2
0
mirror of https://github.com/openssl/openssl.git synced 2025-01-12 13:36:28 +08:00
Commit Graph

626 Commits

Author SHA1 Message Date
Pauli
99fd5b2b10 refcnt: convert references counts to a structure
The structure includes the count and optionally a lock.
The count has the appropriate qualifiers.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21260)
2023-07-01 21:18:08 +10:00
Matt Caswell
37f27b91de Add a test quicserver utility
This QUIC server utility is intended for test purposes only and is expected
to be replaced in a future version of OpenSSL by s_server. At that point
it will be removed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21204)
2023-06-28 09:53:22 +10:00
Tomas Mraz
a02571a024 Support SSL_OP_CLEANSE_PLAINTEXT on QUIC streams
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21182)
2023-06-23 14:31:45 +02:00
Hugo Landau
2525109f90 QUIC: Allow application to trigger TXKU
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:48 +10:00
Hugo Landau
37ba2bc722 QUIC CHANNEL: Optimise key update using ACKs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
16f3b542f8 QUIC: Add internal APIs for white-box testing of key update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
e3e9794aa4 QUIC APL: Correct implementation of time callback override
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
754d2282cd QUIC RX: Support reporting the key epoch a packet was received with
This is needed to support key update validation on the receive side.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
8f9c9213a1 QUIC TXP: Allow callbacks on ACK transmission
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
007f9e99ea QUIC TXP: Allow next PN to be used to be queried
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
256eee3f3f QUIC RX: Refactor key update callback to provide PN
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
b65b0d4ebe QUIC TXP: Remove TX key update handling from TXP
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
a3a51d6ec3 QUIC TXP: Refactor status output to use an extensible structure
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
81b400cf90 QUIC ACKM: Allow largest acked PN to be queried
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
dfd8176f25 QUIC WIRE: Utility function to determine if PN is in an ACK frame
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
dfdbc113ee Partially revert (Add support for Windows CA certificate store)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21190)
2023-06-15 18:01:59 +10:00
Dimitri Papadopoulos
eb4129e12c Fix typos found by codespell
Typos in doc/man* will be fixed in a different commit.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20910)
2023-06-15 10:11:46 +10:00
Tomas Mraz
c4ce0e3303 Include poll.h instead of incorrect sys/poll.h
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21131)
2023-06-10 22:34:42 +02:00
Pauli
e84b5fcc1b params: provide a faster TRIE based param lookup.
The separate file is a Perl script that generates the appropriate define
directives for inclusion in core_names.h.  By having this separation it
will be possible to prebuild data structures to give faster access when
looking up parameters by name.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
2023-06-02 15:13:20 +10:00
Hugo Landau
7ea4971347 QUIC APL: Change SSL_get_event_timeout API design
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
2023-05-29 08:51:12 +02:00
Hugo Landau
6084e04b25 QUIC: Rename SSL_tick, SSL_get_tick_timeout
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20879)
2023-05-29 08:51:12 +02:00
Matt Caswell
674b61ebd9 Create internal/ssl.h
We create the internal/ssl.h header file and move the typedef for
ossl_msg_cb. This is needed by both the QUIC code (which generally doesn't
include ssl_local.h) and the rest of libssl.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Matt Caswell
c2786c8ea7 Rename msg_callback_s to msg_callback_ssl for greater clarity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Matt Caswell
5cf99b4040 Create setter functions for the msg_callback and msg_callback_arg
We create setter functions for the msg_callback and msg_callback_arg so
that these values can be properly propagated to the QRX/QTX/TXP even
after the channel has been created.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Matt Caswell
b09e246aba Properly handling stream/crypto frames while tracing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Matt Caswell
e8528c95a0 Enable tracing of packets that have been sent
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Matt Caswell
45454cccf8 Extend tracing of frames to transmitted frames
Previously we were only doing tracing of frames received from the peer.
Now we do that for transmitted frames as well.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Matt Caswell
63dfde87c4 Add initial QUIC support for the msg_callback
At this stage we just support msg_callback on receipt of a datagram.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:27 +01:00
Hugo Landau
abbbc06a94 Remove an unused variable (clang 16 warning)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24 10:34:55 +01:00
Hugo Landau
629b408c12 QUIC: Fix bugs where threading is disabled
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24 10:34:54 +01:00
Hugo Landau
5915a900af QUIC QSM: Allow QSM to know if we are in the server role
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24 10:34:47 +01:00
Hugo Landau
1df479a9f9 QUIC TSERVER: Allow detection of new incoming streams
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20856)
2023-05-24 10:34:47 +01:00
Tomas Mraz
bbc9754026 quic_tserver: Add possibility to change the connection id
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
2023-05-17 14:04:18 +01:00
Tomas Mraz
eff046524b Add minimal handling of NEW_CONNECTION_ID frames
We actively use only the latest DCID received. And retire only
DCIDs requested by the peer to be retired.

Also changed the active_conn_id_limit to 2 as the minimum value allowed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
2023-05-17 14:04:18 +01:00
Hugo Landau
5da3e02c5e QUIC: Fix CRYPTO_GET_REF
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:15 +01:00
Hugo Landau
83df44ae53 QUIC MSST: Rename SSL_set_incoming_stream_reject_policy
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:15 +01:00
Hugo Landau
5fc256cd6b QUIC MSST: Documentation fixes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:15 +01:00
Hugo Landau
008a61a544 REFCOUNT: Add support for querying refcount
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:14 +01:00
Hugo Landau
22b1a96ff7 QUIC MSST: Minor fixes and cleanups
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:14 +01:00
Hugo Landau
571aff4bfa Minor fixups
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
f0e22d1be8 QUIC TSERVER: Allow STOP_SENDING/RESET_STREAM to be queried
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
2289401685 QUIC TSERVER: Handle FINs correctly if ossl_quic_tserver_read is not called first
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
0847e63ee5 QUIC QSM: Stream garbage collection
This allows QUIC_STREAM objects to be deleted when they are no longer
needed.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
9cacba434b QUIC FIFD: Add support for callback on frame ACK
We need to get acknowledgement notifications for our STOP_SENDING and
STREAM_RESET frames as this information is needed to know when we can
delete a QUIC_STREAM object.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
c3a04ea2fd QUIC DISPATCH/APL: Add SSL_stream_reset and status query APIs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
b6fc2294a1 QUIC RXDP: Record STOP_SENDING/RESET_STREAM event AEC codes consistently
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:13 +01:00
Hugo Landau
e8b9f63235 QUIC QSM: Clean up SEND_STREAM/RECV_STREAM handling
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:12 +01:00
Hugo Landau
723cbe8a73 QUIC CHANNEL: Do not copy terminate cause as it is not modified after termination
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:12 +01:00
Hugo Landau
b89c81e43b QUIC QSM: Handle STOP_SENDING correctly
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:12 +01:00
Hugo Landau
90cecc406f QUIC RXDP/QSM: Enforce MAX_STREAMS
Also use accept queue popping by the application as the retirement
event, i.e., as the cue to increase the limit.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:12 +01:00