diff options
author | Matt Caswell <matt@openssl.org> | 2022-11-10 16:05:16 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-01-24 17:16:29 +0000 |
commit | bea8d70498c9ad0e2cca3652c748d327be7b841e (patch) | |
tree | 95817d019a017fd36a10a9845a4c669434e7747a /ssl/record | |
parent | e5103dfc1200c2f4a450f8b4ff234ad84342d4b6 (diff) |
Add support for setting a custom TLS Record Layer
This is just an internal API for now. Something like this will be made
public API at some point - but it is likely to be based on the provider
interface rather that a direct setting of a METHOD like we do for now.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/methods/dtls_meth.c | 2 | ||||
-rw-r--r-- | ssl/record/methods/ktls_meth.c | 2 | ||||
-rw-r--r-- | ssl/record/methods/tls_common.c | 2 | ||||
-rw-r--r-- | ssl/record/rec_layer_s3.c | 12 | ||||
-rw-r--r-- | ssl/record/record.h | 4 |
5 files changed, 18 insertions, 4 deletions
diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index 10a898abb4..55e49188cd 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -631,7 +631,7 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, const EVP_MD *md, COMP_METHOD *comp, BIO *prev, BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, - const OSSL_DISPATCH *fns, void *cbarg, + const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) { int ret; diff --git a/ssl/record/methods/ktls_meth.c b/ssl/record/methods/ktls_meth.c index acd94e180a..21f7c41b44 100644 --- a/ssl/record/methods/ktls_meth.c +++ b/ssl/record/methods/ktls_meth.c @@ -409,7 +409,7 @@ ktls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, const EVP_MD *md, COMP_METHOD *comp, BIO *prev, BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, - const OSSL_DISPATCH *fns, void *cbarg, + const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) { int ret; diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 0eddfa7c2f..9fca10c50e 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1331,7 +1331,7 @@ tls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, const EVP_MD *md, COMP_METHOD *comp, BIO *prev, BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, - const OSSL_DISPATCH *fns, void *cbarg, + const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) { int ret; diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index b4435bf020..7fa22bb02b 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1086,10 +1086,20 @@ static const OSSL_DISPATCH rlayer_dispatch[] = { { 0, NULL } }; +void ossl_ssl_set_custom_record_layer(SSL_CONNECTION *s, + const OSSL_RECORD_METHOD *meth, + void *rlarg) +{ + s->rlayer.custom_rlmethod = meth; + s->rlayer.rlarg = rlarg; +} + static const OSSL_RECORD_METHOD *ssl_select_next_record_layer(SSL_CONNECTION *s, int direction, int level) { + if (s->rlayer.custom_rlmethod != NULL) + return s->rlayer.custom_rlmethod; if (level == OSSL_RECORD_PROTECTION_LEVEL_NONE) { if (SSL_CONNECTION_IS_DTLS(s)) @@ -1324,7 +1334,7 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, mackeylen, ciph, taglen, mactype, md, compm, prev, thisbio, next, NULL, NULL, settings, options, rlayer_dispatch_tmp, - s, &newrl); + s, s->rlayer.rlarg, &newrl); BIO_free(prev); switch (rlret) { case OSSL_RECORD_RETURN_FATAL: diff --git a/ssl/record/record.h b/ssl/record/record.h index 419e322f51..e2fdd05f0c 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -74,6 +74,10 @@ typedef struct record_layer_st { /* The parent SSL_CONNECTION structure */ SSL_CONNECTION *s; + /* Custom record layer: always selected if set */ + const OSSL_RECORD_METHOD *custom_rlmethod; + /* Record layer specific argument */ + void *rlarg; /* Method to use for the read record layer*/ const OSSL_RECORD_METHOD *rrlmethod; /* Method to use for the write record layer*/ |