From: Neil Horman <nhorman@openssl.org>
Date: Mon, 27 Jan 2025 18:04:08 +0000 (-0500)
Subject: Centralize freeing of tokens
X-Git-Tag: openssl-3.5.0-alpha1~232
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=725074f4e7068220843bd0bb0db3b05c56fdb8d6;p=thirdparty%2Fopenssl.git

Centralize freeing of tokens

This will make it easier to refcount them in a moment

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26517)
---

diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h
index f860b1b3a7a..7c1bdf50cf0 100644
--- a/include/internal/quic_ssl.h
+++ b/include/internal/quic_ssl.h
@@ -25,6 +25,7 @@ __owur SSL *ossl_quic_new_listener_from(SSL *ssl, uint64_t flags);
 __owur SSL *ossl_quic_new_from_listener(SSL *ssl, uint64_t flags);
 __owur SSL *ossl_quic_new_domain(SSL_CTX *ctx, uint64_t flags);
 
+typedef void* QTOK;
 SSL_TOKEN_STORE_HANDLE *ossl_quic_new_token_store(void);
 void ossl_quic_free_token_store(SSL_TOKEN_STORE_HANDLE *hdl);
 SSL_TOKEN_STORE_HANDLE *ossl_quic_get_token_store(SSL_CTX *ctx);
@@ -33,7 +34,8 @@ int ossl_quic_update_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
                                 const uint8_t *token, size_t token_len);
 int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
                              uint8_t **token, size_t *token_len,
-                             void **token_free_ptr);
+                             QTOK **token_free_ptr);
+void ossl_quic_free_peer_token(QTOK *token);
 
 __owur int ossl_quic_init(SSL *s);
 void ossl_quic_deinit(SSL *s);
diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index bfefa272c34..7e271bd5b33 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -2799,7 +2799,7 @@ int ossl_quic_channel_start(QUIC_CHANNEL *ch)
 {
     uint8_t *token;
     size_t token_len;
-    void *token_ptr;
+    QTOK *token_ptr;
 
     if (ch->is_server)
         /*
@@ -2824,9 +2824,10 @@ int ossl_quic_channel_start(QUIC_CHANNEL *ch)
                                                    &token, &token_len,
                                                    &token_ptr)) {
         if (!ossl_quic_tx_packetiser_set_initial_token(ch->txp, token,
-                                                       token_len, free_token,
+                                                       token_len,
+                                                       free_peer_token,
                                                        token_ptr))
-            free_token(NULL, 0, token_ptr);
+            free_peer_token(NULL, 0, token_ptr);
     }
     /* Plug in secrets for the Initial EL. */
     if (!ossl_quic_provide_initial_secret(ch->port->engine->libctx,
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 4f99a68934b..09f103c6af0 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4847,7 +4847,7 @@ int ossl_quic_update_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
 
 int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
                              uint8_t **token, size_t *token_len,
-                             void **token_free_ptr)
+                             QTOK **token_free_ptr)
 {
     SSL_TOKEN_STORE *c = ctx->tokencache;
     QUIC_TOKEN *key = NULL;
@@ -4863,7 +4863,7 @@ int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
     if (tok != NULL) {
         *token = tok->token;
         *token_len = tok->token_len;
-        *token_free_ptr = tok;
+        *token_free_ptr = (QTOK *)tok;
         lh_QUIC_TOKEN_delete(c->cache, key);
         rc = 1;
     }
@@ -4873,6 +4873,11 @@ int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
     return rc;
 }
 
+void ossl_quic_free_peer_token(QTOK *token)
+{
+    OPENSSL_free(token);
+}
+
 /*
  * SSL_get_accept_connection_queue_len
  * -----------------------------------