From bbc9754026e815429b55c92cf2a70e4ac59464cf Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 11 May 2023 13:49:51 +0200
Subject: quic_tserver: Add possibility to change the connection id

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20892)
---
 include/internal/quic_channel.h |  4 ++++
 include/internal/quic_tserver.h |  5 +++++
 ssl/quic/quic_channel.c         | 27 ++++++++++++++++++++++-----
 ssl/quic/quic_channel_local.h   |  2 +-
 4 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/include/internal/quic_channel.h b/include/internal/quic_channel.h
index d1a231fcc8..6dbf08665d 100644
--- a/include/internal/quic_channel.h
+++ b/include/internal/quic_channel.h
@@ -319,6 +319,10 @@ void ossl_quic_channel_set_incoming_stream_auto_reject(QUIC_CHANNEL *ch,
  */
 void ossl_quic_channel_reject_stream(QUIC_CHANNEL *ch, QUIC_STREAM *qs);
 
+/* Replace local connection ID in TXP and DEMUX for testing purposes. */
+int ossl_quic_channel_replace_local_cid(QUIC_CHANNEL *ch,
+                                        const QUIC_CONN_ID *conn_id);
+
 # endif
 
 #endif
diff --git a/include/internal/quic_tserver.h b/include/internal/quic_tserver.h
index a42bbaa684..744c34472e 100644
--- a/include/internal/quic_tserver.h
+++ b/include/internal/quic_tserver.h
@@ -145,6 +145,11 @@ int ossl_quic_tserver_stream_has_peer_reset_stream(QUIC_TSERVER *srv,
                                                    uint64_t stream_id,
                                                    uint64_t *app_error_code);
 
+/*
+ * Replaces existing local connection ID in the underlying QUIC_CHANNEL.
+ */
+int ossl_quic_tserver_set_new_local_cid(QUIC_TSERVER *srv,
+                                        const QUIC_CONN_ID *conn_id);
 # endif
 
 #endif
diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 4b378bf40a..6e0af86760 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -1194,7 +1194,7 @@ static int ch_generate_transport_params(QUIC_CHANNEL *ch)
             goto err;
 
         if (!ossl_quic_wire_encode_transport_param_cid(&wpkt, QUIC_TPARAM_INITIAL_SCID,
-                                                       &ch->cur_local_dcid))
+                                                       &ch->cur_local_cid))
             goto err;
     } else {
         /* Client always uses an empty SCID. */
@@ -2291,7 +2291,7 @@ static int ch_server_on_new_conn(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
 
     /* Generate a SCID we will use for the connection. */
     if (!gen_rand_conn_id(ch->libctx, INIT_DCID_LEN,
-                          &ch->cur_local_dcid))
+                          &ch->cur_local_cid))
         return 0;
 
     /* Note our newly learnt peer address and CIDs. */
@@ -2307,7 +2307,7 @@ static int ch_server_on_new_conn(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
     if (!ossl_quic_tx_packetiser_set_cur_dcid(ch->txp, &ch->cur_remote_dcid))
         return 0;
 
-    if (!ossl_quic_tx_packetiser_set_cur_scid(ch->txp, &ch->cur_local_dcid))
+    if (!ossl_quic_tx_packetiser_set_cur_scid(ch->txp, &ch->cur_local_cid))
         return 0;
 
     /* Plug in secrets for the Initial EL. */
@@ -2318,8 +2318,8 @@ static int ch_server_on_new_conn(QUIC_CHANNEL *ch, const BIO_ADDR *peer,
                                           ch->qrx, ch->qtx))
         return 0;
 
-    /* Register our local DCID in the DEMUX. */
-    if (!ossl_qrx_add_dst_conn_id(ch->qrx, &ch->cur_local_dcid))
+    /* Register our local CID in the DEMUX. */
+    if (!ossl_qrx_add_dst_conn_id(ch->qrx, &ch->cur_local_cid))
         return 0;
 
     /* Change state. */
@@ -2491,3 +2491,20 @@ void ossl_quic_channel_reject_stream(QUIC_CHANNEL *ch, QUIC_STREAM *qs)
 
     ossl_quic_stream_map_update_state(&ch->qsm, qs);
 }
+
+/* Replace local connection ID in TXP and DEMUX for testing purposes. */
+int ossl_quic_channel_replace_local_cid(QUIC_CHANNEL *ch,
+                                        const QUIC_CONN_ID *conn_id)
+{
+    /* Remove the current local CID from the DEMUX. */
+    if (!ossl_qrx_remove_dst_conn_id(ch->qrx, &ch->cur_local_cid))
+        return 0;
+    ch->cur_local_cid = *conn_id;
+    /* Set in the TXP, used only for long header packets. */
+    if (!ossl_quic_tx_packetiser_set_cur_scid(ch->txp, &ch->cur_local_cid))
+        return 0;
+    /* Register our new local CID in the DEMUX. */
+    if (!ossl_qrx_add_dst_conn_id(ch->qrx, &ch->cur_local_cid))
+        return 0;
+    return 1;
+}
diff --git a/ssl/quic/quic_channel_local.h b/ssl/quic/quic_channel_local.h
index 0eb47f3f13..99fbb1db68 100644
--- a/ssl/quic/quic_channel_local.h
+++ b/ssl/quic/quic_channel_local.h
@@ -127,7 +127,7 @@ struct quic_channel_st {
     uint64_t                        cur_remote_seq_num;
     uint64_t                        cur_retire_prior_to;
     /* Server only: The DCID we currently expect the peer to use to talk to us. */
-    QUIC_CONN_ID                    cur_local_dcid;
+    QUIC_CONN_ID                    cur_local_cid;
 
     /* Transport parameter values we send to our peer. */
     uint64_t                        tx_init_max_stream_data_bidi_local;
-- 
cgit v1.2.1