From a3da52a5b3c5fce349d153702bda0b80b0373647 Mon Sep 17 00:00:00 2001 From: jsing Date: Sun, 17 Jul 2022 14:49:01 +0000 Subject: [PATCH] Provide SSL_is_quic() This function will allow code to know if the SSL connection is configured for use with QUIC or not. Also move existing SSL_.*quic.* functions under LIBRESSL_HAS_QUIC to prevent exposing them prematurely. ok beck@ tb@ --- lib/libssl/ssl.h | 6 ++++-- lib/libssl/ssl_lib.c | 8 +++++++- lib/libssl/ssl_locl.h | 5 +++-- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index d475cb24ba2..03e30441e0d 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.220 2022/07/12 14:42:48 kn Exp $ */ +/* $OpenBSD: ssl.h,v 1.221 2022/07/17 14:49:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1576,7 +1576,9 @@ int SSL_get_security_level(const SSL *ssl); void SSL_CTX_set_security_level(SSL_CTX *ctx, int level); int SSL_CTX_get_security_level(const SSL_CTX *ctx); -#ifdef LIBRESSL_INTERNAL +#if defined(LIBRESSL_HAS_QUIC) || defined(LIBRESSL_INTERNAL) +int SSL_is_quic(const SSL *ssl); + /* * SSL_set_quic_transport_params configures |ssl| to send |params| (of length * |params_len|) in the quic_transport_parameters extension in either the diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 2cdcef444c4..860a58ddd15 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.295 2022/07/02 16:31:04 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.296 2022/07/17 14:49:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -3315,6 +3315,12 @@ OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num) ssl_cipher_id_cmp_BSEARCH_CMP_FN); } +int +SSL_is_quic(const SSL *ssl) +{ + return ssl->quic_method != NULL; +} + int SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params, size_t params_len) diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 0dc555f9dbd..a1b36e549af 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.413 2022/07/10 18:40:55 tb Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.414 2022/07/17 14:49:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1066,7 +1066,8 @@ struct ssl_st { */ int version; - const SSL_METHOD *method; /* SSLv3 */ + const SSL_METHOD *method; + const void *quic_method; /* XXX */ /* There are 2 BIO's even though they are normally both the * same. This is so data can be read and written to different -- 2.20.1