diff options
author | John Baldwin <jhb@FreeBSD.org> | 2020-08-31 17:13:17 -0700 |
---|---|---|
committer | Benjamin Kaduk <bkaduk@akamai.com> | 2020-09-05 20:11:50 -0700 |
commit | 7f0f88240e181b6c95d55893cbab55e0765a1d89 (patch) | |
tree | 16ea6d07a37a1cd0bd77b7d32a17d5402d13116c | |
parent | 74eee1bdaa03cfcb3b1df01beff2b6d81a113f58 (diff) |
Slightly abstract ktls_start() to reduce OS-specific #ifdefs.
Instead of passing the length in from the caller, compute the length
to pass to setsockopt() inside of ktls_start(). This isolates the
OS-specific behavior to ktls.h and removes it from the socket BIO
implementations.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12782)
-rw-r--r-- | crypto/bio/bss_conn.c | 8 | ||||
-rw-r--r-- | crypto/bio/bss_sock.c | 8 | ||||
-rw-r--r-- | include/internal/ktls.h | 15 |
3 files changed, 9 insertions, 22 deletions
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 79e31f80bf..e6972efd8d 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -377,7 +377,6 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) long ret = 1; BIO_CONNECT *data; # ifndef OPENSSL_NO_KTLS - size_t crypto_info_len; ktls_crypto_info_t *crypto_info; # endif @@ -542,12 +541,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) # ifndef OPENSSL_NO_KTLS case BIO_CTRL_SET_KTLS: crypto_info = (ktls_crypto_info_t *)ptr; -# ifdef __FreeBSD__ - crypto_info_len = sizeof(*crypto_info); -# else - crypto_info_len = crypto_info->tls_crypto_info_len; -# endif - ret = ktls_start(b->num, crypto_info, crypto_info_len, num); + ret = ktls_start(b->num, crypto_info, num); if (ret) BIO_set_ktls_flag(b, num); break; diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c index 6c6c610b0e..d3eaa6b19e 100644 --- a/crypto/bio/bss_sock.c +++ b/crypto/bio/bss_sock.c @@ -154,7 +154,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr) long ret = 1; int *ip; # ifndef OPENSSL_NO_KTLS - size_t crypto_info_len; ktls_crypto_info_t *crypto_info; # endif @@ -187,12 +186,7 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr) # ifndef OPENSSL_NO_KTLS case BIO_CTRL_SET_KTLS: crypto_info = (ktls_crypto_info_t *)ptr; -# ifdef __FreeBSD__ - crypto_info_len = sizeof(*crypto_info); -# else - crypto_info_len = crypto_info->tls_crypto_info_len; -# endif - ret = ktls_start(b->num, crypto_info, crypto_info_len, num); + ret = ktls_start(b->num, crypto_info, num); if (ret) BIO_set_ktls_flag(b, num); break; diff --git a/include/internal/ktls.h b/include/internal/ktls.h index 5b5e3cb4e4..fd439b5718 100644 --- a/include/internal/ktls.h +++ b/include/internal/ktls.h @@ -66,15 +66,14 @@ static ossl_inline int ktls_enable(int fd) * as using TLS. If successful, then data received for this socket will * be authenticated and decrypted using the tls_en provided here. */ -static ossl_inline int ktls_start(int fd, - void *tls_en, - size_t len, int is_tx) +static ossl_inline int ktls_start(int fd, ktls_crypto_info_t *tls_en, int is_tx) { if (is_tx) return setsockopt(fd, IPPROTO_TCP, TCP_TXTLS_ENABLE, - tls_en, len) ? 0 : 1; + tls_en, sizeof(*tls_en)) ? 0 : 1; # ifndef OPENSSL_NO_KTLS_RX - return setsockopt(fd, IPPROTO_TCP, TCP_RXTLS_ENABLE, tls_en, len) ? 0 : 1; + return setsockopt(fd, IPPROTO_TCP, TCP_RXTLS_ENABLE, tls_en, + sizeof(*tls_en)) ? 0 : 1; # else return 0; # endif @@ -281,11 +280,11 @@ static ossl_inline int ktls_enable(int fd) * If successful, then data received using this socket will be decrypted, * authenticated and decapsulated using the crypto_info provided here. */ -static ossl_inline int ktls_start(int fd, void *crypto_info, - size_t len, int is_tx) +static ossl_inline int ktls_start(int fd, ktls_crypto_info_t *crypto_info, + int is_tx) { return setsockopt(fd, SOL_TLS, is_tx ? TLS_TX : TLS_RX, - crypto_info, len) ? 0 : 1; + crypto_info, crypto_info->tls_crypto_info_len) ? 0 : 1; } /* |