Minor updates

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)

diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
index e06a273cb117de2137b465725d5967ee25fb0b57..5f5872ee672e9103b64b50b8ea39190df8517a1c 100644 (file)
--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod
+++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
@@ -25,8 +25,6 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated
  void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
                              unsigned int *len);
 
-
-
  void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
                                             int (*cb)(SSL *ssl,
                                                       const unsigned char **out,

diff --git a/include/internal/statem.h b/include/internal/statem.h
index c19aba2976ea3246fce4c160d4f887935c506cb7..db0b214a3259b3536e39817f4f8ea44aed576a1e 100644 (file)
--- a/include/internal/statem.h
+++ b/include/internal/statem.h
@@ -6,8 +6,8 @@
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
  */
-#ifndef STATEM_H
-# define STATEM_H
+#ifndef OSSL_INTERNAL_STATEM_H
+# define OSSL_INTERNAL_STATEM_H
 
 /*****************************************************************************
  *                                                                           *

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index a918983398e40f13d2cbd5bbe3711892adc121d3..c0232495da0bfd4ede150dc953cd873c56dd2882 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -331,8 +331,8 @@ SSL *ossl_quic_new(SSL_CTX *ctx)
     sc->s3.flags |= TLS1_FLAGS_QUIC;
 
     /* Restrict options derived from the SSL_CTX. */
-    sc->options     &= OSSL_QUIC_PERMITTED_OPTIONS;
-    sc->pha_enabled  = 0;
+    sc->options &= OSSL_QUIC_PERMITTED_OPTIONS;
+    sc->pha_enabled = 0;
 
 #if defined(OPENSSL_THREADS)
     if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index e5dfa4f610af50653c20f37962c7b75bf8823582..f53465efec66f8458004895bb631aee60faefbde 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -765,10 +765,8 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method)
 
     s->mode = ctx->mode;
     s->max_cert_list = ctx->max_cert_list;
-    if (!IS_QUIC_CTX(ctx)) {
-        s->max_early_data = ctx->max_early_data;
-        s->recv_max_early_data = ctx->recv_max_early_data;
-    }
+    s->max_early_data = ctx->max_early_data;
+    s->recv_max_early_data = ctx->recv_max_early_data;
 
     s->num_tickets = ctx->num_tickets;
     s->pha_enabled = ctx->pha_enabled;
@@ -5657,6 +5655,9 @@ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx)
 
 int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
 {
+    if (IS_QUIC_CTX(ctx) && block_size > 1)
+        return 0;
+
     /* block size of 0 or 1 is basically no padding */
     if (block_size == 1)
         ctx->block_padding = 0;

diff --git a/test/quicapitest.c b/test/quicapitest.c
index 463ee1510de53d87d641b96e1edf19656ec152b1..626b79eaf1ff791e37fb365af2f12891fcf0e06f 100644 (file)
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -479,9 +479,7 @@ static int test_quic_forbidden_options(void)
         goto err;
 
     /* Max early data */
-    if (!TEST_false(SSL_get_recv_max_early_data(ssl))
-        || !TEST_false(SSL_get_max_early_data(ssl))
-        || !TEST_false(SSL_set_recv_max_early_data(ssl, 1))
+    if (!TEST_false(SSL_set_recv_max_early_data(ssl, 1))
         || !TEST_false(SSL_set_max_early_data(ssl, 1)))
         goto err;