Provide SSL_QUIC_METHOD.

This provides SSL_QUIC_METHOD (aka ssl_quic_method_st), which allows for
QUIC callback hooks to be passed to an SSL_CTX or SSL. This is largely
ported/adapted from BoringSSL.

It is worth noting that this struct is not opaque and the original
interface exposed by BoringSSL differs to the one they now use. The
original interface was copied by quictls and it appears that this API
will not be updated to match BoringSSL.

To make things even more challenging, at least one consumer does not use
named initialisers, making code completely dependent on the order in
which the function pointers are defined as struct members. In order to
try to support both variants, the set_read_secret/set_write_secret
functions are included, however they have to go at the end.

ok tb@

1 files changed, 3 insertions, 2 deletions

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 6a4f14d281..d45983ac1e 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.422 2022/08/18 07:00:59 tb Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.423 2022/08/21 19:32:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -882,6 +882,7 @@ typedef struct ssl_ctx_internal_st {
 
 struct ssl_ctx_st {
         const SSL_METHOD *method;
+        const SSL_QUIC_METHOD *quic_method;
 
         STACK_OF(SSL_CIPHER) *cipher_list;
 
@@ -1073,7 +1074,7 @@ struct ssl_st {
         int version;
 
         const SSL_METHOD *method;
-        const void *quic_method; /* XXX */
+        const SSL_QUIC_METHOD *quic_method;
 
         /* There are 2 BIO's even though they are normally both the
          * same.  This is so data can be read and written to different