OpenSSL: Let people opt-in to use TLS 1.3 PSK callback

It's a workaround for the workaround...

If TLS 1.3 was explicitly chosen and the PSK callback is set then
without this patch the callback is never called since, with TLS 1.3, PSK
would only be queried once at the start of a connection.

It can now be re-enabled with an environment variable. A new API should
be added to address the new requirements of PSK with TLS 1.3:
For session resumption the connection MUST use the same hash algorithm
as in the original session. For new sessions the hash algorithm must be
decided ahead of time, or a default will be used (as defined by the
standard). A user can also pass along multiple identity+key pairs and
the server will pick one it recognizes. This is not something we can
currently do with the preSharedKeyAuthenticationRequired callback.

[ChangeLog][Network][QSslSocket][OpenSSL] When using TLS 1.3 we
suppress the first callback from OpenSSL about pre-shared keys, as it
doesn't conform to the past behavior which
preSharedKeyAuthenticationRequired provided. With this update you can
opt-out of that workaround by setting the QT_USE_TLS_1_3_PSK environment
variable

Task-number: QTBUG-95670
Change-Id: Ia7454bbbf394cbcb859de333b371d0890b42a1c3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit 2e520f29a73fe4c3432a992d41c33220736a0d65)
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>

1 files changed, 9 insertions, 2 deletions

diff --git a/src/network/ssl/qtls_openssl.cpp b/src/network/ssl/qtls_openssl.cpp
index 90561943f5..8c6a490fdb 100644
--- a/src/network/ssl/qtls_openssl.cpp
+++ b/src/network/ssl/qtls_openssl.cpp
@@ -256,15 +256,22 @@ static unsigned q_ssl_psk_restore_client(SSL *ssl, const char *hint, char *ident
     Q_ASSERT(tls->d);
     Q_ASSERT(tls->d->tlsMode() == QSslSocket::SslClientMode);
 #endif
+    unsigned retVal = 0;
+
+    // Let developers opt-in to having the normal PSK callback get called for TLS 1.3
+    // PSK (which works differently in a few ways, and is called at the start of every connection).
+    // When they do opt-in we just call the old callback from here.
+    if (qEnvironmentVariableIsSet("QT_USE_TLS_1_3_PSK"))
+        retVal = q_ssl_psk_client_callback(ssl, hint, identity, max_identity_len, psk, max_psk_len);
+
     q_SSL_set_psk_client_callback(ssl, &q_ssl_psk_client_callback);
 
-    return 0;
+    return retVal;
 }
 
 static int q_ssl_psk_use_session_callback(SSL *ssl, const EVP_MD *md, const unsigned char **id,
                                           size_t *idlen, SSL_SESSION **sess)
 {
-    Q_UNUSED(ssl);
     Q_UNUSED(md);
     Q_UNUSED(id);
     Q_UNUSED(idlen);