libssl: Move SSL object unwrapping macros to separate header

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from #23334)
openssl · Mar 9, 2024 · 0da96a6 · 0da96a6
1 parent 8d4e72e
commit 0da96a6
Show file tree

Hide file tree

Showing 48 changed files with 207 additions and 109 deletions.
diff --git a/include/internal/quic_predef.h b/include/internal/quic_predef.h
@@ -38,6 +38,7 @@ typedef struct quic_lcidm_st QUIC_LCIDM;
 typedef struct quic_urxe_st QUIC_URXE;
 typedef struct quic_engine_st QUIC_ENGINE;
 typedef struct quic_obj_st QUIC_OBJ;
+typedef struct quic_conn_st QUIC_CONNECTION;
 
 # endif
 

diff --git a/include/internal/quic_trace.h b/include/internal/quic_trace.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OSSL_QUIC_TRACE_H
+# define OSSL_QUIC_TRACE_H
+
+# ifndef OPENSSL_NO_QUIC
+
+int ossl_quic_trace(int write_p, int version, int content_type,
+                    const void *buf, size_t msglen, SSL *ssl, void *arg);
+
+# endif
+
+#endif
diff --git a/include/internal/ssl_unwrap.h b/include/internal/ssl_unwrap.h
@@ -0,0 +1,121 @@
+/*
+ * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OSSL_SSL_UNWRAP_H
+# define OSSL_SSL_UNWRAP_H
+
+# include <openssl/ssl.h>
+# include "internal/quic_predef.h"
+
+# define SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, c) \
+    ((ssl) == NULL ? NULL                         \
+     : ((ssl)->type == SSL_TYPE_SSL_CONNECTION    \
+       ? (c SSL_CONNECTION *)(ssl)                \
+       : NULL))
+# define SSL_CONNECTION_NO_CONST
+# define SSL_CONNECTION_FROM_SSL_ONLY(ssl) \
+    SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, SSL_CONNECTION_NO_CONST)
+# define SSL_CONNECTION_FROM_CONST_SSL_ONLY(ssl) \
+    SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, const)
+# define SSL_CONNECTION_GET_CTX(sc) ((sc)->ssl.ctx)
+# define SSL_CONNECTION_GET_SSL(sc) (&(sc)->ssl)
+# ifndef OPENSSL_NO_QUIC
+struct ssl_connection_st *ossl_quic_obj_get0_handshake_layer(QUIC_OBJ *obj);
+#  define SSL_CONNECTION_FROM_SSL_int(ssl, c)                                           \
+    ((ssl) == NULL ? NULL                                                               \
+     : ((ssl)->type == SSL_TYPE_SSL_CONNECTION                                          \
+        ? (c SSL_CONNECTION *)(ssl)                                                     \
+        : (SSL_TYPE_IS_QUIC((ssl)->type)                                                \
+          ? (c SSL_CONNECTION *)ossl_quic_obj_get0_handshake_layer((QUIC_OBJ *)(ssl))   \
+          : NULL)))
+#  define SSL_CONNECTION_FROM_SSL(ssl) \
+    SSL_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+#  define SSL_CONNECTION_FROM_CONST_SSL(ssl) \
+    SSL_CONNECTION_FROM_SSL_int(ssl, const)
+# else
+#  define SSL_CONNECTION_FROM_SSL(ssl) \
+    SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, SSL_CONNECTION_NO_CONST)
+#  define SSL_CONNECTION_FROM_CONST_SSL(ssl) \
+    SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, const)
+# endif
+
+# ifndef OPENSSL_NO_QUIC
+
+#  define IS_QUIC_METHOD(m) \
+    ((m) == OSSL_QUIC_client_method() || \
+     (m) == OSSL_QUIC_client_thread_method())
+
+#  define IS_QUIC_CTX(ctx)          IS_QUIC_METHOD((ctx)->method)
+
+#  define QUIC_CONNECTION_FROM_SSL_int(ssl, c)   \
+     ((ssl) == NULL ? NULL                       \
+      : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
+         ? (c QUIC_CONNECTION *)(ssl)            \
+         : NULL))
+
+#  define QUIC_XSO_FROM_SSL_int(ssl, c)                             \
+    ((ssl) == NULL                                                  \
+     ? NULL                                                         \
+     : (((ssl)->type == SSL_TYPE_QUIC_XSO                           \
+        ? (c QUIC_XSO *)(ssl)                                       \
+        : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION                  \
+           ? (c QUIC_XSO *)((QUIC_CONNECTION *)(ssl))->default_xso  \
+           : NULL))))
+
+#  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c)               \
+     ((ssl) == NULL ? NULL                                       \
+      : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION                 \
+         ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \
+         : NULL))
+
+#  define QUIC_LISTENER_FROM_SSL_int(ssl, c)                            \
+    ((ssl) == NULL                                                      \
+     ? NULL                                                             \
+     : ((ssl)->type == SSL_TYPE_QUIC_LISTENER                           \
+        ? (c QUIC_LISTENER *)(ssl)                                      \
+        : NULL))
+
+#  define IS_QUIC_CS(ssl) ((ssl) != NULL                                \
+                           && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION  \
+                               || (ssl)->type == SSL_TYPE_QUIC_XSO))
+
+#  define IS_QUIC(ssl)                                                  \
+    ((ssl) != NULL && SSL_TYPE_IS_QUIC((ssl)->type))
+
+# else
+
+#  define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
+#  define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
+#  define QUIC_LISTENER_FROM_SSL_int(ssl, c) NULL
+#  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
+#  define IS_QUIC(ssl) 0
+#  define IS_QUIC_CS(ssl) 0
+#  define IS_QUIC_CTX(ctx) 0
+#  define IS_QUIC_METHOD(m) 0
+
+# endif
+
+# define QUIC_CONNECTION_FROM_SSL(ssl) \
+    QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \
+    QUIC_CONNECTION_FROM_SSL_int(ssl, const)
+# define QUIC_XSO_FROM_SSL(ssl) \
+    QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+# define QUIC_XSO_FROM_CONST_SSL(ssl) \
+    QUIC_XSO_FROM_SSL_int(ssl, const)
+# define QUIC_LISTENER_FROM_SSL(ssl) \
+    QUIC_LISTENER_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+# define QUIC_LISTENER_FROM_CONST_SSL(ssl) \
+    QUIC_LISTENER_FROM_SSL_int(ssl, const)
+# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
+    SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
+# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
+    SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const)
+
+#endif
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
@@ -15,6 +15,8 @@
 #include "internal/bio.h"
 #include <openssl/err.h>
 #include "ssl_local.h"
+#include "internal/ssl_unwrap.h"
+#include "internal/sockets.h"
 
 static int ssl_write(BIO *h, const char *buf, size_t size, size_t *written);
 static int ssl_read(BIO *b, char *buf, size_t size, size_t *readbytes);

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
@@ -13,6 +13,7 @@
 #include <openssl/rand.h>
 #include "ssl_local.h"
 #include "internal/time.h"
+#include "internal/ssl_unwrap.h"
 
 static int dtls1_handshake_write(SSL_CONNECTION *s);
 static size_t dtls1_link_min_mtu(void);

diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c
@@ -8,6 +8,7 @@
  */
 
 #include "ssl_local.h"
+#include "internal/ssl_unwrap.h"
 
 int dtls1_write_app_data_bytes(SSL *s, uint8_t type, const void *buf_,
                                size_t len, size_t *written)

diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c
@@ -16,7 +16,7 @@
 #include <stdio.h>
 #include <openssl/objects.h>
 #include "ssl_local.h"
-#include "quic/quic_local.h"
+#include "internal/ssl_unwrap.h"
 
 #ifndef OPENSSL_NO_SRTP
 

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
@@ -9,12 +9,15 @@
 
 #include <openssl/rand.h>
 #include <openssl/err.h>
+#include "internal/ssl_unwrap.h"
 #include "internal/quic_channel.h"
 #include "internal/quic_error.h"
 #include "internal/quic_rx_depack.h"
 #include "internal/quic_lcidm.h"
 #include "internal/quic_srtm.h"
 #include "internal/qlog_event_helpers.h"
+#include "internal/quic_txp.h"
+#include "internal/quic_tls.h"
 #include "../ssl_local.h"
 #include "quic_channel_local.h"
 #include "quic_port_local.h"

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
@@ -12,6 +12,7 @@
 #include <openssl/sslerr.h>
 #include <crypto/rand.h>
 #include "quic_local.h"
+#include "internal/ssl_unwrap.h"
 #include "internal/quic_tls.h"
 #include "internal/quic_rx_depack.h"
 #include "internal/quic_error.h"

diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h
@@ -33,8 +33,8 @@
  * state required by the libssl API personality.
  */
 struct quic_xso_st {
-    /* SSL object common header. */
-    struct ssl_st                   ssl;
+    /* QUIC_OBJ common header, including SSL object common header. */
+    QUIC_OBJ                        obj;
 
     /* The connection this stream is associated with. Always non-NULL. */
     QUIC_CONNECTION                 *conn;
@@ -126,13 +126,13 @@ struct quic_xso_st {
  */
 struct quic_conn_st {
     /*
-     * ssl_st is a common header for ordinary SSL objects, QUIC connection
-     * objects and QUIC stream objects, allowing objects of these different
-     * types to be disambiguated at runtime and providing some common fields.
+     * QUIC_OBJ is a common header for QUIC APL objects, allowing objects of
+     * these different types to be disambiguated at runtime and providing some
+     * common fields.
      *
      * Note: This must come first in the QUIC_CONNECTION structure.
      */
-    struct ssl_st                   ssl;
+    QUIC_OBJ                        obj;
 
     SSL                             *tls;
 
@@ -255,8 +255,8 @@ struct quic_conn_st {
  * layer for QLSO objects, wrapping the QUIC-native QUIC_PORT object.
  */
 struct quic_listener_st {
-    /* Common header for SSL objects. */
-    struct ssl_st                   ssl;
+    /* QUIC_OBJ common header, including SSL object common header. */
+    QUIC_OBJ                        obj;
 };
 
 /* Internal calls to the QUIC CSM which come from various places. */
@@ -276,77 +276,9 @@ void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION *qc,
 void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc,
                                          OSSL_QUIC_FRAME_CONN_CLOSE *f);
 
-int ossl_quic_trace(int write_p, int version, int content_type,
-                    const void *buf, size_t msglen, SSL *ssl, void *arg);
-
 #  define OSSL_QUIC_ANY_VERSION 0xFFFFF
-#  define IS_QUIC_METHOD(m) \
-    ((m) == OSSL_QUIC_client_method() || \
-     (m) == OSSL_QUIC_client_thread_method())
-#  define IS_QUIC_CTX(ctx)          IS_QUIC_METHOD((ctx)->method)
-
-#  define QUIC_CONNECTION_FROM_SSL_int(ssl, c)   \
-     ((ssl) == NULL ? NULL                       \
-      : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \
-         ? (c QUIC_CONNECTION *)(ssl)            \
-         : NULL))
-
-#  define QUIC_XSO_FROM_SSL_int(ssl, c)                             \
-    ((ssl) == NULL                                                  \
-     ? NULL                                                         \
-     : (((ssl)->type == SSL_TYPE_QUIC_XSO                           \
-        ? (c QUIC_XSO *)(ssl)                                       \
-        : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION                  \
-           ? (c QUIC_XSO *)((QUIC_CONNECTION *)(ssl))->default_xso  \
-           : NULL))))
-
-#  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c)               \
-     ((ssl) == NULL ? NULL                                       \
-      : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION                 \
-         ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \
-         : NULL))
-
-#  define QUIC_LISTENER_FROM_SSL_int(ssl, c)                            \
-    ((ssl) == NULL                                                      \
-     ? NULL                                                             \
-     : ((ssl)->type == SSL_TYPE_QUIC_LISTENER                           \
-        ? (c QUIC_LISTENER *)(ssl)                                      \
-        : NULL))
-
-#  define IS_QUIC_CS(ssl) ((ssl) != NULL                                \
-                           && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION  \
-                               || (ssl)->type == SSL_TYPE_QUIC_XSO))
-
-#  define IS_QUIC(ssl)                                                  \
-    ((ssl) != NULL && SSL_TYPE_IS_QUIC((ssl)->type))
-# else
-#  define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL
-#  define QUIC_XSO_FROM_SSL_int(ssl, c) NULL
-#  define QUIC_LISTENER_FROM_SSL_int(ssl, c) NULL
-#  define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL
-#  define IS_QUIC(ssl) 0
-#  define IS_QUIC_CS(ssl) 0
-#  define IS_QUIC_CTX(ctx) 0
-#  define IS_QUIC_METHOD(m) 0
 # endif
 
-# define QUIC_CONNECTION_FROM_SSL(ssl) \
-    QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
-# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \
-    QUIC_CONNECTION_FROM_SSL_int(ssl, const)
-# define QUIC_XSO_FROM_SSL(ssl) \
-    QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
-# define QUIC_XSO_FROM_CONST_SSL(ssl) \
-    QUIC_XSO_FROM_SSL_int(ssl, const)
-# define QUIC_LISTENER_FROM_SSL(ssl) \
-    QUIC_LISTENER_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
-# define QUIC_LISTENER_FROM_CONST_SSL(ssl) \
-    QUIC_LISTENER_FROM_SSL_int(ssl, const)
-# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \
-    SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST)
-# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \
-    SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const)
-
 # define IMPLEMENT_quic_meth_func(version, func_name, q_accept, \
                                  q_connect, enc_data) \
 const SSL_METHOD *func_name(void)  \

diff --git a/ssl/quic/quic_obj.c b/ssl/quic/quic_obj.c
@@ -9,6 +9,7 @@
 
 #include "quic_obj_local.h"
 #include "quic_local.h"
+#include "internal/ssl_unwrap.h"
 
 static int obj_update_cache(QUIC_OBJ *obj);
 

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
@@ -11,6 +11,7 @@
 #include "internal/quic_channel.h"
 #include "internal/quic_lcidm.h"
 #include "internal/quic_srtm.h"
+#include "internal/ssl_unwrap.h"
 #include "quic_port_local.h"
 #include "quic_channel_local.h"
 #include "quic_engine_local.h"

diff --git a/ssl/quic/quic_tls.c b/ssl/quic/quic_tls.c
@@ -11,6 +11,7 @@
 #include "internal/quic_tls.h"
 #include "../ssl_local.h"
 #include "internal/quic_error.h"
+#include "internal/ssl_unwrap.h"
 
 #define QUIC_TLS_FATAL(rl, ad, err) \
     do { \

diff --git a/ssl/quic/quic_trace.c b/ssl/quic/quic_trace.c
@@ -9,7 +9,10 @@
 
 #include <openssl/bio.h>
 #include "../ssl_local.h"
+#include "internal/quic_trace.h"
 #include "internal/quic_wire_pkt.h"
+#include "internal/quic_wire.h"
+#include "internal/ssl_unwrap.h"
 
 static const char *packet_type(int type)
 {

diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
@@ -15,6 +15,7 @@
 #include "record_local.h"
 #include "internal/packet.h"
 #include "internal/cryptlib.h"
+#include "internal/ssl_unwrap.h"
 
 int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl)
 {

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
@@ -19,6 +19,7 @@
 #include <openssl/core_names.h>
 #include "record_local.h"
 #include "internal/packet.h"
+#include "internal/ssl_unwrap.h"
 
 void RECORD_LAYER_init(RECORD_LAYER *rl, SSL_CONNECTION *s)
 {

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
@@ -14,6 +14,7 @@
 #include <openssl/md5.h>
 #include <openssl/core_names.h>
 #include "internal/cryptlib.h"
+#include "internal/ssl_unwrap.h"
 
 static int ssl3_generate_key_block(SSL_CONNECTION *s, unsigned char *km, int num)
 {

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
@@ -20,6 +20,7 @@
 #include <openssl/x509v3.h>
 #include <openssl/core_names.h>
 #include "internal/cryptlib.h"
+#include "internal/ssl_unwrap.h"
 
 #define TLS13_NUM_CIPHERS       OSSL_NELEM(tls13_ciphers)
 #define SSL3_NUM_CIPHERS        OSSL_NELEM(ssl3_ciphers)