Cleanse also the send stream data with SSL_OP_CLEANSE_PLAINTEXT

QUIC differs from TLS in this regard because it buffers the data to be sent. TLS just encrypts the data to send in place. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #21311)
openssl · Jul 2, 2023 · 6ba2edb · 6ba2edb
1 parent 9e87e4e
commit 6ba2edb
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 9 deletions.
diff --git a/include/internal/quic_stream.h b/include/internal/quic_stream.h
@@ -295,6 +295,11 @@ void ossl_quic_sstream_adjust_iov(size_t len,
                                   OSSL_QTX_IOVEC *iov,
                                   size_t num_iov);
 
+/*
+ * Sets flag to cleanse the buffered data when it is acked.
+ */
+void ossl_quic_sstream_set_cleanse(QUIC_SSTREAM *qss, int cleanse);
+
 /*
  * QUIC Receive Stream Manager
  * ===========================

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
@@ -2694,16 +2694,18 @@ static int ch_init_new_stream(QUIC_CHANNEL *ch, QUIC_STREAM *qs,
     int server_init = ossl_quic_stream_is_server_init(qs);
     int local_init = (ch->is_server == server_init);
     int is_uni = !ossl_quic_stream_is_bidi(qs);
+    int cleanse = (ch->tls->ctx->options & SSL_OP_CLEANSE_PLAINTEXT) != 0;
 
-    if (can_send && (qs->sstream = ossl_quic_sstream_new(INIT_APP_BUF_LEN)) == NULL)
-        goto err;
+    if (can_send) {
+        if ((qs->sstream = ossl_quic_sstream_new(INIT_APP_BUF_LEN)) == NULL)
+            goto err;
+        ossl_quic_sstream_set_cleanse(qs->sstream, cleanse);
+    }
 
     if (can_recv) {
         if ((qs->rstream = ossl_quic_rstream_new(NULL, NULL, 0)) == NULL)
             goto err;
-        ossl_quic_rstream_set_cleanse(qs->rstream,
-                                      (ch->tls->ctx->options
-                                       & SSL_OP_CLEANSE_PLAINTEXT) != 0);
+        ossl_quic_rstream_set_cleanse(qs->rstream, cleanse);
     }
 
     /* TXFC */

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
@@ -2802,15 +2802,19 @@ const SSL_CIPHER *ossl_quic_get_cipher(unsigned int u)
 int ossl_quic_set_ssl_op(SSL *ssl, uint64_t op)
 {
     QCTX ctx;
+    int cleanse;
 
     if (!expect_quic_with_stream_lock(ssl, /*remote_init=*/-1, &ctx))
         return 0;
 
-    if (ctx.xso->stream == NULL || ctx.xso->stream->rstream == NULL)
+    if (ctx.xso->stream == NULL)
         goto out;
 
-    ossl_quic_rstream_set_cleanse(ctx.xso->stream->rstream,
-                                  (op & SSL_OP_CLEANSE_PLAINTEXT) != 0);
+    cleanse = (op & SSL_OP_CLEANSE_PLAINTEXT) != 0;
+    if (ctx.xso->stream->rstream != NULL)
+        ossl_quic_rstream_set_cleanse(ctx.xso->stream->rstream, cleanse);
+    if (ctx.xso->stream->sstream != NULL)
+        ossl_quic_sstream_set_cleanse(ctx.xso->stream->sstream, cleanse);
 
  out:
     quic_unlock(ctx.qc);

diff --git a/ssl/quic/quic_sstream.c b/ssl/quic/quic_sstream.c
@@ -52,6 +52,7 @@ struct quic_sstream_st {
     unsigned int    have_final_size     : 1;
     unsigned int    sent_final_size     : 1;
     unsigned int    acked_final_size    : 1;
+    unsigned int    cleanse             : 1;
 };
 
 static void qss_cull(QUIC_SSTREAM *qss);
@@ -349,7 +350,8 @@ static void qss_cull(QUIC_SSTREAM *qss)
      * can only cull contiguous areas at the start of the ring buffer anyway.
      */
     if (h != NULL)
-        ring_buf_cpop_range(&qss->ring_buf, h->range.start, h->range.end, 0);
+        ring_buf_cpop_range(&qss->ring_buf, h->range.start, h->range.end,
+                            qss->cleanse);
 }
 
 int ossl_quic_sstream_set_buffer_size(QUIC_SSTREAM *qss, size_t num_bytes)
@@ -410,3 +412,8 @@ void ossl_quic_sstream_adjust_iov(size_t len,
         running += iovlen;
     }
 }
+
+void ossl_quic_sstream_set_cleanse(QUIC_SSTREAM *qss, int cleanse)
+{
+    qss->cleanse = cleanse;
+}