QUIC: disable upstream quic and declare our support for transport

quictls · May 8, 2024 · d84337d · d84337d
1 parent 4988719
commit d84337d
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 4 deletions.
diff --git a/Configure b/Configure
@@ -580,6 +580,7 @@ our %disabled = ( # "what"         => "comment"
                   "ktls"                => "default",
                   "md2"                 => "default",
                   "msan"                => "default",
+		  "quic"                => "default",
                   "rc5"                 => "default",
                   "sctp"                => "default",
                   "ssl3"                => "default",
@@ -614,7 +615,7 @@ my @disable_cascades = (
                              "srtp", "ssl3-method", "ssl-trace",
                              "tfo",
                              "ts", "ui-console", "whirlpool",
-                             "quic-boring-api",
+                             "boring-quic-api",
                              "fips-securitychecks" ],
     sub { $config{processor} eq "386" }
                         => [ "sse2" ],
@@ -624,7 +625,7 @@ my @disable_cascades = (
     "brotli"            => [ "brotli-dynamic" ],
     "zstd"              => [ "zstd-dynamic" ],
     "des"               => [ "mdc2" ],
-    "ec"                => [ "ec2m", "ecdsa", "ecdh", "sm2", "gost", "quic-boring-api" ],
+    "ec"                => [ "ec2m", "ecdsa", "ecdh", "sm2", "gost", "boring-quic-api" ],
     "dgram"             => [ "dtls", "quic", "sctp" ],
     "sock"              => [ "dgram", "tfo"],
     "dtls"              => [ @dtls ],
@@ -634,7 +635,7 @@ my @disable_cascades = (
     "tls"               => [ @tls ],
     sub { 0 == scalar grep { !$disabled{$_} } @tls }
                         => [ "tls" ],
-    "tls1_3"            => [ "quic" ],
+    "tls1_3"            => [ "quic" , "boring-quic-api"],
     "quic"              => [ "unstable-qlog" ],
 
     "crypto-mdebug"     => [ "crypto-mdebug-backtrace" ],
@@ -677,7 +678,7 @@ my @disable_cascades = (
     "legacy"            => [ "md2" ],
 
     "cmp"               => [ "crmf" ],
-    "tls1_3"            => [ "quic-boring-api" ],
+    "tls1_3"            => [ "boring-quic-api" ],
 
     "fips"              => [ "fips-securitychecks", "acvp-tests" ],
 
@@ -1217,6 +1218,11 @@ if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFLAGS}} : ())
         "***** any of asan, msan or ubsan\n";
 }
 
+if (!($disabled{quic} || $disabled{"boring-quic-api"})) {
+    die "**** boring-quic-api and quic are incompatible options.\n",
+	"**** If you want to turn on quic explicitly disable boring-quic-api.\n";
+}
+
 # If no target was given, try guessing.
 unless ($target) {
     my %system_config = OpenSSL::config::get_platform(%guess_opts, %user);

diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c
@@ -532,6 +532,10 @@ int SSL_extension_supported(unsigned int ext_type)
 #endif
 #ifndef OPENSSL_NO_SRTP
     case TLSEXT_TYPE_use_srtp:
+#endif
+#ifndef OPENSSL_BORING_QUIC_API
+    case TLSEXT_TYPE_quic_transport_parameters_draft:
+    case TLSEXT_TYPE_quic_transport_parameters:
 #endif
     case TLSEXT_TYPE_encrypt_then_mac:
     case TLSEXT_TYPE_supported_versions: