int qc_treat_rx_pkts(struct quic_conn *qc);
int qc_parse_hd_form(struct quic_rx_packet *pkt,
unsigned char **pos, const unsigned char *end);
-int qc_treat_rx_crypto_frms(struct quic_conn *qc, struct quic_enc_level *el,
- struct ssl_sock_ctx *ctx);
int qc_handle_frms_of_lost_pkt(struct quic_conn *qc,
struct quic_tx_packet *pkt,
struct list *pktns_frm_list);
int ssl_quic_initial_ctx(struct bind_conf *bind_conf);
int qc_alloc_ssl_sock_ctx(struct quic_conn *qc);
-int qc_ssl_provide_quic_data(struct ncbuf *ncbuf,
- enum ssl_encryption_level_t level,
- struct ssl_sock_ctx *ctx,
- const unsigned char *data, size_t len);
int qc_ssl_provide_all_quic_data(struct quic_conn *qc, struct ssl_sock_ctx *ctx);
static inline void qc_free_ssl_sock_ctx(struct ssl_sock_ctx **ctx)
TRACE_LEAVE(QUIC_EV_CONN_ELRMHP, qc);
}
-/* Process all the CRYPTO frame at <el> encryption level. This is the
- * responsibility of the called to ensure there exists a CRYPTO data
- * stream for this level.
- * Return 1 if succeeded, 0 if not.
- */
-int qc_treat_rx_crypto_frms(struct quic_conn *qc, struct quic_enc_level *el,
- struct ssl_sock_ctx *ctx)
-{
- int ret = 0;
- struct ncbuf *ncbuf;
- struct quic_cstream *cstream = el->cstream;
- ncb_sz_t data;
-
- TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc);
-
- BUG_ON(!cstream);
- ncbuf = &cstream->rx.ncbuf;
- if (ncb_is_null(ncbuf))
- goto done;
-
- /* TODO not working if buffer is wrapping */
- while ((data = ncb_data(ncbuf, 0))) {
- const unsigned char *cdata = (const unsigned char *)ncb_head(ncbuf);
-
- if (!qc_ssl_provide_quic_data(&el->cstream->rx.ncbuf, el->level,
- ctx, cdata, data))
- goto leave;
-
- cstream->rx.offset += data;
- TRACE_DEVEL("buffered crypto data were provided to TLS stack",
- QUIC_EV_CONN_PHPKTS, qc, el);
- }
-
- done:
- ret = 1;
- leave:
- if (!ncb_is_null(ncbuf) && ncb_is_empty(ncbuf)) {
- TRACE_DEVEL("freeing crypto buf", QUIC_EV_CONN_PHPKTS, qc, el);
- quic_free_ncbuf(ncbuf);
- }
- TRACE_LEAVE(QUIC_EV_CONN_PHPKTS, qc);
- return ret;
-}
-
/* Check if it's possible to remove header protection for packets related to
* encryption level <qel>. If <qel> is NULL, assume it's false.
*
#include <haproxy/ncbuf.h>
#include <haproxy/proxy.h>
#include <haproxy/quic_conn.h>
-#include <haproxy/quic_rx.h>
#include <haproxy/quic_sock.h>
#include <haproxy/quic_ssl.h>
#include <haproxy/quic_tls.h>
* Remaining parameter are there for debugging purposes.
* Return 1 if succeeded, 0 if not.
*/
-int qc_ssl_provide_quic_data(struct ncbuf *ncbuf,
- enum ssl_encryption_level_t level,
- struct ssl_sock_ctx *ctx,
- const unsigned char *data, size_t len)
+static int qc_ssl_provide_quic_data(struct ncbuf *ncbuf,
+ enum ssl_encryption_level_t level,
+ struct ssl_sock_ctx *ctx,
+ const unsigned char *data, size_t len)
{
#ifdef DEBUG_STRICT
enum ncb_ret ncb_ret;
{
int ret = 0;
struct quic_enc_level *qel;
+ struct ncbuf *ncbuf;
+ ncb_sz_t data;
TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc);
list_for_each_entry(qel, &qc->qel_list, list) {
if (!cstream)
continue;
- if (!qc_treat_rx_crypto_frms(qc, qel, ctx))
- goto leave;
+ ncbuf = &cstream->rx.ncbuf;
+ if (ncb_is_null(ncbuf))
+ continue;
+
+ /* TODO not working if buffer is wrapping */
+ while ((data = ncb_data(ncbuf, 0))) {
+ const unsigned char *cdata = (const unsigned char *)ncb_head(ncbuf);
+
+ if (!qc_ssl_provide_quic_data(&qel->cstream->rx.ncbuf, qel->level,
+ ctx, cdata, data))
+ goto leave;
+
+ cstream->rx.offset += data;
+ TRACE_DEVEL("buffered crypto data were provided to TLS stack",
+ QUIC_EV_CONN_PHPKTS, qc, qel);
+ }
+
+ if (!ncb_is_null(ncbuf) && ncb_is_empty(ncbuf)) {
+ TRACE_DEVEL("freeing crypto buf", QUIC_EV_CONN_PHPKTS, qc, qel);
+ quic_free_ncbuf(ncbuf);
+ }
}
ret = 1;
projects / thirdparty / haproxy.git / commitdiff
