QUIC SSL: SSL_set_quiet_shutdown

author Hugo Landau <hlandau@openssl.org>

Mon, 16 Jan 2023 15:35:05 +0000 (15:35 +0000)

committer Pauli <pauli@openssl.org>

Tue, 4 Jul 2023 23:02:27 +0000 (09:02 +1000)
author Hugo Landau <hlandau@openssl.org>
Mon, 16 Jan 2023 15:35:05 +0000 (15:35 +0000)
committer Pauli <pauli@openssl.org>
Tue, 4 Jul 2023 23:02:27 +0000 (09:02 +1000)
diff --git a/doc/man3/SSL_CTX_set_quiet_shutdown.pod b/doc/man3/SSL_CTX_set_quiet_shutdown.pod

index a99c4c6b9c810c2a7d4ef49145dc10bf6d9d55a3..fc8c2725f709c639e96b7ce45d839135e03ac927 100644 (file)
--- a/doc/man3/SSL_CTX_set_quiet_shutdown.pod
+++ b/doc/man3/SSL_CTX_set_quiet_shutdown.pod
@@ -30,6 +30,8 @@ B<mode> may be 0 or 1.
  
  SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ssl>.
  
+These functions are not supported for QUIC SSL objects.
+
  =head1 NOTES
  
  Normally when a SSL connection is finished, the parties must send out
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index 057c8e895a21d03ba4c1e64bf486af5674ba5b22..9c5b29e33175d43708637aa1b46157810cfb0939 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -822,7 +822,7 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method)
      if (s->param == NULL)
          goto asn1err;
      X509_VERIFY_PARAM_inherit(s->param, ctx->param);
-    s->quiet_shutdown = ctx->quiet_shutdown;
+    s->quiet_shutdown = IS_QUIC_CTX(ctx) ? 0 : ctx->quiet_shutdown;
  
      if (!IS_QUIC_CTX(ctx))
          s->ext.max_fragment_len_mode = ctx->ext.max_fragment_len_mode;
@@ -5123,7 +5123,7 @@ void SSL_set_quiet_shutdown(SSL *s, int mode)
  {
      SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
  
-    /* TODO(QUIC): Do we want this for QUIC? */
+    /* TODO(QUIC): Currently not supported for QUIC. */
      if (sc == NULL)
          return;
  
@@ -5134,7 +5134,7 @@ int SSL_get_quiet_shutdown(const SSL *s)
  {
      const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s);
  
-    /* TODO(QUIC): Do we want this for QUIC? */
+    /* TODO(QUIC): Currently not supported for QUIC. */
      if (sc == NULL)
          return 0;
  
diff --git a/test/quicapitest.c b/test/quicapitest.c

index a2bf90f43a7553036e529664aded55ac802e7cef..824f1f4e1ae6317b0a696da94bfa11081e00d090 100644 (file)
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -438,6 +438,7 @@ static int test_quic_forbidden_options(void)
      SSL_CTX_set_read_ahead(ctx, 1);
      SSL_CTX_set_max_early_data(ctx, 1);
      SSL_CTX_set_recv_max_early_data(ctx, 1);
+    SSL_CTX_set_quiet_shutdown(ctx, 1);
  
      if (!TEST_ptr(ssl = SSL_new(ctx)))
          goto err;
@@ -509,6 +510,10 @@ static int test_quic_forbidden_options(void)
      if  (!TEST_false(SSL_stateless(ssl)))
          goto err;
  
+    /* Quiet Shutdown */
+    if (!TEST_false(SSL_get_quiet_shutdown(ssl)))
+        goto err;
+
      testresult = 1;
  err:
      SSL_free(ssl);
author	Hugo Landau <hlandau@openssl.org>
	Mon, 16 Jan 2023 15:35:05 +0000 (15:35 +0000)
committer	Pauli <pauli@openssl.org>
	Tue, 4 Jul 2023 23:02:27 +0000 (09:02 +1000)
doc/man3/SSL_CTX_set_quiet_shutdown.pod		patch \| blob \| history
ssl/ssl_lib.c		patch \| blob \| history
test/quicapitest.c		patch \| blob \| history