mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
dfb9ae14a4
openssl/ssl
History
Hugo Landau dfb9ae14a4 QUIC: Base client/server identity on SSL method, not SSL_set_connect/accept_state 
In QUIC, we have an architectural need (in future, when we implement
0-RTT, etc.) to be able to create streams before we start connecting.
This requires we allocate a stream, including a stream ID, after
creating a QCSO but prior to connecting. However stream IDs are
dependent on whether the endpoint is in the client or server role,
therefore we must know whether we are going to be a client or server
before any pre-connection streams are created. Moreover, the originally
defined QUIC_client_method() and QUIC_server_method() functions heavily
implied the original plan was to have different SSL_METHODs for clients
and servers. Up until now we had been relying on
SSL_set_connect/accept_state() instead.

Solve these problems by basing client/server identity on whether
QUIC_server_method() is used (in future, when we support servers). This
ensures that once a QCSO is created its client/server identity are fixed
and cannot change, allowing pre-connection stream IDs, etc. to be
allocated.

Client/server uncertainty was the primary reason why QUIC_CHANNEL
creation was deferred until connection time up until now, so this
enables further refactoring to facilitate eager allocation of the
QUIC_CHANNEL at QCSO allocation time. This is important as allocating a
stream including its write buffers is hard without having the
QUIC_CHANNEL (which owns the QUIC_STREAM_MAP) in existence.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
2023-05-12 14:47:10 +01:00
..
quic QUIC: Base client/server identity on SSL method, not SSL_set_connect/accept_state 2023-05-12 14:47:10 +01:00
record Release zero length handshake fragment records 2023-05-01 09:54:39 +01:00
statem Be more accurate about what we accept as a valid DTLS version 2023-05-05 15:25:37 +01:00
bio_ssl.c
build.info Revise build.info 2023-03-30 11:14:17 +01:00
d1_lib.c dtls: code cleanup and refactorization 2023-04-24 14:41:47 +02:00
d1_msg.c
d1_srtp.c
event_queue.c
methods.c
pqueue.c
priority_queue.c compute_pqueue_growth(): Fix the return type 2023-01-27 16:11:38 +01:00
s3_enc.c Extend the new_record_layer function 2023-01-24 17:16:29 +00:00
s3_lib.c first cut at sigalg loading 2023-02-24 11:02:48 +11:00
s3_msg.c
ssl_asn1.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
ssl_cert_comp.c
ssl_cert_table.h first cut at sigalg loading 2023-02-24 11:02:48 +11:00
ssl_cert.c Fix regression of no-posix-io builds 2023-04-25 11:32:20 +02:00
ssl_ciph.c Fix typo in ssl_ciph.c 2023-04-13 10:28:08 +01:00
ssl_conf.c SSL_conf_cmd: add support for IgnoreUnexpectedEOF 2023-01-30 09:37:00 +01:00
ssl_err_legacy.c
ssl_err.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
ssl_init.c
ssl_lib.c QUIC Dispatch: Update ssl_lib.c frontend to use new dispatch style 2023-05-12 14:47:09 +01:00
ssl_local.h QUIC Dispatch: Introduce the QUIC_XSO object 2023-05-12 14:46:03 +01:00
ssl_mcnf.c
ssl_rsa_legacy.c
ssl_rsa.c first cut at sigalg loading 2023-02-24 11:02:48 +11:00
ssl_sess.c Clear ownership when duplicating sessions 2023-05-12 10:23:29 +02:00
ssl_stat.c
ssl_txt.c
ssl_utst.c
sslerr.h Provide better errors for some QUIC failures 2023-03-20 09:35:38 +11:00
t1_enc.c Extend the new_record_layer function 2023-01-24 17:16:29 +00:00
t1_lib.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
t1_trce.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
tls13_enc.c Add an initial QUIC-TLS implementation 2023-01-24 17:16:29 +00:00
tls_depr.c
tls_srp.c