Support QUIC with the msg_callback and -trace in s_client #20914
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mattcaswell
added
branch: master
hlandau
requested changes
May 11, 2023
|
Other than that looks good. |
At this stage we just support msg_callback on receipt of a datagram.
Extend SSL_trace so that it knows how to dump information about the receipt of a QUIC datagram.
We enable SSL_trace support for when we receive QUIC Packets. This is called after header protection is removed, but before the packet is decrypted.
Extend the existing QUIC tracing capability for frames.
Previously we were only doing tracing of frames received from the peer. Now we do that for transmitted frames as well.
Extend the tracing capability to also trace when we have a datagram to the peer.
Prior to this commit we were just printing the fact that we had received or sent a frame of a particular type. We now provide more details about those frames.
We provide information about the new QUIC support related to the msg_callback. We also document SSL_trace() which was previously missing from the man pages.
Ensure that SSL_trace can print certificate data even with a non-default libctx.
We create setter functions for the msg_callback and msg_callback_arg so that these values can be properly propagated to the QRX/QTX/TXP even after the channel has been created.
mattcaswell
force-pushed
the
quic-msg_callback
branch
from
5ada731
to
1daebdf
Compare
|
I rebased this and added some commits to address the feedback from @hlandau. Please take another look. |
t8m
requested changes
May 19, 2023
Comment on lines
+243
to
+247
| # define SSL3_RT_QUIC_DATAGRAM 0x200 | ||
| # define SSL3_RT_QUIC_PACKET 0x201 | ||
| # define SSL3_RT_QUIC_FRAME_FULL 0x202 | ||
| # define SSL3_RT_QUIC_FRAME_HEADER 0x203 | ||
| # define SSL3_RT_QUIC_FRAME_PADDING 0x204 |
There was a problem hiding this comment.
The SSL3_RT_ prefix sounds quite awkward for something that has no relation to SSL3 at all. Perhaps OSSL_RT_.... would be better?
There was a problem hiding this comment.
I agree. But the problem here is that the SSL3_RT_ prefix is well established for this namespace and is legacy. It would be quite weird to have some values in the same space to have different prefixes. Plausibly we could introduce OSSL_RT_* everywhere and have some compatibility defines for old usage of SSL3_RT_* but this is a significant change with knock-on impacts throughout libssl. The SSL3_RT_ values are used beyond just the msg_callback. I'd rather not do that in this PR.
|
CI is also relevant |
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
We enable SSL_trace support for when we receive QUIC Packets. This is called after header protection is removed, but before the packet is decrypted. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Extend the existing QUIC tracing capability for frames. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Previously we were only doing tracing of frames received from the peer. Now we do that for transmitted frames as well. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Extend the tracing capability to also trace when we have a datagram to the peer. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Prior to this commit we were just printing the fact that we had received or sent a frame of a particular type. We now provide more details about those frames. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
We provide information about the new QUIC support related to the msg_callback. We also document SSL_trace() which was previously missing from the man pages. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Ensure that SSL_trace can print certificate data even with a non-default libctx. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
We create setter functions for the msg_callback and msg_callback_arg so that these values can be properly propagated to the QRX/QTX/TXP even after the channel has been created. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
We change to use %llu when printing uint64_t types for consistency with what we've done elsewhere. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
openssl-machine
pushed a commit
that referenced
this pull request
May 24, 2023
We create the internal/ssl.h header file and move the typedef for ossl_msg_cb. This is needed by both the QUIC code (which generally doesn't include ssl_local.h) and the rest of libssl. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
At this stage we just support msg_callback on receipt of a datagram. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Extend SSL_trace so that it knows how to dump information about the receipt of a QUIC datagram. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
We enable SSL_trace support for when we receive QUIC Packets. This is called after header protection is removed, but before the packet is decrypted. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Extend the existing QUIC tracing capability for frames. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Previously we were only doing tracing of frames received from the peer. Now we do that for transmitted frames as well. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Extend the tracing capability to also trace when we have a datagram to the peer. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Prior to this commit we were just printing the fact that we had received or sent a frame of a particular type. We now provide more details about those frames. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
We provide information about the new QUIC support related to the msg_callback. We also document SSL_trace() which was previously missing from the man pages. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Ensure that SSL_trace can print certificate data even with a non-default libctx. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
We create setter functions for the msg_callback and msg_callback_arg so that these values can be properly propagated to the QRX/QTX/TXP even after the channel has been created. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
We change to use %llu when printing uint64_t types for consistency with what we've done elsewhere. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
MrE-Fog
pushed a commit
to MrE-Fog/opensslxxixx
that referenced
this pull request
Jun 4, 2023
We create the internal/ssl.h header file and move the typedef for ossl_msg_cb. This is needed by both the QUIC code (which generally doesn't include ssl_local.h) and the rest of libssl. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from openssl/openssl#20914)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We extend the msg_callback to be able to support QUIC related events and also add QUIC support to the pre-built SSL_trace() callback function. This means that the s_client "-trace" option can now be used to dump QUIC tracing data related to send/receipt of datagrams, packets and frames.
This PR does not teach SSL_trace() how to parse the quic_transport_parameters extension. That is an exercise for future improvement.