RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLEANUP: quic: Remove any reference to boringssl 

I do not think we will support boringssl for QUIC soon ;)
This commit is contained in:
Frédéric Lécaille 2022-06-16 15:06:44 +02:00
parent 301425b880
commit e06f7459fa
3 changed files with 1 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
include/haproxy/quic_tls.h
View File

@ -123,16 +123,10 @@ static inline const EVP_CIPHER *tls_aead(const SSL_CIPHER *cipher)
return EVP_aes_128_gcm();
case TLS1_3_CK_AES_256_GCM_SHA384:
return EVP_aes_256_gcm();
#ifndef OPENSSL_IS_BORINGSSL
/* XXX TO DO XXX */
/* Note that for chacha20_poly1305, there exists EVP_AEAD_chacha20_poly135() function
* which returns a pointer to const EVP_AEAD.
*/
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
return EVP_chacha20_poly1305();
case TLS1_3_CK_AES_128_CCM_SHA256:
return EVP_aes_128_ccm();
#endif
default:
return NULL;
}
@ -142,14 +136,8 @@ static inline const EVP_MD *tls_md(const SSL_CIPHER *cipher)
{
switch (SSL_CIPHER_get_id(cipher)) {
case TLS1_3_CK_AES_128_GCM_SHA256:
#ifndef OPENSSL_IS_BORINGSSL
/* XXX TO DO XXX */
/* Note that for chacha20_poly1305, there exists EVP_AEAD_chacha20_poly135() function
* which returns a pointer to const EVP_AEAD.
*/
case TLS1_3_CK_AES_128_CCM_SHA256:
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
#endif
return EVP_sha256();
case TLS1_3_CK_AES_256_GCM_SHA384:
return EVP_sha384();
@ -161,15 +149,9 @@ static inline const EVP_MD *tls_md(const SSL_CIPHER *cipher)
static inline const EVP_CIPHER *tls_hp(const SSL_CIPHER *cipher)
{
switch (SSL_CIPHER_get_id(cipher)) {
#ifndef OPENSSL_IS_BORINGSSL
/* XXX TO DO XXX */
/* Note that for chacha20_poly1305, there exists EVP_AEAD_chacha20_poly135() function
* which returns a pointer to const EVP_AEAD.
*/
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
return EVP_chacha20();
case TLS1_3_CK_AES_128_CCM_SHA256:
#endif
case TLS1_3_CK_AES_128_GCM_SHA256:
return EVP_aes_128_ctr();
case TLS1_3_CK_AES_256_GCM_SHA384:
@ -265,14 +247,12 @@ static inline const char *ssl_error_str(int err)
return "WANT_CONNECT";
case SSL_ERROR_WANT_ACCEPT:
return "WANT_ACCEPT";
#ifndef OPENSSL_IS_BORINGSSL
case SSL_ERROR_WANT_ASYNC:
return "WANT_ASYNC";
case SSL_ERROR_WANT_ASYNC_JOB:
return "WANT_ASYNC_JOB";
case SSL_ERROR_WANT_CLIENT_HELLO_CB:
return "WANT_CLIENT_HELLO_CB";
#endif
default:
return "UNKNOWN";
}

24
src/quic_tls.c
View File

@ -2,16 +2,11 @@
#include <openssl/ssl.h>
#if defined(OPENSSL_IS_BORINGSSL)
#include <openssl/hkdf.h>
#else
#include <openssl/evp.h>
#include <openssl/kdf.h>
#endif
#include <haproxy/buf.h>
#include <haproxy/chunk.h>
//#include <haproxy/quic_tls-t.h>
#include <haproxy/xprt_quic.h>
@ -53,23 +48,6 @@ void quic_tls_secret_hexdump(struct buffer *buf,
chunk_appendf(buf, "%02x", secret[i]);
}
#if defined(OPENSSL_IS_BORINGSSL)
int quic_hkdf_extract(const EVP_MD *md,
unsigned char *buf, size_t *buflen,
const unsigned char *key, size_t keylen,
const unsigned char *salt, size_t saltlen)
{
return HKDF_extract(buf, buflen, md, key, keylen, salt, saltlen);
}
int quic_hkdf_expand(const EVP_MD *md,
unsigned char *buf, size_t buflen,
const unsigned char *key, size_t keylen,
const unsigned char *label, size_t labellen)
{
return HKDF_expand(buf, buflen, md, key, keylen, label, labellen);
}
#else
int quic_hkdf_extract(const EVP_MD *md,
unsigned char *buf, size_t buflen,
const unsigned char *key, size_t keylen,
@ -161,8 +139,6 @@ int quic_hkdf_extract_and_expand(const EVP_MD *md,
return 0;
}
#endif
/* https://quicwg.org/base-drafts/draft-ietf-quic-tls.html#protection-keys
* refers to:
*

112
src/xprt_quic.c
View File

@ -862,7 +862,6 @@ static void quic_tls_rotate_keys(struct quic_conn *qc)
qc->ku.nxt_tx.key = curr_key;
}
#ifndef OPENSSL_IS_BORINGSSL
int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
const uint8_t *read_secret,
const uint8_t *write_secret, size_t secret_len)
@ -960,107 +959,6 @@ int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
TRACE_DEVEL("leaving in error", QUIC_EV_CONN_RWSEC, qc);
return 0;
}
#else
/* ->set_read_secret callback to derive the RX secrets at <level> encryption
* level.
* Returns 1 if succeeded, 0 if not.
*/
int ha_set_rsec(SSL *ssl, enum ssl_encryption_level_t level,
const SSL_CIPHER *cipher,
const uint8_t *secret, size_t secret_len)
{
struct quic_conn *qc = SSL_get_ex_data(ssl, ssl_qc_app_data_index);
struct quic_tls_ctx *tls_ctx =
&qc->els[ssl_to_quic_enc_level(level)].tls_ctx;
TRACE_ENTER(QUIC_EV_CONN_RSEC, qc);
if (qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE) {
TRACE_PROTO("CC required", QUIC_EV_CONN_RSEC, qc);
goto out;
}
tls_ctx->rx.aead = tls_aead(cipher);
tls_ctx->rx.md = tls_md(cipher);
tls_ctx->rx.hp = tls_hp(cipher);
if (!(ctx->rx.key = pool_alloc(pool_head_quic_tls_key)))
goto err;
if (!quic_tls_derive_keys(tls_ctx->rx.aead, tls_ctx->rx.hp, tls_ctx->rx.md,
tls_ctx->rx.key, tls_ctx->rx.keylen,
tls_ctx->rx.iv, tls_ctx->rx.ivlen,
tls_ctx->rx.hp_key, sizeof tls_ctx->rx.hp_key,
secret, secret_len)) {
TRACE_DEVEL("RX key derivation failed", QUIC_EV_CONN_RSEC, qc);
goto err;
}
if (!qc_is_listener(qc) && level == ssl_encryption_application) {
const unsigned char *buf;
size_t buflen;
SSL_get_peer_quic_transport_params(ssl, &buf, &buflen);
if (!buflen)
goto err;
if (!quic_transport_params_store(qc, 1, buf, buf + buflen))
goto err;
}
tls_ctx->rx.flags |= QUIC_FL_TLS_SECRETS_SET;
out:
TRACE_LEAVE(QUIC_EV_CONN_RSEC, qc, &level, secret, &secret_len);
return 1;
err:
TRACE_DEVEL("leaving in error", QUIC_EV_CONN_RSEC, qc);
return 0;
}
/* ->set_write_secret callback to derive the TX secrets at <level>
* encryption level.
* Returns 1 if succeeded, 0 if not.
*/
int ha_set_wsec(SSL *ssl, enum ssl_encryption_level_t level,
const SSL_CIPHER *cipher,
const uint8_t *secret, size_t secret_len)
{
struct quic_conn *qc = SSL_get_ex_data(ssl, ssl_qc_app_data_index);
struct quic_tls_ctx *tls_ctx = &qc->els[ssl_to_quic_enc_level(level)].tls_ctx;
TRACE_ENTER(QUIC_EV_CONN_WSEC, qc);
if (qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE) {
TRACE_PROTO("CC required", QUIC_EV_CONN_WSEC, qc);
goto out;
}
if (!(ctx->tx.key = pool_alloc(pool_head_quic_tls_key)))
goto err;
tls_ctx->tx.aead = tls_aead(cipher);
tls_ctx->tx.md = tls_md(cipher);
tls_ctx->tx.hp = tls_hp(cipher);
if (!quic_tls_derive_keys(tls_ctx->tx.aead, tls_ctx->tx.hp, tls_ctx->tx.md,
tls_ctx->tx.key, tls_ctx->tx.keylen,
tls_ctx->tx.iv, tls_ctx->tx.ivlen,
tls_ctx->tx.hp_key, sizeof tls_ctx->tx.hp_key,
secret, secret_len)) {
TRACE_DEVEL("TX key derivation failed", QUIC_EV_CONN_WSEC, qc);
goto err;
}
tls_ctx->tx.flags |= QUIC_FL_TLS_SECRETS_SET;
TRACE_LEAVE(QUIC_EV_CONN_WSEC, qc, &level, secret, &secret_len);
out:
return 1;
err:
TRACE_DEVEL("leaving in error", QUIC_EV_CONN_WSEC, qc);
return 0;
}
#endif
/* This function copies the CRYPTO data provided by the TLS stack found at <data>
* with <len> as size in CRYPTO buffers dedicated to store the information about
@ -1259,12 +1157,7 @@ int ha_quic_send_alert(SSL *ssl, enum ssl_encryption_level_t level, uint8_t aler
/* QUIC TLS methods */
static SSL_QUIC_METHOD ha_quic_method = {
#ifdef OPENSSL_IS_BORINGSSL
.set_read_secret = ha_set_rsec,
.set_write_secret = ha_set_wsec,
#else
.set_encryption_secrets = ha_quic_set_encryption_secrets,
#endif
.add_handshake_data = ha_quic_add_handshake_data,
.flush_flight = ha_quic_flush_flight,
.send_alert = ha_quic_send_alert,
@ -1293,10 +1186,7 @@ int ssl_quic_initial_ctx(struct bind_conf *bind_conf)
SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
#ifdef OPENSSL_IS_BORINGSSL
SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
#elif (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
if (bind_conf->ssl_conf.early_data) {
SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
SSL_CTX_set_max_early_data(ctx, 0xffffffff);