2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/macros.h>
11 #include <openssl/objects.h>
12 #include <openssl/sslerr.h>
13 #include <crypto/rand.h>
14 #include "quic_local.h"
15 #include "internal/quic_tls.h"
16 #include "internal/quic_rx_depack.h"
17 #include "internal/quic_error.h"
18 #include "internal/time.h"
20 typedef struct qctx_st QCTX;
22 static void aon_write_finish(QUIC_XSO *xso);
23 static int create_channel(QUIC_CONNECTION *qc);
24 static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs);
25 static int qc_try_create_default_xso_for_write(QCTX *ctx);
26 static int qc_wait_for_default_xso_for_read(QCTX *ctx);
27 static void quic_lock(QUIC_CONNECTION *qc);
28 static void quic_unlock(QUIC_CONNECTION *qc);
29 static int quic_do_handshake(QCTX *ctx);
30 static void qc_update_reject_policy(QUIC_CONNECTION *qc);
31 static void qc_touch_default_xso(QUIC_CONNECTION *qc);
32 static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch);
33 static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
34 int touch, QUIC_XSO **old_xso);
35 static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock);
38 * QUIC Front-End I/O API: Common Utilities
39 * ========================================
43 * Block until a predicate is met.
45 * Precondition: Must have a channel.
46 * Precondition: Must hold channel lock (unchecked).
49 static int block_until_pred(QUIC_CONNECTION *qc,
50 int (*pred)(void *arg), void *pred_arg,
55 assert(qc->ch != NULL);
57 rtor = ossl_quic_channel_get_reactor(qc->ch);
58 return ossl_quic_reactor_block_until_pred(rtor, pred, pred_arg, flags,
63 * QCTX is a utility structure which provides information we commonly wish to
64 * unwrap upon an API call being dispatched to us, namely:
66 * - a pointer to the QUIC_CONNECTION (regardless of whether a QCSO or QSSO
68 * - a pointer to any applicable QUIC_XSO (e.g. if a QSSO was passed, or if
69 * a QCSO with a default stream was passed);
70 * - whether a QSSO was passed (xso == NULL must not be used to determine this
71 * because it may be non-NULL when a QCSO is passed if that QCSO has a
81 * Raise a 'normal' error, meaning one that can be reported via SSL_get_error()
82 * rather than via ERR. Note that normal errors must always be raised while
86 static int quic_raise_normal_error(QCTX *ctx,
90 ctx->xso->last_error = err;
92 ctx->qc->last_error = err;
98 * Raise a 'non-normal' error, meaning any error that is not reported via
99 * SSL_get_error() and must be reported via ERR.
101 * qc should be provided if available. In exceptional circumstances when qc is
102 * not known NULL may be passed. This should generally only happen when an
103 * expect_...() function defined below fails, which generally indicates a
104 * dispatch error or caller error.
106 * ctx should be NULL if the connection lock is not held.
108 static int quic_raise_non_normal_error(QCTX *ctx,
119 ERR_set_debug(file, line, func);
122 ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
126 if (ctx->is_stream && ctx->xso != NULL)
127 ctx->xso->last_error = SSL_ERROR_SSL;
128 else if (!ctx->is_stream && ctx->qc != NULL)
129 ctx->qc->last_error = SSL_ERROR_SSL;
135 #define QUIC_RAISE_NORMAL_ERROR(ctx, err) \
136 quic_raise_normal_error((ctx), (err))
138 #define QUIC_RAISE_NON_NORMAL_ERROR(ctx, reason, msg) \
139 quic_raise_non_normal_error((ctx), \
140 OPENSSL_FILE, OPENSSL_LINE, \
146 * Given a QCSO or QSSO, initialises a QCTX, determining the contextually
147 * applicable QUIC_CONNECTION pointer and, if applicable, QUIC_XSO pointer.
149 * After this returns 1, all fields of the passed QCTX are initialised.
150 * Returns 0 on failure. This function is intended to be used to provide API
151 * semantics and as such, it invokes QUIC_RAISE_NON_NORMAL_ERROR() on failure.
153 static int expect_quic(const SSL *s, QCTX *ctx)
163 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_PASSED_NULL_PARAMETER, NULL);
166 case SSL_TYPE_QUIC_CONNECTION:
167 qc = (QUIC_CONNECTION *)s;
169 ctx->xso = qc->default_xso;
173 case SSL_TYPE_QUIC_XSO:
181 return QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL);
186 * Like expect_quic(), but requires a QUIC_XSO be contextually available. In
187 * other words, requires that the passed QSO be a QSSO or a QCSO with a default
190 * remote_init determines if we expect the default XSO to be remotely created or
191 * not. If it is -1, do not instantiate a default XSO if one does not yet exist.
193 * Channel mutex is acquired and retained on success.
196 static int ossl_unused expect_quic_with_stream_lock(const SSL *s, int remote_init,
199 if (!expect_quic(s, ctx))
204 if (ctx->xso == NULL && remote_init >= 0) {
205 if (ossl_quic_channel_is_term_any(ctx->qc->ch)) {
206 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
210 /* If we haven't finished the handshake, try to advance it. */
211 if (quic_do_handshake(ctx) < 1)
212 /* ossl_quic_do_handshake raised error here */
215 if (remote_init == 0) {
216 if (!qc_try_create_default_xso_for_write(ctx))
219 if (!qc_wait_for_default_xso_for_read(ctx))
223 ctx->xso = ctx->qc->default_xso;
226 if (ctx->xso == NULL) {
227 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
231 return 1; /* lock held */
234 quic_unlock(ctx->qc);
239 * Like expect_quic(), but fails if called on a QUIC_XSO. ctx->xso may still
240 * be non-NULL if the QCSO has a default stream.
242 static int ossl_unused expect_quic_conn_only(const SSL *s, QCTX *ctx)
244 if (!expect_quic(s, ctx))
248 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_CONN_USE_ONLY, NULL);
254 * Ensures that the channel mutex is held for a method which touches channel
257 * Precondition: Channel mutex is not held (unchecked)
259 static void quic_lock(QUIC_CONNECTION *qc)
261 #if defined(OPENSSL_THREADS)
262 ossl_crypto_mutex_lock(qc->mutex);
266 /* Precondition: Channel mutex is held (unchecked) */
268 static void quic_unlock(QUIC_CONNECTION *qc)
270 #if defined(OPENSSL_THREADS)
271 ossl_crypto_mutex_unlock(qc->mutex);
277 * QUIC Front-End I/O API: Initialization
278 * ======================================
280 * SSL_new => ossl_quic_new
282 * SSL_reset => ossl_quic_reset
283 * SSL_clear => ossl_quic_clear
285 * SSL_free => ossl_quic_free
290 SSL *ossl_quic_new(SSL_CTX *ctx)
292 QUIC_CONNECTION *qc = NULL;
293 SSL *ssl_base = NULL;
294 SSL_CONNECTION *sc = NULL;
296 qc = OPENSSL_zalloc(sizeof(*qc));
300 /* Initialise the QUIC_CONNECTION's stub header. */
302 if (!ossl_ssl_init(ssl_base, ctx, ctx->method, SSL_TYPE_QUIC_CONNECTION)) {
307 qc->tls = ossl_ssl_connection_new_int(ctx, TLS_method());
308 if (qc->tls == NULL || (sc = SSL_CONNECTION_FROM_SSL(qc->tls)) == NULL)
311 #if defined(OPENSSL_THREADS)
312 if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)
316 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
317 qc->is_thread_assisted
318 = (ssl_base->method == OSSL_QUIC_client_thread_method());
321 qc->as_server = 0; /* TODO(QUIC): server support */
322 qc->as_server_state = qc->as_server;
324 qc->default_stream_mode = SSL_DEFAULT_STREAM_MODE_AUTO_BIDI;
325 qc->default_ssl_mode = qc->ssl.ctx->mode;
326 qc->default_blocking = 1;
327 qc->incoming_stream_policy = SSL_INCOMING_STREAM_POLICY_AUTO;
328 qc->last_error = SSL_ERROR_NONE;
330 if (!create_channel(qc))
333 ossl_quic_channel_set_msg_callback(qc->ch, ctx->msg_callback, ssl_base);
334 ossl_quic_channel_set_msg_callback_arg(qc->ch, ctx->msg_callback_arg);
336 qc_update_reject_policy(qc);
339 * We do not create the default XSO yet. The reason for this is that the
340 * stream ID of the default XSO will depend on whether the stream is client
341 * or server-initiated, which depends on who transmits first. Since we do
342 * not know whether the application will be using a client-transmits-first
343 * or server-transmits-first protocol, we defer default XSO creation until
344 * the client calls SSL_read() or SSL_write(). If it calls SSL_read() first,
345 * we take that as a cue that the client is expecting a server-initiated
346 * stream, and vice versa if SSL_write() is called first.
352 #if defined(OPENSSL_THREADS)
353 ossl_crypto_mutex_free(qc->mutex);
355 ossl_quic_channel_free(qc->ch);
364 void ossl_quic_free(SSL *s)
369 /* We should never be called on anything but a QSO. */
370 if (!expect_quic(s, &ctx))
377 * When a QSSO is freed, the XSO is freed immediately, because the XSO
378 * itself only contains API personality layer data. However the
379 * underlying QUIC_STREAM is not freed immediately but is instead marked
380 * as deleted for later collection.
383 assert(ctx.qc->num_xso > 0);
386 /* If a stream's send part has not been finished, auto-reset it. */
387 if (ctx.xso->stream->sstream != NULL
388 && !ossl_quic_sstream_get_final_size(ctx.xso->stream->sstream, NULL))
389 ossl_quic_stream_map_reset_stream_send_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
392 /* Do STOP_SENDING for the receive part, if applicable. */
393 if (ctx.xso->stream->rstream != NULL)
394 ossl_quic_stream_map_stop_sending_recv_part(ossl_quic_channel_get_qsm(ctx.qc->ch),
397 /* Update stream state. */
398 ctx.xso->stream->deleted = 1;
399 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(ctx.qc->ch),
402 is_default = (ctx.xso == ctx.qc->default_xso);
406 * Unref the connection in most cases; the XSO has a ref to the QC and
407 * not vice versa. But for a default XSO, to avoid circular references,
408 * the QC refs the XSO but the XSO does not ref the QC. If we are the
409 * default XSO, we only get here when the QC is being torn down anyway,
410 * so don't call SSL_free(qc) as we are already in it.
413 SSL_free(&ctx.qc->ssl);
415 /* Note: SSL_free calls OPENSSL_free(xso) for us */
420 * Free the default XSO, if any. The QUIC_STREAM is not deleted at this
421 * stage, but is freed during the channel free when the whole QSM is freed.
423 if (ctx.qc->default_xso != NULL) {
424 QUIC_XSO *xso = ctx.qc->default_xso;
429 ctx.qc->default_xso = NULL;
432 /* Ensure we have no remaining XSOs. */
433 assert(ctx.qc->num_xso == 0);
435 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
436 if (ctx.qc->is_thread_assisted && ctx.qc->started) {
437 ossl_quic_thread_assist_wait_stopped(&ctx.qc->thread_assist);
438 ossl_quic_thread_assist_cleanup(&ctx.qc->thread_assist);
442 ossl_quic_channel_free(ctx.qc->ch);
444 BIO_free(ctx.qc->net_rbio);
445 BIO_free(ctx.qc->net_wbio);
447 /* Note: SSL_free calls OPENSSL_free(qc) for us */
449 SSL_free(ctx.qc->tls);
450 quic_unlock(ctx.qc); /* tsan doesn't like freeing locked mutexes */
451 #if defined(OPENSSL_THREADS)
452 ossl_crypto_mutex_free(&ctx.qc->mutex);
456 /* SSL method init */
457 int ossl_quic_init(SSL *s)
459 /* Same op as SSL_clear, forward the call. */
460 return ossl_quic_clear(s);
463 /* SSL method deinit */
464 void ossl_quic_deinit(SSL *s)
470 int ossl_quic_reset(SSL *s)
474 if (!expect_quic(s, &ctx))
477 /* TODO(QUIC); Currently a no-op. */
482 int ossl_quic_clear(SSL *s)
486 if (!expect_quic(s, &ctx))
489 /* TODO(QUIC): Currently a no-op. */
493 void ossl_quic_conn_set_override_now_cb(SSL *s,
494 OSSL_TIME (*now_cb)(void *arg),
499 if (!expect_quic(s, &ctx))
502 ctx.qc->override_now_cb = now_cb;
503 ctx.qc->override_now_cb_arg = now_cb_arg;
506 void ossl_quic_conn_force_assist_thread_wake(SSL *s)
510 if (!expect_quic(s, &ctx))
513 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
514 if (ctx.qc->is_thread_assisted && ctx.qc->started)
515 ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
520 static void qc_touch_default_xso(QUIC_CONNECTION *qc)
522 qc->default_xso_created = 1;
523 qc_update_reject_policy(qc);
527 * Changes default XSO. Allows caller to keep reference to the old default XSO
528 * (if any). Reference to new XSO is transferred from caller.
531 static void qc_set_default_xso_keep_ref(QUIC_CONNECTION *qc, QUIC_XSO *xso,
539 if (qc->default_xso != xso) {
540 *old_xso = qc->default_xso; /* transfer old XSO ref to caller */
542 qc->default_xso = xso;
546 * Changing to not having a default XSO. XSO becomes standalone and
547 * now has a ref to the QC.
549 if (!ossl_assert(SSL_up_ref(&qc->ssl)))
553 * Changing from not having a default XSO to having one. The new XSO
554 * will have had a reference to the QC we need to drop to avoid a
555 * circular reference.
557 * Currently we never change directly from one default XSO to
558 * another, though this function would also still be correct if this
561 assert(*old_xso == NULL);
563 CRYPTO_DOWN_REF(&qc->ssl.references, &refs, &qc->ssl.lock);
569 qc_touch_default_xso(qc);
573 * Changes default XSO, releasing the reference to any previous default XSO.
574 * Reference to new XSO is transferred from caller.
577 static void qc_set_default_xso(QUIC_CONNECTION *qc, QUIC_XSO *xso, int touch)
579 QUIC_XSO *old_xso = NULL;
581 qc_set_default_xso_keep_ref(qc, xso, touch, &old_xso);
584 SSL_free(&old_xso->ssl);
588 * QUIC Front-End I/O API: Network BIO Configuration
589 * =================================================
591 * Handling the different BIOs is difficult:
593 * - It is more or less a requirement that we use non-blocking network I/O;
594 * we need to be able to have timeouts on recv() calls, and make best effort
595 * (non blocking) send() and recv() calls.
597 * The only sensible way to do this is to configure the socket into
598 * non-blocking mode. We could try to do select() before calling send() or
599 * recv() to get a guarantee that the call will not block, but this will
600 * probably run into issues with buggy OSes which generate spurious socket
601 * readiness events. In any case, relying on this to work reliably does not
604 * Timeouts could be handled via setsockopt() socket timeout options, but
605 * this depends on OS support and adds another syscall to every network I/O
606 * operation. It also has obvious thread safety concerns if we want to move
607 * to concurrent use of a single socket at some later date.
609 * Some OSes support a MSG_DONTWAIT flag which allows a single I/O option to
610 * be made non-blocking. However some OSes (e.g. Windows) do not support
611 * this, so we cannot rely on this.
613 * As such, we need to configure any FD in non-blocking mode. This may
614 * confound users who pass a blocking socket to libssl. However, in practice
615 * it would be extremely strange for a user of QUIC to pass an FD to us,
616 * then also try and send receive traffic on the same socket(!). Thus the
617 * impact of this should be limited, and can be documented.
619 * - We support both blocking and non-blocking operation in terms of the API
620 * presented to the user. One prospect is to set the blocking mode based on
621 * whether the socket passed to us was already in blocking mode. However,
622 * Windows has no API for determining if a socket is in blocking mode (!),
623 * therefore this cannot be done portably. Currently therefore we expose an
624 * explicit API call to set this, and default to blocking mode.
626 * - We need to determine our initial destination UDP address. The "natural"
627 * way for a user to do this is to set the peer variable on a BIO_dgram.
628 * However, this has problems because BIO_dgram's peer variable is used for
629 * both transmission and reception. This means it can be constantly being
630 * changed to a malicious value (e.g. if some random unrelated entity on the
631 * network starts sending traffic to us) on every read call. This is not a
632 * direct issue because we use the 'stateless' BIO_sendmmsg and BIO_recvmmsg
633 * calls only, which do not use this variable. However, we do need to let
634 * the user specify the peer in a 'normal' manner. The compromise here is
635 * that we grab the current peer value set at the time the write BIO is set
636 * and do not read the value again.
638 * - We also need to support memory BIOs (e.g. BIO_dgram_pair) or custom BIOs.
639 * Currently we do this by only supporting non-blocking mode.
644 * Determines what initial destination UDP address we should use, if possible.
645 * If this fails the client must set the destination address manually, or use a
646 * BIO which does not need a destination address.
648 static int csm_analyse_init_peer_addr(BIO *net_wbio, BIO_ADDR *peer)
650 if (BIO_dgram_get_peer(net_wbio, peer) <= 0)
656 void ossl_quic_conn_set0_net_rbio(SSL *s, BIO *net_rbio)
660 if (!expect_quic(s, &ctx))
663 if (ctx.qc->net_rbio == net_rbio)
666 if (!ossl_quic_channel_set_net_rbio(ctx.qc->ch, net_rbio))
669 BIO_free(ctx.qc->net_rbio);
670 ctx.qc->net_rbio = net_rbio;
673 * If what we have is not pollable (e.g. a BIO_dgram_pair) disable blocking
674 * mode as we do not support it for non-pollable BIOs.
676 if (net_rbio != NULL) {
677 BIO_POLL_DESCRIPTOR d = {0};
679 if (!BIO_get_rpoll_descriptor(net_rbio, &d)
680 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
681 ctx.qc->blocking = 0;
682 ctx.qc->default_blocking = 0;
683 ctx.qc->can_poll_net_rbio = 0;
685 ctx.qc->can_poll_net_rbio = 1;
690 void ossl_quic_conn_set0_net_wbio(SSL *s, BIO *net_wbio)
694 if (!expect_quic(s, &ctx))
697 if (ctx.qc->net_wbio == net_wbio)
700 if (!ossl_quic_channel_set_net_wbio(ctx.qc->ch, net_wbio))
703 BIO_free(ctx.qc->net_wbio);
704 ctx.qc->net_wbio = net_wbio;
706 if (net_wbio != NULL) {
707 BIO_POLL_DESCRIPTOR d = {0};
709 if (!BIO_get_wpoll_descriptor(net_wbio, &d)
710 || d.type != BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD) {
711 ctx.qc->blocking = 0;
712 ctx.qc->default_blocking = 0;
713 ctx.qc->can_poll_net_wbio = 0;
715 ctx.qc->can_poll_net_wbio = 1;
719 * If we do not have a peer address yet, and we have not started trying
720 * to connect yet, try to autodetect one.
722 if (BIO_ADDR_family(&ctx.qc->init_peer_addr) == AF_UNSPEC
723 && !ctx.qc->started) {
724 if (!csm_analyse_init_peer_addr(net_wbio, &ctx.qc->init_peer_addr))
726 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
728 ossl_quic_channel_set_peer_addr(ctx.qc->ch,
729 &ctx.qc->init_peer_addr);
734 BIO *ossl_quic_conn_get_net_rbio(const SSL *s)
738 if (!expect_quic(s, &ctx))
741 return ctx.qc->net_rbio;
744 BIO *ossl_quic_conn_get_net_wbio(const SSL *s)
748 if (!expect_quic(s, &ctx))
751 return ctx.qc->net_wbio;
754 int ossl_quic_conn_get_blocking_mode(const SSL *s)
758 if (!expect_quic(s, &ctx))
762 return ctx.xso->blocking;
764 return ctx.qc->blocking;
767 int ossl_quic_conn_set_blocking_mode(SSL *s, int blocking)
771 if (!expect_quic(s, &ctx))
774 /* Cannot enable blocking mode if we do not have pollable FDs. */
776 (!ctx.qc->can_poll_net_rbio || !ctx.qc->can_poll_net_wbio))
777 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_UNSUPPORTED, NULL);
779 if (!ctx.is_stream) {
781 * If called on a QCSO, update default and connection-level blocking
784 ctx.qc->blocking = (blocking != 0);
785 ctx.qc->default_blocking = ctx.qc->blocking;
790 * If called on a QSSO or QCSO with a default XSO, update blocking
793 ctx.xso->blocking = (blocking != 0);
798 int ossl_quic_conn_set_initial_peer_addr(SSL *s,
799 const BIO_ADDR *peer_addr)
803 if (!expect_quic(s, &ctx))
807 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
810 if (peer_addr == NULL) {
811 BIO_ADDR_clear(&ctx.qc->init_peer_addr);
815 ctx.qc->init_peer_addr = *peer_addr;
820 * QUIC Front-End I/O API: Asynchronous I/O Management
821 * ===================================================
823 * (BIO/)SSL_tick => ossl_quic_tick
824 * (BIO/)SSL_get_tick_timeout => ossl_quic_get_tick_timeout
825 * (BIO/)SSL_get_poll_fd => ossl_quic_get_poll_fd
829 /* Returns 1 if the connection is being used in blocking mode. */
830 static int qc_blocking_mode(const QUIC_CONNECTION *qc)
835 static int xso_blocking_mode(const QUIC_XSO *xso)
838 && xso->conn->can_poll_net_rbio
839 && xso->conn->can_poll_net_wbio;
842 /* SSL_tick; ticks the reactor. */
844 int ossl_quic_tick(SSL *s)
848 if (!expect_quic(s, &ctx))
852 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
858 * SSL_get_tick_timeout. Get the time in milliseconds until the SSL object
859 * should be ticked by the application by calling SSL_tick(). tv is set to 0 if
860 * the object should be ticked immediately and tv->tv_sec is set to -1 if no
861 * timeout is currently active.
864 int ossl_quic_get_tick_timeout(SSL *s, struct timeval *tv)
867 OSSL_TIME deadline = ossl_time_infinite();
869 if (!expect_quic(s, &ctx))
875 = ossl_quic_reactor_get_tick_deadline(ossl_quic_channel_get_reactor(ctx.qc->ch));
877 if (ossl_time_is_infinite(deadline)) {
884 *tv = ossl_time_to_timeval(ossl_time_subtract(deadline, ossl_time_now()));
889 /* SSL_get_rpoll_descriptor */
890 int ossl_quic_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
894 if (!expect_quic(s, &ctx))
897 if (desc == NULL || ctx.qc->net_rbio == NULL)
900 return BIO_get_rpoll_descriptor(ctx.qc->net_rbio, desc);
903 /* SSL_get_wpoll_descriptor */
904 int ossl_quic_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc)
908 if (!expect_quic(s, &ctx))
911 if (desc == NULL || ctx.qc->net_wbio == NULL)
914 return BIO_get_wpoll_descriptor(ctx.qc->net_wbio, desc);
917 /* SSL_net_read_desired */
919 int ossl_quic_get_net_read_desired(SSL *s)
924 if (!expect_quic(s, &ctx))
928 ret = ossl_quic_reactor_net_read_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
933 /* SSL_net_write_desired */
935 int ossl_quic_get_net_write_desired(SSL *s)
940 if (!expect_quic(s, &ctx))
944 ret = ossl_quic_reactor_net_write_desired(ossl_quic_channel_get_reactor(ctx.qc->ch));
950 * QUIC Front-End I/O API: Connection Lifecycle Operations
951 * =======================================================
953 * SSL_do_handshake => ossl_quic_do_handshake
954 * SSL_set_connect_state => ossl_quic_set_connect_state
955 * SSL_set_accept_state => ossl_quic_set_accept_state
956 * SSL_shutdown => ossl_quic_shutdown
957 * SSL_ctrl => ossl_quic_ctrl
958 * (BIO/)SSL_connect => ossl_quic_connect
959 * (BIO/)SSL_accept => ossl_quic_accept
964 static int quic_shutdown_wait(void *arg)
966 QUIC_CONNECTION *qc = arg;
968 return ossl_quic_channel_is_terminated(qc->ch);
972 int ossl_quic_conn_shutdown(SSL *s, uint64_t flags,
973 const SSL_SHUTDOWN_EX_ARGS *args,
979 if (!expect_quic(s, &ctx))
983 /* TODO(QUIC): Semantics currently undefined for QSSOs */
988 ossl_quic_channel_local_close(ctx.qc->ch,
989 args != NULL ? args->quic_error_code : 0);
991 /* TODO(QUIC): !SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH */
993 if (ossl_quic_channel_is_terminated(ctx.qc->ch)) {
998 if (qc_blocking_mode(ctx.qc) && (flags & SSL_SHUTDOWN_FLAG_RAPID) == 0)
999 block_until_pred(ctx.qc, quic_shutdown_wait, ctx.qc, 0);
1001 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
1003 ret = ossl_quic_channel_is_terminated(ctx.qc->ch);
1004 quic_unlock(ctx.qc);
1009 long ossl_quic_ctrl(SSL *s, int cmd, long larg, void *parg)
1013 if (!expect_quic(s, &ctx))
1018 /* If called on a QCSO, update the default mode. */
1020 ctx.qc->default_ssl_mode |= (uint32_t)larg;
1023 * If we were called on a QSSO or have a default stream, we also update
1026 if (ctx.xso != NULL) {
1027 /* Cannot enable EPW while AON write in progress. */
1028 if (ctx.xso->aon_write_in_progress)
1029 larg &= ~SSL_MODE_ENABLE_PARTIAL_WRITE;
1031 ctx.xso->ssl_mode |= (uint32_t)larg;
1032 return ctx.xso->ssl_mode;
1035 return ctx.qc->default_ssl_mode;
1036 case SSL_CTRL_CLEAR_MODE:
1038 ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
1040 if (ctx.xso != NULL) {
1041 ctx.xso->ssl_mode &= ~(uint32_t)larg;
1042 return ctx.xso->ssl_mode;
1045 return ctx.qc->default_ssl_mode;
1047 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1048 ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
1049 /* This ctrl also needs to be passed to the internal SSL object */
1050 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
1053 /* Probably a TLS related ctrl. Defer to our internal SSL object */
1054 return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
1058 /* SSL_set_connect_state */
1059 void ossl_quic_set_connect_state(SSL *s)
1063 if (!expect_quic(s, &ctx))
1066 /* Cannot be changed after handshake started */
1067 if (ctx.qc->started || ctx.is_stream)
1070 ctx.qc->as_server_state = 0;
1073 /* SSL_set_accept_state */
1074 void ossl_quic_set_accept_state(SSL *s)
1078 if (!expect_quic(s, &ctx))
1081 /* Cannot be changed after handshake started */
1082 if (ctx.qc->started || ctx.is_stream)
1085 ctx.qc->as_server_state = 1;
1088 /* SSL_do_handshake */
1089 struct quic_handshake_wait_args {
1090 QUIC_CONNECTION *qc;
1093 static int quic_handshake_wait(void *arg)
1095 struct quic_handshake_wait_args *args = arg;
1097 if (!ossl_quic_channel_is_active(args->qc->ch))
1100 if (ossl_quic_channel_is_handshake_complete(args->qc->ch))
1106 static int configure_channel(QUIC_CONNECTION *qc)
1108 assert(qc->ch != NULL);
1110 if (!ossl_quic_channel_set_net_rbio(qc->ch, qc->net_rbio)
1111 || !ossl_quic_channel_set_net_wbio(qc->ch, qc->net_wbio)
1112 || !ossl_quic_channel_set_peer_addr(qc->ch, &qc->init_peer_addr))
1119 static int create_channel(QUIC_CONNECTION *qc)
1121 QUIC_CHANNEL_ARGS args = {0};
1123 args.libctx = qc->ssl.ctx->libctx;
1124 args.propq = qc->ssl.ctx->propq;
1125 args.is_server = qc->as_server;
1127 args.mutex = qc->mutex;
1128 args.now_cb = qc->override_now_cb;
1129 args.now_cb_arg = qc->override_now_cb_arg;
1131 qc->ch = ossl_quic_channel_new(&args);
1139 * Creates a channel and configures it with the information we have accumulated
1140 * via calls made to us from the application prior to starting a handshake
1144 static int ensure_channel_started(QUIC_CONNECTION *qc)
1147 if (!configure_channel(qc)
1148 || !ossl_quic_channel_start(qc->ch))
1151 #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
1152 if (qc->is_thread_assisted)
1153 if (!ossl_quic_thread_assist_init_start(&qc->thread_assist, qc->ch))
1162 ossl_quic_channel_free(qc->ch);
1168 static int quic_do_handshake(QCTX *ctx)
1171 QUIC_CONNECTION *qc = ctx->qc;
1173 if (ossl_quic_channel_is_handshake_complete(qc->ch))
1174 /* Handshake already completed. */
1177 if (ossl_quic_channel_is_term_any(qc->ch))
1178 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1180 if (BIO_ADDR_family(&qc->init_peer_addr) == AF_UNSPEC) {
1181 /* Peer address must have been set. */
1182 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_REMOTE_PEER_ADDRESS_NOT_SET, NULL);
1183 return -1; /* Non-protocol error */
1186 if (qc->as_server != qc->as_server_state) {
1187 /* TODO(QUIC): Must match the method used to create the QCSO */
1188 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_PASSED_INVALID_ARGUMENT, NULL);
1189 return -1; /* Non-protocol error */
1192 if (qc->net_rbio == NULL || qc->net_wbio == NULL) {
1193 /* Need read and write BIOs. */
1194 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BIO_NOT_SET, NULL);
1195 return -1; /* Non-protocol error */
1199 * Start connection process. Note we may come here multiple times in
1200 * non-blocking mode, which is fine.
1202 if (!ensure_channel_started(qc)) {
1203 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1204 return -1; /* Non-protocol error */
1207 if (ossl_quic_channel_is_handshake_complete(qc->ch))
1208 /* The handshake is now done. */
1211 if (qc_blocking_mode(qc)) {
1212 /* In blocking mode, wait for the handshake to complete. */
1213 struct quic_handshake_wait_args args;
1217 ret = block_until_pred(qc, quic_handshake_wait, &args, 0);
1218 if (!ossl_quic_channel_is_active(qc->ch)) {
1219 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1220 return 0; /* Shutdown before completion */
1221 } else if (ret <= 0) {
1222 QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1223 return -1; /* Non-protocol error */
1226 assert(ossl_quic_channel_is_handshake_complete(qc->ch));
1229 /* Try to advance the reactor. */
1230 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1232 if (ossl_quic_channel_is_handshake_complete(qc->ch))
1233 /* The handshake is now done. */
1236 /* Otherwise, indicate that the handshake isn't done yet. */
1237 QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
1238 return -1; /* Non-protocol error */
1243 int ossl_quic_do_handshake(SSL *s)
1248 if (!expect_quic(s, &ctx))
1253 ret = quic_do_handshake(&ctx);
1254 quic_unlock(ctx.qc);
1259 int ossl_quic_connect(SSL *s)
1261 /* Ensure we are in connect state (no-op if non-idle). */
1262 ossl_quic_set_connect_state(s);
1264 /* Begin or continue the handshake */
1265 return ossl_quic_do_handshake(s);
1269 int ossl_quic_accept(SSL *s)
1271 /* Ensure we are in accept state (no-op if non-idle). */
1272 ossl_quic_set_accept_state(s);
1274 /* Begin or continue the handshake */
1275 return ossl_quic_do_handshake(s);
1279 * QUIC Front-End I/O API: Stream Lifecycle Operations
1280 * ===================================================
1282 * SSL_stream_new => ossl_quic_conn_stream_new
1287 * Try to create the default XSO if it doesn't already exist. Returns 1 if the
1288 * default XSO was created. Returns 0 if it was not (e.g. because it already
1289 * exists). Note that this is NOT an error condition.
1292 static int qc_try_create_default_xso_for_write(QCTX *ctx)
1295 QUIC_CONNECTION *qc = ctx->qc;
1297 if (qc->default_xso_created
1298 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1300 * We only do this once. If the user detaches a previously created
1301 * default XSO we don't auto-create another one.
1303 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
1305 /* Create a locally-initiated stream. */
1306 if (qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1307 flags |= SSL_STREAM_FLAG_UNI;
1309 qc_set_default_xso(qc, (QUIC_XSO *)quic_conn_stream_new(ctx, flags,
1312 if (qc->default_xso == NULL)
1313 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1315 qc_touch_default_xso(qc);
1319 struct quic_wait_for_stream_args {
1320 QUIC_CONNECTION *qc;
1327 static int quic_wait_for_stream(void *arg)
1329 struct quic_wait_for_stream_args *args = arg;
1331 if (!ossl_quic_channel_is_active(args->qc->ch)) {
1332 /* If connection is torn down due to an error while blocking, stop. */
1333 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1337 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1338 args->expect_id | QUIC_STREAM_DIR_BIDI);
1339 if (args->qs == NULL)
1340 args->qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(args->qc->ch),
1341 args->expect_id | QUIC_STREAM_DIR_UNI);
1343 if (args->qs != NULL)
1344 return 1; /* stream now exists */
1346 return 0; /* did not get a stream, keep trying */
1350 static int qc_wait_for_default_xso_for_read(QCTX *ctx)
1352 /* Called on a QCSO and we don't currently have a default stream. */
1354 QUIC_CONNECTION *qc = ctx->qc;
1357 struct quic_wait_for_stream_args wargs;
1360 * If default stream functionality is disabled or we already detached
1361 * one, don't make another default stream and just fail.
1363 if (qc->default_xso_created
1364 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
1365 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_NO_STREAM, NULL);
1368 * The peer may have opened a stream since we last ticked. So tick and
1369 * see if the stream with ordinal 0 (remote, bidi/uni based on stream
1370 * mode) exists yet. QUIC stream IDs must be allocated in order, so the
1371 * first stream created by a peer must have an ordinal of 0.
1373 expect_id = qc->as_server
1374 ? QUIC_STREAM_INITIATOR_CLIENT
1375 : QUIC_STREAM_INITIATOR_SERVER;
1377 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1378 expect_id | QUIC_STREAM_DIR_BIDI);
1380 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1381 expect_id | QUIC_STREAM_DIR_UNI);
1384 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(qc->ch), 0);
1386 qs = ossl_quic_stream_map_get_by_id(ossl_quic_channel_get_qsm(qc->ch),
1391 if (!qc_blocking_mode(qc))
1392 /* Non-blocking mode, so just bail immediately. */
1393 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_READ);
1395 /* Block until we have a stream. */
1399 wargs.expect_id = expect_id;
1401 res = block_until_pred(qc, quic_wait_for_stream, &wargs, 0);
1403 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1404 else if (res < 0 || wargs.qs == NULL)
1405 /* quic_wait_for_stream raised error here */
1412 * We now have qs != NULL. Make it the default stream, creating the
1415 qc_set_default_xso(qc, create_xso_from_stream(qc, qs), /*touch=*/0);
1416 if (qc->default_xso == NULL)
1417 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1419 qc_touch_default_xso(qc); /* inhibits default XSO */
1424 static QUIC_XSO *create_xso_from_stream(QUIC_CONNECTION *qc, QUIC_STREAM *qs)
1426 QUIC_XSO *xso = NULL;
1428 if ((xso = OPENSSL_zalloc(sizeof(*xso))) == NULL)
1431 if (!ossl_ssl_init(&xso->ssl, qc->ssl.ctx, qc->ssl.method, SSL_TYPE_QUIC_XSO))
1435 if (!SSL_up_ref(&qc->ssl))
1439 xso->blocking = qc->default_blocking;
1440 xso->ssl_mode = qc->default_ssl_mode;
1441 xso->last_error = SSL_ERROR_NONE;
1453 /* locking depends on need_lock */
1454 static SSL *quic_conn_stream_new(QCTX *ctx, uint64_t flags, int need_lock)
1456 QUIC_CONNECTION *qc = ctx->qc;
1457 QUIC_XSO *xso = NULL;
1458 QUIC_STREAM *qs = NULL;
1459 int is_uni = ((flags & SSL_STREAM_FLAG_UNI) != 0);
1464 if (ossl_quic_channel_is_term_any(qc->ch)) {
1465 QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1469 qs = ossl_quic_channel_new_stream_local(qc->ch, is_uni);
1473 xso = create_xso_from_stream(qc, qs);
1477 qc_touch_default_xso(qc); /* inhibits default XSO */
1485 ossl_quic_stream_map_release(ossl_quic_channel_get_qsm(qc->ch), qs);
1494 SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags)
1498 if (!expect_quic_conn_only(s, &ctx))
1501 return quic_conn_stream_new(&ctx, flags, /*need_lock=*/1);
1505 * QUIC Front-End I/O API: Steady-State Operations
1506 * ===============================================
1508 * Here we dispatch calls to the steady-state front-end I/O API functions; that
1509 * is, the functions used during the established phase of a QUIC connection
1510 * (e.g. SSL_read, SSL_write).
1512 * Each function must handle both blocking and non-blocking modes. As discussed
1513 * above, all QUIC I/O is implemented using non-blocking mode internally.
1515 * SSL_get_error => partially implemented by ossl_quic_get_error
1516 * (BIO/)SSL_read => ossl_quic_read
1517 * (BIO/)SSL_write => ossl_quic_write
1518 * SSL_pending => ossl_quic_pending
1519 * SSL_stream_conclude => ossl_quic_conn_stream_conclude
1523 int ossl_quic_get_error(const SSL *s, int i)
1527 if (!expect_quic(s, &ctx))
1530 return ctx.is_stream ? ctx.xso->last_error : ctx.qc->last_error;
1537 * The set of functions below provide the implementation of the public SSL_write
1538 * function. We must handle:
1540 * - both blocking and non-blocking operation at the application level,
1541 * depending on how we are configured;
1543 * - SSL_MODE_ENABLE_PARTIAL_WRITE being on or off;
1545 * - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
1549 static void quic_post_write(QUIC_XSO *xso, int did_append, int do_tick)
1552 * We have appended at least one byte to the stream.
1553 * Potentially mark stream as active, depending on FC.
1556 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(xso->conn->ch),
1562 * TODO(QUIC): It is probably inefficient to try and do this immediately,
1563 * plus we should eventually consider Nagle's algorithm.
1566 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(xso->conn->ch), 0);
1569 struct quic_write_again_args {
1571 const unsigned char *buf;
1573 size_t total_written;
1577 static int quic_write_again(void *arg)
1579 struct quic_write_again_args *args = arg;
1580 size_t actual_written = 0;
1582 if (!ossl_quic_channel_is_active(args->xso->conn->ch))
1583 /* If connection is torn down due to an error while blocking, stop. */
1586 if (!ossl_quic_sstream_append(args->xso->stream->sstream,
1587 args->buf, args->len, &actual_written))
1590 quic_post_write(args->xso, actual_written > 0, 0);
1592 args->buf += actual_written;
1593 args->len -= actual_written;
1594 args->total_written += actual_written;
1597 /* Written everything, done. */
1600 /* Not written everything yet, keep trying. */
1605 static int quic_write_blocking(QCTX *ctx, const void *buf, size_t len,
1609 QUIC_XSO *xso = ctx->xso;
1610 struct quic_write_again_args args;
1611 size_t actual_written = 0;
1613 /* First make a best effort to append as much of the data as possible. */
1614 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len,
1616 /* Stream already finished or allocation error. */
1618 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1621 quic_post_write(xso, actual_written > 0, 1);
1623 if (actual_written == len) {
1624 /* Managed to append everything on the first try. */
1625 *written = actual_written;
1630 * We did not manage to append all of the data immediately, so the stream
1631 * buffer has probably filled up. This means we need to block until some of
1635 args.buf = (const unsigned char *)buf + actual_written;
1636 args.len = len - actual_written;
1637 args.total_written = 0;
1639 res = block_until_pred(xso->conn, quic_write_again, &args, 0);
1641 if (!ossl_quic_channel_is_active(xso->conn->ch))
1642 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1644 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1647 *written = args.total_written;
1652 * Functions to manage All-or-Nothing (AON) (that is, non-ENABLE_PARTIAL_WRITE)
1655 static void aon_write_begin(QUIC_XSO *xso, const unsigned char *buf,
1656 size_t buf_len, size_t already_sent)
1658 assert(!xso->aon_write_in_progress);
1660 xso->aon_write_in_progress = 1;
1661 xso->aon_buf_base = buf;
1662 xso->aon_buf_pos = already_sent;
1663 xso->aon_buf_len = buf_len;
1666 static void aon_write_finish(QUIC_XSO *xso)
1668 xso->aon_write_in_progress = 0;
1669 xso->aon_buf_base = NULL;
1670 xso->aon_buf_pos = 0;
1671 xso->aon_buf_len = 0;
1675 static int quic_write_nonblocking_aon(QCTX *ctx, const void *buf,
1676 size_t len, size_t *written)
1678 QUIC_XSO *xso = ctx->xso;
1679 const void *actual_buf;
1680 size_t actual_len, actual_written = 0;
1681 int accept_moving_buffer
1682 = ((xso->ssl_mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) != 0);
1684 if (xso->aon_write_in_progress) {
1686 * We are in the middle of an AON write (i.e., a previous write did not
1687 * manage to append all data to the SSTREAM and we have Enable Partial
1688 * Write (EPW) mode disabled.)
1690 if ((!accept_moving_buffer && xso->aon_buf_base != buf)
1691 || len != xso->aon_buf_len)
1693 * Pointer must not have changed if we are not in accept moving
1694 * buffer mode. Length must never change.
1696 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, SSL_R_BAD_WRITE_RETRY, NULL);
1698 actual_buf = (unsigned char *)buf + xso->aon_buf_pos;
1699 actual_len = len - xso->aon_buf_pos;
1700 assert(actual_len > 0);
1706 /* First make a best effort to append as much of the data as possible. */
1707 if (!ossl_quic_sstream_append(xso->stream->sstream, actual_buf, actual_len,
1709 /* Stream already finished or allocation error. */
1711 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1714 quic_post_write(xso, actual_written > 0, 1);
1716 if (actual_written == actual_len) {
1717 /* We have sent everything. */
1718 if (xso->aon_write_in_progress) {
1720 * We have sent everything, and we were in the middle of an AON
1721 * write. The output write length is the total length of the AON
1722 * buffer, not however many bytes we managed to write to the stream
1725 *written = xso->aon_buf_len;
1726 aon_write_finish(xso);
1728 *written = actual_written;
1734 if (xso->aon_write_in_progress) {
1736 * AON write is in progress but we have not written everything yet. We
1737 * may have managed to send zero bytes, or some number of bytes less
1738 * than the total remaining which need to be appended during this
1741 xso->aon_buf_pos += actual_written;
1742 assert(xso->aon_buf_pos < xso->aon_buf_len);
1743 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
1747 * Not in an existing AON operation but partial write is not enabled, so we
1748 * need to begin a new AON operation. However we needn't bother if we didn't
1749 * actually append anything.
1751 if (actual_written > 0)
1752 aon_write_begin(xso, buf, len, actual_written);
1755 * AON - We do not publicly admit to having appended anything until AON
1759 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_WANT_WRITE);
1763 static int quic_write_nonblocking_epw(QCTX *ctx, const void *buf, size_t len,
1766 QUIC_XSO *xso = ctx->xso;
1768 /* Simple best effort operation. */
1769 if (!ossl_quic_sstream_append(xso->stream->sstream, buf, len, written)) {
1770 /* Stream already finished or allocation error. */
1772 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1775 quic_post_write(xso, *written > 0, 1);
1780 int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
1791 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
1794 partial_write = ((ctx.xso->ssl_mode & SSL_MODE_ENABLE_PARTIAL_WRITE) != 0);
1796 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1797 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1802 * If we haven't finished the handshake, try to advance it.
1803 * We don't accept writes until the handshake is completed.
1805 if (quic_do_handshake(&ctx) < 1) {
1810 if (ctx.xso->stream == NULL || ctx.xso->stream->sstream == NULL) {
1811 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
1815 if (xso_blocking_mode(ctx.xso))
1816 ret = quic_write_blocking(&ctx, buf, len, written);
1817 else if (partial_write)
1818 ret = quic_write_nonblocking_epw(&ctx, buf, len, written);
1820 ret = quic_write_nonblocking_aon(&ctx, buf, len, written);
1823 quic_unlock(ctx.qc);
1831 struct quic_read_again_args {
1833 QUIC_STREAM *stream;
1841 static int quic_read_actual(QCTX *ctx,
1842 QUIC_STREAM *stream,
1843 void *buf, size_t buf_len,
1848 QUIC_CONNECTION *qc = ctx->qc;
1850 /* If the receive part of the stream is over, issue EOF. */
1851 if (stream->recv_fin_retired)
1852 return QUIC_RAISE_NORMAL_ERROR(ctx, SSL_ERROR_ZERO_RETURN);
1854 if (stream->rstream == NULL)
1855 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1858 if (!ossl_quic_rstream_peek(stream->rstream, buf, buf_len,
1859 bytes_read, &is_fin))
1860 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1863 if (!ossl_quic_rstream_read(stream->rstream, buf, buf_len,
1864 bytes_read, &is_fin))
1865 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1869 if (*bytes_read > 0) {
1871 * We have read at least one byte from the stream. Inform stream-level
1872 * RXFC of the retirement of controlled bytes. Update the active stream
1873 * status (the RXFC may now want to emit a frame granting more credit to
1876 OSSL_RTT_INFO rtt_info;
1878 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(qc->ch), &rtt_info);
1880 if (!ossl_quic_rxfc_on_retire(&stream->rxfc, *bytes_read,
1881 rtt_info.smoothed_rtt))
1882 return QUIC_RAISE_NON_NORMAL_ERROR(ctx, ERR_R_INTERNAL_ERROR, NULL);
1886 stream->recv_fin_retired = 1;
1888 if (*bytes_read > 0)
1889 ossl_quic_stream_map_update_state(ossl_quic_channel_get_qsm(qc->ch),
1897 static int quic_read_again(void *arg)
1899 struct quic_read_again_args *args = arg;
1901 if (!ossl_quic_channel_is_active(args->ctx->qc->ch)) {
1902 /* If connection is torn down due to an error while blocking, stop. */
1903 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1907 if (!quic_read_actual(args->ctx, args->stream,
1908 args->buf, args->len, args->bytes_read,
1912 if (*args->bytes_read > 0)
1913 /* got at least one byte, the SSL_read op can finish now */
1916 return 0; /* did not read anything, keep trying */
1920 static int quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read, int peek)
1924 struct quic_read_again_args args;
1928 if (!expect_quic(s, &ctx))
1933 if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
1934 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
1938 /* If we haven't finished the handshake, try to advance it. */
1939 if (quic_do_handshake(&ctx) < 1) {
1940 ret = 0; /* ossl_quic_do_handshake raised error here */
1944 if (ctx.xso == NULL) {
1946 * Called on a QCSO and we don't currently have a default stream.
1948 * Wait until we get a stream initiated by the peer (blocking mode) or
1949 * fail if we don't have one yet (non-blocking mode).
1951 if (!qc_wait_for_default_xso_for_read(&ctx)) {
1952 ret = 0; /* error already raised here */
1956 ctx.xso = ctx.qc->default_xso;
1959 if (ctx.xso->stream == NULL) {
1960 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
1964 if (!quic_read_actual(&ctx, ctx.xso->stream, buf, len, bytes_read, peek)) {
1965 ret = 0; /* quic_read_actual raised error here */
1969 if (*bytes_read > 0) {
1971 * Even though we succeeded, tick the reactor here to ensure we are
1972 * handling other aspects of the QUIC connection.
1974 ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
1976 } else if (xso_blocking_mode(ctx.xso)) {
1978 * We were not able to read anything immediately, so our stream
1979 * buffer is empty. This means we need to block until we get
1980 * at least one byte.
1983 args.stream = ctx.xso->stream;
1986 args.bytes_read = bytes_read;
1989 res = block_until_pred(ctx.qc, quic_read_again, &args, 0);
1991 ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
1993 } else if (res < 0) {
1994 ret = 0; /* quic_read_again raised error here */
2000 /* We did not get any bytes and are not in blocking mode. */
2001 ret = QUIC_RAISE_NORMAL_ERROR(&ctx, SSL_ERROR_WANT_READ);
2005 quic_unlock(ctx.qc);
2009 int ossl_quic_read(SSL *s, void *buf, size_t len, size_t *bytes_read)
2011 return quic_read(s, buf, len, bytes_read, 0);
2014 int ossl_quic_peek(SSL *s, void *buf, size_t len, size_t *bytes_read)
2016 return quic_read(s, buf, len, bytes_read, 1);
2024 static size_t ossl_quic_pending_int(const SSL *s)
2030 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
2033 if (ctx.xso->stream == NULL || ctx.xso->stream->rstream == NULL)
2034 /* Cannot raise errors here because we are const, just fail. */
2037 if (!ossl_quic_rstream_available(ctx.xso->stream->rstream, &avail, &fin))
2041 quic_unlock(ctx.qc);
2045 size_t ossl_quic_pending(const SSL *s)
2047 return ossl_quic_pending_int(s);
2050 int ossl_quic_has_pending(const SSL *s)
2052 return ossl_quic_pending_int(s) > 0;
2056 * SSL_stream_conclude
2057 * -------------------
2060 int ossl_quic_conn_stream_conclude(SSL *s)
2065 if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
2068 qs = ctx.xso->stream;
2070 if (qs == NULL || qs->sstream == NULL) {
2071 quic_unlock(ctx.qc);
2075 if (!ossl_quic_channel_is_active(ctx.qc->ch)
2076 || ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
2077 quic_unlock(ctx.qc);
2081 ossl_quic_sstream_fin(qs->sstream);
2082 quic_post_write(ctx.xso, 1, 1);
2083 quic_unlock(ctx.qc);
2088 * SSL_inject_net_dgram
2089 * --------------------
2092 int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
2094 const BIO_ADDR *peer,
2095 const BIO_ADDR *local)
2101 if (!expect_quic(s, &ctx))
2106 demux = ossl_quic_channel_get0_demux(ctx.qc->ch);
2107 ret = ossl_quic_demux_inject(demux, buf, buf_len, peer, local);
2109 quic_unlock(ctx.qc);
2114 * SSL_get0_connection
2115 * -------------------
2117 SSL *ossl_quic_get0_connection(SSL *s)
2121 if (!expect_quic(s, &ctx))
2124 return &ctx.qc->ssl;
2128 * SSL_get_stream_type
2129 * -------------------
2131 int ossl_quic_get_stream_type(SSL *s)
2135 if (!expect_quic(s, &ctx))
2136 return SSL_STREAM_TYPE_BIDI;
2138 if (ctx.xso == NULL) {
2140 * If deferred XSO creation has yet to occur, proceed according to the
2141 * default stream mode. If AUTO_BIDI or AUTO_UNI is set, we cannot know
2142 * what kind of stream will be created yet, so return BIDI on the basis
2143 * that at this time, the client still has the option of calling
2144 * SSL_read() or SSL_write() first.
2146 if (ctx.qc->default_xso_created
2147 || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
2148 return SSL_STREAM_TYPE_NONE;
2150 return SSL_STREAM_TYPE_BIDI;
2153 if (ossl_quic_stream_is_bidi(ctx.xso->stream))
2154 return SSL_STREAM_TYPE_BIDI;
2156 if (ossl_quic_stream_is_server_init(ctx.xso->stream) != ctx.qc->as_server)
2157 return SSL_STREAM_TYPE_READ;
2159 return SSL_STREAM_TYPE_WRITE;
2167 uint64_t ossl_quic_get_stream_id(SSL *s)
2172 if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
2175 id = ctx.xso->stream->id;
2176 quic_unlock(ctx.qc);
2182 * SSL_set_default_stream_mode
2183 * ---------------------------
2186 int ossl_quic_set_default_stream_mode(SSL *s, uint32_t mode)
2190 if (!expect_quic_conn_only(s, &ctx))
2195 if (ctx.qc->default_xso_created)
2196 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
2197 "too late to change default stream mode");
2200 case SSL_DEFAULT_STREAM_MODE_NONE:
2201 case SSL_DEFAULT_STREAM_MODE_AUTO_BIDI:
2202 case SSL_DEFAULT_STREAM_MODE_AUTO_UNI:
2203 ctx.qc->default_stream_mode = mode;
2206 quic_unlock(ctx.qc);
2207 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
2208 "bad default stream type");
2211 quic_unlock(ctx.qc);
2220 SSL *ossl_quic_detach_stream(SSL *s)
2223 QUIC_XSO *xso = NULL;
2225 if (!expect_quic_conn_only(s, &ctx))
2230 /* Calling this function inhibits default XSO autocreation. */
2231 /* QC ref to any default XSO is transferred to us and to caller. */
2232 qc_set_default_xso_keep_ref(ctx.qc, NULL, /*touch=*/1, &xso);
2234 quic_unlock(ctx.qc);
2236 return xso != NULL ? &xso->ssl : NULL;
2244 int ossl_quic_attach_stream(SSL *conn, SSL *stream)
2250 if (!expect_quic_conn_only(conn, &ctx))
2253 if (stream == NULL || stream->type != SSL_TYPE_QUIC_XSO)
2254 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_NULL_PARAMETER,
2255 "stream to attach must be a valid QUIC stream");
2257 xso = (QUIC_XSO *)stream;
2261 if (ctx.qc->default_xso != NULL) {
2262 quic_unlock(ctx.qc);
2263 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
2264 "connection already has a default stream");
2268 * It is a caller error for the XSO being attached as a default XSO to have
2269 * more than one ref.
2271 if (!CRYPTO_GET_REF(&xso->ssl.references, &nref, &xso->ssl.lock)) {
2272 quic_unlock(ctx.qc);
2273 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR,
2278 quic_unlock(ctx.qc);
2279 return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
2280 "stream being attached must have "
2281 "only 1 reference");
2284 /* Caller's reference to the XSO is transferred to us. */
2285 /* Calling this function inhibits default XSO autocreation. */
2286 qc_set_default_xso(ctx.qc, xso, /*touch=*/1);
2288 quic_unlock(ctx.qc);
2293 * SSL_set_incoming_stream_policy
2294 * ------------------------------
2297 static int qc_get_effective_incoming_stream_policy(QUIC_CONNECTION *qc)
2299 switch (qc->incoming_stream_policy) {
2300 case SSL_INCOMING_STREAM_POLICY_AUTO:
2301 if ((qc->default_xso == NULL && !qc->default_xso_created)
2302 || qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
2303 return SSL_INCOMING_STREAM_POLICY_ACCEPT;
2305 return SSL_INCOMING_STREAM_POLICY_REJECT;
2308 return qc->incoming_stream_policy;
2313 static void qc_update_reject_policy(QUIC_CONNECTION *qc)
2315 int policy = qc_get_effective_incoming_stream_policy(qc);
2316 int enable_reject = (policy == SSL_INCOMING_STREAM_POLICY_REJECT);
2318 ossl_quic_channel_set_incoming_stream_auto_reject(qc->ch,
2320 qc->incoming_stream_aec);
2324 int ossl_quic_set_incoming_stream_policy(SSL *s, int policy,
2330 if (!expect_quic_conn_only(s, &ctx))
2336 case SSL_INCOMING_STREAM_POLICY_AUTO:
2337 case SSL_INCOMING_STREAM_POLICY_ACCEPT:
2338 case SSL_INCOMING_STREAM_POLICY_REJECT:
2339 ctx.qc->incoming_stream_policy = policy;
2340 ctx.qc->incoming_stream_aec = aec;
2348 qc_update_reject_policy(ctx.qc);
2349 quic_unlock(ctx.qc);
2357 struct wait_for_incoming_stream_args {
2363 static int wait_for_incoming_stream(void *arg)
2365 struct wait_for_incoming_stream_args *args = arg;
2366 QUIC_CONNECTION *qc = args->ctx->qc;
2367 QUIC_STREAM_MAP *qsm = ossl_quic_channel_get_qsm(qc->ch);
2369 if (!ossl_quic_channel_is_active(qc->ch)) {
2370 /* If connection is torn down due to an error while blocking, stop. */
2371 QUIC_RAISE_NON_NORMAL_ERROR(args->ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
2375 args->qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2376 if (args->qs != NULL)
2377 return 1; /* got a stream */
2379 return 0; /* did not get a stream, keep trying */
2383 SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags)
2388 QUIC_STREAM_MAP *qsm;
2391 OSSL_RTT_INFO rtt_info;
2393 if (!expect_quic_conn_only(s, &ctx))
2398 if (qc_get_effective_incoming_stream_policy(ctx.qc)
2399 == SSL_INCOMING_STREAM_POLICY_REJECT)
2402 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2404 qs = ossl_quic_stream_map_peek_accept_queue(qsm);
2406 if (qc_blocking_mode(ctx.qc)
2407 && (flags & SSL_ACCEPT_STREAM_NO_BLOCK) == 0) {
2408 struct wait_for_incoming_stream_args args;
2413 ret = block_until_pred(ctx.qc, wait_for_incoming_stream, &args, 0);
2415 QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_INTERNAL_ERROR, NULL);
2417 } else if (ret < 0 || args.qs == NULL) {
2427 xso = create_xso_from_stream(ctx.qc, qs);
2431 ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info);
2432 ossl_quic_stream_map_remove_from_accept_queue(qsm, qs,
2433 rtt_info.smoothed_rtt);
2436 /* Calling this function inhibits default XSO autocreation. */
2437 qc_touch_default_xso(ctx.qc); /* inhibits default XSO */
2440 quic_unlock(ctx.qc);
2445 * SSL_get_accept_stream_queue_len
2446 * -------------------------------
2449 size_t ossl_quic_get_accept_stream_queue_len(SSL *s)
2454 if (!expect_quic_conn_only(s, &ctx))
2459 v = ossl_quic_stream_map_get_accept_queue_len(ossl_quic_channel_get_qsm(ctx.qc->ch));
2461 quic_unlock(ctx.qc);
2469 int ossl_quic_stream_reset(SSL *ssl,
2470 const SSL_STREAM_RESET_ARGS *args,
2474 QUIC_STREAM_MAP *qsm;
2476 uint64_t error_code;
2478 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/0, &ctx))
2481 qsm = ossl_quic_channel_get_qsm(ctx.qc->ch);
2482 qs = ctx.xso->stream;
2483 error_code = (args != NULL ? args->quic_error_code : 0);
2485 ossl_quic_stream_map_reset_stream_send_part(qsm, qs, error_code);
2487 quic_unlock(ctx.qc);
2492 * SSL_get_stream_read_state
2493 * -------------------------
2495 static void quic_classify_stream(QUIC_CONNECTION *qc,
2499 uint64_t *app_error_code)
2502 uint64_t final_size;
2504 local_init = (ossl_quic_stream_is_server_init(qs) == qc->as_server);
2506 if (app_error_code != NULL)
2507 *app_error_code = UINT64_MAX;
2509 app_error_code = &final_size; /* throw away value */
2511 if (!ossl_quic_stream_is_bidi(qs) && local_init != is_write) {
2513 * Unidirectional stream and this direction of transmission doesn't
2516 *state = SSL_STREAM_STATE_WRONG_DIR;
2517 } else if (ossl_quic_channel_is_term_any(qc->ch)) {
2518 /* Connection already closed. */
2519 *state = SSL_STREAM_STATE_CONN_CLOSED;
2520 } else if (!is_write && qs->recv_fin_retired) {
2521 /* Application has read a FIN. */
2522 *state = SSL_STREAM_STATE_FINISHED;
2523 } else if ((!is_write && qs->stop_sending)
2524 || (is_write && qs->reset_stream)) {
2526 * Stream has been reset locally. FIN takes precedence over this for the
2527 * read case as the application need not care if the stream is reset
2528 * after a FIN has been successfully processed.
2530 *state = SSL_STREAM_STATE_RESET_LOCAL;
2531 *app_error_code = !is_write
2532 ? qs->stop_sending_aec
2533 : qs->reset_stream_aec;
2534 } else if ((!is_write && qs->peer_reset_stream)
2535 || (is_write && qs->peer_stop_sending)) {
2537 * Stream has been reset remotely. */
2538 *state = SSL_STREAM_STATE_RESET_REMOTE;
2539 *app_error_code = !is_write
2540 ? qs->peer_reset_stream_aec
2541 : qs->peer_stop_sending_aec;
2542 } else if (is_write && ossl_quic_sstream_get_final_size(qs->sstream,
2545 * Stream has been finished. Stream reset takes precedence over this for
2546 * the write case as peer may not have received all data.
2548 *state = SSL_STREAM_STATE_FINISHED;
2550 /* Stream still healthy. */
2551 *state = SSL_STREAM_STATE_OK;
2555 static int quic_get_stream_state(SSL *ssl, int is_write)
2560 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
2561 return SSL_STREAM_STATE_NONE;
2563 quic_classify_stream(ctx.qc, ctx.xso->stream, is_write, &state, NULL);
2564 quic_unlock(ctx.qc);
2568 int ossl_quic_get_stream_read_state(SSL *ssl)
2570 return quic_get_stream_state(ssl, /*is_write=*/0);
2574 * SSL_get_stream_write_state
2575 * --------------------------
2577 int ossl_quic_get_stream_write_state(SSL *ssl)
2579 return quic_get_stream_state(ssl, /*is_write=*/1);
2583 * SSL_get_stream_read_error_code
2584 * ------------------------------
2586 static int quic_get_stream_error_code(SSL *ssl, int is_write,
2587 uint64_t *app_error_code)
2592 if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
2595 quic_classify_stream(ctx.qc, ctx.xso->stream, /*is_write=*/0,
2596 &state, app_error_code);
2598 quic_unlock(ctx.qc);
2600 case SSL_STREAM_STATE_FINISHED:
2602 case SSL_STREAM_STATE_RESET_LOCAL:
2603 case SSL_STREAM_STATE_RESET_REMOTE:
2610 int ossl_quic_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code)
2612 return quic_get_stream_error_code(ssl, /*is_write=*/0, app_error_code);
2616 * SSL_get_stream_write_error_code
2617 * -------------------------------
2619 int ossl_quic_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code)
2621 return quic_get_stream_error_code(ssl, /*is_write=*/1, app_error_code);
2625 * SSL_get_conn_close_info
2626 * -----------------------
2628 int ossl_quic_get_conn_close_info(SSL *ssl,
2629 SSL_CONN_CLOSE_INFO *info,
2633 const QUIC_TERMINATE_CAUSE *tc;
2635 if (!expect_quic_conn_only(ssl, &ctx))
2638 tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
2642 info->error_code = tc->error_code;
2643 info->reason = NULL; /* TODO(QUIC): Wire reason */
2644 info->reason_len = 0;
2645 info->is_local = !tc->remote;
2646 info->is_transport = !tc->app;
2651 * QUIC Front-End I/O API: SSL_CTX Management
2652 * ==========================================
2655 long ossl_quic_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2659 return ssl3_ctx_ctrl(ctx, cmd, larg, parg);
2663 long ossl_quic_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
2667 if (!expect_quic_conn_only(s, &ctx))
2671 case SSL_CTRL_SET_MSG_CALLBACK:
2672 ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp,
2674 /* This callback also needs to be set on the internal SSL object */
2675 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);;
2678 /* Probably a TLS related ctrl. Defer to our internal SSL object */
2679 return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);
2683 long ossl_quic_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
2685 return ssl3_ctx_callback_ctrl(ctx, cmd, fp);
2688 int ossl_quic_renegotiate_check(SSL *ssl, int initok)
2690 /* We never do renegotiation. */
2695 * These functions define the TLSv1.2 (and below) ciphers that are supported by
2696 * the SSL_METHOD. Since QUIC only supports TLSv1.3 we don't support any.
2699 int ossl_quic_num_ciphers(void)
2704 const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)