Ensure SSL_has_pending() always works even before a connection

s_client calls SSL_has_pending() even before the connection has been
established. We expect it to return 0 in this case and not put any errors
on the stack.

We change things so that SSL_has_pending() always returns 0 if there is
no stream available.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21578)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index f6bd738793f2db328426ac0ef8c6a4c57f4e48be..1e983e3fc08d10d19e62d93608a4b7d61caea21a 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -2372,9 +2372,15 @@ static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
     size_t avail = 0;
     int fin = 0;
 
-    if (!expect_quic_with_stream_lock(s, /*remote_init=*/-1, &ctx))
+
+    if (!expect_quic(s, &ctx))
         return 0;
 
+    quic_lock(ctx.qc);
+
+    if (ctx.xso == NULL)
+        goto out;
+
     if (ctx.xso->stream == NULL
         || !ossl_quic_stream_has_recv_buffer(ctx.xso->stream))
         /* Cannot raise errors here because we are const, just fail. */