quic_local.h@ 108403

最後變更在這個檔案從108403是 108206,由 vboxsync 提交於 5 週前
openssl-3.3.2: Exported all files to OSE and removed .scm-settings bugref:10757
屬性 svn:eol-style 設為 `native` 屬性 svn:keywords 設為 `Author Date Id Revision`
檔案大小: 13.6 KB

行
1	/*
2	* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#ifndef OSSL_QUIC_LOCAL_H
11	# define OSSL_QUIC_LOCAL_H
12
13	# include <openssl/ssl.h>
14	# include "internal/quic_ssl.h" /* QUIC_CONNECTION */
15	# include "internal/quic_txp.h"
16	# include "internal/quic_statm.h"
17	# include "internal/quic_demux.h"
18	# include "internal/quic_record_rx.h"
19	# include "internal/quic_tls.h"
20	# include "internal/quic_fc.h"
21	# include "internal/quic_stream.h"
22	# include "internal/quic_channel.h"
23	# include "internal/quic_reactor.h"
24	# include "internal/quic_thread_assist.h"
25	# include "../ssl_local.h"
26
27	# ifndef OPENSSL_NO_QUIC
28
29	/*
30	* QUIC stream SSL object (QSSO) type. This implements the API personality layer
31	* for QSSO objects, wrapping the QUIC-native QUIC_STREAM object and tracking
32	* state required by the libssl API personality.
33	*/
34	struct quic_xso_st {
35	/* SSL object common header. */
36	struct ssl_st ssl;
37
38	/* The connection this stream is associated with. Always non-NULL. */
39	QUIC_CONNECTION *conn;
40
41	/* The stream object. Always non-NULL for as long as the XSO exists. */
42	QUIC_STREAM *stream;
43
44	/*
45	* Has this stream been logically configured into blocking mode? Only
46	* meaningful if desires_blocking_set is 1. Ignored if blocking is not
47	* currently possible given QUIC_CONNECTION configuration.
48	*/
49	unsigned int desires_blocking : 1;
50
51	/*
52	* Has SSL_set_blocking_mode been called on this stream? If not set, we
53	* inherit from the QUIC_CONNECTION blocking state.
54	*/
55	unsigned int desires_blocking_set : 1;
56
57	/* The application has retired a FIN (i.e. SSL_ERROR_ZERO_RETURN). */
58	unsigned int retired_fin : 1;
59
60	/*
61	* The application has requested a reset. Not set for reflexive
62	* STREAM_RESETs caused by peer STOP_SENDING.
63	*/
64	unsigned int requested_reset : 1;
65
66	/*
67	* This state tracks SSL_write all-or-nothing (AON) write semantics
68	* emulation.
69	*
70	* Example chronology:
71	*
72	* t=0: aon_write_in_progress=0
73	* t=1: SSL_write(ssl, b1, l1) called;
74	* too big to enqueue into sstream at once, SSL_ERROR_WANT_WRITE;
75	* aon_write_in_progress=1; aon_buf_base=b1; aon_buf_len=l1;
76	* aon_buf_pos < l1 (depends on how much room was in sstream);
77	* t=2: SSL_write(ssl, b2, l2);
78	* b2 must equal b1 (validated unless ACCEPT_MOVING_WRITE_BUFFER)
79	* l2 must equal l1 (always validated)
80	* append into sstream from [b2 + aon_buf_pos, b2 + aon_buf_len)
81	* if done, aon_write_in_progress=0
82	*
83	*/
84	/* Is an AON write in progress? */
85	unsigned int aon_write_in_progress : 1;
86
87	/* Event handling mode. One of SSL_QUIC_VALUE_EVENT_HANDLING. */
88	unsigned int event_handling_mode : 2;
89
90	/*
91	* The base buffer pointer the caller passed us for the initial AON write
92	* call. We use this for validation purposes unless
93	* ACCEPT_MOVING_WRITE_BUFFER is enabled.
94	*
95	* NOTE: We never dereference this, as the caller might pass a different
96	* (but identical) buffer if using ACCEPT_MOVING_WRITE_BUFFER. It is for
97	* validation by pointer comparison only.
98	*/
99	const unsigned char *aon_buf_base;
100	/* The total length of the AON buffer being sent, in bytes. */
101	size_t aon_buf_len;
102	/*
103	* The position in the AON buffer up to which we have successfully sent data
104	* so far.
105	*/
106	size_t aon_buf_pos;
107
108	/* SSL_set_mode */
109	uint32_t ssl_mode;
110
111	/* SSL_set_options */
112	uint64_t ssl_options;
113
114	/*
115	* Last 'normal' error during an app-level I/O operation, used by
116	* SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
117	* and SSL_ERROR_WANT_WRITE.
118	*/
119	int last_error;
120	};
121
122	struct quic_conn_st {
123	/*
124	* ssl_st is a common header for ordinary SSL objects, QUIC connection
125	* objects and QUIC stream objects, allowing objects of these different
126	* types to be disambiguated at runtime and providing some common fields.
127	*
128	* Note: This must come first in the QUIC_CONNECTION structure.
129	*/
130	struct ssl_st ssl;
131
132	SSL *tls;
133
134	/* The QUIC engine representing the QUIC event domain. */
135	QUIC_ENGINE *engine;
136
137	/* The QUIC port representing the QUIC listener and socket. */
138	QUIC_PORT *port;
139
140	/*
141	* The QUIC channel providing the core QUIC connection implementation. Note
142	* that this is not instantiated until we actually start trying to do the
143	* handshake. This is to allow us to gather information like whether we are
144	* going to be in client or server mode before committing to instantiating
145	* the channel, since we want to determine the channel arguments based on
146	* that.
147	*
148	* The channel remains available after connection termination until the SSL
149	* object is freed, thus (ch != NULL) iff (started == 1).
150	*/
151	QUIC_CHANNEL *ch;
152
153	/*
154	* The mutex used to synchronise access to the QUIC_CHANNEL. We own this but
155	* provide it to the channel.
156	*/
157	CRYPTO_MUTEX *mutex;
158
159	/*
160	* If we have a default stream attached, this is the internal XSO
161	* object. If there is no default stream, this is NULL.
162	*/
163	QUIC_XSO *default_xso;
164
165	/* The network read and write BIOs. */
166	BIO net_rbio, net_wbio;
167
168	/* Initial peer L4 address. */
169	BIO_ADDR init_peer_addr;
170
171	# ifndef OPENSSL_NO_QUIC_THREAD_ASSIST
172	/* Manages thread for QUIC thread assisted mode. */
173	QUIC_THREAD_ASSIST thread_assist;
174	# endif
175
176	/* If non-NULL, used instead of ossl_time_now(). Used for testing. */
177	OSSL_TIME (override_now_cb)(void arg);
178	void *override_now_cb_arg;
179
180	/* Number of XSOs allocated. Includes the default XSO, if any. */
181	size_t num_xso;
182
183	/* Have we started? */
184	unsigned int started : 1;
185
186	/*
187	* This is 1 if we were instantiated using a QUIC server method
188	* (for future use).
189	*/
190	unsigned int as_server : 1;
191
192	/*
193	* Has the application called SSL_set_accept_state? We require this to be
194	* congruent with the value of as_server.
195	*/
196	unsigned int as_server_state : 1;
197
198	/* Are we using thread assisted mode? Never changes after init. */
199	unsigned int is_thread_assisted : 1;
200
201	/* Do connection-level operations (e.g. handshakes) run in blocking mode? */
202	unsigned int blocking : 1;
203
204	/* Does the application want blocking mode? */
205	unsigned int desires_blocking : 1;
206
207	/* Have we created a default XSO yet? */
208	unsigned int default_xso_created : 1;
209
210	/*
211	* Pre-TERMINATING shutdown phase in which we are flushing streams.
212	* Monotonically transitions to 1.
213	* New streams cannot be created in this state.
214	*/
215	unsigned int shutting_down : 1;
216
217	/* Have we probed the BIOs for addressing support? */
218	unsigned int addressing_probe_done : 1;
219
220	/* Are we using addressed mode (BIO_sendmmsg with non-NULL peer)? */
221	unsigned int addressed_mode_w : 1;
222	unsigned int addressed_mode_r : 1;
223
224	/* Event handling mode. One of SSL_QUIC_VALUE_EVENT_HANDLING. */
225	unsigned int event_handling_mode : 2;
226
227	/* Default stream type. Defaults to SSL_DEFAULT_STREAM_MODE_AUTO_BIDI. */
228	uint32_t default_stream_mode;
229
230	/* SSL_set_mode. This is not used directly but inherited by new XSOs. */
231	uint32_t default_ssl_mode;
232
233	/* SSL_set_options. This is not used directly but inherited by new XSOs. */
234	uint64_t default_ssl_options;
235
236	/* SSL_set_incoming_stream_policy. */
237	int incoming_stream_policy;
238	uint64_t incoming_stream_aec;
239
240	/*
241	* Last 'normal' error during an app-level I/O operation, used by
242	* SSL_get_error(); used to track data-path errors like SSL_ERROR_WANT_READ
243	* and SSL_ERROR_WANT_WRITE.
244	*/
245	int last_error;
246	};
247
248	/* Internal calls to the QUIC CSM which come from various places. */
249	int ossl_quic_conn_on_handshake_confirmed(QUIC_CONNECTION *qc);
250
251	/*
252	* To be called when a protocol violation occurs. The connection is torn down
253	* with the given error code, which should be a OSSL_QUIC_ERR_* value. Reason
254	* string is optional and copied if provided. frame_type should be 0 if not
255	* applicable.
256	*/
257	void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION *qc,
258	uint64_t error_code,
259	uint64_t frame_type,
260	const char *reason);
261
262	void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc,
263	OSSL_QUIC_FRAME_CONN_CLOSE *f);
264
265	int ossl_quic_trace(int write_p, int version, int content_type,
266	const void buf, size_t msglen, SSL ssl, void *arg);
267
268	# define OSSL_QUIC_ANY_VERSION 0xFFFFF
269	# define IS_QUIC_METHOD(m) \
270	((m) == OSSL_QUIC_client_method() \|\| \
271	(m) == OSSL_QUIC_client_thread_method())
272	# define IS_QUIC_CTX(ctx) IS_QUIC_METHOD((ctx)->method)
273
274	# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \
275	((ssl) == NULL ? NULL \
276	: ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
277	? (c QUIC_CONNECTION *)(ssl) \
278	: NULL))
279
280	# define QUIC_XSO_FROM_SSL_int(ssl, c) \
281	((ssl) == NULL \
282	? NULL \
283	: (((ssl)->type == SSL_TYPE_QUIC_XSO \
284	? (c QUIC_XSO *)(ssl) \
285	: ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
286	? (c QUIC_XSO )((QUIC_CONNECTION )(ssl))->default_xso \
287	: NULL))))
288
289	# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) \
290	((ssl) == NULL ? NULL \
291	: ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
292	? (c SSL_CONNECTION )((c QUIC_CONNECTION )(ssl))->tls \
293	: NULL))
294
295	# define IS_QUIC(ssl) ((ssl) != NULL \
296	&& ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
297	\|\| (ssl)->type == SSL_TYPE_QUIC_XSO))
298	# else
299	# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
300	# define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
301	# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
302	# define IS_QUIC(ssl) 0
303	# define IS_QUIC_CTX(ctx) 0
304	# define IS_QUIC_METHOD(m) 0
305	# endif
306
307	# define QUIC_CONNECTION_FROM_SSL(ssl) \
308	QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
309	# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \
310	QUIC_CONNECTION_FROM_SSL_int(ssl, const)
311	# define QUIC_XSO_FROM_SSL(ssl) \
312	QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
313	# define QUIC_XSO_FROM_CONST_SSL(ssl) \
314	QUIC_XSO_FROM_SSL_int(ssl, const)
315	# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
316	SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
317	# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
318	SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const)
319
320	# define IMPLEMENT_quic_meth_func(version, func_name, q_accept, \
321	q_connect, enc_data) \
322	const SSL_METHOD *func_name(void) \
323	{ \
324	static const SSL_METHOD func_name##_data= { \
325	version, \
326	0, \
327	0, \
328	ossl_quic_new, \
329	ossl_quic_free, \
330	ossl_quic_reset, \
331	ossl_quic_init, \
332	NULL /* clear */, \
333	ossl_quic_deinit, \
334	q_accept, \
335	q_connect, \
336	ossl_quic_read, \
337	ossl_quic_peek, \
338	ossl_quic_write, \
339	NULL /* shutdown */, \
340	NULL /* renegotiate */, \
341	ossl_quic_renegotiate_check, \
342	NULL /* read_bytes */, \
343	NULL /* write_bytes */, \
344	NULL /* dispatch_alert */, \
345	ossl_quic_ctrl, \
346	ossl_quic_ctx_ctrl, \
347	ossl_quic_get_cipher_by_char, \
348	NULL /* put_cipher_by_char */, \
349	ossl_quic_pending, \
350	ossl_quic_num_ciphers, \
351	ossl_quic_get_cipher, \
352	tls1_default_timeout, \
353	&enc_data, \
354	ssl_undefined_void_function, \
355	ossl_quic_callback_ctrl, \
356	ossl_quic_ctx_callback_ctrl, \
357	}; \
358	return &func_name##_data; \
359	}
360
361	#endif

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.3.2/ssl/quic/quic_local.h@ 108403

以其他格式下載: