Browse code

- timeouts fixed (all the tcp timeouts use now ticks and not seconds)

Andrei Pelinescu-Onciul authored on 17/01/2007 20:24:05
Showing 4 changed files
... ...
@@ -47,6 +47,8 @@
47 47
 #include "../../trim.h"
48 48
 #include "../../transport.h"
49 49
 #include "../../globals.h"
50
+#include "../../timer_ticks.h"
51
+#include "../../timer.h" /* ticks_t */
50 52
 #include "tls_init.h"
51 53
 #include "tls_server.h"
52 54
 #include "tls_domain.h"
... ...
@@ -56,6 +58,13 @@
56 58
 #include "tls_mod.h"
57 59
 
58 60
 
61
+/* maximum accepted lifetime (maximum possible is  ~ MAXINT/2)
62
+ *  (it should be kept in sync w/ MAX_TCP_CON_LIFETIME from tcp_main.c:
63
+ *   MAX_TLS_CON_LIFETIME <= MAX_TCP_CON_LIFETIME )*/
64
+#define MAX_TLS_CON_LIFETIME	(1U<<(sizeof(ticks_t)*8-1))
65
+
66
+
67
+
59 68
 /*
60 69
  * FIXME:
61 70
  * - How do we ask for secret key password ? Mod_init is called after
... ...
@@ -147,7 +156,7 @@ static str tls_method = STR_STATIC_INIT("TLSv1");
147 156
 
148 157
 int tls_handshake_timeout = 120;
149 158
 int tls_send_timeout = 120;
150
-int tls_conn_timeout = 600;
159
+int tls_con_lifetime = 600; /* this value will be adjusted to ticks later */
151 160
 int tls_log = 3;
152 161
 int tls_session_cache = 0;
153 162
 str tls_session_id = STR_STATIC_INIT("ser-tls-0.9.0");
... ...
@@ -183,7 +192,7 @@ static param_export_t params[] = {
183 192
 	{"cipher_list",         PARAM_STRING, &mod_params.cipher_list },
184 193
 	{"handshake_timeout",   PARAM_INT,    &tls_handshake_timeout  },
185 194
 	{"send_timeout",        PARAM_INT,    &tls_send_timeout       },
186
-	{"connection_timeout",  PARAM_INT,    &tls_conn_timeout       },
195
+	{"connection_timeout",  PARAM_INT,    &tls_con_lifetime       },
187 196
 	{"tls_log",             PARAM_INT,    &tls_log                },
188 197
 	{"session_cache",       PARAM_INT,    &tls_session_cache      },
189 198
 	{"session_id",          PARAM_STR,    &tls_session_id         },
... ...
@@ -288,6 +297,24 @@ static int mod_init(void)
288 297
 
289 298
 	if (tls_check_sockets(*tls_cfg) < 0) return -1;
290 299
 
300
+	/* fix the timeouts from s to ticks */
301
+	if (tls_con_lifetime<0){
302
+		/* set to max value (~ 1/2 MAX_INT) */
303
+		tls_con_lifetime=MAX_TLS_CON_LIFETIME;
304
+	}else{
305
+		if ((unsigned)tls_con_lifetime > 
306
+				(unsigned)TICKS_TO_S(MAX_TLS_CON_LIFETIME)){
307
+			LOG(L_WARN, "tls: mod_init: tls_con_lifetime too big (%u s), "
308
+					" the maximum value is %u\n", tls_con_lifetime,
309
+					TICKS_TO_S(MAX_TLS_CON_LIFETIME));
310
+			tls_con_lifetime=MAX_TLS_CON_LIFETIME;
311
+		}else{
312
+			tls_con_lifetime=S_TO_TICKS(tls_con_lifetime);
313
+		}
314
+	}
315
+	
316
+
317
+
291 318
 	return 0;
292 319
 }
293 320
 
... ...
@@ -39,7 +39,7 @@
39 39
 
40 40
 extern int tls_handshake_timeout;
41 41
 extern int tls_send_timeout;
42
-extern int tls_conn_timeout;
42
+extern int tls_con_lifetime;
43 43
 extern int tls_log;
44 44
 extern int tls_session_cache;
45 45
 extern str tls_session_id;
... ...
@@ -37,6 +37,7 @@
37 37
 #include "../../ut.h"
38 38
 #include "tls_server.h"
39 39
 #include "tls_select.h"
40
+#include "tls_mod.h"
40 41
 
41 42
 enum {
42 43
 	CERT_LOCAL = 1,   /* Select local certificate */
... ...
@@ -70,7 +71,7 @@ struct tcp_connection* get_cur_connection(struct sip_msg* msg)
70 71
 		return 0;
71 72
 	}
72 73
 
73
-	c = tcpconn_get(msg->rcv.proto_reserved1, 0, 0, tcp_con_lifetime);
74
+	c = tcpconn_get(msg->rcv.proto_reserved1, 0, 0, tls_con_lifetime);
74 75
 	if (c && c->type != PROTO_TLS) {
75 76
 		ERR("Connection found but is not TLS\n");
76 77
 		tcpconn_put(c);
... ...
@@ -580,7 +580,7 @@ int tls_tcpconn_init(struct tcp_connection *c, int sock)
580 580
 {
581 581
 	c->type = PROTO_TLS;
582 582
 	c->rcv.proto = PROTO_TLS;
583
-	c->timeout = get_ticks() + tls_conn_timeout;
583
+	c->timeout = get_ticks_raw() + tls_con_lifetime;
584 584
 	c->extra_data = 0;
585 585
 	return 0;
586 586
 }