SSL_SET_INCOMING_STREAM_POLICY(3ossl) OpenSSL
NAME
SSL_set_incoming_stream_policy, SSL_INCOMING_STREAM_POLICY_AUTO,
SSL_INCOMING_STREAM_POLICY_ACCEPT, SSL_INCOMING_STREAM_POLICY_REJECT -
manage the QUIC incoming stream policy
SYNOPSIS
#include <openssl/ssl.h>
#define SSL_INCOMING_STREAM_POLICY_AUTO
#define SSL_INCOMING_STREAM_POLICY_ACCEPT
#define SSL_INCOMING_STREAM_POLICY_REJECT
int SSL_set_incoming_stream_policy(SSL *conn, int policy,
uint64_t app_error_code);
DESCRIPTION
SSL_set_incoming_stream_policy(3) policy changes the incoming stream
policy for a QUIC connection. Depending on the policy configured,
OpenSSL QUIC may automatically reject incoming streams initiated by the
peer. This is intended to ensure that legacy applications using
single-stream operation with a default stream on a QUIC connection SSL
object are not passed remotely-initiated streams by a peer which those
applications are not prepared to handle.
app_error_code is an application error code which will be used in any
QUIC STOP_SENDING or RESET_STREAM frames generated to implement the
policy. The default application error code is 0.
The valid values for policy are:
SSL_INCOMING_STREAM_POLICY_AUTO
This is the default setting. Incoming streams are accepted
according to the following rules:
o If the default stream mode (configured using
SSL_set_default_stream_mode(3)) is set to
SSL_DEFAULT_STREAM_MODE_AUTO_BIDI (the default) or
SSL_DEFAULT_STREAM_MODE_AUTO_UNI, the incoming stream is
rejected.
o Otherwise (where the default stream mode is
SSL_DEFAULT_STREAM_MODE_NONE), the application is assumed to be
stream aware, and the incoming stream is accepted.
SSL_INCOMING_STREAM_POLICY_ACCEPT
Always accept incoming streams, allowing them to be dequeued using
SSL_accept_stream(3).
SSL_INCOMING_STREAM_POLICY_REJECT
Always reject incoming streams.
Where an incoming stream is rejected, it is rejected immediately and it
is not possible to gain access to the stream using
SSL_accept_stream(3). The stream is rejected using QUIC STOP_SENDING
and RESET_STREAM frames as appropriate.
RETURN VALUES
Returns 1 on success and 0 on failure.
This function fails if called on a QUIC stream SSL object, or on a
non-QUIC SSL object.
SEE ALSO
SSL_set_default_stream_mode(3), SSL_accept_stream(3)
HISTORY
SSL_set_incoming_stream_policy(3) was added in OpenSSL 3.2.
COPYRIGHT
Copyright 2002-2023 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.
3.3.2 2024-09-04
SSL_SET_INCOMING_STREAM_POLICY(3ossl)
openssl 3.3.2 - Generated Tue Sep 24 18:35:08 CDT 2024