From: jsing Date: Sat, 23 Oct 2021 13:12:14 +0000 (+0000) Subject: Rename tls13_buffer to tls_buffer. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f6184395af2f5b642126a6179ade04cb296eea00;p=openbsd Rename tls13_buffer to tls_buffer. This code will soon be used in the DTLSv1.2 and TLSv1.2 stack. Also introduce tls_internal.h and move/rename the read/write/flush callbacks. ok beck@ tb@ --- diff --git a/lib/libssl/Makefile b/lib/libssl/Makefile index d468308c7ef..82e139911e7 100644 --- a/lib/libssl/Makefile +++ b/lib/libssl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.71 2021/09/04 16:26:12 jsing Exp $ +# $OpenBSD: Makefile,v 1.72 2021/10/23 13:12:14 jsing Exp $ .include .ifndef NOMAN @@ -70,7 +70,6 @@ SRCS= \ tls12_key_schedule.c \ tls12_lib.c \ tls12_record_layer.c \ - tls13_buffer.c \ tls13_client.c \ tls13_error.c \ tls13_handshake.c \ @@ -82,6 +81,7 @@ SRCS= \ tls13_record.c \ tls13_record_layer.c \ tls13_server.c \ + tls_buffer.c \ tls_content.c HDRS= dtls1.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h diff --git a/lib/libssl/tls13_buffer.c b/lib/libssl/tls13_buffer.c deleted file mode 100644 index b46ac65ecfb..00000000000 --- a/lib/libssl/tls13_buffer.c +++ /dev/null @@ -1,135 +0,0 @@ -/* $OpenBSD: tls13_buffer.c,v 1.5 2021/05/16 14:19:04 jsing Exp $ */ -/* - * Copyright (c) 2018, 2019 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include "bytestring.h" -#include "tls13_internal.h" - -struct tls13_buffer { - size_t capacity; - uint8_t *data; - size_t len; - size_t offset; -}; - -static int tls13_buffer_resize(struct tls13_buffer *buf, size_t capacity); - -struct tls13_buffer * -tls13_buffer_new(size_t init_size) -{ - struct tls13_buffer *buf = NULL; - - if ((buf = calloc(1, sizeof(struct tls13_buffer))) == NULL) - goto err; - - if (!tls13_buffer_resize(buf, init_size)) - goto err; - - return buf; - - err: - tls13_buffer_free(buf); - - return NULL; -} - -void -tls13_buffer_free(struct tls13_buffer *buf) -{ - if (buf == NULL) - return; - - freezero(buf->data, buf->capacity); - freezero(buf, sizeof(struct tls13_buffer)); -} - -static int -tls13_buffer_resize(struct tls13_buffer *buf, size_t capacity) -{ - uint8_t *data; - - if (buf->capacity == capacity) - return 1; - - if ((data = recallocarray(buf->data, buf->capacity, capacity, 1)) == NULL) - return 0; - - buf->data = data; - buf->capacity = capacity; - - return 1; -} - -int -tls13_buffer_set_data(struct tls13_buffer *buf, CBS *data) -{ - if (!tls13_buffer_resize(buf, CBS_len(data))) - return 0; - memcpy(buf->data, CBS_data(data), CBS_len(data)); - return 1; -} - -ssize_t -tls13_buffer_extend(struct tls13_buffer *buf, size_t len, - tls13_read_cb read_cb, void *cb_arg) -{ - ssize_t ret; - - if (len == buf->len) - return buf->len; - - if (len < buf->len) - return TLS13_IO_FAILURE; - - if (!tls13_buffer_resize(buf, len)) - return TLS13_IO_FAILURE; - - for (;;) { - if ((ret = read_cb(&buf->data[buf->len], - buf->capacity - buf->len, cb_arg)) <= 0) - return ret; - - if (ret > buf->capacity - buf->len) - return TLS13_IO_FAILURE; - - buf->len += ret; - - if (buf->len == buf->capacity) - return buf->len; - } -} - -void -tls13_buffer_cbs(struct tls13_buffer *buf, CBS *cbs) -{ - CBS_init(cbs, buf->data, buf->len); -} - -int -tls13_buffer_finish(struct tls13_buffer *buf, uint8_t **out, size_t *out_len) -{ - if (out == NULL || out_len == NULL) - return 0; - - *out = buf->data; - *out_len = buf->len; - - buf->capacity = 0; - buf->data = NULL; - buf->len = 0; - - return 1; -} diff --git a/lib/libssl/tls13_handshake_msg.c b/lib/libssl/tls13_handshake_msg.c index ff6d6d7e195..67eab3152fb 100644 --- a/lib/libssl/tls13_handshake_msg.c +++ b/lib/libssl/tls13_handshake_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake_msg.c,v 1.3 2021/05/16 14:19:04 jsing Exp $ */ +/* $OpenBSD: tls13_handshake_msg.c,v 1.4 2021/10/23 13:12:14 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -28,7 +28,7 @@ struct tls13_handshake_msg { uint8_t *data; size_t data_len; - struct tls13_buffer *buf; + struct tls_buffer *buf; CBS cbs; CBB cbb; }; @@ -40,7 +40,7 @@ tls13_handshake_msg_new() if ((msg = calloc(1, sizeof(struct tls13_handshake_msg))) == NULL) goto err; - if ((msg->buf = tls13_buffer_new(0)) == NULL) + if ((msg->buf = tls_buffer_new(0)) == NULL) goto err; return msg; @@ -57,7 +57,7 @@ tls13_handshake_msg_free(struct tls13_handshake_msg *msg) if (msg == NULL) return; - tls13_buffer_free(msg->buf); + tls_buffer_free(msg->buf); CBB_cleanup(&msg->cbb); @@ -74,7 +74,7 @@ tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs) int tls13_handshake_msg_set_buffer(struct tls13_handshake_msg *msg, CBS *cbs) { - return tls13_buffer_set_data(msg->buf, cbs); + return tls_buffer_set_data(msg->buf, cbs); } uint8_t @@ -137,12 +137,12 @@ tls13_handshake_msg_recv(struct tls13_handshake_msg *msg, return TLS13_IO_FAILURE; if (msg->msg_type == 0) { - if ((ret = tls13_buffer_extend(msg->buf, + if ((ret = tls_buffer_extend(msg->buf, TLS13_HANDSHAKE_MSG_HEADER_LEN, tls13_handshake_msg_read_cb, rl)) <= 0) return ret; - tls13_buffer_cbs(msg->buf, &cbs); + tls_buffer_cbs(msg->buf, &cbs); if (!CBS_get_u8(&cbs, &msg_type)) return TLS13_IO_FAILURE; @@ -157,12 +157,12 @@ tls13_handshake_msg_recv(struct tls13_handshake_msg *msg, msg->msg_len = msg_len; } - if ((ret = tls13_buffer_extend(msg->buf, + if ((ret = tls_buffer_extend(msg->buf, TLS13_HANDSHAKE_MSG_HEADER_LEN + msg->msg_len, tls13_handshake_msg_read_cb, rl)) <= 0) return ret; - if (!tls13_buffer_finish(msg->buf, &msg->data, &msg->data_len)) + if (!tls_buffer_finish(msg->buf, &msg->data, &msg->data_len)) return TLS13_IO_FAILURE; return TLS13_IO_SUCCESS; diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index 20cb52ebdd1..7e3b081966d 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.94 2021/09/16 19:25:30 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.95 2021/10/23 13:12:14 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck * Copyright (c) 2018 Theo Buehler @@ -24,6 +24,7 @@ #include #include "bytestring.h" +#include "tls_internal.h" __BEGIN_HIDDEN_DECLS @@ -89,28 +90,10 @@ __BEGIN_HIDDEN_DECLS typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg); typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg, CBS *_cbs); typedef void (*tls13_phh_sent_cb)(void *_cb_arg); -typedef ssize_t (*tls13_read_cb)(void *_buf, size_t _buflen, void *_cb_arg); -typedef ssize_t (*tls13_write_cb)(const void *_buf, size_t _buflen, - void *_cb_arg); -typedef ssize_t (*tls13_flush_cb)(void *_cb_arg); typedef void (*tls13_handshake_message_cb)(void *_cb_arg); typedef void (*tls13_info_cb)(void *_cb_arg, int _state, int _ret); typedef int (*tls13_ocsp_status_cb)(void *_cb_arg); -/* - * Buffers. - */ -struct tls13_buffer; - -struct tls13_buffer *tls13_buffer_new(size_t init_size); -int tls13_buffer_set_data(struct tls13_buffer *buf, CBS *data); -void tls13_buffer_free(struct tls13_buffer *buf); -ssize_t tls13_buffer_extend(struct tls13_buffer *buf, size_t len, - tls13_read_cb read_cb, void *cb_arg); -void tls13_buffer_cbs(struct tls13_buffer *buf, CBS *cbs); -int tls13_buffer_finish(struct tls13_buffer *buf, uint8_t **out, - size_t *out_len); - /* * Secrets. */ @@ -199,9 +182,9 @@ int tls13_key_share_derive(struct tls13_key_share *ks, uint8_t **shared_key, struct tls13_record_layer; struct tls13_record_layer_callbacks { - tls13_read_cb wire_read; - tls13_write_cb wire_write; - tls13_flush_cb wire_flush; + tls_read_cb wire_read; + tls_write_cb wire_write; + tls_flush_cb wire_flush; tls13_alert_cb alert_recv; tls13_alert_cb alert_sent; tls13_phh_recv_cb phh_recv; diff --git a/lib/libssl/tls13_record.c b/lib/libssl/tls13_record.c index 3bdaead5a7e..2c744668e5b 100644 --- a/lib/libssl/tls13_record.c +++ b/lib/libssl/tls13_record.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record.c,v 1.8 2021/05/16 14:19:04 jsing Exp $ */ +/* $OpenBSD: tls13_record.c,v 1.9 2021/10/23 13:12:14 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -26,7 +26,7 @@ struct tls13_record { size_t data_len; CBS cbs; - struct tls13_buffer *buf; + struct tls_buffer *buf; }; struct tls13_record * @@ -36,7 +36,7 @@ tls13_record_new(void) if ((rec = calloc(1, sizeof(struct tls13_record))) == NULL) goto err; - if ((rec->buf = tls13_buffer_new(TLS13_RECORD_MAX_LEN)) == NULL) + if ((rec->buf = tls_buffer_new(TLS13_RECORD_MAX_LEN)) == NULL) goto err; return rec; @@ -53,7 +53,7 @@ tls13_record_free(struct tls13_record *rec) if (rec == NULL) return; - tls13_buffer_free(rec->buf); + tls_buffer_free(rec->buf); freezero(rec->data, rec->data_len); freezero(rec, sizeof(struct tls13_record)); @@ -118,7 +118,7 @@ tls13_record_set_data(struct tls13_record *rec, uint8_t *data, size_t data_len) } ssize_t -tls13_record_recv(struct tls13_record *rec, tls13_read_cb wire_read, +tls13_record_recv(struct tls13_record *rec, tls_read_cb wire_read, void *wire_arg) { uint16_t rec_len, rec_version; @@ -130,11 +130,11 @@ tls13_record_recv(struct tls13_record *rec, tls13_read_cb wire_read, return TLS13_IO_FAILURE; if (rec->content_type == 0) { - if ((ret = tls13_buffer_extend(rec->buf, + if ((ret = tls_buffer_extend(rec->buf, TLS13_RECORD_HEADER_LEN, wire_read, wire_arg)) <= 0) return ret; - tls13_buffer_cbs(rec->buf, &cbs); + tls_buffer_cbs(rec->buf, &cbs); if (!CBS_get_u8(&cbs, &content_type)) return TLS13_IO_FAILURE; @@ -153,18 +153,18 @@ tls13_record_recv(struct tls13_record *rec, tls13_read_cb wire_read, rec->rec_len = rec_len; } - if ((ret = tls13_buffer_extend(rec->buf, + if ((ret = tls_buffer_extend(rec->buf, TLS13_RECORD_HEADER_LEN + rec->rec_len, wire_read, wire_arg)) <= 0) return ret; - if (!tls13_buffer_finish(rec->buf, &rec->data, &rec->data_len)) + if (!tls_buffer_finish(rec->buf, &rec->data, &rec->data_len)) return TLS13_IO_FAILURE; return rec->data_len; } ssize_t -tls13_record_send(struct tls13_record *rec, tls13_write_cb wire_write, +tls13_record_send(struct tls13_record *rec, tls_write_cb wire_write, void *wire_arg) { ssize_t ret; diff --git a/lib/libssl/tls13_record.h b/lib/libssl/tls13_record.h index 4b7ac4f8dcd..18e4fa1aba7 100644 --- a/lib/libssl/tls13_record.h +++ b/lib/libssl/tls13_record.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record.h,v 1.4 2021/05/16 14:20:29 jsing Exp $ */ +/* $OpenBSD: tls13_record.h,v 1.5 2021/10/23 13:12:14 jsing Exp $ */ /* * Copyright (c) 2019 Joel Sing * @@ -56,9 +56,9 @@ int tls13_record_content(struct tls13_record *_rec, CBS *_cbs); void tls13_record_data(struct tls13_record *_rec, CBS *_cbs); int tls13_record_set_data(struct tls13_record *_rec, uint8_t *_data, size_t _data_len); -ssize_t tls13_record_recv(struct tls13_record *_rec, tls13_read_cb _wire_read, +ssize_t tls13_record_recv(struct tls13_record *_rec, tls_read_cb _wire_read, void *_wire_arg); -ssize_t tls13_record_send(struct tls13_record *_rec, tls13_write_cb _wire_write, +ssize_t tls13_record_send(struct tls13_record *_rec, tls_write_cb _wire_write, void *_wire_arg); __END_HIDDEN_DECLS diff --git a/lib/libssl/tls_buffer.c b/lib/libssl/tls_buffer.c new file mode 100644 index 00000000000..5c0ca7e40eb --- /dev/null +++ b/lib/libssl/tls_buffer.c @@ -0,0 +1,138 @@ +/* $OpenBSD: tls_buffer.c,v 1.1 2021/10/23 13:12:14 jsing Exp $ */ +/* + * Copyright (c) 2018, 2019 Joel Sing + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include + +#include "bytestring.h" +#include "tls_internal.h" + +struct tls_buffer { + size_t capacity; + uint8_t *data; + size_t len; + size_t offset; +}; + +static int tls_buffer_resize(struct tls_buffer *buf, size_t capacity); + +struct tls_buffer * +tls_buffer_new(size_t init_size) +{ + struct tls_buffer *buf = NULL; + + if ((buf = calloc(1, sizeof(struct tls_buffer))) == NULL) + goto err; + + if (!tls_buffer_resize(buf, init_size)) + goto err; + + return buf; + + err: + tls_buffer_free(buf); + + return NULL; +} + +void +tls_buffer_free(struct tls_buffer *buf) +{ + if (buf == NULL) + return; + + freezero(buf->data, buf->capacity); + freezero(buf, sizeof(struct tls_buffer)); +} + +static int +tls_buffer_resize(struct tls_buffer *buf, size_t capacity) +{ + uint8_t *data; + + if (buf->capacity == capacity) + return 1; + + if ((data = recallocarray(buf->data, buf->capacity, capacity, 1)) == NULL) + return 0; + + buf->data = data; + buf->capacity = capacity; + + return 1; +} + +int +tls_buffer_set_data(struct tls_buffer *buf, CBS *data) +{ + if (!tls_buffer_resize(buf, CBS_len(data))) + return 0; + memcpy(buf->data, CBS_data(data), CBS_len(data)); + return 1; +} + +ssize_t +tls_buffer_extend(struct tls_buffer *buf, size_t len, + tls_read_cb read_cb, void *cb_arg) +{ + ssize_t ret; + + if (len == buf->len) + return buf->len; + + if (len < buf->len) + return TLS_IO_FAILURE; + + if (!tls_buffer_resize(buf, len)) + return TLS_IO_FAILURE; + + for (;;) { + if ((ret = read_cb(&buf->data[buf->len], + buf->capacity - buf->len, cb_arg)) <= 0) + return ret; + + if (ret > buf->capacity - buf->len) + return TLS_IO_FAILURE; + + buf->len += ret; + + if (buf->len == buf->capacity) + return buf->len; + } +} + +void +tls_buffer_cbs(struct tls_buffer *buf, CBS *cbs) +{ + CBS_init(cbs, buf->data, buf->len); +} + +int +tls_buffer_finish(struct tls_buffer *buf, uint8_t **out, size_t *out_len) +{ + if (out == NULL || out_len == NULL) + return 0; + + *out = buf->data; + *out_len = buf->len; + + buf->capacity = 0; + buf->data = NULL; + buf->len = 0; + + return 1; +} diff --git a/lib/libssl/tls_internal.h b/lib/libssl/tls_internal.h new file mode 100644 index 00000000000..10af32efdda --- /dev/null +++ b/lib/libssl/tls_internal.h @@ -0,0 +1,56 @@ +/* $OpenBSD: tls_internal.h,v 1.1 2021/10/23 13:12:14 jsing Exp $ */ +/* + * Copyright (c) 2018, 2019, 2021 Joel Sing + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef HEADER_TLS_INTERNAL_H +#define HEADER_TLS_INTERNAL_H + +#include "bytestring.h" + +__BEGIN_HIDDEN_DECLS + +#define TLS_IO_SUCCESS 1 +#define TLS_IO_EOF 0 +#define TLS_IO_FAILURE -1 +#define TLS_IO_ALERT -2 +#define TLS_IO_WANT_POLLIN -3 +#define TLS_IO_WANT_POLLOUT -4 +#define TLS_IO_WANT_RETRY -5 /* Retry the previous call immediately. */ + +/* + * Callbacks. + */ +typedef ssize_t (*tls_read_cb)(void *_buf, size_t _buflen, void *_cb_arg); +typedef ssize_t (*tls_write_cb)(const void *_buf, size_t _buflen, + void *_cb_arg); +typedef ssize_t (*tls_flush_cb)(void *_cb_arg); + +/* + * Buffers. + */ +struct tls_buffer; + +struct tls_buffer *tls_buffer_new(size_t init_size); +int tls_buffer_set_data(struct tls_buffer *buf, CBS *data); +void tls_buffer_free(struct tls_buffer *buf); +ssize_t tls_buffer_extend(struct tls_buffer *buf, size_t len, + tls_read_cb read_cb, void *cb_arg); +void tls_buffer_cbs(struct tls_buffer *buf, CBS *cbs); +int tls_buffer_finish(struct tls_buffer *buf, uint8_t **out, size_t *out_len); + +__END_HIDDEN_DECLS + +#endif