mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-11 01:26:58 +02:00
Code Issues Projects Releases Wiki Activity
3a8dd48e30
haproxy/include/haproxy/quic_ssl.h
Frédéric Lécaille 94d20be138 MEDIUM: quic: Heavy task mode during handshake 
Add a new pool for the CRYPTO data frames received in order.
Add ->rx.crypto_frms list to each encryption level to store such frames
when they are received in order from qc_handle_crypto_frm().
Also set the handshake task (qc_conn_io_cb()) in heavy task mode from
this function after having received such frames. When this task
detects that it is set in heavy mode, it calls qc_ssl_provide_all_quic_data()
newly implemented function to provide the CRYPTO data to the TLS task.
Modify quic_conn_enc_level_uninit() to release these CRYPTO frames
when releasing the encryption level they are in relation with.
2023-11-09 10:32:31 +01:00

50 lines
1.7 KiB
C
Raw Blame History

/*
* include/haproxy/quic_ssl.h
* This file contains QUIC over TLS/SSL api definitions.
*
* Copyright (C) 2023
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation, version 2.1
* exclusively.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
#ifndef _HAPROXY_QUIC_SSL_H
#define _HAPROXY_QUIC_SSL_H
#include <haproxy/listener-t.h>
#include <haproxy/ncbuf-t.h>
#include <haproxy/openssl-compat.h>
#include <haproxy/pool.h>
#include <haproxy/quic_ssl-t.h>
#include <haproxy/ssl_sock-t.h>
int ssl_quic_initial_ctx(struct bind_conf *bind_conf);
int qc_alloc_ssl_sock_ctx(struct quic_conn *qc);
int qc_ssl_provide_quic_data(struct ncbuf *ncbuf,
enum ssl_encryption_level_t level,
struct ssl_sock_ctx *ctx,
const unsigned char *data, size_t len);
int qc_ssl_provide_all_quic_data(struct quic_conn *qc, struct ssl_sock_ctx *ctx);
static inline void qc_free_ssl_sock_ctx(struct ssl_sock_ctx **ctx)
{
if (!*ctx)
return;
SSL_free((*ctx)->ssl);
pool_free(pool_head_quic_ssl_sock_ctx, *ctx);
*ctx = NULL;
}
#endif /* _HAPROXY_QUIC_SSL_H */
Reference in New Issue View Git Blame Copy Permalink