From 020d0389396d0ee01041188a3d1b211a1d6b6c6a Mon Sep 17 00:00:00 2001
From: Hugo Landau <hlandau@openssl.org>
Date: Tue, 18 Apr 2023 19:30:54 +0100
Subject: QUIC DISPATCH/APL: Implement SSL_get0_connection

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20765)
---
 include/internal/quic_ssl.h |  1 +
 include/openssl/ssl.h.in    |  1 +
 ssl/quic/quic_impl.c        | 14 ++++++++++++++
 ssl/ssl_lib.c               | 12 ++++++++++++
 util/libssl.num             |  1 +
 5 files changed, 29 insertions(+)

diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h
index 97ee2c9218..86dca6bb30 100644
--- a/include/internal/quic_ssl.h
+++ b/include/internal/quic_ssl.h
@@ -66,6 +66,7 @@ BIO *ossl_quic_conn_get_net_wbio(const SSL *s);
 __owur int ossl_quic_conn_set_initial_peer_addr(SSL *s,
                                                 const BIO_ADDR *peer_addr);
 __owur SSL *ossl_quic_conn_stream_new(SSL *s, uint64_t flags);
+__owur SSL *ossl_quic_get0_connection(SSL *s);
 
 /*
  * Used to override ossl_time_now() for debug purposes. Must be called before
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
index 9593e6bfed..869a74ae85 100644
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -2266,6 +2266,7 @@ __owur int SSL_net_write_desired(SSL *s);
 __owur int SSL_set_blocking_mode(SSL *s, int blocking);
 __owur int SSL_get_blocking_mode(SSL *s);
 __owur int SSL_set_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr);
+__owur SSL *SSL_get0_connection(SSL *s);
 
 #define SSL_STREAM_FLAG_UNI     (1U << 0)
 __owur SSL *SSL_new_stream(SSL *s, uint64_t flags);
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 01b99c5461..3ed03b1c86 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -1821,6 +1821,20 @@ int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
     return ret;
 }
 
+/*
+ * SSL_get0_connection
+ * -------------------
+ */
+SSL *ossl_quic_get0_connection(SSL *s)
+{
+    QCTX ctx;
+
+    if (!expect_quic(s, &ctx))
+        return NULL;
+
+    return &ctx.qc->ssl;
+}
+
 /*
  * QUIC Front-End I/O API: SSL_CTX Management
  * ==========================================
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 56cbbac5f8..31905a23d4 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -7311,6 +7311,18 @@ SSL *SSL_new_stream(SSL *s, uint64_t flags)
 #endif
 }
 
+SSL *SSL_get0_connection(SSL *s)
+{
+#ifndef OPENSSL_NO_QUIC
+    if (!IS_QUIC(s))
+        return s;
+
+    return ossl_quic_get0_connection(s);
+#else
+    return s;
+#endif
+}
+
 int SSL_add_expected_rpk(SSL *s, EVP_PKEY *rpk)
 {
     unsigned char *data = NULL;
diff --git a/util/libssl.num b/util/libssl.num
index 6358356663..78a2676b4d 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -561,3 +561,4 @@ d2i_SSL_SESSION_ex                      ?	3_2_0	EXIST::FUNCTION:
 SSL_is_tls                              ?	3_2_0	EXIST::FUNCTION:
 SSL_is_quic                             ?	3_2_0	EXIST::FUNCTION:
 SSL_new_stream                          ?	3_2_0	EXIST::FUNCTION:
+SSL_get0_connection                     ?	3_2_0	EXIST::FUNCTION:
-- 
cgit v1.2.1