From: Hugo Landau Date: Thu, 11 Jan 2024 08:36:15 +0000 (+0000) Subject: libssl: Move SSL object unwrapping macros to separate header X-Git-Tag: openssl-3.5.0-alpha1~461 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf55326752eb213d01c88c8d644b341fb01e1dd1;p=thirdparty%2Fopenssl.git libssl: Move SSL object unwrapping macros to separate header Reviewed-by: Matt Caswell Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/23334) --- diff --git a/include/internal/quic_predef.h b/include/internal/quic_predef.h index 574915e20c3..899f60959a4 100644 --- a/include/internal/quic_predef.h +++ b/include/internal/quic_predef.h @@ -37,6 +37,7 @@ typedef struct quic_lcidm_st QUIC_LCIDM; typedef struct quic_urxe_st QUIC_URXE; typedef struct quic_engine_st QUIC_ENGINE; typedef struct quic_obj_st QUIC_OBJ; +typedef struct quic_conn_st QUIC_CONNECTION; # endif diff --git a/include/internal/quic_trace.h b/include/internal/quic_trace.h new file mode 100644 index 00000000000..35d6996490c --- /dev/null +++ b/include/internal/quic_trace.h @@ -0,0 +1,20 @@ +/* + * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_QUIC_TRACE_H +# define OSSL_QUIC_TRACE_H + +# ifndef OPENSSL_NO_QUIC + +int ossl_quic_trace(int write_p, int version, int content_type, + const void *buf, size_t msglen, SSL *ssl, void *arg); + +# endif + +#endif diff --git a/include/internal/ssl_unwrap.h b/include/internal/ssl_unwrap.h new file mode 100644 index 00000000000..e436e6dc1d4 --- /dev/null +++ b/include/internal/ssl_unwrap.h @@ -0,0 +1,122 @@ +/* + * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_SSL_UNWRAP_H +# define OSSL_SSL_UNWRAP_H + +# include +# include "internal/quic_predef.h" + +# define SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, c) \ + ((ssl) == NULL ? NULL \ + : ((ssl)->type == SSL_TYPE_SSL_CONNECTION \ + ? (c SSL_CONNECTION *)(ssl) \ + : NULL)) +# define SSL_CONNECTION_NO_CONST +# define SSL_CONNECTION_FROM_SSL_ONLY(ssl) \ + SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, SSL_CONNECTION_NO_CONST) +# define SSL_CONNECTION_FROM_CONST_SSL_ONLY(ssl) \ + SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, const) +# define SSL_CONNECTION_GET_CTX(sc) ((sc)->ssl.ctx) +# define SSL_CONNECTION_GET_SSL(sc) (&(sc)->ssl) +# define SSL_CONNECTION_GET_USER_SSL(sc) ((sc)->user_ssl) +# ifndef OPENSSL_NO_QUIC +struct ssl_connection_st *ossl_quic_obj_get0_handshake_layer(QUIC_OBJ *obj); +# define SSL_CONNECTION_FROM_SSL_int(ssl, c) \ + ((ssl) == NULL ? NULL \ + : ((ssl)->type == SSL_TYPE_SSL_CONNECTION \ + ? (c SSL_CONNECTION *)(ssl) \ + : (SSL_TYPE_IS_QUIC((ssl)->type) \ + ? (c SSL_CONNECTION *)ossl_quic_obj_get0_handshake_layer((QUIC_OBJ *)(ssl)) \ + : NULL))) +# define SSL_CONNECTION_FROM_SSL(ssl) \ + SSL_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) +# define SSL_CONNECTION_FROM_CONST_SSL(ssl) \ + SSL_CONNECTION_FROM_SSL_int(ssl, const) +# else +# define SSL_CONNECTION_FROM_SSL(ssl) \ + SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, SSL_CONNECTION_NO_CONST) +# define SSL_CONNECTION_FROM_CONST_SSL(ssl) \ + SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, const) +# endif + +# ifndef OPENSSL_NO_QUIC + +# define IS_QUIC_METHOD(m) \ + ((m) == OSSL_QUIC_client_method() || \ + (m) == OSSL_QUIC_client_thread_method()) + +# define IS_QUIC_CTX(ctx) IS_QUIC_METHOD((ctx)->method) + +# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \ + ((ssl) == NULL ? NULL \ + : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ + ? (c QUIC_CONNECTION *)(ssl) \ + : NULL)) + +# define QUIC_XSO_FROM_SSL_int(ssl, c) \ + ((ssl) == NULL \ + ? NULL \ + : (((ssl)->type == SSL_TYPE_QUIC_XSO \ + ? (c QUIC_XSO *)(ssl) \ + : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ + ? (c QUIC_XSO *)((QUIC_CONNECTION *)(ssl))->default_xso \ + : NULL)))) + +# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) \ + ((ssl) == NULL ? NULL \ + : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ + ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \ + : NULL)) + +# define QUIC_LISTENER_FROM_SSL_int(ssl, c) \ + ((ssl) == NULL \ + ? NULL \ + : ((ssl)->type == SSL_TYPE_QUIC_LISTENER \ + ? (c QUIC_LISTENER *)(ssl) \ + : NULL)) + +# define IS_QUIC_CS(ssl) ((ssl) != NULL \ + && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ + || (ssl)->type == SSL_TYPE_QUIC_XSO)) + +# define IS_QUIC(ssl) \ + ((ssl) != NULL && SSL_TYPE_IS_QUIC((ssl)->type)) + +# else + +# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL +# define QUIC_XSO_FROM_SSL_int(ssl, c) NULL +# define QUIC_LISTENER_FROM_SSL_int(ssl, c) NULL +# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL +# define IS_QUIC(ssl) 0 +# define IS_QUIC_CS(ssl) 0 +# define IS_QUIC_CTX(ctx) 0 +# define IS_QUIC_METHOD(m) 0 + +# endif + +# define QUIC_CONNECTION_FROM_SSL(ssl) \ + QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) +# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \ + QUIC_CONNECTION_FROM_SSL_int(ssl, const) +# define QUIC_XSO_FROM_SSL(ssl) \ + QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) +# define QUIC_XSO_FROM_CONST_SSL(ssl) \ + QUIC_XSO_FROM_SSL_int(ssl, const) +# define QUIC_LISTENER_FROM_SSL(ssl) \ + QUIC_LISTENER_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) +# define QUIC_LISTENER_FROM_CONST_SSL(ssl) \ + QUIC_LISTENER_FROM_SSL_int(ssl, const) +# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \ + SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST) +# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \ + SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const) + +#endif diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index ac65a3988bd..a76a7e2de6d 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -15,6 +15,8 @@ #include "internal/bio.h" #include #include "ssl_local.h" +#include "internal/ssl_unwrap.h" +#include "internal/sockets.h" static int ssl_write(BIO *h, const char *buf, size_t size, size_t *written); static int ssl_read(BIO *b, char *buf, size_t size, size_t *readbytes); diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 9fa8606b402..7c3c5df5f30 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -14,6 +14,7 @@ #include #include "ssl_local.h" #include "internal/time.h" +#include "internal/ssl_unwrap.h" static int dtls1_handshake_write(SSL_CONNECTION *s); static size_t dtls1_link_min_mtu(void); diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c index b1e1fad16d9..48902c97f33 100644 --- a/ssl/d1_msg.c +++ b/ssl/d1_msg.c @@ -8,6 +8,7 @@ */ #include "ssl_local.h" +#include "internal/ssl_unwrap.h" int dtls1_write_app_data_bytes(SSL *s, uint8_t type, const void *buf_, size_t len, size_t *written) diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 155021ff584..0cccc37c295 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -16,7 +16,7 @@ #include #include #include "ssl_local.h" -#include "quic/quic_local.h" +#include "internal/ssl_unwrap.h" #ifndef OPENSSL_NO_SRTP diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index b28a4917765..7726f4a868e 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -9,12 +9,15 @@ #include #include +#include "internal/ssl_unwrap.h" #include "internal/quic_channel.h" #include "internal/quic_error.h" #include "internal/quic_rx_depack.h" #include "internal/quic_lcidm.h" #include "internal/quic_srtm.h" #include "internal/qlog_event_helpers.h" +#include "internal/quic_txp.h" +#include "internal/quic_tls.h" #include "../ssl_local.h" #include "quic_channel_local.h" #include "quic_port_local.h" diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 01ba89e64e7..1341a76deec 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -12,6 +12,7 @@ #include #include #include "quic_local.h" +#include "internal/ssl_unwrap.h" #include "internal/quic_tls.h" #include "internal/quic_rx_depack.h" #include "internal/quic_error.h" diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h index cada1844823..0fcaf8a1424 100644 --- a/ssl/quic/quic_local.h +++ b/ssl/quic/quic_local.h @@ -33,8 +33,8 @@ * state required by the libssl API personality. */ struct quic_xso_st { - /* SSL object common header. */ - struct ssl_st ssl; + /* QUIC_OBJ common header, including SSL object common header. */ + QUIC_OBJ obj; /* The connection this stream is associated with. Always non-NULL. */ QUIC_CONNECTION *conn; @@ -126,13 +126,13 @@ struct quic_xso_st { */ struct quic_conn_st { /* - * ssl_st is a common header for ordinary SSL objects, QUIC connection - * objects and QUIC stream objects, allowing objects of these different - * types to be disambiguated at runtime and providing some common fields. + * QUIC_OBJ is a common header for QUIC APL objects, allowing objects of + * these different types to be disambiguated at runtime and providing some + * common fields. * * Note: This must come first in the QUIC_CONNECTION structure. */ - struct ssl_st ssl; + QUIC_OBJ obj; SSL *tls; @@ -255,8 +255,8 @@ struct quic_conn_st { * layer for QLSO objects, wrapping the QUIC-native QUIC_PORT object. */ struct quic_listener_st { - /* Common header for SSL objects. */ - struct ssl_st ssl; + /* QUIC_OBJ common header, including SSL object common header. */ + QUIC_OBJ obj; }; /* Internal calls to the QUIC CSM which come from various places. */ @@ -276,77 +276,9 @@ void ossl_quic_conn_raise_protocol_error(QUIC_CONNECTION *qc, void ossl_quic_conn_on_remote_conn_close(QUIC_CONNECTION *qc, OSSL_QUIC_FRAME_CONN_CLOSE *f); -int ossl_quic_trace(int write_p, int version, int content_type, - const void *buf, size_t msglen, SSL *ssl, void *arg); - # define OSSL_QUIC_ANY_VERSION 0xFFFFF -# define IS_QUIC_METHOD(m) \ - ((m) == OSSL_QUIC_client_method() || \ - (m) == OSSL_QUIC_client_thread_method()) -# define IS_QUIC_CTX(ctx) IS_QUIC_METHOD((ctx)->method) - -# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) \ - ((ssl) == NULL ? NULL \ - : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ - ? (c QUIC_CONNECTION *)(ssl) \ - : NULL)) - -# define QUIC_XSO_FROM_SSL_int(ssl, c) \ - ((ssl) == NULL \ - ? NULL \ - : (((ssl)->type == SSL_TYPE_QUIC_XSO \ - ? (c QUIC_XSO *)(ssl) \ - : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ - ? (c QUIC_XSO *)((QUIC_CONNECTION *)(ssl))->default_xso \ - : NULL)))) - -# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) \ - ((ssl) == NULL ? NULL \ - : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ - ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \ - : NULL)) - -# define QUIC_LISTENER_FROM_SSL_int(ssl, c) \ - ((ssl) == NULL \ - ? NULL \ - : ((ssl)->type == SSL_TYPE_QUIC_LISTENER \ - ? (c QUIC_LISTENER *)(ssl) \ - : NULL)) - -# define IS_QUIC_CS(ssl) ((ssl) != NULL \ - && ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ - || (ssl)->type == SSL_TYPE_QUIC_XSO)) - -# define IS_QUIC(ssl) \ - ((ssl) != NULL && SSL_TYPE_IS_QUIC((ssl)->type)) -# else -# define QUIC_CONNECTION_FROM_SSL_int(ssl, c) NULL -# define QUIC_XSO_FROM_SSL_int(ssl, c) NULL -# define QUIC_LISTENER_FROM_SSL_int(ssl, c) NULL -# define SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, c) NULL -# define IS_QUIC(ssl) 0 -# define IS_QUIC_CS(ssl) 0 -# define IS_QUIC_CTX(ctx) 0 -# define IS_QUIC_METHOD(m) 0 # endif -# define QUIC_CONNECTION_FROM_SSL(ssl) \ - QUIC_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) -# define QUIC_CONNECTION_FROM_CONST_SSL(ssl) \ - QUIC_CONNECTION_FROM_SSL_int(ssl, const) -# define QUIC_XSO_FROM_SSL(ssl) \ - QUIC_XSO_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) -# define QUIC_XSO_FROM_CONST_SSL(ssl) \ - QUIC_XSO_FROM_SSL_int(ssl, const) -# define QUIC_LISTENER_FROM_SSL(ssl) \ - QUIC_LISTENER_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) -# define QUIC_LISTENER_FROM_CONST_SSL(ssl) \ - QUIC_LISTENER_FROM_SSL_int(ssl, const) -# define SSL_CONNECTION_FROM_QUIC_SSL(ssl) \ - SSL_CONNECTION_FROM_QUIC_SSL_int(ssl, SSL_CONNECTION_NO_CONST) -# define SSL_CONNECTION_FROM_CONST_QUIC_SSL(ssl) \ - SSL_CONNECTION_FROM_CONST_QUIC_SSL_int(ssl, const) - # define IMPLEMENT_quic_meth_func(version, func_name, q_accept, \ q_connect, enc_data) \ const SSL_METHOD *func_name(void) \ diff --git a/ssl/quic/quic_obj.c b/ssl/quic/quic_obj.c index 63261073d56..2981fd4fe86 100644 --- a/ssl/quic/quic_obj.c +++ b/ssl/quic/quic_obj.c @@ -9,6 +9,7 @@ #include "quic_obj_local.h" #include "quic_local.h" +#include "internal/ssl_unwrap.h" static int obj_update_cache(QUIC_OBJ *obj); diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c index fbc79860176..01892614bd3 100644 --- a/ssl/quic/quic_port.c +++ b/ssl/quic/quic_port.c @@ -11,6 +11,7 @@ #include "internal/quic_channel.h" #include "internal/quic_lcidm.h" #include "internal/quic_srtm.h" +#include "internal/ssl_unwrap.h" #include "quic_port_local.h" #include "quic_channel_local.h" #include "quic_engine_local.h" diff --git a/ssl/quic/quic_tls.c b/ssl/quic/quic_tls.c index 6cd656ea422..bd5eed874ad 100644 --- a/ssl/quic/quic_tls.c +++ b/ssl/quic/quic_tls.c @@ -12,6 +12,7 @@ #include "../ssl_local.h" #include "internal/quic_error.h" #include "internal/quic_types.h" +#include "internal/ssl_unwrap.h" #define QUIC_TLS_FATAL(rl, ad, err) \ do { \ diff --git a/ssl/quic/quic_trace.c b/ssl/quic/quic_trace.c index 9c433746f87..cf337180ecc 100644 --- a/ssl/quic/quic_trace.c +++ b/ssl/quic/quic_trace.c @@ -9,7 +9,10 @@ #include #include "../ssl_local.h" +#include "internal/quic_trace.h" #include "internal/quic_wire_pkt.h" +#include "internal/quic_wire.h" +#include "internal/ssl_unwrap.h" static const char *packet_type(int type) { diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index d55887d9aaa..7d340805baa 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -15,6 +15,7 @@ #include "record_local.h" #include "internal/packet.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) { diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 7022d08cea1..3177f4a7c69 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -22,6 +22,7 @@ #include "record_local.h" #include "internal/packet.h" #include "internal/comp.h" +#include "internal/ssl_unwrap.h" void RECORD_LAYER_init(RECORD_LAYER *rl, SSL_CONNECTION *s) { diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index cda1f7f83bc..e0c70a08184 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -14,6 +14,7 @@ #include #include #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" static int ssl3_generate_key_block(SSL_CONNECTION *s, unsigned char *km, int num) { diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 05f9e3753d6..254cf9128a3 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -21,6 +21,7 @@ #include #include #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers) #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c index 3fcea15e279..398f746a909 100644 --- a/ssl/s3_msg.c +++ b/ssl/s3_msg.c @@ -8,6 +8,7 @@ */ #include "ssl_local.h" +#include "internal/ssl_unwrap.h" int ssl3_do_change_cipher_spec(SSL_CONNECTION *s) { diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 6f48ab2f456..276b489c60e 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -26,6 +26,7 @@ #include "ssl_local.h" #include "ssl_cert_table.h" #include "internal/thread_once.h" +#include "internal/ssl_unwrap.h" #ifndef OPENSSL_NO_POSIX_IO # include # ifdef _WIN32 diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index e5d6237176c..4a3df98107d 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -22,6 +22,7 @@ #include "internal/thread_once.h" #include "internal/cryptlib.h" #include "internal/comp.h" +#include "internal/ssl_unwrap.h" /* NB: make sure indices in these tables match values above */ diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 730a796a78f..d23601ccf27 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -16,6 +16,7 @@ #include #include #include "internal/nelem.h" +#include "internal/ssl_unwrap.h" /* * structure holding name tables. This is used for permitted elements in lists diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1d61e5b6ebd..6a89ee8f7db 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -30,6 +30,7 @@ #include "internal/thread_once.h" #include "internal/ktls.h" #include "internal/to_hex.h" +#include "internal/ssl_unwrap.h" #include "quic/quic_local.h" static int ssl_undefined_function_3(SSL_CONNECTION *sc, unsigned char *r, diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 31fbe3a8ea5..8c104b95f1b 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -37,6 +37,7 @@ # include "internal/time.h" # include "internal/ssl.h" # include "internal/cryptlib.h" +# include "internal/quic_predef.h" # include "record/record.h" # include "internal/quic_predef.h" # include "internal/quic_tls.h" @@ -1856,39 +1857,6 @@ struct ssl_connection_st { size_t server_cert_type_len; }; -# define SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, c) \ - ((ssl) == NULL ? NULL \ - : ((ssl)->type == SSL_TYPE_SSL_CONNECTION \ - ? (c SSL_CONNECTION *)(ssl) \ - : NULL)) -# define SSL_CONNECTION_NO_CONST -# define SSL_CONNECTION_FROM_SSL_ONLY(ssl) \ - SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, SSL_CONNECTION_NO_CONST) -# define SSL_CONNECTION_FROM_CONST_SSL_ONLY(ssl) \ - SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, const) -# define SSL_CONNECTION_GET_CTX(sc) ((sc)->ssl.ctx) -# define SSL_CONNECTION_GET_SSL(sc) (&(sc)->ssl) -# define SSL_CONNECTION_GET_USER_SSL(sc) ((sc)->user_ssl) -# ifndef OPENSSL_NO_QUIC -# include "quic/quic_local.h" -# define SSL_CONNECTION_FROM_SSL_int(ssl, c) \ - ((ssl) == NULL ? NULL \ - : ((ssl)->type == SSL_TYPE_SSL_CONNECTION \ - ? (c SSL_CONNECTION *)(ssl) \ - : ((ssl)->type == SSL_TYPE_QUIC_CONNECTION \ - ? (c SSL_CONNECTION *)((c QUIC_CONNECTION *)(ssl))->tls \ - : NULL))) -# define SSL_CONNECTION_FROM_SSL(ssl) \ - SSL_CONNECTION_FROM_SSL_int(ssl, SSL_CONNECTION_NO_CONST) -# define SSL_CONNECTION_FROM_CONST_SSL(ssl) \ - SSL_CONNECTION_FROM_SSL_int(ssl, const) -# else -# define SSL_CONNECTION_FROM_SSL(ssl) \ - SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, SSL_CONNECTION_NO_CONST) -# define SSL_CONNECTION_FROM_CONST_SSL(ssl) \ - SSL_CONNECTION_FROM_SSL_ONLY_int(ssl, const) -# endif - /* * Structure containing table entry of values associated with the signature * algorithms (signature scheme) extension diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index dee9d7baf0c..160c9b3cc26 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -10,6 +10,7 @@ #include #include "ssl_local.h" #include "internal/packet.h" +#include "internal/ssl_unwrap.h" #include #include #include diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 69149de0507..e19abf26ec2 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -17,6 +17,7 @@ #include #include "internal/refcount.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include "ssl_local.h" #include "statem/statem_local.h" diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index 686eba452df..18b2837d652 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -10,6 +10,7 @@ #include #include "ssl_local.h" +#include "internal/ssl_unwrap.h" const char *SSL_state_string_long(const SSL *s) { diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index d4275946b16..56d9503e6eb 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -15,6 +15,7 @@ #include #include "internal/nelem.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include "../ssl_local.h" #include "statem_local.h" diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index a4785d1d30d..970160089b7 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -10,6 +10,7 @@ #include #include "../ssl_local.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include "statem_local.h" EXT_RETURN tls_construct_ctos_renegotiate(SSL_CONNECTION *s, WPACKET *pkt, diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c index 4757ee65bf1..2a225ce952b 100644 --- a/ssl/statem/extensions_cust.c +++ b/ssl/statem/extensions_cust.c @@ -12,6 +12,7 @@ #include #include "../ssl_local.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include "statem_local.h" typedef struct { diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 0e842d5df9c..d77b087ebf1 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -11,6 +11,7 @@ #include "../ssl_local.h" #include "statem_local.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #define COOKIE_STATE_FORMAT_VERSION 1 diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index 67cb26ef46e..87ed6c64c56 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -15,6 +15,7 @@ #endif #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include #include "../ssl_local.h" #include "statem_local.h" diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index df2eed7594c..eafd7a295a0 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -28,6 +28,7 @@ #include #include "internal/cryptlib.h" #include "internal/comp.h" +#include "internal/ssl_unwrap.h" static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL_CONNECTION *s, PACKET *pkt); diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index b583e312d99..f25b2b2fa48 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -14,6 +14,7 @@ #include "../ssl_local.h" #include "statem_local.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include #include #include diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 1cfd0df40bb..3687f2eac89 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -14,6 +14,7 @@ #include "../ssl_local.h" #include "statem_local.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include #include #include diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 3d1cb90018c..21e5807795d 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -16,6 +16,7 @@ #include "statem_local.h" #include "internal/constant_time.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include #include #include diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 2e9e24a8cf9..8e72b75394c 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -13,6 +13,7 @@ #include "record/record_local.h" #include "internal/ktls.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include #include #include diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 40abf27d402..17eef870fb1 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -23,6 +23,7 @@ #include "internal/nelem.h" #include "internal/sizes.h" #include "internal/tlsgroups.h" +#include "internal/ssl_unwrap.h" #include "ssl_local.h" #include "quic/quic_local.h" #include diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 8d6444c5050..37cab668de8 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -13,6 +13,10 @@ /* Packet trace support for OpenSSL */ #include "internal/nelem.h" +#include "internal/ssl_unwrap.h" +#include "internal/quic_predef.h" +#include "internal/quic_trace.h" +#include "quic/quic_local.h" typedef struct { int num; diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 7846c73a861..82a3244be7a 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -12,6 +12,7 @@ #include "internal/ktls.h" #include "record/record_local.h" #include "internal/cryptlib.h" +#include "internal/ssl_unwrap.h" #include #include #include diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c index b9ccfc4188a..8df075ae812 100644 --- a/ssl/tls_depr.c +++ b/ssl/tls_depr.c @@ -12,6 +12,7 @@ #include #include "ssl_local.h" +#include "internal/ssl_unwrap.h" /* * Engine APIs are only used to support applications that still use ENGINEs. diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 0451e96bb51..68283102cd5 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -21,6 +21,7 @@ #include #include #include "ssl_local.h" +#include "internal/ssl_unwrap.h" #ifndef OPENSSL_NO_SRP # include diff --git a/test/dtls_mtu_test.c b/test/dtls_mtu_test.c index b11d5e34613..bce96a2226f 100644 --- a/test/dtls_mtu_test.c +++ b/test/dtls_mtu_test.c @@ -19,6 +19,7 @@ /* for SSL_READ_ETM() */ #include "../ssl/ssl_local.h" +#include "internal/ssl_unwrap.h" static int debug = 0; diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c index f611b3a0780..89a84a7667a 100644 --- a/test/helpers/handshake.c +++ b/test/helpers/handshake.c @@ -15,6 +15,7 @@ #include #include "../../ssl/ssl_local.h" +#include "internal/ssl_unwrap.h" #include "internal/sockets.h" #include "internal/nelem.h" #include "handshake.h" diff --git a/test/ssl_handshake_rtt_test.c b/test/ssl_handshake_rtt_test.c index 0e54284f04a..9958124ca1c 100644 --- a/test/ssl_handshake_rtt_test.c +++ b/test/ssl_handshake_rtt_test.c @@ -30,6 +30,7 @@ #include "internal/ktls.h" #include "../ssl/ssl_local.h" #include "../ssl/statem/statem_local.h" +#include "internal/ssl_unwrap.h" static OSSL_LIB_CTX *libctx = NULL; static char *cert = NULL; diff --git a/test/sslapitest.c b/test/sslapitest.c index daa46606f08..935c8e58c44 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -41,6 +41,7 @@ #include "internal/nelem.h" #include "internal/tlsgroups.h" #include "internal/ktls.h" +#include "internal/ssl_unwrap.h" #include "../ssl/ssl_local.h" #include "../ssl/record/methods/recmethod_local.h" #include "filterprov.h" diff --git a/test/sslbuffertest.c b/test/sslbuffertest.c index 981b22c23ee..95468e3bcf9 100644 --- a/test/sslbuffertest.c +++ b/test/sslbuffertest.c @@ -22,11 +22,17 @@ #include #include +#ifndef OPENSSL_NO_QUIC +/* This test does not link libssl so avoid pulling in QUIC unwrappers. */ +# define OPENSSL_NO_QUIC +#endif + /* We include internal headers so we can check if the buffers are allocated */ #include "../ssl/ssl_local.h" #include "../ssl/record/record_local.h" #include "internal/recordmethod.h" #include "../ssl/record/methods/recmethod_local.h" +#include "internal/ssl_unwrap.h" #include "internal/packet.h" diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c index 2cbc4521308..e2eba0863a5 100644 --- a/test/tls13secretstest.c +++ b/test/tls13secretstest.c @@ -11,6 +11,7 @@ #include #include "../ssl/ssl_local.h" +#include "internal/ssl_unwrap.h" #include "testutil.h" #define IVLEN 12