deps: update ngtcp2 to 1.14.0 · nodejs/node@1d00313
1+/*
2+ * ngtcp2
3+ *
4+ * Copyright (c) 2025 ngtcp2 contributors
5+ *
6+ * Permission is hereby granted, free of charge, to any person obtaining
7+ * a copy of this software and associated documentation files (the
8+ * "Software"), to deal in the Software without restriction, including
9+ * without limitation the rights to use, copy, modify, merge, publish,
10+ * distribute, sublicense, and/or sell copies of the Software, and to
11+ * permit persons to whom the Software is furnished to do so, subject to
12+ * the following conditions:
13+ *
14+ * The above copyright notice and this permission notice shall be
15+ * included in all copies or substantial portions of the Software.
16+ *
17+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
20+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
21+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
22+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
23+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24+ */
25+#ifndef NGTCP2_CRYPTO_OSSL_H
26+#define NGTCP2_CRYPTO_OSSL_H
27+28+#include <ngtcp2/ngtcp2.h>
29+30+#include <openssl/ssl.h>
31+32+#ifdef __cplusplus
33+extern "C" {
34+#endif /* defined(__cplusplus) */
35+36+/**
37+ * @macrosection
38+ *
39+ * ossl specific error codes
40+ */
41+42+/**
43+ * @macro
44+ *
45+ * :macro:`NGTCP2_CRYPTO_OSSL_ERR_TLS_WANT_X509_LOOKUP` is the error
46+ * code which indicates that TLS handshake routine is interrupted by
47+ * X509 certificate lookup. See :macro:`SSL_ERROR_WANT_X509_LOOKUP`
48+ * error description from `SSL_do_handshake`.
49+ */
50+#define NGTCP2_CRYPTO_OSSL_ERR_TLS_WANT_X509_LOOKUP -10001
51+52+/**
53+ * @macro
54+ *
55+ * :macro:`NGTCP2_CRYPTO_OSSL_ERR_TLS_WANT_CLIENT_HELLO_CB` is the
56+ * error code which indicates that TLS handshake routine is
57+ * interrupted by client hello callback. See
58+ * :macro:`SSL_ERROR_WANT_CLIENT_HELLO_CB` error description from
59+ * `SSL_do_handshake`.
60+ */
61+#define NGTCP2_CRYPTO_OSSL_ERR_TLS_WANT_CLIENT_HELLO_CB -10002
62+63+/**
64+ * @function
65+ *
66+ * `ngtcp2_crypto_ossl_from_ossl_encryption_level` translates
67+ * |ossl_level| to :type:`ngtcp2_encryption_level`. This function is
68+ * only available for ossl backend.
69+ */
70+NGTCP2_EXTERN ngtcp2_encryption_level
71+ngtcp2_crypto_ossl_from_ossl_encryption_level(uint32_t ossl_level);
72+73+/**
74+ * @function
75+ *
76+ * `ngtcp2_crypto_ossl_from_ngtcp2_encryption_level` translates
77+ * |encryption_level| to OpenSSL encryption level. This function is
78+ * only available for ossl backend.
79+ */
80+NGTCP2_EXTERN uint32_t ngtcp2_crypto_ossl_from_ngtcp2_encryption_level(
81+ngtcp2_encryption_level encryption_level);
82+83+/**
84+ * @struct
85+ *
86+ * :type:`ngtcp2_crypto_ossl_ctx` contains per-connection state, and
87+ * must be set to `ngtcp2_conn_set_tls_native_handle`.
88+ */
89+typedef struct ngtcp2_crypto_ossl_ctx ngtcp2_crypto_ossl_ctx;
90+91+/**
92+ * @function
93+ *
94+ * `ngtcp2_crypto_ossl_ctx_new` creates new
95+ * :type:`ngtcp2_crypto_ossl_ctx` object, and sets it to |*pctx| if it
96+ * succeeds.
97+ *
98+ * |ssl| is set to |*pctx|. It may be NULL, and in that case, call
99+ * `ngtcp2_crypto_ossl_ctx_set_ssl` later to set ``SSL`` object.
100+ *
101+ * This function returns 0 if it succeeds, or one of the following
102+ * negative error codes:
103+ *
104+ * :enum:`NGTCP2_CRYPTO_ERR_NOMEM`
105+ * Out of memory
106+ */
107+NGTCP2_EXTERN int ngtcp2_crypto_ossl_ctx_new(ngtcp2_crypto_ossl_ctx **pctx,
108+SSL *ssl);
109+110+/**
111+ * @function
112+ *
113+ * `ngtcp2_crypto_ossl_ctx_del` frees resources allocated for |ctx|.
114+ * It also frees memory pointed by |ctx|.
115+ */
116+NGTCP2_EXTERN void ngtcp2_crypto_ossl_ctx_del(ngtcp2_crypto_ossl_ctx *ctx);
117+118+/**
119+ * @function
120+ *
121+ * `ngtcp2_crypto_ossl_ctx_set_ssl` sets |ssl| to |ctx|. This
122+ * function must be called after ``SSL`` object is created.
123+ */
124+NGTCP2_EXTERN void ngtcp2_crypto_ossl_ctx_set_ssl(ngtcp2_crypto_ossl_ctx *ctx,
125+SSL *ssl);
126+127+/**
128+ * @function
129+ *
130+ * `ngtcp2_crypto_ossl_ctx_get_ssl` returns ``SSL`` object set to
131+ * |ctx|. If the object has not been set, this function returns NULL.
132+ */
133+NGTCP2_EXTERN SSL *ngtcp2_crypto_ossl_ctx_get_ssl(ngtcp2_crypto_ossl_ctx *ctx);
134+135+/**
136+ * @function
137+ *
138+ * `ngtcp2_crypto_ossl_init` initializes libngtcp2_crypto_ossl
139+ * library. This initialization is optional. It is highly
140+ * recommended to call this function before any use of
141+ * libngtcp2_crypto library API to workaround the performance
142+ * regression.
143+ *
144+ * This function returns 0 if it succeeds, or -1.
145+ */
146+NGTCP2_EXTERN int ngtcp2_crypto_ossl_init(void);
147+148+/**
149+ * @function
150+ *
151+ * `ngtcp2_crypto_ossl_configure_server_session` configures |ssl| for
152+ * server side QUIC connection. It performs the following
153+ * modifications:
154+ *
155+ * - Register callbacks via ``SSL_set_quic_tls_cbs``
156+ *
157+ * Application must set a pointer to :type:`ngtcp2_crypto_conn_ref` to
158+ * SSL object by calling SSL_set_app_data, and
159+ * :type:`ngtcp2_crypto_conn_ref` object must have
160+ * :member:`ngtcp2_crypto_conn_ref.get_conn` field assigned to get
161+ * :type:`ngtcp2_conn`.
162+ *
163+ * Application must call ``SSL_set_app_data(ssl, NULL)`` before
164+ * calling ``SSL_free(ssl)`` if you cannot make `ngtcp2_conn` object
165+ * alive until ``SSL_free`` is called.
166+ *
167+ * It returns 0 if it succeeds, or -1.
168+ */
169+NGTCP2_EXTERN int ngtcp2_crypto_ossl_configure_server_session(SSL *ssl);
170+171+/**
172+ * @function
173+ *
174+ * `ngtcp2_crypto_ossl_configure_client_session` configures |ssl| for
175+ * client side QUIC connection. It performs the following
176+ * modifications:
177+ *
178+ * - Register callbacks via ``SSL_set_quic_tls_cbs``
179+ *
180+ * Application must set a pointer to :type:`ngtcp2_crypto_conn_ref` to
181+ * SSL object by calling SSL_set_app_data, and
182+ * :type:`ngtcp2_crypto_conn_ref` object must have
183+ * :member:`ngtcp2_crypto_conn_ref.get_conn` field assigned to get
184+ * :type:`ngtcp2_conn`.
185+ *
186+ * Application must call ``SSL_set_app_data(ssl, NULL)`` before
187+ * calling ``SSL_free(ssl)`` if you cannot make `ngtcp2_conn` object
188+ * alive until ``SSL_free`` is called.
189+ *
190+ * It returns 0 if it succeeds, or -1.
191+ */
192+NGTCP2_EXTERN int ngtcp2_crypto_ossl_configure_client_session(SSL *ssl);
193+194+#ifdef __cplusplus
195+}
196+#endif /* defined(__cplusplus) */
197+198+#endif /* !defined(NGTCP2_CRYPTO_OSSL_H) */