From 59d8a338edca98e5bb077a2a364d82e53e7cce77 Mon Sep 17 00:00:00 2001
From: James Muir <james@openssl.org>
Date: Mon, 23 Oct 2023 21:00:41 -0400
Subject: [PATCH] quic: documentation and demo nits

The code for the quic demos (from the openssl guide) is presented as
modifications of tls-client-block.c.  Make it so that the quic code
better matches the tls code (drop unneeded assignments to "ret", use
the same comment on SSL_connect(), add the same printf() statement).

Also fix some minor typos.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22483)
---
 demos/guide/quic-client-block.c           | 5 +++--
 demos/guide/quic-multi-stream.c           | 9 +++++----
 demos/guide/tls-client-block.c            | 2 +-
 doc/man7/ossl-guide-quic-multi-stream.pod | 6 +++---
 4 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/demos/guide/quic-client-block.c b/demos/guide/quic-client-block.c
index e6cabfef26..65822fe8c4 100644
--- a/demos/guide/quic-client-block.c
+++ b/demos/guide/quic-client-block.c
@@ -210,8 +210,9 @@ int main(void)
         goto end;
     }
 
-    /* Connect to the server and perform the TLS handshake */
-    if ((ret = SSL_connect(ssl)) < 1) {
+    /* Do the handshake with the server */
+    if (SSL_connect(ssl) < 1) {
+        printf("Failed to connect to the server\n");
         /*
          * If the failure is due to a verification error we can get more
          * information about it from SSL_get_verify_result().
diff --git a/demos/guide/quic-multi-stream.c b/demos/guide/quic-multi-stream.c
index 56db5a98a8..44ee36e0ad 100644
--- a/demos/guide/quic-multi-stream.c
+++ b/demos/guide/quic-multi-stream.c
@@ -47,7 +47,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port,
      */
     for (ai = res; ai != NULL; ai = BIO_ADDRINFO_next(ai)) {
         /*
-         * Create a TCP socket. We could equally use non-OpenSSL calls such
+         * Create a UDP socket. We could equally use non-OpenSSL calls such
          * as "socket" here for this and the subsequent connect and close
          * functions. But for portability reasons and also so that we get
          * errors on the OpenSSL stack in the event of a failure we use
@@ -82,7 +82,6 @@ static BIO *create_socket_bio(const char *hostname, const char *port,
         }
     }
 
-
     /* Free the address information resources we allocated earlier */
     BIO_ADDRINFO_free(res);
 
@@ -96,6 +95,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port,
         BIO_closesocket(sock);
         return NULL;
     }
+
     /*
      * Associate the newly created BIO with the underlying socket. By
      * passing BIO_CLOSE here the socket will be automatically closed when
@@ -222,8 +222,9 @@ int main(void)
         goto end;
     }
 
-    /* Connect to the server and perform the TLS handshake */
-    if ((ret = SSL_connect(ssl)) < 1) {
+    /* Do the handshake with the server */
+    if (SSL_connect(ssl) < 1) {
+        printf("Failed to connect to the server\n");
         /*
          * If the failure is due to a verification error we can get more
          * information about it from SSL_get_verify_result().
diff --git a/demos/guide/tls-client-block.c b/demos/guide/tls-client-block.c
index 75ce7ebcc2..576fc7b325 100644
--- a/demos/guide/tls-client-block.c
+++ b/demos/guide/tls-client-block.c
@@ -74,7 +74,7 @@ static BIO *create_socket_bio(const char *hostname, const char *port)
     if (sock == -1)
         return NULL;
 
-    /* Create a BIO to wrap the socket*/
+    /* Create a BIO to wrap the socket */
     bio = BIO_new(BIO_s_socket());
     if (bio == NULL) {
         BIO_closesocket(sock);
diff --git a/doc/man7/ossl-guide-quic-multi-stream.pod b/doc/man7/ossl-guide-quic-multi-stream.pod
index 877d2208ae..5b78409d61 100644
--- a/doc/man7/ossl-guide-quic-multi-stream.pod
+++ b/doc/man7/ossl-guide-quic-multi-stream.pod
@@ -62,7 +62,7 @@ passes the connection B<SSL> object as a parameter.
 
 If a client application calls L<SSL_write_ex(3)> or L<SSL_write(3)> first then
 (by default) the default stream will be a client-initiated bi-directional
-stream. If the client applications call L<SSL_read_ex(3)> or L<SSL_read(3)>
+stream. If a client application calls L<SSL_read_ex(3)> or L<SSL_read(3)>
 first then the first stream initiated by the server will be used as the default
 stream (whether it is bi-directional or uni-directional).
 
@@ -285,7 +285,7 @@ these different cases.
      * QUIC terms this means that the peer has sent FIN on the stream to
      * indicate that no further data will be sent.
      */
-    switch (SSL_get_error(ssl, 0)) {
+    switch (SSL_get_error(stream1, 0)) {
     case SSL_ERROR_ZERO_RETURN:
         /* Normal completion of the stream */
         break;
@@ -295,7 +295,7 @@ these different cases.
          * Some stream fatal error occurred. This could be because of a stream
          * reset - or some failure occurred on the underlying connection.
          */
-        switch (SSL_get_stream_read_state(ssl)) {
+        switch (SSL_get_stream_read_state(stream1)) {
         case SSL_STREAM_STATE_RESET_REMOTE:
             printf("Stream reset occurred\n");
             /* The stream has been reset but the connection is still healthy. */
-- 
GitLab