Move legacy stack interfacing functions into tls13_legacy.c.

No functional change.

ok inoguchi@ tb@

4 files changed, 206 insertions, 199 deletions

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 5bd7681f19..79318d9313 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.53 2020/04/28 20:30:40 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.54 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -24,7 +24,7 @@
 #include "tls13_handshake.h"
 #include "tls13_internal.h"
 
-static int
+int
 tls13_client_init(struct tls13_ctx *ctx)
 {
         const uint16_t *groups;
@@ -71,8 +71,8 @@ tls13_client_init(struct tls13_ctx *ctx)
         return 1;
 }
 
-static int
-tls13_connect(struct tls13_ctx *ctx)
+int
+tls13_client_connect(struct tls13_ctx *ctx)
 {
         if (ctx->mode != TLS13_HS_CLIENT)
                 return TLS13_IO_FAILURE;
@@ -80,104 +80,6 @@ tls13_connect(struct tls13_ctx *ctx)
         return tls13_handshake_perform(ctx);
 }
 
-int
-tls13_legacy_connect(SSL *ssl)
-{
-        struct tls13_ctx *ctx = ssl->internal->tls13;
-        int ret;
-
-#ifdef TLS13_USE_LEGACY_CLIENT_AUTH
-        /* XXX drop back to legacy for client auth for now */
-        if (ssl->cert->key->privatekey != NULL) {
-                ssl->method = tls_legacy_client_method();
-                return ssl->method->internal->ssl_connect(ssl);
-        }
-#endif
-
-        if (ctx == NULL) {
-                if ((ctx = tls13_ctx_new(TLS13_HS_CLIENT)) == NULL) {
-                        SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-                        return -1;
-                }
-                ssl->internal->tls13 = ctx;
-                ctx->ssl = ssl;
-                ctx->hs = &S3I(ssl)->hs_tls13;
-
-                if (!tls13_client_init(ctx)) {
-                        if (ERR_peek_error() == 0)
-                                SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-                        return -1;
-                }
-        }
-
-        ERR_clear_error();
-        S3I(ssl)->hs.state = SSL_ST_CONNECT;
-
-        ret = tls13_connect(ctx);
-        if (ret == TLS13_IO_USE_LEGACY)
-                return ssl->method->internal->ssl_connect(ssl);
-        if (ret == TLS13_IO_SUCCESS)
-                S3I(ssl)->hs.state = SSL_ST_OK;
-
-        return tls13_legacy_return_code(ssl, ret);
-}
-
-int
-tls13_use_legacy_client(struct tls13_ctx *ctx)
-{
-        SSL *s = ctx->ssl;
-        CBS cbs;
-
-        s->method = tls_legacy_client_method();
-        s->internal->handshake_func = s->method->internal->ssl_connect;
-        s->client_version = s->version = s->method->internal->max_version;
-
-        if (!ssl3_setup_init_buffer(s))
-                goto err;
-        if (!ssl3_setup_buffers(s))
-                goto err;
-        if (!ssl_init_wbio_buffer(s, 0))
-                goto err;
-
-        if (s->bbio != s->wbio)
-                s->wbio = BIO_push(s->bbio, s->wbio);
-
-        /* Stash any unprocessed data from the last record. */
-        tls13_record_layer_rbuf(ctx->rl, &cbs);
-        if (CBS_len(&cbs) > 0) {
-                if (!CBS_write_bytes(&cbs,
-                    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
-                    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
-                        goto err;
-
-                S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
-                S3I(s)->rbuf.left = CBS_len(&cbs);
-                S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
-                S3I(s)->rrec.length = CBS_len(&cbs);
-                s->internal->rstate = SSL_ST_READ_BODY;
-                s->internal->packet = S3I(s)->rbuf.buf;
-                s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
-                s->internal->mac_packet = 1;
-        }
-
-        /* Stash the current handshake message. */
-        tls13_handshake_msg_data(ctx->hs_msg, &cbs);
-        if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
-            s->internal->init_buf->length, NULL))
-                goto err;
-
-        S3I(s)->tmp.reuse_message = 1;
-        S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
-        S3I(s)->tmp.message_size = CBS_len(&cbs);
-
-        S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
-
-        return 1;
-
- err:
-        return 0;
-}
-
 static int
 tls13_client_hello_build(struct tls13_ctx *ctx, CBB *cbb)
 {
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index d711f1a58d..d53672dbfe 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.66 2020/04/28 20:30:40 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.67 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -250,6 +250,8 @@ const EVP_MD *tls13_cipher_hash(const SSL_CIPHER *cipher);
 /*
  * Legacy interfaces.
  */
+int tls13_use_legacy_client(struct tls13_ctx *ctx);
+int tls13_use_legacy_server(struct tls13_ctx *ctx);
 int tls13_legacy_accept(SSL *ssl);
 int tls13_legacy_connect(SSL *ssl);
 int tls13_legacy_return_code(SSL *ssl, ssize_t ret);
@@ -292,6 +294,11 @@ int tls13_legacy_shutdown(SSL *ssl);
 int tls13_handshake_msg_record(struct tls13_ctx *ctx);
 int tls13_handshake_perform(struct tls13_ctx *ctx);
 
+int tls13_client_init(struct tls13_ctx *ctx);
+int tls13_server_init(struct tls13_ctx *ctx);
+int tls13_client_connect(struct tls13_ctx *ctx);
+int tls13_server_accept(struct tls13_ctx *ctx);
+
 int tls13_client_hello_send(struct tls13_ctx *ctx, CBB *cbb);
 int tls13_client_hello_sent(struct tls13_ctx *ctx);
 int tls13_client_hello_recv(struct tls13_ctx *ctx, CBS *cbs);
diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c
index 747bdc2728..1e18a8258c 100644
--- a/src/lib/libssl/tls13_legacy.c
+++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_legacy.c,v 1.2 2020/03/10 17:02:21 jsing Exp $ */
+/*      $OpenBSD: tls13_legacy.c,v 1.3 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -277,6 +277,195 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *vbuf, int len)
 }
 
 int
+tls13_use_legacy_client(struct tls13_ctx *ctx)
+{
+        SSL *s = ctx->ssl;
+        CBS cbs;
+
+        s->method = tls_legacy_client_method();
+        s->internal->handshake_func = s->method->internal->ssl_connect;
+        s->client_version = s->version = s->method->internal->max_version;
+
+        if (!ssl3_setup_init_buffer(s))
+                goto err;
+        if (!ssl3_setup_buffers(s))
+                goto err;
+        if (!ssl_init_wbio_buffer(s, 0))
+                goto err;
+
+        if (s->bbio != s->wbio)
+                s->wbio = BIO_push(s->bbio, s->wbio);
+
+        /* Stash any unprocessed data from the last record. */
+        tls13_record_layer_rbuf(ctx->rl, &cbs);
+        if (CBS_len(&cbs) > 0) {
+                if (!CBS_write_bytes(&cbs,
+                    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
+                    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
+                        goto err;
+
+                S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
+                S3I(s)->rbuf.left = CBS_len(&cbs);
+                S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
+                S3I(s)->rrec.length = CBS_len(&cbs);
+                s->internal->rstate = SSL_ST_READ_BODY;
+                s->internal->packet = S3I(s)->rbuf.buf;
+                s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+                s->internal->mac_packet = 1;
+        }
+
+        /* Stash the current handshake message. */
+        tls13_handshake_msg_data(ctx->hs_msg, &cbs);
+        if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+            s->internal->init_buf->length, NULL))
+                goto err;
+
+        S3I(s)->tmp.reuse_message = 1;
+        S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
+        S3I(s)->tmp.message_size = CBS_len(&cbs);
+
+        S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
+
+        return 1;
+
+ err:
+        return 0;
+}
+
+int
+tls13_use_legacy_server(struct tls13_ctx *ctx)
+{
+        SSL *s = ctx->ssl;
+        CBS cbs;
+
+        s->method = tls_legacy_server_method();
+        s->internal->handshake_func = s->method->internal->ssl_accept;
+        s->client_version = s->version = s->method->internal->max_version;
+        s->server = 1;
+
+        if (!ssl3_setup_init_buffer(s))
+                goto err;
+        if (!ssl3_setup_buffers(s))
+                goto err;
+        if (!ssl_init_wbio_buffer(s, 0))
+                goto err;
+
+        if (s->bbio != s->wbio)
+                s->wbio = BIO_push(s->bbio, s->wbio);
+
+        /* Stash any unprocessed data from the last record. */
+        tls13_record_layer_rbuf(ctx->rl, &cbs);
+        if (CBS_len(&cbs) > 0) {
+                if (!CBS_write_bytes(&cbs,
+                    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
+                    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
+                        goto err;
+
+                S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
+                S3I(s)->rbuf.left = CBS_len(&cbs);
+                S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
+                S3I(s)->rrec.length = CBS_len(&cbs);
+                s->internal->rstate = SSL_ST_READ_BODY;
+                s->internal->packet = S3I(s)->rbuf.buf;
+                s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+                s->internal->mac_packet = 1;
+        }
+
+        /* Stash the current handshake message. */
+        tls13_handshake_msg_data(ctx->hs_msg, &cbs);
+        if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+            s->internal->init_buf->length, NULL))
+                goto err;
+
+        S3I(s)->tmp.reuse_message = 1;
+        S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
+        S3I(s)->tmp.message_size = CBS_len(&cbs);
+
+        S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
+
+        return 1;
+
+ err:
+        return 0;
+}
+
+int
+tls13_legacy_accept(SSL *ssl)
+{
+        struct tls13_ctx *ctx = ssl->internal->tls13;
+        int ret;
+
+        if (ctx == NULL) {
+                if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) {
+                        SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+                        return -1;
+                }
+                ssl->internal->tls13 = ctx;
+                ctx->ssl = ssl;
+                ctx->hs = &S3I(ssl)->hs_tls13;
+
+                if (!tls13_server_init(ctx)) {
+                        if (ERR_peek_error() == 0)
+                                SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+                        return -1;
+                }
+        }
+
+        ERR_clear_error();
+        S3I(ssl)->hs.state = SSL_ST_ACCEPT;
+
+        ret = tls13_server_accept(ctx);
+        if (ret == TLS13_IO_USE_LEGACY)
+                return ssl->method->internal->ssl_accept(ssl);
+        if (ret == TLS13_IO_SUCCESS)
+                S3I(ssl)->hs.state = SSL_ST_OK;
+
+        return tls13_legacy_return_code(ssl, ret);
+}
+
+int
+tls13_legacy_connect(SSL *ssl)
+{
+        struct tls13_ctx *ctx = ssl->internal->tls13;
+        int ret;
+
+#ifdef TLS13_USE_LEGACY_CLIENT_AUTH
+        /* XXX drop back to legacy for client auth for now */
+        if (ssl->cert->key->privatekey != NULL) {
+                ssl->method = tls_legacy_client_method();
+                return ssl->method->internal->ssl_connect(ssl);
+        }
+#endif
+
+        if (ctx == NULL) {
+                if ((ctx = tls13_ctx_new(TLS13_HS_CLIENT)) == NULL) {
+                        SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+                        return -1;
+                }
+                ssl->internal->tls13 = ctx;
+                ctx->ssl = ssl;
+                ctx->hs = &S3I(ssl)->hs_tls13;
+
+                if (!tls13_client_init(ctx)) {
+                        if (ERR_peek_error() == 0)
+                                SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+                        return -1;
+                }
+        }
+
+        ERR_clear_error();
+        S3I(ssl)->hs.state = SSL_ST_CONNECT;
+
+        ret = tls13_client_connect(ctx);
+        if (ret == TLS13_IO_USE_LEGACY)
+                return ssl->method->internal->ssl_connect(ssl);
+        if (ret == TLS13_IO_SUCCESS)
+                S3I(ssl)->hs.state = SSL_ST_OK;
+
+        return tls13_legacy_return_code(ssl, ret);
+}
+
+int
 tls13_legacy_shutdown(SSL *ssl)
 {
         struct tls13_ctx *ctx = ssl->internal->tls13;
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 864e434fda..4fa1aba31d 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.33 2020/04/27 20:15:17 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -22,7 +22,7 @@
 #include "tls13_handshake.h"
 #include "tls13_internal.h"
 
-static int
+int
 tls13_server_init(struct tls13_ctx *ctx)
 {
         SSL *s = ctx->ssl;
@@ -45,8 +45,8 @@ tls13_server_init(struct tls13_ctx *ctx)
         return 1;
 }
 
-static int
-tls13_accept(struct tls13_ctx *ctx)
+int
+tls13_server_accept(struct tls13_ctx *ctx)
 {
         if (ctx->mode != TLS13_HS_SERVER)
                 return TLS13_IO_FAILURE;
@@ -54,97 +54,6 @@ tls13_accept(struct tls13_ctx *ctx)
         return tls13_handshake_perform(ctx);
 }
 
-int
-tls13_legacy_accept(SSL *ssl)
-{
-        struct tls13_ctx *ctx = ssl->internal->tls13;
-        int ret;
-
-        if (ctx == NULL) {
-                if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) {
-                        SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-                        return -1;
-                }
-                ssl->internal->tls13 = ctx;
-                ctx->ssl = ssl;
-                ctx->hs = &S3I(ssl)->hs_tls13;
-
-                if (!tls13_server_init(ctx)) {
-                        if (ERR_peek_error() == 0)
-                                SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-                        return -1;
-                }
-        }
-
-        ERR_clear_error();
-        S3I(ssl)->hs.state = SSL_ST_ACCEPT;
-
-        ret = tls13_accept(ctx);
-        if (ret == TLS13_IO_USE_LEGACY)
-                return ssl->method->internal->ssl_accept(ssl);
-        if (ret == TLS13_IO_SUCCESS)
-                S3I(ssl)->hs.state = SSL_ST_OK;
-
-        return tls13_legacy_return_code(ssl, ret);
-}
-
-int
-tls13_use_legacy_server(struct tls13_ctx *ctx)
-{
-        SSL *s = ctx->ssl;
-        CBS cbs;
-
-        s->method = tls_legacy_server_method();
-        s->internal->handshake_func = s->method->internal->ssl_accept;
-        s->client_version = s->version = s->method->internal->max_version;
-        s->server = 1;
-
-        if (!ssl3_setup_init_buffer(s))
-                goto err;
-        if (!ssl3_setup_buffers(s))
-                goto err;
-        if (!ssl_init_wbio_buffer(s, 0))
-                goto err;
-
-        if (s->bbio != s->wbio)
-                s->wbio = BIO_push(s->bbio, s->wbio);
-
-        /* Stash any unprocessed data from the last record. */
-        tls13_record_layer_rbuf(ctx->rl, &cbs);
-        if (CBS_len(&cbs) > 0) {
-                if (!CBS_write_bytes(&cbs,
-                    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
-                    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
-                        goto err;
-
-                S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
-                S3I(s)->rbuf.left = CBS_len(&cbs);
-                S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
-                S3I(s)->rrec.length = CBS_len(&cbs);
-                s->internal->rstate = SSL_ST_READ_BODY;
-                s->internal->packet = S3I(s)->rbuf.buf;
-                s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
-                s->internal->mac_packet = 1;
-        }
-
-        /* Stash the current handshake message. */
-        tls13_handshake_msg_data(ctx->hs_msg, &cbs);
-        if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
-            s->internal->init_buf->length, NULL))
-                goto err;
-
-        S3I(s)->tmp.reuse_message = 1;
-        S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
-        S3I(s)->tmp.message_size = CBS_len(&cbs);
-
-        S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
-
-        return 1;
-
- err:
-        return 0;
-}
-
 static int
 tls13_client_hello_is_legacy(CBS *cbs)
 {