mirror of
https://gitea.invidious.io/iv-org/litespeed-quic.git
synced 2024-08-15 00:53:43 +00:00
Support get_ssl_ctx callback for client
This commit is contained in:
sumasrao
parent
821ffbba11
commit
21bcad8707
6 changed files with 41 additions and 29 deletions
|
|
@ -317,7 +317,7 @@ Other required engine callbacks are a set of stream and connection callbacks tha
|
||||||
/* --- 8< --- snip --- 8< --- */
|
/* --- 8< --- snip --- 8< --- */
|
||||||
.ea_stream_if = &stream_callbacks,
|
.ea_stream_if = &stream_callbacks,
|
||||||
.ea_stream_if_ctx = &some_context,
|
.ea_stream_if_ctx = &some_context,
|
||||||
.ea_get_ssl_ctx = get_ssl_ctx, /* Server only */
|
.ea_get_ssl_ctx = get_ssl_ctx,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -264,7 +264,7 @@ struct enc_session_funcs_iquic
|
||||||
const struct ver_neg *, void *(crypto_streams)[4],
|
const struct ver_neg *, void *(crypto_streams)[4],
|
||||||
const struct crypto_stream_if *,
|
const struct crypto_stream_if *,
|
||||||
const unsigned char *, size_t,
|
const unsigned char *, size_t,
|
||||||
struct lsquic_alarmset *, unsigned);
|
struct lsquic_alarmset *, unsigned, void*);
|
||||||
|
|
||||||
void
|
void
|
||||||
(*esfi_destroy) (enc_session_t *);
|
(*esfi_destroy) (enc_session_t *);
|
||||||
|
|
|
||||||
|
|
@ -817,10 +817,11 @@ iquic_esfi_create_client (const char *hostname,
|
||||||
const lsquic_cid_t *dcid, const struct ver_neg *ver_neg,
|
const lsquic_cid_t *dcid, const struct ver_neg *ver_neg,
|
||||||
void *crypto_streams[4], const struct crypto_stream_if *cryst_if,
|
void *crypto_streams[4], const struct crypto_stream_if *cryst_if,
|
||||||
const unsigned char *sess_resume, size_t sess_resume_sz,
|
const unsigned char *sess_resume, size_t sess_resume_sz,
|
||||||
struct lsquic_alarmset *alset, unsigned max_streams_uni)
|
struct lsquic_alarmset *alset, unsigned max_streams_uni, void* peer_ctx)
|
||||||
{
|
{
|
||||||
struct enc_sess_iquic *enc_sess;
|
struct enc_sess_iquic *enc_sess;
|
||||||
SSL_CTX *ssl_ctx = NULL;
|
SSL_CTX *ssl_ctx = NULL;
|
||||||
|
int set_app_ctx = 0;
|
||||||
SSL_SESSION *ssl_session;
|
SSL_SESSION *ssl_session;
|
||||||
const struct alpn_map *am;
|
const struct alpn_map *am;
|
||||||
int transpa_len;
|
int transpa_len;
|
||||||
|
|
@ -884,6 +885,9 @@ iquic_esfi_create_client (const char *hostname,
|
||||||
enc_sess->esi_alpn = am->alpn;
|
enc_sess->esi_alpn = am->alpn;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ssl_ctx = enc_sess->esi_enpub->enp_get_ssl_ctx( peer_ctx );
|
||||||
|
if (!ssl_ctx)
|
||||||
|
{
|
||||||
LSQ_DEBUG("Create new SSL_CTX");
|
LSQ_DEBUG("Create new SSL_CTX");
|
||||||
ssl_ctx = SSL_CTX_new(TLS_method());
|
ssl_ctx = SSL_CTX_new(TLS_method());
|
||||||
if (!ssl_ctx)
|
if (!ssl_ctx)
|
||||||
|
|
@ -906,6 +910,13 @@ iquic_esfi_create_client (const char *hostname,
|
||||||
SSL_CTX_set_custom_verify(ssl_ctx, SSL_VERIFY_PEER,
|
SSL_CTX_set_custom_verify(ssl_ctx, SSL_VERIFY_PEER,
|
||||||
verify_server_cert_callback);
|
verify_server_cert_callback);
|
||||||
SSL_CTX_set_early_data_enabled(ssl_ctx, 1);
|
SSL_CTX_set_early_data_enabled(ssl_ctx, 1);
|
||||||
|
set_app_ctx = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
set_app_ctx = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
enc_sess->esi_ssl = SSL_new(ssl_ctx);
|
enc_sess->esi_ssl = SSL_new(ssl_ctx);
|
||||||
if (!enc_sess->esi_ssl)
|
if (!enc_sess->esi_ssl)
|
||||||
|
|
@ -975,13 +986,14 @@ iquic_esfi_create_client (const char *hostname,
|
||||||
lsquic_alarmset_init_alarm(enc_sess->esi_alset, AL_SESS_TICKET,
|
lsquic_alarmset_init_alarm(enc_sess->esi_alset, AL_SESS_TICKET,
|
||||||
no_sess_ticket, enc_sess);
|
no_sess_ticket, enc_sess);
|
||||||
|
|
||||||
|
if( !set_app_ctx )
|
||||||
SSL_CTX_free(ssl_ctx);
|
SSL_CTX_free(ssl_ctx);
|
||||||
return enc_sess;
|
return enc_sess;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
if (enc_sess)
|
if (enc_sess)
|
||||||
iquic_esfi_destroy(enc_sess);
|
iquic_esfi_destroy(enc_sess);
|
||||||
if (ssl_ctx)
|
if (!set_app_ctx && ssl_ctx)
|
||||||
SSL_CTX_free(ssl_ctx);
|
SSL_CTX_free(ssl_ctx);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1747,7 +1747,7 @@ lsquic_engine_connect (lsquic_engine_t *engine, enum lsquic_version version,
|
||||||
if (versions & LSQUIC_IETF_VERSIONS)
|
if (versions & LSQUIC_IETF_VERSIONS)
|
||||||
conn = lsquic_ietf_full_conn_client_new(&engine->pub, versions,
|
conn = lsquic_ietf_full_conn_client_new(&engine->pub, versions,
|
||||||
flags, hostname, base_plpmtu,
|
flags, hostname, base_plpmtu,
|
||||||
is_ipv4, sess_resume, sess_resume_len, token, token_sz);
|
is_ipv4, sess_resume, sess_resume_len, token, token_sz, peer_ctx);
|
||||||
else
|
else
|
||||||
conn = lsquic_gquic_full_conn_client_new(&engine->pub, versions,
|
conn = lsquic_gquic_full_conn_client_new(&engine->pub, versions,
|
||||||
flags, hostname, base_plpmtu, is_ipv4,
|
flags, hostname, base_plpmtu, is_ipv4,
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ lsquic_ietf_full_conn_client_new (struct lsquic_engine_public *,
|
||||||
unsigned flags /* Only FC_SERVER and FC_HTTP */,
|
unsigned flags /* Only FC_SERVER and FC_HTTP */,
|
||||||
const char *hostname, unsigned short base_plpmtu, int is_ipv4,
|
const char *hostname, unsigned short base_plpmtu, int is_ipv4,
|
||||||
const unsigned char *sess_resume, size_t,
|
const unsigned char *sess_resume, size_t,
|
||||||
const unsigned char *token, size_t);
|
const unsigned char *token, size_t, void* peer_ctx);
|
||||||
|
|
||||||
typedef struct lsquic_conn *
|
typedef struct lsquic_conn *
|
||||||
(*server_conn_ctor_f) (struct lsquic_engine_public *,
|
(*server_conn_ctor_f) (struct lsquic_engine_public *,
|
||||||
|
|
|
||||||
|
|
@ -1303,7 +1303,7 @@ lsquic_ietf_full_conn_client_new (struct lsquic_engine_public *enpub,
|
||||||
unsigned versions, unsigned flags,
|
unsigned versions, unsigned flags,
|
||||||
const char *hostname, unsigned short base_plpmtu, int is_ipv4,
|
const char *hostname, unsigned short base_plpmtu, int is_ipv4,
|
||||||
const unsigned char *sess_resume, size_t sess_resume_sz,
|
const unsigned char *sess_resume, size_t sess_resume_sz,
|
||||||
const unsigned char *token, size_t token_sz)
|
const unsigned char *token, size_t token_sz, void* peer_ctx)
|
||||||
{
|
{
|
||||||
const struct transport_params *params;
|
const struct transport_params *params;
|
||||||
const struct enc_session_funcs_iquic *esfi;
|
const struct enc_session_funcs_iquic *esfi;
|
||||||
|
|
@ -1397,7 +1397,7 @@ lsquic_ietf_full_conn_client_new (struct lsquic_engine_public *enpub,
|
||||||
&conn->ifc_u.cli.ifcli_ver_neg,
|
&conn->ifc_u.cli.ifcli_ver_neg,
|
||||||
(void **) conn->ifc_u.cli.crypto_streams, &crypto_stream_if,
|
(void **) conn->ifc_u.cli.crypto_streams, &crypto_stream_if,
|
||||||
sess_resume, sess_resume_sz, &conn->ifc_alset,
|
sess_resume, sess_resume_sz, &conn->ifc_alset,
|
||||||
conn->ifc_max_streams_in[SD_UNI]);
|
conn->ifc_max_streams_in[SD_UNI], peer_ctx);
|
||||||
if (!conn->ifc_conn.cn_enc_session)
|
if (!conn->ifc_conn.cn_enc_session)
|
||||||
goto err2;
|
goto err2;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue