1 files changed, 0 insertions, 191 deletions
diff --git a/src/lib/libssl/tls13_quic.c b/src/lib/libssl/tls13_quic.c
deleted file mode 100644
index 656af6fe6b..0000000000
--- a/src/lib/libssl/tls13_quic.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/*      $OpenBSD: tls13_quic.c,v 1.8 2024/09/09 03:55:55 tb Exp $ */
-/*
- * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-#include "ssl_local.h"
-#include "tls13_internal.h"
-static ssize_t
-tls13_quic_wire_read_cb(void *buf, size_t n, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
-        return TLS13_IO_FAILURE;
-}
-static ssize_t
-tls13_quic_wire_write_cb(const void *buf, size_t n, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
-        return TLS13_IO_FAILURE;
-}
-static ssize_t
-tls13_quic_wire_flush_cb(void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        if (!ssl->quic_method->flush_flight(ssl)) {
-                SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
-                return TLS13_IO_FAILURE;
-        }
-        return TLS13_IO_SUCCESS;
-}
-static ssize_t
-tls13_quic_handshake_read_cb(void *buf, size_t n, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        if (ctx->hs->tls13.quic_read_buffer == NULL)
-                return TLS13_IO_WANT_POLLIN;
-        return tls_buffer_read(ctx->hs->tls13.quic_read_buffer, buf, n);
-}
-static ssize_t
-tls13_quic_handshake_write_cb(const void *buf, size_t n, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        if (!ssl->quic_method->add_handshake_data(ssl,
-            ctx->hs->tls13.quic_write_level, buf, n)) {
-                SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
-                return TLS13_IO_FAILURE;
-        }
-        return n;
-}
-static int
-tls13_quic_set_read_traffic_key(struct tls13_secret *read_key,
-    enum ssl_encryption_level_t read_level, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        ctx->hs->tls13.quic_read_level = read_level;
-        /* Handle both the new (BoringSSL) and old (quictls) APIs. */
-        if (ssl->quic_method->set_read_secret != NULL)
-                return ssl->quic_method->set_read_secret(ssl,
-                    ctx->hs->tls13.quic_read_level, ctx->hs->cipher,
-                    read_key->data, read_key->len);
-        if (ssl->quic_method->set_encryption_secrets != NULL)
-                return ssl->quic_method->set_encryption_secrets(ssl,
-                    ctx->hs->tls13.quic_read_level, read_key->data, NULL,
-                    read_key->len);
-        return 0;
-}
-static int
-tls13_quic_set_write_traffic_key(struct tls13_secret *write_key,
-    enum ssl_encryption_level_t write_level, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        ctx->hs->tls13.quic_write_level = write_level;
-        /* Handle both the new (BoringSSL) and old (quictls) APIs. */
-        if (ssl->quic_method->set_write_secret != NULL)
-                return ssl->quic_method->set_write_secret(ssl,
-                    ctx->hs->tls13.quic_write_level, ctx->hs->cipher,
-                    write_key->data, write_key->len);
-        if (ssl->quic_method->set_encryption_secrets != NULL)
-                return ssl->quic_method->set_encryption_secrets(ssl,
-                    ctx->hs->tls13.quic_write_level, NULL, write_key->data,
-                    write_key->len);
-        return 0;
-}
-static int
-tls13_quic_alert_send_cb(int alert_desc, void *arg)
-{
-        struct tls13_ctx *ctx = arg;
-        SSL *ssl = ctx->ssl;
-        uint8_t alert_level = TLS13_ALERT_LEVEL_FATAL;
-        int ret = TLS13_IO_ALERT;
-        if (!ssl->quic_method->send_alert(ssl, ctx->hs->tls13.quic_write_level,
-            alert_desc)) {
-                SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
-                return TLS13_IO_FAILURE;
-        }
-        if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY ||
-            alert_desc == TLS13_ALERT_USER_CANCELED) {
-                alert_level = TLS13_ALERT_LEVEL_WARNING;
-                ret = TLS13_IO_SUCCESS;
-        }
-        tls13_record_layer_alert_sent(ctx->rl, alert_level, alert_desc);
-        return ret;
-}
-static const struct tls13_record_layer_callbacks quic_rl_callbacks = {
-        .wire_read = tls13_quic_wire_read_cb,
-        .wire_write = tls13_quic_wire_write_cb,
-        .wire_flush = tls13_quic_wire_flush_cb,
-        .handshake_read = tls13_quic_handshake_read_cb,
-        .handshake_write = tls13_quic_handshake_write_cb,
-        .set_read_traffic_key = tls13_quic_set_read_traffic_key,
-        .set_write_traffic_key = tls13_quic_set_write_traffic_key,
-        .alert_send = tls13_quic_alert_send_cb,
-        .alert_recv = tls13_alert_received_cb,
-        .alert_sent = tls13_alert_sent_cb,
-        .phh_recv = tls13_phh_received_cb,
-        .phh_sent = tls13_phh_done_cb,
-};
-int
-tls13_quic_init(struct tls13_ctx *ctx)
-{
-        BIO *bio;
-        tls13_record_layer_set_callbacks(ctx->rl, &quic_rl_callbacks, ctx);
-        ctx->middlebox_compat = 0;
-        /*
-         * QUIC does not use BIOs, however we currently expect a BIO to exist
-         * for status handling.
-         */
-        if ((bio = BIO_new(BIO_s_null())) == NULL)
-                return 0;
-        SSL_set_bio(ctx->ssl, bio, bio);
-        bio = NULL;
-        return 1;
-}

diff --git a/src/lib/libssl/tls13_quic.c b/src/lib/libssl/tls13_quic.c deleted file mode 100644 index 656af6fe6b..0000000000 --- a/src/lib/libssl/tls13_quic.c +++ /dev/null
@@ -1,191 +0,0 @@
1	/* $OpenBSD: tls13_quic.c,v 1.8 2024/09/09 03:55:55 tb Exp $ */
2	/*
3	* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
4	*
5	* Permission to use, copy, modify, and distribute this software for any
6	* purpose with or without fee is hereby granted, provided that the above
7	* copyright notice and this permission notice appear in all copies.
8	*
9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	*/
17
18	#include "ssl_local.h"
19	#include "tls13_internal.h"
20
21	static ssize_t
22	tls13_quic_wire_read_cb(void buf, size_t n, void arg)
23	{
24	struct tls13_ctx *ctx = arg;
25	SSL *ssl = ctx->ssl;
26
27	SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
28	return TLS13_IO_FAILURE;
29	}
30
31	static ssize_t
32	tls13_quic_wire_write_cb(const void buf, size_t n, void arg)
33	{
34	struct tls13_ctx *ctx = arg;
35	SSL *ssl = ctx->ssl;
36
37	SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
38	return TLS13_IO_FAILURE;
39	}
40
41	static ssize_t
42	tls13_quic_wire_flush_cb(void *arg)
43	{
44	struct tls13_ctx *ctx = arg;
45	SSL *ssl = ctx->ssl;
46
47	if (!ssl->quic_method->flush_flight(ssl)) {
48	SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
49	return TLS13_IO_FAILURE;
50	}
51
52	return TLS13_IO_SUCCESS;
53	}
54
55	static ssize_t
56	tls13_quic_handshake_read_cb(void buf, size_t n, void arg)
57	{
58	struct tls13_ctx *ctx = arg;
59
60	if (ctx->hs->tls13.quic_read_buffer == NULL)
61	return TLS13_IO_WANT_POLLIN;
62
63	return tls_buffer_read(ctx->hs->tls13.quic_read_buffer, buf, n);
64	}
65
66	static ssize_t
67	tls13_quic_handshake_write_cb(const void buf, size_t n, void arg)
68	{
69	struct tls13_ctx *ctx = arg;
70	SSL *ssl = ctx->ssl;
71
72	if (!ssl->quic_method->add_handshake_data(ssl,
73	ctx->hs->tls13.quic_write_level, buf, n)) {
74	SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
75	return TLS13_IO_FAILURE;
76	}
77
78	return n;
79	}
80
81	static int
82	tls13_quic_set_read_traffic_key(struct tls13_secret *read_key,
83	enum ssl_encryption_level_t read_level, void *arg)
84	{
85	struct tls13_ctx *ctx = arg;
86	SSL *ssl = ctx->ssl;
87
88	ctx->hs->tls13.quic_read_level = read_level;
89
90	/* Handle both the new (BoringSSL) and old (quictls) APIs. */
91
92	if (ssl->quic_method->set_read_secret != NULL)
93	return ssl->quic_method->set_read_secret(ssl,
94	ctx->hs->tls13.quic_read_level, ctx->hs->cipher,
95	read_key->data, read_key->len);
96
97	if (ssl->quic_method->set_encryption_secrets != NULL)
98	return ssl->quic_method->set_encryption_secrets(ssl,
99	ctx->hs->tls13.quic_read_level, read_key->data, NULL,
100	read_key->len);
101
102	return 0;
103	}
104
105	static int
106	tls13_quic_set_write_traffic_key(struct tls13_secret *write_key,
107	enum ssl_encryption_level_t write_level, void *arg)
108	{
109	struct tls13_ctx *ctx = arg;
110	SSL *ssl = ctx->ssl;
111
112	ctx->hs->tls13.quic_write_level = write_level;
113
114	/* Handle both the new (BoringSSL) and old (quictls) APIs. */
115
116	if (ssl->quic_method->set_write_secret != NULL)
117	return ssl->quic_method->set_write_secret(ssl,
118	ctx->hs->tls13.quic_write_level, ctx->hs->cipher,
119	write_key->data, write_key->len);
120
121	if (ssl->quic_method->set_encryption_secrets != NULL)
122	return ssl->quic_method->set_encryption_secrets(ssl,
123	ctx->hs->tls13.quic_write_level, NULL, write_key->data,
124	write_key->len);
125
126	return 0;
127	}
128
129	static int
130	tls13_quic_alert_send_cb(int alert_desc, void *arg)
131	{
132	struct tls13_ctx *ctx = arg;
133	SSL *ssl = ctx->ssl;
134	uint8_t alert_level = TLS13_ALERT_LEVEL_FATAL;
135	int ret = TLS13_IO_ALERT;
136
137	if (!ssl->quic_method->send_alert(ssl, ctx->hs->tls13.quic_write_level,
138	alert_desc)) {
139	SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR);
140	return TLS13_IO_FAILURE;
141	}
142
143	if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY \|\|
144	alert_desc == TLS13_ALERT_USER_CANCELED) {
145	alert_level = TLS13_ALERT_LEVEL_WARNING;
146	ret = TLS13_IO_SUCCESS;
147	}
148
149	tls13_record_layer_alert_sent(ctx->rl, alert_level, alert_desc);
150
151	return ret;
152	}
153
154	static const struct tls13_record_layer_callbacks quic_rl_callbacks = {
155	.wire_read = tls13_quic_wire_read_cb,
156	.wire_write = tls13_quic_wire_write_cb,
157	.wire_flush = tls13_quic_wire_flush_cb,
158
159	.handshake_read = tls13_quic_handshake_read_cb,
160	.handshake_write = tls13_quic_handshake_write_cb,
161	.set_read_traffic_key = tls13_quic_set_read_traffic_key,
162	.set_write_traffic_key = tls13_quic_set_write_traffic_key,
163	.alert_send = tls13_quic_alert_send_cb,
164
165	.alert_recv = tls13_alert_received_cb,
166	.alert_sent = tls13_alert_sent_cb,
167	.phh_recv = tls13_phh_received_cb,
168	.phh_sent = tls13_phh_done_cb,
169	};
170
171	int
172	tls13_quic_init(struct tls13_ctx *ctx)
173	{
174	BIO *bio;
175
176	tls13_record_layer_set_callbacks(ctx->rl, &quic_rl_callbacks, ctx);
177
178	ctx->middlebox_compat = 0;
179
180	/*
181	* QUIC does not use BIOs, however we currently expect a BIO to exist
182	* for status handling.
183	*/
184	if ((bio = BIO_new(BIO_s_null())) == NULL)
185	return 0;
186
187	SSL_set_bio(ctx->ssl, bio, bio);
188	bio = NULL;
189
190	return 1;
191	}