diff options
author | Matt Caswell <matt@openssl.org> | 2023-05-02 13:26:47 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-05-24 12:18:27 +0100 |
commit | 45aac10717479b5c2445e7704cd742b0d754aaa8 (patch) | |
tree | e7c702d752d132ad27e3440d43458ffc9095861c | |
parent | 63dfde87c46f8ad037ad5b5e635e609f4909578e (diff) |
Support trace for QUIC datagrams
Extend SSL_trace so that it knows how to dump information about the
receipt of a QUIC datagram.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
-rw-r--r-- | ssl/quic/build.info | 1 | ||||
-rw-r--r-- | ssl/quic/quic_local.h | 3 | ||||
-rw-r--r-- | ssl/quic/quic_record_rx.c | 9 | ||||
-rw-r--r-- | ssl/quic/quic_trace.c | 35 | ||||
-rw-r--r-- | ssl/t1_trce.c | 15 |
5 files changed, 58 insertions, 5 deletions
diff --git a/ssl/quic/build.info b/ssl/quic/build.info index 2d930a29a2..3a9e2d55af 100644 --- a/ssl/quic/build.info +++ b/ssl/quic/build.info @@ -13,3 +13,4 @@ SOURCE[$LIBSSL]=quic_channel.c SOURCE[$LIBSSL]=quic_tserver.c SOURCE[$LIBSSL]=quic_tls.c SOURCE[$LIBSSL]=quic_thread_assist.c +SOURCE[$LIBSSL]=quic_trace.c diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h index 9cedc947b2..d4088d4b69 100644 --- a/ssl/quic/quic_local.h +++ b/ssl/quic/quic_local.h @@ -218,6 +218,9 @@ void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION *qc, void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc, OSSL_QUIC_FRAME_CONN_CLOSE *f); +int ossl_quic_trace(int write_p, int version, int content_type, + const void *buf, size_t msglen, SSL *ssl, void *arg); + # define OSSL_QUIC_ANY_VERSION 0xFFFFF # define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \ diff --git a/ssl/quic/quic_record_rx.c b/ssl/quic/quic_record_rx.c index 7171896b1d..394050afe6 100644 --- a/ssl/quic/quic_record_rx.c +++ b/ssl/quic/quic_record_rx.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include <openssl/ssl.h> #include "internal/quic_record_rx.h" #include "quic_record_shared.h" #include "internal/common.h" @@ -233,6 +234,10 @@ void ossl_qrx_inject_urxe(OSSL_QRX *qrx, QUIC_URXE *urxe) urxe->hpr_removed = 0; urxe->deferred = 0; ossl_list_urxe_insert_tail(&qrx->urx_pending, urxe); + + if (qrx->msg_callback != NULL) + qrx->msg_callback(0, OSSL_QUIC1_VERSION, SSL3_RT_QUIC_DATAGRAM, urxe + 1, + urxe->data_len, qrx->msg_callback_s, qrx->msg_callback_arg); } static void qrx_on_rx(QUIC_URXE *urxe, void *arg) @@ -988,10 +993,6 @@ static int qrx_process_datagram(OSSL_QRX *qrx, QUIC_URXE *e, if (!PACKET_buf_init(&pkt, data, data_len)) return 0; - if (qrx->msg_callback != NULL) - qrx->msg_callback(0, OSSL_QUIC1_VERSION, SSL3_RT_QUIC_DATAGRAM, data, - data_len, qrx->msg_callback_s, qrx->msg_callback_arg); - for (; PACKET_remaining(&pkt) > 0; ++pkt_idx) { /* * A packet smallest than the minimum possible QUIC packet size is not diff --git a/ssl/quic/quic_trace.c b/ssl/quic/quic_trace.c new file mode 100644 index 0000000000..614167f2cb --- /dev/null +++ b/ssl/quic/quic_trace.c @@ -0,0 +1,35 @@ +/* + * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/bio.h> +#include "../ssl_local.h" + +int ossl_quic_trace(int write_p, int version, int content_type, + const void *buf, size_t msglen, SSL *ssl, void *arg) +{ + BIO *bio = arg; + + switch (content_type) { + case SSL3_RT_QUIC_DATAGRAM: + BIO_puts(bio, write_p ? "Sent" : "Received"); + /* + * Unfortunately there is no way of receiving auxilliary information + * about the datagram through the msg_callback API such as the peer + * address + */ + BIO_printf(bio, " Datagram\n Length: %zu\n", msglen); + break; + + default: + /* Unrecognised content_type. We defer to SSL_trace */ + return 0; + } + + return 1; +} diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 8d66bf51dd..7776a0bea1 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -1702,6 +1702,19 @@ void SSL_trace(int write_p, int version, int content_type, const unsigned char *msg = buf; BIO *bio = arg; SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl); +#ifndef OPENSSL_NO_QUIC + QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl); + + if (qc != NULL) { + if (ossl_quic_trace(write_p, version, content_type, buf, msglen, ssl, + arg)) + return; + /* + * Otherwise ossl_quic_trace didn't handle this content_type so we + * fallback to standard TLS handling + */ + } +#endif if (sc == NULL) return; @@ -1720,7 +1733,7 @@ void SSL_trace(int write_p, int version, int content_type, } hvers = msg[1] << 8 | msg[2]; BIO_puts(bio, write_p ? "Sent" : "Received"); - BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", + BIO_printf(bio, " TLS Record\nHeader:\n Version = %s (0x%x)\n", ssl_trace_str(hvers, ssl_version_tbl), hvers); if (SSL_CONNECTION_IS_DTLS(sc)) { BIO_printf(bio, |