Ensure that SSL_{peek,read,write}() are not called if QUIC is in use.

ok tb@

1 files changed, 16 insertions, 1 deletions

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 9af1934dd6..515065de6c 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.301 2022/08/17 07:39:19 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.302 2022/08/21 18:17:11 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1029,6 +1029,11 @@ SSL_read(SSL *s, void *buf, int num)
                 return -1;
         }
 
+        if (SSL_is_quic(s)) {
+                SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return (-1);
+        }
+
         if (s->internal->handshake_func == NULL) {
                 SSLerror(s, SSL_R_UNINITIALIZED);
                 return (-1);
@@ -1068,6 +1073,11 @@ SSL_peek(SSL *s, void *buf, int num)
                 return -1;
         }
 
+        if (SSL_is_quic(s)) {
+                SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return (-1);
+        }
+
         if (s->internal->handshake_func == NULL) {
                 SSLerror(s, SSL_R_UNINITIALIZED);
                 return (-1);
@@ -1106,6 +1116,11 @@ SSL_write(SSL *s, const void *buf, int num)
                 return -1;
         }
 
+        if (SSL_is_quic(s)) {
+                SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return (-1);
+        }
+
         if (s->internal->handshake_func == NULL) {
                 SSLerror(s, SSL_R_UNINITIALIZED);
                 return (-1);