Commit cfbd214c8c for openssl.org
commit cfbd214c8cad98e9296be3bb33655bc666778c87
Author: Neil Horman <nhorman@openssl.org>
Date: Mon Nov 3 12:43:22 2025 -0500
Drop use of get_using_peeloff for quic connections
folow the using_peeloff get/set routines to just a set routine that
fails if the set is for a mode that doesn't match the current mode
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27397)
diff --git a/include/internal/quic_port.h b/include/internal/quic_port.h
index bf8edda1ae..bf451a6108 100644
--- a/include/internal/quic_port.h
+++ b/include/internal/quic_port.h
@@ -159,10 +159,14 @@ size_t ossl_quic_port_get_num_incoming_channels(const QUIC_PORT *port);
/* Sets if incoming connections should currently be allowed. */
void ossl_quic_port_set_allow_incoming(QUIC_PORT *port, int allow_incoming);
-/* Sets flag to indicate we are using SSL_listen_ex to get connections */
-void ossl_quic_port_set_using_peeloff(QUIC_PORT *port, int using_peeloff);
-
-int ossl_quic_port_get_using_peeloff(QUIC_PORT *port);
+#define PEELOFF_LISTEN -1
+#define PEELOFF_ACCEPT 1
+#define PEELOFF_UNSET 0
+/*
+ * Sets flag to indicate we are using SSL_listen_ex to get connections
+ * returns 1 if set was successful, or 0 if the set fails
+ */
+int ossl_quic_port_set_using_peeloff(QUIC_PORT *port, int using_peeloff);
/* Returns 1 if we are using addressed mode on the read side. */
int ossl_quic_port_is_addressed_r(const QUIC_PORT *port);
diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 2e3d1b0bb1..ab5334d2f2 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -565,6 +565,15 @@ void ossl_quic_channel_set0_tls(QUIC_CHANNEL *ch, SSL *ssl)
{
SSL_free(ch->tls);
ch->tls = ssl;
+#ifndef OPENSSL_NO_QLOG
+ /*
+ * If we're using qlog, make sure the tls get further configured properly
+ */
+ ch->use_qlog = 1;
+ if (ch->tls->ctx->qlog_title != NULL)
+ ch->qlog_title = OPENSSL_strdup(ch->tls->ctx->qlog_title);
+#endif
+
}
static void free_buf_mem(unsigned char *buf, size_t buf_len, void *arg)
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 84eac8cd77..df96011d6e 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4651,14 +4651,14 @@ int ossl_quic_peeloff_conn(SSL *listener, SSL *new_conn)
return -1;
qctx_lock_for_io(&lctx);
- if (ossl_quic_port_get_using_peeloff(lctx.ql->port) == -1) {
+
+ if (!ossl_quic_port_set_using_peeloff(lctx.ql->port, PEELOFF_LISTEN)) {
QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
"This listener is using SSL_accept_connection");
ret = -1;
goto out;
}
-
- ossl_quic_port_set_using_peeloff(lctx.ql->port, 1);
+
new_ch = ossl_quic_port_pop_incoming(lctx.ql->port);
if (new_ch != NULL) {
qc = cctx.qc;
@@ -4734,14 +4734,13 @@ SSL *ossl_quic_accept_connection(SSL *ssl, uint64_t flags)
if (!ql_listen(ctx.ql))
goto out;
- if (ossl_quic_port_get_using_peeloff(ctx.ql->port) == 1) {
+ if (!ossl_quic_port_set_using_peeloff(ctx.ql->port, PEELOFF_ACCEPT)) {
QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
- "This listener is using SSL_accept_ex");
+ "This listener is using SSL_listen_ex");
goto out;
+
}
- ossl_quic_port_set_using_peeloff(ctx.ql->port, -1);
-
/* Wait for an incoming connection if needed. */
new_ch = ossl_quic_port_pop_incoming(ctx.ql->port);
if (new_ch == NULL && ossl_quic_port_is_running(ctx.ql->port)) {
diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index 326a0ab098..57cee32257 100644
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -536,15 +536,14 @@ static QUIC_CHANNEL *port_make_channel(QUIC_PORT *port, SSL *tls, OSSL_QRX *qrx,
if (tls != NULL) {
ch->tls = tls;
} else {
- if (ossl_quic_port_get_using_peeloff(port) <= 0) {
- ossl_quic_port_set_using_peeloff(port, -1);
+ if (ossl_quic_port_set_using_peeloff(port, PEELOFF_ACCEPT)) {
/*
* We're using the normal SSL_accept_connection_path
*/
ch->tls = port_new_handshake_layer(port, ch);
} else {
/*
- * We're deferring user ssl creation until SSL_accept_ex is called
+ * We're deferring user ssl creation until SSL_listen_ex is called
*/
ch->tls = NULL;
}
@@ -554,7 +553,7 @@ static QUIC_CHANNEL *port_make_channel(QUIC_PORT *port, SSL *tls, OSSL_QRX *qrx,
* If we're using qlog, make sure the tls get further configured properly
*/
ch->use_qlog = 1;
- if (ch->tls && ch->tls->ctx->qlog_title != NULL) {
+ if (ch->tls != NULL && ch->tls->ctx->qlog_title != NULL) {
if ((ch->qlog_title = OPENSSL_strdup(ch->tls->ctx->qlog_title)) == NULL) {
OPENSSL_free(ch);
return NULL;
@@ -654,14 +653,25 @@ void ossl_quic_port_set_allow_incoming(QUIC_PORT *port, int allow_incoming)
port->allow_incoming = allow_incoming;
}
-void ossl_quic_port_set_using_peeloff(QUIC_PORT *port, int using_peeloff)
+int ossl_quic_port_set_using_peeloff(QUIC_PORT *port, int using_peeloff)
{
- port->using_peeloff = using_peeloff;
-}
-int ossl_quic_port_get_using_peeloff(QUIC_PORT *port)
-{
- return port->using_peeloff;
+ /*
+ * Peeloff state must be one of PEELOFF_LISTEN or PEELOFF_ACCEPT
+ */
+ if (using_peeloff != PEELOFF_LISTEN && using_peeloff != PEELOFF_ACCEPT)
+ return 0;
+
+ /*
+ * We can only set the peeloff state if its not already been set
+ * or if we're setting it to the already set value
+ * i.e. this is a trapdoor, once we set using_peeloff to LISTEN or ACCEPT
+ * Then the only thing we can set that port too in the future is the same value.
+ */
+ if (port->using_peeloff != using_peeloff && port->using_peeloff != PEELOFF_UNSET)
+ return 0;
+ port->using_peeloff = using_peeloff;
+ return 1;
}
/*
diff --git a/ssl/quic/quic_port_local.h b/ssl/quic/quic_port_local.h
index 39a9094e2c..1fdb0f62a4 100644
--- a/ssl/quic/quic_port_local.h
+++ b/ssl/quic/quic_port_local.h
@@ -115,7 +115,7 @@ struct quic_port_st {
unsigned int bio_changed : 1;
/* Are we using SSL_listen_ex to peeloff connections */
- unsigned int using_peeloff;
+ int using_peeloff;
/* AES-256 GCM context for token encryption */
EVP_CIPHER_CTX *token_ctx;