diff options
author | Matt Caswell <matt@openssl.org> | 2023-05-05 16:51:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-05-24 12:18:33 +0100 |
commit | e8528c95a0543a218b432d2ea02e6bd0c1e7ab19 (patch) | |
tree | 9c71c34078cf44e9534a03889330014081f61927 /ssl | |
parent | 45454cccf8172b5a2d7c1342067a1d8dc8396fc9 (diff) |
Enable tracing of packets that have been sent
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/quic/quic_channel.c | 6 | ||||
-rw-r--r-- | ssl/quic/quic_record_rx.c | 13 | ||||
-rw-r--r-- | ssl/quic/quic_record_tx.c | 19 | ||||
-rw-r--r-- | ssl/quic/quic_trace.c | 2 | ||||
-rw-r--r-- | ssl/quic/quic_wire_pkt.c | 19 |
5 files changed, 42 insertions, 17 deletions
diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index cb24bd0c1a..76546e2bd3 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -130,6 +130,10 @@ static int ch_init(QUIC_CHANNEL *ch) /* We plug in a network write BIO to the QTX later when we get one. */ qtx_args.libctx = ch->libctx; qtx_args.mdpl = QUIC_MIN_INITIAL_DGRAM_LEN; + /* Callback related arguments */ + qtx_args.msg_callback = ch->msg_callback; + qtx_args.msg_callback_arg = ch->msg_callback_arg; + qtx_args.msg_callback_s = ch->msg_callback_s; ch->rx_max_udp_payload_size = qtx_args.mdpl; ch->qtx = ossl_qtx_new(&qtx_args); @@ -1602,7 +1606,7 @@ static void ch_default_packet_handler(QUIC_URXE *e, void *arg) * operation to fail if we get a 1-RTT packet. This is fine since we only * care about Initial packets. */ - if (!ossl_quic_wire_decode_pkt_hdr(&pkt, SIZE_MAX, 1, &hdr, NULL)) + if (!ossl_quic_wire_decode_pkt_hdr(&pkt, SIZE_MAX, 1, 0, &hdr, NULL)) goto undesirable; switch (hdr.version) { diff --git a/ssl/quic/quic_record_rx.c b/ssl/quic/quic_record_rx.c index 40c76a6bc1..266dee9d31 100644 --- a/ssl/quic/quic_record_rx.c +++ b/ssl/quic/quic_record_rx.c @@ -726,7 +726,7 @@ static int qrx_process_pkt(OSSL_QRX *qrx, QUIC_URXE *urxe, need_second_decode = !pkt_is_marked(&urxe->hpr_removed, pkt_idx); if (!ossl_quic_wire_decode_pkt_hdr(pkt, qrx->short_conn_id_len, - need_second_decode, &rxe->hdr, &ptrs)) + need_second_decode, 0, &rxe->hdr, &ptrs)) goto malformed; /* @@ -838,18 +838,19 @@ static int qrx_process_pkt(OSSL_QRX *qrx, QUIC_URXE *urxe, /* Decode the now unprotected header. */ if (ossl_quic_wire_decode_pkt_hdr(pkt, qrx->short_conn_id_len, - 0, &rxe->hdr, NULL) != 1) + 0, 0, &rxe->hdr, NULL) != 1) goto malformed; - - if (qrx->msg_callback != NULL) - qrx->msg_callback(0, OSSL_QUIC1_VERSION, SSL3_RT_QUIC_PACKET, sop, - eop - sop, qrx->msg_callback_s, qrx->msg_callback_arg); } /* Validate header and decode PN. */ if (!qrx_validate_hdr(qrx, rxe)) goto malformed; + if (qrx->msg_callback != NULL) + qrx->msg_callback(0, OSSL_QUIC1_VERSION, SSL3_RT_QUIC_PACKET, sop, + eop - sop - rxe->hdr.len, qrx->msg_callback_s, + qrx->msg_callback_arg); + /* * The AAD data is the entire (unprotected) packet header including the PN. * The packet header has been unprotected in place, so we can just reuse the diff --git a/ssl/quic/quic_record_tx.c b/ssl/quic/quic_record_tx.c index 28ebc436bb..9040f2f904 100644 --- a/ssl/quic/quic_record_tx.c +++ b/ssl/quic/quic_record_tx.c @@ -94,6 +94,11 @@ struct ossl_qtx_st { ossl_mutate_packet_cb mutatecb; ossl_finish_mutate_cb finishmutatecb; void *mutatearg; + + /* Message callback related arguments */ + ossl_msg_cb msg_callback; + void *msg_callback_arg; + SSL *msg_callback_s; }; /* Instantiates a new QTX. */ @@ -112,6 +117,9 @@ OSSL_QTX *ossl_qtx_new(const OSSL_QTX_ARGS *args) qtx->propq = args->propq; qtx->bio = args->bio; qtx->mdpl = args->mdpl; + qtx->msg_callback = args->msg_callback; + qtx->msg_callback_arg = args->msg_callback_arg; + qtx->msg_callback_s = args->msg_callback_s; return qtx; } @@ -432,9 +440,9 @@ static int qtx_write_hdr(OSSL_QTX *qtx, const QUIC_PKT_HDR *hdr, TXE *txe, { WPACKET wpkt; size_t l = 0; + unsigned char *data = txe_data(txe) + txe->data_len; - if (!WPACKET_init_static_len(&wpkt, txe_data(txe) + txe->data_len, - txe->alloc_len - txe->data_len, 0)) + if (!WPACKET_init_static_len(&wpkt, data, txe->alloc_len - txe->data_len, 0)) return 0; if (!ossl_quic_wire_encode_pkt_hdr(&wpkt, hdr->dst_conn_id.id_len, @@ -443,9 +451,14 @@ static int qtx_write_hdr(OSSL_QTX *qtx, const QUIC_PKT_HDR *hdr, TXE *txe, WPACKET_finish(&wpkt); return 0; } + WPACKET_finish(&wpkt); + + if (qtx->msg_callback != NULL) + qtx->msg_callback(1, OSSL_QUIC1_VERSION, SSL3_RT_QUIC_PACKET, data, l, + qtx->msg_callback_s, qtx->msg_callback_arg); txe->data_len += l; - WPACKET_finish(&wpkt); + return 1; } diff --git a/ssl/quic/quic_trace.c b/ssl/quic/quic_trace.c index 025e8189ef..aa25e8f028 100644 --- a/ssl/quic/quic_trace.c +++ b/ssl/quic/quic_trace.c @@ -495,7 +495,7 @@ int ossl_quic_trace(int write_p, int version, int content_type, * TODO(QUIC): We need to query the short connection id len here, * e.g. via some API SSL_get_short_conn_id_len() */ - if (ossl_quic_wire_decode_pkt_hdr(&pkt, 0, 0, &hdr, NULL) != 1) + if (ossl_quic_wire_decode_pkt_hdr(&pkt, 0, 0, 1, &hdr, NULL) != 1) return 0; BIO_puts(bio, write_p ? "Sent" : "Received"); diff --git a/ssl/quic/quic_wire_pkt.c b/ssl/quic/quic_wire_pkt.c index e0180ec060..d63101095f 100644 --- a/ssl/quic/quic_wire_pkt.c +++ b/ssl/quic/quic_wire_pkt.c @@ -162,6 +162,7 @@ int ossl_quic_hdr_protector_encrypt_fields(QUIC_HDR_PROTECTOR *hpr, int ossl_quic_wire_decode_pkt_hdr(PACKET *pkt, size_t short_conn_id_len, int partial, + int nodata, QUIC_PKT_HDR *hdr, QUIC_PKT_HDR_PTRS *ptrs) { @@ -369,8 +370,10 @@ int ossl_quic_wire_decode_pkt_hdr(PACKET *pkt, hdr->pn_len = partial ? 0 : (b0 & 3) + 1; if (!PACKET_get_quic_vlint(pkt, &len) - || len < sizeof(hdr->pn) - || len > PACKET_remaining(pkt)) + || len < sizeof(hdr->pn)) + return 0; + + if (!nodata && len > PACKET_remaining(pkt)) return 0; /* @@ -393,11 +396,15 @@ int ossl_quic_wire_decode_pkt_hdr(PACKET *pkt, hdr->len = (size_t)(len - hdr->pn_len); } - hdr->data = PACKET_data(pkt); + if (nodata) { + hdr->data = NULL; + } else { + hdr->data = PACKET_data(pkt); - /* Skip over packet body. */ - if (!PACKET_forward(pkt, hdr->len)) - return 0; + /* Skip over packet body. */ + if (!PACKET_forward(pkt, hdr->len)) + return 0; + } } } } |