. However, it
669 does provide the simplest mode of usage for an application.
673 .SH "APPLICATION-DRIVEN EVENT LOOPS"
674 .IX Header "APPLICATION-DRIVEN EVENT LOOPS"
699 It should configure the SSL object into nonblocking mode by calling
772 Copyright 2022\-2025 The OpenSSL Project Authors. All Rights Reserved.