1. Update tquic version to v1.0.0

2. Create TlsConfig using quic_tls_config_new which is recommended

simple_client.c

@@ -39,7 +39,6 @@ struct simple_client {
     int sock;
     struct sockaddr_storage local_addr;
     socklen_t local_addr_len;
-    SSL_CTX *ssl_ctx;
     struct quic_tls_config_t *tls_config;
     struct quic_conn_t *conn;
     struct ev_loop *loop;
@@ -118,40 +117,6 @@ int client_on_packets_send(void *psctx, struct quic_packet_out_spec_t *pkts,
     return sent_count;
 }
 
-static char s_alpn[0x100];
-
-static int add_alpn(const char *alpn) {
-    size_t alpn_len, all_len;
-
-    alpn_len = strlen(alpn);
-    if (alpn_len > 255) return -1;
-
-    all_len = strlen(s_alpn);
-    if (all_len + 1 + alpn_len + 1 > sizeof(s_alpn)) return -1;
-
-    s_alpn[all_len] = alpn_len;
-    memcpy(&s_alpn[all_len + 1], alpn, alpn_len);
-    s_alpn[all_len + 1 + alpn_len] = '\0';
-    return 0;
-}
-
-int client_load_ssl_ctx(struct simple_client *client) {
-    add_alpn("http/0.9");
-    client->ssl_ctx = SSL_CTX_new(TLS_method());
-    if (SSL_CTX_set_default_verify_paths(client->ssl_ctx) != 1) {
-        fprintf(stderr, "set default verify path failed\n");
-        return -1;
-    }
-    if (SSL_CTX_set_alpn_protos(client->ssl_ctx, (const unsigned char *)s_alpn,
-                                strlen(s_alpn)) != 0) {
-        fprintf(stderr, "set alpn failed\n");
-        return -1;
-    }
-    client->tls_config = quic_tls_config_new_with_ssl_ctx(client->ssl_ctx);
-
-    return 0;
-}
-
 const struct quic_transport_methods_t quic_transport_methods = {
     .on_conn_created = client_on_conn_created,
     .on_conn_established = client_on_conn_established,
@@ -262,12 +227,12 @@ int main(int argc, char *argv[]) {
     }
 
     // Set logger.
-    quic_set_logger(debug_log, NULL, QUIC_LOG_LEVEL_TRACE);
+    quic_set_logger(debug_log, NULL, "TRACE");
 
     // Create client.
     struct simple_client client;
     client.quic_endpoint = NULL;
-    client.ssl_ctx = NULL;
+    client.tls_config = NULL;
     client.conn = NULL;
     client.loop = NULL;
     quic_config_t *config = NULL;
@@ -293,7 +258,9 @@ int main(int argc, char *argv[]) {
     quic_config_set_recv_udp_payload_size(config, MAX_DATAGRAM_SIZE);
 
     // Create and set tls config.
-    if (client_load_ssl_ctx(&client) != 0) {
+    const char *const protos[1] = {"http/0.9"};
+    client.tls_config = quic_tls_config_new_client_config(protos, 1, true);
+    if (client.tls_config == NULL) {
         ret = -1;
         goto EXIT;
     }
@@ -339,9 +306,6 @@ int main(int argc, char *argv[]) {
     if (peer != NULL) {
         freeaddrinfo(peer);
     }
-    if (client.ssl_ctx != NULL) {
-        SSL_CTX_free(client.ssl_ctx);
-    }
     if (client.tls_config != NULL) {
         quic_tls_config_free(client.tls_config);
     }

simple_server.c

@@ -41,7 +41,6 @@ struct simple_server {
     int sock;
     struct sockaddr_storage local_addr;
     socklen_t local_addr_len;
-    SSL_CTX *ssl_ctx;
     struct quic_tls_config_t *tls_config;
     struct ev_loop *loop;
 };
@@ -134,58 +133,6 @@ struct quic_tls_config_t *server_select_tls_config(void *ctx,
     return server->tls_config;
 }
 
-static char s_alpn[0x100];
-
-static int add_alpn(const char *alpn) {
-    size_t alpn_len, all_len;
-
-    alpn_len = strlen(alpn);
-    if (alpn_len > 255) return -1;
-
-    all_len = strlen(s_alpn);
-    if (all_len + 1 + alpn_len + 1 > sizeof(s_alpn)) return -1;
-
-    s_alpn[all_len] = alpn_len;
-    memcpy(&s_alpn[all_len + 1], alpn, alpn_len);
-    s_alpn[all_len + 1 + alpn_len] = '\0';
-    return 0;
-}
-
-static int select_alpn(SSL *ssl, const unsigned char **out,
-                       unsigned char *outlen, const unsigned char *in,
-                       unsigned int inlen, void *arg) {
-    int r = SSL_select_next_proto((unsigned char **)out, outlen, in, inlen,
-                                  (unsigned char *)s_alpn, strlen(s_alpn));
-    if (r == OPENSSL_NPN_NEGOTIATED) {
-        return SSL_TLSEXT_ERR_OK;
-    } else {
-        return SSL_TLSEXT_ERR_ALERT_FATAL;
-    }
-}
-
-static const char *const CERT_FILE = "cert.crt";
-static const char *const KEY_FILE = "cert.key";
-
-int server_load_ssl_ctx(struct simple_server *server) {
-    add_alpn("http/0.9");
-    server->ssl_ctx = SSL_CTX_new(TLS_method());
-    if (SSL_CTX_use_certificate_chain_file(server->ssl_ctx, CERT_FILE) != 1) {
-        fprintf(stderr, "failed to load cert\n");
-        SSL_CTX_free(server->ssl_ctx);
-        return -1;
-    }
-    if (SSL_CTX_use_PrivateKey_file(server->ssl_ctx, KEY_FILE,
-                                    SSL_FILETYPE_PEM) != 1) {
-        fprintf(stderr, "failed to load key\n");
-        SSL_CTX_free(server->ssl_ctx);
-        return -1;
-    }
-    SSL_CTX_set_alpn_select_cb(server->ssl_ctx, select_alpn, NULL);
-    server->tls_config = quic_tls_config_new_with_ssl_ctx(server->ssl_ctx);
-
-    return 0;
-}
-
 const struct quic_transport_methods_t quic_transport_methods = {
     .on_conn_created = server_on_conn_created,
     .on_conn_established = server_on_conn_established,
@@ -310,12 +257,12 @@ int main(int argc, char *argv[]) {
     }
 
     // Set logger.
-    quic_set_logger(debug_log, NULL, QUIC_LOG_LEVEL_TRACE);
+    quic_set_logger(debug_log, NULL, "TRACE");
 
     // Create simple server.
     struct simple_server server;
     server.quic_endpoint = NULL;
-    server.ssl_ctx = NULL;
+    server.tls_config = NULL;
     server.loop = NULL;
     quic_config_t *config = NULL;
     int ret = 0;
@@ -338,8 +285,11 @@ int main(int argc, char *argv[]) {
     quic_config_set_max_idle_timeout(config, 5000);
     quic_config_set_recv_udp_payload_size(config, MAX_DATAGRAM_SIZE);
 
-    // Create and set tls conf selector for quic config.
-    if (server_load_ssl_ctx(&server) != 0) {
+    // Create and set tls config.
+    const char *const protos[1] = {"http/0.9"};
+    server.tls_config = quic_tls_config_new_server_config(
+        "cert.crt", "cert.key", protos, 1, true);
+    if (server.tls_config == NULL) {
         ret = -1;
         goto EXIT;
     }
@@ -370,9 +320,6 @@ int main(int argc, char *argv[]) {
     if (local != NULL) {
         freeaddrinfo(local);
     }
-    if (server.ssl_ctx != NULL) {
-        SSL_CTX_free(server.ssl_ctx);
-    }
     if (server.tls_config != NULL) {
         quic_tls_config_free(server.tls_config);
     }