Provide record layer callbacks for QUIC.

QUIC uses TLS to complete the handshake, however unlike normal TLS it does
not use the TLS record layer, rather it provides its own transport. This
means that we need to intercept all communication between the TLS handshake
and the record layer. This allows TLS handshake message writes to be
directed to QUIC, likewise for TLS handshake message reads. Alerts also
need to be sent via QUIC, plus it needs to be provided with the traffic
keys that are derived by TLS.

ok tb@

1 files changed, 28 insertions, 3 deletions

diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index c92fd8d193..ac5b83bd34 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.69 2022/07/24 14:16:29 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.70 2022/07/24 14:28:16 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -146,8 +146,8 @@ tls13_record_layer_new(const struct tls13_record_layer_callbacks *callbacks,
                 goto err;
 
         rl->legacy_version = TLS1_2_VERSION;
-        rl->cb = *callbacks;
-        rl->cb_arg = cb_arg;
+
+        tls13_record_layer_set_callbacks(rl, callbacks, cb_arg);
 
         return rl;
 
@@ -178,6 +178,14 @@ tls13_record_layer_free(struct tls13_record_layer *rl)
 }
 
 void
+tls13_record_layer_set_callbacks(struct tls13_record_layer *rl,
+    const struct tls13_record_layer_callbacks *callbacks, void *cb_arg)
+{
+        rl->cb = *callbacks;
+        rl->cb_arg = cb_arg;
+}
+
+void
 tls13_record_layer_rcontent(struct tls13_record_layer *rl, CBS *cbs)
 {
         CBS_dup(tls_content_cbs(rl->rcontent), cbs);
@@ -489,6 +497,10 @@ int
 tls13_record_layer_set_read_traffic_key(struct tls13_record_layer *rl,
     struct tls13_secret *read_key, enum ssl_encryption_level_t read_level)
 {
+        if (rl->cb.set_read_traffic_key != NULL)
+                return rl->cb.set_read_traffic_key(read_key, read_level,
+                    rl->cb_arg);
+
         return tls13_record_layer_set_traffic_key(rl->aead, rl->hash,
             rl->read, read_key);
 }
@@ -497,6 +509,10 @@ int
 tls13_record_layer_set_write_traffic_key(struct tls13_record_layer *rl,
     struct tls13_secret *write_key, enum ssl_encryption_level_t write_level)
 {
+        if (rl->cb.set_write_traffic_key != NULL)
+                return rl->cb.set_write_traffic_key(write_key, write_level,
+                    rl->cb_arg);
+
         return tls13_record_layer_set_traffic_key(rl->aead, rl->hash,
             rl->write, write_key);
 }
@@ -1128,6 +1144,9 @@ tls13_send_dummy_ccs(struct tls13_record_layer *rl)
 ssize_t
 tls13_read_handshake_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n)
 {
+        if (rl->cb.handshake_read != NULL)
+                return rl->cb.handshake_read(buf, n, rl->cb_arg);
+
         return tls13_record_layer_read(rl, SSL3_RT_HANDSHAKE, buf, n);
 }
 
@@ -1135,6 +1154,9 @@ ssize_t
 tls13_write_handshake_data(struct tls13_record_layer *rl, const uint8_t *buf,
     size_t n)
 {
+        if (rl->cb.handshake_write != NULL)
+                return rl->cb.handshake_write(buf, n, rl->cb_arg);
+
         return tls13_record_layer_write(rl, SSL3_RT_HANDSHAKE, buf, n);
 }
 
@@ -1181,6 +1203,9 @@ tls13_send_alert(struct tls13_record_layer *rl, uint8_t alert_desc)
         uint8_t alert_level = TLS13_ALERT_LEVEL_FATAL;
         ssize_t ret;
 
+        if (rl->cb.alert_send != NULL)
+                return rl->cb.alert_send(alert_desc, rl->cb_arg);
+
         if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY ||
             alert_desc == TLS13_ALERT_USER_CANCELED)
                 alert_level = TLS13_ALERT_LEVEL_WARNING;