QUIC: Implement SSL_rstate_string(_long)

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #20061)
openssl · Jul 4, 2023 · 9ea0e72 · 9ea0e72
1 parent 7163617
commit 9ea0e72
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 0 deletions.
diff --git a/doc/man3/SSL_rstate_string.pod b/doc/man3/SSL_rstate_string.pod
@@ -48,6 +48,8 @@ The read state is unknown. This should never happen.
 
 =back
 
+When used with QUIC SSL objects, these functions always return "unknown".
+
 =head1 SEE ALSO
 
 L<ssl(7)>

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
@@ -170,8 +170,16 @@ void SSL_set_default_read_buffer_len(SSL *s, size_t len)
 const char *SSL_rstate_string_long(const SSL *s)
 {
     const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+    const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
+#endif
     const char *lng;
 
+#ifndef OPENSSL_NO_QUIC
+    if (qc != NULL)
+        return "unknown";
+#endif
+
     if (sc == NULL)
         return NULL;
 
@@ -186,8 +194,16 @@ const char *SSL_rstate_string_long(const SSL *s)
 const char *SSL_rstate_string(const SSL *s)
 {
     const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+    const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
+#endif
     const char *shrt;
 
+#ifndef OPENSSL_NO_QUIC
+    if (qc != NULL)
+        return "unknown";
+#endif
+
     if (sc == NULL)
         return NULL;
 

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
@@ -6974,6 +6974,12 @@ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
 void SSL_set_post_handshake_auth(SSL *ssl, int val)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl);
+#ifndef OPENSSL_NO_QUIC
+    QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+    if (qc != NULL)
+        return;
+#endif
 
     if (sc == NULL)
         return;
@@ -6984,6 +6990,14 @@ void SSL_set_post_handshake_auth(SSL *ssl, int val)
 int SSL_verify_client_post_handshake(SSL *ssl)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl);
+#ifndef OPENSSL_NO_QUIC
+    QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+    if (qc != NULL) {
+        ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION);
+        return 0;
+    }
+#endif
 
     if (sc == NULL)
         return 0;