1 /* 2 * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <openssl/macros.h> 11 #include <openssl/objects.h> 12 #include <openssl/sslerr.h> 13 #include <crypto/rand.h> 14 #include "quic_local.h" 15 #include "internal/hashfunc.h" 16 #include "internal/ssl_unwrap.h" 17 #include "internal/quic_tls.h" 18 #include "internal/quic_rx_depack.h" 19 #include "internal/quic_error.h" 20 #include "internal/quic_engine.h" 21 #include "internal/quic_port.h" 22 #include "internal/quic_reactor_wait_ctx.h" 23 #include "internal/time.h" 24 25 typedef struct qctx_st QCTX; 26 27 static void qc_cleanup(QUIC_CONNECTION *qc, int have_lock); 28 static void aon_write_finish(QUIC_XSO *xso); 29 static int create_channel(QUIC_CONNECTION *qc, SSL_CTX *ctx); 30 static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs); 31 static QUIC_CONNECTION *create_qc_from_incoming_conn(QUIC_LISTENER *ql, QUIC_CHANNEL *ch); 32 static int qc_try_create_default_xso_for_write(QCTX *ctx); 33 static int qc_wait_for_default_xso_for_read(QCTX *ctx, int peek); 34 static void qctx_lock(QCTX *qctx); 35 static void qctx_unlock(QCTX *qctx); 36 static void qctx_lock_for_io(QCTX *ctx); 37 static int quic_do_handshake(QCTX *ctx); 38 static void qc_update_reject_policy(QUIC_CONNECTION *qc); 39 static void qc_touch_default_xso(QUIC_CONNECTION *qc); 40 static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch); 41 static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso, 42 int touch, QUIC_XSO **old_xso); 43 static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock); 44 static int quic_validate_for_write(QUIC_XSO *xso, int *err); 45 static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active); 46 static void qctx_maybe_autotick(QCTX *ctx); 47 static int qctx_should_autotick(QCTX *ctx); 48 49 /* 50 * QCTX is a utility structure which provides information we commonly wish to 51 * unwrap upon an API call being dispatched to us, namely: 52 * 53 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO 54 * was passed); 55 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if 56 * a QCSO with a default stream was passed); 57 * - whether a QSSO was passed (xso == NULL must not be used to determine this 58 * because it may be non-NULL when a QCSO is passed if that QCSO has a 59 * default stream); 60 * - a pointer to a QUIC_LISTENER object, if one is relevant; 61 * - whether we are in "I/O context", meaning that non-normal errors can 62 * be reported via SSL_get_error() as well as via ERR. Functions such as 63 * SSL_read(), SSL_write() and SSL_do_handshake() are "I/O context" 64 * functions which are allowed to change the value returned by 65 * SSL_get_error. However, other functions (including functions which call 66 * SSL_do_handshake() implicitly) are not allowed to change the return value 67 * of SSL_get_error. 68 */ 69 struct qctx_st { 70 QUIC_OBJ *obj; 71 QUIC_DOMAIN *qd; 72 QUIC_LISTENER *ql; 73 QUIC_CONNECTION *qc; 74 QUIC_XSO *xso; 75 int is_stream, is_listener, is_domain, in_io; 76 }; 77 78 QUIC_NEEDS_LOCK 79 static void quic_set_last_error(QCTX *ctx, int last_error) 80 { 81 if (!ctx->in_io) 82 return; 83 84 if (ctx->is_stream && ctx->xso != NULL) 85 ctx->xso->last_error = last_error; 86 else if (!ctx->is_stream && ctx->qc != NULL) 87 ctx->qc->last_error = last_error; 88 } 89 90 /* 91 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error() 92 * rather than via ERR. Note that normal errors must always be raised while 93 * holding a lock. 94 */ 95 QUIC_NEEDS_LOCK 96 static int quic_raise_normal_error(QCTX *ctx, 97 int err) 98 { 99 assert(ctx->in_io); 100 quic_set_last_error(ctx, err); 101 102 return 0; 103 } 104 105 /* 106 * Raise a 'non-normal' error, meaning any error that is not reported via 107 * SSL_get_error() and must be reported via ERR. 108 * 109 * qc should be provided if available. In exceptional circumstances when qc is 110 * not known NULL may be passed. This should generally only happen when an 111 * expect_...() function defined below fails, which generally indicates a 112 * dispatch error or caller error. 113 * 114 * ctx should be NULL if the connection lock is not held. 115 */ 116 static int quic_raise_non_normal_error(QCTX *ctx, 117 const char *file, 118 int line, 119 const char *func, 120 int reason, 121 const char *fmt, 122 ...) 123 { 124 va_list args; 125 126 if (ctx != NULL) { 127 quic_set_last_error(ctx, SSL_ERROR_SSL); 128 129 if (reason == SSL_R_PROTOCOL_IS_SHUTDOWN && ctx->qc != NULL) 130 ossl_quic_channel_restore_err_state(ctx->qc->ch); 131 } 132 133 ERR_new(); 134 ERR_set_debug(file, line, func); 135 136 va_start(args, fmt); 137 ERR_vset_error(ERR_LIB_SSL, reason, fmt, args); 138 va_end(args); 139 140 return 0; 141 } 142 143 #define QUIC_RAISE_NORMAL_ERROR(ctx, err) \ 144 quic_raise_normal_error((ctx), (err)) 145 146 #define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg) \ 147 quic_raise_non_normal_error((ctx), \ 148 OPENSSL_FILE, OPENSSL_LINE, \ 149 OPENSSL_FUNC, \ 150 (reason), \ 151 (msg)) 152 /* 153 * Flags for expect_quic_as: 154 * 155 * QCTX_C 156 * The input SSL object may be a QCSO. 157 * 158 * QCTX_S 159 * The input SSL object may be a QSSO or a QCSO with a default stream 160 * attached. 161 * 162 * (Note this means there is no current way to require an SSL object with a 163 * QUIC stream which is not a QCSO; a QCSO with a default stream attached 164 * is always considered to satisfy QCTX_S.) 165 * 166 * QCTX_AUTO_S 167 * The input SSL object may be a QSSO or a QCSO with a default stream 168 * attached. If no default stream is currently attached to a QCSO, 169 * one may be auto-created if possible. 170 * 171 * If QCTX_REMOTE_INIT is set, an auto-created default XSO is 172 * initiated by the remote party (i.e., local party reads first). 173 * 174 * If it is not set, an auto-created default XSO is 175 * initiated by the local party (i.e., local party writes first). 176 * 177 * QCTX_L 178 * The input SSL object may be a QLSO. 179 * 180 * QCTX_LOCK 181 * If and only if the function returns successfully, the ctx 182 * is guaranteed to be locked. 183 * 184 * QCTX_IO 185 * Begin an I/O context. If not set, begins a non-I/O context. 186 * This determines whether SSL_get_error() is updated; the value it returns 187 * is modified only by an I/O call. 188 * 189 * QCTX_NO_ERROR 190 * Don't raise an error if the object type is wrong. Should not be used in 191 * conjunction with any flags that may raise errors not related to a wrong 192 * object type. 193 */ 194 #define QCTX_C (1U << 0) 195 #define QCTX_S (1U << 1) 196 #define QCTX_L (1U << 2) 197 #define QCTX_AUTO_S (1U << 3) 198 #define QCTX_REMOTE_INIT (1U << 4) 199 #define QCTX_LOCK (1U << 5) 200 #define QCTX_IO (1U << 6) 201 #define QCTX_D (1U << 7) 202 #define QCTX_NO_ERROR (1U << 8) 203 204 /* 205 * Called when expect_quic failed. Used to diagnose why such a call failed and 206 * raise a reasonable error code based on the configured preconditions in flags. 207 */ 208 static int wrong_type(const SSL *s, uint32_t flags) 209 { 210 const uint32_t mask = QCTX_C | QCTX_S | QCTX_L | QCTX_D; 211 int code = ERR_R_UNSUPPORTED; 212 213 if ((flags & QCTX_NO_ERROR) != 0) 214 return 1; 215 else if ((flags & mask) == QCTX_D) 216 code = SSL_R_DOMAIN_USE_ONLY; 217 else if ((flags & mask) == QCTX_L) 218 code = SSL_R_LISTENER_USE_ONLY; 219 else if ((flags & mask) == QCTX_C) 220 code = SSL_R_CONN_USE_ONLY; 221 else if ((flags & mask) == QCTX_S 222 || (flags & mask) == (QCTX_C | QCTX_S)) 223 code = SSL_R_NO_STREAM; 224 225 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, code, NULL); 226 } 227 228 /* 229 * Given a QDSO, QCSO, QSSO or QLSO, initialises a QCTX, determining the 230 * contextually applicable QUIC_LISTENER, QUIC_CONNECTION and QUIC_XSO 231 * pointers. 232 * 233 * After this returns 1, all fields of the passed QCTX are initialised. 234 * Returns 0 on failure. This function is intended to be used to provide API 235 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure 236 * unless the QCTX_NO_ERROR flag is set. 237 * 238 * The flags argument controls the preconditions and postconditions of this 239 * function. See above for the different flags. 240 * 241 * The fields of a QCTX are initialised as follows depending on the identity of 242 * the SSL object, and assuming the preconditions demanded by the flags field as 243 * described above are met: 244 * 245 * QDSO QLSO QCSO QSSO 246 * qd non-NULL maybe maybe maybe 247 * ql NULL non-NULL maybe maybe 248 * qc NULL NULL non-NULL non-NULL 249 * xso NULL NULL maybe non-NULL 250 * is_stream 0 0 0 1 251 * is_listener 0 1 0 0 252 * is_domain 1 0 0 0 253 * 254 */ 255 static int expect_quic_as(const SSL *s, QCTX *ctx, uint32_t flags) 256 { 257 int ok = 0, locked = 0, lock_requested = ((flags & QCTX_LOCK) != 0); 258 QUIC_DOMAIN *qd; 259 QUIC_LISTENER *ql; 260 QUIC_CONNECTION *qc; 261 QUIC_XSO *xso; 262 263 if ((flags & QCTX_AUTO_S) != 0) 264 flags |= QCTX_S; 265 266 ctx->obj = NULL; 267 ctx->qd = NULL; 268 ctx->ql = NULL; 269 ctx->qc = NULL; 270 ctx->xso = NULL; 271 ctx->is_stream = 0; 272 ctx->is_listener = 0; 273 ctx->is_domain = 0; 274 ctx->in_io = ((flags & QCTX_IO) != 0); 275 276 if (s == NULL) { 277 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL); 278 goto err; 279 } 280 281 switch (s->type) { 282 case SSL_TYPE_QUIC_DOMAIN: 283 if ((flags & QCTX_D) == 0) { 284 wrong_type(s, flags); 285 goto err; 286 } 287 288 qd = (QUIC_DOMAIN *)s; 289 ctx->obj = &qd->obj; 290 ctx->qd = qd; 291 ctx->is_domain = 1; 292 break; 293 294 case SSL_TYPE_QUIC_LISTENER: 295 if ((flags & QCTX_L) == 0) { 296 wrong_type(s, flags); 297 goto err; 298 } 299 300 ql = (QUIC_LISTENER *)s; 301 ctx->obj = &ql->obj; 302 ctx->qd = ql->domain; 303 ctx->ql = ql; 304 ctx->is_listener = 1; 305 break; 306 307 case SSL_TYPE_QUIC_CONNECTION: 308 qc = (QUIC_CONNECTION *)s; 309 ctx->obj = &qc->obj; 310 ctx->qd = qc->domain; 311 ctx->ql = qc->listener; /* never changes, so can be read without lock */ 312 ctx->qc = qc; 313 314 if ((flags & QCTX_AUTO_S) != 0) { 315 if ((flags & QCTX_IO) != 0) 316 qctx_lock_for_io(ctx); 317 else 318 qctx_lock(ctx); 319 320 locked = 1; 321 } 322 323 if ((flags & QCTX_AUTO_S) != 0 && qc->default_xso == NULL) { 324 if (!quic_mutation_allowed(qc, /*req_active=*/0)) { 325 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 326 goto err; 327 } 328 329 /* If we haven't finished the handshake, try to advance it. */ 330 if (quic_do_handshake(ctx) < 1) 331 /* ossl_quic_do_handshake raised error here */ 332 goto err; 333 334 if ((flags & QCTX_REMOTE_INIT) != 0) { 335 if (!qc_wait_for_default_xso_for_read(ctx, /*peek=*/0)) 336 goto err; 337 } else { 338 if (!qc_try_create_default_xso_for_write(ctx)) 339 goto err; 340 } 341 } 342 343 if ((flags & QCTX_C) == 0 344 && (qc->default_xso == NULL || (flags & QCTX_S) == 0)) { 345 wrong_type(s, flags); 346 goto err; 347 } 348 349 ctx->xso = qc->default_xso; 350 break; 351 352 case SSL_TYPE_QUIC_XSO: 353 if ((flags & QCTX_S) == 0) { 354 wrong_type(s, flags); 355 goto err; 356 } 357 358 xso = (QUIC_XSO *)s; 359 ctx->obj = &xso->obj; 360 ctx->qd = xso->conn->domain; 361 ctx->ql = xso->conn->listener; 362 ctx->qc = xso->conn; 363 ctx->xso = xso; 364 ctx->is_stream = 1; 365 break; 366 367 default: 368 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 369 goto err; 370 } 371 372 if (lock_requested && !locked) { 373 if ((flags & QCTX_IO) != 0) 374 qctx_lock_for_io(ctx); 375 else 376 qctx_lock(ctx); 377 378 locked = 1; 379 } 380 381 ok = 1; 382 err: 383 if (locked && (!ok || !lock_requested)) 384 qctx_unlock(ctx); 385 386 return ok; 387 } 388 389 static int is_quic_c(const SSL *s, QCTX *ctx, int raiseerrs) 390 { 391 uint32_t flags = QCTX_C; 392 393 if (!raiseerrs) 394 flags |= QCTX_NO_ERROR; 395 return expect_quic_as(s, ctx, flags); 396 } 397 398 /* Same as expect_quic_cs except that errors are not raised if raiseerrs == 0 */ 399 static int is_quic_cs(const SSL *s, QCTX *ctx, int raiseerrs) 400 { 401 uint32_t flags = QCTX_C | QCTX_S; 402 403 if (!raiseerrs) 404 flags |= QCTX_NO_ERROR; 405 return expect_quic_as(s, ctx, flags); 406 } 407 408 static int expect_quic_cs(const SSL *s, QCTX *ctx) 409 { 410 return expect_quic_as(s, ctx, QCTX_C | QCTX_S); 411 } 412 413 static int expect_quic_csl(const SSL *s, QCTX *ctx) 414 { 415 return expect_quic_as(s, ctx, QCTX_C | QCTX_S | QCTX_L); 416 } 417 418 static int expect_quic_csld(const SSL *s, QCTX *ctx) 419 { 420 return expect_quic_as(s, ctx, QCTX_C | QCTX_S | QCTX_L | QCTX_D); 421 } 422 423 #define expect_quic_any expect_quic_csld 424 425 static int expect_quic_listener(const SSL *s, QCTX *ctx) 426 { 427 return expect_quic_as(s, ctx, QCTX_L); 428 } 429 430 static int expect_quic_domain(const SSL *s, QCTX *ctx) 431 { 432 return expect_quic_as(s, ctx, QCTX_D); 433 } 434 435 /* 436 * Like expect_quic_cs(), but requires a QUIC_XSO be contextually available. In 437 * other words, requires that the passed QSO be a QSSO or a QCSO with a default 438 * stream. 439 * 440 * remote_init determines if we expect the default XSO to be remotely created or 441 * not. If it is -1, do not instantiate a default XSO if one does not yet exist. 442 * 443 * Channel mutex is acquired and retained on success. 444 */ 445 QUIC_ACQUIRES_LOCK 446 static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init, 447 int in_io, QCTX *ctx) 448 { 449 uint32_t flags = QCTX_S | QCTX_LOCK; 450 451 if (remote_init >= 0) 452 flags |= QCTX_AUTO_S; 453 454 if (remote_init > 0) 455 flags |= QCTX_REMOTE_INIT; 456 457 if (in_io) 458 flags |= QCTX_IO; 459 460 return expect_quic_as(s, ctx, flags); 461 } 462 463 /* 464 * Like expect_quic_cs(), but fails if called on a QUIC_XSO. ctx->xso may still 465 * be non-NULL if the QCSO has a default stream. 466 */ 467 static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx) 468 { 469 return expect_quic_as(s, ctx, QCTX_C); 470 } 471 472 /* 473 * Ensures that the domain mutex is held for a method which touches channel 474 * state. 475 * 476 * Precondition: Domain mutex is not held (unchecked) 477 */ 478 static void qctx_lock(QCTX *ctx) 479 { 480 #if defined(OPENSSL_THREADS) 481 assert(ctx->obj != NULL); 482 ossl_crypto_mutex_lock(ossl_quic_obj_get0_mutex(ctx->obj)); 483 #endif 484 } 485 486 /* Precondition: Channel mutex is held (unchecked) */ 487 QUIC_NEEDS_LOCK 488 static void qctx_unlock(QCTX *ctx) 489 { 490 #if defined(OPENSSL_THREADS) 491 assert(ctx->obj != NULL); 492 ossl_crypto_mutex_unlock(ossl_quic_obj_get0_mutex(ctx->obj)); 493 #endif 494 } 495 496 static void qctx_lock_for_io(QCTX *ctx) 497 { 498 qctx_lock(ctx); 499 ctx->in_io = 1; 500 501 /* 502 * We are entering an I/O function so we must update the values returned by 503 * SSL_get_error and SSL_want. Set no error. This will be overridden later 504 * if a call to QUIC_RAISE_NORMAL_ERROR or QUIC_RAISE_NON_NORMAL_ERROR 505 * occurs during the API call. 506 */ 507 quic_set_last_error(ctx, SSL_ERROR_NONE); 508 } 509 510 /* 511 * This predicate is the criterion which should determine API call rejection for 512 * *most* mutating API calls, particularly stream-related operations for send 513 * parts. 514 * 515 * A call is rejected (this function returns 0) if shutdown is in progress 516 * (stream flushing), or we are in a TERMINATING or TERMINATED state. If 517 * req_active=1, the connection must be active (i.e., the IDLE state is also 518 * rejected). 519 */ 520 static int quic_mutation_allowed(QUIC_CONNECTION *qc, int req_active) 521 { 522 if (qc->shutting_down || ossl_quic_channel_is_term_any(qc->ch)) 523 return 0; 524 525 if (req_active && !ossl_quic_channel_is_active(qc->ch)) 526 return 0; 527 528 return 1; 529 } 530 531 static int qctx_is_top_level(QCTX *ctx) 532 { 533 return ctx->obj->parent_obj == NULL; 534 } 535 536 static int qctx_blocking(QCTX *ctx) 537 { 538 return ossl_quic_obj_blocking(ctx->obj); 539 } 540 541 /* 542 * Block until a predicate is met. 543 * 544 * Precondition: Must have a channel. 545 * Precondition: Must hold channel lock (unchecked). 546 */ 547 QUIC_NEEDS_LOCK 548 static int block_until_pred(QCTX *ctx, 549 int (*pred)(void *arg), void *pred_arg, 550 uint32_t flags) 551 { 552 QUIC_ENGINE *qeng; 553 QUIC_REACTOR *rtor; 554 555 qeng = ossl_quic_obj_get0_engine(ctx->obj); 556 assert(qeng != NULL); 557 558 /* 559 * Any attempt to block auto-disables tick inhibition as otherwise we will 560 * hang around forever. 561 */ 562 ossl_quic_engine_set_inhibit_tick(qeng, 0); 563 564 rtor = ossl_quic_engine_get0_reactor(qeng); 565 return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags); 566 } 567 568 /* 569 * QUIC Front-End I/O API: Initialization 570 * ====================================== 571 * 572 * SSL_new => ossl_quic_new 573 * ossl_quic_init 574 * SSL_reset => ossl_quic_reset 575 * SSL_clear => ossl_quic_clear 576 * ossl_quic_deinit 577 * SSL_free => ossl_quic_free 578 * 579 * SSL_set_options => ossl_quic_set_options 580 * SSL_get_options => ossl_quic_get_options 581 * SSL_clear_options => ossl_quic_clear_options 582 * 583 */ 584 585 /* SSL_new */ 586 SSL *ossl_quic_new(SSL_CTX *ctx) 587 { 588 QUIC_CONNECTION *qc = NULL; 589 SSL_CONNECTION *sc = NULL; 590 591 /* 592 * QUIC_server_method should not be used with SSL_new. 593 * It should only be used with SSL_new_listener. 594 */ 595 if (ctx->method == OSSL_QUIC_server_method()) { 596 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL); 597 return NULL; 598 } 599 600 qc = OPENSSL_zalloc(sizeof(*qc)); 601 if (qc == NULL) { 602 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 603 return NULL; 604 } 605 606 /* Create the QUIC domain mutex. */ 607 #if defined(OPENSSL_THREADS) 608 if ((qc->mutex = ossl_crypto_mutex_new()) == NULL) { 609 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 610 goto err; 611 } 612 #endif 613 614 /* Create the handshake layer. */ 615 qc->tls = ossl_ssl_connection_new_int(ctx, &qc->obj.ssl, TLS_method()); 616 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL) { 617 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 618 goto err; 619 } 620 621 /* override the user_ssl of the inner connection */ 622 sc->s3.flags |= TLS1_FLAGS_QUIC | TLS1_FLAGS_QUIC_INTERNAL; 623 624 /* Restrict options derived from the SSL_CTX. */ 625 sc->options &= OSSL_QUIC_PERMITTED_OPTIONS_CONN; 626 sc->pha_enabled = 0; 627 628 /* Determine mode of operation. */ 629 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST) 630 qc->is_thread_assisted 631 = ((ctx->domain_flags & SSL_DOMAIN_FLAG_THREAD_ASSISTED) != 0); 632 #endif 633 634 qc->as_server = 0; 635 qc->as_server_state = qc->as_server; 636 637 if (!create_channel(qc, ctx)) 638 goto err; 639 640 ossl_quic_channel_set_msg_callback(qc->ch, ctx->msg_callback, &qc->obj.ssl); 641 ossl_quic_channel_set_msg_callback_arg(qc->ch, ctx->msg_callback_arg); 642 643 /* Initialise the QUIC_CONNECTION's QUIC_OBJ base. */ 644 if (!ossl_quic_obj_init(&qc->obj, ctx, SSL_TYPE_QUIC_CONNECTION, NULL, 645 qc->engine, qc->port)) { 646 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 647 goto err; 648 } 649 650 /* Initialise libssl APL-related state. */ 651 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI; 652 qc->default_ssl_mode = qc->obj.ssl.ctx->mode; 653 qc->default_ssl_options = qc->obj.ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS; 654 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO; 655 qc->last_error = SSL_ERROR_NONE; 656 657 qc_update_reject_policy(qc); 658 659 /* 660 * We do not create the default XSO yet. The reason for this is that the 661 * stream ID of the default XSO will depend on whether the stream is client 662 * or server-initiated, which depends on who transmits first. Since we do 663 * not know whether the application will be using a client-transmits-first 664 * or server-transmits-first protocol, we defer default XSO creation until 665 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first, 666 * we take that as a cue that the client is expecting a server-initiated 667 * stream, and vice versa if SSL_write() is called first. 668 */ 669 return &qc->obj.ssl; 670 671 err: 672 if (qc != NULL) { 673 qc_cleanup(qc, /*have_lock=*/0); 674 OPENSSL_free(qc); 675 } 676 return NULL; 677 } 678 679 QUIC_NEEDS_LOCK 680 static void quic_unref_port_bios(QUIC_PORT *port) 681 { 682 BIO *b; 683 684 b = ossl_quic_port_get_net_rbio(port); 685 BIO_free_all(b); 686 687 b = ossl_quic_port_get_net_wbio(port); 688 BIO_free_all(b); 689 } 690 691 QUIC_NEEDS_LOCK 692 static void qc_cleanup(QUIC_CONNECTION *qc, int have_lock) 693 { 694 SSL_free(qc->tls); 695 qc->tls = NULL; 696 697 ossl_quic_channel_free(qc->ch); 698 qc->ch = NULL; 699 700 if (qc->port != NULL && qc->listener == NULL && qc->pending == 0) { /* TODO */ 701 quic_unref_port_bios(qc->port); 702 ossl_quic_port_free(qc->port); 703 qc->port = NULL; 704 705 ossl_quic_engine_free(qc->engine); 706 qc->engine = NULL; 707 } 708 709 #if defined(OPENSSL_THREADS) 710 if (have_lock) 711 /* tsan doesn't like freeing locked mutexes */ 712 ossl_crypto_mutex_unlock(qc->mutex); 713 714 if (qc->listener == NULL && qc->pending == 0) 715 ossl_crypto_mutex_free(&qc->mutex); 716 #endif 717 } 718 719 /* SSL_free */ 720 QUIC_TAKES_LOCK 721 static void quic_free_listener(QCTX *ctx) 722 { 723 quic_unref_port_bios(ctx->ql->port); 724 ossl_quic_port_drop_incoming(ctx->ql->port); 725 ossl_quic_port_free(ctx->ql->port); 726 727 if (ctx->ql->domain == NULL) { 728 ossl_quic_engine_free(ctx->ql->engine); 729 #if defined(OPENSSL_THREADS) 730 ossl_crypto_mutex_free(&ctx->ql->mutex); 731 #endif 732 } else { 733 SSL_free(&ctx->ql->domain->obj.ssl); 734 } 735 } 736 737 /* SSL_free */ 738 QUIC_TAKES_LOCK 739 static void quic_free_domain(QCTX *ctx) 740 { 741 ossl_quic_engine_free(ctx->qd->engine); 742 #if defined(OPENSSL_THREADS) 743 ossl_crypto_mutex_free(&ctx->qd->mutex); 744 #endif 745 } 746 747 QUIC_TAKES_LOCK 748 void ossl_quic_free(SSL *s) 749 { 750 QCTX ctx; 751 int is_default; 752 753 /* We should never be called on anything but a QSO. */ 754 if (!expect_quic_any(s, &ctx)) 755 return; 756 757 if (ctx.is_domain) { 758 quic_free_domain(&ctx); 759 return; 760 } 761 762 if (ctx.is_listener) { 763 quic_free_listener(&ctx); 764 return; 765 } 766 767 qctx_lock(&ctx); 768 769 if (ctx.is_stream) { 770 /* 771 * When a QSSO is freed, the XSO is freed immediately, because the XSO 772 * itself only contains API personality layer data. However the 773 * underlying QUIC_STREAM is not freed immediately but is instead marked 774 * as deleted for later collection. 775 */ 776 777 assert(ctx.qc->num_xso > 0); 778 --ctx.qc->num_xso; 779 780 /* If a stream's send part has not been finished, auto-reset it. */ 781 if (( ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_READY 782 || ctx.xso->stream->send_state == QUIC_SSTREAM_STATE_SEND) 783 && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL)) 784 ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch), 785 ctx.xso->stream, 0); 786 787 /* Do STOP_SENDING for the receive part, if applicable. */ 788 if ( ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_RECV 789 || ctx.xso->stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN) 790 ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch), 791 ctx.xso->stream, 0); 792 793 /* Update stream state. */ 794 ctx.xso->stream->deleted = 1; 795 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch), 796 ctx.xso->stream); 797 798 is_default = (ctx.xso == ctx.qc->default_xso); 799 qctx_unlock(&ctx); 800 801 /* 802 * Unref the connection in most cases; the XSO has a ref to the QC and 803 * not vice versa. But for a default XSO, to avoid circular references, 804 * the QC refs the XSO but the XSO does not ref the QC. If we are the 805 * default XSO, we only get here when the QC is being torn down anyway, 806 * so don't call SSL_free(qc) as we are already in it. 807 */ 808 if (!is_default) 809 SSL_free(&ctx.qc->obj.ssl); 810 811 /* Note: SSL_free calls OPENSSL_free(xso) for us */ 812 return; 813 } 814 815 /* 816 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this 817 * stage, but is freed during the channel free when the whole QSM is freed. 818 */ 819 if (ctx.qc->default_xso != NULL) { 820 QUIC_XSO *xso = ctx.qc->default_xso; 821 822 qctx_unlock(&ctx); 823 SSL_free(&xso->obj.ssl); 824 qctx_lock(&ctx); 825 ctx.qc->default_xso = NULL; 826 } 827 828 /* Ensure we have no remaining XSOs. */ 829 assert(ctx.qc->num_xso == 0); 830 831 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST) 832 if (ctx.qc->is_thread_assisted && ctx.qc->started) { 833 ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist); 834 ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist); 835 } 836 #endif 837 838 /* 839 * Note: SSL_free (that called this function) calls OPENSSL_free(ctx.qc) for 840 * us 841 */ 842 qc_cleanup(ctx.qc, /*have_lock=*/1); 843 /* Note: SSL_free calls OPENSSL_free(qc) for us */ 844 845 if (ctx.qc->listener != NULL) 846 SSL_free(&ctx.qc->listener->obj.ssl); 847 if (ctx.qc->domain != NULL) 848 SSL_free(&ctx.qc->domain->obj.ssl); 849 } 850 851 /* SSL method init */ 852 int ossl_quic_init(SSL *s) 853 { 854 /* Same op as SSL_clear, forward the call. */ 855 return ossl_quic_clear(s); 856 } 857 858 /* SSL method deinit */ 859 void ossl_quic_deinit(SSL *s) 860 { 861 /* No-op. */ 862 } 863 864 /* SSL_clear (ssl_reset method) */ 865 int ossl_quic_reset(SSL *s) 866 { 867 QCTX ctx; 868 869 if (!expect_quic_any(s, &ctx)) 870 return 0; 871 872 ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED); 873 return 0; 874 } 875 876 /* ssl_clear method (unused) */ 877 int ossl_quic_clear(SSL *s) 878 { 879 QCTX ctx; 880 881 if (!expect_quic_any(s, &ctx)) 882 return 0; 883 884 ERR_raise(ERR_LIB_SSL, ERR_R_UNSUPPORTED); 885 return 0; 886 } 887 888 int ossl_quic_set_override_now_cb(SSL *s, 889 OSSL_TIME (*now_cb)(void *arg), 890 void *now_cb_arg) 891 { 892 QCTX ctx; 893 894 if (!expect_quic_any(s, &ctx)) 895 return 0; 896 897 qctx_lock(&ctx); 898 899 ossl_quic_engine_set_time_cb(ctx.obj->engine, now_cb, now_cb_arg); 900 901 qctx_unlock(&ctx); 902 return 1; 903 } 904 905 void ossl_quic_conn_force_assist_thread_wake(SSL *s) 906 { 907 QCTX ctx; 908 909 if (!expect_quic_conn_only(s, &ctx)) 910 return; 911 912 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST) 913 if (ctx.qc->is_thread_assisted && ctx.qc->started) 914 ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist); 915 #endif 916 } 917 918 QUIC_NEEDS_LOCK 919 static void qc_touch_default_xso(QUIC_CONNECTION *qc) 920 { 921 qc->default_xso_created = 1; 922 qc_update_reject_policy(qc); 923 } 924 925 /* 926 * Changes default XSO. Allows caller to keep reference to the old default XSO 927 * (if any). Reference to new XSO is transferred from caller. 928 */ 929 QUIC_NEEDS_LOCK 930 static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso, 931 int touch, 932 QUIC_XSO **old_xso) 933 { 934 int refs; 935 936 *old_xso = NULL; 937 938 if (qc->default_xso != xso) { 939 *old_xso = qc->default_xso; /* transfer old XSO ref to caller */ 940 941 qc->default_xso = xso; 942 943 if (xso == NULL) { 944 /* 945 * Changing to not having a default XSO. XSO becomes standalone and 946 * now has a ref to the QC. 947 */ 948 if (!ossl_assert(SSL_up_ref(&qc->obj.ssl))) 949 return; 950 } else { 951 /* 952 * Changing from not having a default XSO to having one. The new XSO 953 * will have had a reference to the QC we need to drop to avoid a 954 * circular reference. 955 * 956 * Currently we never change directly from one default XSO to 957 * another, though this function would also still be correct if this 958 * weren't the case. 959 */ 960 assert(*old_xso == NULL); 961 962 CRYPTO_DOWN_REF(&qc->obj.ssl.references, &refs); 963 assert(refs > 0); 964 } 965 } 966 967 if (touch) 968 qc_touch_default_xso(qc); 969 } 970 971 /* 972 * Changes default XSO, releasing the reference to any previous default XSO. 973 * Reference to new XSO is transferred from caller. 974 */ 975 QUIC_NEEDS_LOCK 976 static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch) 977 { 978 QUIC_XSO *old_xso = NULL; 979 980 qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso); 981 982 if (old_xso != NULL) 983 SSL_free(&old_xso->obj.ssl); 984 } 985 986 QUIC_NEEDS_LOCK 987 static void xso_update_options(QUIC_XSO *xso) 988 { 989 int cleanse = ((xso->ssl_options & SSL_OP_CLEANSE_PLAINTEXT) != 0); 990 991 if (xso->stream->rstream != NULL) 992 ossl_quic_rstream_set_cleanse(xso->stream->rstream, cleanse); 993 994 if (xso->stream->sstream != NULL) 995 ossl_quic_sstream_set_cleanse(xso->stream->sstream, cleanse); 996 } 997 998 /* 999 * SSL_set_options 1000 * --------------- 1001 * 1002 * Setting options on a QCSO 1003 * - configures the handshake-layer options; 1004 * - configures the default data-plane options for new streams; 1005 * - configures the data-plane options on the default XSO, if there is one. 1006 * 1007 * Setting options on a QSSO 1008 * - configures data-plane options for that stream only. 1009 */ 1010 QUIC_TAKES_LOCK 1011 static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_value) 1012 { 1013 QCTX ctx; 1014 uint64_t hs_mask_value, hs_or_value, ret; 1015 1016 if (!expect_quic_cs(ssl, &ctx)) 1017 return 0; 1018 1019 qctx_lock(&ctx); 1020 1021 if (!ctx.is_stream) { 1022 /* 1023 * If we were called on the connection, we apply any handshake option 1024 * changes. 1025 */ 1026 hs_mask_value = (mask_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN); 1027 hs_or_value = (or_value & OSSL_QUIC_PERMITTED_OPTIONS_CONN); 1028 1029 SSL_clear_options(ctx.qc->tls, hs_mask_value); 1030 SSL_set_options(ctx.qc->tls, hs_or_value); 1031 1032 /* Update defaults for new streams. */ 1033 ctx.qc->default_ssl_options 1034 = ((ctx.qc->default_ssl_options & ~mask_value) | or_value) 1035 & OSSL_QUIC_PERMITTED_OPTIONS; 1036 } 1037 1038 ret = ctx.qc->default_ssl_options; 1039 if (ctx.xso != NULL) { 1040 ctx.xso->ssl_options 1041 = ((ctx.xso->ssl_options & ~mask_value) | or_value) 1042 & OSSL_QUIC_PERMITTED_OPTIONS_STREAM; 1043 1044 xso_update_options(ctx.xso); 1045 1046 if (ctx.is_stream) 1047 ret = ctx.xso->ssl_options; 1048 } 1049 1050 qctx_unlock(&ctx); 1051 return ret; 1052 } 1053 1054 uint64_t ossl_quic_set_options(SSL *ssl, uint64_t options) 1055 { 1056 return quic_mask_or_options(ssl, 0, options); 1057 } 1058 1059 /* SSL_clear_options */ 1060 uint64_t ossl_quic_clear_options(SSL *ssl, uint64_t options) 1061 { 1062 return quic_mask_or_options(ssl, options, 0); 1063 } 1064 1065 /* SSL_get_options */ 1066 uint64_t ossl_quic_get_options(const SSL *ssl) 1067 { 1068 return quic_mask_or_options((SSL *)ssl, 0, 0); 1069 } 1070 1071 /* 1072 * QUIC Front-End I/O API: Network BIO Configuration 1073 * ================================================= 1074 * 1075 * Handling the different BIOs is difficult: 1076 * 1077 * - It is more or less a requirement that we use non-blocking network I/O; 1078 * we need to be able to have timeouts on recv() calls, and make best effort 1079 * (non blocking) send() and recv() calls. 1080 * 1081 * The only sensible way to do this is to configure the socket into 1082 * non-blocking mode. We could try to do select() before calling send() or 1083 * recv() to get a guarantee that the call will not block, but this will 1084 * probably run into issues with buggy OSes which generate spurious socket 1085 * readiness events. In any case, relying on this to work reliably does not 1086 * seem sane. 1087 * 1088 * Timeouts could be handled via setsockopt() socket timeout options, but 1089 * this depends on OS support and adds another syscall to every network I/O 1090 * operation. It also has obvious thread safety concerns if we want to move 1091 * to concurrent use of a single socket at some later date. 1092 * 1093 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to 1094 * be made non-blocking. However some OSes (e.g. Windows) do not support 1095 * this, so we cannot rely on this. 1096 * 1097 * As such, we need to configure any FD in non-blocking mode. This may 1098 * confound users who pass a blocking socket to libssl. However, in practice 1099 * it would be extremely strange for a user of QUIC to pass an FD to us, 1100 * then also try and send receive traffic on the same socket(!). Thus the 1101 * impact of this should be limited, and can be documented. 1102 * 1103 * - We support both blocking and non-blocking operation in terms of the API 1104 * presented to the user. One prospect is to set the blocking mode based on 1105 * whether the socket passed to us was already in blocking mode. However, 1106 * Windows has no API for determining if a socket is in blocking mode (!), 1107 * therefore this cannot be done portably. Currently therefore we expose an 1108 * explicit API call to set this, and default to blocking mode. 1109 * 1110 * - We need to determine our initial destination UDP address. The "natural" 1111 * way for a user to do this is to set the peer variable on a BIO_dgram. 1112 * However, this has problems because BIO_dgram's peer variable is used for 1113 * both transmission and reception. This means it can be constantly being 1114 * changed to a malicious value (e.g. if some random unrelated entity on the 1115 * network starts sending traffic to us) on every read call. This is not a 1116 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg 1117 * calls only, which do not use this variable. However, we do need to let 1118 * the user specify the peer in a 'normal' manner. The compromise here is 1119 * that we grab the current peer value set at the time the write BIO is set 1120 * and do not read the value again. 1121 * 1122 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs. 1123 * Currently we do this by only supporting non-blocking mode. 1124 * 1125 */ 1126 1127 /* 1128 * Determines what initial destination UDP address we should use, if possible. 1129 * If this fails the client must set the destination address manually, or use a 1130 * BIO which does not need a destination address. 1131 */ 1132 static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer) 1133 { 1134 if (BIO_dgram_detect_peer_addr(net_wbio, peer) <= 0) 1135 return 0; 1136 1137 return 1; 1138 } 1139 1140 static int 1141 quic_set0_net_rbio(QUIC_OBJ *obj, BIO *net_rbio) 1142 { 1143 QUIC_PORT *port; 1144 BIO *old_rbio = NULL; 1145 1146 port = ossl_quic_obj_get0_port(obj); 1147 old_rbio = ossl_quic_port_get_net_rbio(port); 1148 if (old_rbio == net_rbio) 1149 return 0; 1150 1151 if (!ossl_quic_port_set_net_rbio(port, net_rbio)) 1152 return 0; 1153 1154 BIO_free_all(old_rbio); 1155 if (net_rbio != NULL) 1156 BIO_set_nbio(net_rbio, 1); /* best effort autoconfig */ 1157 1158 return 1; 1159 } 1160 1161 static int 1162 quic_set0_net_wbio(QUIC_OBJ *obj, BIO *net_wbio) 1163 { 1164 QUIC_PORT *port; 1165 BIO *old_wbio = NULL; 1166 1167 port = ossl_quic_obj_get0_port(obj); 1168 old_wbio = ossl_quic_port_get_net_wbio(port); 1169 if (old_wbio == net_wbio) 1170 return 0; 1171 1172 if (!ossl_quic_port_set_net_wbio(port, net_wbio)) 1173 return 0; 1174 1175 BIO_free_all(old_wbio); 1176 if (net_wbio != NULL) 1177 BIO_set_nbio(net_wbio, 1); /* best effort autoconfig */ 1178 1179 return 1; 1180 } 1181 1182 void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio) 1183 { 1184 QCTX ctx; 1185 1186 if (!expect_quic_csl(s, &ctx)) 1187 return; 1188 1189 /* Returns 0 if no change. */ 1190 if (!quic_set0_net_rbio(ctx.obj, net_rbio)) 1191 return; 1192 } 1193 1194 void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio) 1195 { 1196 QCTX ctx; 1197 1198 if (!expect_quic_csl(s, &ctx)) 1199 return; 1200 1201 /* Returns 0 if no change. */ 1202 if (!quic_set0_net_wbio(ctx.obj, net_wbio)) 1203 return; 1204 } 1205 1206 BIO *ossl_quic_conn_get_net_rbio(const SSL *s) 1207 { 1208 QCTX ctx; 1209 QUIC_PORT *port; 1210 1211 if (!expect_quic_csl(s, &ctx)) 1212 return NULL; 1213 1214 port = ossl_quic_obj_get0_port(ctx.obj); 1215 assert(port != NULL); 1216 return ossl_quic_port_get_net_rbio(port); 1217 } 1218 1219 BIO *ossl_quic_conn_get_net_wbio(const SSL *s) 1220 { 1221 QCTX ctx; 1222 QUIC_PORT *port; 1223 1224 if (!expect_quic_csl(s, &ctx)) 1225 return NULL; 1226 1227 port = ossl_quic_obj_get0_port(ctx.obj); 1228 assert(port != NULL); 1229 return ossl_quic_port_get_net_wbio(port); 1230 } 1231 1232 int ossl_quic_conn_get_blocking_mode(const SSL *s) 1233 { 1234 QCTX ctx; 1235 1236 if (!expect_quic_csl(s, &ctx)) 1237 return 0; 1238 1239 return qctx_blocking(&ctx); 1240 } 1241 1242 QUIC_TAKES_LOCK 1243 int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking) 1244 { 1245 int ret = 0; 1246 unsigned int mode; 1247 QCTX ctx; 1248 1249 if (!expect_quic_csl(s, &ctx)) 1250 return 0; 1251 1252 qctx_lock(&ctx); 1253 1254 /* Sanity check - can we support the request given the current network BIO? */ 1255 if (blocking) { 1256 /* 1257 * If called directly on a top-level object (QCSO or QLSO), update our 1258 * information on network BIO capabilities. 1259 */ 1260 if (qctx_is_top_level(&ctx)) 1261 ossl_quic_engine_update_poll_descriptors(ctx.obj->engine, /*force=*/1); 1262 1263 /* Cannot enable blocking mode if we do not have pollable FDs. */ 1264 if (!ossl_quic_obj_can_support_blocking(ctx.obj)) { 1265 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL); 1266 goto out; 1267 } 1268 } 1269 1270 mode = (blocking != 0) 1271 ? QUIC_BLOCKING_MODE_BLOCKING 1272 : QUIC_BLOCKING_MODE_NONBLOCKING; 1273 1274 ossl_quic_obj_set_blocking_mode(ctx.obj, mode); 1275 1276 ret = 1; 1277 out: 1278 qctx_unlock(&ctx); 1279 return ret; 1280 } 1281 1282 int ossl_quic_conn_set_initial_peer_addr(SSL *s, 1283 const BIO_ADDR *peer_addr) 1284 { 1285 QCTX ctx; 1286 1287 if (!expect_quic_cs(s, &ctx)) 1288 return 0; 1289 1290 if (ctx.qc->started) 1291 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, 1292 NULL); 1293 1294 if (peer_addr == NULL) { 1295 BIO_ADDR_clear(&ctx.qc->init_peer_addr); 1296 return 1; 1297 } 1298 1299 return BIO_ADDR_copy(&ctx.qc->init_peer_addr, peer_addr); 1300 } 1301 1302 /* 1303 * QUIC Front-End I/O API: Asynchronous I/O Management 1304 * =================================================== 1305 * 1306 * (BIO/)SSL_handle_events => ossl_quic_handle_events 1307 * (BIO/)SSL_get_event_timeout => ossl_quic_get_event_timeout 1308 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd 1309 * 1310 */ 1311 1312 /* SSL_handle_events; performs QUIC I/O and timeout processing. */ 1313 QUIC_TAKES_LOCK 1314 int ossl_quic_handle_events(SSL *s) 1315 { 1316 QCTX ctx; 1317 1318 if (!expect_quic_any(s, &ctx)) 1319 return 0; 1320 1321 qctx_lock(&ctx); 1322 ossl_quic_reactor_tick(ossl_quic_obj_get0_reactor(ctx.obj), 0); 1323 qctx_unlock(&ctx); 1324 return 1; 1325 } 1326 1327 /* 1328 * SSL_get_event_timeout. Get the time in milliseconds until the SSL object 1329 * should next have events handled by the application by calling 1330 * SSL_handle_events(). tv is set to 0 if the object should have events handled 1331 * immediately. If no timeout is currently active, *is_infinite is set to 1 and 1332 * the value of *tv is undefined. 1333 */ 1334 QUIC_TAKES_LOCK 1335 int ossl_quic_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite) 1336 { 1337 QCTX ctx; 1338 QUIC_REACTOR *reactor; 1339 OSSL_TIME deadline; 1340 OSSL_TIME basetime; 1341 1342 if (!expect_quic_any(s, &ctx)) 1343 return 0; 1344 1345 qctx_lock(&ctx); 1346 1347 reactor = ossl_quic_obj_get0_reactor(ctx.obj); 1348 deadline = ossl_quic_reactor_get_tick_deadline(reactor); 1349 1350 if (ossl_time_is_infinite(deadline)) { 1351 qctx_unlock(&ctx); 1352 *is_infinite = 1; 1353 1354 /* 1355 * Robustness against faulty applications that don't check *is_infinite; 1356 * harmless long timeout. 1357 */ 1358 tv->tv_sec = 1000000; 1359 tv->tv_usec = 0; 1360 return 1; 1361 } 1362 1363 basetime = ossl_quic_engine_get_time(ctx.obj->engine); 1364 1365 qctx_unlock(&ctx); 1366 1367 *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, basetime)); 1368 *is_infinite = 0; 1369 1370 return 1; 1371 } 1372 1373 /* SSL_get_rpoll_descriptor */ 1374 int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc) 1375 { 1376 QCTX ctx; 1377 QUIC_PORT *port = NULL; 1378 BIO *net_rbio; 1379 1380 if (!expect_quic_csl(s, &ctx)) 1381 return 0; 1382 1383 port = ossl_quic_obj_get0_port(ctx.obj); 1384 net_rbio = ossl_quic_port_get_net_rbio(port); 1385 if (desc == NULL || net_rbio == NULL) 1386 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, 1387 NULL); 1388 1389 return BIO_get_rpoll_descriptor(net_rbio, desc); 1390 } 1391 1392 /* SSL_get_wpoll_descriptor */ 1393 int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc) 1394 { 1395 QCTX ctx; 1396 QUIC_PORT *port = NULL; 1397 BIO *net_wbio; 1398 1399 if (!expect_quic_csl(s, &ctx)) 1400 return 0; 1401 1402 port = ossl_quic_obj_get0_port(ctx.obj); 1403 net_wbio = ossl_quic_port_get_net_wbio(port); 1404 if (desc == NULL || net_wbio == NULL) 1405 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, 1406 NULL); 1407 1408 return BIO_get_wpoll_descriptor(net_wbio, desc); 1409 } 1410 1411 /* SSL_net_read_desired */ 1412 QUIC_TAKES_LOCK 1413 int ossl_quic_get_net_read_desired(SSL *s) 1414 { 1415 QCTX ctx; 1416 int ret; 1417 1418 if (!expect_quic_csl(s, &ctx)) 1419 return 0; 1420 1421 qctx_lock(&ctx); 1422 ret = ossl_quic_reactor_net_read_desired(ossl_quic_obj_get0_reactor(ctx.obj)); 1423 qctx_unlock(&ctx); 1424 return ret; 1425 } 1426 1427 /* SSL_net_write_desired */ 1428 QUIC_TAKES_LOCK 1429 int ossl_quic_get_net_write_desired(SSL *s) 1430 { 1431 int ret; 1432 QCTX ctx; 1433 1434 if (!expect_quic_csl(s, &ctx)) 1435 return 0; 1436 1437 qctx_lock(&ctx); 1438 ret = ossl_quic_reactor_net_write_desired(ossl_quic_obj_get0_reactor(ctx.obj)); 1439 qctx_unlock(&ctx); 1440 return ret; 1441 } 1442 1443 /* 1444 * QUIC Front-End I/O API: Connection Lifecycle Operations 1445 * ======================================================= 1446 * 1447 * SSL_do_handshake => ossl_quic_do_handshake 1448 * SSL_set_connect_state => ossl_quic_set_connect_state 1449 * SSL_set_accept_state => ossl_quic_set_accept_state 1450 * SSL_shutdown => ossl_quic_shutdown 1451 * SSL_ctrl => ossl_quic_ctrl 1452 * (BIO/)SSL_connect => ossl_quic_connect 1453 * (BIO/)SSL_accept => ossl_quic_accept 1454 * 1455 */ 1456 1457 QUIC_NEEDS_LOCK 1458 static void qc_shutdown_flush_init(QUIC_CONNECTION *qc) 1459 { 1460 QUIC_STREAM_MAP *qsm; 1461 1462 if (qc->shutting_down) 1463 return; 1464 1465 qsm = ossl_quic_channel_get_qsm(qc->ch); 1466 1467 ossl_quic_stream_map_begin_shutdown_flush(qsm); 1468 qc->shutting_down = 1; 1469 } 1470 1471 /* Returns 1 if all shutdown-flush streams have been done with. */ 1472 QUIC_NEEDS_LOCK 1473 static int qc_shutdown_flush_finished(QUIC_CONNECTION *qc) 1474 { 1475 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch); 1476 1477 return qc->shutting_down 1478 && ossl_quic_stream_map_is_shutdown_flush_finished(qsm); 1479 } 1480 1481 /* SSL_shutdown */ 1482 static int quic_shutdown_wait(void *arg) 1483 { 1484 QUIC_CONNECTION *qc = arg; 1485 1486 return ossl_quic_channel_is_terminated(qc->ch); 1487 } 1488 1489 /* Returns 1 if shutdown flush process has finished or is inapplicable. */ 1490 static int quic_shutdown_flush_wait(void *arg) 1491 { 1492 QUIC_CONNECTION *qc = arg; 1493 1494 return ossl_quic_channel_is_term_any(qc->ch) 1495 || qc_shutdown_flush_finished(qc); 1496 } 1497 1498 static int quic_shutdown_peer_wait(void *arg) 1499 { 1500 QUIC_CONNECTION *qc = arg; 1501 return ossl_quic_channel_is_term_any(qc->ch); 1502 } 1503 1504 QUIC_TAKES_LOCK 1505 int ossl_quic_conn_shutdown(SSL *s, uint64_t flags, 1506 const SSL_SHUTDOWN_EX_ARGS *args, 1507 size_t args_len) 1508 { 1509 int ret; 1510 QCTX ctx; 1511 int stream_flush = ((flags & SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH) == 0); 1512 int no_block = ((flags & SSL_SHUTDOWN_FLAG_NO_BLOCK) != 0); 1513 int wait_peer = ((flags & SSL_SHUTDOWN_FLAG_WAIT_PEER) != 0); 1514 1515 if (!expect_quic_cs(s, &ctx)) 1516 return -1; 1517 1518 if (ctx.is_stream) { 1519 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_CONN_USE_ONLY, NULL); 1520 return -1; 1521 } 1522 1523 qctx_lock(&ctx); 1524 1525 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) { 1526 qctx_unlock(&ctx); 1527 return 1; 1528 } 1529 1530 /* Phase 1: Stream Flushing */ 1531 if (!wait_peer && stream_flush) { 1532 qc_shutdown_flush_init(ctx.qc); 1533 1534 if (!qc_shutdown_flush_finished(ctx.qc)) { 1535 if (!no_block && qctx_blocking(&ctx)) { 1536 ret = block_until_pred(&ctx, quic_shutdown_flush_wait, ctx.qc, 0); 1537 if (ret < 1) { 1538 ret = 0; 1539 goto err; 1540 } 1541 } else { 1542 qctx_maybe_autotick(&ctx); 1543 } 1544 } 1545 1546 if (!qc_shutdown_flush_finished(ctx.qc)) { 1547 qctx_unlock(&ctx); 1548 return 0; /* ongoing */ 1549 } 1550 } 1551 1552 /* Phase 2: Connection Closure */ 1553 if (wait_peer && !ossl_quic_channel_is_term_any(ctx.qc->ch)) { 1554 if (!no_block && qctx_blocking(&ctx)) { 1555 ret = block_until_pred(&ctx, quic_shutdown_peer_wait, ctx.qc, 0); 1556 if (ret < 1) { 1557 ret = 0; 1558 goto err; 1559 } 1560 } else { 1561 qctx_maybe_autotick(&ctx); 1562 } 1563 1564 if (!ossl_quic_channel_is_term_any(ctx.qc->ch)) { 1565 ret = 0; /* peer hasn't closed yet - still not done */ 1566 goto err; 1567 } 1568 1569 /* 1570 * We are at least terminating - go through the normal process of 1571 * waiting until we are in the TERMINATED state. 1572 */ 1573 } 1574 1575 /* Block mutation ops regardless of if we did stream flush. */ 1576 ctx.qc->shutting_down = 1; 1577 1578 /* 1579 * This call is a no-op if we are already terminating, so it doesn't 1580 * affect the wait_peer case. 1581 */ 1582 ossl_quic_channel_local_close(ctx.qc->ch, 1583 args != NULL ? args->quic_error_code : 0, 1584 args != NULL ? args->quic_reason : NULL); 1585 1586 SSL_set_shutdown(ctx.qc->tls, SSL_SENT_SHUTDOWN); 1587 1588 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) { 1589 qctx_unlock(&ctx); 1590 return 1; 1591 } 1592 1593 /* Phase 3: Terminating Wait Time */ 1594 if (!no_block && qctx_blocking(&ctx) 1595 && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0) { 1596 ret = block_until_pred(&ctx, quic_shutdown_wait, ctx.qc, 0); 1597 if (ret < 1) { 1598 ret = 0; 1599 goto err; 1600 } 1601 } else { 1602 qctx_maybe_autotick(&ctx); 1603 } 1604 1605 ret = ossl_quic_channel_is_terminated(ctx.qc->ch); 1606 err: 1607 qctx_unlock(&ctx); 1608 return ret; 1609 } 1610 1611 /* SSL_ctrl */ 1612 long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg) 1613 { 1614 QCTX ctx; 1615 1616 if (!expect_quic_csl(s, &ctx)) 1617 return 0; 1618 1619 switch (cmd) { 1620 case SSL_CTRL_MODE: 1621 if (ctx.is_listener) 1622 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL); 1623 1624 /* If called on a QCSO, update the default mode. */ 1625 if (!ctx.is_stream) 1626 ctx.qc->default_ssl_mode |= (uint32_t)larg; 1627 1628 /* 1629 * If we were called on a QSSO or have a default stream, we also update 1630 * that. 1631 */ 1632 if (ctx.xso != NULL) { 1633 /* Cannot enable EPW while AON write in progress. */ 1634 if (ctx.xso->aon_write_in_progress) 1635 larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE; 1636 1637 ctx.xso->ssl_mode |= (uint32_t)larg; 1638 return ctx.xso->ssl_mode; 1639 } 1640 1641 return ctx.qc->default_ssl_mode; 1642 case SSL_CTRL_CLEAR_MODE: 1643 if (ctx.is_listener) 1644 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL); 1645 1646 if (!ctx.is_stream) 1647 ctx.qc->default_ssl_mode &= ~(uint32_t)larg; 1648 1649 if (ctx.xso != NULL) { 1650 ctx.xso->ssl_mode &= ~(uint32_t)larg; 1651 return ctx.xso->ssl_mode; 1652 } 1653 1654 return ctx.qc->default_ssl_mode; 1655 1656 case SSL_CTRL_SET_MSG_CALLBACK_ARG: 1657 if (ctx.is_listener) 1658 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL); 1659 1660 ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg); 1661 /* This ctrl also needs to be passed to the internal SSL object */ 1662 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg); 1663 1664 case DTLS_CTRL_GET_TIMEOUT: /* DTLSv1_get_timeout */ 1665 { 1666 int is_infinite; 1667 1668 if (!ossl_quic_get_event_timeout(s, parg, &is_infinite)) 1669 return 0; 1670 1671 return !is_infinite; 1672 } 1673 case DTLS_CTRL_HANDLE_TIMEOUT: /* DTLSv1_handle_timeout */ 1674 /* For legacy compatibility with DTLS calls. */ 1675 return ossl_quic_handle_events(s) == 1 ? 1 : -1; 1676 1677 /* Mask ctrls we shouldn't support for QUIC. */ 1678 case SSL_CTRL_GET_READ_AHEAD: 1679 case SSL_CTRL_SET_READ_AHEAD: 1680 case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 1681 case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT: 1682 case SSL_CTRL_SET_MAX_PIPELINES: 1683 return 0; 1684 1685 default: 1686 /* 1687 * Probably a TLS related ctrl. Send back to the frontend SSL_ctrl 1688 * implementation. Either SSL_ctrl will handle it itself by direct 1689 * access into handshake layer state, or failing that, it will be passed 1690 * to the handshake layer via the SSL_METHOD vtable. If the ctrl is not 1691 * supported by anything, the handshake layer's ctrl method will finally 1692 * return 0. 1693 */ 1694 if (ctx.is_listener) 1695 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL); 1696 1697 return ossl_ctrl_internal(&ctx.qc->obj.ssl, cmd, larg, parg, /*no_quic=*/1); 1698 } 1699 } 1700 1701 /* SSL_set_connect_state */ 1702 int ossl_quic_set_connect_state(SSL *s, int raiseerrs) 1703 { 1704 QCTX ctx; 1705 1706 if (!is_quic_c(s, &ctx, raiseerrs)) 1707 return 0; 1708 1709 if (ctx.qc->as_server_state == 0) 1710 return 1; 1711 1712 /* Cannot be changed after handshake started */ 1713 if (ctx.qc->started) { 1714 if (raiseerrs) 1715 QUIC_RAISE_NON_NORMAL_ERROR(NULL, SSL_R_INVALID_COMMAND, NULL); 1716 return 0; 1717 } 1718 1719 ctx.qc->as_server_state = 0; 1720 return 1; 1721 } 1722 1723 /* SSL_set_accept_state */ 1724 int ossl_quic_set_accept_state(SSL *s, int raiseerrs) 1725 { 1726 QCTX ctx; 1727 1728 if (!is_quic_c(s, &ctx, raiseerrs)) 1729 return 0; 1730 1731 if (ctx.qc->as_server_state == 1) 1732 return 1; 1733 1734 /* Cannot be changed after handshake started */ 1735 if (ctx.qc->started) { 1736 if (raiseerrs) 1737 QUIC_RAISE_NON_NORMAL_ERROR(NULL, SSL_R_INVALID_COMMAND, NULL); 1738 return 0; 1739 } 1740 1741 ctx.qc->as_server_state = 1; 1742 return 1; 1743 } 1744 1745 /* SSL_do_handshake */ 1746 struct quic_handshake_wait_args { 1747 QUIC_CONNECTION *qc; 1748 }; 1749 1750 static int tls_wants_non_io_retry(QUIC_CONNECTION *qc) 1751 { 1752 int want = SSL_want(qc->tls); 1753 1754 if (want == SSL_X509_LOOKUP 1755 || want == SSL_CLIENT_HELLO_CB 1756 || want == SSL_RETRY_VERIFY) 1757 return 1; 1758 1759 return 0; 1760 } 1761 1762 static int quic_handshake_wait(void *arg) 1763 { 1764 struct quic_handshake_wait_args *args = arg; 1765 1766 if (!quic_mutation_allowed(args->qc, /*req_active=*/1)) 1767 return -1; 1768 1769 if (ossl_quic_channel_is_handshake_complete(args->qc->ch)) 1770 return 1; 1771 1772 if (tls_wants_non_io_retry(args->qc)) 1773 return 1; 1774 1775 return 0; 1776 } 1777 1778 static int configure_channel(QUIC_CONNECTION *qc) 1779 { 1780 assert(qc->ch != NULL); 1781 1782 if (!ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr)) 1783 return 0; 1784 1785 return 1; 1786 } 1787 1788 static int need_notifier_for_domain_flags(uint64_t domain_flags) 1789 { 1790 return (domain_flags & SSL_DOMAIN_FLAG_THREAD_ASSISTED) != 0 1791 || ((domain_flags & SSL_DOMAIN_FLAG_MULTI_THREAD) != 0 1792 && (domain_flags & SSL_DOMAIN_FLAG_BLOCKING) != 0); 1793 } 1794 1795 QUIC_NEEDS_LOCK 1796 static int create_channel(QUIC_CONNECTION *qc, SSL_CTX *ctx) 1797 { 1798 QUIC_ENGINE_ARGS engine_args = {0}; 1799 QUIC_PORT_ARGS port_args = {0}; 1800 1801 engine_args.libctx = ctx->libctx; 1802 engine_args.propq = ctx->propq; 1803 #if defined(OPENSSL_THREADS) 1804 engine_args.mutex = qc->mutex; 1805 #endif 1806 1807 if (need_notifier_for_domain_flags(ctx->domain_flags)) 1808 engine_args.reactor_flags |= QUIC_REACTOR_FLAG_USE_NOTIFIER; 1809 1810 qc->engine = ossl_quic_engine_new(&engine_args); 1811 if (qc->engine == NULL) { 1812 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 1813 return 0; 1814 } 1815 1816 port_args.channel_ctx = ctx; 1817 qc->port = ossl_quic_engine_create_port(qc->engine, &port_args); 1818 if (qc->port == NULL) { 1819 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 1820 ossl_quic_engine_free(qc->engine); 1821 return 0; 1822 } 1823 1824 qc->ch = ossl_quic_port_create_outgoing(qc->port, qc->tls); 1825 if (qc->ch == NULL) { 1826 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 1827 ossl_quic_port_free(qc->port); 1828 ossl_quic_engine_free(qc->engine); 1829 return 0; 1830 } 1831 1832 return 1; 1833 } 1834 1835 /* 1836 * Configures a channel with the information we have accumulated via calls made 1837 * to us from the application prior to starting a handshake attempt. 1838 */ 1839 QUIC_NEEDS_LOCK 1840 static int ensure_channel_started(QCTX *ctx) 1841 { 1842 QUIC_CONNECTION *qc = ctx->qc; 1843 1844 if (!qc->started) { 1845 if (!configure_channel(qc)) { 1846 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, 1847 "failed to configure channel"); 1848 return 0; 1849 } 1850 1851 if (!ossl_quic_channel_start(qc->ch)) { 1852 ossl_quic_channel_restore_err_state(qc->ch); 1853 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, 1854 "failed to start channel"); 1855 return 0; 1856 } 1857 1858 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST) 1859 if (qc->is_thread_assisted) 1860 if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch)) { 1861 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, 1862 "failed to start assist thread"); 1863 return 0; 1864 } 1865 #endif 1866 } 1867 1868 qc->started = 1; 1869 return 1; 1870 } 1871 1872 QUIC_NEEDS_LOCK 1873 static int quic_do_handshake(QCTX *ctx) 1874 { 1875 int ret; 1876 QUIC_CONNECTION *qc = ctx->qc; 1877 QUIC_PORT *port; 1878 BIO *net_rbio, *net_wbio; 1879 1880 if (ossl_quic_channel_is_handshake_complete(qc->ch)) 1881 /* Handshake already completed. */ 1882 return 1; 1883 1884 if (!quic_mutation_allowed(qc, /*req_active=*/0)) 1885 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 1886 1887 if (qc->as_server != qc->as_server_state) { 1888 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL); 1889 return -1; /* Non-protocol error */ 1890 } 1891 1892 port = ossl_quic_obj_get0_port(ctx->obj); 1893 net_rbio = ossl_quic_port_get_net_rbio(port); 1894 net_wbio = ossl_quic_port_get_net_wbio(port); 1895 if (net_rbio == NULL || net_wbio == NULL) { 1896 /* Need read and write BIOs. */ 1897 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BIO_NOT_SET, NULL); 1898 return -1; /* Non-protocol error */ 1899 } 1900 1901 if (!qc->started && ossl_quic_port_is_addressed_w(port) 1902 && BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) { 1903 /* 1904 * We are trying to connect and are using addressed mode, which means we 1905 * need an initial peer address; if we do not have a peer address yet, 1906 * we should try to autodetect one. 1907 * 1908 * We do this as late as possible because some BIOs (e.g. BIO_s_connect) 1909 * may not be able to provide us with a peer address until they have 1910 * finished their own processing. They may not be able to perform this 1911 * processing until an application has finished configuring that BIO 1912 * (e.g. with setter calls), which might happen after SSL_set_bio is 1913 * called. 1914 */ 1915 if (!csm_analyse_init_peer_addr(net_wbio, &qc->init_peer_addr)) 1916 /* best effort */ 1917 BIO_ADDR_clear(&qc->init_peer_addr); 1918 else 1919 ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr); 1920 } 1921 1922 if (!qc->started 1923 && ossl_quic_port_is_addressed_w(port) 1924 && BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) { 1925 /* 1926 * If we still don't have a peer address in addressed mode, we can't do 1927 * anything. 1928 */ 1929 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL); 1930 return -1; /* Non-protocol error */ 1931 } 1932 1933 /* 1934 * Start connection process. Note we may come here multiple times in 1935 * non-blocking mode, which is fine. 1936 */ 1937 if (!ensure_channel_started(ctx)) /* raises on failure */ 1938 return -1; /* Non-protocol error */ 1939 1940 if (ossl_quic_channel_is_handshake_complete(qc->ch)) 1941 /* The handshake is now done. */ 1942 return 1; 1943 1944 if (!qctx_blocking(ctx)) { 1945 /* Try to advance the reactor. */ 1946 qctx_maybe_autotick(ctx); 1947 1948 if (ossl_quic_channel_is_handshake_complete(qc->ch)) 1949 /* The handshake is now done. */ 1950 return 1; 1951 1952 if (ossl_quic_channel_is_term_any(qc->ch)) { 1953 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 1954 return 0; 1955 } else if (ossl_quic_obj_desires_blocking(&qc->obj)) { 1956 /* 1957 * As a special case when doing a handshake when blocking mode is 1958 * desired yet not available, see if the network BIOs have become 1959 * poll descriptor-enabled. This supports BIOs such as BIO_s_connect 1960 * which do late creation of socket FDs and therefore cannot expose 1961 * a poll descriptor until after a network BIO is set on the QCSO. 1962 */ 1963 ossl_quic_engine_update_poll_descriptors(qc->obj.engine, /*force=*/1); 1964 } 1965 } 1966 1967 /* 1968 * We are either in blocking mode or just entered it due to the code above. 1969 */ 1970 if (qctx_blocking(ctx)) { 1971 /* In blocking mode, wait for the handshake to complete. */ 1972 struct quic_handshake_wait_args args; 1973 1974 args.qc = qc; 1975 1976 ret = block_until_pred(ctx, quic_handshake_wait, &args, 0); 1977 if (!quic_mutation_allowed(qc, /*req_active=*/1)) { 1978 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 1979 return 0; /* Shutdown before completion */ 1980 } else if (ret <= 0) { 1981 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 1982 return -1; /* Non-protocol error */ 1983 } 1984 1985 if (tls_wants_non_io_retry(qc)) { 1986 QUIC_RAISE_NORMAL_ERROR(ctx, SSL_get_error(qc->tls, 0)); 1987 return -1; 1988 } 1989 1990 assert(ossl_quic_channel_is_handshake_complete(qc->ch)); 1991 return 1; 1992 } 1993 1994 if (tls_wants_non_io_retry(qc)) { 1995 QUIC_RAISE_NORMAL_ERROR(ctx, SSL_get_error(qc->tls, 0)); 1996 return -1; 1997 } 1998 1999 /* 2000 * Otherwise, indicate that the handshake isn't done yet. 2001 * We can only get here in non-blocking mode. 2002 */ 2003 QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ); 2004 return -1; /* Non-protocol error */ 2005 } 2006 2007 QUIC_TAKES_LOCK 2008 int ossl_quic_do_handshake(SSL *s) 2009 { 2010 int ret; 2011 QCTX ctx; 2012 2013 if (!expect_quic_cs(s, &ctx)) 2014 return 0; 2015 2016 qctx_lock_for_io(&ctx); 2017 2018 ret = quic_do_handshake(&ctx); 2019 qctx_unlock(&ctx); 2020 return ret; 2021 } 2022 2023 /* SSL_connect */ 2024 int ossl_quic_connect(SSL *s) 2025 { 2026 /* Ensure we are in connect state (no-op if non-idle). */ 2027 if (!ossl_quic_set_connect_state(s, 1)) 2028 return -1; 2029 2030 /* Begin or continue the handshake */ 2031 return ossl_quic_do_handshake(s); 2032 } 2033 2034 /* SSL_accept */ 2035 int ossl_quic_accept(SSL *s) 2036 { 2037 /* Ensure we are in accept state (no-op if non-idle). */ 2038 if (!ossl_quic_set_accept_state(s, 1)) 2039 return -1; 2040 2041 /* Begin or continue the handshake */ 2042 return ossl_quic_do_handshake(s); 2043 } 2044 2045 /* 2046 * QUIC Front-End I/O API: Stream Lifecycle Operations 2047 * =================================================== 2048 * 2049 * SSL_stream_new => ossl_quic_conn_stream_new 2050 * 2051 */ 2052 2053 /* 2054 * Try to create the default XSO if it doesn't already exist. Returns 1 if the 2055 * default XSO was created. Returns 0 if it was not (e.g. because it already 2056 * exists). Note that this is NOT an error condition. 2057 */ 2058 QUIC_NEEDS_LOCK 2059 static int qc_try_create_default_xso_for_write(QCTX *ctx) 2060 { 2061 uint64_t flags = 0; 2062 QUIC_CONNECTION *qc = ctx->qc; 2063 2064 if (qc->default_xso_created 2065 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE) 2066 /* 2067 * We only do this once. If the user detaches a previously created 2068 * default XSO we don't auto-create another one. 2069 */ 2070 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL); 2071 2072 /* Create a locally-initiated stream. */ 2073 if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI) 2074 flags |= SSL_STREAM_FLAG_UNI; 2075 2076 qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(ctx, flags, 2077 /*needs_lock=*/0), 2078 /*touch=*/0); 2079 if (qc->default_xso == NULL) 2080 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2081 2082 qc_touch_default_xso(qc); 2083 return 1; 2084 } 2085 2086 struct quic_wait_for_stream_args { 2087 QUIC_CONNECTION *qc; 2088 QUIC_STREAM *qs; 2089 QCTX *ctx; 2090 uint64_t expect_id; 2091 }; 2092 2093 QUIC_NEEDS_LOCK 2094 static int quic_wait_for_stream(void *arg) 2095 { 2096 struct quic_wait_for_stream_args *args = arg; 2097 2098 if (!quic_mutation_allowed(args->qc, /*req_active=*/1)) { 2099 /* If connection is torn down due to an error while blocking, stop. */ 2100 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 2101 return -1; 2102 } 2103 2104 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch), 2105 args->expect_id | QUIC_STREAM_DIR_BIDI); 2106 if (args->qs == NULL) 2107 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch), 2108 args->expect_id | QUIC_STREAM_DIR_UNI); 2109 2110 if (args->qs != NULL) 2111 return 1; /* stream now exists */ 2112 2113 return 0; /* did not get a stream, keep trying */ 2114 } 2115 2116 QUIC_NEEDS_LOCK 2117 static int qc_wait_for_default_xso_for_read(QCTX *ctx, int peek) 2118 { 2119 /* Called on a QCSO and we don't currently have a default stream. */ 2120 uint64_t expect_id; 2121 QUIC_CONNECTION *qc = ctx->qc; 2122 QUIC_STREAM *qs; 2123 int res; 2124 struct quic_wait_for_stream_args wargs; 2125 OSSL_RTT_INFO rtt_info; 2126 2127 /* 2128 * If default stream functionality is disabled or we already detached 2129 * one, don't make another default stream and just fail. 2130 */ 2131 if (qc->default_xso_created 2132 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE) 2133 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL); 2134 2135 /* 2136 * The peer may have opened a stream since we last ticked. So tick and 2137 * see if the stream with ordinal 0 (remote, bidi/uni based on stream 2138 * mode) exists yet. QUIC stream IDs must be allocated in order, so the 2139 * first stream created by a peer must have an ordinal of 0. 2140 */ 2141 expect_id = qc->as_server 2142 ? QUIC_STREAM_INITIATOR_CLIENT 2143 : QUIC_STREAM_INITIATOR_SERVER; 2144 2145 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch), 2146 expect_id | QUIC_STREAM_DIR_BIDI); 2147 if (qs == NULL) 2148 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch), 2149 expect_id | QUIC_STREAM_DIR_UNI); 2150 2151 if (qs == NULL) { 2152 qctx_maybe_autotick(ctx); 2153 2154 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch), 2155 expect_id); 2156 } 2157 2158 if (qs == NULL) { 2159 if (peek) 2160 return 0; 2161 2162 if (ossl_quic_channel_is_term_any(qc->ch)) { 2163 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 2164 } else if (!qctx_blocking(ctx)) { 2165 /* Non-blocking mode, so just bail immediately. */ 2166 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ); 2167 } 2168 2169 /* Block until we have a stream. */ 2170 wargs.qc = qc; 2171 wargs.qs = NULL; 2172 wargs.ctx = ctx; 2173 wargs.expect_id = expect_id; 2174 2175 res = block_until_pred(ctx, quic_wait_for_stream, &wargs, 0); 2176 if (res == 0) 2177 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2178 else if (res < 0 || wargs.qs == NULL) 2179 /* quic_wait_for_stream raised error here */ 2180 return 0; 2181 2182 qs = wargs.qs; 2183 } 2184 2185 /* 2186 * We now have qs != NULL. Remove it from the incoming stream queue so that 2187 * it isn't also returned by any future SSL_accept_stream calls. 2188 */ 2189 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info); 2190 ossl_quic_stream_map_remove_from_accept_queue(ossl_quic_channel_get_qsm(qc->ch), 2191 qs, rtt_info.smoothed_rtt); 2192 2193 /* 2194 * Now make qs the default stream, creating the necessary XSO. 2195 */ 2196 qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0); 2197 if (qc->default_xso == NULL) 2198 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2199 2200 qc_touch_default_xso(qc); /* inhibits default XSO */ 2201 return 1; 2202 } 2203 2204 QUIC_NEEDS_LOCK 2205 static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs) 2206 { 2207 QUIC_XSO *xso = NULL; 2208 2209 if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL) { 2210 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 2211 goto err; 2212 } 2213 2214 if (!ossl_quic_obj_init(&xso->obj, qc->obj.ssl.ctx, SSL_TYPE_QUIC_XSO, 2215 &qc->obj.ssl, NULL, NULL)) { 2216 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 2217 goto err; 2218 } 2219 2220 /* XSO refs QC */ 2221 if (!SSL_up_ref(&qc->obj.ssl)) { 2222 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SSL_LIB, NULL); 2223 goto err; 2224 } 2225 2226 xso->conn = qc; 2227 xso->ssl_mode = qc->default_ssl_mode; 2228 xso->ssl_options 2229 = qc->default_ssl_options & OSSL_QUIC_PERMITTED_OPTIONS_STREAM; 2230 xso->last_error = SSL_ERROR_NONE; 2231 2232 xso->stream = qs; 2233 2234 ++qc->num_xso; 2235 xso_update_options(xso); 2236 return xso; 2237 2238 err: 2239 OPENSSL_free(xso); 2240 return NULL; 2241 } 2242 2243 struct quic_new_stream_wait_args { 2244 QUIC_CONNECTION *qc; 2245 int is_uni; 2246 }; 2247 2248 static int quic_new_stream_wait(void *arg) 2249 { 2250 struct quic_new_stream_wait_args *args = arg; 2251 QUIC_CONNECTION *qc = args->qc; 2252 2253 if (!quic_mutation_allowed(qc, /*req_active=*/1)) 2254 return -1; 2255 2256 if (ossl_quic_channel_is_new_local_stream_admissible(qc->ch, args->is_uni)) 2257 return 1; 2258 2259 return 0; 2260 } 2261 2262 /* locking depends on need_lock */ 2263 static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock) 2264 { 2265 int ret; 2266 QUIC_CONNECTION *qc = ctx->qc; 2267 QUIC_XSO *xso = NULL; 2268 QUIC_STREAM *qs = NULL; 2269 int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0); 2270 int no_blocking = ((flags & SSL_STREAM_FLAG_NO_BLOCK) != 0); 2271 int advance = ((flags & SSL_STREAM_FLAG_ADVANCE) != 0); 2272 2273 if (need_lock) 2274 qctx_lock(ctx); 2275 2276 if (!quic_mutation_allowed(qc, /*req_active=*/0)) { 2277 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 2278 goto err; 2279 } 2280 2281 if (!advance 2282 && !ossl_quic_channel_is_new_local_stream_admissible(qc->ch, is_uni)) { 2283 struct quic_new_stream_wait_args args; 2284 2285 /* 2286 * Stream count flow control currently doesn't permit this stream to be 2287 * opened. 2288 */ 2289 if (no_blocking || !qctx_blocking(ctx)) { 2290 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_STREAM_COUNT_LIMITED, NULL); 2291 goto err; 2292 } 2293 2294 args.qc = qc; 2295 args.is_uni = is_uni; 2296 2297 /* Blocking mode - wait until we can get a stream. */ 2298 ret = block_until_pred(ctx, quic_new_stream_wait, &args, 0); 2299 if (!quic_mutation_allowed(qc, /*req_active=*/1)) { 2300 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 2301 goto err; /* Shutdown before completion */ 2302 } else if (ret <= 0) { 2303 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2304 goto err; /* Non-protocol error */ 2305 } 2306 } 2307 2308 qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni); 2309 if (qs == NULL) { 2310 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2311 goto err; 2312 } 2313 2314 xso = create_xso_from_stream(qc, qs); 2315 if (xso == NULL) 2316 goto err; 2317 2318 qc_touch_default_xso(qc); /* inhibits default XSO */ 2319 if (need_lock) 2320 qctx_unlock(ctx); 2321 2322 return &xso->obj.ssl; 2323 2324 err: 2325 OPENSSL_free(xso); 2326 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs); 2327 if (need_lock) 2328 qctx_unlock(ctx); 2329 2330 return NULL; 2331 2332 } 2333 2334 QUIC_TAKES_LOCK 2335 SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags) 2336 { 2337 QCTX ctx; 2338 2339 if (!expect_quic_conn_only(s, &ctx)) 2340 return NULL; 2341 2342 return quic_conn_stream_new(&ctx, flags, /*need_lock=*/1); 2343 } 2344 2345 /* 2346 * QUIC Front-End I/O API: Steady-State Operations 2347 * =============================================== 2348 * 2349 * Here we dispatch calls to the steady-state front-end I/O API functions; that 2350 * is, the functions used during the established phase of a QUIC connection 2351 * (e.g. SSL_read, SSL_write). 2352 * 2353 * Each function must handle both blocking and non-blocking modes. As discussed 2354 * above, all QUIC I/O is implemented using non-blocking mode internally. 2355 * 2356 * SSL_get_error => partially implemented by ossl_quic_get_error 2357 * SSL_want => ossl_quic_want 2358 * (BIO/)SSL_read => ossl_quic_read 2359 * (BIO/)SSL_write => ossl_quic_write 2360 * SSL_pending => ossl_quic_pending 2361 * SSL_stream_conclude => ossl_quic_conn_stream_conclude 2362 * SSL_key_update => ossl_quic_key_update 2363 */ 2364 2365 /* SSL_get_error */ 2366 int ossl_quic_get_error(const SSL *s, int i) 2367 { 2368 QCTX ctx; 2369 int net_error, last_error; 2370 2371 /* SSL_get_errors() should not raise new errors */ 2372 if (!is_quic_cs(s, &ctx, 0 /* suppress errors */)) 2373 return SSL_ERROR_SSL; 2374 2375 qctx_lock(&ctx); 2376 net_error = ossl_quic_channel_net_error(ctx.qc->ch); 2377 last_error = ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error; 2378 qctx_unlock(&ctx); 2379 2380 if (net_error) 2381 return SSL_ERROR_SYSCALL; 2382 2383 return last_error; 2384 } 2385 2386 /* Converts a code returned by SSL_get_error to a code returned by SSL_want. */ 2387 static int error_to_want(int error) 2388 { 2389 switch (error) { 2390 case SSL_ERROR_WANT_CONNECT: /* never used - UDP is connectionless */ 2391 case SSL_ERROR_WANT_ACCEPT: /* never used - UDP is connectionless */ 2392 case SSL_ERROR_ZERO_RETURN: 2393 default: 2394 return SSL_NOTHING; 2395 2396 case SSL_ERROR_WANT_READ: 2397 return SSL_READING; 2398 2399 case SSL_ERROR_WANT_WRITE: 2400 return SSL_WRITING; 2401 2402 case SSL_ERROR_WANT_RETRY_VERIFY: 2403 return SSL_RETRY_VERIFY; 2404 2405 case SSL_ERROR_WANT_CLIENT_HELLO_CB: 2406 return SSL_CLIENT_HELLO_CB; 2407 2408 case SSL_ERROR_WANT_X509_LOOKUP: 2409 return SSL_X509_LOOKUP; 2410 } 2411 } 2412 2413 /* SSL_want */ 2414 int ossl_quic_want(const SSL *s) 2415 { 2416 QCTX ctx; 2417 int w; 2418 2419 if (!expect_quic_cs(s, &ctx)) 2420 return SSL_NOTHING; 2421 2422 qctx_lock(&ctx); 2423 2424 w = error_to_want(ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error); 2425 2426 qctx_unlock(&ctx); 2427 return w; 2428 } 2429 2430 /* 2431 * SSL_write 2432 * --------- 2433 * 2434 * The set of functions below provide the implementation of the public SSL_write 2435 * function. We must handle: 2436 * 2437 * - both blocking and non-blocking operation at the application level, 2438 * depending on how we are configured; 2439 * 2440 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off; 2441 * 2442 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER. 2443 * 2444 */ 2445 QUIC_NEEDS_LOCK 2446 static void quic_post_write(QUIC_XSO *xso, int did_append, 2447 int did_append_all, uint64_t flags, 2448 int do_tick) 2449 { 2450 /* 2451 * We have appended at least one byte to the stream. 2452 * Potentially mark stream as active, depending on FC. 2453 */ 2454 if (did_append) 2455 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch), 2456 xso->stream); 2457 2458 if (did_append_all && (flags & SSL_WRITE_FLAG_CONCLUDE) != 0) 2459 ossl_quic_sstream_fin(xso->stream->sstream); 2460 2461 /* 2462 * Try and send. 2463 * 2464 * TODO(QUIC FUTURE): It is probably inefficient to try and do this 2465 * immediately, plus we should eventually consider Nagle's algorithm. 2466 */ 2467 if (do_tick) 2468 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0); 2469 } 2470 2471 struct quic_write_again_args { 2472 QUIC_XSO *xso; 2473 const unsigned char *buf; 2474 size_t len; 2475 size_t total_written; 2476 int err; 2477 uint64_t flags; 2478 }; 2479 2480 /* 2481 * Absolute maximum write buffer size, enforced to prevent a rogue peer from 2482 * deliberately inducing DoS. This has been chosen based on the optimal buffer 2483 * size for an RTT of 500ms and a bandwidth of 100 Mb/s. 2484 */ 2485 #define MAX_WRITE_BUF_SIZE (6 * 1024 * 1024) 2486 2487 /* 2488 * Ensure spare buffer space available (up until a limit, at least). 2489 */ 2490 QUIC_NEEDS_LOCK 2491 static int sstream_ensure_spare(QUIC_SSTREAM *sstream, uint64_t spare) 2492 { 2493 size_t cur_sz = ossl_quic_sstream_get_buffer_size(sstream); 2494 size_t avail = ossl_quic_sstream_get_buffer_avail(sstream); 2495 size_t spare_ = (spare > SIZE_MAX) ? SIZE_MAX : (size_t)spare; 2496 size_t new_sz, growth; 2497 2498 if (spare_ <= avail || cur_sz == MAX_WRITE_BUF_SIZE) 2499 return 1; 2500 2501 growth = spare_ - avail; 2502 if (cur_sz + growth > MAX_WRITE_BUF_SIZE) 2503 new_sz = MAX_WRITE_BUF_SIZE; 2504 else 2505 new_sz = cur_sz + growth; 2506 2507 return ossl_quic_sstream_set_buffer_size(sstream, new_sz); 2508 } 2509 2510 /* 2511 * Append to a QUIC_STREAM's QUIC_SSTREAM, ensuring buffer space is expanded 2512 * as needed according to flow control. 2513 */ 2514 QUIC_NEEDS_LOCK 2515 static int xso_sstream_append(QUIC_XSO *xso, const unsigned char *buf, 2516 size_t len, size_t *actual_written) 2517 { 2518 QUIC_SSTREAM *sstream = xso->stream->sstream; 2519 uint64_t cur = ossl_quic_sstream_get_cur_size(sstream); 2520 uint64_t cwm = ossl_quic_txfc_get_cwm(&xso->stream->txfc); 2521 uint64_t permitted = (cwm >= cur ? cwm - cur : 0); 2522 2523 if (len > permitted) 2524 len = (size_t)permitted; 2525 2526 if (!sstream_ensure_spare(sstream, len)) 2527 return 0; 2528 2529 return ossl_quic_sstream_append(sstream, buf, len, actual_written); 2530 } 2531 2532 QUIC_NEEDS_LOCK 2533 static int quic_write_again(void *arg) 2534 { 2535 struct quic_write_again_args *args = arg; 2536 size_t actual_written = 0; 2537 2538 if (!quic_mutation_allowed(args->xso->conn, /*req_active=*/1)) 2539 /* If connection is torn down due to an error while blocking, stop. */ 2540 return -2; 2541 2542 if (!quic_validate_for_write(args->xso, &args->err)) 2543 /* 2544 * Stream may have become invalid for write due to connection events 2545 * while we blocked. 2546 */ 2547 return -2; 2548 2549 args->err = ERR_R_INTERNAL_ERROR; 2550 if (!xso_sstream_append(args->xso, args->buf, args->len, &actual_written)) 2551 return -2; 2552 2553 quic_post_write(args->xso, actual_written > 0, 2554 args->len == actual_written, args->flags, 0); 2555 2556 args->buf += actual_written; 2557 args->len -= actual_written; 2558 args->total_written += actual_written; 2559 2560 if (args->len == 0) 2561 /* Written everything, done. */ 2562 return 1; 2563 2564 /* Not written everything yet, keep trying. */ 2565 return 0; 2566 } 2567 2568 QUIC_NEEDS_LOCK 2569 static int quic_write_blocking(QCTX *ctx, const void *buf, size_t len, 2570 uint64_t flags, size_t *written) 2571 { 2572 int res; 2573 QUIC_XSO *xso = ctx->xso; 2574 struct quic_write_again_args args; 2575 size_t actual_written = 0; 2576 2577 /* First make a best effort to append as much of the data as possible. */ 2578 if (!xso_sstream_append(xso, buf, len, &actual_written)) { 2579 /* Stream already finished or allocation error. */ 2580 *written = 0; 2581 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2582 } 2583 2584 quic_post_write(xso, actual_written > 0, actual_written == len, flags, 1); 2585 2586 /* 2587 * Record however much data we wrote 2588 */ 2589 *written = actual_written; 2590 2591 if (actual_written == len) { 2592 /* Managed to append everything on the first try. */ 2593 return 1; 2594 } 2595 2596 /* 2597 * We did not manage to append all of the data immediately, so the stream 2598 * buffer has probably filled up. This means we need to block until some of 2599 * it is freed up. 2600 */ 2601 args.xso = xso; 2602 args.buf = (const unsigned char *)buf + actual_written; 2603 args.len = len - actual_written; 2604 args.total_written = 0; 2605 args.err = ERR_R_INTERNAL_ERROR; 2606 args.flags = flags; 2607 2608 res = block_until_pred(ctx, quic_write_again, &args, 0); 2609 if (res <= 0) { 2610 if (!quic_mutation_allowed(xso->conn, /*req_active=*/1)) 2611 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 2612 else 2613 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, args.err, NULL); 2614 } 2615 2616 /* 2617 * When waiting on extra buffer space to be available, args.total_written 2618 * holds the amount of remaining data we requested to write, which will be 2619 * something less than the len parameter passed in, however much we wrote 2620 * here, add it to the value that we wrote when we initially called 2621 * xso_sstream_append 2622 */ 2623 *written += args.total_written; 2624 return 1; 2625 } 2626 2627 /* 2628 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE) 2629 * write semantics. 2630 */ 2631 static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf, 2632 size_t buf_len, size_t already_sent) 2633 { 2634 assert(!xso->aon_write_in_progress); 2635 2636 xso->aon_write_in_progress = 1; 2637 xso->aon_buf_base = buf; 2638 xso->aon_buf_pos = already_sent; 2639 xso->aon_buf_len = buf_len; 2640 } 2641 2642 static void aon_write_finish(QUIC_XSO *xso) 2643 { 2644 xso->aon_write_in_progress = 0; 2645 xso->aon_buf_base = NULL; 2646 xso->aon_buf_pos = 0; 2647 xso->aon_buf_len = 0; 2648 } 2649 2650 QUIC_NEEDS_LOCK 2651 static int quic_write_nonblocking_aon(QCTX *ctx, const void *buf, 2652 size_t len, uint64_t flags, 2653 size_t *written) 2654 { 2655 QUIC_XSO *xso = ctx->xso; 2656 const void *actual_buf; 2657 size_t actual_len, actual_written = 0; 2658 int accept_moving_buffer 2659 = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0); 2660 2661 if (xso->aon_write_in_progress) { 2662 /* 2663 * We are in the middle of an AON write (i.e., a previous write did not 2664 * manage to append all data to the SSTREAM and we have Enable Partial 2665 * Write (EPW) mode disabled.) 2666 */ 2667 if ((!accept_moving_buffer && xso->aon_buf_base != buf) 2668 || len != xso->aon_buf_len) 2669 /* 2670 * Pointer must not have changed if we are not in accept moving 2671 * buffer mode. Length must never change. 2672 */ 2673 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BAD_WRITE_RETRY, NULL); 2674 2675 actual_buf = (unsigned char *)buf + xso->aon_buf_pos; 2676 actual_len = len - xso->aon_buf_pos; 2677 assert(actual_len > 0); 2678 } else { 2679 actual_buf = buf; 2680 actual_len = len; 2681 } 2682 2683 /* First make a best effort to append as much of the data as possible. */ 2684 if (!xso_sstream_append(xso, actual_buf, actual_len, &actual_written)) { 2685 /* Stream already finished or allocation error. */ 2686 *written = 0; 2687 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2688 } 2689 2690 quic_post_write(xso, actual_written > 0, actual_written == actual_len, 2691 flags, qctx_should_autotick(ctx)); 2692 2693 if (actual_written == actual_len) { 2694 /* We have sent everything. */ 2695 if (xso->aon_write_in_progress) { 2696 /* 2697 * We have sent everything, and we were in the middle of an AON 2698 * write. The output write length is the total length of the AON 2699 * buffer, not however many bytes we managed to write to the stream 2700 * in this call. 2701 */ 2702 *written = xso->aon_buf_len; 2703 aon_write_finish(xso); 2704 } else { 2705 *written = actual_written; 2706 } 2707 2708 return 1; 2709 } 2710 2711 if (xso->aon_write_in_progress) { 2712 /* 2713 * AON write is in progress but we have not written everything yet. We 2714 * may have managed to send zero bytes, or some number of bytes less 2715 * than the total remaining which need to be appended during this 2716 * AON operation. 2717 */ 2718 xso->aon_buf_pos += actual_written; 2719 assert(xso->aon_buf_pos < xso->aon_buf_len); 2720 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE); 2721 } 2722 2723 /* 2724 * Not in an existing AON operation but partial write is not enabled, so we 2725 * need to begin a new AON operation. However we needn't bother if we didn't 2726 * actually append anything. 2727 */ 2728 if (actual_written > 0) 2729 aon_write_begin(xso, buf, len, actual_written); 2730 2731 /* 2732 * AON - We do not publicly admit to having appended anything until AON 2733 * completes. 2734 */ 2735 *written = 0; 2736 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE); 2737 } 2738 2739 QUIC_NEEDS_LOCK 2740 static int quic_write_nonblocking_epw(QCTX *ctx, const void *buf, size_t len, 2741 uint64_t flags, size_t *written) 2742 { 2743 QUIC_XSO *xso = ctx->xso; 2744 2745 /* Simple best effort operation. */ 2746 if (!xso_sstream_append(xso, buf, len, written)) { 2747 /* Stream already finished or allocation error. */ 2748 *written = 0; 2749 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2750 } 2751 2752 quic_post_write(xso, *written > 0, *written == len, flags, 2753 qctx_should_autotick(ctx)); 2754 2755 if (*written == 0) 2756 /* SSL_write_ex returns 0 if it didn't write anything. */ 2757 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE); 2758 2759 return 1; 2760 } 2761 2762 QUIC_NEEDS_LOCK 2763 static int quic_validate_for_write(QUIC_XSO *xso, int *err) 2764 { 2765 QUIC_STREAM_MAP *qsm; 2766 2767 if (xso == NULL || xso->stream == NULL) { 2768 *err = ERR_R_INTERNAL_ERROR; 2769 return 0; 2770 } 2771 2772 switch (xso->stream->send_state) { 2773 default: 2774 case QUIC_SSTREAM_STATE_NONE: 2775 *err = SSL_R_STREAM_RECV_ONLY; 2776 return 0; 2777 2778 case QUIC_SSTREAM_STATE_READY: 2779 qsm = ossl_quic_channel_get_qsm(xso->conn->ch); 2780 2781 if (!ossl_quic_stream_map_ensure_send_part_id(qsm, xso->stream)) { 2782 *err = ERR_R_INTERNAL_ERROR; 2783 return 0; 2784 } 2785 2786 /* FALLTHROUGH */ 2787 case QUIC_SSTREAM_STATE_SEND: 2788 case QUIC_SSTREAM_STATE_DATA_SENT: 2789 if (ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL)) { 2790 *err = SSL_R_STREAM_FINISHED; 2791 return 0; 2792 } 2793 return 1; 2794 2795 case QUIC_SSTREAM_STATE_DATA_RECVD: 2796 *err = SSL_R_STREAM_FINISHED; 2797 return 0; 2798 2799 case QUIC_SSTREAM_STATE_RESET_SENT: 2800 case QUIC_SSTREAM_STATE_RESET_RECVD: 2801 *err = SSL_R_STREAM_RESET; 2802 return 0; 2803 } 2804 } 2805 2806 QUIC_TAKES_LOCK 2807 int ossl_quic_write_flags(SSL *s, const void *buf, size_t len, 2808 uint64_t flags, size_t *written) 2809 { 2810 int ret; 2811 QCTX ctx; 2812 int partial_write, err; 2813 2814 *written = 0; 2815 2816 if (len == 0) { 2817 /* Do not autocreate default XSO for zero-length writes. */ 2818 if (!expect_quic_cs(s, &ctx)) 2819 return 0; 2820 2821 qctx_lock_for_io(&ctx); 2822 } else { 2823 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/1, &ctx)) 2824 return 0; 2825 } 2826 2827 partial_write = ((ctx.xso != NULL) 2828 ? ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0) : 0); 2829 2830 if ((flags & ~SSL_WRITE_FLAG_CONCLUDE) != 0) { 2831 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_UNSUPPORTED_WRITE_FLAG, NULL); 2832 goto out; 2833 } 2834 2835 if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) { 2836 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 2837 goto out; 2838 } 2839 2840 /* 2841 * If we haven't finished the handshake, try to advance it. 2842 * We don't accept writes until the handshake is completed. 2843 */ 2844 if (quic_do_handshake(&ctx) < 1) { 2845 ret = 0; 2846 goto out; 2847 } 2848 2849 /* Ensure correct stream state, stream send part not concluded, etc. */ 2850 if (len > 0 && !quic_validate_for_write(ctx.xso, &err)) { 2851 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL); 2852 goto out; 2853 } 2854 2855 if (len == 0) { 2856 if ((flags & SSL_WRITE_FLAG_CONCLUDE) != 0) 2857 quic_post_write(ctx.xso, 0, 1, flags, 2858 qctx_should_autotick(&ctx)); 2859 2860 ret = 1; 2861 goto out; 2862 } 2863 2864 if (qctx_blocking(&ctx)) 2865 ret = quic_write_blocking(&ctx, buf, len, flags, written); 2866 else if (partial_write) 2867 ret = quic_write_nonblocking_epw(&ctx, buf, len, flags, written); 2868 else 2869 ret = quic_write_nonblocking_aon(&ctx, buf, len, flags, written); 2870 2871 out: 2872 qctx_unlock(&ctx); 2873 return ret; 2874 } 2875 2876 QUIC_TAKES_LOCK 2877 int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written) 2878 { 2879 return ossl_quic_write_flags(s, buf, len, 0, written); 2880 } 2881 2882 /* 2883 * SSL_read 2884 * -------- 2885 */ 2886 struct quic_read_again_args { 2887 QCTX *ctx; 2888 QUIC_STREAM *stream; 2889 void *buf; 2890 size_t len; 2891 size_t *bytes_read; 2892 int peek; 2893 }; 2894 2895 QUIC_NEEDS_LOCK 2896 static int quic_validate_for_read(QUIC_XSO *xso, int *err, int *eos) 2897 { 2898 QUIC_STREAM_MAP *qsm; 2899 2900 *eos = 0; 2901 2902 if (xso == NULL || xso->stream == NULL) { 2903 *err = ERR_R_INTERNAL_ERROR; 2904 return 0; 2905 } 2906 2907 switch (xso->stream->recv_state) { 2908 default: 2909 case QUIC_RSTREAM_STATE_NONE: 2910 *err = SSL_R_STREAM_SEND_ONLY; 2911 return 0; 2912 2913 case QUIC_RSTREAM_STATE_RECV: 2914 case QUIC_RSTREAM_STATE_SIZE_KNOWN: 2915 case QUIC_RSTREAM_STATE_DATA_RECVD: 2916 return 1; 2917 2918 case QUIC_RSTREAM_STATE_DATA_READ: 2919 *eos = 1; 2920 return 0; 2921 2922 case QUIC_RSTREAM_STATE_RESET_RECVD: 2923 qsm = ossl_quic_channel_get_qsm(xso->conn->ch); 2924 ossl_quic_stream_map_notify_app_read_reset_recv_part(qsm, xso->stream); 2925 2926 /* FALLTHROUGH */ 2927 case QUIC_RSTREAM_STATE_RESET_READ: 2928 *err = SSL_R_STREAM_RESET; 2929 return 0; 2930 } 2931 } 2932 2933 QUIC_NEEDS_LOCK 2934 static int quic_read_actual(QCTX *ctx, 2935 QUIC_STREAM *stream, 2936 void *buf, size_t buf_len, 2937 size_t *bytes_read, 2938 int peek) 2939 { 2940 int is_fin = 0, err, eos; 2941 QUIC_CONNECTION *qc = ctx->qc; 2942 2943 if (!quic_validate_for_read(ctx->xso, &err, &eos)) { 2944 if (eos) { 2945 ctx->xso->retired_fin = 1; 2946 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN); 2947 } else { 2948 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, err, NULL); 2949 } 2950 } 2951 2952 if (peek) { 2953 if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len, 2954 bytes_read, &is_fin)) 2955 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2956 2957 } else { 2958 if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len, 2959 bytes_read, &is_fin)) 2960 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2961 } 2962 2963 if (!peek) { 2964 if (*bytes_read > 0) { 2965 /* 2966 * We have read at least one byte from the stream. Inform stream-level 2967 * RXFC of the retirement of controlled bytes. Update the active stream 2968 * status (the RXFC may now want to emit a frame granting more credit to 2969 * the peer). 2970 */ 2971 OSSL_RTT_INFO rtt_info; 2972 2973 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info); 2974 2975 if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read, 2976 rtt_info.smoothed_rtt)) 2977 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL); 2978 } 2979 2980 if (is_fin && !peek) { 2981 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(ctx->qc->ch); 2982 2983 ossl_quic_stream_map_notify_totally_read(qsm, ctx->xso->stream); 2984 } 2985 2986 if (*bytes_read > 0) 2987 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch), 2988 stream); 2989 } 2990 2991 if (*bytes_read == 0 && is_fin) { 2992 ctx->xso->retired_fin = 1; 2993 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN); 2994 } 2995 2996 return 1; 2997 } 2998 2999 QUIC_NEEDS_LOCK 3000 static int quic_read_again(void *arg) 3001 { 3002 struct quic_read_again_args *args = arg; 3003 3004 if (!quic_mutation_allowed(args->ctx->qc, /*req_active=*/1)) { 3005 /* If connection is torn down due to an error while blocking, stop. */ 3006 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 3007 return -1; 3008 } 3009 3010 if (!quic_read_actual(args->ctx, args->stream, 3011 args->buf, args->len, args->bytes_read, 3012 args->peek)) 3013 return -1; 3014 3015 if (*args->bytes_read > 0) 3016 /* got at least one byte, the SSL_read op can finish now */ 3017 return 1; 3018 3019 return 0; /* did not read anything, keep trying */ 3020 } 3021 3022 QUIC_TAKES_LOCK 3023 static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek) 3024 { 3025 int ret, res; 3026 QCTX ctx; 3027 struct quic_read_again_args args; 3028 3029 *bytes_read = 0; 3030 3031 if (!expect_quic_cs(s, &ctx)) 3032 return 0; 3033 3034 qctx_lock_for_io(&ctx); 3035 3036 /* If we haven't finished the handshake, try to advance it. */ 3037 if (quic_do_handshake(&ctx) < 1) { 3038 ret = 0; /* ossl_quic_do_handshake raised error here */ 3039 goto out; 3040 } 3041 3042 if (ctx.xso == NULL) { 3043 /* 3044 * Called on a QCSO and we don't currently have a default stream. 3045 * 3046 * Wait until we get a stream initiated by the peer (blocking mode) or 3047 * fail if we don't have one yet (non-blocking mode). 3048 */ 3049 if (!qc_wait_for_default_xso_for_read(&ctx, /*peek=*/0)) { 3050 ret = 0; /* error already raised here */ 3051 goto out; 3052 } 3053 3054 ctx.xso = ctx.qc->default_xso; 3055 } 3056 3057 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) { 3058 ret = 0; /* quic_read_actual raised error here */ 3059 goto out; 3060 } 3061 3062 if (*bytes_read > 0) { 3063 /* 3064 * Even though we succeeded, tick the reactor here to ensure we are 3065 * handling other aspects of the QUIC connection. 3066 */ 3067 if (quic_mutation_allowed(ctx.qc, /*req_active=*/0)) 3068 qctx_maybe_autotick(&ctx); 3069 3070 ret = 1; 3071 } else if (!quic_mutation_allowed(ctx.qc, /*req_active=*/0)) { 3072 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 3073 goto out; 3074 } else if (qctx_blocking(&ctx)) { 3075 /* 3076 * We were not able to read anything immediately, so our stream 3077 * buffer is empty. This means we need to block until we get 3078 * at least one byte. 3079 */ 3080 args.ctx = &ctx; 3081 args.stream = ctx.xso->stream; 3082 args.buf = buf; 3083 args.len = len; 3084 args.bytes_read = bytes_read; 3085 args.peek = peek; 3086 3087 res = block_until_pred(&ctx, quic_read_again, &args, 0); 3088 if (res == 0) { 3089 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL); 3090 goto out; 3091 } else if (res < 0) { 3092 ret = 0; /* quic_read_again raised error here */ 3093 goto out; 3094 } 3095 3096 ret = 1; 3097 } else { 3098 /* 3099 * We did not get any bytes and are not in blocking mode. 3100 * Tick to see if this delivers any more. 3101 */ 3102 qctx_maybe_autotick(&ctx); 3103 3104 /* Try the read again. */ 3105 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) { 3106 ret = 0; /* quic_read_actual raised error here */ 3107 goto out; 3108 } 3109 3110 if (*bytes_read > 0) 3111 ret = 1; /* Succeeded this time. */ 3112 else 3113 ret = QUIC_RAISE_NORMAL_ERROR(&ctx, SSL_ERROR_WANT_READ); 3114 } 3115 3116 out: 3117 qctx_unlock(&ctx); 3118 return ret; 3119 } 3120 3121 int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read) 3122 { 3123 return quic_read(s, buf, len, bytes_read, 0); 3124 } 3125 3126 int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read) 3127 { 3128 return quic_read(s, buf, len, bytes_read, 1); 3129 } 3130 3131 /* 3132 * SSL_pending 3133 * ----------- 3134 */ 3135 3136 QUIC_TAKES_LOCK 3137 static size_t ossl_quic_pending_int(const SSL *s, int check_channel) 3138 { 3139 QCTX ctx; 3140 size_t avail = 0; 3141 3142 if (!expect_quic_cs(s, &ctx)) 3143 return 0; 3144 3145 qctx_lock(&ctx); 3146 3147 if (!ctx.qc->started) 3148 goto out; 3149 3150 if (ctx.xso == NULL) { 3151 /* No XSO yet, but there might be a default XSO eligible to be created. */ 3152 if (qc_wait_for_default_xso_for_read(&ctx, /*peek=*/1)) { 3153 ctx.xso = ctx.qc->default_xso; 3154 } else { 3155 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_NO_STREAM, NULL); 3156 goto out; 3157 } 3158 } 3159 3160 if (ctx.xso->stream == NULL) { 3161 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL); 3162 goto out; 3163 } 3164 3165 if (check_channel) 3166 avail = ossl_quic_stream_recv_pending(ctx.xso->stream, 3167 /*include_fin=*/1) 3168 || ossl_quic_channel_has_pending(ctx.qc->ch) 3169 || ossl_quic_channel_is_term_any(ctx.qc->ch); 3170 else 3171 avail = ossl_quic_stream_recv_pending(ctx.xso->stream, 3172 /*include_fin=*/0); 3173 3174 out: 3175 qctx_unlock(&ctx); 3176 return avail; 3177 } 3178 3179 size_t ossl_quic_pending(const SSL *s) 3180 { 3181 return ossl_quic_pending_int(s, /*check_channel=*/0); 3182 } 3183 3184 int ossl_quic_has_pending(const SSL *s) 3185 { 3186 /* Do we have app-side pending data or pending URXEs or RXEs? */ 3187 return ossl_quic_pending_int(s, /*check_channel=*/1) > 0; 3188 } 3189 3190 /* 3191 * SSL_stream_conclude 3192 * ------------------- 3193 */ 3194 QUIC_TAKES_LOCK 3195 int ossl_quic_conn_stream_conclude(SSL *s) 3196 { 3197 QCTX ctx; 3198 QUIC_STREAM *qs; 3199 int err; 3200 3201 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx)) 3202 return 0; 3203 3204 qs = ctx.xso->stream; 3205 3206 if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) { 3207 qctx_unlock(&ctx); 3208 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 3209 } 3210 3211 if (!quic_validate_for_write(ctx.xso, &err)) { 3212 qctx_unlock(&ctx); 3213 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL); 3214 } 3215 3216 if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) { 3217 qctx_unlock(&ctx); 3218 return 1; 3219 } 3220 3221 ossl_quic_sstream_fin(qs->sstream); 3222 quic_post_write(ctx.xso, 1, 0, 0, qctx_should_autotick(&ctx)); 3223 qctx_unlock(&ctx); 3224 return 1; 3225 } 3226 3227 /* 3228 * SSL_inject_net_dgram 3229 * -------------------- 3230 */ 3231 QUIC_TAKES_LOCK 3232 int SSL_inject_net_dgram(SSL *s, const unsigned char *buf, 3233 size_t buf_len, 3234 const BIO_ADDR *peer, 3235 const BIO_ADDR *local) 3236 { 3237 int ret = 0; 3238 QCTX ctx; 3239 QUIC_DEMUX *demux; 3240 QUIC_PORT *port; 3241 3242 if (!expect_quic_csl(s, &ctx)) 3243 return 0; 3244 3245 qctx_lock(&ctx); 3246 3247 port = ossl_quic_obj_get0_port(ctx.obj); 3248 if (port == NULL) { 3249 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL); 3250 goto err; 3251 } 3252 3253 demux = ossl_quic_port_get0_demux(port); 3254 ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local); 3255 3256 err: 3257 qctx_unlock(&ctx); 3258 return ret; 3259 } 3260 3261 /* 3262 * SSL_get0_connection 3263 * ------------------- 3264 */ 3265 SSL *ossl_quic_get0_connection(SSL *s) 3266 { 3267 QCTX ctx; 3268 3269 if (!expect_quic_cs(s, &ctx)) 3270 return NULL; 3271 3272 return &ctx.qc->obj.ssl; 3273 } 3274 3275 /* 3276 * SSL_get0_listener 3277 * ----------------- 3278 */ 3279 SSL *ossl_quic_get0_listener(SSL *s) 3280 { 3281 QCTX ctx; 3282 3283 if (!expect_quic_csl(s, &ctx)) 3284 return NULL; 3285 3286 return ctx.ql != NULL ? &ctx.ql->obj.ssl : NULL; 3287 } 3288 3289 /* 3290 * SSL_get0_domain 3291 * --------------- 3292 */ 3293 SSL *ossl_quic_get0_domain(SSL *s) 3294 { 3295 QCTX ctx; 3296 3297 if (!expect_quic_any(s, &ctx)) 3298 return NULL; 3299 3300 return ctx.qd != NULL ? &ctx.qd->obj.ssl : NULL; 3301 } 3302 3303 /* 3304 * SSL_get_domain_flags 3305 * -------------------- 3306 */ 3307 int ossl_quic_get_domain_flags(const SSL *ssl, uint64_t *domain_flags) 3308 { 3309 QCTX ctx; 3310 3311 if (!expect_quic_any(ssl, &ctx)) 3312 return 0; 3313 3314 if (domain_flags != NULL) 3315 *domain_flags = ctx.obj->domain_flags; 3316 3317 return 1; 3318 } 3319 3320 /* 3321 * SSL_get_stream_type 3322 * ------------------- 3323 */ 3324 int ossl_quic_get_stream_type(SSL *s) 3325 { 3326 QCTX ctx; 3327 3328 if (!expect_quic_cs(s, &ctx)) 3329 return SSL_STREAM_TYPE_BIDI; 3330 3331 if (ctx.xso == NULL) { 3332 /* 3333 * If deferred XSO creation has yet to occur, proceed according to the 3334 * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know 3335 * what kind of stream will be created yet, so return BIDI on the basis 3336 * that at this time, the client still has the option of calling 3337 * SSL_read() or SSL_write() first. 3338 */ 3339 if (ctx.qc->default_xso_created 3340 || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE) 3341 return SSL_STREAM_TYPE_NONE; 3342 else 3343 return SSL_STREAM_TYPE_BIDI; 3344 } 3345 3346 if (ossl_quic_stream_is_bidi(ctx.xso->stream)) 3347 return SSL_STREAM_TYPE_BIDI; 3348 3349 if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server) 3350 return SSL_STREAM_TYPE_READ; 3351 else 3352 return SSL_STREAM_TYPE_WRITE; 3353 } 3354 3355 /* 3356 * SSL_get_stream_id 3357 * ----------------- 3358 */ 3359 QUIC_TAKES_LOCK 3360 uint64_t ossl_quic_get_stream_id(SSL *s) 3361 { 3362 QCTX ctx; 3363 uint64_t id; 3364 3365 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx)) 3366 return UINT64_MAX; 3367 3368 id = ctx.xso->stream->id; 3369 qctx_unlock(&ctx); 3370 3371 return id; 3372 } 3373 3374 /* 3375 * SSL_is_stream_local 3376 * ------------------- 3377 */ 3378 QUIC_TAKES_LOCK 3379 int ossl_quic_is_stream_local(SSL *s) 3380 { 3381 QCTX ctx; 3382 int is_local; 3383 3384 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, /*io=*/0, &ctx)) 3385 return -1; 3386 3387 is_local = ossl_quic_stream_is_local_init(ctx.xso->stream); 3388 qctx_unlock(&ctx); 3389 3390 return is_local; 3391 } 3392 3393 /* 3394 * SSL_set_default_stream_mode 3395 * --------------------------- 3396 */ 3397 QUIC_TAKES_LOCK 3398 int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode) 3399 { 3400 QCTX ctx; 3401 3402 if (!expect_quic_conn_only(s, &ctx)) 3403 return 0; 3404 3405 qctx_lock(&ctx); 3406 3407 if (ctx.qc->default_xso_created) { 3408 qctx_unlock(&ctx); 3409 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, 3410 "too late to change default stream mode"); 3411 } 3412 3413 switch (mode) { 3414 case SSL_DEFAULT_STREAM_MODE_NONE: 3415 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI: 3416 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI: 3417 ctx.qc->default_stream_mode = mode; 3418 break; 3419 default: 3420 qctx_unlock(&ctx); 3421 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, 3422 "bad default stream type"); 3423 } 3424 3425 qctx_unlock(&ctx); 3426 return 1; 3427 } 3428 3429 /* 3430 * SSL_detach_stream 3431 * ----------------- 3432 */ 3433 QUIC_TAKES_LOCK 3434 SSL *ossl_quic_detach_stream(SSL *s) 3435 { 3436 QCTX ctx; 3437 QUIC_XSO *xso = NULL; 3438 3439 if (!expect_quic_conn_only(s, &ctx)) 3440 return NULL; 3441 3442 qctx_lock(&ctx); 3443 3444 /* Calling this function inhibits default XSO autocreation. */ 3445 /* QC ref to any default XSO is transferred to us and to caller. */ 3446 qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso); 3447 3448 qctx_unlock(&ctx); 3449 3450 return xso != NULL ? &xso->obj.ssl : NULL; 3451 } 3452 3453 /* 3454 * SSL_attach_stream 3455 * ----------------- 3456 */ 3457 QUIC_TAKES_LOCK 3458 int ossl_quic_attach_stream(SSL *conn, SSL *stream) 3459 { 3460 QCTX ctx; 3461 QUIC_XSO *xso; 3462 int nref; 3463 3464 if (!expect_quic_conn_only(conn, &ctx)) 3465 return 0; 3466 3467 if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO) 3468 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_NULL_PARAMETER, 3469 "stream to attach must be a valid QUIC stream"); 3470 3471 xso = (QUIC_XSO *)stream; 3472 3473 qctx_lock(&ctx); 3474 3475 if (ctx.qc->default_xso != NULL) { 3476 qctx_unlock(&ctx); 3477 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, 3478 "connection already has a default stream"); 3479 } 3480 3481 /* 3482 * It is a caller error for the XSO being attached as a default XSO to have 3483 * more than one ref. 3484 */ 3485 if (!CRYPTO_GET_REF(&xso->obj.ssl.references, &nref)) { 3486 qctx_unlock(&ctx); 3487 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, 3488 "ref"); 3489 } 3490 3491 if (nref != 1) { 3492 qctx_unlock(&ctx); 3493 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, 3494 "stream being attached must have " 3495 "only 1 reference"); 3496 } 3497 3498 /* Caller's reference to the XSO is transferred to us. */ 3499 /* Calling this function inhibits default XSO autocreation. */ 3500 qc_set_default_xso(ctx.qc, xso, /*touch=*/1); 3501 3502 qctx_unlock(&ctx); 3503 return 1; 3504 } 3505 3506 /* 3507 * SSL_set_incoming_stream_policy 3508 * ------------------------------ 3509 */ 3510 QUIC_NEEDS_LOCK 3511 static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc) 3512 { 3513 switch (qc->incoming_stream_policy) { 3514 case SSL_INCOMING_STREAM_POLICY_AUTO: 3515 if ((qc->default_xso == NULL && !qc->default_xso_created) 3516 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE) 3517 return SSL_INCOMING_STREAM_POLICY_ACCEPT; 3518 else 3519 return SSL_INCOMING_STREAM_POLICY_REJECT; 3520 3521 default: 3522 return qc->incoming_stream_policy; 3523 } 3524 } 3525 3526 QUIC_NEEDS_LOCK 3527 static void qc_update_reject_policy(QUIC_CONNECTION *qc) 3528 { 3529 int policy = qc_get_effective_incoming_stream_policy(qc); 3530 int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT); 3531 3532 ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch, 3533 enable_reject, 3534 qc->incoming_stream_aec); 3535 } 3536 3537 QUIC_TAKES_LOCK 3538 int ossl_quic_set_incoming_stream_policy(SSL *s, int policy, 3539 uint64_t aec) 3540 { 3541 int ret = 1; 3542 QCTX ctx; 3543 3544 if (!expect_quic_conn_only(s, &ctx)) 3545 return 0; 3546 3547 qctx_lock(&ctx); 3548 3549 switch (policy) { 3550 case SSL_INCOMING_STREAM_POLICY_AUTO: 3551 case SSL_INCOMING_STREAM_POLICY_ACCEPT: 3552 case SSL_INCOMING_STREAM_POLICY_REJECT: 3553 ctx.qc->incoming_stream_policy = policy; 3554 ctx.qc->incoming_stream_aec = aec; 3555 break; 3556 3557 default: 3558 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL); 3559 ret = 0; 3560 break; 3561 } 3562 3563 qc_update_reject_policy(ctx.qc); 3564 qctx_unlock(&ctx); 3565 return ret; 3566 } 3567 3568 /* 3569 * SSL_get_value, SSL_set_value 3570 * ---------------------------- 3571 */ 3572 QUIC_TAKES_LOCK 3573 static int qc_getset_idle_timeout(QCTX *ctx, uint32_t class_, 3574 uint64_t *p_value_out, uint64_t *p_value_in) 3575 { 3576 int ret = 0; 3577 uint64_t value_out = 0, value_in; 3578 3579 qctx_lock(ctx); 3580 3581 switch (class_) { 3582 case SSL_VALUE_CLASS_FEATURE_REQUEST: 3583 value_out = ossl_quic_channel_get_max_idle_timeout_request(ctx->qc->ch); 3584 3585 if (p_value_in != NULL) { 3586 value_in = *p_value_in; 3587 if (value_in > OSSL_QUIC_VLINT_MAX) { 3588 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, 3589 NULL); 3590 goto err; 3591 } 3592 3593 if (ossl_quic_channel_have_generated_transport_params(ctx->qc->ch)) { 3594 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_FEATURE_NOT_RENEGOTIABLE, 3595 NULL); 3596 goto err; 3597 } 3598 3599 ossl_quic_channel_set_max_idle_timeout_request(ctx->qc->ch, value_in); 3600 } 3601 break; 3602 3603 case SSL_VALUE_CLASS_FEATURE_PEER_REQUEST: 3604 case SSL_VALUE_CLASS_FEATURE_NEGOTIATED: 3605 if (p_value_in != NULL) { 3606 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_OP, 3607 NULL); 3608 goto err; 3609 } 3610 3611 if (!ossl_quic_channel_is_handshake_complete(ctx->qc->ch)) { 3612 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_FEATURE_NEGOTIATION_NOT_COMPLETE, 3613 NULL); 3614 goto err; 3615 } 3616 3617 value_out = (class_ == SSL_VALUE_CLASS_FEATURE_NEGOTIATED) 3618 ? ossl_quic_channel_get_max_idle_timeout_actual(ctx->qc->ch) 3619 : ossl_quic_channel_get_max_idle_timeout_peer_request(ctx->qc->ch); 3620 break; 3621 3622 default: 3623 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS, 3624 NULL); 3625 goto err; 3626 } 3627 3628 ret = 1; 3629 err: 3630 qctx_unlock(ctx); 3631 if (ret && p_value_out != NULL) 3632 *p_value_out = value_out; 3633 3634 return ret; 3635 } 3636 3637 QUIC_TAKES_LOCK 3638 static int qc_get_stream_avail(QCTX *ctx, uint32_t class_, 3639 int is_uni, int is_remote, 3640 uint64_t *value) 3641 { 3642 int ret = 0; 3643 3644 if (class_ != SSL_VALUE_CLASS_GENERIC) { 3645 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS, 3646 NULL); 3647 return 0; 3648 } 3649 3650 qctx_lock(ctx); 3651 3652 *value = is_remote 3653 ? ossl_quic_channel_get_remote_stream_count_avail(ctx->qc->ch, is_uni) 3654 : ossl_quic_channel_get_local_stream_count_avail(ctx->qc->ch, is_uni); 3655 3656 ret = 1; 3657 qctx_unlock(ctx); 3658 return ret; 3659 } 3660 3661 QUIC_NEEDS_LOCK 3662 static int qctx_should_autotick(QCTX *ctx) 3663 { 3664 int event_handling_mode; 3665 QUIC_OBJ *obj = ctx->obj; 3666 3667 for (; (event_handling_mode = obj->event_handling_mode) == SSL_VALUE_EVENT_HANDLING_MODE_INHERIT 3668 && obj->parent_obj != NULL; obj = obj->parent_obj); 3669 3670 return event_handling_mode != SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT; 3671 } 3672 3673 QUIC_NEEDS_LOCK 3674 static void qctx_maybe_autotick(QCTX *ctx) 3675 { 3676 if (!qctx_should_autotick(ctx)) 3677 return; 3678 3679 ossl_quic_reactor_tick(ossl_quic_obj_get0_reactor(ctx->obj), 0); 3680 } 3681 3682 QUIC_TAKES_LOCK 3683 static int qc_getset_event_handling(QCTX *ctx, uint32_t class_, 3684 uint64_t *p_value_out, 3685 uint64_t *p_value_in) 3686 { 3687 int ret = 0; 3688 uint64_t value_out = 0; 3689 3690 qctx_lock(ctx); 3691 3692 if (class_ != SSL_VALUE_CLASS_GENERIC) { 3693 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS, 3694 NULL); 3695 goto err; 3696 } 3697 3698 if (p_value_in != NULL) { 3699 switch (*p_value_in) { 3700 case SSL_VALUE_EVENT_HANDLING_MODE_INHERIT: 3701 case SSL_VALUE_EVENT_HANDLING_MODE_IMPLICIT: 3702 case SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT: 3703 break; 3704 default: 3705 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, 3706 NULL); 3707 goto err; 3708 } 3709 3710 value_out = *p_value_in; 3711 ctx->obj->event_handling_mode = (int)value_out; 3712 } else { 3713 value_out = ctx->obj->event_handling_mode; 3714 } 3715 3716 ret = 1; 3717 err: 3718 qctx_unlock(ctx); 3719 if (ret && p_value_out != NULL) 3720 *p_value_out = value_out; 3721 3722 return ret; 3723 } 3724 3725 QUIC_TAKES_LOCK 3726 static int qc_get_stream_write_buf_stat(QCTX *ctx, uint32_t class_, 3727 uint64_t *p_value_out, 3728 size_t (*getter)(QUIC_SSTREAM *sstream)) 3729 { 3730 int ret = 0; 3731 size_t value = 0; 3732 3733 qctx_lock(ctx); 3734 3735 if (class_ != SSL_VALUE_CLASS_GENERIC) { 3736 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_UNSUPPORTED_CONFIG_VALUE_CLASS, 3737 NULL); 3738 goto err; 3739 } 3740 3741 if (ctx->xso == NULL) { 3742 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL); 3743 goto err; 3744 } 3745 3746 if (!ossl_quic_stream_has_send(ctx->xso->stream)) { 3747 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_STREAM_RECV_ONLY, NULL); 3748 goto err; 3749 } 3750 3751 if (ossl_quic_stream_has_send_buffer(ctx->xso->stream)) 3752 value = getter(ctx->xso->stream->sstream); 3753 3754 ret = 1; 3755 err: 3756 qctx_unlock(ctx); 3757 *p_value_out = (uint64_t)value; 3758 return ret; 3759 } 3760 3761 QUIC_NEEDS_LOCK 3762 static int expect_quic_for_value(SSL *s, QCTX *ctx, uint32_t id) 3763 { 3764 switch (id) { 3765 case SSL_VALUE_EVENT_HANDLING_MODE: 3766 case SSL_VALUE_STREAM_WRITE_BUF_SIZE: 3767 case SSL_VALUE_STREAM_WRITE_BUF_USED: 3768 case SSL_VALUE_STREAM_WRITE_BUF_AVAIL: 3769 return expect_quic_cs(s, ctx); 3770 default: 3771 return expect_quic_conn_only(s, ctx); 3772 } 3773 } 3774 3775 QUIC_TAKES_LOCK 3776 int ossl_quic_get_value_uint(SSL *s, uint32_t class_, uint32_t id, 3777 uint64_t *value) 3778 { 3779 QCTX ctx; 3780 3781 if (!expect_quic_for_value(s, &ctx, id)) 3782 return 0; 3783 3784 if (value == NULL) 3785 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, 3786 ERR_R_PASSED_INVALID_ARGUMENT, NULL); 3787 3788 switch (id) { 3789 case SSL_VALUE_QUIC_IDLE_TIMEOUT: 3790 return qc_getset_idle_timeout(&ctx, class_, value, NULL); 3791 3792 case SSL_VALUE_QUIC_STREAM_BIDI_LOCAL_AVAIL: 3793 return qc_get_stream_avail(&ctx, class_, /*uni=*/0, /*remote=*/0, value); 3794 case SSL_VALUE_QUIC_STREAM_BIDI_REMOTE_AVAIL: 3795 return qc_get_stream_avail(&ctx, class_, /*uni=*/0, /*remote=*/1, value); 3796 case SSL_VALUE_QUIC_STREAM_UNI_LOCAL_AVAIL: 3797 return qc_get_stream_avail(&ctx, class_, /*uni=*/1, /*remote=*/0, value); 3798 case SSL_VALUE_QUIC_STREAM_UNI_REMOTE_AVAIL: 3799 return qc_get_stream_avail(&ctx, class_, /*uni=*/1, /*remote=*/1, value); 3800 3801 case SSL_VALUE_EVENT_HANDLING_MODE: 3802 return qc_getset_event_handling(&ctx, class_, value, NULL); 3803 3804 case SSL_VALUE_STREAM_WRITE_BUF_SIZE: 3805 return qc_get_stream_write_buf_stat(&ctx, class_, value, 3806 ossl_quic_sstream_get_buffer_size); 3807 case SSL_VALUE_STREAM_WRITE_BUF_USED: 3808 return qc_get_stream_write_buf_stat(&ctx, class_, value, 3809 ossl_quic_sstream_get_buffer_used); 3810 case SSL_VALUE_STREAM_WRITE_BUF_AVAIL: 3811 return qc_get_stream_write_buf_stat(&ctx, class_, value, 3812 ossl_quic_sstream_get_buffer_avail); 3813 3814 default: 3815 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, 3816 SSL_R_UNSUPPORTED_CONFIG_VALUE, NULL); 3817 } 3818 3819 return 1; 3820 } 3821 3822 QUIC_TAKES_LOCK 3823 int ossl_quic_set_value_uint(SSL *s, uint32_t class_, uint32_t id, 3824 uint64_t value) 3825 { 3826 QCTX ctx; 3827 3828 if (!expect_quic_for_value(s, &ctx, id)) 3829 return 0; 3830 3831 switch (id) { 3832 case SSL_VALUE_QUIC_IDLE_TIMEOUT: 3833 return qc_getset_idle_timeout(&ctx, class_, NULL, &value); 3834 3835 case SSL_VALUE_EVENT_HANDLING_MODE: 3836 return qc_getset_event_handling(&ctx, class_, NULL, &value); 3837 3838 default: 3839 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, 3840 SSL_R_UNSUPPORTED_CONFIG_VALUE, NULL); 3841 } 3842 3843 return 1; 3844 } 3845 3846 /* 3847 * SSL_accept_stream 3848 * ----------------- 3849 */ 3850 struct wait_for_incoming_stream_args { 3851 QCTX *ctx; 3852 QUIC_STREAM *qs; 3853 }; 3854 3855 QUIC_NEEDS_LOCK 3856 static int wait_for_incoming_stream(void *arg) 3857 { 3858 struct wait_for_incoming_stream_args *args = arg; 3859 QUIC_CONNECTION *qc = args->ctx->qc; 3860 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch); 3861 3862 if (!quic_mutation_allowed(qc, /*req_active=*/1)) { 3863 /* If connection is torn down due to an error while blocking, stop. */ 3864 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL); 3865 return -1; 3866 } 3867 3868 args->qs = ossl_quic_stream_map_peek_accept_queue(qsm); 3869 if (args->qs != NULL) 3870 return 1; /* got a stream */ 3871 3872 return 0; /* did not get a stream, keep trying */ 3873 } 3874 3875 QUIC_TAKES_LOCK 3876 SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags) 3877 { 3878 QCTX ctx; 3879 int ret; 3880 SSL *new_s = NULL; 3881 QUIC_STREAM_MAP *qsm; 3882 QUIC_STREAM *qs; 3883 QUIC_XSO *xso; 3884 OSSL_RTT_INFO rtt_info; 3885 3886 if (!expect_quic_conn_only(s, &ctx)) 3887 return NULL; 3888 3889 qctx_lock(&ctx); 3890 3891 if (qc_get_effective_incoming_stream_policy(ctx.qc) 3892 == SSL_INCOMING_STREAM_POLICY_REJECT) { 3893 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL); 3894 goto out; 3895 } 3896 3897 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch); 3898 3899 qs = ossl_quic_stream_map_peek_accept_queue(qsm); 3900 if (qs == NULL) { 3901 if (qctx_blocking(&ctx) 3902 && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) { 3903 struct wait_for_incoming_stream_args args; 3904 3905 args.ctx = &ctx; 3906 args.qs = NULL; 3907 3908 ret = block_until_pred(&ctx, wait_for_incoming_stream, &args, 0); 3909 if (ret == 0) { 3910 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL); 3911 goto out; 3912 } else if (ret < 0 || args.qs == NULL) { 3913 goto out; 3914 } 3915 3916 qs = args.qs; 3917 } else { 3918 goto out; 3919 } 3920 } 3921 3922 xso = create_xso_from_stream(ctx.qc, qs); 3923 if (xso == NULL) 3924 goto out; 3925 3926 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info); 3927 ossl_quic_stream_map_remove_from_accept_queue(qsm, qs, 3928 rtt_info.smoothed_rtt); 3929 new_s = &xso->obj.ssl; 3930 3931 /* Calling this function inhibits default XSO autocreation. */ 3932 qc_touch_default_xso(ctx.qc); /* inhibits default XSO */ 3933 3934 out: 3935 qctx_unlock(&ctx); 3936 return new_s; 3937 } 3938 3939 /* 3940 * SSL_get_accept_stream_queue_len 3941 * ------------------------------- 3942 */ 3943 QUIC_TAKES_LOCK 3944 size_t ossl_quic_get_accept_stream_queue_len(SSL *s) 3945 { 3946 QCTX ctx; 3947 size_t v; 3948 3949 if (!expect_quic_conn_only(s, &ctx)) 3950 return 0; 3951 3952 qctx_lock(&ctx); 3953 3954 v = ossl_quic_stream_map_get_total_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch)); 3955 3956 qctx_unlock(&ctx); 3957 return v; 3958 } 3959 3960 /* 3961 * SSL_stream_reset 3962 * ---------------- 3963 */ 3964 int ossl_quic_stream_reset(SSL *ssl, 3965 const SSL_STREAM_RESET_ARGS *args, 3966 size_t args_len) 3967 { 3968 QCTX ctx; 3969 QUIC_STREAM_MAP *qsm; 3970 QUIC_STREAM *qs; 3971 uint64_t error_code; 3972 int ok, err; 3973 3974 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, /*io=*/0, &ctx)) 3975 return 0; 3976 3977 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch); 3978 qs = ctx.xso->stream; 3979 error_code = (args != NULL ? args->quic_error_code : 0); 3980 3981 if (!quic_validate_for_write(ctx.xso, &err)) { 3982 ok = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL); 3983 goto err; 3984 } 3985 3986 ok = ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code); 3987 if (ok) 3988 ctx.xso->requested_reset = 1; 3989 3990 err: 3991 qctx_unlock(&ctx); 3992 return ok; 3993 } 3994 3995 /* 3996 * SSL_get_stream_read_state 3997 * ------------------------- 3998 */ 3999 static void quic_classify_stream(QUIC_CONNECTION *qc, 4000 QUIC_STREAM *qs, 4001 int is_write, 4002 int *state, 4003 uint64_t *app_error_code) 4004 { 4005 int local_init; 4006 uint64_t final_size; 4007 4008 local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server); 4009 4010 if (app_error_code != NULL) 4011 *app_error_code = UINT64_MAX; 4012 else 4013 app_error_code = &final_size; /* throw away value */ 4014 4015 if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) { 4016 /* 4017 * Unidirectional stream and this direction of transmission doesn't 4018 * exist. 4019 */ 4020 *state = SSL_STREAM_STATE_WRONG_DIR; 4021 } else if (ossl_quic_channel_is_term_any(qc->ch)) { 4022 /* Connection already closed. */ 4023 *state = SSL_STREAM_STATE_CONN_CLOSED; 4024 } else if (!is_write && qs->recv_state == QUIC_RSTREAM_STATE_DATA_READ) { 4025 /* Application has read a FIN. */ 4026 *state = SSL_STREAM_STATE_FINISHED; 4027 } else if ((!is_write && qs->stop_sending) 4028 || (is_write && ossl_quic_stream_send_is_reset(qs))) { 4029 /* 4030 * Stream has been reset locally. FIN takes precedence over this for the 4031 * read case as the application need not care if the stream is reset 4032 * after a FIN has been successfully processed. 4033 */ 4034 *state = SSL_STREAM_STATE_RESET_LOCAL; 4035 *app_error_code = !is_write 4036 ? qs->stop_sending_aec 4037 : qs->reset_stream_aec; 4038 } else if ((!is_write && ossl_quic_stream_recv_is_reset(qs)) 4039 || (is_write && qs->peer_stop_sending)) { 4040 /* 4041 * Stream has been reset remotely. */ 4042 *state = SSL_STREAM_STATE_RESET_REMOTE; 4043 *app_error_code = !is_write 4044 ? qs->peer_reset_stream_aec 4045 : qs->peer_stop_sending_aec; 4046 } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream, 4047 &final_size)) { 4048 /* 4049 * Stream has been finished. Stream reset takes precedence over this for 4050 * the write case as peer may not have received all data. 4051 */ 4052 *state = SSL_STREAM_STATE_FINISHED; 4053 } else { 4054 /* Stream still healthy. */ 4055 *state = SSL_STREAM_STATE_OK; 4056 } 4057 } 4058 4059 static int quic_get_stream_state(SSL *ssl, int is_write) 4060 { 4061 QCTX ctx; 4062 int state; 4063 4064 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx)) 4065 return SSL_STREAM_STATE_NONE; 4066 4067 quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL); 4068 qctx_unlock(&ctx); 4069 return state; 4070 } 4071 4072 int ossl_quic_get_stream_read_state(SSL *ssl) 4073 { 4074 return quic_get_stream_state(ssl, /*is_write=*/0); 4075 } 4076 4077 /* 4078 * SSL_get_stream_write_state 4079 * -------------------------- 4080 */ 4081 int ossl_quic_get_stream_write_state(SSL *ssl) 4082 { 4083 return quic_get_stream_state(ssl, /*is_write=*/1); 4084 } 4085 4086 /* 4087 * SSL_get_stream_read_error_code 4088 * ------------------------------ 4089 */ 4090 static int quic_get_stream_error_code(SSL *ssl, int is_write, 4091 uint64_t *app_error_code) 4092 { 4093 QCTX ctx; 4094 int state; 4095 4096 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx)) 4097 return -1; 4098 4099 quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0, 4100 &state, app_error_code); 4101 4102 qctx_unlock(&ctx); 4103 switch (state) { 4104 case SSL_STREAM_STATE_FINISHED: 4105 return 0; 4106 case SSL_STREAM_STATE_RESET_LOCAL: 4107 case SSL_STREAM_STATE_RESET_REMOTE: 4108 return 1; 4109 default: 4110 return -1; 4111 } 4112 } 4113 4114 int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code) 4115 { 4116 return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code); 4117 } 4118 4119 /* 4120 * SSL_get_stream_write_error_code 4121 * ------------------------------- 4122 */ 4123 int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code) 4124 { 4125 return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code); 4126 } 4127 4128 /* 4129 * Write buffer size mutation 4130 * -------------------------- 4131 */ 4132 int ossl_quic_set_write_buffer_size(SSL *ssl, size_t size) 4133 { 4134 int ret = 0; 4135 QCTX ctx; 4136 4137 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, /*io=*/0, &ctx)) 4138 return 0; 4139 4140 if (!ossl_quic_stream_has_send(ctx.xso->stream)) { 4141 /* Called on a unidirectional receive-only stream - error. */ 4142 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL); 4143 goto out; 4144 } 4145 4146 if (!ossl_quic_stream_has_send_buffer(ctx.xso->stream)) { 4147 /* 4148 * If the stream has a send part but we have disposed of it because we 4149 * no longer need it, this is a no-op. 4150 */ 4151 ret = 1; 4152 goto out; 4153 } 4154 4155 if (!ossl_quic_sstream_set_buffer_size(ctx.xso->stream->sstream, size)) { 4156 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL); 4157 goto out; 4158 } 4159 4160 ret = 1; 4161 4162 out: 4163 qctx_unlock(&ctx); 4164 return ret; 4165 } 4166 4167 /* 4168 * SSL_get_conn_close_info 4169 * ----------------------- 4170 */ 4171 int ossl_quic_get_conn_close_info(SSL *ssl, 4172 SSL_CONN_CLOSE_INFO *info, 4173 size_t info_len) 4174 { 4175 QCTX ctx; 4176 const QUIC_TERMINATE_CAUSE *tc; 4177 4178 if (!expect_quic_conn_only(ssl, &ctx)) 4179 return -1; 4180 4181 tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch); 4182 if (tc == NULL) 4183 return 0; 4184 4185 info->error_code = tc->error_code; 4186 info->frame_type = tc->frame_type; 4187 info->reason = tc->reason; 4188 info->reason_len = tc->reason_len; 4189 info->flags = 0; 4190 if (!tc->remote) 4191 info->flags |= SSL_CONN_CLOSE_FLAG_LOCAL; 4192 if (!tc->app) 4193 info->flags |= SSL_CONN_CLOSE_FLAG_TRANSPORT; 4194 return 1; 4195 } 4196 4197 /* 4198 * SSL_key_update 4199 * -------------- 4200 */ 4201 int ossl_quic_key_update(SSL *ssl, int update_type) 4202 { 4203 QCTX ctx; 4204 4205 if (!expect_quic_conn_only(ssl, &ctx)) 4206 return 0; 4207 4208 switch (update_type) { 4209 case SSL_KEY_UPDATE_NOT_REQUESTED: 4210 /* 4211 * QUIC signals peer key update implicily by triggering a local 4212 * spontaneous TXKU. Silently upgrade this to SSL_KEY_UPDATE_REQUESTED. 4213 */ 4214 case SSL_KEY_UPDATE_REQUESTED: 4215 break; 4216 4217 default: 4218 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL); 4219 return 0; 4220 } 4221 4222 qctx_lock(&ctx); 4223 4224 /* Attempt to perform a TXKU. */ 4225 if (!ossl_quic_channel_trigger_txku(ctx.qc->ch)) { 4226 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_TOO_MANY_KEY_UPDATES, NULL); 4227 qctx_unlock(&ctx); 4228 return 0; 4229 } 4230 4231 qctx_unlock(&ctx); 4232 return 1; 4233 } 4234 4235 /* 4236 * SSL_get_key_update_type 4237 * ----------------------- 4238 */ 4239 int ossl_quic_get_key_update_type(const SSL *s) 4240 { 4241 /* 4242 * We always handle key updates immediately so a key update is never 4243 * pending. 4244 */ 4245 return SSL_KEY_UPDATE_NONE; 4246 } 4247 4248 /** 4249 * @brief Allocates an SSL object for a user from a QUIC channel. 4250 * 4251 * This function creates a new QUIC_CONNECTION object based on an incoming 4252 * connection associated with the provided QUIC_LISTENER. If the connection 4253 * creation fails, the function returns NULL. Otherwise, it returns a pointer 4254 * to the SSL object associated with the newly created connection. 4255 * 4256 * Note: This function is a registered port callback made from 4257 * ossl_quic_new_listener and ossl_quic_new_listener_from, and allows for 4258 * pre-allocation of the user_ssl object when a channel is created, rather than 4259 * when it is accepted 4260 * 4261 * @param ch Pointer to the QUIC_CHANNEL representing the incoming connection. 4262 * @param arg Pointer to a QUIC_LISTENER used to create the connection. 4263 * 4264 * @return Pointer to the SSL object on success, or NULL on failure. 4265 */ 4266 static SSL *alloc_port_user_ssl(QUIC_CHANNEL *ch, void *arg) 4267 { 4268 QUIC_LISTENER *ql = arg; 4269 QUIC_CONNECTION *qc = create_qc_from_incoming_conn(ql, ch); 4270 4271 return (qc == NULL) ? NULL : &qc->obj.ssl; 4272 } 4273 4274 /* 4275 * QUIC Front-End I/O API: Listeners 4276 * ================================= 4277 */ 4278 4279 /* 4280 * SSL_new_listener 4281 * ---------------- 4282 */ 4283 SSL *ossl_quic_new_listener(SSL_CTX *ctx, uint64_t flags) 4284 { 4285 QUIC_LISTENER *ql = NULL; 4286 QUIC_ENGINE_ARGS engine_args = {0}; 4287 QUIC_PORT_ARGS port_args = {0}; 4288 4289 if ((ql = OPENSSL_zalloc(sizeof(*ql))) == NULL) { 4290 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4291 goto err; 4292 } 4293 4294 #if defined(OPENSSL_THREADS) 4295 if ((ql->mutex = ossl_crypto_mutex_new()) == NULL) { 4296 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4297 goto err; 4298 } 4299 #endif 4300 4301 engine_args.libctx = ctx->libctx; 4302 engine_args.propq = ctx->propq; 4303 #if defined(OPENSSL_THREADS) 4304 engine_args.mutex = ql->mutex; 4305 #endif 4306 4307 if (need_notifier_for_domain_flags(ctx->domain_flags)) 4308 engine_args.reactor_flags |= QUIC_REACTOR_FLAG_USE_NOTIFIER; 4309 4310 if ((ql->engine = ossl_quic_engine_new(&engine_args)) == NULL) { 4311 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4312 goto err; 4313 } 4314 4315 port_args.channel_ctx = ctx; 4316 port_args.is_multi_conn = 1; 4317 port_args.get_conn_user_ssl = alloc_port_user_ssl; 4318 port_args.user_ssl_arg = ql; 4319 if ((flags & SSL_LISTENER_FLAG_NO_VALIDATE) == 0) 4320 port_args.do_addr_validation = 1; 4321 ql->port = ossl_quic_engine_create_port(ql->engine, &port_args); 4322 if (ql->port == NULL) { 4323 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4324 goto err; 4325 } 4326 4327 /* TODO(QUIC FUTURE): Implement SSL_LISTENER_FLAG_NO_ACCEPT */ 4328 4329 ossl_quic_port_set_allow_incoming(ql->port, 1); 4330 4331 /* Initialise the QUIC_LISTENER's object header. */ 4332 if (!ossl_quic_obj_init(&ql->obj, ctx, SSL_TYPE_QUIC_LISTENER, NULL, 4333 ql->engine, ql->port)) 4334 goto err; 4335 4336 return &ql->obj.ssl; 4337 4338 err: 4339 if (ql != NULL) 4340 ossl_quic_engine_free(ql->engine); 4341 4342 #if defined(OPENSSL_THREADS) 4343 ossl_crypto_mutex_free(&ql->mutex); 4344 #endif 4345 OPENSSL_free(ql); 4346 return NULL; 4347 } 4348 4349 /* 4350 * SSL_new_listener_from 4351 * --------------------- 4352 */ 4353 SSL *ossl_quic_new_listener_from(SSL *ssl, uint64_t flags) 4354 { 4355 QCTX ctx; 4356 QUIC_LISTENER *ql = NULL; 4357 QUIC_PORT_ARGS port_args = {0}; 4358 4359 if (!expect_quic_domain(ssl, &ctx)) 4360 return NULL; 4361 4362 if (!SSL_up_ref(&ctx.qd->obj.ssl)) 4363 return NULL; 4364 4365 qctx_lock(&ctx); 4366 4367 if ((ql = OPENSSL_zalloc(sizeof(*ql))) == NULL) { 4368 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4369 goto err; 4370 } 4371 4372 port_args.channel_ctx = ssl->ctx; 4373 port_args.is_multi_conn = 1; 4374 port_args.get_conn_user_ssl = alloc_port_user_ssl; 4375 port_args.user_ssl_arg = ql; 4376 if ((flags & SSL_LISTENER_FLAG_NO_VALIDATE) == 0) 4377 port_args.do_addr_validation = 1; 4378 ql->port = ossl_quic_engine_create_port(ctx.qd->engine, &port_args); 4379 if (ql->port == NULL) { 4380 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4381 goto err; 4382 } 4383 4384 ql->domain = ctx.qd; 4385 ql->engine = ctx.qd->engine; 4386 #if defined(OPENSSL_THREADS) 4387 ql->mutex = ctx.qd->mutex; 4388 #endif 4389 4390 /* 4391 * TODO(QUIC FUTURE): Implement SSL_LISTENER_FLAG_NO_ACCEPT 4392 * Given that we have apis to create client SSL objects from 4393 * server SSL objects (see SSL_new_from_listener), we have aspirations 4394 * to enable a flag that allows for the creation of the latter, but not 4395 * be used to do accept any connections. This is a placeholder for the 4396 * implementation of that flag 4397 */ 4398 4399 ossl_quic_port_set_allow_incoming(ql->port, 1); 4400 4401 /* Initialise the QUIC_LISTENER's object header. */ 4402 if (!ossl_quic_obj_init(&ql->obj, ssl->ctx, SSL_TYPE_QUIC_LISTENER, 4403 &ctx.qd->obj.ssl, NULL, ql->port)) 4404 goto err; 4405 4406 qctx_unlock(&ctx); 4407 return &ql->obj.ssl; 4408 4409 err: 4410 if (ql != NULL) 4411 ossl_quic_port_free(ql->port); 4412 4413 OPENSSL_free(ql); 4414 qctx_unlock(&ctx); 4415 SSL_free(&ctx.qd->obj.ssl); 4416 4417 return NULL; 4418 } 4419 4420 /* 4421 * SSL_new_from_listener 4422 * --------------------- 4423 * code here is derived from ossl_quic_new(). The `ssl` argument is 4424 * a listener object which already comes with QUIC port/engine. The newly 4425 * created QUIC connection object (QCSO) is going to share the port/engine 4426 * with listener (`ssl`). The `ssl` also becomes a parent of QCSO created 4427 * by this function. The caller uses QCSO instance to connect to 4428 * remote QUIC server. 4429 * 4430 * The QCSO created here requires us to also create a channel so we 4431 * can connect to remote server. 4432 */ 4433 SSL *ossl_quic_new_from_listener(SSL *ssl, uint64_t flags) 4434 { 4435 QCTX ctx; 4436 QUIC_CONNECTION *qc = NULL; 4437 QUIC_LISTENER *ql; 4438 SSL_CONNECTION *sc = NULL; 4439 4440 if (flags != 0) 4441 return NULL; 4442 4443 if (!expect_quic_listener(ssl, &ctx)) 4444 return NULL; 4445 4446 if (!SSL_up_ref(&ctx.ql->obj.ssl)) 4447 return NULL; 4448 4449 qctx_lock(&ctx); 4450 4451 ql = ctx.ql; 4452 4453 /* 4454 * listeners (server) contexts don't typically 4455 * allocate a token cache because they don't need 4456 * to store them, but here we are using a server side 4457 * ctx as a client, so we should allocate one now 4458 */ 4459 if (ssl->ctx->tokencache == NULL) 4460 if ((ssl->ctx->tokencache = ossl_quic_new_token_store()) == NULL) 4461 goto err; 4462 4463 if ((qc = OPENSSL_zalloc(sizeof(*qc))) == NULL) { 4464 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4465 goto err; 4466 } 4467 4468 /* 4469 * NOTE: setting a listener here is needed so `qc_cleanup()` does the right 4470 * thing. Setting listener to ql avoids premature destruction of port in 4471 * qc_cleanup() 4472 */ 4473 qc->listener = ql; 4474 qc->engine = ql->engine; 4475 qc->port = ql->port; 4476 /* create channel */ 4477 #if defined(OPENSSL_THREADS) 4478 /* this is the engine mutex */ 4479 qc->mutex = ql->mutex; 4480 #endif 4481 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST) 4482 qc->is_thread_assisted 4483 = ((ql->obj.domain_flags & SSL_DOMAIN_FLAG_THREAD_ASSISTED) != 0); 4484 #endif 4485 4486 /* Create the handshake layer. */ 4487 qc->tls = ossl_ssl_connection_new_int(ql->obj.ssl.ctx, NULL, TLS_method()); 4488 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL) { 4489 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4490 goto err; 4491 } 4492 sc->s3.flags |= TLS1_FLAGS_QUIC | TLS1_FLAGS_QUIC_INTERNAL; 4493 4494 qc->default_ssl_options = OSSL_QUIC_PERMITTED_OPTIONS; 4495 qc->last_error = SSL_ERROR_NONE; 4496 4497 /* 4498 * This is QCSO, we don't expect to accept connections 4499 * on success the channel assumes ownership of tls, we need 4500 * to grab reference for qc. 4501 */ 4502 qc->ch = ossl_quic_port_create_outgoing(qc->port, qc->tls); 4503 4504 ossl_quic_channel_set_msg_callback(qc->ch, ql->obj.ssl.ctx->msg_callback, &qc->obj.ssl); 4505 ossl_quic_channel_set_msg_callback_arg(qc->ch, ql->obj.ssl.ctx->msg_callback_arg); 4506 4507 /* 4508 * We deliberately pass NULL for engine and port, because we don't want to 4509 * to turn QCSO we create here into an event leader, nor port leader. 4510 * Both those roles are occupied already by listener (`ssl`) we use 4511 * to create a new QCSO here. 4512 */ 4513 if (!ossl_quic_obj_init(&qc->obj, ql->obj.ssl.ctx, 4514 SSL_TYPE_QUIC_CONNECTION, 4515 &ql->obj.ssl, NULL, NULL)) { 4516 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4517 goto err; 4518 } 4519 4520 /* Initialise libssl APL-related state. */ 4521 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI; 4522 qc->default_ssl_mode = qc->obj.ssl.ctx->mode; 4523 qc->default_ssl_options = qc->obj.ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS; 4524 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO; 4525 qc->last_error = SSL_ERROR_NONE; 4526 4527 qc_update_reject_policy(qc); 4528 4529 qctx_unlock(&ctx); 4530 4531 return &qc->obj.ssl; 4532 4533 err: 4534 if (qc != NULL) { 4535 qc_cleanup(qc, /* have_lock= */ 0); 4536 OPENSSL_free(qc); 4537 } 4538 qctx_unlock(&ctx); 4539 SSL_free(&ctx.ql->obj.ssl); 4540 4541 return NULL; 4542 } 4543 4544 /* 4545 * SSL_listen 4546 * ---------- 4547 */ 4548 QUIC_NEEDS_LOCK 4549 static int ql_listen(QUIC_LISTENER *ql) 4550 { 4551 if (ql->listening) 4552 return 1; 4553 4554 ossl_quic_port_set_allow_incoming(ql->port, 1); 4555 ql->listening = 1; 4556 return 1; 4557 } 4558 4559 QUIC_TAKES_LOCK 4560 int ossl_quic_listen(SSL *ssl) 4561 { 4562 QCTX ctx; 4563 int ret; 4564 4565 if (!expect_quic_listener(ssl, &ctx)) 4566 return 0; 4567 4568 qctx_lock_for_io(&ctx); 4569 4570 ret = ql_listen(ctx.ql); 4571 4572 qctx_unlock(&ctx); 4573 return ret; 4574 } 4575 4576 /* 4577 * SSL_accept_connection 4578 * --------------------- 4579 */ 4580 static int quic_accept_connection_wait(void *arg) 4581 { 4582 QUIC_PORT *port = arg; 4583 4584 if (!ossl_quic_port_is_running(port)) 4585 return -1; 4586 4587 if (ossl_quic_port_have_incoming(port)) 4588 return 1; 4589 4590 return 0; 4591 } 4592 4593 QUIC_TAKES_LOCK 4594 SSL *ossl_quic_accept_connection(SSL *ssl, uint64_t flags) 4595 { 4596 int ret; 4597 QCTX ctx; 4598 SSL *conn_ssl = NULL; 4599 SSL_CONNECTION *conn = NULL; 4600 QUIC_CHANNEL *new_ch = NULL; 4601 QUIC_CONNECTION *qc; 4602 int no_block = ((flags & SSL_ACCEPT_CONNECTION_NO_BLOCK) != 0); 4603 4604 if (!expect_quic_listener(ssl, &ctx)) 4605 return NULL; 4606 4607 qctx_lock_for_io(&ctx); 4608 4609 if (!ql_listen(ctx.ql)) 4610 goto out; 4611 4612 /* Wait for an incoming connection if needed. */ 4613 new_ch = ossl_quic_port_pop_incoming(ctx.ql->port); 4614 if (new_ch == NULL && ossl_quic_port_is_running(ctx.ql->port)) { 4615 if (!no_block && qctx_blocking(&ctx)) { 4616 ret = block_until_pred(&ctx, quic_accept_connection_wait, 4617 ctx.ql->port, 0); 4618 if (ret < 1) 4619 goto out; 4620 } else { 4621 qctx_maybe_autotick(&ctx); 4622 } 4623 4624 if (!ossl_quic_port_is_running(ctx.ql->port)) 4625 goto out; 4626 4627 new_ch = ossl_quic_port_pop_incoming(ctx.ql->port); 4628 } 4629 4630 if (new_ch == NULL && ossl_quic_port_is_running(ctx.ql->port)) { 4631 /* No connections already queued. */ 4632 ossl_quic_reactor_tick(ossl_quic_engine_get0_reactor(ctx.ql->engine), 0); 4633 4634 new_ch = ossl_quic_port_pop_incoming(ctx.ql->port); 4635 } 4636 4637 /* 4638 * port_make_channel pre-allocates our user_ssl for us for each newly 4639 * created channel, so once we pop the new channel from the port above 4640 * we just need to extract it 4641 */ 4642 if (new_ch == NULL 4643 || (conn_ssl = ossl_quic_channel_get0_tls(new_ch)) == NULL 4644 || (conn = SSL_CONNECTION_FROM_SSL(conn_ssl)) == NULL 4645 || (conn_ssl = SSL_CONNECTION_GET_USER_SSL(conn)) == NULL) 4646 goto out; 4647 qc = (QUIC_CONNECTION *)conn_ssl; 4648 qc->listener = ctx.ql; 4649 qc->pending = 0; 4650 if (!SSL_up_ref(&ctx.ql->obj.ssl)) { 4651 SSL_free(conn_ssl); 4652 SSL_free(ossl_quic_channel_get0_tls(new_ch)); 4653 conn_ssl = NULL; 4654 } 4655 4656 out: 4657 qctx_unlock(&ctx); 4658 return conn_ssl; 4659 } 4660 4661 static QUIC_CONNECTION *create_qc_from_incoming_conn(QUIC_LISTENER *ql, QUIC_CHANNEL *ch) 4662 { 4663 QUIC_CONNECTION *qc = NULL; 4664 4665 if ((qc = OPENSSL_zalloc(sizeof(*qc))) == NULL) { 4666 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4667 goto err; 4668 } 4669 4670 if (!ossl_quic_obj_init(&qc->obj, ql->obj.ssl.ctx, 4671 SSL_TYPE_QUIC_CONNECTION, 4672 &ql->obj.ssl, NULL, NULL)) { 4673 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4674 goto err; 4675 } 4676 4677 ossl_quic_channel_get_peer_addr(ch, &qc->init_peer_addr); /* best effort */ 4678 qc->pending = 1; 4679 qc->engine = ql->engine; 4680 qc->port = ql->port; 4681 qc->ch = ch; 4682 #if defined(OPENSSL_THREADS) 4683 qc->mutex = ql->mutex; 4684 #endif 4685 qc->tls = ossl_quic_channel_get0_tls(ch); 4686 qc->started = 1; 4687 qc->as_server = 1; 4688 qc->as_server_state = 1; 4689 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI; 4690 qc->default_ssl_options = ql->obj.ssl.ctx->options & OSSL_QUIC_PERMITTED_OPTIONS; 4691 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO; 4692 qc->last_error = SSL_ERROR_NONE; 4693 qc_update_reject_policy(qc); 4694 return qc; 4695 4696 err: 4697 OPENSSL_free(qc); 4698 return NULL; 4699 } 4700 4701 DEFINE_LHASH_OF_EX(QUIC_TOKEN); 4702 4703 struct ssl_token_store_st { 4704 LHASH_OF(QUIC_TOKEN) *cache; 4705 CRYPTO_REF_COUNT references; 4706 CRYPTO_MUTEX *mutex; 4707 }; 4708 4709 static unsigned long quic_token_hash(const QUIC_TOKEN *item) 4710 { 4711 return (unsigned long)ossl_fnv1a_hash(item->hashkey, item->hashkey_len); 4712 } 4713 4714 static int quic_token_cmp(const QUIC_TOKEN *a, const QUIC_TOKEN *b) 4715 { 4716 if (a->hashkey_len != b->hashkey_len) 4717 return 1; 4718 return memcmp(a->hashkey, b->hashkey, a->hashkey_len); 4719 } 4720 4721 SSL_TOKEN_STORE *ossl_quic_new_token_store(void) 4722 { 4723 int ok = 0; 4724 SSL_TOKEN_STORE *newcache = OPENSSL_zalloc(sizeof(SSL_TOKEN_STORE)); 4725 4726 if (newcache == NULL) 4727 goto out; 4728 4729 newcache->cache = lh_QUIC_TOKEN_new(quic_token_hash, quic_token_cmp); 4730 if (newcache->cache == NULL) 4731 goto out; 4732 4733 #if defined(OPENSSL_THREADS) 4734 if ((newcache->mutex = ossl_crypto_mutex_new()) == NULL) 4735 goto out; 4736 #endif 4737 4738 if (!CRYPTO_NEW_REF(&newcache->references, 1)) 4739 goto out; 4740 4741 ok = 1; 4742 out: 4743 if (!ok) { 4744 ossl_quic_free_token_store(newcache); 4745 newcache = NULL; 4746 } 4747 return newcache; 4748 } 4749 4750 static void free_this_token(QUIC_TOKEN *tok) 4751 { 4752 ossl_quic_free_peer_token(tok); 4753 } 4754 4755 void ossl_quic_free_token_store(SSL_TOKEN_STORE *hdl) 4756 { 4757 int refs; 4758 4759 if (hdl == NULL) 4760 return; 4761 4762 if (!CRYPTO_DOWN_REF(&hdl->references, &refs)) 4763 return; 4764 4765 if (refs > 0) 4766 return; 4767 4768 /* last reference, we can clean up */ 4769 ossl_crypto_mutex_free(&hdl->mutex); 4770 lh_QUIC_TOKEN_doall(hdl->cache, free_this_token); 4771 lh_QUIC_TOKEN_free(hdl->cache); 4772 OPENSSL_free(hdl); 4773 return; 4774 } 4775 4776 /** 4777 * @brief build a new QUIC_TOKEN 4778 * 4779 * This function creates a new token storage structure for saving in our 4780 * tokencache 4781 * 4782 * In an effort to make allocation and freeing of these tokens a bit faster 4783 * We do them in a single allocation in this format 4784 * +---------------+ --\ 4785 * | hashkey * |---| | 4786 * | hashkey_len | | | QUIC_TOKEN 4787 * | token * |---|--| | 4788 * | token_len | | | | 4789 * +---------------+<--| | --/ 4790 * | hashkey buf | | 4791 * | | | 4792 * |---------------|<-----| 4793 * | token buf | 4794 * | | 4795 * +---------------+ 4796 * 4797 * @param peer - the peer address that sent the token 4798 * @param token - the buffer holding the token 4799 * @param token_len - the size of token 4800 * 4801 * @returns a QUIC_TOKEN pointer or NULL on error 4802 */ 4803 static QUIC_TOKEN *ossl_quic_build_new_token(BIO_ADDR *peer, uint8_t *token, 4804 size_t token_len) 4805 { 4806 QUIC_TOKEN *new_token; 4807 size_t hashkey_len = 0; 4808 size_t addr_len = 0; 4809 int family; 4810 unsigned short port; 4811 int *famptr; 4812 unsigned short *portptr; 4813 uint8_t *addrptr; 4814 4815 if ((token != NULL && token_len == 0) || (token == NULL && token_len != 0)) 4816 return NULL; 4817 4818 if (!BIO_ADDR_rawaddress(peer, NULL, &addr_len)) 4819 return NULL; 4820 family = BIO_ADDR_family(peer); 4821 port = BIO_ADDR_rawport(peer); 4822 4823 hashkey_len += sizeof(int); /* hashkey(family) */ 4824 hashkey_len += sizeof(unsigned short); /* hashkey(port) */ 4825 hashkey_len += addr_len; /* hashkey(address) */ 4826 4827 new_token = OPENSSL_zalloc(sizeof(QUIC_TOKEN) + hashkey_len + token_len); 4828 if (new_token == NULL) 4829 return NULL; 4830 4831 if (!CRYPTO_NEW_REF(&new_token->references, 1)) { 4832 OPENSSL_free(new_token); 4833 return NULL; 4834 } 4835 4836 new_token->hashkey_len = hashkey_len; 4837 /* hashkey is allocated inline, immediately after the QUIC_TOKEN struct */ 4838 new_token->hashkey = (uint8_t *)(new_token + 1); 4839 /* token buffer follows the hashkey in the inline allocation */ 4840 new_token->token = new_token->hashkey + hashkey_len; 4841 new_token->token_len = token_len; 4842 famptr = (int *)new_token->hashkey; 4843 portptr = (unsigned short *)(famptr + 1); 4844 addrptr = (uint8_t *)(portptr + 1); 4845 *famptr = family; 4846 *portptr = port; 4847 if (!BIO_ADDR_rawaddress(peer, addrptr, NULL)) { 4848 ossl_quic_free_peer_token(new_token); 4849 return NULL; 4850 } 4851 if (token != NULL) 4852 memcpy(new_token->token, token, token_len); 4853 return new_token; 4854 } 4855 4856 int ossl_quic_set_peer_token(SSL_CTX *ctx, BIO_ADDR *peer, 4857 const uint8_t *token, size_t token_len) 4858 { 4859 SSL_TOKEN_STORE *c = ctx->tokencache; 4860 QUIC_TOKEN *tok, *old = NULL; 4861 4862 if (ctx->tokencache == NULL) 4863 return 0; 4864 4865 tok = ossl_quic_build_new_token(peer, (uint8_t *)token, token_len); 4866 if (tok == NULL) 4867 return 0; 4868 4869 /* we might be sharing this cache, lock it */ 4870 ossl_crypto_mutex_lock(c->mutex); 4871 4872 old = lh_QUIC_TOKEN_retrieve(c->cache, tok); 4873 if (old != NULL) { 4874 lh_QUIC_TOKEN_delete(c->cache, old); 4875 ossl_quic_free_peer_token(old); 4876 } 4877 lh_QUIC_TOKEN_insert(c->cache, tok); 4878 4879 ossl_crypto_mutex_unlock(c->mutex); 4880 return 1; 4881 } 4882 4883 int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer, 4884 QUIC_TOKEN **token) 4885 { 4886 SSL_TOKEN_STORE *c = ctx->tokencache; 4887 QUIC_TOKEN *key = NULL; 4888 QUIC_TOKEN *tok = NULL; 4889 int ret; 4890 int rc = 0; 4891 4892 if (c == NULL) 4893 return 0; 4894 4895 key = ossl_quic_build_new_token(peer, NULL, 0); 4896 if (key == NULL) 4897 return 0; 4898 4899 ossl_crypto_mutex_lock(c->mutex); 4900 tok = lh_QUIC_TOKEN_retrieve(c->cache, key); 4901 if (tok != NULL) { 4902 *token = tok; 4903 CRYPTO_UP_REF(&tok->references, &ret); 4904 rc = 1; 4905 } 4906 4907 ossl_crypto_mutex_unlock(c->mutex); 4908 ossl_quic_free_peer_token(key); 4909 return rc; 4910 } 4911 4912 void ossl_quic_free_peer_token(QUIC_TOKEN *token) 4913 { 4914 int refs = 0; 4915 4916 if (!CRYPTO_DOWN_REF(&token->references, &refs)) 4917 return; 4918 4919 if (refs > 0) 4920 return; 4921 4922 CRYPTO_FREE_REF(&token->references); 4923 OPENSSL_free(token); 4924 } 4925 4926 /* 4927 * SSL_get_accept_connection_queue_len 4928 * ----------------------------------- 4929 */ 4930 QUIC_TAKES_LOCK 4931 size_t ossl_quic_get_accept_connection_queue_len(SSL *ssl) 4932 { 4933 QCTX ctx; 4934 int ret; 4935 4936 if (!expect_quic_listener(ssl, &ctx)) 4937 return 0; 4938 4939 qctx_lock(&ctx); 4940 4941 ret = ossl_quic_port_get_num_incoming_channels(ctx.ql->port); 4942 4943 qctx_unlock(&ctx); 4944 return ret; 4945 } 4946 4947 /* 4948 * QUIC Front-End I/O API: Domains 4949 * =============================== 4950 */ 4951 4952 /* 4953 * SSL_new_domain 4954 * -------------- 4955 */ 4956 SSL *ossl_quic_new_domain(SSL_CTX *ctx, uint64_t flags) 4957 { 4958 QUIC_DOMAIN *qd = NULL; 4959 QUIC_ENGINE_ARGS engine_args = {0}; 4960 uint64_t domain_flags; 4961 4962 domain_flags = ctx->domain_flags; 4963 if ((flags & (SSL_DOMAIN_FLAG_SINGLE_THREAD 4964 | SSL_DOMAIN_FLAG_MULTI_THREAD 4965 | SSL_DOMAIN_FLAG_THREAD_ASSISTED)) != 0) 4966 domain_flags = flags; 4967 else 4968 domain_flags = ctx->domain_flags | flags; 4969 4970 if (!ossl_adjust_domain_flags(domain_flags, &domain_flags)) 4971 return NULL; 4972 4973 if ((qd = OPENSSL_zalloc(sizeof(*qd))) == NULL) { 4974 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4975 return NULL; 4976 } 4977 4978 #if defined(OPENSSL_THREADS) 4979 if ((qd->mutex = ossl_crypto_mutex_new()) == NULL) { 4980 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); 4981 goto err; 4982 } 4983 #endif 4984 4985 engine_args.libctx = ctx->libctx; 4986 engine_args.propq = ctx->propq; 4987 #if defined(OPENSSL_THREADS) 4988 engine_args.mutex = qd->mutex; 4989 #endif 4990 4991 if (need_notifier_for_domain_flags(domain_flags)) 4992 engine_args.reactor_flags |= QUIC_REACTOR_FLAG_USE_NOTIFIER; 4993 4994 if ((qd->engine = ossl_quic_engine_new(&engine_args)) == NULL) { 4995 QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); 4996 goto err; 4997 } 4998 4999 /* Initialise the QUIC_DOMAIN's object header. */ 5000 if (!ossl_quic_obj_init(&qd->obj, ctx, SSL_TYPE_QUIC_DOMAIN, NULL, 5001 qd->engine, NULL)) 5002 goto err; 5003 5004 ossl_quic_obj_set_domain_flags(&qd->obj, domain_flags); 5005 return &qd->obj.ssl; 5006 5007 err: 5008 ossl_quic_engine_free(qd->engine); 5009 #if defined(OPENSSL_THREADS) 5010 ossl_crypto_mutex_free(&qd->mutex); 5011 #endif 5012 OPENSSL_free(qd); 5013 return NULL; 5014 } 5015 5016 /* 5017 * QUIC Front-End I/O API: SSL_CTX Management 5018 * ========================================== 5019 */ 5020 5021 long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 5022 { 5023 switch (cmd) { 5024 default: 5025 return ssl3_ctx_ctrl(ctx, cmd, larg, parg); 5026 } 5027 } 5028 5029 long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 5030 { 5031 QCTX ctx; 5032 5033 if (!expect_quic_conn_only(s, &ctx)) 5034 return 0; 5035 5036 switch (cmd) { 5037 case SSL_CTRL_SET_MSG_CALLBACK: 5038 ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp, 5039 &ctx.qc->obj.ssl); 5040 /* This callback also needs to be set on the internal SSL object */ 5041 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);; 5042 5043 default: 5044 /* Probably a TLS related ctrl. Defer to our internal SSL object */ 5045 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp); 5046 } 5047 } 5048 5049 long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 5050 { 5051 return ssl3_ctx_callback_ctrl(ctx, cmd, fp); 5052 } 5053 5054 int ossl_quic_renegotiate_check(SSL *ssl, int initok) 5055 { 5056 /* We never do renegotiation. */ 5057 return 0; 5058 } 5059 5060 const SSL_CIPHER *ossl_quic_get_cipher_by_char(const unsigned char *p) 5061 { 5062 const SSL_CIPHER *ciph = ssl3_get_cipher_by_char(p); 5063 5064 if ((ciph->algorithm2 & SSL_QUIC) == 0) 5065 return NULL; 5066 5067 return ciph; 5068 } 5069 5070 /* 5071 * These functions define the TLSv1.2 (and below) ciphers that are supported by 5072 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any. 5073 */ 5074 5075 int ossl_quic_num_ciphers(void) 5076 { 5077 return 0; 5078 } 5079 5080 const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u) 5081 { 5082 return NULL; 5083 } 5084 5085 /* 5086 * SSL_get_shutdown() 5087 * ------------------ 5088 */ 5089 int ossl_quic_get_shutdown(const SSL *s) 5090 { 5091 QCTX ctx; 5092 int shut = 0; 5093 5094 if (!expect_quic_conn_only(s, &ctx)) 5095 return 0; 5096 5097 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) { 5098 shut |= SSL_SENT_SHUTDOWN; 5099 if (!ossl_quic_channel_is_closing(ctx.qc->ch)) 5100 shut |= SSL_RECEIVED_SHUTDOWN; 5101 } 5102 5103 return shut; 5104 } 5105 5106 /* 5107 * QUIC Polling Support APIs 5108 * ========================= 5109 */ 5110 5111 /* Do we have the R (read) condition? */ 5112 QUIC_NEEDS_LOCK 5113 static int test_poll_event_r(QUIC_XSO *xso) 5114 { 5115 int fin = 0; 5116 size_t avail = 0; 5117 5118 /* 5119 * If a stream has had the fin bit set on the last packet 5120 * received, then we need to return a 1 here to raise 5121 * SSL_POLL_EVENT_R, so that the stream can have its completion 5122 * detected and closed gracefully by an application. 5123 * However, if the client reads the data via SSL_read[_ex], that api 5124 * provides no stream status, and as a result the stream state moves to 5125 * QUIC_RSTREAM_STATE_DATA_READ, and the receive buffer is freed, which 5126 * stored the fin state, so its not directly know-able here. Instead 5127 * check for the stream state being QUIC_RSTREAM_STATE_DATA_READ, which 5128 * is only set if the last stream frame received had the fin bit set, and 5129 * the client read the data. This catches our poll/read/poll case 5130 */ 5131 if (xso->stream->recv_state == QUIC_RSTREAM_STATE_DATA_READ) 5132 return 1; 5133 5134 return ossl_quic_stream_has_recv_buffer(xso->stream) 5135 && ossl_quic_rstream_available(xso->stream->rstream, &avail, &fin) 5136 && (avail > 0 || (fin && !xso->retired_fin)); 5137 } 5138 5139 /* Do we have the ER (exception: read) condition? */ 5140 QUIC_NEEDS_LOCK 5141 static int test_poll_event_er(QUIC_XSO *xso) 5142 { 5143 return ossl_quic_stream_has_recv(xso->stream) 5144 && ossl_quic_stream_recv_is_reset(xso->stream) 5145 && !xso->retired_fin; 5146 } 5147 5148 /* Do we have the W (write) condition? */ 5149 QUIC_NEEDS_LOCK 5150 static int test_poll_event_w(QUIC_XSO *xso) 5151 { 5152 return !xso->conn->shutting_down 5153 && ossl_quic_stream_has_send_buffer(xso->stream) 5154 && ossl_quic_sstream_get_buffer_avail(xso->stream->sstream) 5155 && !ossl_quic_sstream_get_final_size(xso->stream->sstream, NULL) 5156 && ossl_quic_txfc_get_cwm(&xso->stream->txfc) 5157 > ossl_quic_sstream_get_cur_size(xso->stream->sstream) 5158 && quic_mutation_allowed(xso->conn, /*req_active=*/1); 5159 } 5160 5161 /* Do we have the EW (exception: write) condition? */ 5162 QUIC_NEEDS_LOCK 5163 static int test_poll_event_ew(QUIC_XSO *xso) 5164 { 5165 return ossl_quic_stream_has_send(xso->stream) 5166 && xso->stream->peer_stop_sending 5167 && !xso->requested_reset 5168 && !xso->conn->shutting_down; 5169 } 5170 5171 /* Do we have the EC (exception: connection) condition? */ 5172 QUIC_NEEDS_LOCK 5173 static int test_poll_event_ec(QUIC_CONNECTION *qc) 5174 { 5175 return ossl_quic_channel_is_term_any(qc->ch); 5176 } 5177 5178 /* Do we have the ECD (exception: connection drained) condition? */ 5179 QUIC_NEEDS_LOCK 5180 static int test_poll_event_ecd(QUIC_CONNECTION *qc) 5181 { 5182 return ossl_quic_channel_is_terminated(qc->ch); 5183 } 5184 5185 /* Do we have the IS (incoming: stream) condition? */ 5186 QUIC_NEEDS_LOCK 5187 static int test_poll_event_is(QUIC_CONNECTION *qc, int is_uni) 5188 { 5189 return ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(qc->ch), 5190 is_uni); 5191 } 5192 5193 /* Do we have the OS (outgoing: stream) condition? */ 5194 QUIC_NEEDS_LOCK 5195 static int test_poll_event_os(QUIC_CONNECTION *qc, int is_uni) 5196 { 5197 /* Is it currently possible for us to make an outgoing stream? */ 5198 return quic_mutation_allowed(qc, /*req_active=*/1) 5199 && ossl_quic_channel_get_local_stream_count_avail(qc->ch, is_uni) > 0; 5200 } 5201 5202 /* Do we have the EL (exception: listener) condition? */ 5203 QUIC_NEEDS_LOCK 5204 static int test_poll_event_el(QUIC_LISTENER *ql) 5205 { 5206 return !ossl_quic_port_is_running(ql->port); 5207 } 5208 5209 /* Do we have the IC (incoming: connection) condition? */ 5210 QUIC_NEEDS_LOCK 5211 static int test_poll_event_ic(QUIC_LISTENER *ql) 5212 { 5213 return ossl_quic_port_get_num_incoming_channels(ql->port) > 0; 5214 } 5215 5216 QUIC_TAKES_LOCK 5217 int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick, 5218 uint64_t *p_revents) 5219 { 5220 QCTX ctx; 5221 uint64_t revents = 0; 5222 5223 if (!expect_quic_csl(ssl, &ctx)) 5224 return 0; 5225 5226 qctx_lock(&ctx); 5227 5228 if (ctx.qc != NULL && !ctx.qc->started) { 5229 /* We can only try to write on non-started connection. */ 5230 if ((events & SSL_POLL_EVENT_W) != 0) 5231 revents |= SSL_POLL_EVENT_W; 5232 goto end; 5233 } 5234 5235 if (do_tick) 5236 ossl_quic_reactor_tick(ossl_quic_obj_get0_reactor(ctx.obj), 0); 5237 5238 if (ctx.xso != NULL) { 5239 /* SSL object has a stream component. */ 5240 5241 if ((events & SSL_POLL_EVENT_R) != 0 5242 && test_poll_event_r(ctx.xso)) 5243 revents |= SSL_POLL_EVENT_R; 5244 5245 if ((events & SSL_POLL_EVENT_ER) != 0 5246 && test_poll_event_er(ctx.xso)) 5247 revents |= SSL_POLL_EVENT_ER; 5248 5249 if ((events & SSL_POLL_EVENT_W) != 0 5250 && test_poll_event_w(ctx.xso)) 5251 revents |= SSL_POLL_EVENT_W; 5252 5253 if ((events & SSL_POLL_EVENT_EW) != 0 5254 && test_poll_event_ew(ctx.xso)) 5255 revents |= SSL_POLL_EVENT_EW; 5256 } 5257 5258 if (ctx.qc != NULL && !ctx.is_stream) { 5259 if ((events & SSL_POLL_EVENT_EC) != 0 5260 && test_poll_event_ec(ctx.qc)) 5261 revents |= SSL_POLL_EVENT_EC; 5262 5263 if ((events & SSL_POLL_EVENT_ECD) != 0 5264 && test_poll_event_ecd(ctx.qc)) 5265 revents |= SSL_POLL_EVENT_ECD; 5266 5267 if ((events & SSL_POLL_EVENT_ISB) != 0 5268 && test_poll_event_is(ctx.qc, /*uni=*/0)) 5269 revents |= SSL_POLL_EVENT_ISB; 5270 5271 if ((events & SSL_POLL_EVENT_ISU) != 0 5272 && test_poll_event_is(ctx.qc, /*uni=*/1)) 5273 revents |= SSL_POLL_EVENT_ISU; 5274 5275 if ((events & SSL_POLL_EVENT_OSB) != 0 5276 && test_poll_event_os(ctx.qc, /*uni=*/0)) 5277 revents |= SSL_POLL_EVENT_OSB; 5278 5279 if ((events & SSL_POLL_EVENT_OSU) != 0 5280 && test_poll_event_os(ctx.qc, /*uni=*/1)) 5281 revents |= SSL_POLL_EVENT_OSU; 5282 } 5283 5284 if (ctx.is_listener) { 5285 if ((events & SSL_POLL_EVENT_EL) != 0 5286 && test_poll_event_el(ctx.ql)) 5287 revents |= SSL_POLL_EVENT_EL; 5288 5289 if ((events & SSL_POLL_EVENT_IC) != 0 5290 && test_poll_event_ic(ctx.ql)) 5291 revents |= SSL_POLL_EVENT_IC; 5292 } 5293 5294 end: 5295 qctx_unlock(&ctx); 5296 *p_revents = revents; 5297 return 1; 5298 } 5299 5300 QUIC_TAKES_LOCK 5301 int ossl_quic_get_notifier_fd(SSL *ssl) 5302 { 5303 QCTX ctx; 5304 QUIC_REACTOR *rtor; 5305 RIO_NOTIFIER *nfy; 5306 int nfd = -1; 5307 5308 if (!expect_quic_any(ssl, &ctx)) 5309 return -1; 5310 5311 qctx_lock(&ctx); 5312 rtor = ossl_quic_obj_get0_reactor(ctx.obj); 5313 nfy = ossl_quic_reactor_get0_notifier(rtor); 5314 if (nfy == NULL) 5315 goto end; 5316 nfd = ossl_rio_notifier_as_fd(nfy); 5317 5318 end: 5319 qctx_unlock(&ctx); 5320 return nfd; 5321 } 5322 5323 QUIC_TAKES_LOCK 5324 void ossl_quic_enter_blocking_section(SSL *ssl, QUIC_REACTOR_WAIT_CTX *wctx) 5325 { 5326 QCTX ctx; 5327 QUIC_REACTOR *rtor; 5328 5329 if (!expect_quic_any(ssl, &ctx)) 5330 return; 5331 5332 qctx_lock(&ctx); 5333 rtor = ossl_quic_obj_get0_reactor(ctx.obj); 5334 ossl_quic_reactor_wait_ctx_enter(wctx, rtor); 5335 qctx_unlock(&ctx); 5336 } 5337 5338 QUIC_TAKES_LOCK 5339 void ossl_quic_leave_blocking_section(SSL *ssl, QUIC_REACTOR_WAIT_CTX *wctx) 5340 { 5341 QCTX ctx; 5342 QUIC_REACTOR *rtor; 5343 5344 if (!expect_quic_any(ssl, &ctx)) 5345 return; 5346 5347 qctx_lock(&ctx); 5348 rtor = ossl_quic_obj_get0_reactor(ctx.obj); 5349 ossl_quic_reactor_wait_ctx_leave(wctx, rtor); 5350 qctx_unlock(&ctx); 5351 } 5352 5353 /* 5354 * Internal Testing APIs 5355 * ===================== 5356 */ 5357 5358 QUIC_CHANNEL *ossl_quic_conn_get_channel(SSL *s) 5359 { 5360 QCTX ctx; 5361 5362 if (!expect_quic_conn_only(s, &ctx)) 5363 return NULL; 5364 5365 return ctx.qc->ch; 5366 } 5367 5368 int ossl_quic_set_diag_title(SSL_CTX *ctx, const char *title) 5369 { 5370 #ifndef OPENSSL_NO_QLOG 5371 OPENSSL_free(ctx->qlog_title); 5372 ctx->qlog_title = NULL; 5373 5374 if (title == NULL) 5375 return 1; 5376 5377 if ((ctx->qlog_title = OPENSSL_strdup(title)) == NULL) 5378 return 0; 5379 #endif 5380 5381 return 1; 5382 } 5383