Hugo Landau
dc5e5c51e2
QUIC UINT_SET: Fix regression after list refactor
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565 )
2023-08-10 18:19:50 +01:00
Hugo Landau
1623bf374d
QUIC TEST: STREAM, MAX_DATA and MAX_STREAM_DATA testing
...
Fixes https://github.com/openssl/project/issues/76
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565 )
2023-08-10 18:19:50 +01:00
Hugo Landau
6a2b70e21b
QUIC TXP: Fix bug where TXPIM PKT could be used after free
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565 )
2023-08-10 18:19:50 +01:00
Hugo Landau
40c8c756c8
QUIC APL/CHANNEL: Wire up connection closure reason
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565 )
2023-08-10 18:19:45 +01:00
Hugo Landau
ed75eb32f3
QUIC TEST: Test NEW_CONN_ID frames
...
Fixes https://github.com/openssl/project/issues/86
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565 )
2023-08-10 18:19:45 +01:00
Hugo Landau
17340e8785
QUIC TEST: Ensure PING causes ACK generation
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565 )
2023-08-10 18:19:44 +01:00
Tomas Mraz
44cb36d04a
Resolve some of the TODO(QUIC) items
...
For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH
designation to indicate these do not need to be resolved
in QUIC MVP release.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21539 )
2023-08-08 15:58:59 +02:00
Tomas Mraz
a2ca189e27
bio_ssl.c: Support most ctrls with QUIC based BIO_SSL
...
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21539 )
2023-08-08 15:57:56 +02:00
Hugo Landau
7a2bb2101b
QUIC TLS: Rethink error handling
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
828c9c6690
QUIC: Fix nit
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
398922463f
QUIC: Move string conversion functions into a source file
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
741170bef3
QUIC CHANNEL: Improve error reporting
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
67e72ed575
QUIC WIRE: RFC 9000 s. 19.6
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
098914d0b7
QUIC CHANNEL: Apply flow control to CRYPTO streams
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
1051b4a0b9
QUIC FC: Rename stream count mode to reflect actual function
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
7c793cd343
QUIC CHANNEL: Fix typo
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
2a6f1f2f6e
QUIC QRX: Don't process 1-RTT packets until handshake is complete
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
0c1cc36bbb
QUIC QRX: Enforce PN monotonicity with key updates
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
3eb0f9a702
QUIC CHANNEL, TXP: Discard INITIAL EL correctly
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
80bcc4f1ae
QUIC TLS: Report TLS errors properly as QUIC protocol errors
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
3ad5711e48
QUIC CHANNEL: Send correct alert code if no TPARAMs received
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
c5cb85b665
QUIC TXP: Allow PATH_RESPONSE to force padding
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
371c29582a
QUIC CFQ: Unreliable transmission for PATH_RESPONSE
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Hugo Landau
7eb330ff7a
QUIC: Echo PATH_CHALLENGE frames as PATH_RESPONSE frames
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547 )
2023-08-08 14:33:42 +01:00
Pauli
bed2087487
quic compliance: 10.2.3 dropping instead of closing
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:45 +10:00
Pauli
6861f5a703
Fix type/legacy name
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:45 +10:00
Pauli
d15d5ea6a6
quic conformance: add comment about section 10.2.3 conformance
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:45 +10:00
Pauli
d11b901b0b
trivial code nit
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:45 +10:00
Pauli
50e76846bf
quic conformance: 10.2.1 rate limiting
...
Implement the two requirements about limiting closing transmission size to
no more than thrice the received size.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:45 +10:00
Pauli
afe4a7978d
quic conformance: section 10.2.2 requirements
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:34 +10:00
Pauli
6b3b5f9d28
quic conformance: section 10.2.1 requirements
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:34 +10:00
Pauli
24ae2d79d5
quic: use the safe fused multiply divide instead of a safe multiply then a normal division
...
This should extend the range of possible results.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:34 +10:00
Pauli
a441d08b1b
Add note about RFC 9000 10.2 persist time
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:34 +10:00
Pauli
b056e9fcf5
document RRFC9000 10.1 MUST requirement
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:34 +10:00
Pauli
73ef6e6f0f
Note RFC 9000 19.19 requirement
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429 )
2023-08-04 11:55:34 +10:00
Frederik Wedel-Heinen
5ac7ee4d5a
Resolves some magic values that has a hello_retry_request enum type.
...
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21636 )
2023-08-04 11:40:37 +10:00
Matt Caswell
f219abef51
Ensure the QUIC TLS SSL object is marked as shutdown
...
If we shutdown the QUIC connection then we should mark the underlying
TLS SSL object as shutdown as well. Otherwise any sessions are considered
unusable for resumption.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21591 )
2023-08-02 20:27:07 +01:00
Matt Caswell
829eec9f86
Add the ability for tserver to use a pre-existing SSL_CTX
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21591 )
2023-08-02 20:27:07 +01:00
Matt Caswell
f85d343208
Keep doing ossl_quic_tls_tick() even after handshake completion
...
There may be post-handshake messages to process so make sure we keep
ticking things even if the handshake has finished. We do this simply by
calling SSL_read(). There should never be app data to read but we will
process any handshake records we encounter.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21591 )
2023-08-02 20:26:54 +01:00
Matt Caswell
c31f06120f
Ensure SSL_has_pending() always works even before a connection
...
s_client calls SSL_has_pending() even before the connection has been
established. We expect it to return 0 in this case and not put any errors
on the stack.
We change things so that SSL_has_pending() always returns 0 if there is
no stream available.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21578 )
2023-08-02 15:07:07 +01:00
Matt Caswell
33f6ad1724
Still advance handshake even on an empty write
...
A call to SSL_write() with a zero length buffer should still advance the
handshake. Applications (including s_client) may rely on this.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21578 )
2023-08-02 15:07:07 +01:00
Hugo Landau
63fac76c24
QUIC: Automatically drain non-concluded streams, bugfixes
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:42 +01:00
Hugo Landau
6d6b3a032d
QUIC APL: Mask API operations when in shutdown flush
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:42 +01:00
Hugo Landau
8a2e9abac8
QUIC APL: Shutdown Stream Flush Functionality
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00
Hugo Landau
553122cd7c
QUIC TXP: Fix bug relating to STREAM FIN generation
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00
Hugo Landau
cae02d2b0a
QUIC APL: Ensure tick inhibition is not used during blocking
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00
Hugo Landau
5904a0a71f
QUIC TSERVER: Allow reading from a stream after connection termination
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00
Hugo Landau
b864110a82
QUIC QSM: Infrastructure for tracking shutdown flush eligible streams
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00
Hugo Landau
3415677eec
QUIC APL: Add internal call to allow changing send buffer size
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00
Hugo Landau
03b3859501
QUIC CHANNEL: Allow ticking to be inhibited for testing purposes
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484 )
2023-07-31 14:03:25 +01:00