QUIC CHANNEL, LCIDM: Factor duplicate CID generation function

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)
2024-12-04 15:34:41 +08:00 · 2023-11-09 10:27:14 +00:00 · 2023-11-09 10:27:14 +00:00 · 29fbdfafaf
commit 29fbdfafaf
parent 4760116f5a
4 changed files with 28 additions and 38 deletions
--- a/include/internal/quic_types.h
+++ b/include/internal/quic_types.h
@ -87,6 +87,13 @@ static ossl_unused ossl_inline int ossl_quic_conn_id_eq(const QUIC_CONN_ID *a,
    return memcmp(a->id, b->id, a->id_len) == 0;
 }

+/*
+ * Generates a random CID of the given length. libctx may be NULL.
+ * Returns 1 on success or 0 on failure.
+ */
+int ossl_quic_gen_rand_conn_id(OSSL_LIB_CTX *libctx, size_t len,
+                               QUIC_CONN_ID *cid);
+
 #  define QUIC_MIN_INITIAL_DGRAM_LEN  1200

 #  define QUIC_DEFAULT_ACK_DELAY_EXP  3
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@ -102,22 +102,6 @@ static void ch_raise_version_neg_failure(QUIC_CHANNEL *ch);

 DEFINE_LHASH_OF_EX(QUIC_SRT_ELEM);

-static int gen_rand_conn_id(OSSL_LIB_CTX *libctx, size_t len, QUIC_CONN_ID *cid)
-{
-    if (len > QUIC_MAX_CONN_ID_LEN)
-        return 0;
-
-    cid->id_len = (unsigned char)len;
-
-    if (RAND_bytes_ex(libctx, cid->id, len, len * 8) != 1) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_RAND_LIB);
-        cid->id_len = 0;
-        return 0;
-    }
-
-    return 1;
-}
-
 /*
 * QUIC Channel Initialization and Teardown
 * ========================================
@ -145,7 +129,8 @@ static int ch_init(QUIC_CHANNEL *ch)

    /* For clients, generate our initial DCID. */
    if (!ch->is_server
-        && !gen_rand_conn_id(ch->port->libctx, tx_init_dcid_len, &ch->init_dcid))
+        && !ossl_quic_gen_rand_conn_id(ch->port->libctx, tx_init_dcid_len,
+                                       &ch->init_dcid))
        goto err;

    /* We plug in a network write BIO to the QTX later when we get one. */
--- a/ssl/quic/quic_lcidm.c
+++ b/ssl/quic/quic_lcidm.c
@ -287,26 +287,6 @@ size_t ossl_quic_lcidm_get_num_active_lcid(const QUIC_LCIDM *lcidm,
    return conn->num_active_lcid;
 }

-#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-
-static int gen_rand_conn_id(OSSL_LIB_CTX *libctx, size_t len, QUIC_CONN_ID *cid)
-{
-    if (len > QUIC_MAX_CONN_ID_LEN)
-        return 0;
-
-    cid->id_len = (unsigned char)len;
-
-    if (RAND_bytes_ex(libctx, cid->id, len, len * 8) != 1) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_RAND_LIB);
-        cid->id_len = 0;
-        return 0;
-    }
-
-    return 1;
-}
-
-#endif
-
 static int lcidm_generate_cid(QUIC_LCIDM *lcidm,
                              QUIC_CONN_ID *cid)
 {
@ -322,7 +302,7 @@ static int lcidm_generate_cid(QUIC_LCIDM *lcidm,

    return 1;
 #else
-    return gen_rand_conn_id(lcidm->libctx, lcidm->lcid_len, cid);
+    return ossl_quic_gen_rand_conn_id(lcidm->libctx, lcidm->lcid_len, cid);
 #endif
 }

--- a/ssl/quic/quic_wire.c
+++ b/ssl/quic/quic_wire.c
@ -9,6 +9,7 @@

 #include <openssl/macros.h>
 #include <openssl/objects.h>
+#include <openssl/rand.h>
 #include "internal/quic_ssl.h"
 #include "internal/quic_vlint.h"
 #include "internal/quic_wire.h"
@ -1076,3 +1077,20 @@ const char *ossl_quic_err_to_string(uint64_t error_code)
        return NULL;
    }
 }
+
+int ossl_quic_gen_rand_conn_id(OSSL_LIB_CTX *libctx, size_t len,
+                               QUIC_CONN_ID *cid)
+{
+    if (len > QUIC_MAX_CONN_ID_LEN)
+        return 0;
+
+    cid->id_len = (unsigned char)len;
+
+    if (RAND_bytes_ex(libctx, cid->id, len, len * 8) != 1) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_RAND_LIB);
+        cid->id_len = 0;
+        return 0;
+    }
+
+    return 1;
+}