3 files changed, 33 insertions, 35 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 7ec166f3fa..764b58b00b 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.75 2020/05/10 17:13:30 tb Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.76 2020/05/11 17:28:33 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -174,10 +174,16 @@ int tls13_key_share_derive(struct tls13_key_share *ks, uint8_t **shared_key,
 */
 struct tls13_record_layer;
-struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read,
+struct tls13_record_layer_callbacks {
-    tls13_write_cb wire_write, tls13_alert_cb alert_cb,
+        tls13_read_cb wire_read;
-    tls13_phh_recv_cb phh_recv_cb,
+        tls13_write_cb wire_write;
-    tls13_phh_sent_cb phh_sent_cb, void *cb_arg);
+        tls13_alert_cb alert_recv;
+        tls13_phh_recv_cb phh_recv;
+        tls13_phh_sent_cb phh_sent;
+};
+struct tls13_record_layer *tls13_record_layer_new(
+    const struct tls13_record_layer_callbacks *callbacks, void *cb_arg);
 void tls13_record_layer_free(struct tls13_record_layer *rl);
 void tls13_record_layer_allow_ccs(struct tls13_record_layer *rl, int allow);
 void tls13_record_layer_allow_legacy_alerts(struct tls13_record_layer *rl, int allow);
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index d3e4050c1e..f096fe633e 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.41 2020/05/10 16:56:11 jsing Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.42 2020/05/11 17:28:33 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -332,6 +332,14 @@ tls13_phh_received_cb(void *cb_arg, CBS *cbs)
        return ret;
 }
+static const struct tls13_record_layer_callbacks rl_callbacks = {
+        .wire_read = tls13_legacy_wire_read_cb,
+        .wire_write = tls13_legacy_wire_write_cb,
+        .alert_recv = tls13_alert_received_cb,
+        .phh_recv = tls13_phh_received_cb,
+        .phh_sent = tls13_phh_done_cb,
+};
 struct tls13_ctx *
 tls13_ctx_new(int mode)
 {
@@ -342,9 +350,7 @@ tls13_ctx_new(int mode)
        ctx->mode = mode;
-        if ((ctx->rl = tls13_record_layer_new(tls13_legacy_wire_read_cb,
+        if ((ctx->rl = tls13_record_layer_new(&rl_callbacks, ctx)) == NULL)
-            tls13_legacy_wire_write_cb, tls13_alert_received_cb,
-            tls13_phh_received_cb, tls13_phh_done_cb, ctx)) == NULL)
                goto err;
        ctx->handshake_message_sent_cb = tls13_legacy_handshake_message_sent_cb;
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index 9ea1a820ce..62b32e4631 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.37 2020/05/10 16:56:11 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.38 2020/05/11 17:28:33 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -80,14 +80,8 @@ struct tls13_record_layer {
        uint8_t read_seq_num[TLS13_RECORD_SEQ_NUM_LEN];
        uint8_t write_seq_num[TLS13_RECORD_SEQ_NUM_LEN];
-        /* Record callbacks. */
+        /* Callbacks. */
-        tls13_alert_cb alert_cb;
+        struct tls13_record_layer_callbacks cb;
-        tls13_phh_recv_cb phh_recv_cb;
-        tls13_phh_sent_cb phh_sent_cb;
-        /* Wire read/write callbacks. */
-        tls13_read_cb wire_read;
-        tls13_write_cb wire_write;
        void *cb_arg;
 };
@@ -116,10 +110,7 @@ tls13_record_layer_wrec_free(struct tls13_record_layer *rl)
 }
 struct tls13_record_layer *
-tls13_record_layer_new(tls13_read_cb wire_read, tls13_write_cb wire_write,
+tls13_record_layer_new(const struct tls13_record_layer_callbacks *callbacks,
-    tls13_alert_cb alert_cb,
-    tls13_phh_recv_cb phh_recv_cb,
-    tls13_phh_sent_cb phh_sent_cb,
    void *cb_arg)
 {
        struct tls13_record_layer *rl;
@@ -128,12 +119,7 @@ tls13_record_layer_new(tls13_read_cb wire_read, tls13_write_cb wire_write,
                return NULL;
        rl->legacy_version = TLS1_2_VERSION;
+        rl->cb = *callbacks;
-        rl->wire_read = wire_read;
-        rl->wire_write = wire_write;
-        rl->alert_cb = alert_cb;
-        rl->phh_recv_cb = phh_recv_cb;
-        rl->phh_sent_cb = phh_sent_cb;
        rl->cb_arg = cb_arg;
        return rl;
@@ -301,7 +287,7 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
                return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);
        }
-        rl->alert_cb(alert_desc, rl->cb_arg);
+        rl->cb.alert_recv(alert_desc, rl->cb_arg);
        return ret;
 }
@@ -358,7 +344,7 @@ tls13_record_layer_send_phh(struct tls13_record_layer *rl)
        CBS_init(&rl->phh_cbs, rl->phh_data, rl->phh_len);
-        rl->phh_sent_cb(rl->cb_arg);
+        rl->cb.phh_sent(rl->cb_arg);
        return TLS13_IO_SUCCESS;
 }
@@ -781,7 +767,7 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
                        goto err;
        }
-        if ((ret = tls13_record_recv(rl->rrec, rl->wire_read, rl->cb_arg)) <= 0)
+        if ((ret = tls13_record_recv(rl->rrec, rl->cb.wire_read, rl->cb_arg)) <= 0)
                return ret;
        /* XXX - record version checks. */
@@ -919,8 +905,8 @@ tls13_record_layer_read_internal(struct tls13_record_layer *rl,
                                 *
                                 * TLS13_IO_FAILURE -> something broke.
                                 */
-                                if (rl->phh_recv_cb != NULL) {
+                                if (rl->cb.phh_recv != NULL) {
-                                        ret = rl->phh_recv_cb(
+                                        ret = rl->cb.phh_recv(
                                            rl->cb_arg, &rl->rbuf_cbs);
                                }
@@ -1013,7 +999,7 @@ tls13_record_layer_write_record(struct tls13_record_layer *rl,
        /* See if there is an existing record and attempt to push it out... */
        if (rl->wrec != NULL) {
-                if ((ret = tls13_record_send(rl->wrec, rl->wire_write,
+                if ((ret = tls13_record_send(rl->wrec, rl->cb.wire_write,
                    rl->cb_arg)) <= 0)
                        return ret;
                tls13_record_layer_wrec_free(rl);
@@ -1040,7 +1026,7 @@ tls13_record_layer_write_record(struct tls13_record_layer *rl,
        if (!tls13_record_layer_seal_record(rl, content_type, content, content_len))
                goto err;
-        if ((ret = tls13_record_send(rl->wrec, rl->wire_write, rl->cb_arg)) <= 0)
+        if ((ret = tls13_record_send(rl->wrec, rl->cb.wire_write, rl->cb_arg)) <= 0)
                return ret;
        tls13_record_layer_wrec_free(rl);

diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 7ec166f3fa..764b58b00b 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_internal.h,v 1.75 2020/05/10 17:13:30 tb Exp $ */	1	/* $OpenBSD: tls13_internal.h,v 1.76 2020/05/11 17:28:33 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -174,10 +174,16 @@ int tls13_key_share_derive(struct tls13_key_share ks, uint8_t *shared_key,
174	*/	174	*/
175	struct tls13_record_layer;	175	struct tls13_record_layer;
176		176
177	struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read,	177	struct tls13_record_layer_callbacks {
178	tls13_write_cb wire_write, tls13_alert_cb alert_cb,	178	tls13_read_cb wire_read;
179	tls13_phh_recv_cb phh_recv_cb,	179	tls13_write_cb wire_write;
180	tls13_phh_sent_cb phh_sent_cb, void *cb_arg);	180	tls13_alert_cb alert_recv;
		181	tls13_phh_recv_cb phh_recv;
		182	tls13_phh_sent_cb phh_sent;
		183	};
		184
		185	struct tls13_record_layer *tls13_record_layer_new(
		186	const struct tls13_record_layer_callbacks callbacks, void cb_arg);
181	void tls13_record_layer_free(struct tls13_record_layer *rl);	187	void tls13_record_layer_free(struct tls13_record_layer *rl);
182	void tls13_record_layer_allow_ccs(struct tls13_record_layer *rl, int allow);	188	void tls13_record_layer_allow_ccs(struct tls13_record_layer *rl, int allow);
183	void tls13_record_layer_allow_legacy_alerts(struct tls13_record_layer *rl, int allow);	189	void tls13_record_layer_allow_legacy_alerts(struct tls13_record_layer *rl, int allow);


diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index d3e4050c1e..f096fe633e 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_lib.c,v 1.41 2020/05/10 16:56:11 jsing Exp $ */	1	/* $OpenBSD: tls13_lib.c,v 1.42 2020/05/11 17:28:33 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>	4	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -332,6 +332,14 @@ tls13_phh_received_cb(void cb_arg, CBS cbs)
332	return ret;	332	return ret;
333	}	333	}
334		334
		335	static const struct tls13_record_layer_callbacks rl_callbacks = {
		336	.wire_read = tls13_legacy_wire_read_cb,
		337	.wire_write = tls13_legacy_wire_write_cb,
		338	.alert_recv = tls13_alert_received_cb,
		339	.phh_recv = tls13_phh_received_cb,
		340	.phh_sent = tls13_phh_done_cb,
		341	};
		342
335	struct tls13_ctx *	343	struct tls13_ctx *
336	tls13_ctx_new(int mode)	344	tls13_ctx_new(int mode)
337	{	345	{
@@ -342,9 +350,7 @@ tls13_ctx_new(int mode)
342		350
343	ctx->mode = mode;	351	ctx->mode = mode;
344		352
345	if ((ctx->rl = tls13_record_layer_new(tls13_legacy_wire_read_cb,	353	if ((ctx->rl = tls13_record_layer_new(&rl_callbacks, ctx)) == NULL)
346	tls13_legacy_wire_write_cb, tls13_alert_received_cb,
347	tls13_phh_received_cb, tls13_phh_done_cb, ctx)) == NULL)
348	goto err;	354	goto err;
349		355
350	ctx->handshake_message_sent_cb = tls13_legacy_handshake_message_sent_cb;	356	ctx->handshake_message_sent_cb = tls13_legacy_handshake_message_sent_cb;


diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c index 9ea1a820ce..62b32e4631 100644 --- a/src/lib/libssl/tls13_record_layer.c +++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_record_layer.c,v 1.37 2020/05/10 16:56:11 jsing Exp $ */	1	/* $OpenBSD: tls13_record_layer.c,v 1.38 2020/05/11 17:28:33 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -80,14 +80,8 @@ struct tls13_record_layer {
80	uint8_t read_seq_num[TLS13_RECORD_SEQ_NUM_LEN];	80	uint8_t read_seq_num[TLS13_RECORD_SEQ_NUM_LEN];
81	uint8_t write_seq_num[TLS13_RECORD_SEQ_NUM_LEN];	81	uint8_t write_seq_num[TLS13_RECORD_SEQ_NUM_LEN];
82		82
83	/* Record callbacks. */	83	/* Callbacks. */
84	tls13_alert_cb alert_cb;	84	struct tls13_record_layer_callbacks cb;
85	tls13_phh_recv_cb phh_recv_cb;
86	tls13_phh_sent_cb phh_sent_cb;
87
88	/* Wire read/write callbacks. */
89	tls13_read_cb wire_read;
90	tls13_write_cb wire_write;
91	void *cb_arg;	85	void *cb_arg;
92	};	86	};
93		87
@@ -116,10 +110,7 @@ tls13_record_layer_wrec_free(struct tls13_record_layer *rl)
116	}	110	}
117		111
118	struct tls13_record_layer *	112	struct tls13_record_layer *
119	tls13_record_layer_new(tls13_read_cb wire_read, tls13_write_cb wire_write,	113	tls13_record_layer_new(const struct tls13_record_layer_callbacks *callbacks,
120	tls13_alert_cb alert_cb,
121	tls13_phh_recv_cb phh_recv_cb,
122	tls13_phh_sent_cb phh_sent_cb,
123	void *cb_arg)	114	void *cb_arg)
124	{	115	{
125	struct tls13_record_layer *rl;	116	struct tls13_record_layer *rl;
@@ -128,12 +119,7 @@ tls13_record_layer_new(tls13_read_cb wire_read, tls13_write_cb wire_write,
128	return NULL;	119	return NULL;
129		120
130	rl->legacy_version = TLS1_2_VERSION;	121	rl->legacy_version = TLS1_2_VERSION;
131		122	rl->cb = *callbacks;
132	rl->wire_read = wire_read;
133	rl->wire_write = wire_write;
134	rl->alert_cb = alert_cb;
135	rl->phh_recv_cb = phh_recv_cb;
136	rl->phh_sent_cb = phh_sent_cb;
137	rl->cb_arg = cb_arg;	123	rl->cb_arg = cb_arg;
138		124
139	return rl;	125	return rl;
@@ -301,7 +287,7 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
301	return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);	287	return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);
302	}	288	}
303		289
304	rl->alert_cb(alert_desc, rl->cb_arg);	290	rl->cb.alert_recv(alert_desc, rl->cb_arg);
305		291
306	return ret;	292	return ret;
307	}	293	}
@@ -358,7 +344,7 @@ tls13_record_layer_send_phh(struct tls13_record_layer *rl)
358		344
359	CBS_init(&rl->phh_cbs, rl->phh_data, rl->phh_len);	345	CBS_init(&rl->phh_cbs, rl->phh_data, rl->phh_len);
360		346
361	rl->phh_sent_cb(rl->cb_arg);	347	rl->cb.phh_sent(rl->cb_arg);
362		348
363	return TLS13_IO_SUCCESS;	349	return TLS13_IO_SUCCESS;
364	}	350	}
@@ -781,7 +767,7 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
781	goto err;	767	goto err;
782	}	768	}
783		769
784	if ((ret = tls13_record_recv(rl->rrec, rl->wire_read, rl->cb_arg)) <= 0)	770	if ((ret = tls13_record_recv(rl->rrec, rl->cb.wire_read, rl->cb_arg)) <= 0)
785	return ret;	771	return ret;
786		772
787	/* XXX - record version checks. */	773	/* XXX - record version checks. */
@@ -919,8 +905,8 @@ tls13_record_layer_read_internal(struct tls13_record_layer *rl,
919	*	905	*
920	* TLS13_IO_FAILURE -> something broke.	906	* TLS13_IO_FAILURE -> something broke.
921	*/	907	*/
922	if (rl->phh_recv_cb != NULL) {	908	if (rl->cb.phh_recv != NULL) {
923	ret = rl->phh_recv_cb(	909	ret = rl->cb.phh_recv(
924	rl->cb_arg, &rl->rbuf_cbs);	910	rl->cb_arg, &rl->rbuf_cbs);
925	}	911	}
926		912
@@ -1013,7 +999,7 @@ tls13_record_layer_write_record(struct tls13_record_layer *rl,
1013		999
1014	/* See if there is an existing record and attempt to push it out... */	1000	/* See if there is an existing record and attempt to push it out... */
1015	if (rl->wrec != NULL) {	1001	if (rl->wrec != NULL) {
1016	if ((ret = tls13_record_send(rl->wrec, rl->wire_write,	1002	if ((ret = tls13_record_send(rl->wrec, rl->cb.wire_write,
1017	rl->cb_arg)) <= 0)	1003	rl->cb_arg)) <= 0)
1018	return ret;	1004	return ret;
1019	tls13_record_layer_wrec_free(rl);	1005	tls13_record_layer_wrec_free(rl);
@@ -1040,7 +1026,7 @@ tls13_record_layer_write_record(struct tls13_record_layer *rl,
1040	if (!tls13_record_layer_seal_record(rl, content_type, content, content_len))	1026	if (!tls13_record_layer_seal_record(rl, content_type, content, content_len))
1041	goto err;	1027	goto err;
1042		1028
1043	if ((ret = tls13_record_send(rl->wrec, rl->wire_write, rl->cb_arg)) <= 0)	1029	if ((ret = tls13_record_send(rl->wrec, rl->cb.wire_write, rl->cb_arg)) <= 0)
1044	return ret;	1030	return ret;
1045		1031
1046	tls13_record_layer_wrec_free(rl);	1032	tls13_record_layer_wrec_free(rl);