Browse code

- more tls preparation

Andrei Pelinescu-Onciul authored on 01/07/2003 17:43:40
Showing 6 changed files
... ...
@@ -40,7 +40,7 @@ export makefile_defs
40 40
 VERSION = 0
41 41
 PATCHLEVEL = 8
42 42
 SUBLEVEL =   12
43
-EXTRAVERSION = dev-t02
43
+EXTRAVERSION = dev-t03
44 44
 
45 45
 RELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)
46 46
 OS = $(shell uname -s | sed -e s/SunOS/solaris/ | tr "[A-Z]" "[a-z]")
... ...
@@ -46,7 +46,12 @@
46 46
 extern char * cfg_file;
47 47
 extern char *stat_file;
48 48
 extern struct socket_info sock_info[]; /* all addresses we listen/send from*/
49
+#ifdef USE_TCP
49 50
 extern struct socket_info tcp_info[]; /* all tcp sockets we listen on*/
51
+#endif
52
+#ifdef USE_TLS
53
+extern struct socket_info tls_info[]; /* tcp-tls sockets */
54
+#endif
50 55
 extern int sock_no; /* number of addresses/open sockets*/
51 56
 extern unsigned short port_no;
52 57
 
... ...
@@ -69,6 +74,9 @@ extern int children_no;
69 69
 extern int tcp_children_no;
70 70
 extern int tcp_disable;
71 71
 #endif
72
+#ifdef USE_TLS
73
+extern int tls_disable;
74
+#endif
72 75
 extern int dont_fork;
73 76
 extern int check_via;
74 77
 extern int received_dns;
... ...
@@ -54,7 +54,7 @@ Implements: (see also locking.h)
54 54
 #ifdef SHM_MEM
55 55
 #include "mem/shm_mem.h"
56 56
 #else
57
-#error "locking requires shared memroy support"
57
+#error "locking requires shared memory support"
58 58
 #endif
59 59
 
60 60
 #if defined(FAST_LOCK) || defined(USE_PTHREAD_MUTEX) || defined(USE_POSIX_SEM)
... ...
@@ -63,7 +63,8 @@ enum tcp_req_states {	H_SKIP_EMPTY, H_SKIP, H_LF, H_LFCR,  H_BODY, H_STARTWS,
63 63
 	};
64 64
 
65 65
 enum tcp_conn_states { S_CONN_ERROR=-2, S_CONN_BAD=-1, S_CONN_OK=0, 
66
-						S_CONN_INIT, S_CONN_ACCEPT, S_CONN_CONNECT };
66
+						S_CONN_INIT, S_CONN_EOF, 
67
+						S_CONN_ACCEPT, S_CONN_CONNECT };
67 68
 
68 69
 
69 70
 /* fd communication commands */
... ...
@@ -82,6 +82,9 @@
82 82
 #include "sr_module.h"
83 83
 #include "tcp_server.h"
84 84
 #include "tcp_init.h"
85
+#ifdef USE_TLS
86
+#include "tls/tls_server.h"
87
+#endif
85 88
 
86 89
 
87 90
 
... ...
@@ -120,9 +123,6 @@ struct tcp_connection* tcpconn_new(int sock, union sockaddr_union* su,
120 120
 									int state)
121 121
 {
122 122
 	struct tcp_connection *c;
123
-#ifdef USE_TLS
124
-	int flags;
125
-#endif
126 123
 	
127 124
 	c=(struct tcp_connection*)shm_malloc(sizeof(struct tcp_connection));
128 125
 	if (c==0){
... ...
@@ -155,21 +155,7 @@ struct tcp_connection* tcpconn_new(int sock, union sockaddr_union* su,
155 155
 	c->extra_data=0;
156 156
 #ifdef USE_TLS
157 157
 	if (type==PROTO_TLS){
158
-		c->type=PROTO_TLS;
159
-		c->rcv.proto=PROTO_TLS;
160
-		c->flags=F_CONN_NON_BLOCKING;
161
-		flags=fcntl(sock, F_GETFL);
162
-		if (flags==-1){
163
-			LOG(L_ERR, "ERROR: tcpconn_new: fcntl failed :%s\n",
164
-					strerror(errno));
165
-			goto error;
166
-		}
167
-		if (fcntl(sock, F_SETFL, flags|O_NONBLOCK)==-1){
168
-			LOG(L_ERR, "ERROR: tcpconn_new: fcntl: set non blocking failed :"
169
-					" %s\n", strerror(errno));
170
-			goto error;
171
-		}
172
-		c->timeout=get_ticks()+TLS_CON_TIMEOUT;
158
+		if (tls_tcpconn_init(c, sock)==-1) goto error;
173 159
 	}else
174 160
 #endif /* USE_TLS*/
175 161
 	{
... ...
@@ -30,6 +30,8 @@
30 30
  * 2002-12-??  created by andrei.
31 31
  * 2003-02-10  zero term before calling receive_msg & undo afterwards (andrei)
32 32
  * 2003-05-13  l: (short form of Content-Length) is now recognized (andrei)
33
+ * 2003-07-01  tcp_read & friends take no a single tcp_connection 
34
+ *              parameter & they set c->state to S_CONN_EOF on eof (andrei)
33 35
  */
34 36
 
35 37
 #ifdef USE_TCP
... ...
@@ -55,16 +57,25 @@
55 55
 #include "receive.h"
56 56
 #include "timer.h"
57 57
 #include "ut.h"
58
+#ifdef USE_TLS
59
+#include "tls/tls_server.h"
60
+#endif
58 61
 
59 62
 
60 63
 
61 64
 /* reads next available bytes
62 65
  * return number of bytes read, 0 on EOF or -1 on error,
66
+ * on EOF it also sets c->state to S_CONN_EOF
67
+ * (to distinguish from reads that would block which could return 0)
63 68
  * sets also r->error */
64
-int tcp_read(struct tcp_req *r, int fd)
69
+int tcp_read(struct tcp_connection *c)
65 70
 {
66 71
 	int bytes_free, bytes_read;
67
-	
72
+	struct tcp_req *r;
73
+	int fd;
74
+
75
+	r=&c->req;
76
+	fd=c->fd;
68 77
 	bytes_free=TCP_BUF_SIZE- (int)(r->pos - r->buf);
69 78
 	
70 79
 	if (bytes_free==0){
... ...
@@ -84,6 +95,8 @@ again:
84 84
 			r->error=TCP_READ_ERROR;
85 85
 			return -1;
86 86
 		}
87
+	}else if (bytes_read==0){
88
+		r->state=S_CONN_EOF;
87 89
 	}
88 90
 #ifdef EXTRA_DEBUG
89 91
 	DBG("tcp_read: read %d bytes:\n%.*s\n", bytes_read, bytes_read, r->pos);
... ...
@@ -103,10 +116,11 @@ again:
103 103
  * when either r->body!=0 or r->state==H_BODY =>
104 104
  * all headers have been read. It should be called in a while loop.
105 105
  * returns < 0 if error or 0 if EOF */
106
-int tcp_read_headers(struct tcp_req *r, int fd)
106
+int tcp_read_headers(struct tcp_connection *c)
107 107
 {
108 108
 	int bytes, remaining;
109 109
 	char *p;
110
+	struct tcp_req* r;
110 111
 	
111 112
 	#define crlf_default_skip_case \
112 113
 					case '\n': \
... ...
@@ -149,11 +163,17 @@ int tcp_read_headers(struct tcp_req *r, int fd)
149 149
 							  break
150 150
 
151 151
 
152
+	r=&c->req;
152 153
 	/* if we still have some unparsed part, parse it first, don't do the read*/
153 154
 	if (r->parsed<r->pos){
154 155
 		bytes=0;
155 156
 	}else{
156
-		bytes=tcp_read(r, fd);
157
+#ifdef USE_TLS
158
+		if (c->type==PROTO_TLS)
159
+			bytes=tls_read(c);
160
+		else
161
+#endif
162
+			bytes=tcp_read(c);
157 163
 		if (bytes<=0) return bytes;
158 164
 	}
159 165
 	p=r->parsed;
... ...
@@ -376,9 +396,28 @@ int tcp_read_req(struct tcp_connection* con)
376 376
 		s=con->fd;
377 377
 		req=&con->req;
378 378
 		size=0;
379
+#ifdef USE_TLS
380
+		if (con->type==PROTO_TLS){
381
+			if (con->state==S_CONN_ACCEPT){
382
+				if (tls_accept(con)!=0){
383
+					resp=CONN_ERROR;
384
+					goto end_req;
385
+				}
386
+				if(con->state!=S_CONN_OK) goto end_req; /* not enough data */
387
+			}
388
+			if(con->state==S_CONN_CONNECT){
389
+				if (tls_connect(con)!=0){
390
+					resp=CONN_ERROR;
391
+					goto end_req;
392
+				}
393
+				if(con->state!=S_CONN_OK) goto end_req; /* not enough data */
394
+			}
395
+		}
396
+#endif
397
+
379 398
 again:
380 399
 		if(req->complete==0 && req->error==TCP_REQ_OK){
381
-			bytes=tcp_read_headers(req, s);
400
+			bytes=tcp_read_headers(con);
382 401
 #ifdef EXTRA_DEBUG
383 402
 						/* if timeout state=0; goto end__req; */
384 403
 			DBG("read= %d bytes, parsed=%d, state=%d, error=%d\n",
... ...
@@ -393,7 +432,7 @@ again:
393 393
 				resp=CONN_ERROR;
394 394
 				goto end_req;
395 395
 			}
396
-			if ((size==0) && (bytes==0)){
396
+			if ((size==0) && (bytes==0) &&(con->state==S_CONN_EOF)){
397 397
 				DBG( "tcp_read_req: EOF\n");
398 398
 				resp=CONN_EOF;
399 399
 				goto end_req;
... ...
@@ -575,6 +614,9 @@ void tcp_receive_loop(int unix_sock)
575 575
 					con->state=S_CONN_BAD;
576 576
 					release_tcpconn(con, resp, unix_sock);
577 577
 				}
578
+#ifdef USE_TLS
579
+				if (con->type==PROTO_TLS) tls_tcpconn_update_fd(con, s);
580
+#endif
578 581
 				con->timeout=get_ticks()+TCP_CHILD_TIMEOUT;
579 582
 				FD_SET(s, &master_set);
580 583
 				if (maxfd<s) maxfd=s;