From d22f28c49e0569d9549e8fcf76a502fc2c7ee281 Mon Sep 17 00:00:00 2001 From: Todd Short Date: Wed, 25 Aug 2021 10:23:02 -0400 Subject: QUIC: Fix no-quic builds Fix extension list Use SSL_IS_QUIC() Do a trivial change to make code closer to upstreaam (i.e. slightly better diff). --- Configure | 2 +- ssl/statem/extensions.c | 1 + ssl/statem/extensions_clnt.c | 2 +- ssl/statem/extensions_srvr.c | 4 ++-- ssl/statem/statem_clnt.c | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) diff --git a/Configure b/Configure index 9686800df1..1a2fd644d2 100755 --- a/Configure +++ b/Configure @@ -486,7 +486,7 @@ my @disable_cascades = ( "ssl3-method" => [ "ssl3" ], "zlib" => [ "zlib-dynamic" ], "des" => [ "mdc2" ], - "ec" => [ "ecdsa", "ecdh" ], + "ec" => [ "ecdsa", "ecdh", "quic" ], "dgram" => [ "dtls", "sctp" ], "sock" => [ "dgram" ], diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 3a6702cd6a..cc9233b772 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -403,6 +403,7 @@ static const EXTENSION_DEFINITION ext_defs[] = { }, #else INVALID_EXTENSION, + INVALID_EXTENSION, #endif { /* Must be immediately before pre_shared_key */ diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 28d74aae48..8f485b46dc 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1985,7 +1985,7 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context, * QUIC server must send 0xFFFFFFFF or it's a PROTOCOL_VIOLATION * per draft-ietf-quic-tls-27 S4.5 */ - if (s->quic_method != NULL && max_early_data != 0xFFFFFFFF) { + if (SSL_IS_QUIC(s) && max_early_data != 0xFFFFFFFF) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_EARLY_DATA, SSL_R_INVALID_MAX_EARLY_DATA); return 0; diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 6a4fcdb4f0..52800902e7 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1971,12 +1971,12 @@ EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt, if (context == SSL_EXT_TLS1_3_NEW_SESSION_TICKET) { uint32_t max_early_data = s->max_early_data; - if (max_early_data == 0) + if (s->max_early_data == 0) return EXT_RETURN_NOT_SENT; #ifndef OPENSSL_NO_QUIC /* QUIC server must always send 0xFFFFFFFF, per draft-ietf-quic-tls-27 S4.5 */ - if (s->quic_method != NULL) + if (SSL_IS_QUIC(s)) max_early_data = 0xFFFFFFFF; #endif diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 335d5c4afe..c8b9097180 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -911,7 +911,7 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt, case TLS_ST_CW_END_OF_EARLY_DATA: #ifndef OPENSSL_NO_QUIC /* QUIC does not send EndOfEarlyData, draft-ietf-quic-tls-24 S8.3 */ - if (s->quic_method != NULL) { + if (SSL_IS_QUIC(s)) { *confunc = NULL; *mt = SSL3_MT_DUMMY; break; -- 2.35.3