openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

QUIC: Enable building with QUIC support disabled 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
This commit is contained in:
Hugo Landau 2022-11-17 16:03:00 +00:00
parent 44019a69c4
commit 6292519cd8
31 changed files with 289 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
crypto/packet.c
View File

@ -223,6 +223,7 @@ static int put_value(unsigned char *data, uint64_t value, size_t len)
return 1;
}
#ifndef OPENSSL_NO_QUIC
static int put_quic_value(unsigned char *data, size_t value, size_t len)
{
if (data == NULL)
@ -235,6 +236,7 @@ static int put_quic_value(unsigned char *data, size_t value, size_t len)
ossl_quic_vlint_encode_n(data, value, len);
return 1;
}
#endif
/*
* Internal helper function used by WPACKET_close(), WPACKET_finish() and
@ -272,6 +274,7 @@ static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
unsigned char *buf = GETBUF(pkt);
if (buf != NULL) {
#ifndef OPENSSL_NO_QUIC
if ((sub->flags & WPACKET_FLAGS_QUIC_VLINT) == 0) {
if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
return 0;
@ -279,6 +282,10 @@ static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
if (!put_quic_value(&buf[sub->packet_len], packlen, sub->lenbytes))
return 0;
}
#else
if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
return 0;
#endif
}
} else if (pkt->endfirst && sub->parent != NULL
&& (packlen != 0
@ -524,6 +531,8 @@ void WPACKET_cleanup(WPACKET *pkt)
pkt->subs = NULL;
}
#ifndef OPENSSL_NO_QUIC
int WPACKET_start_quic_sub_packet_bound(WPACKET *pkt, size_t max_len)
{
size_t enclen = ossl_quic_vlint_encode_len(max_len);
@ -574,3 +583,5 @@ int WPACKET_quic_write_vlint(WPACKET *pkt, uint64_t v)
ossl_quic_vlint_encode(b, v);
return 1;
}
#endif

4
crypto/quic_vlint.c
View File

@ -1,6 +1,8 @@
#include "internal/quic_vlint.h"
#include "internal/e_os.h"
#ifndef OPENSSL_NO_QUIC
void ossl_quic_vlint_encode_n(uint8_t *buf, uint64_t v, int n)
{
if (n == 1) {
@ -75,3 +77,5 @@ int ossl_quic_vlint_decode(const unsigned char *buf, size_t buf_len, uint64_t *v
*v = x;
return dec_len;
}
#endif

12
include/internal/packet.h
View File

@ -251,6 +251,8 @@ __owur static ossl_inline int PACKET_peek_net_8(const PACKET *pkt,
return 1;
}
# ifndef OPENSSL_NO_QUIC
/*
* Decodes a QUIC variable-length integer in |pkt| and stores the result in
* |data|.
@ -314,6 +316,8 @@ __owur static ossl_inline int PACKET_skip_quic_vlint(PACKET *pkt)
return 1;
}
# endif
/* Equivalent of n2l */
/* Get 4 bytes in network order from |pkt| and store the value in |*data| */
__owur static ossl_inline int PACKET_get_net_4(PACKET *pkt, unsigned long *data)
@ -691,6 +695,8 @@ __owur static ossl_inline int PACKET_get_length_prefixed_3(PACKET *pkt,
return 1;
}
# ifndef OPENSSL_NO_QUIC
/*
* Reads a variable-length vector prefixed with a QUIC variable-length integer
* denoting the length, and stores the contents in |subpkt|. |pkt| can equal
@ -718,6 +724,8 @@ __owur static ossl_inline int PACKET_get_quic_length_prefixed(PACKET *pkt,
return 1;
}
# endif
/* Writeable packets */
typedef struct wpacket_sub WPACKET_SUB;
@ -1027,6 +1035,8 @@ int WPACKET_is_null_buf(WPACKET *pkt);
/* Release resources in a WPACKET if a failure has occurred. */
void WPACKET_cleanup(WPACKET *pkt);
# ifndef OPENSSL_NO_QUIC
/*
* Starts a QUIC sub-packet headed by a QUIC variable-length integer. A 4-byte
* representation is used.
@ -1056,4 +1066,6 @@ __owur int WPACKET_quic_sub_allocate_bytes(WPACKET *pkt, size_t len,
*/
__owur int WPACKET_quic_write_vlint(WPACKET *pkt, uint64_t v);
# endif
#endif /* OSSL_INTERNAL_PACKET_H */

12
include/internal/quic_ackm.h
View File

@ -16,6 +16,8 @@
# include "internal/time.h"
# include "internal/list.h"
# ifndef OPENSSL_NO_QUIC
typedef struct ossl_ackm_st OSSL_ACKM;
OSSL_ACKM *ossl_ackm_new(OSSL_TIME (*now)(void *arg),
@ -104,10 +106,10 @@ struct ossl_ackm_tx_pkt_st {
int ossl_ackm_on_tx_packet(OSSL_ACKM *ackm, OSSL_ACKM_TX_PKT *pkt);
int ossl_ackm_on_rx_datagram(OSSL_ACKM *ackm, size_t num_bytes);
#define OSSL_ACKM_ECN_NONE 0
#define OSSL_ACKM_ECN_ECT1 1
#define OSSL_ACKM_ECN_ECT0 2
#define OSSL_ACKM_ECN_ECNCE 3
# define OSSL_ACKM_ECN_NONE 0
# define OSSL_ACKM_ECN_ECT1 1
# define OSSL_ACKM_ECN_ECT0 2
# define OSSL_ACKM_ECN_ECNCE 3
typedef struct ossl_ackm_rx_pkt_st {
/* The packet number of the received packet. */
@ -231,4 +233,6 @@ int ossl_ackm_mark_packet_pseudo_lost(OSSL_ACKM *ackm,
*/
OSSL_TIME ossl_ackm_get_pto_duration(OSSL_ACKM *ackm);
# endif
#endif

4
include/internal/quic_cc.h
View File

@ -12,6 +12,8 @@
#include "openssl/params.h"
#include "internal/time.h"
# ifndef OPENSSL_NO_QUIC
typedef struct ossl_cc_data_st *OSSL_CC_DATA;
typedef struct ossl_cc_method_st {
@ -153,4 +155,6 @@ typedef struct ossl_cc_method_st {
extern const OSSL_CC_METHOD ossl_cc_dummy_method;
# endif
#endif

8
include/internal/quic_cfq.h
View File

@ -13,6 +13,8 @@
# include <openssl/ssl.h>
# include "internal/quic_types.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Control Frame Queue Item
* =============================
@ -33,8 +35,8 @@ struct quic_cfq_item_st {
/* All other fields are private; use ossl_quic_cfq_item_* accessors. */
};
#define QUIC_CFQ_STATE_NEW 0
#define QUIC_CFQ_STATE_TX 1
# define QUIC_CFQ_STATE_NEW 0
# define QUIC_CFQ_STATE_TX 1
/* Returns the frame type of a CFQ item. */
uint64_t ossl_quic_cfq_item_get_frame_type(const QUIC_CFQ_ITEM *item);
@ -138,4 +140,6 @@ QUIC_CFQ_ITEM *ossl_quic_cfq_get_priority_head(const QUIC_CFQ *cfq,
QUIC_CFQ_ITEM *ossl_quic_cfq_item_get_priority_next(const QUIC_CFQ_ITEM *item,
uint32_t pn_space);
# endif
#endif

14
include/internal/quic_channel.h
View File

@ -17,6 +17,8 @@
# include "internal/quic_statm.h"
# include "internal/time.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Channel
* ============
@ -47,11 +49,11 @@
* currently modelled.
*/
#define QUIC_CHANNEL_STATE_IDLE 0
#define QUIC_CHANNEL_STATE_ACTIVE 1
#define QUIC_CHANNEL_STATE_TERMINATING_CLOSING 2
#define QUIC_CHANNEL_STATE_TERMINATING_DRAINING 3
#define QUIC_CHANNEL_STATE_TERMINATED 4
# define QUIC_CHANNEL_STATE_IDLE 0
# define QUIC_CHANNEL_STATE_ACTIVE 1
# define QUIC_CHANNEL_STATE_TERMINATING_CLOSING 2
# define QUIC_CHANNEL_STATE_TERMINATING_DRAINING 3
# define QUIC_CHANNEL_STATE_TERMINATED 4
typedef struct quic_channel_args_st {
OSSL_LIB_CTX *libctx;
@ -156,4 +158,6 @@ int ossl_quic_channel_is_terminated(const QUIC_CHANNEL *ch);
int ossl_quic_channel_is_active(const QUIC_CHANNEL *ch);
int ossl_quic_channel_is_handshake_complete(const QUIC_CHANNEL *ch);
# endif
#endif

4
include/internal/quic_demux.h
View File

@ -16,6 +16,8 @@
# include "internal/time.h"
# include "internal/list.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Demuxer
* ============
@ -273,4 +275,6 @@ int ossl_quic_demux_inject(QUIC_DEMUX *demux,
const BIO_ADDR *peer,
const BIO_ADDR *local);
# endif
#endif

4
include/internal/quic_dummy_handshake.h
View File

@ -13,6 +13,8 @@
# include <openssl/ssl.h>
# include "internal/quic_stream.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Dummy Handshake Module
* ===========================
@ -126,4 +128,6 @@ int ossl_quic_dhs_set_transport_params(QUIC_DHS *dhs,
const unsigned char *transport_params,
size_t transport_params_len);
# endif
#endif

42
include/internal/quic_error.h
View File

@ -12,27 +12,31 @@
# include <openssl/ssl.h>
# ifndef OPENSSL_NO_QUIC
/* RFC 9000 Section 20.1 */
# define QUIC_ERR_NO_ERROR 0x00
# define QUIC_ERR_INTERNAL_ERROR 0x01
# define QUIC_ERR_CONNECTION_REFUSED 0x02
# define QUIC_ERR_FLOW_CONTROL_ERROR 0x03
# define QUIC_ERR_STREAM_LIMIT_ERROR 0x04
# define QUIC_ERR_STREAM_STATE_ERROR 0x05
# define QUIC_ERR_FINAL_SIZE_ERROR 0x06
# define QUIC_ERR_FRAME_ENCODING_ERROR 0x07
# define QUIC_ERR_TRANSPORT_PARAMETER_ERROR 0x08
# define QUIC_ERR_CONNECTION_ID_LIMIT_ERROR 0x09
# define QUIC_ERR_PROTOCOL_VIOLATION 0x0A
# define QUIC_ERR_INVALID_TOKEN 0x0B
# define QUIC_ERR_APPLICATION_ERROR 0x0C
# define QUIC_ERR_CRYPTO_BUFFER_EXCEEDED 0x0D
# define QUIC_ERR_KEY_UPDATE_ERROR 0x0E
# define QUIC_ERR_AEAD_LIMIT_REACHED 0x0F
# define QUIC_ERR_NO_VIABLE_PATH 0x10
# define QUIC_ERR_NO_ERROR 0x00
# define QUIC_ERR_INTERNAL_ERROR 0x01
# define QUIC_ERR_CONNECTION_REFUSED 0x02
# define QUIC_ERR_FLOW_CONTROL_ERROR 0x03
# define QUIC_ERR_STREAM_LIMIT_ERROR 0x04
# define QUIC_ERR_STREAM_STATE_ERROR 0x05
# define QUIC_ERR_FINAL_SIZE_ERROR 0x06
# define QUIC_ERR_FRAME_ENCODING_ERROR 0x07
# define QUIC_ERR_TRANSPORT_PARAMETER_ERROR 0x08
# define QUIC_ERR_CONNECTION_ID_LIMIT_ERROR 0x09
# define QUIC_ERR_PROTOCOL_VIOLATION 0x0A
# define QUIC_ERR_INVALID_TOKEN 0x0B
# define QUIC_ERR_APPLICATION_ERROR 0x0C
# define QUIC_ERR_CRYPTO_BUFFER_EXCEEDED 0x0D
# define QUIC_ERR_KEY_UPDATE_ERROR 0x0E
# define QUIC_ERR_AEAD_LIMIT_REACHED 0x0F
# define QUIC_ERR_NO_VIABLE_PATH 0x10
/* Inclusive range for handshake-specific errors. */
# define QUIC_ERR_CRYPTO_ERR_BEGIN 0x0100
# define QUUC_ERR_CRYPTO_ERR_END 0x01FF
# define QUIC_ERR_CRYPTO_ERR_BEGIN 0x0100
# define QUUC_ERR_CRYPTO_ERR_END 0x01FF
# endif
#endif

4
include/internal/quic_fc.h
View File

@ -13,6 +13,8 @@
# include <openssl/ssl.h>
# include "internal/time.h"
# ifndef OPENSSL_NO_QUIC
/*
* TX Flow Controller (TXFC)
* =========================
@ -251,4 +253,6 @@ int ossl_quic_rxfc_has_cwm_changed(QUIC_RXFC *rxfc, int clear);
*/
int ossl_quic_rxfc_get_error(QUIC_RXFC *rxfc, int clear);
# endif
#endif

4
include/internal/quic_fifd.h
View File

@ -17,6 +17,8 @@
# include "internal/quic_txpim.h"
# include "internal/quic_stream.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Frame-in-Flight Dispatcher (FIFD)
* ======================================
@ -57,4 +59,6 @@ void ossl_quic_fifd_cleanup(QUIC_FIFD *fifd); /* (no-op) */
int ossl_quic_fifd_pkt_commit(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt);
# endif
#endif

4
include/internal/quic_reactor.h
View File

@ -13,6 +13,8 @@
# include "internal/sockets.h"
# include <openssl/bio.h>
# ifndef OPENSSL_NO_QUIC
/*
* Core I/O Reactor Framework
* ==========================
@ -65,8 +67,6 @@
* adaptation layer on top of our internal asynchronous I/O API as exposed by
* the reactor interface.
*/
# ifndef OPENSSL_NO_QUIC
typedef struct quic_tick_result_st {
char want_net_read;
char want_net_write;

4
include/internal/quic_record_rx.h
View File

@ -16,6 +16,8 @@
# include "internal/quic_record_util.h"
# include "internal/quic_demux.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Record Layer - RX
* ======================
@ -532,4 +534,6 @@ uint64_t ossl_qrx_get_cur_forged_pkt_count(OSSL_QRX *qrx);
uint64_t ossl_qrx_get_max_forged_pkt_count(OSSL_QRX *qrx,
uint32_t enc_level);
# endif
#endif

4
include/internal/quic_record_tx.h
View File

@ -15,6 +15,8 @@
# include "internal/quic_types.h"
# include "internal/quic_record_util.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Record Layer - TX
* ======================
@ -322,4 +324,6 @@ uint64_t ossl_qtx_get_cur_epoch_pkt_count(OSSL_QTX *qtx, uint32_t enc_level);
*/
uint64_t ossl_qtx_get_max_epoch_pkt_count(OSSL_QTX *qtx, uint32_t enc_level);
# endif
#endif

4
include/internal/quic_record_util.h
View File

@ -13,6 +13,8 @@
# include <openssl/ssl.h>
# include "internal/quic_types.h"
# ifndef OPENSSL_NO_QUIC
struct ossl_qrx_st;
struct ossl_qtx_st;
@ -109,4 +111,6 @@ uint64_t ossl_qrl_get_suite_max_pkt(uint32_t suite_id);
*/
uint64_t ossl_qrl_get_suite_max_forged_pkt(uint32_t suite_id);
# endif
#endif

4
include/internal/quic_rx_depack.h
View File

@ -12,6 +12,10 @@
# include "internal/quic_channel.h"
# ifndef OPENSSL_NO_QUIC
int ossl_quic_handle_frames(QUIC_CHANNEL *qc, OSSL_QRX_PKT *qpacket);
# endif
#endif

3
include/internal/quic_sf_list.h
View File

@ -35,6 +35,7 @@
* able to mark an empty frame.
* Invariant: The offset never points further than into the first frame.
*/
# ifndef OPENSSL_NO_QUIC
typedef struct stream_frame_st STREAM_FRAME;
@ -58,4 +59,6 @@ int ossl_sframe_list_peek(const SFRAME_LIST *fl, void **iter,
int *fin);
int ossl_sframe_list_drop_frames(SFRAME_LIST *fl, uint64_t limit);
# endif
#endif

4
include/internal/quic_ssl.h
View File

@ -15,6 +15,8 @@
# include "internal/quic_record_rx.h" /* OSSL_QRX */
# include "internal/quic_ackm.h" /* OSSL_ACKM */
# ifndef OPENSSL_NO_QUIC
__owur SSL *ossl_quic_new(SSL_CTX *ctx);
__owur int ossl_quic_init(SSL *s);
void ossl_quic_deinit(SSL *s);
@ -60,4 +62,6 @@ BIO *ossl_quic_conn_get_net_wbio(const QUIC_CONNECTION *qc);
__owur int ossl_quic_conn_set_initial_peer_addr(QUIC_CONNECTION *qc,
const BIO_ADDR *peer_addr);
# endif
#endif

4
include/internal/quic_statm.h
View File

@ -13,6 +13,8 @@
# include <openssl/ssl.h>
# include "internal/time.h"
# ifndef OPENSSL_NO_QUIC
typedef struct ossl_statm_st {
OSSL_TIME smoothed_rtt, latest_rtt, min_rtt, rtt_variance, max_ack_delay;
char have_first_sample;
@ -35,4 +37,6 @@ void ossl_statm_update_rtt(OSSL_STATM *statm,
void ossl_statm_set_max_ack_delay(OSSL_STATM *statm, OSSL_TIME max_ack_delay);
# endif
#endif

4
include/internal/quic_stream.h
View File

@ -20,6 +20,8 @@
#include "internal/quic_fc.h"
#include "internal/quic_statm.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Send Stream
* ================
@ -343,4 +345,6 @@ int ossl_quic_rstream_peek(QUIC_RSTREAM *qrs, unsigned char *buf, size_t size,
*/
int ossl_quic_rstream_available(QUIC_RSTREAM *qrs, size_t *avail, int *fin);
# endif
#endif

4
include/internal/quic_txp.h
View File

@ -21,6 +21,8 @@
# include "internal/bio_addr.h"
# include "internal/time.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC TX Packetiser
* ==================
@ -159,4 +161,6 @@ void ossl_quic_tx_packetiser_schedule_ack_eliciting(OSSL_QUIC_TX_PACKETISER *txp
int ossl_quic_tx_packetiser_schedule_conn_close(OSSL_QUIC_TX_PACKETISER *txp,
const OSSL_QUIC_FRAME_CONN_CLOSE *f);
# endif
#endif

4
include/internal/quic_txpim.h
View File

@ -15,6 +15,8 @@
# include "internal/quic_cfq.h"
# include "internal/quic_ackm.h"
# ifndef OPENSSL_NO_QUIC
/*
* QUIC Transmitted Packet Information Manager
* ===========================================
@ -125,4 +127,6 @@ size_t ossl_quic_txpim_pkt_get_num_chunks(const QUIC_TXPIM_PKT *fpkt);
*/
size_t ossl_quic_txpim_get_in_use(const QUIC_TXPIM *txpim);
# endif
#endif

46
include/internal/quic_types.h
View File

@ -14,18 +14,20 @@
# include <assert.h>
# include <string.h>
# ifndef OPENSSL_NO_QUIC
/* QUIC encryption levels. */
#define QUIC_ENC_LEVEL_INITIAL 0
#define QUIC_ENC_LEVEL_HANDSHAKE 1
#define QUIC_ENC_LEVEL_0RTT 2
#define QUIC_ENC_LEVEL_1RTT 3
#define QUIC_ENC_LEVEL_NUM 4
# define QUIC_ENC_LEVEL_INITIAL 0
# define QUIC_ENC_LEVEL_HANDSHAKE 1
# define QUIC_ENC_LEVEL_0RTT 2
# define QUIC_ENC_LEVEL_1RTT 3
# define QUIC_ENC_LEVEL_NUM 4
/* QUIC packet number spaces. */
#define QUIC_PN_SPACE_INITIAL 0
#define QUIC_PN_SPACE_HANDSHAKE 1
#define QUIC_PN_SPACE_APP 2
#define QUIC_PN_SPACE_NUM 3
# define QUIC_PN_SPACE_INITIAL 0
# define QUIC_PN_SPACE_HANDSHAKE 1
# define QUIC_PN_SPACE_APP 2
# define QUIC_PN_SPACE_NUM 3
static ossl_unused ossl_inline uint32_t
ossl_quic_enc_level_to_pn_space(uint32_t enc_level)
@ -45,14 +47,14 @@ ossl_quic_enc_level_to_pn_space(uint32_t enc_level)
}
/* QUIC packet number spaces. */
#define QUIC_PN_SPACE_INITIAL 0
#define QUIC_PN_SPACE_HANDSHAKE 1
#define QUIC_PN_SPACE_APP 2
#define QUIC_PN_SPACE_NUM 3
# define QUIC_PN_SPACE_INITIAL 0
# define QUIC_PN_SPACE_HANDSHAKE 1
# define QUIC_PN_SPACE_APP 2
# define QUIC_PN_SPACE_NUM 3
/* QUIC packet number representation. */
typedef uint64_t QUIC_PN;
# define QUIC_PN_INVALID UINT64_MAX
# define QUIC_PN_INVALID UINT64_MAX
static ossl_unused ossl_inline QUIC_PN ossl_quic_pn_max(QUIC_PN a, QUIC_PN b)
{
@ -65,7 +67,7 @@ static ossl_unused ossl_inline QUIC_PN ossl_quic_pn_min(QUIC_PN a, QUIC_PN b)
}
/* QUIC connection ID representation. */
#define QUIC_MAX_CONN_ID_LEN 20
# define QUIC_MAX_CONN_ID_LEN 20
typedef struct quic_conn_id_st {
unsigned char id_len, id[QUIC_MAX_CONN_ID_LEN];
@ -79,16 +81,18 @@ static ossl_unused ossl_inline int ossl_quic_conn_id_eq(const QUIC_CONN_ID *a,
return memcmp(a->id, b->id, a->id_len) == 0;
}
#define QUIC_MIN_INITIAL_DGRAM_LEN 1200
# define QUIC_MIN_INITIAL_DGRAM_LEN 1200
#define QUIC_DEFAULT_ACK_DELAY_EXP 3
#define QUIC_MAX_ACK_DELAY_EXP 20
# define QUIC_DEFAULT_ACK_DELAY_EXP 3
# define QUIC_MAX_ACK_DELAY_EXP 20
#define QUIC_DEFAULT_MAX_ACK_DELAY 25
# define QUIC_DEFAULT_MAX_ACK_DELAY 25
#define QUIC_MIN_ACTIVE_CONN_ID_LIMIT 2
# define QUIC_MIN_ACTIVE_CONN_ID_LIMIT 2
/* Arbitrary choice of default idle timeout (not an RFC value). */
#define QUIC_DEFAULT_IDLE_TIMEOUT 30000
# define QUIC_DEFAULT_IDLE_TIMEOUT 30000
# endif
#endif

6
include/internal/quic_vlint.h
View File

@ -11,7 +11,9 @@
# define OSSL_INTERNAL_QUIC_VLINT_H
# pragma once
#include "internal/e_os.h"
# include "internal/e_os.h"
# ifndef OPENSSL_NO_QUIC
/* The smallest value requiring a 1, 2, 4, or 8-byte representation. */
#define OSSL_QUIC_VLINT_1B_MIN 0
@ -120,4 +122,6 @@ uint64_t ossl_quic_vlint_decode_unchecked(const unsigned char *buf);
*/
int ossl_quic_vlint_decode(const unsigned char *buf, size_t buf_len, uint64_t *v);
# endif
#endif

150
include/internal/quic_wire.h
View File

@ -11,78 +11,80 @@
# define OSSL_INTERNAL_QUIC_WIRE_H
# pragma once
#include "internal/e_os.h"
#include "internal/time.h"
#include "internal/quic_types.h"
#include "internal/packet.h"
# include "internal/e_os.h"
# include "internal/time.h"
# include "internal/quic_types.h"
# include "internal/packet.h"
#define OSSL_QUIC_FRAME_TYPE_PADDING 0x00
#define OSSL_QUIC_FRAME_TYPE_PING 0x01
#define OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN 0x02
#define OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN 0x03
#define OSSL_QUIC_FRAME_TYPE_RESET_STREAM 0x04
#define OSSL_QUIC_FRAME_TYPE_STOP_SENDING 0x05
#define OSSL_QUIC_FRAME_TYPE_CRYPTO 0x06
#define OSSL_QUIC_FRAME_TYPE_NEW_TOKEN 0x07
#define OSSL_QUIC_FRAME_TYPE_MAX_DATA 0x10
#define OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA 0x11
#define OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI 0x12
#define OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI 0x13
#define OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED 0x14
#define OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED 0x15
#define OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI 0x16
#define OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI 0x17
#define OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID 0x18
#define OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID 0x19
#define OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE 0x1A
#define OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE 0x1B
#define OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT 0x1C
#define OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP 0x1D
#define OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE 0x1E
# ifndef OPENSSL_NO_QUIC
#define OSSL_QUIC_FRAME_FLAG_STREAM_FIN 0x01
#define OSSL_QUIC_FRAME_FLAG_STREAM_LEN 0x02
#define OSSL_QUIC_FRAME_FLAG_STREAM_OFF 0x04
#define OSSL_QUIC_FRAME_FLAG_STREAM_MASK ((uint64_t)0x07)
# define OSSL_QUIC_FRAME_TYPE_PADDING 0x00
# define OSSL_QUIC_FRAME_TYPE_PING 0x01
# define OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN 0x02
# define OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN 0x03
# define OSSL_QUIC_FRAME_TYPE_RESET_STREAM 0x04
# define OSSL_QUIC_FRAME_TYPE_STOP_SENDING 0x05
# define OSSL_QUIC_FRAME_TYPE_CRYPTO 0x06
# define OSSL_QUIC_FRAME_TYPE_NEW_TOKEN 0x07
# define OSSL_QUIC_FRAME_TYPE_MAX_DATA 0x10
# define OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA 0x11
# define OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI 0x12
# define OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI 0x13
# define OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED 0x14
# define OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED 0x15
# define OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI 0x16
# define OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI 0x17
# define OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID 0x18
# define OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID 0x19
# define OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE 0x1A
# define OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE 0x1B
# define OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT 0x1C
# define OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP 0x1D
# define OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE 0x1E
# define OSSL_QUIC_FRAME_FLAG_STREAM_FIN 0x01
# define OSSL_QUIC_FRAME_FLAG_STREAM_LEN 0x02
# define OSSL_QUIC_FRAME_FLAG_STREAM_OFF 0x04
# define OSSL_QUIC_FRAME_FLAG_STREAM_MASK ((uint64_t)0x07)
/* Low 3 bits of the type contain flags */
#define OSSL_QUIC_FRAME_TYPE_STREAM 0x08 /* base ID */
#define OSSL_QUIC_FRAME_TYPE_STREAM_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
# define OSSL_QUIC_FRAME_TYPE_STREAM 0x08 /* base ID */
# define OSSL_QUIC_FRAME_TYPE_STREAM_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_FIN)
#define OSSL_QUIC_FRAME_TYPE_STREAM_LEN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
# define OSSL_QUIC_FRAME_TYPE_STREAM_LEN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_LEN)
#define OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_LEN | \
# define OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_LEN | \
OSSL_QUIC_FRAME_FLAG_STREAM_FIN)
#define OSSL_QUIC_FRAME_TYPE_STREAM_OFF \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
# define OSSL_QUIC_FRAME_TYPE_STREAM_OFF \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF)
#define OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF | \
# define OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF | \
OSSL_QUIC_FRAME_FLAG_STREAM_FIN)
#define OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF | \
# define OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF | \
OSSL_QUIC_FRAME_FLAG_STREAM_LEN)
#define OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF | \
OSSL_QUIC_FRAME_FLAG_STREAM_LEN | \
# define OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN \
(OSSL_QUIC_FRAME_TYPE_STREAM | \
OSSL_QUIC_FRAME_FLAG_STREAM_OFF | \
OSSL_QUIC_FRAME_FLAG_STREAM_LEN | \
OSSL_QUIC_FRAME_FLAG_STREAM_FIN)
#define OSSL_QUIC_FRAME_TYPE_IS_STREAM(x) \
# define OSSL_QUIC_FRAME_TYPE_IS_STREAM(x) \
(((x) & ~OSSL_QUIC_FRAME_FLAG_STREAM_MASK) == OSSL_QUIC_FRAME_TYPE_STREAM)
#define OSSL_QUIC_FRAME_TYPE_IS_ACK(x) \
# define OSSL_QUIC_FRAME_TYPE_IS_ACK(x) \
(((x) & ~(uint64_t)1) == OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN)
#define OSSL_QUIC_FRAME_TYPE_IS_MAX_STREAMS(x) \
# define OSSL_QUIC_FRAME_TYPE_IS_MAX_STREAMS(x) \
(((x) & ~(uint64_t)1) == OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI)
#define OSSL_QUIC_FRAME_TYPE_IS_STREAMS_BLOCKED(x) \
# define OSSL_QUIC_FRAME_TYPE_IS_STREAMS_BLOCKED(x) \
(((x) & ~(uint64_t)1) == OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
#define OSSL_QUIC_FRAME_TYPE_IS_CONN_CLOSE(x) \
# define OSSL_QUIC_FRAME_TYPE_IS_CONN_CLOSE(x) \
(((x) & ~(uint64_t)1) == OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT)
static ossl_unused ossl_inline int
@ -101,23 +103,23 @@ ossl_quic_frame_type_is_ack_eliciting(uint64_t frame_type)
}
/* QUIC Transport Parameter Types */
#define QUIC_TPARAM_ORIG_DCID 0x00
#define QUIC_TPARAM_MAX_IDLE_TIMEOUT 0x01
#define QUIC_TPARAM_STATELESS_RESET_TOKEN 0x02
#define QUIC_TPARAM_MAX_UDP_PAYLOAD_SIZE 0x03
#define QUIC_TPARAM_INITIAL_MAX_DATA 0x04
#define QUIC_TPARAM_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL 0x05
#define QUIC_TPARAM_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE 0x06
#define QUIC_TPARAM_INITIAL_MAX_STREAM_DATA_UNI 0x07
#define QUIC_TPARAM_INITIAL_MAX_STREAMS_BIDI 0x08
#define QUIC_TPARAM_INITIAL_MAX_STREAMS_UNI 0x09
#define QUIC_TPARAM_ACK_DELAY_EXP 0x0A
#define QUIC_TPARAM_MAX_ACK_DELAY 0x0B
#define QUIC_TPARAM_DISABLE_ACTIVE_MIGRATION 0x0C
#define QUIC_TPARAM_PREFERRED_ADDR 0x0D
#define QUIC_TPARAM_ACTIVE_CONN_ID_LIMIT 0x0E
#define QUIC_TPARAM_INITIAL_SCID 0x0F
#define QUIC_TPARAM_RETRY_SCID 0x10
# define QUIC_TPARAM_ORIG_DCID 0x00
# define QUIC_TPARAM_MAX_IDLE_TIMEOUT 0x01
# define QUIC_TPARAM_STATELESS_RESET_TOKEN 0x02
# define QUIC_TPARAM_MAX_UDP_PAYLOAD_SIZE 0x03
# define QUIC_TPARAM_INITIAL_MAX_DATA 0x04
# define QUIC_TPARAM_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL 0x05
# define QUIC_TPARAM_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE 0x06
# define QUIC_TPARAM_INITIAL_MAX_STREAM_DATA_UNI 0x07
# define QUIC_TPARAM_INITIAL_MAX_STREAMS_BIDI 0x08
# define QUIC_TPARAM_INITIAL_MAX_STREAMS_UNI 0x09
# define QUIC_TPARAM_ACK_DELAY_EXP 0x0A
# define QUIC_TPARAM_MAX_ACK_DELAY 0x0B
# define QUIC_TPARAM_DISABLE_ACTIVE_MIGRATION 0x0C
# define QUIC_TPARAM_PREFERRED_ADDR 0x0D
# define QUIC_TPARAM_ACTIVE_CONN_ID_LIMIT 0x0E
# define QUIC_TPARAM_INITIAL_SCID 0x0F
# define QUIC_TPARAM_RETRY_SCID 0x10
/*
* QUIC Frame Logical Representations
@ -752,4 +754,6 @@ int ossl_quic_wire_decode_transport_param_cid(PACKET *pkt,
uint64_t *id,
QUIC_CONN_ID *cid);
# endif
#endif

34
include/internal/quic_wire_pkt.h
View File

@ -14,16 +14,18 @@
# include "internal/packet.h"
# include "internal/quic_types.h"
# define QUIC_VERSION_NONE ((uint32_t)0) /* Used for version negotiation */
# define QUIC_VERSION_1 ((uint32_t)1) /* QUIC v1 */
# ifndef OPENSSL_NO_QUIC
# define QUIC_VERSION_NONE ((uint32_t)0) /* Used for version negotiation */
# define QUIC_VERSION_1 ((uint32_t)1) /* QUIC v1 */
/* QUIC logical packet type. These do not match wire values. */
# define QUIC_PKT_TYPE_INITIAL 1
# define QUIC_PKT_TYPE_0RTT 2
# define QUIC_PKT_TYPE_HANDSHAKE 3
# define QUIC_PKT_TYPE_RETRY 4
# define QUIC_PKT_TYPE_1RTT 5
# define QUIC_PKT_TYPE_VERSION_NEG 6
# define QUIC_PKT_TYPE_INITIAL 1
# define QUIC_PKT_TYPE_0RTT 2
# define QUIC_PKT_TYPE_HANDSHAKE 3
# define QUIC_PKT_TYPE_RETRY 4
# define QUIC_PKT_TYPE_1RTT 5
# define QUIC_PKT_TYPE_VERSION_NEG 6
/*
* Determine encryption level from packet type. Returns QUIC_ENC_LEVEL_NUM if
@ -120,9 +122,9 @@ ossl_quic_pkt_type_must_be_last(uint32_t pkt_type)
* Smallest possible QUIC packet size as per RFC (aside from version negotiation
* packets).
*/
#define QUIC_MIN_VALID_PKT_LEN_CRYPTO 21
#define QUIC_MIN_VALID_PKT_LEN_VERSION_NEG 7
#define QUIC_MIN_VALID_PKT_LEN QUIC_MIN_VALID_PKT_LEN_VERSION_NEG
# define QUIC_MIN_VALID_PKT_LEN_CRYPTO 21
# define QUIC_MIN_VALID_PKT_LEN_VERSION_NEG 7
# define QUIC_MIN_VALID_PKT_LEN QUIC_MIN_VALID_PKT_LEN_VERSION_NEG
typedef struct quic_pkt_hdr_ptrs_st QUIC_PKT_HDR_PTRS;
@ -142,9 +144,9 @@ typedef struct quic_hdr_protector_st {
uint32_t cipher_id;
} QUIC_HDR_PROTECTOR;
# define QUIC_HDR_PROT_CIPHER_AES_128 1
# define QUIC_HDR_PROT_CIPHER_AES_256 2
# define QUIC_HDR_PROT_CIPHER_CHACHA 3
# define QUIC_HDR_PROT_CIPHER_AES_128 1
# define QUIC_HDR_PROT_CIPHER_AES_256 2
# define QUIC_HDR_PROT_CIPHER_CHACHA 3
/*
* Initialises a header protector.
@ -551,7 +553,7 @@ int ossl_quic_wire_encode_pkt_hdr_pn(QUIC_PN pn,
* ====================
*/
#define QUIC_RETRY_INTEGRITY_TAG_LEN 16
# define QUIC_RETRY_INTEGRITY_TAG_LEN 16
/*
* Validate a retry integrity tag. Returns 1 if the tag is valid.
@ -592,4 +594,6 @@ int ossl_quic_calculate_retry_integrity_tag(OSSL_LIB_CTX *libctx,
const QUIC_CONN_ID *client_initial_dcid,
unsigned char *tag);
# endif
#endif

2
ssl/quic/quic_channel.c
View File

@ -87,7 +87,7 @@ static int ch_init(QUIC_CHANNEL *ch)
QUIC_DHS_ARGS dhs_args = {0};
uint32_t pn_space;
// TODO CLIENT ONLY
/* TODO(QUIC): This is only applicable to clients. */
if (!gen_rand_conn_id(ch->libctx, INIT_DCID_LEN, &ch->init_dcid))
goto err;

12
ssl/ssl_lib.c
View File

@ -2054,10 +2054,12 @@ int SSL_get_async_status(SSL *s, int *status)
int SSL_accept(SSL *s)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc != NULL)
return s->method->ssl_accept(s);
#endif
if (sc == NULL)
return 0;
@ -2073,10 +2075,12 @@ int SSL_accept(SSL *s)
int SSL_connect(SSL *s)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc != NULL)
return s->method->ssl_connect(s);
#endif
if (sc == NULL)
return 0;
@ -2177,10 +2181,12 @@ static int ssl_io_intern(void *vargs)
int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc != NULL)
return s->method->ssl_read(s, buf, num, readbytes);
#endif
if (sc == NULL)
return -1;
@ -2328,10 +2334,12 @@ int SSL_get_early_data_status(const SSL *s)
static int ssl_peek_internal(SSL *s, void *buf, size_t num, size_t *readbytes)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc != NULL)
return s->method->ssl_peek(s, buf, num, readbytes);
#endif
if (sc == NULL)
return 0;
@ -2397,10 +2405,12 @@ int SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *readbytes)
int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc != NULL)
return s->method->ssl_write(s, buf, num, written);
#endif
if (sc == NULL)
return 0;
@ -4642,10 +4652,12 @@ const char *ssl_protocol_to_string(int version)
const char *SSL_get_version(const SSL *s)
{
const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
#ifndef OPENSSL_NO_QUIC
const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
if (qc != NULL)
return "QUIC";
#endif
if (sc == NULL)
return NULL;

6
test/packettest.c
View File

@ -465,6 +465,8 @@ static int test_PACKET_as_length_prefixed_2(void)
return 1;
}
#ifndef OPENSSL_NO_QUIC
static int test_PACKET_get_quic_vlint(void)
{
struct quic_test_case {
@ -569,6 +571,8 @@ static int test_PACKET_get_quic_length_prefixed(void)
return 1;
}
#endif
int setup_tests(void)
{
unsigned int i;
@ -599,7 +603,9 @@ int setup_tests(void)
ADD_TEST(test_PACKET_get_length_prefixed_3);
ADD_TEST(test_PACKET_as_length_prefixed_1);
ADD_TEST(test_PACKET_as_length_prefixed_2);
#ifndef OPENSSL_NO_QUIC
ADD_TEST(test_PACKET_get_quic_vlint);
ADD_TEST(test_PACKET_get_quic_length_prefixed);
#endif
return 1;
}

10
test/wpackettest.c
View File

@ -26,6 +26,8 @@ static const unsigned char simpleder[] = {
0xfc, 0x04, 0x00, 0x01, 0x02, 0x03, 0xff, 0xfe, 0xfd
};
#ifndef OPENSSL_NO_QUIC
/* QUIC sub-packet with 4-byte length prefix, containing a 1-byte vlint */
static const unsigned char quic1[] = { 0x80, 0x00, 0x00, 0x01, 0x09 };
/* QUIC sub-packet with 1-byte length prefix, containing a 1-byte vlint */
@ -50,6 +52,8 @@ static const unsigned char quic7[] = {
0x40, 0x01, 0x11, 0x40, 0x01, 0x12, 0x40, 0x01, 0x13
};
#endif
static BUF_MEM *buf;
static int cleanup(WPACKET *pkt)
@ -448,6 +452,8 @@ static int test_WPACKET_init_der(void)
return 1;
}
#ifndef OPENSSL_NO_QUIC
static int test_WPACKET_quic(void)
{
WPACKET pkt;
@ -621,6 +627,8 @@ static int test_WPACKET_quic_vlint_random(void)
return 1;
}
#endif
int setup_tests(void)
{
if (!TEST_ptr(buf = BUF_MEM_new()))
@ -633,8 +641,10 @@ int setup_tests(void)
ADD_TEST(test_WPACKET_allocate_bytes);
ADD_TEST(test_WPACKET_memcpy);
ADD_TEST(test_WPACKET_init_der);
#ifndef OPENSSL_NO_QUIC
ADD_TEST(test_WPACKET_quic);
ADD_TEST(test_WPACKET_quic_vlint_random);
#endif
return 1;
}