summaryrefslogtreecommitdiffstats
path: root/ssl/quic/quic_channel.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Ignore retry packets that arrive too lateMatt Caswell2023-10-191-0/+8
| | | | | | | | | | | | | | | | | | RFC 9000 s 17.2.5.2 says > After the client has received and processed an Initial or Retry packet > from the server, it MUST discard any subsequent Retry packets that it > receives. We were checking for multiple Retry packets, but not if we had already processed an Initial packet. Fixes the assertion failure noted in https://github.com/openssl/openssl/pull/22368#issuecomment-1765618884 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22411)
* QUIC CHANNEL: Add missing duplicate TPARAM handling casesHugo Landau2023-09-131-0/+14
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22039)
* Ensure QUIC-TLS errors raised during channel start are available to callerMatt Caswell2023-09-131-1/+12
| | | | | | | | | | TLS misconfiguration errors should be shown to the application to enable diagnosis of the problem. Otherwise you just get a generical "internal error" message. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22066)
* Copyright year updatesMatt Caswell2023-09-071-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* QUIC RXDP: Reuse allocations between ACK frame processingHugo Landau2023-09-011-0/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21917)
* QUIC CHANNEL: Introduce concept of (non-)addressed modeHugo Landau2023-09-011-1/+14
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
* QUIC CHANNEL: Cleanup poll descriptor managementHugo Landau2023-09-011-22/+38
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
* QUIC CHANNEL: Only handle the first protocol error raisedHugo Landau2023-09-011-0/+9
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21715)
* QUIC: Minimally handle version negotiation packetsHugo Landau2023-08-291-0/+56
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21764)
* QUIC APL: Implement backpressure on stream creationHugo Landau2023-08-251-5/+21
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21811)
* Keep sending datagrams while we have data to sendMatt Caswell2023-08-251-45/+50
| | | | | | | | | If we've got more data to send than will fit in a single datagram we should keep generating those datagrams until we've sent it all. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21798)
* ossl_quic_tx_packetiser_generate(): Always report if packets were sentTomas Mraz2023-08-231-8/+7
| | | | | | | | | Even in case of later failure we need to flush the previous packets. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
* QUIC: Miscellaneous error handling updatesTomas Mraz2023-08-231-11/+19
| | | | | | | | Raise errors when appropriate. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21700)
* QUIC: Update ping deadline when we receive a packetTomas Mraz2023-08-221-1/+3
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21713)
* QUIC: Do not discard the INITIAL el too earlyTomas Mraz2023-08-221-1/+1
| | | | | | | | | | | | RFC says that successful decryption of HANDSHAKE el packet triggers the discard on server side only. On client we discard INITIAL el when we successfully send a HANDSHAKE packet. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21713)
* quic: process stateless resetsPauli2023-08-161-4/+192
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21649)
* NewSessionTickets with an early_data extension must have a valid max valueMatt Caswell2023-08-151-1/+15
| | | | | | | | | The max_early_data value must be 0xffffffff if the extension is present in a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
* Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATIONMatt Caswell2023-08-151-2/+19
| | | | | | | | | | | | | An OpenSSL QUIC client does not send the post_handshake_auth extension. Therefore if a server sends a post-handsahke CertificateRequest then this would be treated as a TLS protocol violation with an "unexpected message" alert code. However RFC 9001 specifically requires us to treat this as QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message" alert code in this one instance. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21686)
* Minor fixesHugo Landau2023-08-101-0/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
* QUIC CHANNEL: Tune RXFC default parametersHugo Landau2023-08-101-4/+4
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
* QUIC APL/CHANNEL: Wire up connection closure reasonHugo Landau2023-08-101-4/+43
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
* QUIC TEST: Test NEW_CONN_ID framesHugo Landau2023-08-101-0/+5
| | | | | | | | Fixes https://github.com/openssl/project/issues/86 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
* QUIC TEST: Ensure PING causes ACK generationHugo Landau2023-08-101-0/+5
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
* Resolve some of the TODO(QUIC) itemsTomas Mraz2023-08-081-8/+8
| | | | | | | | | | For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH designation to indicate these do not need to be resolved in QUIC MVP release. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21539)
* QUIC TLS: Rethink error handlingHugo Landau2023-08-081-11/+13
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC CHANNEL: Improve error reportingHugo Landau2023-08-081-12/+59
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC CHANNEL: Apply flow control to CRYPTO streamsHugo Landau2023-08-081-1/+14
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC FC: Rename stream count mode to reflect actual functionHugo Landau2023-08-081-6/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC CHANNEL: Fix typoHugo Landau2023-08-081-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC QRX: Don't process 1-RTT packets until handshake is completeHugo Landau2023-08-081-0/+3
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC CHANNEL, TXP: Discard INITIAL EL correctlyHugo Landau2023-08-081-0/+7
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC TLS: Report TLS errors properly as QUIC protocol errorsHugo Landau2023-08-081-1/+8
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC CHANNEL: Send correct alert code if no TPARAMs receivedHugo Landau2023-08-081-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* QUIC CFQ: Unreliable transmission for PATH_RESPONSEHugo Landau2023-08-081-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
* quic compliance: 10.2.3 dropping instead of closingPauli2023-08-041-0/+12
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21429)
* quic conformance: 10.2.1 rate limitingPauli2023-08-041-2/+12
| | | | | | | | | Implement the two requirements about limiting closing transmission size to no more than thrice the received size. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21429)
* quic conformance: section 10.2.2 requirementsPauli2023-08-041-13/+40
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21429)
* quic conformance: section 10.2.1 requirementsPauli2023-08-041-0/+24
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21429)
* Add note about RFC 9000 10.2 persist timePauli2023-08-041-0/+5
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21429)
* document RRFC9000 10.1 MUST requirementPauli2023-08-041-3/+14
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21429)
* QUIC CHANNEL: Allow ticking to be inhibited for testing purposesHugo Landau2023-07-311-41/+53
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21484)
* Fix build when configured with -DOPENSSL_USE_IPV6=0Tom Cosgrove2023-07-211-2/+8
| | | | | | | | | Change-Id: I57723835b0a7d20609d8c4ed2988123f975a927d Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21495)
* QUIC TXP: Refactor TXP-related deadline handling into TXPHugo Landau2023-07-211-8/+4
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21458)
* QUIC CHANNEL: Initialise max_ack_delay values properlyHugo Landau2023-07-191-0/+20
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21349)
* Raise SSL_R_QUIC_PROTOCOL_ERROR on any QUIC protocol errorTomas Mraz2023-07-181-3/+7
| | | | | | | | | | | QUIC error code, frame type and reason is in error data Fixes #21337 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21476)
* QUIC: Fix multistream test on macOSHugo Landau2023-07-171-0/+9
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
* Minor updatesHugo Landau2023-07-171-4/+4
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
* QUIC CONFORMANCE: Stop handling frames after terminationHugo Landau2023-07-171-0/+4
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
* QUIC Conformance: Frame Handling TestsHugo Landau2023-07-171-1/+0
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
* QUIC CONFORMANCE: RFC 9000 s. 9.6Hugo Landau2023-07-171-1/+40
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21135)
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 12:14:29 +0100