dfc227bd24
QUIC Front End I/O API: Don't allow EPW to be enabled during AON
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:21 +00:00
0651e05474
QUIC: Back out version string change
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:21 +00:00
2fff884c86
QUIC: Documentation updates
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:21 +00:00
ca41f6b7e9
QUIC Front End I/O API: Tweaks to handshake processing
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:21 +00:00
a1660c9422
QUIC Front End I/O API: Remove unnecessary code from SSL_get_tick_timeout
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:20 +00:00
e28f512f04
QUIC CHANNEL: Minor cleanups and bug fix
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:20 +00:00
d50e750e13
QUIC: Style fixes
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:20 +00:00
8a1a6d6d9e
QUIC Front End I/O API: Wire up SSL_CTX ctrls and remove unneeded functions
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:19 +00:00
9bbc5b54b0
QUIC CHANNEL: Revise inaccurate comments
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:19 +00:00
c8b3fdc2e4
QUIC: Revise and add some TODO lines
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:19 +00:00
fbe2573d3b
QUIC Front End I/O API: Correct implementation of SSL_tick, SSL_get_tick_timeout
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:18 +00:00
6848e5eeee
QUIC Front End I/O API: Change version string
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:18 +00:00
45ecfc9b52
Separate handling of RX and TX enc level
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:18 +00:00
3bf4dc8c21
QUIC CHANNEL: Only pump the demuxer once per tick
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:17 +00:00
92282a17c9
QUIC CHANNEL: Only reprocess after an RX secret has been provisioned
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:17 +00:00
24c1be5cff
QUIC TXP: Correct an issue with an uninitialized variable
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:17 +00:00
d1ac77b1a5
QUIC Front-End I/O API: Ensure BIOs are reffed and freed correctly
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:17 +00:00
4e64437a5f
QUIC_CHANNEL: Handle deferred packet processing after yielding of secrets correctly
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:17 +00:00
d7668ff213
QUIC DEMUX: Allow MTU to vary over time and autodetect MTU
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:17 +00:00
6292519cd8
QUIC: Enable building with QUIC support disabled
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:16 +00:00
44019a69c4
QUIC: make update
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:16 +00:00
b940f943a2
QUIC: Temporarily disable front-end API tests
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:16 +00:00
6a80019862
QUIC: Remove RX depacketiser tests from QRL test suite
...
These create significant coupling between the QRL tests and the RXDP.
Moreover, the RXDP has no state of its own and is implemented as part of
the QUIC_CHANNEL, ergo it doesn't make that much sense to test it in
isolation.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:16 +00:00
03bacce81e
QUIC Front-End I/O API: Wire up the SSL API functions
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:16 +00:00
22d53c8883
QUIC Front-End I/O API
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:15 +00:00
8c94cf38a2
internal/sockets.h: Add support for testing EINTR portably
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:15 +00:00
198d97c14e
QUIC: Add miscellaneous QUIC constants
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:15 +00:00
cbe7f586ad
QUIC Stream Mapper: CSM-related changes, stream limits handling
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:15 +00:00
3a37c9235d
QUIC: Complete the implementation of the RX depacketiser in terms of QUIC_CHANNEL
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:14 +00:00
f538b42155
QUIC_CHANNEL: Implementation
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:14 +00:00
69523214ee
QUIC: Add QUIC reactor
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:14 +00:00
68801bcb76
Add BIO poll descriptors
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:14 +00:00
4ed9e0a1e3
QUIC ACKM: Add function to get PTO
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:14 +00:00
27003aa6eb
QUIC RXDP: Remove non-actionable TODOs
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:14 +00:00
c572bed9f5
QUIC CSM: Documentation for new APIs
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:13 +00:00
a64d82485d
QUIC Transport Parameters: Add CID encoder/decoder, make ID optional
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:13 +00:00
0f7b5cc9f3
QUIC RX: Refactor unsafe DCID consistency checking
...
Previously, we enforced the requirement that the DCIDs be the same for
all packets in a datagram by keeping a pointer to the first RXE
generated from a datagram. This is unsafe and could lead to a UAF if the
first packet is malformed, meaning that no RXE ended up being generated
from it. Keep track of the DCID directly instead, as we should enforce
this correctly even if the first packet in a datagram is malformed (but
has an intelligible header with a DCID and length).
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:13 +00:00
7d7a8d4165
Remove duplicate declaration
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:13 +00:00
16b220dde3
internal/sockets.h: Ensure errno.h included when necessary
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
462d81dd73
QUIC Dummy Handshake Layer: Allow transport parameters to be set later
...
Server mode not implemented yet.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
cda88bafe7
QUIC TXP: Don't send STREAM frames until handshake is complete
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
df03868564
QUIC TXP: Make discard_enc_level match documentation
...
The documentation in the header file of the TXP stated that it is the
caller's responsibility to also notify the QTX of a discarded EL.
However, the implementation did not reflect this. Update the
implementation to reflect the intended design.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
04e5226f65
QUIC TXP: Add a function to query if the TXP wants to generate a packet
...
For use by QUIC CSM.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
b2c94b9399
QUIC Record Layer: Allow INITIAL EL to be rekeyed
...
Ordinarily we should not allow ELs to be rekeyed as it makes no sense to
do so. However the INITIAL EL can need to be rekeyed if a connection
retry occurs. Modify the QRL to allow this.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
56a1a0ad24
QUIC: Add transport parameter and other constants
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
6946f1184a
QUIC Wire Format Encoding: Fix handling of zero-length parameters
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
21247795c0
QUIC RSTREAM: Allow pointer to be NULL when calling free
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:12 +00:00
cdd3f73236
QUIC TX: Do not have QTX handle refcount of BIOs
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:11 +00:00
c4abf9ebb0
QUIC RXFC: Don't emit a MAX_STREAM_DATA frame if we have a final size
...
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:11 +00:00
70d45893d0
QUIC Wire Encoding: Support Retry Integrity Tag Calculation
...
This adds support for calculating and verifying retry integrity tags. In
order to support this, an 'unused' field is added to the QUIC packet
header structure so we can ensure that the serialization of the header
is bit-for-bit identical to what was decoded.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703 )
2023-01-13 13:20:10 +00:00
Hugo Landau
Matt Caswell