Matt Caswell [Mon, 8 May 2023 13:26:30 +0000 (14:26 +0100)]
Add more trace details for the remaining frame types
Prior to this commit we were just printing the fact that we had received
or sent a frame of a particular type. We now provide more details about
those frames.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 8 May 2023 12:51:39 +0000 (13:51 +0100)]
Properly handling stream/crypto frames while tracing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 8 May 2023 10:32:04 +0000 (11:32 +0100)]
Enable tracing of datagrams we have sent
Extend the tracing capability to also trace when we have a datagram to the
peer.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Fri, 5 May 2023 15:51:43 +0000 (16:51 +0100)]
Enable tracing of packets that have been sent
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Fri, 5 May 2023 13:46:01 +0000 (14:46 +0100)]
Extend tracing of frames to transmitted frames
Previously we were only doing tracing of frames received from the peer.
Now we do that for transmitted frames as well.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Thu, 4 May 2023 16:18:01 +0000 (17:18 +0100)]
Support trace for QUIC Frames
Extend the existing QUIC tracing capability for frames.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Thu, 4 May 2023 14:47:32 +0000 (15:47 +0100)]
Support trace for QUIC Packets
We enable SSL_trace support for when we receive QUIC Packets. This is
called after header protection is removed, but before the packet is
decrypted.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Tue, 2 May 2023 12:26:47 +0000 (13:26 +0100)]
Support trace for QUIC datagrams
Extend SSL_trace so that it knows how to dump information about the
receipt of a QUIC datagram.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Matt Caswell [Mon, 1 May 2023 14:40:28 +0000 (15:40 +0100)]
Add initial QUIC support for the msg_callback
At this stage we just support msg_callback on receipt of a datagram.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Hugo Landau [Mon, 22 May 2023 12:37:17 +0000 (13:37 +0100)]
Resolve a djgpp function name conflict
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:26:03 +0000 (13:26 +0100)]
Add note about Windows LONG
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:24:38 +0000 (13:24 +0100)]
Make testutil text output functions thread safe (tsan)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:24:02 +0000 (13:24 +0100)]
QUIC APL: Unlock mutex before freeing (clang tsan error)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 12:23:40 +0000 (13:23 +0100)]
Remove an unused variable (clang 16 warning)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 06:40:40 +0000 (07:40 +0100)]
QUIC: Add to threads sanitizer CI
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Mon, 22 May 2023 06:40:31 +0000 (07:40 +0100)]
QUIC Glossary: Add QCTX
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Wed, 17 May 2023 12:59:21 +0000 (13:59 +0100)]
Add no-threads build to CI
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Wed, 17 May 2023 12:15:01 +0000 (13:15 +0100)]
QUIC: Fix bugs where threading is disabled
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Tue, 2 May 2023 17:21:07 +0000 (18:21 +0100)]
QUIC TSERVER: Use a random port in the tserver test
Fixes nondeterministic failures where BIO_bind would fail on some
platforms.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Tue, 2 May 2023 16:59:04 +0000 (17:59 +0100)]
QUIC MSMT: macOS robustness fixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC APL: Make SSL_get_error per-stream, error raising refactor
This refactors the error raising code in the APL to automatically raise
errors in the correct SSL object, either a QCSO or QSSO depending on the
circumstances. The QCTX structure's responsibilities are expanded to
facilitate this. This further drives towards a unified mechanism for
generic dispatch precondition checking and error raising.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC MSMT TESTS: Add tests to exercise MAX_STREAMS
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC RXDP: Ensure all stream-related frames autocreate a stream
RFC requirement.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC FC: Correct operation of stream count mode
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC QSM: Correct the logic for determining stream count limits
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC QSM: Allow QSM to know if we are in the server role
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:34 +0000 (16:56 +0100)]
QUIC MSMT: Stress tests, support for repeating test opoerations
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:33 +0000 (16:56 +0100)]
QUIC MSMT: Add a basic multithreading test
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:33 +0000 (16:56 +0100)]
QUIC MSMT: Revise tests to support multithreading
Alsoo rename OPK_C_ACCEPT_STREAM to reflect its current behaviour.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Hugo Landau [Fri, 28 Apr 2023 15:56:33 +0000 (16:56 +0100)]
QUIC TSERVER: Allow detection of new incoming streams
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
Richard Levitte [Sat, 20 May 2023 06:39:20 +0000 (08:39 +0200)]
Drop the last reference of SHLIB_EXT
SHLIB_EXT is a variable that exists on OpenSSL build file templates before
version 3.0, for which much of the logic for figuring out file names and
such was moved to the 'platform' set of routines.
But, it seems that one (now useless) reference remained on the VMS specific
descrip.mms.tmpl. We replace it with an explicit '.EXE', which is the
default extension for shared libraries on VMS.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21007)
lan1120 [Mon, 22 May 2023 12:37:59 +0000 (20:37 +0800)]
Fix incorrect parameter verification in EVP_MD_CTX_get_params
Signed-off-by: lan1120 <lanming@huawei.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21022)
Richard Levitte [Mon, 22 May 2023 11:11:30 +0000 (13:11 +0200)]
doc/fingerprints.txt: Add the OpenSSL OMC PGP key fingerprint
We want to move to using this key for tarball and announcement signatures.
It won't happen immediately, though, as we must have it specified in the
latest update of each release branch, so people can verify properly.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21015)
Dmitry Belyavskiy [Thu, 18 May 2023 13:38:56 +0000 (15:38 +0200)]
If oaep_md is not initialized, correctly initialize it
Fixes #20993
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20994)
Tomas Mraz [Fri, 12 May 2023 12:56:58 +0000 (14:56 +0200)]
Update the FIPS checksums
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20949)
Tomas Mraz [Fri, 12 May 2023 10:55:24 +0000 (12:55 +0200)]
fips.module.sources: Add missing cpuid and related .c sources for other architectures
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20949)
Yi Li [Tue, 16 May 2023 03:09:47 +0000 (11:09 +0800)]
crypto/params: drop float for UEFI
Using floating point is not supported in UEFI and can cause build
problems, for example due to SSE being disabled and x64 calling
convention passing floats in SSE registers.
Avoid those problems by not compiling the related code for floating
point numbers.
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20992)
Dragan Zuvic [Wed, 17 May 2023 06:10:46 +0000 (07:10 +0100)]
Adding some selected MS OIDs for #19630 added ms-corp alias for OID 1.3.6.1.4.1.311
and changed hopefully all occurences for that OID
Signed-off-by: Dragan Zuvic <dragan.zuvic@mercedes-benz.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20986)
Nicky Mouha [Wed, 17 May 2023 20:46:41 +0000 (16:46 -0400)]
Update hkdf.c to avoid potentially vulnerable code pattern
The expression "if (a+b>c) a=c-b" is incorrect if "a+b" overflows.
It should be replaced by "if (a>c-b) a=c-b", which avoids the
potential overflow and is much easier to understand.
This pattern is the root cause of CVE-2022-37454, a buffer overflow
vulnerability in the "official" SHA-3 implementation.
It has been confirmed that the addition in
https://github.com/openssl/openssl/blob/master/providers/implementations/kdfs/hkdf.c#L534
cannot overflow. So this is only a minor change proposal to avoid
a potentially vulnerable code pattern and to improve readability.
More information: https://github.com/github/codeql/pull/12036#issuecomment-
1466056959
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20990)
Richard Levitte [Wed, 17 May 2023 08:33:27 +0000 (10:33 +0200)]
Add information on the 'ias' port for OpenVMS
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20983)
Richard Levitte [Mon, 15 May 2023 08:09:42 +0000 (10:09 +0200)]
Update VMS configurations
A native x86_64 C compiler has appeared.
We preserve the previous config target with a new name to indicate that it's
for cross compilation, at least for the time being.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20983)
Masatake YAMATO [Tue, 17 Jan 2023 04:59:51 +0000 (13:59 +0900)]
util/ctags.sh: a script for generating tags file with expanding macros
This script requires Universal Ctags 6.0.0 or newer.
Usage:
./util/ctags.sh [...options passed to ctags...]
Fixing #10251
Running the script in "tags" make target is suggested by
Dmitry Belyavskiy <beldmit@gmail.com>.
The falling back action for running older ctags if u-ctags 6 is not
available is suggested
by Dr. Matthias St. Pierre <matthias.st.pierre@ncp-e.com>.
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20960)
Marco Abbadini [Tue, 16 May 2023 21:52:53 +0000 (23:52 +0200)]
pkcs12: Fix macsaltlen parameter type
It expects an integer so change it from non-argument type to positive integer type.
Fixes #20969
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20979)
Tomas Mraz [Fri, 28 Apr 2023 17:28:53 +0000 (19:28 +0200)]
Initial design for error handling in QUIC
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20857)
Marc Brooks [Wed, 10 May 2023 22:48:00 +0000 (17:48 -0500)]
Add support for --version and synonyms
Just like --help is explicitly supported, we should support --version.
This will greatly ease people adopting openssl.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20936)
Tomas Mraz [Thu, 11 May 2023 12:08:25 +0000 (14:08 +0200)]
quic_newcid_test: Add negative test case
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
Tomas Mraz [Thu, 11 May 2023 11:50:21 +0000 (13:50 +0200)]
Add test for handling NEW_CONNECTION_ID frame
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
Tomas Mraz [Thu, 11 May 2023 11:49:51 +0000 (13:49 +0200)]
quic_tserver: Add possibility to change the connection id
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
Tomas Mraz [Fri, 5 May 2023 15:40:55 +0000 (17:40 +0200)]
Fix test cases using NEW_CONNECTION_ID frame
seq_id must be >= retire_prior_to.
Add negative testcase.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
Tomas Mraz [Fri, 5 May 2023 14:51:28 +0000 (16:51 +0200)]
Add minimal handling of NEW_CONNECTION_ID frames
We actively use only the latest DCID received. And retire only
DCIDs requested by the peer to be retired.
Also changed the active_conn_id_limit to 2 as the minimum value allowed.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
Tomas Mraz [Fri, 5 May 2023 14:46:42 +0000 (16:46 +0200)]
quic_txp_test.c: Cleanup use of WPACKET
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
Hugo Landau [Fri, 12 May 2023 14:05:19 +0000 (15:05 +0100)]
QUIC Documentation: update man(7) for multi-stream
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19899)
Hugo Landau [Tue, 13 Dec 2022 16:37:17 +0000 (16:37 +0000)]
QUIC man(7) Documentation
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19899)
Bernd Edlinger [Sat, 13 May 2023 07:04:18 +0000 (09:04 +0200)]
Fix stack corruption in ui_read
This is an alternative to #20893
Additionally this fixes also a possible issue in UI_UTIL_read_pw:
When UI_new returns NULL, the result code would still be zero
as if UI_UTIL_read_pw succeeded, but the password buffer is left
uninitialized, with subsequent possible stack corruption or worse.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20957)
Yuan, Shuai [Wed, 10 May 2023 01:22:16 +0000 (21:22 -0400)]
Fixed EVP_PKEY_CTX_set_ec_paramgen_curve_nid() for SM2 in ENGINEs
The CTRL translation is missing for SM2 key types.
Fixes #20899
Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20900)
Hugo Landau [Thu, 11 May 2023 11:38:23 +0000 (12:38 +0100)]
QUIC: Documentation fix
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 9 May 2023 10:35:16 +0000 (11:35 +0100)]
QUIC APL: De-publicise SSL_attach_stream/SSL_detach_stream
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Mon, 8 May 2023 18:54:47 +0000 (19:54 +0100)]
QUIC: Fix CRYPTO_GET_REF
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Mon, 8 May 2023 18:52:45 +0000 (19:52 +0100)]
QUIC MSST: Rename SSL_set_incoming_stream_reject_policy
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Mon, 8 May 2023 18:46:25 +0000 (19:46 +0100)]
QUIC MSST: Revise SSL_get_conn_close_info API (char)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Mon, 8 May 2023 18:42:40 +0000 (19:42 +0100)]
QUIC MSST: Documentation fixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 2 May 2023 14:23:15 +0000 (15:23 +0100)]
QUIC MSST: Fix test on macOS
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 2 May 2023 14:23:01 +0000 (15:23 +0100)]
QUIC MSST: Further documentation fixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 2 May 2023 07:29:43 +0000 (08:29 +0100)]
QUIC MSST: Clarify default XSO transitions
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 2 May 2023 07:29:29 +0000 (08:29 +0100)]
QUIC MSST: Documentation fixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Thu, 27 Apr 2023 15:06:01 +0000 (16:06 +0100)]
QUIC APL: Fix a bug where avail could be used uninitialized
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Thu, 27 Apr 2023 14:54:12 +0000 (15:54 +0100)]
QUIC MSST: Test that SSL_free works in either order
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Thu, 27 Apr 2023 14:53:33 +0000 (15:53 +0100)]
QUIC APL: Handle reference for multiple streams counting correctly
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Thu, 27 Apr 2023 14:52:44 +0000 (15:52 +0100)]
REFCOUNT: Add support for querying refcount
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Wed, 26 Apr 2023 14:57:18 +0000 (15:57 +0100)]
QUIC APL: Fix logic of SSL_get_stream_type
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Wed, 26 Apr 2023 14:56:59 +0000 (15:56 +0100)]
QUIC MSST: Minor fixes and cleanups
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Wed, 26 Apr 2023 14:55:33 +0000 (15:55 +0100)]
QUIC MSST: Documentation updates
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Thu, 20 Apr 2023 14:39:18 +0000 (15:39 +0100)]
QUIC MSST: Fix tests on platforms with non-deterministic loopback interface behaviour (Apple)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Wed, 19 Apr 2023 19:11:33 +0000 (20:11 +0100)]
QUIC QRX: Fix a list usage bug
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:37:49 +0000 (19:37 +0100)]
Minor fixups
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC MSST: Tests
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC APL: Fix a bug where incoming unidirectional streams weren't detected
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC TSERVER: Allow STOP_SENDING/RESET_STREAM to be queried
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC TSERVER: Handle FINs correctly if ossl_quic_tserver_read is not called first
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC QSM: Minor bugfixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC MSST: make update
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC MSST: Add documentation for new APIs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC APL: Send STOP_SENDING/RESET_STREAM when XSO is freed
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC QSM: Stream garbage collection
This allows QUIC_STREAM objects to be deleted when they are no longer
needed.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC FIFD: Add support for callback on frame ACK
We need to get acknowledgement notifications for our STOP_SENDING and
STREAM_RESET frames as this information is needed to know when we can
delete a QUIC_STREAM object.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC DISPATCH/APL: Add SSL_stream_reset and status query APIs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:56 +0000 (19:30 +0100)]
QUIC RXDP: Record STOP_SENDING/RESET_STREAM event AEC codes consistently
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC QSM: Clean up SEND_STREAM/RECV_STREAM handling
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC CHANNEL: Do not copy terminate cause as it is not modified after termination
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC QSM: Handle STOP_SENDING correctly
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC RXDP/QSM: Enforce MAX_STREAMS
Also use accept queue popping by the application as the retirement
event, i.e., as the cue to increase the limit.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC TXP/CHANNEL: Generate MAX_STREAMS using RXFC
Though the RXFC was designed for stream flow control, its logic
is generic enough to use to control MAX_STREAMS generation.
Control of when _we_ can open streams is already done in a bespoke
fashion and doesn't use a TXFC, however (see
ossl_quic_stream_map_update_state).
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC FC: Modify RXFC to support use for enforcing MAX_STREAMS
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC CHANNEL: Incoming streams implicitly create lower-numbered streams
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC: Update faults test to use streams correctly
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC FIFD: Ensure QUIC_STREAM is updated after QUIC_SSTREAM loss
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC APL: Fix locking in XSO code and fix tests
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC CHANNEL, APL: Reject policy handling
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC DISPATCH/APL: SSL_accept_stream, SSL_get_accept_queue_len
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
Hugo Landau [Tue, 18 Apr 2023 18:30:55 +0000 (19:30 +0100)]
QUIC DISPATCH/APL: Add SSL_set_incoming_stream_reject_policy (unwired)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)