1*e7be843bSPierre Pronchery /* 2*e7be843bSPierre Pronchery * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. 3*e7be843bSPierre Pronchery * 4*e7be843bSPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use 5*e7be843bSPierre Pronchery * this file except in compliance with the License. You can obtain a copy 6*e7be843bSPierre Pronchery * in the file LICENSE in the source distribution or at 7*e7be843bSPierre Pronchery * https://www.openssl.org/source/license.html 8*e7be843bSPierre Pronchery */ 9*e7be843bSPierre Pronchery 10*e7be843bSPierre Pronchery #ifndef OSSL_QUIC_SSL_H 11*e7be843bSPierre Pronchery # define OSSL_QUIC_SSL_H 12*e7be843bSPierre Pronchery 13*e7be843bSPierre Pronchery # include <openssl/ssl.h> 14*e7be843bSPierre Pronchery # include <openssl/bio.h> 15*e7be843bSPierre Pronchery # include "internal/refcount.h" 16*e7be843bSPierre Pronchery # include "internal/quic_record_rx.h" /* OSSL_QRX */ 17*e7be843bSPierre Pronchery # include "internal/quic_ackm.h" /* OSSL_ACKM */ 18*e7be843bSPierre Pronchery # include "internal/quic_channel.h" /* QUIC_CHANNEL */ 19*e7be843bSPierre Pronchery # include "internal/quic_predef.h" 20*e7be843bSPierre Pronchery 21*e7be843bSPierre Pronchery # ifndef OPENSSL_NO_QUIC 22*e7be843bSPierre Pronchery 23*e7be843bSPierre Pronchery __owur SSL *ossl_quic_new(SSL_CTX *ctx); 24*e7be843bSPierre Pronchery __owur SSL *ossl_quic_new_listener(SSL_CTX *ctx, uint64_t flags); 25*e7be843bSPierre Pronchery __owur SSL *ossl_quic_new_listener_from(SSL *ssl, uint64_t flags); 26*e7be843bSPierre Pronchery __owur SSL *ossl_quic_new_from_listener(SSL *ssl, uint64_t flags); 27*e7be843bSPierre Pronchery __owur SSL *ossl_quic_new_domain(SSL_CTX *ctx, uint64_t flags); 28*e7be843bSPierre Pronchery 29*e7be843bSPierre Pronchery /* 30*e7be843bSPierre Pronchery * Datatype returned from ossl_quic_get_peer_token 31*e7be843bSPierre Pronchery */ 32*e7be843bSPierre Pronchery typedef struct quic_token_st { 33*e7be843bSPierre Pronchery CRYPTO_REF_COUNT references; 34*e7be843bSPierre Pronchery uint8_t *hashkey; 35*e7be843bSPierre Pronchery size_t hashkey_len; 36*e7be843bSPierre Pronchery uint8_t *token; 37*e7be843bSPierre Pronchery size_t token_len; 38*e7be843bSPierre Pronchery } QUIC_TOKEN; 39*e7be843bSPierre Pronchery 40*e7be843bSPierre Pronchery SSL_TOKEN_STORE *ossl_quic_new_token_store(void); 41*e7be843bSPierre Pronchery void ossl_quic_free_token_store(SSL_TOKEN_STORE *hdl); 42*e7be843bSPierre Pronchery SSL_TOKEN_STORE *ossl_quic_get0_token_store(SSL_CTX *ctx); 43*e7be843bSPierre Pronchery int ossl_quic_set1_token_store(SSL_CTX *ctx, SSL_TOKEN_STORE *hdl); 44*e7be843bSPierre Pronchery int ossl_quic_set_peer_token(SSL_CTX *ctx, BIO_ADDR *peer, 45*e7be843bSPierre Pronchery const uint8_t *token, size_t token_len); 46*e7be843bSPierre Pronchery int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer, 47*e7be843bSPierre Pronchery QUIC_TOKEN **token); 48*e7be843bSPierre Pronchery void ossl_quic_free_peer_token(QUIC_TOKEN *token); 49*e7be843bSPierre Pronchery 50*e7be843bSPierre Pronchery __owur int ossl_quic_init(SSL *s); 51*e7be843bSPierre Pronchery void ossl_quic_deinit(SSL *s); 52*e7be843bSPierre Pronchery void ossl_quic_free(SSL *s); 53*e7be843bSPierre Pronchery int ossl_quic_reset(SSL *s); 54*e7be843bSPierre Pronchery int ossl_quic_clear(SSL *s); 55*e7be843bSPierre Pronchery __owur int ossl_quic_accept(SSL *s); 56*e7be843bSPierre Pronchery __owur int ossl_quic_connect(SSL *s); 57*e7be843bSPierre Pronchery __owur int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *readbytes); 58*e7be843bSPierre Pronchery __owur int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *readbytes); 59*e7be843bSPierre Pronchery __owur int ossl_quic_write_flags(SSL *s, const void *buf, size_t len, 60*e7be843bSPierre Pronchery uint64_t flags, size_t *written); 61*e7be843bSPierre Pronchery __owur int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written); 62*e7be843bSPierre Pronchery __owur long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg); 63*e7be843bSPierre Pronchery __owur long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); 64*e7be843bSPierre Pronchery __owur long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void)); 65*e7be843bSPierre Pronchery __owur long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)); 66*e7be843bSPierre Pronchery __owur size_t ossl_quic_pending(const SSL *s); 67*e7be843bSPierre Pronchery __owur int ossl_quic_key_update(SSL *s, int update_type); 68*e7be843bSPierre Pronchery __owur int ossl_quic_get_key_update_type(const SSL *s); 69*e7be843bSPierre Pronchery __owur const SSL_CIPHER *ossl_quic_get_cipher_by_char(const unsigned char *p); 70*e7be843bSPierre Pronchery __owur int ossl_quic_num_ciphers(void); 71*e7be843bSPierre Pronchery __owur const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u); 72*e7be843bSPierre Pronchery int ossl_quic_renegotiate_check(SSL *ssl, int initok); 73*e7be843bSPierre Pronchery 74*e7be843bSPierre Pronchery int ossl_quic_do_handshake(SSL *s); 75*e7be843bSPierre Pronchery int ossl_quic_set_connect_state(SSL *s, int raiseerrs); 76*e7be843bSPierre Pronchery int ossl_quic_set_accept_state(SSL *s, int raiseerrs); 77*e7be843bSPierre Pronchery 78*e7be843bSPierre Pronchery __owur int ossl_quic_has_pending(const SSL *s); 79*e7be843bSPierre Pronchery __owur int ossl_quic_handle_events(SSL *s); 80*e7be843bSPierre Pronchery __owur int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, 81*e7be843bSPierre Pronchery int *is_infinite); 82*e7be843bSPierre Pronchery OSSL_TIME ossl_quic_get_event_deadline(SSL *s); 83*e7be843bSPierre Pronchery __owur int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *d); 84*e7be843bSPierre Pronchery __owur int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *d); 85*e7be843bSPierre Pronchery __owur int ossl_quic_get_net_read_desired(SSL *s); 86*e7be843bSPierre Pronchery __owur int ossl_quic_get_net_write_desired(SSL *s); 87*e7be843bSPierre Pronchery __owur int ossl_quic_get_error(const SSL *s, int i); 88*e7be843bSPierre Pronchery __owur int ossl_quic_want(const SSL *s); 89*e7be843bSPierre Pronchery __owur int ossl_quic_conn_get_blocking_mode(const SSL *s); 90*e7be843bSPierre Pronchery __owur int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking); 91*e7be843bSPierre Pronchery __owur int ossl_quic_conn_shutdown(SSL *s, uint64_t flags, 92*e7be843bSPierre Pronchery const SSL_SHUTDOWN_EX_ARGS *args, 93*e7be843bSPierre Pronchery size_t args_len); 94*e7be843bSPierre Pronchery __owur int ossl_quic_conn_stream_conclude(SSL *s); 95*e7be843bSPierre Pronchery void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_wbio); 96*e7be843bSPierre Pronchery void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio); 97*e7be843bSPierre Pronchery BIO *ossl_quic_conn_get_net_rbio(const SSL *s); 98*e7be843bSPierre Pronchery BIO *ossl_quic_conn_get_net_wbio(const SSL *s); 99*e7be843bSPierre Pronchery __owur int ossl_quic_conn_set_initial_peer_addr(SSL *s, 100*e7be843bSPierre Pronchery const BIO_ADDR *peer_addr); 101*e7be843bSPierre Pronchery __owur SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags); 102*e7be843bSPierre Pronchery __owur SSL *ossl_quic_get0_connection(SSL *s); 103*e7be843bSPierre Pronchery __owur SSL *ossl_quic_get0_listener(SSL *s); 104*e7be843bSPierre Pronchery __owur SSL *ossl_quic_get0_domain(SSL *s); 105*e7be843bSPierre Pronchery __owur int ossl_quic_get_domain_flags(const SSL *s, uint64_t *domain_flags); 106*e7be843bSPierre Pronchery __owur int ossl_quic_get_stream_type(SSL *s); 107*e7be843bSPierre Pronchery __owur uint64_t ossl_quic_get_stream_id(SSL *s); 108*e7be843bSPierre Pronchery __owur int ossl_quic_is_stream_local(SSL *s); 109*e7be843bSPierre Pronchery __owur int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode); 110*e7be843bSPierre Pronchery __owur SSL *ossl_quic_detach_stream(SSL *s); 111*e7be843bSPierre Pronchery __owur int ossl_quic_attach_stream(SSL *conn, SSL *stream); 112*e7be843bSPierre Pronchery __owur int ossl_quic_set_incoming_stream_policy(SSL *s, int policy, 113*e7be843bSPierre Pronchery uint64_t aec); 114*e7be843bSPierre Pronchery __owur SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags); 115*e7be843bSPierre Pronchery __owur size_t ossl_quic_get_accept_stream_queue_len(SSL *s); 116*e7be843bSPierre Pronchery __owur int ossl_quic_get_value_uint(SSL *s, uint32_t class_, uint32_t id, 117*e7be843bSPierre Pronchery uint64_t *value); 118*e7be843bSPierre Pronchery __owur int ossl_quic_set_value_uint(SSL *s, uint32_t class_, uint32_t id, 119*e7be843bSPierre Pronchery uint64_t value); 120*e7be843bSPierre Pronchery __owur SSL *ossl_quic_accept_connection(SSL *ssl, uint64_t flags); 121*e7be843bSPierre Pronchery __owur size_t ossl_quic_get_accept_connection_queue_len(SSL *ssl); 122*e7be843bSPierre Pronchery __owur int ossl_quic_listen(SSL *ssl); 123*e7be843bSPierre Pronchery 124*e7be843bSPierre Pronchery __owur int ossl_quic_stream_reset(SSL *ssl, 125*e7be843bSPierre Pronchery const SSL_STREAM_RESET_ARGS *args, 126*e7be843bSPierre Pronchery size_t args_len); 127*e7be843bSPierre Pronchery 128*e7be843bSPierre Pronchery __owur int ossl_quic_get_stream_read_state(SSL *ssl); 129*e7be843bSPierre Pronchery __owur int ossl_quic_get_stream_write_state(SSL *ssl); 130*e7be843bSPierre Pronchery __owur int ossl_quic_get_stream_read_error_code(SSL *ssl, 131*e7be843bSPierre Pronchery uint64_t *app_error_code); 132*e7be843bSPierre Pronchery __owur int ossl_quic_get_stream_write_error_code(SSL *ssl, 133*e7be843bSPierre Pronchery uint64_t *app_error_code); 134*e7be843bSPierre Pronchery __owur int ossl_quic_get_conn_close_info(SSL *ssl, 135*e7be843bSPierre Pronchery SSL_CONN_CLOSE_INFO *info, 136*e7be843bSPierre Pronchery size_t info_len); 137*e7be843bSPierre Pronchery 138*e7be843bSPierre Pronchery uint64_t ossl_quic_set_options(SSL *s, uint64_t opts); 139*e7be843bSPierre Pronchery uint64_t ossl_quic_clear_options(SSL *s, uint64_t opts); 140*e7be843bSPierre Pronchery uint64_t ossl_quic_get_options(const SSL *s); 141*e7be843bSPierre Pronchery 142*e7be843bSPierre Pronchery /* Modifies write buffer size for a stream. */ 143*e7be843bSPierre Pronchery __owur int ossl_quic_set_write_buffer_size(SSL *s, size_t size); 144*e7be843bSPierre Pronchery 145*e7be843bSPierre Pronchery /* 146*e7be843bSPierre Pronchery * Used to override ossl_time_now() for debug purposes. While this may be 147*e7be843bSPierre Pronchery * overridden at any time, expect strange results if you change it after 148*e7be843bSPierre Pronchery * connecting. 149*e7be843bSPierre Pronchery */ 150*e7be843bSPierre Pronchery int ossl_quic_set_override_now_cb(SSL *s, 151*e7be843bSPierre Pronchery OSSL_TIME (*now_cb)(void *arg), 152*e7be843bSPierre Pronchery void *now_cb_arg); 153*e7be843bSPierre Pronchery 154*e7be843bSPierre Pronchery /* 155*e7be843bSPierre Pronchery * Condvar waiting in the assist thread doesn't support time faking as it relies 156*e7be843bSPierre Pronchery * on the OS's notion of time, thus this is used in test code to force a 157*e7be843bSPierre Pronchery * spurious wakeup instead. 158*e7be843bSPierre Pronchery */ 159*e7be843bSPierre Pronchery void ossl_quic_conn_force_assist_thread_wake(SSL *s); 160*e7be843bSPierre Pronchery 161*e7be843bSPierre Pronchery /* For use by tests only. */ 162*e7be843bSPierre Pronchery QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s); 163*e7be843bSPierre Pronchery 164*e7be843bSPierre Pronchery int ossl_quic_has_pending(const SSL *s); 165*e7be843bSPierre Pronchery int ossl_quic_get_shutdown(const SSL *s); 166*e7be843bSPierre Pronchery 167*e7be843bSPierre Pronchery /* 168*e7be843bSPierre Pronchery * Set qlog diagnostic title. String is copied internally on success and need 169*e7be843bSPierre Pronchery * not remain allocated. Only has any effect if logging has not already begun. 170*e7be843bSPierre Pronchery * For use by tests only. Setting this on a context affects any QCSO created 171*e7be843bSPierre Pronchery * after this is called but does not affect QCSOs already created from a 172*e7be843bSPierre Pronchery * context. 173*e7be843bSPierre Pronchery */ 174*e7be843bSPierre Pronchery int ossl_quic_set_diag_title(SSL_CTX *ctx, const char *title); 175*e7be843bSPierre Pronchery 176*e7be843bSPierre Pronchery /* APIs used by the polling infrastructure */ 177*e7be843bSPierre Pronchery int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick, 178*e7be843bSPierre Pronchery uint64_t *revents); 179*e7be843bSPierre Pronchery int ossl_quic_get_notifier_fd(SSL *ssl); 180*e7be843bSPierre Pronchery void ossl_quic_enter_blocking_section(SSL *ssl, QUIC_REACTOR_WAIT_CTX *wctx); 181*e7be843bSPierre Pronchery void ossl_quic_leave_blocking_section(SSL *ssl, QUIC_REACTOR_WAIT_CTX *wctx); 182*e7be843bSPierre Pronchery 183*e7be843bSPierre Pronchery # endif 184*e7be843bSPierre Pronchery 185*e7be843bSPierre Pronchery #endif 186