mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Keep doing ossl_quic_tls_tick() even after handshake completion

Browse Source 
There may be post-handshake messages to process so make sure we keep
ticking things even if the handshake has finished. We do this simply by
calling SSL_read(). There should never be app data to read but we will
process any handshake records we encounter.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21591)
This commit is contained in:
Matt Caswell 2023-07-27 13:48:02 +01:00 committed by Hugo Landau
parent 747b51f483
commit f85d343208
1 changed files with 22 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
ssl/quic/quic_tls.c
View File

@ -644,9 +644,6 @@ int ossl_quic_tls_tick(QUIC_TLS *qtls)
if (qtls->inerror)
return 0;
if (qtls->complete)
return 1;
if (!qtls->configured) {
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(qtls->args.s);
SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(sc);
@ -702,19 +699,22 @@ int ossl_quic_tls_tick(QUIC_TLS *qtls)
*/
SSL_set_bio(qtls->args.s, nullbio, nullbio);
if (qtls->args.is_server) {
if (qtls->args.is_server)
SSL_set_accept_state(qtls->args.s);
if (!SSL_set_num_tickets(qtls->args.s, 0)) {
qtls->inerror = 1;
return 0;
}
} else {
else
SSL_set_connect_state(qtls->args.s);
}
qtls->configured = 1;
}
ret = SSL_do_handshake(qtls->args.s);
if (qtls->complete)
/*
* There should never be app data to read, but calling SSL_read() will
* ensure any post-handshake messages are processed.
*/
ret = SSL_read(qtls->args.s, NULL, 0);
else
ret = SSL_do_handshake(qtls->args.s);
if (ret <= 0) {
switch (SSL_get_error(qtls->args.s, ret)) {
case SSL_ERROR_WANT_READ:
@ -726,14 +726,18 @@ int ossl_quic_tls_tick(QUIC_TLS *qtls)
}
}
/* Validate that we have ALPN */
SSL_get0_alpn_selected(qtls->args.s, &alpn, &alpnlen);
if (alpn == NULL || alpnlen == 0) {
qtls->inerror = 1;
return 0;
if (!qtls->complete) {
/* Validate that we have ALPN */
SSL_get0_alpn_selected(qtls->args.s, &alpn, &alpnlen);
if (alpn == NULL || alpnlen == 0) {
qtls->inerror = 1;
return 0;
}
qtls->complete = 1;
return qtls->args.handshake_complete_cb(qtls->args.handshake_complete_cb_arg);
}
qtls->complete = 1;
return qtls->args.handshake_complete_cb(qtls->args.handshake_complete_cb_arg);
return 1;
}
int ossl_quic_tls_set_transport_params(QUIC_TLS *qtls,