/* * Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ /* * NB: Changes to this file should also be reflected in * doc/man7/ossl-guide-quic-server-block.pod */ #include /* Include the appropriate header file for SOCK_STREAM */ #ifdef _WIN32 /* Windows */ # include # include #else /* Linux/Unix */ # include # include # include # include # include #endif #include #include #include #include #ifdef _WIN32 static const char *progname; static void vwarnx(const char *fmt, va_list ap) { if (progname != NULL) fprintf(stderr, "%s: ", progname); vfprintf(stderr, fmt, ap); putc('\n', stderr); } static void errx(int status, const char *fmt, ...) { va_list ap; va_start(ap, fmt); vwarnx(fmt, ap); va_end(ap); exit(status); } static void warnx(const char *fmt, ...) { va_list ap; va_start(ap, fmt); vwarnx(fmt, ap); va_end(ap); } #endif /* * ALPN strings for TLS handshake. Only 'http/1.0' and 'hq-interop' * are accepted. */ static const unsigned char alpn_ossltest[] = { 8, 'h', 't', 't', 'p', '/', '1', '.', '0', 10, 'h', 'q', '-', 'i', 'n', 't', 'e', 'r', 'o', 'p', }; /* * This callback validates and negotiates the desired ALPN on the server side. */ static int select_alpn(SSL *ssl, const unsigned char **out, unsigned char *out_len, const unsigned char *in, unsigned int in_len, void *arg) { if (SSL_select_next_proto((unsigned char **)out, out_len, alpn_ossltest, sizeof(alpn_ossltest), in, in_len) == OPENSSL_NPN_NEGOTIATED) return SSL_TLSEXT_ERR_OK; return SSL_TLSEXT_ERR_ALERT_FATAL; } /* Create SSL_CTX. */ static SSL_CTX *create_ctx(const char *cert_path, const char *key_path) { SSL_CTX *ctx; /* * An SSL_CTX holds shared configuration information for multiple * subsequent per-client connections. We specifically load a QUIC * server method here. */ ctx = SSL_CTX_new(OSSL_QUIC_server_method()); if (ctx == NULL) goto err; /* * Load the server's certificate *chain* file (PEM format), which includes * not only the leaf (end-entity) server certificate, but also any * intermediate issuer-CA certificates. The leaf certificate must be the * first certificate in the file. * * In advanced use-cases this can be called multiple times, once per public * key algorithm for which the server has a corresponding certificate. * However, the corresponding private key (see below) must be loaded first, * *before* moving on to the next chain file. * * The requisite files "chain.pem" and "pkey.pem" can be generated by running * "make chain" in this directory. If the server will be executed from some * other directory, move or copy the files there. */ if (SSL_CTX_use_certificate_chain_file(ctx, cert_path) <= 0) { fprintf(stderr, "couldn't load certificate file: %s\n", cert_path); goto err; } /* * Load the corresponding private key, this also checks that the private * key matches the just loaded end-entity certificate. It does not check * whether the certificate chain is valid, the certificates could be * expired, or may otherwise fail to form a chain that a client can validate. */ if (SSL_CTX_use_PrivateKey_file(ctx, key_path, SSL_FILETYPE_PEM) <= 0) { fprintf(stderr, "couldn't load key file: %s\n", key_path); goto err; } /* * Clients rarely employ certificate-based authentication, and so we don't * require "mutual" TLS authentication (indeed there's no way to know * whether or how the client authenticated the server, so the term "mutual" * is potentially misleading). * * Since we're not soliciting or processing client certificates, we don't * need to configure a trusted-certificate store, so no call to * SSL_CTX_set_default_verify_paths() is needed. The server's own * certificate chain is assumed valid. */ SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); /* Setup ALPN negotiation callback to decide which ALPN is accepted. */ SSL_CTX_set_alpn_select_cb(ctx, select_alpn, NULL); return ctx; err: SSL_CTX_free(ctx); return NULL; } /* Create UDP socket on the given port. */ static int create_socket(uint16_t port) { int fd; struct sockaddr_in sa = {0}; /* Retrieve the file descriptor for a new UDP socket */ if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) { fprintf(stderr, "cannot create socket"); goto err; } sa.sin_family = AF_INET; sa.sin_port = htons(port); /* Bind to the new UDP socket on localhost */ if (bind(fd, (const struct sockaddr *)&sa, sizeof(sa)) < 0) { fprintf(stderr, "cannot bind to %u\n", port); BIO_closesocket(fd); goto err; } return fd; err: BIO_closesocket(fd); return -1; } /* * Main loop for server to accept QUIC connections. * Echo every request back to the client. */ static int run_quic_server(SSL_CTX *ctx, int fd) { int ok = 0; SSL *listener, *conn; unsigned char buf[8192]; size_t nread; size_t nwritten; /* * Create a new QUIC listener. Listeners, and other QUIC objects, default * to operating in blocking mode. The configured behaviour is inherited by * child objects. */ if ((listener = SSL_new_listener(ctx, 0)) == NULL) goto err; /* Provide the listener with our UDP socket. */ if (!SSL_set_fd(listener, fd)) goto err; /* Begin listening. */ if (!SSL_listen(listener)) goto err; /* * Begin an infinite loop of listening for connections. We will only * exit this loop if we encounter an error. */ for (;;) { /* Pristine error stack for each new connection */ ERR_clear_error(); /* Block while waiting for a client connection */ printf("Waiting for connection\n"); conn = SSL_accept_connection(listener, 0); if (conn == NULL) { fprintf(stderr, "error while accepting connection\n"); goto err; } printf("Accepted new connection\n"); /* Echo client input */ while (SSL_read_ex(conn, buf, sizeof(buf), &nread) > 0) { if (SSL_write_ex(conn, buf, nread, &nwritten) > 0 && nwritten == nread) continue; fprintf(stderr, "Error echoing client input"); break; } /* Signal the end of the stream. */ if (SSL_stream_conclude(conn, 0) != 1) { fprintf(stderr, "Unable to conclude stream\n"); SSL_free(conn); goto err; } /* * Shut down the connection. We may need to call this multiple times * to ensure the connection is shutdown completely. */ while (SSL_shutdown(conn) != 1) continue; SSL_free(conn); } err: SSL_free(listener); return ok; } /* Minimal QUIC HTTP/1.0 server. */ int main(int argc, char *argv[]) { int res = EXIT_FAILURE; SSL_CTX *ctx = NULL; int fd; unsigned long port; #ifdef _WIN32 static const char *progname; progname = argv[0]; #endif if (argc != 4) errx(res, "usage: %s ", argv[0]); /* Create SSL_CTX that supports QUIC. */ if ((ctx = create_ctx(argv[2], argv[3])) == NULL) { ERR_print_errors_fp(stderr); errx(res, "Failed to create context"); } /* Parse port number from command line arguments. */ port = strtoul(argv[1], NULL, 0); if (port == 0 || port > UINT16_MAX) { SSL_CTX_free(ctx); errx(res, "Failed to parse port number"); } /* Create and bind a UDP socket. */ if ((fd = create_socket((uint16_t)port)) < 0) { SSL_CTX_free(ctx); ERR_print_errors_fp(stderr); errx(res, "Failed to create socket"); } /* QUIC server connection acceptance loop. */ if (!run_quic_server(ctx, fd)) { SSL_CTX_free(ctx); BIO_closesocket(fd); ERR_print_errors_fp(stderr); errx(res, "Error in QUIC server loop"); } /* Free resources. */ SSL_CTX_free(ctx); BIO_closesocket(fd); res = EXIT_SUCCESS; return res; }