Move the record padding callback fully into the record layer

We wrap the callback and pass it to the record layer via the dispatch
array, in order to avoid accessing it directly via SSL_CONNECTION.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index 294bec3e0865e82df45274c1700e30ae704c3b66..5fa451d916fd18f19562e3abd39c3cf83c12d3d8 100644 (file)
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -209,6 +209,7 @@ struct ossl_record_layer_st
     OSSL_FUNC_rlayer_skip_early_data_fn *skip_early_data;
     OSSL_FUNC_rlayer_msg_callback_fn *msg_callback;
     OSSL_FUNC_rlayer_security_fn *security;
+    OSSL_FUNC_rlayer_padding_fn *padding;
 
     size_t max_pipelines;
 

diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index 987fdff6d11825feb8aac44c44070e76cd082273..e3cc6c14dc96302980200a29ce90df738321a3c8 100644 (file)
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -1226,6 +1226,8 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
             case OSSL_FUNC_RLAYER_SECURITY:
                 rl->security = OSSL_FUNC_rlayer_security(fns);
                 break;
+            case OSSL_FUNC_RLAYER_PADDING:
+                rl->padding = OSSL_FUNC_rlayer_padding(fns);
             default:
                 /* Just ignore anything we don't understand */
                 break;
@@ -1661,9 +1663,9 @@ int tls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
             if (rlen < max_send_fragment) {
                 size_t padding = 0;
                 size_t max_padding = max_send_fragment - rlen;
-                if (s->record_padding_cb != NULL) {
-                    padding = s->record_padding_cb(ssl, thistempl->type, rlen,
-                                                   s->record_padding_arg);
+
+                if (rl->padding != NULL) {
+                    padding = rl->padding(rl->cbarg, thistempl->type, rlen);
                 } else if (s->block_padding > 0) {
                     size_t mask = s->block_padding - 1;
                     size_t remainder;

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index c8951d45dbfdb2662266a8b1da2ca0e68b99af59..6d0251407ff683b06407fcef9049ab2b8f904a99 100644 (file)
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1192,10 +1192,20 @@ static int rlayer_security_wrapper(void *cbarg, int op, int bits, int nid,
     return ssl_security(s, op, bits, nid, other);
 }
 
+static OSSL_FUNC_rlayer_padding_fn rlayer_padding_wrapper;
+static size_t rlayer_padding_wrapper(void *cbarg, int type, size_t len)
+{
+    SSL_CONNECTION *s = cbarg;
+    SSL *ssl = SSL_CONNECTION_GET_SSL(s);
+
+    return s->record_padding_cb(ssl, type, len, s->record_padding_arg);
+}
+
 static const OSSL_DISPATCH rlayer_dispatch[] = {
     { OSSL_FUNC_RLAYER_SKIP_EARLY_DATA, (void (*)(void))ossl_statem_skip_early_data },
     { OSSL_FUNC_RLAYER_MSG_CALLBACK, (void (*)(void))rlayer_msg_callback_wrapper },
     { OSSL_FUNC_RLAYER_SECURITY, (void (*)(void))rlayer_security_wrapper },
+    { OSSL_FUNC_RLAYER_PADDING, (void (*)(void))rlayer_padding_wrapper },
     { 0, NULL }
 };
 
@@ -1370,7 +1380,9 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
         int rlret;
         BIO *prev = NULL;
         BIO *next = NULL;
-        unsigned int epoch = 0;;
+        unsigned int epoch = 0;
+        OSSL_DISPATCH rlayer_dispatch_tmp[OSSL_NELEM(rlayer_dispatch)];
+        size_t i, j;
 
         if (direction == OSSL_RECORD_DIRECTION_READ) {
             prev = s->rlayer.rrlnext;
@@ -1391,13 +1403,33 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
             s->rlayer.rrlnext = next;
         }
 
+        /*
+         * Create a copy of the dispatch array, missing out wrappers for
+         * callbacks that we don't need.
+         */
+        for (i = 0, j = 0; i < OSSL_NELEM(rlayer_dispatch); i++) {
+            switch (rlayer_dispatch[i].function_id) {
+            case OSSL_FUNC_RLAYER_MSG_CALLBACK:
+                if (s->msg_callback == NULL)
+                    continue;
+                break;
+            case OSSL_FUNC_RLAYER_PADDING:
+                if (s->record_padding_cb == NULL)
+                    continue;
+                break;
+            default:
+                break;
+            }
+            rlayer_dispatch_tmp[j++] = rlayer_dispatch[i];
+        }
+
         rlret = meth->new_record_layer(sctx->libctx, sctx->propq, version,
                                        s->server, direction, level, epoch,
                                        key, keylen, iv, ivlen, mackey,
                                        mackeylen, ciph, taglen, mactype, md,
                                        comp, prev, thisbio, next, NULL, NULL,
-                                       settings, options, rlayer_dispatch, s,
-                                       &newrl);
+                                       settings, options, rlayer_dispatch_tmp,
+                                       s, &newrl);
         BIO_free(prev);
         switch (rlret) {
         case OSSL_RECORD_RETURN_FATAL:

diff --git a/ssl/record/record.h b/ssl/record/record.h
index 75080e653eafa283b9ddf4b45b88e75dc150ab74..19021ca0135e3a89903735c49144549794178566 100644 (file)
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -271,4 +271,6 @@ OSSL_CORE_MAKE_FUNC(void, rlayer_msg_callback, (int write_p, int version,
                                                 void *cbarg))
 # define OSSL_FUNC_RLAYER_SECURITY               3
 OSSL_CORE_MAKE_FUNC(int, rlayer_security, (void *cbarg, int op, int bits,
-                                           int nid, void *other))
\ No newline at end of file
+                                           int nid, void *other))
+# define OSSL_FUNC_RLAYER_PADDING                4
+OSSL_CORE_MAKE_FUNC(size_t, rlayer_padding, (void *cbarg, int type, size_t len))