Move legacy stack interfacing functions into tls13_legacy.c.

No functional change.

ok inoguchi@ tb@

4 files changed, 206 insertions, 199 deletions

diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c
index 5bd7681f190..79318d93135 100644
--- a/lib/libssl/tls13_client.c
+++ b/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.53 2020/04/28 20:30:40 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.54 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -24,7 +24,7 @@
 #include "tls13_handshake.h"
 #include "tls13_internal.h"
 
-static int
+int
 tls13_client_init(struct tls13_ctx *ctx)
 {
 	const uint16_t *groups;
@@ -71,8 +71,8 @@ tls13_client_init(struct tls13_ctx *ctx)
 	return 1;
 }
 
-static int
-tls13_connect(struct tls13_ctx *ctx)
+int
+tls13_client_connect(struct tls13_ctx *ctx)
 {
 	if (ctx->mode != TLS13_HS_CLIENT)
 		return TLS13_IO_FAILURE;
@@ -80,104 +80,6 @@ tls13_connect(struct tls13_ctx *ctx)
 	return tls13_handshake_perform(ctx);
 }
 
-int
-tls13_legacy_connect(SSL *ssl)
-{
-	struct tls13_ctx *ctx = ssl->internal->tls13;
-	int ret;
-
-#ifdef TLS13_USE_LEGACY_CLIENT_AUTH
-	/* XXX drop back to legacy for client auth for now */
-	if (ssl->cert->key->privatekey != NULL) {
-		ssl->method = tls_legacy_client_method();
-		return ssl->method->internal->ssl_connect(ssl);
-	}
-#endif
-
-	if (ctx == NULL) {
-		if ((ctx = tls13_ctx_new(TLS13_HS_CLIENT)) == NULL) {
-			SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-			return -1;
-		}
-		ssl->internal->tls13 = ctx;
-		ctx->ssl = ssl;
-		ctx->hs = &S3I(ssl)->hs_tls13;
-
-		if (!tls13_client_init(ctx)) {
-			if (ERR_peek_error() == 0)
-				SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-			return -1;
-		}
-	}
-
-	ERR_clear_error();
-	S3I(ssl)->hs.state = SSL_ST_CONNECT;
-
-	ret = tls13_connect(ctx);
-	if (ret == TLS13_IO_USE_LEGACY)
-		return ssl->method->internal->ssl_connect(ssl);
-	if (ret == TLS13_IO_SUCCESS)
-		S3I(ssl)->hs.state = SSL_ST_OK;
-
-	return tls13_legacy_return_code(ssl, ret);
-}
-
-int
-tls13_use_legacy_client(struct tls13_ctx *ctx)
-{
-	SSL *s = ctx->ssl;
-	CBS cbs;
-
-	s->method = tls_legacy_client_method();
-	s->internal->handshake_func = s->method->internal->ssl_connect;
-	s->client_version = s->version = s->method->internal->max_version;
-
-	if (!ssl3_setup_init_buffer(s))
-		goto err;
-	if (!ssl3_setup_buffers(s))
-		goto err;
-	if (!ssl_init_wbio_buffer(s, 0))
-		goto err;
-
-	if (s->bbio != s->wbio)
-		s->wbio = BIO_push(s->bbio, s->wbio);
-
-	/* Stash any unprocessed data from the last record. */
-	tls13_record_layer_rbuf(ctx->rl, &cbs);
-	if (CBS_len(&cbs) > 0) {
-		if (!CBS_write_bytes(&cbs,
-		    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
-		    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
-			goto err;
-
-		S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
-		S3I(s)->rbuf.left = CBS_len(&cbs);
-		S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
-		S3I(s)->rrec.length = CBS_len(&cbs);
-		s->internal->rstate = SSL_ST_READ_BODY;
-		s->internal->packet = S3I(s)->rbuf.buf;
-		s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
-		s->internal->mac_packet = 1;
-	}
-
-	/* Stash the current handshake message. */
-	tls13_handshake_msg_data(ctx->hs_msg, &cbs);
-	if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
-	    s->internal->init_buf->length, NULL))
-		goto err;
-
-	S3I(s)->tmp.reuse_message = 1;
-	S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
-	S3I(s)->tmp.message_size = CBS_len(&cbs);
-
-	S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
-
-	return 1;
-
- err:
-	return 0;
-}
-
 static int
 tls13_client_hello_build(struct tls13_ctx *ctx, CBB *cbb)
 {
diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h
index d711f1a58dc..d53672dbfe5 100644
--- a/lib/libssl/tls13_internal.h
+++ b/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.66 2020/04/28 20:30:40 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.67 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -250,6 +250,8 @@ const EVP_MD *tls13_cipher_hash(const SSL_CIPHER *cipher);
 /*
  * Legacy interfaces.
  */
+int tls13_use_legacy_client(struct tls13_ctx *ctx);
+int tls13_use_legacy_server(struct tls13_ctx *ctx);
 int tls13_legacy_accept(SSL *ssl);
 int tls13_legacy_connect(SSL *ssl);
 int tls13_legacy_return_code(SSL *ssl, ssize_t ret);
@@ -292,6 +294,11 @@ int tls13_legacy_shutdown(SSL *ssl);
 int tls13_handshake_msg_record(struct tls13_ctx *ctx);
 int tls13_handshake_perform(struct tls13_ctx *ctx);
 
+int tls13_client_init(struct tls13_ctx *ctx);
+int tls13_server_init(struct tls13_ctx *ctx);
+int tls13_client_connect(struct tls13_ctx *ctx);
+int tls13_server_accept(struct tls13_ctx *ctx);
+
 int tls13_client_hello_send(struct tls13_ctx *ctx, CBB *cbb);
 int tls13_client_hello_sent(struct tls13_ctx *ctx);
 int tls13_client_hello_recv(struct tls13_ctx *ctx, CBS *cbs);
diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c
index 747bdc2728e..1e18a8258c3 100644
--- a/lib/libssl/tls13_legacy.c
+++ b/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_legacy.c,v 1.2 2020/03/10 17:02:21 jsing Exp $ */
+/*	$OpenBSD: tls13_legacy.c,v 1.3 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -277,6 +277,195 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *vbuf, int len)
 }
 
 int
+tls13_use_legacy_client(struct tls13_ctx *ctx)
+{
+	SSL *s = ctx->ssl;
+	CBS cbs;
+
+	s->method = tls_legacy_client_method();
+	s->internal->handshake_func = s->method->internal->ssl_connect;
+	s->client_version = s->version = s->method->internal->max_version;
+
+	if (!ssl3_setup_init_buffer(s))
+		goto err;
+	if (!ssl3_setup_buffers(s))
+		goto err;
+	if (!ssl_init_wbio_buffer(s, 0))
+		goto err;
+
+	if (s->bbio != s->wbio)
+		s->wbio = BIO_push(s->bbio, s->wbio);
+
+	/* Stash any unprocessed data from the last record. */
+	tls13_record_layer_rbuf(ctx->rl, &cbs);
+	if (CBS_len(&cbs) > 0) {
+		if (!CBS_write_bytes(&cbs,
+		    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
+		    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
+			goto err;
+
+		S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
+		S3I(s)->rbuf.left = CBS_len(&cbs);
+		S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
+		S3I(s)->rrec.length = CBS_len(&cbs);
+		s->internal->rstate = SSL_ST_READ_BODY;
+		s->internal->packet = S3I(s)->rbuf.buf;
+		s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+		s->internal->mac_packet = 1;
+	}
+
+	/* Stash the current handshake message. */
+	tls13_handshake_msg_data(ctx->hs_msg, &cbs);
+	if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+	    s->internal->init_buf->length, NULL))
+		goto err;
+
+	S3I(s)->tmp.reuse_message = 1;
+	S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
+	S3I(s)->tmp.message_size = CBS_len(&cbs);
+
+	S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
+
+	return 1;
+
+ err:
+	return 0;
+}
+
+int
+tls13_use_legacy_server(struct tls13_ctx *ctx)
+{
+	SSL *s = ctx->ssl;
+	CBS cbs;
+
+	s->method = tls_legacy_server_method();
+	s->internal->handshake_func = s->method->internal->ssl_accept;
+	s->client_version = s->version = s->method->internal->max_version;
+	s->server = 1;
+
+	if (!ssl3_setup_init_buffer(s))
+		goto err;
+	if (!ssl3_setup_buffers(s))
+		goto err;
+	if (!ssl_init_wbio_buffer(s, 0))
+		goto err;
+
+	if (s->bbio != s->wbio)
+		s->wbio = BIO_push(s->bbio, s->wbio);
+
+	/* Stash any unprocessed data from the last record. */
+	tls13_record_layer_rbuf(ctx->rl, &cbs);
+	if (CBS_len(&cbs) > 0) {
+		if (!CBS_write_bytes(&cbs,
+		    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
+		    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
+			goto err;
+
+		S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
+		S3I(s)->rbuf.left = CBS_len(&cbs);
+		S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
+		S3I(s)->rrec.length = CBS_len(&cbs);
+		s->internal->rstate = SSL_ST_READ_BODY;
+		s->internal->packet = S3I(s)->rbuf.buf;
+		s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+		s->internal->mac_packet = 1;
+	}
+
+	/* Stash the current handshake message. */
+	tls13_handshake_msg_data(ctx->hs_msg, &cbs);
+	if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+	    s->internal->init_buf->length, NULL))
+		goto err;
+
+	S3I(s)->tmp.reuse_message = 1;
+	S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
+	S3I(s)->tmp.message_size = CBS_len(&cbs);
+
+	S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
+
+	return 1;
+
+ err:
+	return 0;
+}
+
+int
+tls13_legacy_accept(SSL *ssl)
+{
+	struct tls13_ctx *ctx = ssl->internal->tls13;
+	int ret;
+
+	if (ctx == NULL) {
+		if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) {
+			SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+			return -1;
+		}
+		ssl->internal->tls13 = ctx;
+		ctx->ssl = ssl;
+		ctx->hs = &S3I(ssl)->hs_tls13;
+
+		if (!tls13_server_init(ctx)) {
+			if (ERR_peek_error() == 0)
+				SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+			return -1;
+		}
+	}
+
+	ERR_clear_error();
+	S3I(ssl)->hs.state = SSL_ST_ACCEPT;
+
+	ret = tls13_server_accept(ctx);
+	if (ret == TLS13_IO_USE_LEGACY)
+		return ssl->method->internal->ssl_accept(ssl);
+	if (ret == TLS13_IO_SUCCESS)
+		S3I(ssl)->hs.state = SSL_ST_OK;
+
+	return tls13_legacy_return_code(ssl, ret);
+}
+
+int
+tls13_legacy_connect(SSL *ssl)
+{
+	struct tls13_ctx *ctx = ssl->internal->tls13;
+	int ret;
+
+#ifdef TLS13_USE_LEGACY_CLIENT_AUTH
+	/* XXX drop back to legacy for client auth for now */
+	if (ssl->cert->key->privatekey != NULL) {
+		ssl->method = tls_legacy_client_method();
+		return ssl->method->internal->ssl_connect(ssl);
+	}
+#endif
+
+	if (ctx == NULL) {
+		if ((ctx = tls13_ctx_new(TLS13_HS_CLIENT)) == NULL) {
+			SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+			return -1;
+		}
+		ssl->internal->tls13 = ctx;
+		ctx->ssl = ssl;
+		ctx->hs = &S3I(ssl)->hs_tls13;
+
+		if (!tls13_client_init(ctx)) {
+			if (ERR_peek_error() == 0)
+				SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+			return -1;
+		}
+	}
+
+	ERR_clear_error();
+	S3I(ssl)->hs.state = SSL_ST_CONNECT;
+
+	ret = tls13_client_connect(ctx);
+	if (ret == TLS13_IO_USE_LEGACY)
+		return ssl->method->internal->ssl_connect(ssl);
+	if (ret == TLS13_IO_SUCCESS)
+		S3I(ssl)->hs.state = SSL_ST_OK;
+
+	return tls13_legacy_return_code(ssl, ret);
+}
+
+int
 tls13_legacy_shutdown(SSL *ssl)
 {
 	struct tls13_ctx *ctx = ssl->internal->tls13;
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c
index 864e434fda0..4fa1aba31de 100644
--- a/lib/libssl/tls13_server.c
+++ b/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.33 2020/04/27 20:15:17 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -22,7 +22,7 @@
 #include "tls13_handshake.h"
 #include "tls13_internal.h"
 
-static int
+int
 tls13_server_init(struct tls13_ctx *ctx)
 {
 	SSL *s = ctx->ssl;
@@ -45,8 +45,8 @@ tls13_server_init(struct tls13_ctx *ctx)
 	return 1;
 }
 
-static int
-tls13_accept(struct tls13_ctx *ctx)
+int
+tls13_server_accept(struct tls13_ctx *ctx)
 {
 	if (ctx->mode != TLS13_HS_SERVER)
 		return TLS13_IO_FAILURE;
@@ -54,97 +54,6 @@ tls13_accept(struct tls13_ctx *ctx)
 	return tls13_handshake_perform(ctx);
 }
 
-int
-tls13_legacy_accept(SSL *ssl)
-{
-	struct tls13_ctx *ctx = ssl->internal->tls13;
-	int ret;
-
-	if (ctx == NULL) {
-		if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) {
-			SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-			return -1;
-		}
-		ssl->internal->tls13 = ctx;
-		ctx->ssl = ssl;
-		ctx->hs = &S3I(ssl)->hs_tls13;
-
-		if (!tls13_server_init(ctx)) {
-			if (ERR_peek_error() == 0)
-				SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
-			return -1;
-		}
-	}
-
-	ERR_clear_error();
-	S3I(ssl)->hs.state = SSL_ST_ACCEPT;
-
-	ret = tls13_accept(ctx);
-	if (ret == TLS13_IO_USE_LEGACY)
-		return ssl->method->internal->ssl_accept(ssl);
-	if (ret == TLS13_IO_SUCCESS)
-		S3I(ssl)->hs.state = SSL_ST_OK;
-
-	return tls13_legacy_return_code(ssl, ret);
-}
-
-int
-tls13_use_legacy_server(struct tls13_ctx *ctx)
-{
-	SSL *s = ctx->ssl;
-	CBS cbs;
-
-	s->method = tls_legacy_server_method();
-	s->internal->handshake_func = s->method->internal->ssl_accept;
-	s->client_version = s->version = s->method->internal->max_version;
-	s->server = 1;
-
-	if (!ssl3_setup_init_buffer(s))
-		goto err;
-	if (!ssl3_setup_buffers(s))
-		goto err;
-	if (!ssl_init_wbio_buffer(s, 0))
-		goto err;
-
-	if (s->bbio != s->wbio)
-		s->wbio = BIO_push(s->bbio, s->wbio);
-
-	/* Stash any unprocessed data from the last record. */
-	tls13_record_layer_rbuf(ctx->rl, &cbs);
-	if (CBS_len(&cbs) > 0) {
-		if (!CBS_write_bytes(&cbs,
-		    S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
-		    S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
-			goto err;
-
-		S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
-		S3I(s)->rbuf.left = CBS_len(&cbs);
-		S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
-		S3I(s)->rrec.length = CBS_len(&cbs);
-		s->internal->rstate = SSL_ST_READ_BODY;
-		s->internal->packet = S3I(s)->rbuf.buf;
-		s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
-		s->internal->mac_packet = 1;
-	}
-
-	/* Stash the current handshake message. */
-	tls13_handshake_msg_data(ctx->hs_msg, &cbs);
-	if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
-	    s->internal->init_buf->length, NULL))
-		goto err;
-
-	S3I(s)->tmp.reuse_message = 1;
-	S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
-	S3I(s)->tmp.message_size = CBS_len(&cbs);
-
-	S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
-
-	return 1;
-
- err:
-	return 0;
-}
-
 static int
 tls13_client_hello_is_legacy(CBS *cbs)
 {