Provide record layer callbacks for QUIC.

QUIC uses TLS to complete the handshake, however unlike normal TLS it does not use the TLS record layer, rather it provides its own transport. This means that we need to intercept all communication between the TLS handshake and the record layer. This allows TLS handshake message writes to be directed to QUIC, likewise for TLS handshake message reads. Alerts also need to be sent via QUIC, plus it needs to be provided with the traffic keys that are derived by TLS. ok tb@
author: jsing <> 2022-07-24 14:28:16 +0000
committer: jsing <> 2022-07-24 14:28:16 +0000
commit: f7f7655b1951f8dd9a8166cb6203a780f911d0bc (patch)
tree: f814f798e3d47e53e29dfd4db0eece8481fc97ad /src/lib/libssl/tls13_internal.h
parent: c804d574e337158da589e90dc9cbb13d6ffde44f (diff)
download: openbsd-f7f7655b1951f8dd9a8166cb6203a780f911d0bc.tar.gz
openbsd-f7f7655b1951f8dd9a8166cb6203a780f911d0bc.tar.bz2
openbsd-f7f7655b1951f8dd9a8166cb6203a780f911d0bc.zip
1 files changed, 20 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 6382f8b048..f4b17bdf25 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.100 2022/07/24 14:16:29 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.101 2022/07/24 14:28:16 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -175,9 +175,19 @@ int tls13_update_server_traffic_secret(struct tls13_secrets *secrets);
 struct tls13_record_layer;
 struct tls13_record_layer_callbacks {
+        /* Wire callbacks. */
        tls_read_cb wire_read;
        tls_write_cb wire_write;
        tls_flush_cb wire_flush;
+        /* Interceptors. */
+        tls_handshake_read_cb handshake_read;
+        tls_handshake_write_cb handshake_write;
+        tls_traffic_key_cb set_read_traffic_key;
+        tls_traffic_key_cb set_write_traffic_key;
+        tls_alert_send_cb alert_send;
+        /* Notification callbacks. */
        tls13_alert_cb alert_recv;
        tls13_alert_cb alert_sent;
        tls13_phh_recv_cb phh_recv;
@@ -187,6 +197,8 @@ struct tls13_record_layer_callbacks {
 struct tls13_record_layer *tls13_record_layer_new(
    const struct tls13_record_layer_callbacks *callbacks, void *cb_arg);
 void tls13_record_layer_free(struct tls13_record_layer *rl);
+void tls13_record_layer_set_callbacks(struct tls13_record_layer *rl,
+    const struct tls13_record_layer_callbacks *callbacks, void *cb_arg);
 void tls13_record_layer_allow_ccs(struct tls13_record_layer *rl, int allow);
 void tls13_record_layer_allow_legacy_alerts(struct tls13_record_layer *rl, int allow);
 void tls13_record_layer_rcontent(struct tls13_record_layer *rl, CBS *cbs);
@@ -297,6 +309,13 @@ void tls13_ctx_free(struct tls13_ctx *ctx);
 const EVP_AEAD *tls13_cipher_aead(const SSL_CIPHER *cipher);
 const EVP_MD *tls13_cipher_hash(const SSL_CIPHER *cipher);
+void tls13_alert_received_cb(uint8_t alert_desc, void *arg);
+void tls13_alert_sent_cb(uint8_t alert_desc, void *arg);
+ssize_t tls13_phh_received_cb(void *cb_arg);
+void tls13_phh_done_cb(void *cb_arg);
+int tls13_quic_init(struct tls13_ctx *ctx);
 /*
 * Legacy interfaces.
 */
author	jsing <>	2022-07-24 14:28:16 +0000
committer	jsing <>	2022-07-24 14:28:16 +0000
commit	f7f7655b1951f8dd9a8166cb6203a780f911d0bc (patch)
tree	f814f798e3d47e53e29dfd4db0eece8481fc97ad /src/lib/libssl/tls13_internal.h
parent	c804d574e337158da589e90dc9cbb13d6ffde44f (diff)
download	openbsd-f7f7655b1951f8dd9a8166cb6203a780f911d0bc.tar.gz openbsd-f7f7655b1951f8dd9a8166cb6203a780f911d0bc.tar.bz2 openbsd-f7f7655b1951f8dd9a8166cb6203a780f911d0bc.zip