QUIC APL: Introduce QUIC listener SSL object type (QLSO)

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from #23334)
openssl · Mar 9, 2024 · ac2f3e8 · ac2f3e8
1 parent 58857ed
commit ac2f3e8
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 11 deletions.
diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h
@@ -45,6 +45,7 @@ int ossl_quic_renegotiate_check(SSL *ssl, int initok);
 
 typedef struct quic_conn_st QUIC_CONNECTION;
 typedef struct quic_xso_st QUIC_XSO;
+typedef struct quic_listener_st QUIC_LISTENER;
 
 int ossl_quic_do_handshake(SSL *s);
 void ossl_quic_set_connect_state(SSL *s);

diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h
@@ -119,6 +119,10 @@ struct quic_xso_st {
     int                             last_error;
 };
 
+/*
+ * QUIC connection SSL object (QCSO) type. This implements the API personality
+ * layer for QCSO objects, wrapping the QUIC-native QUIC_CHANNEL object.
+ */
 struct quic_conn_st {
     /*
      * ssl_st is a common header for ordinary SSL objects, QUIC connection
@@ -245,6 +249,15 @@ struct quic_conn_st {
     int                             last_error;
 };
 
+/*
+ * QUIC listener SSL object (QLSO) type. This implements the API personality
+ * layer for QLSO objects, wrapping the QUIC-native QUIC_PORT object.
+ */
+struct quic_listener_st {
+    /* Common header for SSL objects. */
+    struct ssl_st                   ssl;
+};
+
 /* Internal calls to the QUIC CSM which come from various places. */
 int ossl_quic_conn_on_handshake_confirmed(QUIC_CONNECTION *qc);
 
@@ -292,14 +305,26 @@ int ossl_quic_trace(int write_p, int version, int content_type,
          ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \
          : NULL))
 
-#  define IS_QUIC(ssl) ((ssl) != NULL                                   \
-                        && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION     \
-                            || (ssl)->type == SSL_TYPE_QUIC_XSO))
+#  define QUIC_LISTENER_FROM_SSL_int(ssl, c)                            \
+    ((ssl) == NULL                                                      \
+     ? NULL                                                             \
+     : ((ssl)->type == SSL_TYPE_QUIC_LISTENER                           \
+        ? (c QUIC_LISTENER *)(ssl)                                      \
+        : NULL))
+
+#  define IS_QUIC_CS(ssl) ((ssl) != NULL                                \
+                           && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION  \
+                               || (ssl)->type == SSL_TYPE_QUIC_XSO))
+
+#  define IS_QUIC(ssl)                                                  \
+    ((ssl) != NULL && SSL_TYPE_IS_QUIC((ssl)->type))
 # else
 #  define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
 #  define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
+#  define QUIC_LISTENER_FROM_SSL_int(ssl, c) NULL
 #  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
 #  define IS_QUIC(ssl) 0
+#  define IS_QUIC_CS(ssl) 0
 #  define IS_QUIC_CTX(ctx) 0
 #  define IS_QUIC_METHOD(m) 0
 # endif
@@ -312,6 +337,10 @@ int ossl_quic_trace(int write_p, int version, int content_type,
     QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
 # define QUIC_XSO_FROM_CONST_SSL(ssl) \
     QUIC_XSO_FROM_SSL_int(ssl, const)
+# define QUIC_LISTENER_FROM_SSL(ssl) \
+    QUIC_LISTENER_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+# define QUIC_LISTENER_FROM_CONST_SSL(ssl) \
+    QUIC_LISTENER_FROM_SSL_int(ssl, const)
 # define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
     SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
 # define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
@@ -959,11 +959,7 @@ int SSL_is_tls(const SSL *s)
 
 int SSL_is_quic(const SSL *s)
 {
-#ifndef OPENSSL_NO_QUIC
-    if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
-        return 1;
-#endif
-    return 0;
+    return IS_QUIC(s);
 }
 
 int SSL_up_ref(SSL *s)

diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
@@ -1197,9 +1197,12 @@ struct ssl_ctx_st {
 
 typedef struct cert_pkey_st CERT_PKEY;
 
-#define SSL_TYPE_SSL_CONNECTION  0
-#define SSL_TYPE_QUIC_CONNECTION 1
-#define SSL_TYPE_QUIC_XSO        2
+#define SSL_TYPE_SSL_CONNECTION     0
+#define SSL_TYPE_QUIC_CONNECTION    0x80
+#define SSL_TYPE_QUIC_XSO           0x81
+#define SSL_TYPE_QUIC_LISTENER      0x82
+
+#define SSL_TYPE_IS_QUIC(x)         (((x) & 0x80) != 0)
 
 struct ssl_st {
     int type;