1*e7be843bSPierre Pronchery /*
2*e7be843bSPierre Pronchery * Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
3*e7be843bSPierre Pronchery *
4*e7be843bSPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use
5*e7be843bSPierre Pronchery * this file except in compliance with the License. You can obtain a copy
6*e7be843bSPierre Pronchery * in the file LICENSE in the source distribution or at
7*e7be843bSPierre Pronchery * https://www.openssl.org/source/license.html
8*e7be843bSPierre Pronchery */
9*e7be843bSPierre Pronchery #include <openssl/err.h>
10*e7be843bSPierre Pronchery #include <openssl/ssl.h>
11*e7be843bSPierre Pronchery #include <openssl/quic.h>
12*e7be843bSPierre Pronchery #ifdef _WIN32 /* Windows */
13*e7be843bSPierre Pronchery # include <winsock2.h>
14*e7be843bSPierre Pronchery #else /* Linux/Unix */
15*e7be843bSPierre Pronchery # include <netinet/in.h>
16*e7be843bSPierre Pronchery # include <unistd.h>
17*e7be843bSPierre Pronchery #endif
18*e7be843bSPierre Pronchery #include <assert.h>
19*e7be843bSPierre Pronchery
20*e7be843bSPierre Pronchery /*
21*e7be843bSPierre Pronchery * This is a basic demo of QUIC server functionality in which one connection at
22*e7be843bSPierre Pronchery * a time is accepted in a blocking loop.
23*e7be843bSPierre Pronchery */
24*e7be843bSPierre Pronchery
25*e7be843bSPierre Pronchery /* ALPN string for TLS handshake */
26*e7be843bSPierre Pronchery static const unsigned char alpn_ossltest[] = {
27*e7be843bSPierre Pronchery /* "\x08ossltest" (hex for EBCDIC resilience) */
28*e7be843bSPierre Pronchery 0x08, 0x6f, 0x73, 0x73, 0x6c, 0x74, 0x65, 0x73, 0x74
29*e7be843bSPierre Pronchery };
30*e7be843bSPierre Pronchery
31*e7be843bSPierre Pronchery /* This callback validates and negotiates the desired ALPN on the server side. */
select_alpn(SSL * ssl,const unsigned char ** out,unsigned char * out_len,const unsigned char * in,unsigned int in_len,void * arg)32*e7be843bSPierre Pronchery static int select_alpn(SSL *ssl,
33*e7be843bSPierre Pronchery const unsigned char **out, unsigned char *out_len,
34*e7be843bSPierre Pronchery const unsigned char *in, unsigned int in_len,
35*e7be843bSPierre Pronchery void *arg)
36*e7be843bSPierre Pronchery {
37*e7be843bSPierre Pronchery if (SSL_select_next_proto((unsigned char **)out, out_len,
38*e7be843bSPierre Pronchery alpn_ossltest, sizeof(alpn_ossltest), in, in_len)
39*e7be843bSPierre Pronchery != OPENSSL_NPN_NEGOTIATED)
40*e7be843bSPierre Pronchery return SSL_TLSEXT_ERR_ALERT_FATAL;
41*e7be843bSPierre Pronchery
42*e7be843bSPierre Pronchery return SSL_TLSEXT_ERR_OK;
43*e7be843bSPierre Pronchery }
44*e7be843bSPierre Pronchery
45*e7be843bSPierre Pronchery /* Create SSL_CTX. */
create_ctx(const char * cert_path,const char * key_path)46*e7be843bSPierre Pronchery static SSL_CTX *create_ctx(const char *cert_path, const char *key_path)
47*e7be843bSPierre Pronchery {
48*e7be843bSPierre Pronchery SSL_CTX *ctx;
49*e7be843bSPierre Pronchery
50*e7be843bSPierre Pronchery ctx = SSL_CTX_new(OSSL_QUIC_server_method());
51*e7be843bSPierre Pronchery if (ctx == NULL)
52*e7be843bSPierre Pronchery goto err;
53*e7be843bSPierre Pronchery
54*e7be843bSPierre Pronchery /* Load certificate and corresponding private key. */
55*e7be843bSPierre Pronchery if (SSL_CTX_use_certificate_chain_file(ctx, cert_path) <= 0) {
56*e7be843bSPierre Pronchery fprintf(stderr, "couldn't load certificate file: %s\n", cert_path);
57*e7be843bSPierre Pronchery goto err;
58*e7be843bSPierre Pronchery }
59*e7be843bSPierre Pronchery
60*e7be843bSPierre Pronchery if (SSL_CTX_use_PrivateKey_file(ctx, key_path, SSL_FILETYPE_PEM) <= 0) {
61*e7be843bSPierre Pronchery fprintf(stderr, "couldn't load key file: %s\n", key_path);
62*e7be843bSPierre Pronchery goto err;
63*e7be843bSPierre Pronchery }
64*e7be843bSPierre Pronchery
65*e7be843bSPierre Pronchery if (!SSL_CTX_check_private_key(ctx)) {
66*e7be843bSPierre Pronchery fprintf(stderr, "private key check failed\n");
67*e7be843bSPierre Pronchery goto err;
68*e7be843bSPierre Pronchery }
69*e7be843bSPierre Pronchery
70*e7be843bSPierre Pronchery /* Setup ALPN negotiation callback. */
71*e7be843bSPierre Pronchery SSL_CTX_set_alpn_select_cb(ctx, select_alpn, NULL);
72*e7be843bSPierre Pronchery return ctx;
73*e7be843bSPierre Pronchery
74*e7be843bSPierre Pronchery err:
75*e7be843bSPierre Pronchery SSL_CTX_free(ctx);
76*e7be843bSPierre Pronchery return NULL;
77*e7be843bSPierre Pronchery }
78*e7be843bSPierre Pronchery
79*e7be843bSPierre Pronchery /* Create UDP socket using given port. */
create_socket(uint16_t port)80*e7be843bSPierre Pronchery static int create_socket(uint16_t port)
81*e7be843bSPierre Pronchery {
82*e7be843bSPierre Pronchery int fd = -1;
83*e7be843bSPierre Pronchery struct sockaddr_in sa = {0};
84*e7be843bSPierre Pronchery
85*e7be843bSPierre Pronchery if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
86*e7be843bSPierre Pronchery fprintf(stderr, "cannot create socket");
87*e7be843bSPierre Pronchery goto err;
88*e7be843bSPierre Pronchery }
89*e7be843bSPierre Pronchery
90*e7be843bSPierre Pronchery sa.sin_family = AF_INET;
91*e7be843bSPierre Pronchery sa.sin_port = htons(port);
92*e7be843bSPierre Pronchery
93*e7be843bSPierre Pronchery if (bind(fd, (const struct sockaddr *)&sa, sizeof(sa)) < 0) {
94*e7be843bSPierre Pronchery fprintf(stderr, "cannot bind to %u\n", port);
95*e7be843bSPierre Pronchery goto err;
96*e7be843bSPierre Pronchery }
97*e7be843bSPierre Pronchery
98*e7be843bSPierre Pronchery return fd;
99*e7be843bSPierre Pronchery
100*e7be843bSPierre Pronchery err:
101*e7be843bSPierre Pronchery if (fd >= 0)
102*e7be843bSPierre Pronchery BIO_closesocket(fd);
103*e7be843bSPierre Pronchery
104*e7be843bSPierre Pronchery return -1;
105*e7be843bSPierre Pronchery }
106*e7be843bSPierre Pronchery
107*e7be843bSPierre Pronchery /* Main loop for servicing a single incoming QUIC connection. */
run_quic_conn(SSL * conn)108*e7be843bSPierre Pronchery static int run_quic_conn(SSL *conn)
109*e7be843bSPierre Pronchery {
110*e7be843bSPierre Pronchery size_t written = 0;
111*e7be843bSPierre Pronchery
112*e7be843bSPierre Pronchery fprintf(stderr, "=> Received connection\n");
113*e7be843bSPierre Pronchery
114*e7be843bSPierre Pronchery /*
115*e7be843bSPierre Pronchery * Write the message "hello" on the connection using a default stream
116*e7be843bSPierre Pronchery * and then immediately conclude the stream (end-of-stream). This
117*e7be843bSPierre Pronchery * demonstrates the use of SSL_write_ex2 for optimised FIN generation.
118*e7be843bSPierre Pronchery *
119*e7be843bSPierre Pronchery * Since we inherit our blocking mode from the parent QUIC SSL object (the
120*e7be843bSPierre Pronchery * listener) by default, this call is also blocking.
121*e7be843bSPierre Pronchery */
122*e7be843bSPierre Pronchery if (!SSL_write_ex2(conn, "hello\n", 6, SSL_WRITE_FLAG_CONCLUDE, &written)
123*e7be843bSPierre Pronchery || written != 6) {
124*e7be843bSPierre Pronchery fprintf(stderr, "couldn't write on connection\n");
125*e7be843bSPierre Pronchery ERR_print_errors_fp(stderr);
126*e7be843bSPierre Pronchery return 0;
127*e7be843bSPierre Pronchery }
128*e7be843bSPierre Pronchery
129*e7be843bSPierre Pronchery /* Shut down the connection (blocking). */
130*e7be843bSPierre Pronchery if (SSL_shutdown(conn) != 1) {
131*e7be843bSPierre Pronchery ERR_print_errors_fp(stderr);
132*e7be843bSPierre Pronchery return 0;
133*e7be843bSPierre Pronchery }
134*e7be843bSPierre Pronchery
135*e7be843bSPierre Pronchery fprintf(stderr, "=> Finished with connection\n");
136*e7be843bSPierre Pronchery return 1;
137*e7be843bSPierre Pronchery }
138*e7be843bSPierre Pronchery
139*e7be843bSPierre Pronchery /* Main loop for server to accept QUIC connections. */
run_quic_server(SSL_CTX * ctx,int fd)140*e7be843bSPierre Pronchery static int run_quic_server(SSL_CTX *ctx, int fd)
141*e7be843bSPierre Pronchery {
142*e7be843bSPierre Pronchery int ok = 0;
143*e7be843bSPierre Pronchery SSL *listener = NULL, *conn = NULL;
144*e7be843bSPierre Pronchery
145*e7be843bSPierre Pronchery /* Create a new QUIC listener. */
146*e7be843bSPierre Pronchery if ((listener = SSL_new_listener(ctx, 0)) == NULL)
147*e7be843bSPierre Pronchery goto err;
148*e7be843bSPierre Pronchery
149*e7be843bSPierre Pronchery /* Provide the listener with our UDP socket. */
150*e7be843bSPierre Pronchery if (!SSL_set_fd(listener, fd))
151*e7be843bSPierre Pronchery goto err;
152*e7be843bSPierre Pronchery
153*e7be843bSPierre Pronchery /* Begin listening. */
154*e7be843bSPierre Pronchery if (!SSL_listen(listener))
155*e7be843bSPierre Pronchery goto err;
156*e7be843bSPierre Pronchery
157*e7be843bSPierre Pronchery /*
158*e7be843bSPierre Pronchery * Listeners, and other QUIC objects, default to operating in blocking mode,
159*e7be843bSPierre Pronchery * so the below call is not actually necessary. The configured behaviour is
160*e7be843bSPierre Pronchery * inherited by child objects.
161*e7be843bSPierre Pronchery */
162*e7be843bSPierre Pronchery if (!SSL_set_blocking_mode(listener, 1))
163*e7be843bSPierre Pronchery goto err;
164*e7be843bSPierre Pronchery
165*e7be843bSPierre Pronchery for (;;) {
166*e7be843bSPierre Pronchery /* Blocking wait for an incoming connection, similar to accept(2). */
167*e7be843bSPierre Pronchery conn = SSL_accept_connection(listener, 0);
168*e7be843bSPierre Pronchery if (conn == NULL) {
169*e7be843bSPierre Pronchery fprintf(stderr, "error while accepting connection\n");
170*e7be843bSPierre Pronchery goto err;
171*e7be843bSPierre Pronchery }
172*e7be843bSPierre Pronchery
173*e7be843bSPierre Pronchery /*
174*e7be843bSPierre Pronchery * Optionally, we could disable blocking mode on the accepted connection
175*e7be843bSPierre Pronchery * here by calling SSL_set_blocking_mode().
176*e7be843bSPierre Pronchery */
177*e7be843bSPierre Pronchery
178*e7be843bSPierre Pronchery /*
179*e7be843bSPierre Pronchery * Service the connection. In a real application this would be done
180*e7be843bSPierre Pronchery * concurrently. In this demonstration program a single connection is
181*e7be843bSPierre Pronchery * accepted and serviced at a time.
182*e7be843bSPierre Pronchery */
183*e7be843bSPierre Pronchery if (!run_quic_conn(conn)) {
184*e7be843bSPierre Pronchery SSL_free(conn);
185*e7be843bSPierre Pronchery goto err;
186*e7be843bSPierre Pronchery }
187*e7be843bSPierre Pronchery
188*e7be843bSPierre Pronchery /* Free the connection, then loop again, accepting another connection. */
189*e7be843bSPierre Pronchery SSL_free(conn);
190*e7be843bSPierre Pronchery }
191*e7be843bSPierre Pronchery
192*e7be843bSPierre Pronchery ok = 1;
193*e7be843bSPierre Pronchery err:
194*e7be843bSPierre Pronchery if (!ok)
195*e7be843bSPierre Pronchery ERR_print_errors_fp(stderr);
196*e7be843bSPierre Pronchery
197*e7be843bSPierre Pronchery SSL_free(listener);
198*e7be843bSPierre Pronchery return ok;
199*e7be843bSPierre Pronchery }
200*e7be843bSPierre Pronchery
main(int argc,char ** argv)201*e7be843bSPierre Pronchery int main(int argc, char **argv)
202*e7be843bSPierre Pronchery {
203*e7be843bSPierre Pronchery int rc = 1;
204*e7be843bSPierre Pronchery SSL_CTX *ctx = NULL;
205*e7be843bSPierre Pronchery int fd = -1;
206*e7be843bSPierre Pronchery unsigned long port;
207*e7be843bSPierre Pronchery
208*e7be843bSPierre Pronchery if (argc < 4) {
209*e7be843bSPierre Pronchery fprintf(stderr, "usage: %s <port> <server.crt> <server.key>\n", argv[0]);
210*e7be843bSPierre Pronchery goto err;
211*e7be843bSPierre Pronchery }
212*e7be843bSPierre Pronchery
213*e7be843bSPierre Pronchery /* Create SSL_CTX. */
214*e7be843bSPierre Pronchery if ((ctx = create_ctx(argv[2], argv[3])) == NULL)
215*e7be843bSPierre Pronchery goto err;
216*e7be843bSPierre Pronchery
217*e7be843bSPierre Pronchery /* Parse port number from command line arguments. */
218*e7be843bSPierre Pronchery port = strtoul(argv[1], NULL, 0);
219*e7be843bSPierre Pronchery if (port == 0 || port > UINT16_MAX) {
220*e7be843bSPierre Pronchery fprintf(stderr, "invalid port: %lu\n", port);
221*e7be843bSPierre Pronchery goto err;
222*e7be843bSPierre Pronchery }
223*e7be843bSPierre Pronchery
224*e7be843bSPierre Pronchery /* Create UDP socket. */
225*e7be843bSPierre Pronchery if ((fd = create_socket((uint16_t)port)) < 0)
226*e7be843bSPierre Pronchery goto err;
227*e7be843bSPierre Pronchery
228*e7be843bSPierre Pronchery /* Enter QUIC server connection acceptance loop. */
229*e7be843bSPierre Pronchery if (!run_quic_server(ctx, fd))
230*e7be843bSPierre Pronchery goto err;
231*e7be843bSPierre Pronchery
232*e7be843bSPierre Pronchery rc = 0;
233*e7be843bSPierre Pronchery err:
234*e7be843bSPierre Pronchery if (rc != 0)
235*e7be843bSPierre Pronchery ERR_print_errors_fp(stderr);
236*e7be843bSPierre Pronchery
237*e7be843bSPierre Pronchery SSL_CTX_free(ctx);
238*e7be843bSPierre Pronchery
239*e7be843bSPierre Pronchery if (fd != -1)
240*e7be843bSPierre Pronchery BIO_closesocket(fd);
241*e7be843bSPierre Pronchery
242*e7be843bSPierre Pronchery return rc;
243*e7be843bSPierre Pronchery }
244