Minor updates

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20061)
2025-01-18 13:44:20 +08:00 · 2023-06-29 13:48:57 +01:00 · 2023-06-29 13:48:57 +01:00 · 6e5550a104
commit 6e5550a104
parent 9289e59c95
5 changed files with 10 additions and 13 deletions
--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod
+++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
@ -25,8 +25,6 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated
 void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
                             unsigned int *len);

-
-
 void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
                                            int (*cb)(SSL *ssl,
                                                      const unsigned char **out,
--- a/include/internal/statem.h
+++ b/include/internal/statem.h
@ -6,8 +6,8 @@
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */
-#ifndef STATEM_H
-# define STATEM_H
+#ifndef OSSL_INTERNAL_STATEM_H
+# define OSSL_INTERNAL_STATEM_H

 /*****************************************************************************
 *                                                                           *
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@ -331,8 +331,8 @@ SSL *ossl_quic_new(SSL_CTX *ctx)
    sc->s3.flags |= TLS1_FLAGS_QUIC;

    /* Restrict options derived from the SSL_CTX. */
-    sc->options     &= OSSL_QUIC_PERMITTED_OPTIONS;
-    sc->pha_enabled  = 0;
+    sc->options &= OSSL_QUIC_PERMITTED_OPTIONS;
+    sc->pha_enabled = 0;

 #if defined(OPENSSL_THREADS)
    if ((qc->mutex = ossl_crypto_mutex_new()) == NULL)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -765,10 +765,8 @@ SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method)

    s->mode = ctx->mode;
    s->max_cert_list = ctx->max_cert_list;
-    if (!IS_QUIC_CTX(ctx)) {
-        s->max_early_data = ctx->max_early_data;
-        s->recv_max_early_data = ctx->recv_max_early_data;
-    }
+    s->max_early_data = ctx->max_early_data;
+    s->recv_max_early_data = ctx->recv_max_early_data;

    s->num_tickets = ctx->num_tickets;
    s->pha_enabled = ctx->pha_enabled;
@ -5657,6 +5655,9 @@ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx)

 int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
 {
+    if (IS_QUIC_CTX(ctx) && block_size > 1)
+        return 0;
+
    /* block size of 0 or 1 is basically no padding */
    if (block_size == 1)
        ctx->block_padding = 0;
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@ -479,9 +479,7 @@ static int test_quic_forbidden_options(void)
        goto err;

    /* Max early data */
-    if (!TEST_false(SSL_get_recv_max_early_data(ssl))
-        || !TEST_false(SSL_get_max_early_data(ssl))
-        || !TEST_false(SSL_set_recv_max_early_data(ssl, 1))
+    if (!TEST_false(SSL_set_recv_max_early_data(ssl, 1))
        || !TEST_false(SSL_set_max_early_data(ssl, 1)))
        goto err;