int ossl_quic_tx_packetiser_discard_enc_level(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level);
+/*
+ * Informs the TX packetiser that the handshake is complete. The TX packetiser
+ * will not send 1-RTT application data until the handshake is complete,
+ * as the authenticity of the peer is not confirmed until the handshake
+ * complete event occurs.
+ */
+void ossl_quic_tx_packetiser_notify_handshake_complete(OSSL_QUIC_TX_PACKETISER *txp);
+
/* Asks the TXP to generate a HANDSHAKE_DONE frame in the next 1-RTT packet. */
void ossl_quic_tx_packetiser_schedule_handshake_done(OSSL_QUIC_TX_PACKETISER *txp);
*/
unsigned int want_conn_close : 1;
+ /* Has the handshake been completed? */
+ unsigned int handshake_complete : 1;
+
OSSL_QUIC_FRAME_CONN_CLOSE conn_close_frame;
/* Internal state - packet assembly. */
return 1;
}
+void ossl_quic_tx_packetiser_notify_handshake_complete(OSSL_QUIC_TX_PACKETISER *txp)
+{
+ txp->handshake_complete = 1;
+}
+
void ossl_quic_tx_packetiser_schedule_handshake_done(OSSL_QUIC_TX_PACKETISER *txp)
{
txp->want_handshake_done = 1;
}
}
- if (a.allow_stream_rel) {
+ if (a.allow_stream_rel && txp->handshake_complete) {
QUIC_STREAM_ITER it;
/* If there are any active streams, 0/1-RTT wants to produce a packet.
goto fatal_err;
/* Stream-specific frames */
- if (a.allow_stream_rel)
+ if (a.allow_stream_rel && txp->handshake_complete)
if (!txp_generate_stream_related(txp, &h, pn_space, tpkt, min_ppl,
&have_ack_eliciting,
&tmp_head))
#define OPK_RESET_STREAM 19 /* Mark stream for RESET_STREAM */
#define OPK_CONN_TXFC_BUMP 20 /* Bump connection TXFC CWM */
#define OPK_STREAM_TXFC_BUMP 21 /* Bump stream TXFC CWM */
+#define OPK_HANDSHAKE_COMPLETE 22 /* Mark handshake as complete */
struct script_op {
uint32_t opcode;
{ OPK_CONN_TXFC_BUMP, (cwm) },
#define OP_STREAM_TXFC_BUMP(id, cwm) \
{ OPK_STREAM_TXFC_BUMP, (cwm), (id) },
+#define OP_HANDSHAKE_COMPLETE() \
+ { OPK_HANDSHAKE_COMPLETE },
static int schedule_handshake_done(struct helper *h)
{
static const struct script_op script_9[] = {
OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT, QRL_SUITE_AES128GCM, secret_1)
+ OP_HANDSHAKE_COMPLETE()
OP_TXP_GENERATE_NONE(TX_PACKETISER_ARCHETYPE_NORMAL)
OP_STREAM_NEW(42)
OP_STREAM_SEND(42, stream_9)
static const struct script_op script_10[] = {
OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT, QRL_SUITE_AES128GCM, secret_1)
+ OP_HANDSHAKE_COMPLETE()
OP_TXP_GENERATE_NONE(TX_PACKETISER_ARCHETYPE_NORMAL)
OP_STREAM_NEW(42)
OP_STREAM_NEW(43)
static const struct script_op script_12[] = {
OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT, QRL_SUITE_AES128GCM, secret_1)
+ OP_HANDSHAKE_COMPLETE()
OP_TXP_GENERATE_NONE(TX_PACKETISER_ARCHETYPE_NORMAL)
OP_STREAM_NEW(42)
OP_STOP_SENDING(42, 4568)
static const struct script_op script_13[] = {
OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT, QRL_SUITE_AES128GCM, secret_1)
+ OP_HANDSHAKE_COMPLETE()
OP_TXP_GENERATE_NONE(TX_PACKETISER_ARCHETYPE_NORMAL)
OP_STREAM_NEW(42)
OP_CONN_TXFC_BUMP(8)
static const struct script_op script_14[] = {
OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT, QRL_SUITE_AES128GCM, secret_1)
+ OP_HANDSHAKE_COMPLETE()
OP_TXP_GENERATE_NONE(TX_PACKETISER_ARCHETYPE_NORMAL)
OP_CHECK(gen_conn_close)
OP_TXP_GENERATE(TX_PACKETISER_ARCHETYPE_NORMAL)
ossl_quic_stream_map_update_state(h.args.qsm, s);
}
break;
+ case OPK_HANDSHAKE_COMPLETE:
+ ossl_quic_tx_packetiser_notify_handshake_complete(h.txp);
+ break;
default:
TEST_error("bad opcode");
goto err;
projects / openssl.git / commitdiff