From: Amaury Denoyelle Date: Fri, 30 Sep 2022 15:31:18 +0000 (+0200) Subject: CLEANUP: quic: remove global var definition in quic_tls header X-Git-Tag: v2.7-dev8~78 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a19bb6f0b2af1971775e4a88edfaed85d42162c6;p=thirdparty%2Fhaproxy.git CLEANUP: quic: remove global var definition in quic_tls header Some variables related to QUIC TLS were defined in a header file : their definitions are now moved properly in the implementation file, with only declarations in the header. This should be backported up to 2.6. --- diff --git a/include/haproxy/quic_tls-t.h b/include/haproxy/quic_tls-t.h index 2440a67dc1..cd2e0a8ad8 100644 --- a/include/haproxy/quic_tls-t.h +++ b/include/haproxy/quic_tls-t.h @@ -112,6 +112,9 @@ enum quic_tls_pktns { }; extern unsigned char initial_salt[20]; +extern const unsigned char initial_salt_draft_29[20]; +extern const unsigned char initial_salt_v1[20]; +extern const unsigned char initial_salt_v2_draft[20]; /* Key phase used for Key Update */ struct quic_tls_kp { diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h index df836d5102..dc2651f8b9 100644 --- a/include/haproxy/quic_tls.h +++ b/include/haproxy/quic_tls.h @@ -27,27 +27,6 @@ #include #include -/* Initial salt depending on QUIC version to derive client/server initial secrets. - * This one is for draft-29 QUIC version. - */ -const unsigned char initial_salt_draft_29[20] = { - 0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, - 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, - 0x43, 0x90, 0xa8, 0x99 -}; - -const unsigned char initial_salt_v1[20] = { - 0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, - 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, - 0xcc, 0xbb, 0x7f, 0x0a -}; - -const unsigned char initial_salt_v2_draft[20] = { - 0xa7, 0x07, 0xc2, 0x03, 0xa5, 0x9b, 0x47, 0x18, - 0x4a, 0x1d, 0x62, 0xca, 0x57, 0x04, 0x06, 0xea, - 0x7a, 0xe3, 0xe5, 0xd3 -}; - void quic_tls_keys_hexdump(struct buffer *buf, const struct quic_tls_secrets *secs); diff --git a/src/quic_tls.c b/src/quic_tls.c index a216f8678e..14b7e16987 100644 --- a/src/quic_tls.c +++ b/src/quic_tls.c @@ -17,6 +17,27 @@ DECLARE_POOL(pool_head_quic_tls_key, "quic_tls_key", QUIC_TLS_KEY_LEN); __attribute__((format (printf, 3, 4))) void hexdump(const void *buf, size_t buflen, const char *title_fmt, ...); +/* Initial salt depending on QUIC version to derive client/server initial secrets. + * This one is for draft-29 QUIC version. + */ +const unsigned char initial_salt_draft_29[20] = { + 0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, + 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, + 0x43, 0x90, 0xa8, 0x99 +}; + +const unsigned char initial_salt_v1[20] = { + 0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, + 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, + 0xcc, 0xbb, 0x7f, 0x0a +}; + +const unsigned char initial_salt_v2_draft[20] = { + 0xa7, 0x07, 0xc2, 0x03, 0xa5, 0x9b, 0x47, 0x18, + 0x4a, 0x1d, 0x62, 0xca, 0x57, 0x04, 0x06, 0xea, + 0x7a, 0xe3, 0xe5, 0xd3 +}; + /* Dump the RX/TX secrets of QUIC TLS secrets. */ void quic_tls_keys_hexdump(struct buffer *buf, const struct quic_tls_secrets *secs)