diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2022-07-24 14:28:17 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2022-07-24 14:28:17 +0000 |
| commit | 48a0f815e39246b50b0057a57a37f50a00ef1aed (patch) | |
| tree | 142065d5fbac4405f5868a1999f609b771d2ba04 /lib/libssl/tls13_internal.h | |
| parent | 877818d3b1cf9c00f6263151738de7bc39662820 (diff) | |
Provide record layer callbacks for QUIC.
QUIC uses TLS to complete the handshake, however unlike normal TLS it does
not use the TLS record layer, rather it provides its own transport. This
means that we need to intercept all communication between the TLS handshake
and the record layer. This allows TLS handshake message writes to be
directed to QUIC, likewise for TLS handshake message reads. Alerts also
need to be sent via QUIC, plus it needs to be provided with the traffic
keys that are derived by TLS.
ok tb@
Diffstat (limited to 'lib/libssl/tls13_internal.h')
| -rw-r--r-- | lib/libssl/tls13_internal.h | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index 6382f8b0483..f4b17bdf253 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.100 2022/07/24 14:16:29 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.101 2022/07/24 14:28:16 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck <beck@openbsd.org> * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> @@ -175,9 +175,19 @@ int tls13_update_server_traffic_secret(struct tls13_secrets *secrets); struct tls13_record_layer; struct tls13_record_layer_callbacks { + /* Wire callbacks. */ tls_read_cb wire_read; tls_write_cb wire_write; tls_flush_cb wire_flush; + + /* Interceptors. */ + tls_handshake_read_cb handshake_read; + tls_handshake_write_cb handshake_write; + tls_traffic_key_cb set_read_traffic_key; + tls_traffic_key_cb set_write_traffic_key; + tls_alert_send_cb alert_send; + + /* Notification callbacks. */ tls13_alert_cb alert_recv; tls13_alert_cb alert_sent; tls13_phh_recv_cb phh_recv; @@ -187,6 +197,8 @@ struct tls13_record_layer_callbacks { struct tls13_record_layer *tls13_record_layer_new( const struct tls13_record_layer_callbacks *callbacks, void *cb_arg); void tls13_record_layer_free(struct tls13_record_layer *rl); +void tls13_record_layer_set_callbacks(struct tls13_record_layer *rl, + const struct tls13_record_layer_callbacks *callbacks, void *cb_arg); void tls13_record_layer_allow_ccs(struct tls13_record_layer *rl, int allow); void tls13_record_layer_allow_legacy_alerts(struct tls13_record_layer *rl, int allow); void tls13_record_layer_rcontent(struct tls13_record_layer *rl, CBS *cbs); @@ -297,6 +309,13 @@ void tls13_ctx_free(struct tls13_ctx *ctx); const EVP_AEAD *tls13_cipher_aead(const SSL_CIPHER *cipher); const EVP_MD *tls13_cipher_hash(const SSL_CIPHER *cipher); +void tls13_alert_received_cb(uint8_t alert_desc, void *arg); +void tls13_alert_sent_cb(uint8_t alert_desc, void *arg); +ssize_t tls13_phh_received_cb(void *cb_arg); +void tls13_phh_done_cb(void *cb_arg); + +int tls13_quic_init(struct tls13_ctx *ctx); + /* * Legacy interfaces. */ |