MINOR: quic: Move QUIC TLS encryption level related code (quic_conn_enc_level_init())

quic_conn_enc_level_init() location is definitively in QUIC TLS API source file:
src/quic_tls.c.

include/haproxy/quic_conn-t.h

@@ -255,6 +255,7 @@ extern struct trace_source trace_quic;
 extern struct pool_head *pool_head_quic_tx_ring;
 extern struct pool_head *pool_head_quic_rx_packet;
 extern struct pool_head *pool_head_quic_tx_packet;
+extern struct pool_head *pool_head_quic_crypto_buf;
 extern struct pool_head *pool_head_quic_frame;
 extern struct pool_head *pool_head_quic_dgram;
 

include/haproxy/quic_conn.h

@@ -51,6 +51,9 @@
 extern struct pool_head *pool_head_quic_connection_id;
 
 int ssl_quic_initial_ctx(struct bind_conf *bind_conf);
+struct quic_cstream *quic_cstream_new(struct quic_conn *qc);
+struct quic_cstream *quic_cstream_new(struct quic_conn *qc);
+void quic_cstream_free(struct quic_cstream *cs);
 
 /* Return the long packet type matching with <qv> version and <type> */
 static inline int quic_pkt_type(int type, uint32_t version)

include/haproxy/quic_tls.h

@@ -34,6 +34,9 @@ void quic_tls_keys_hexdump(struct buffer *buf,
 void quic_tls_kp_keys_hexdump(struct buffer *buf,
                               const struct quic_tls_kp *kp);
 
+int quic_conn_enc_level_init(struct quic_conn *qc,
+                             enum quic_tls_enc_level level);
+void quic_conn_enc_level_uninit(struct quic_conn *qc, struct quic_enc_level *qel);
 void quic_tls_secret_hexdump(struct buffer *buf,
                              const unsigned char *secret, size_t secret_len);
 

src/quic_conn.c

@@ -222,7 +222,7 @@ DECLARE_POOL(pool_head_quic_dgram, "quic_dgram", sizeof(struct quic_dgram));
 DECLARE_POOL(pool_head_quic_rx_packet, "quic_rx_packet", sizeof(struct quic_rx_packet));
 DECLARE_POOL(pool_head_quic_tx_packet, "quic_tx_packet", sizeof(struct quic_tx_packet));
 DECLARE_STATIC_POOL(pool_head_quic_rx_crypto_frm, "quic_rx_crypto_frm", sizeof(struct quic_rx_crypto_frm));
-DECLARE_STATIC_POOL(pool_head_quic_crypto_buf, "quic_crypto_buf", sizeof(struct quic_crypto_buf));
+DECLARE_POOL(pool_head_quic_crypto_buf, "quic_crypto_buf", sizeof(struct quic_crypto_buf));
 DECLARE_STATIC_POOL(pool_head_quic_cstream, "quic_cstream", sizeof(struct quic_cstream));
 DECLARE_POOL(pool_head_quic_frame, "quic_frame", sizeof(struct quic_frame));
 DECLARE_STATIC_POOL(pool_head_quic_arng, "quic_arng", sizeof(struct quic_arng_node));
@@ -5280,79 +5280,6 @@ struct quic_cstream *quic_cstream_new(struct quic_conn *qc)
 	goto leave;
 }
 
-/* Uninitialize <qel> QUIC encryption level. Never fails. */
-static void quic_conn_enc_level_uninit(struct quic_conn *qc, struct quic_enc_level *qel)
-{
-	int i;
-
-	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
-
-	for (i = 0; i < qel->tx.crypto.nb_buf; i++) {
-		if (qel->tx.crypto.bufs[i]) {
-			pool_free(pool_head_quic_crypto_buf, qel->tx.crypto.bufs[i]);
-			qel->tx.crypto.bufs[i] = NULL;
-		}
-	}
-	ha_free(&qel->tx.crypto.bufs);
-	quic_cstream_free(qel->cstream);
-
-	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
-}
-
-/* Initialize QUIC TLS encryption level with <level<> as level for <qc> QUIC
- * connection allocating everything needed.
- *
- * Returns 1 if succeeded, 0 if not. On error the caller is responsible to use
- * quic_conn_enc_level_uninit() to cleanup partially allocated content.
- */
-static int quic_conn_enc_level_init(struct quic_conn *qc,
-                                    enum quic_tls_enc_level level)
-{
-	int ret = 0;
-	struct quic_enc_level *qel;
-
-	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
-
-	qel = &qc->els[level];
-	qel->level = quic_to_ssl_enc_level(level);
-	qel->tls_ctx.rx.aead = qel->tls_ctx.tx.aead = NULL;
-	qel->tls_ctx.rx.md   = qel->tls_ctx.tx.md = NULL;
-	qel->tls_ctx.rx.hp   = qel->tls_ctx.tx.hp = NULL;
-	qel->tls_ctx.flags = 0;
-
-	qel->rx.pkts = EB_ROOT;
-	LIST_INIT(&qel->rx.pqpkts);
-
-	/* Allocate only one buffer. */
-	/* TODO: use a pool */
-	qel->tx.crypto.bufs = malloc(sizeof *qel->tx.crypto.bufs);
-	if (!qel->tx.crypto.bufs)
-		goto leave;
-
-	qel->tx.crypto.bufs[0] = pool_alloc(pool_head_quic_crypto_buf);
-	if (!qel->tx.crypto.bufs[0])
-		goto leave;
-
-	qel->tx.crypto.bufs[0]->sz = 0;
-	qel->tx.crypto.nb_buf = 1;
-
-	qel->tx.crypto.sz = 0;
-	qel->tx.crypto.offset = 0;
-	/* No CRYPTO data for early data TLS encryption level */
-	if (level == QUIC_TLS_ENC_LEVEL_EARLY_DATA)
-		qel->cstream = NULL;
-	else {
-		qel->cstream = quic_cstream_new(qc);
-		if (!qel->cstream)
-			goto leave;
-	}
-
-	ret = 1;
- leave:
-	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
-	return ret;
-}
-
 /* Return 1 if <qc> connection may probe the Initial packet number space, 0 if not.
  * This is not the case if the remote peer address is not validated and if
  * it cannot send at least QUIC_INITIAL_PACKET_MINLEN bytes.

src/quic_tls.c

@@ -9,7 +9,7 @@
 #include <haproxy/buf.h>
 #include <haproxy/chunk.h>
 #include <haproxy/pool.h>
-#include <haproxy/quic_conn-t.h>
+#include <haproxy/quic_conn.h>
 
 
 DECLARE_POOL(pool_head_quic_tls_secret, "quic_tls_secret", QUIC_TLS_SECRET_LEN);
@@ -85,6 +85,79 @@ void quic_tls_secret_hexdump(struct buffer *buf,
 		chunk_appendf(buf, "%02x", secret[i]);
 }
 
+/* Initialize QUIC TLS encryption level with <level<> as level for <qc> QUIC
+ * connection allocating everything needed.
+ *
+ * Returns 1 if succeeded, 0 if not. On error the caller is responsible to use
+ * quic_conn_enc_level_uninit() to cleanup partially allocated content.
+ */
+int quic_conn_enc_level_init(struct quic_conn *qc,
+                             enum quic_tls_enc_level level)
+{
+	int ret = 0;
+	struct quic_enc_level *qel;
+
+	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
+
+	qel = &qc->els[level];
+	qel->level = quic_to_ssl_enc_level(level);
+	qel->tls_ctx.rx.aead = qel->tls_ctx.tx.aead = NULL;
+	qel->tls_ctx.rx.md   = qel->tls_ctx.tx.md = NULL;
+	qel->tls_ctx.rx.hp   = qel->tls_ctx.tx.hp = NULL;
+	qel->tls_ctx.flags = 0;
+
+	qel->rx.pkts = EB_ROOT;
+	LIST_INIT(&qel->rx.pqpkts);
+
+	/* Allocate only one buffer. */
+	/* TODO: use a pool */
+	qel->tx.crypto.bufs = malloc(sizeof *qel->tx.crypto.bufs);
+	if (!qel->tx.crypto.bufs)
+		goto leave;
+
+	qel->tx.crypto.bufs[0] = pool_alloc(pool_head_quic_crypto_buf);
+	if (!qel->tx.crypto.bufs[0])
+		goto leave;
+
+	qel->tx.crypto.bufs[0]->sz = 0;
+	qel->tx.crypto.nb_buf = 1;
+
+	qel->tx.crypto.sz = 0;
+	qel->tx.crypto.offset = 0;
+	/* No CRYPTO data for early data TLS encryption level */
+	if (level == QUIC_TLS_ENC_LEVEL_EARLY_DATA)
+		qel->cstream = NULL;
+	else {
+		qel->cstream = quic_cstream_new(qc);
+		if (!qel->cstream)
+			goto leave;
+	}
+
+	ret = 1;
+ leave:
+	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
+	return ret;
+}
+
+/* Uninitialize <qel> QUIC encryption level. Never fails. */
+void quic_conn_enc_level_uninit(struct quic_conn *qc, struct quic_enc_level *qel)
+{
+	int i;
+
+	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
+
+	for (i = 0; i < qel->tx.crypto.nb_buf; i++) {
+		if (qel->tx.crypto.bufs[i]) {
+			pool_free(pool_head_quic_crypto_buf, qel->tx.crypto.bufs[i]);
+			qel->tx.crypto.bufs[i] = NULL;
+		}
+	}
+	ha_free(&qel->tx.crypto.bufs);
+	quic_cstream_free(qel->cstream);
+
+	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
+}
+
 int quic_hkdf_extract(const EVP_MD *md,
                       unsigned char *buf, size_t buflen,
                       const unsigned char *key, size_t keylen,