From c0c59b55ab0776fe6a2f99e6b5fe585030018cc6 Mon Sep 17 00:00:00 2001 From: Artem Boldariev Date: Wed, 3 Aug 2022 14:46:33 +0300 Subject: [PATCH] TLS: add an internal function isc__nmhandle_get_selected_alpn() The added function provides the interface for getting an ALPN tag negotiated during TLS connection establishment. The new function can be used by higher level transports. --- lib/isc/netmgr/http.c | 3 +-- lib/isc/netmgr/netmgr-int.h | 17 +++++++++++++++++ lib/isc/netmgr/netmgr.c | 21 +++++++++++++++++++++ lib/isc/netmgr/tlsstream.c | 15 +++++++++++++++ 4 files changed, 54 insertions(+), 2 deletions(-) diff --git a/lib/isc/netmgr/http.c b/lib/isc/netmgr/http.c index 7cb69b5f97..962a5b4386 100644 --- a/lib/isc/netmgr/http.c +++ b/lib/isc/netmgr/http.c @@ -1399,8 +1399,7 @@ transport_connect_cb(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { INSIST(transp_sock->type == isc_nm_tlssocket); - isc_tls_get_selected_alpn(transp_sock->tlsstream.tls, &alpn, - &alpnlen); + isc__nmhandle_get_selected_alpn(handle, &alpn, &alpnlen); if (alpn == NULL || alpnlen != NGHTTP2_PROTO_VERSION_ID_LEN || memcmp(NGHTTP2_PROTO_VERSION_ID, alpn, NGHTTP2_PROTO_VERSION_ID_LEN) != 0) diff --git a/lib/isc/netmgr/netmgr-int.h b/lib/isc/netmgr/netmgr-int.h index 274aec9a68..fe99e3a125 100644 --- a/lib/isc/netmgr/netmgr-int.h +++ b/lib/isc/netmgr/netmgr-int.h @@ -1603,6 +1603,11 @@ void isc__nm_tls_failed_read_cb(isc_nmsocket_t *sock, isc_result_t result, bool async); +void +isc__nmhandle_tls_get_selected_alpn(isc_nmhandle_t *handle, + const unsigned char **alpn, + unsigned int *alpnlen); + void isc__nm_http_stoplistening(isc_nmsocket_t *sock); @@ -2022,3 +2027,15 @@ isc__nmhandle_set_manual_timer(isc_nmhandle_t *handle, const bool manual); * Set manual read timer control mode - so that it will not get reset * automatically on read nor get started when read is initiated. */ + +void +isc__nmhandle_get_selected_alpn(isc_nmhandle_t *handle, + const unsigned char **alpn, + unsigned int *alpnlen); +/* + * Returns a non zero terminated ALPN identifier via 'alpn'. The + * length of the identifier is returned via 'alpnlen'. If after the + * call either 'alpn == NULL' or 'alpnlen == 0', then identifier was + * not negotiated of the underlying protocol of the connection + * represented via the given handle does not support ALPN. + */ diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c index 4c3c3107f3..bca6f3c76b 100644 --- a/lib/isc/netmgr/netmgr.c +++ b/lib/isc/netmgr/netmgr.c @@ -2922,6 +2922,27 @@ isc__nmhandle_set_manual_timer(isc_nmhandle_t *handle, const bool manual) { UNREACHABLE(); } +void +isc__nmhandle_get_selected_alpn(isc_nmhandle_t *handle, + const unsigned char **alpn, + unsigned int *alpnlen) { + isc_nmsocket_t *sock; + + REQUIRE(VALID_NMHANDLE(handle)); + sock = handle->sock; + REQUIRE(VALID_NMSOCK(sock)); + + switch (sock->type) { +#if HAVE_LIBNGHTTP2 + case isc_nm_tlssocket: + isc__nmhandle_tls_get_selected_alpn(handle, alpn, alpnlen); + return; +#endif /* HAVE_LIBNGHTTP2 */ + default: + break; + }; +} + #ifdef NETMGR_TRACE /* * Dump all active sockets in netmgr. We output to stderr diff --git a/lib/isc/netmgr/tlsstream.c b/lib/isc/netmgr/tlsstream.c index e99b03b4bb..834a386ce6 100644 --- a/lib/isc/netmgr/tlsstream.c +++ b/lib/isc/netmgr/tlsstream.c @@ -1402,3 +1402,18 @@ isc__nmhandle_tls_set_manual_timer(isc_nmhandle_t *handle, const bool manual) { sock->manual_read_timer = manual; } + +void +isc__nmhandle_tls_get_selected_alpn(isc_nmhandle_t *handle, + const unsigned char **alpn, + unsigned int *alpnlen) { + isc_nmsocket_t *sock; + + REQUIRE(VALID_NMHANDLE(handle)); + sock = handle->sock; + REQUIRE(VALID_NMSOCK(sock)); + REQUIRE(sock->type == isc_nm_tlssocket); + REQUIRE(sock->tid == isc_tid()); + + isc_tls_get_selected_alpn(sock->tlsstream.tls, alpn, alpnlen); +}