xCAT/xNBA
2
0
Fork 0
mirror of https://github.com/xcat2/xNBA.git synced 2024-11-22 17:41:55 +00:00
Code Issues Projects Releases Wiki Activity

[tls] Mark security negotiation as a pending operation

Browse Source 
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown 2012-06-09 18:58:54 +01:00
parent 5482b0abb6
commit af47789ef2
2 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/include/ipxe/tls.h
View File

@ -18,6 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <ipxe/sha1.h>
#include <ipxe/sha256.h>
#include <ipxe/x509.h>
#include <ipxe/pending.h>
/** A TLS header */
struct tls_header {
@ -240,10 +241,10 @@ struct tls_session {
/** Certificate validator */
struct interface validator;
/** Client has finished security negotiation */
unsigned int client_finished;
/** Server has finished security negotiation */
unsigned int server_finished;
/** Client security negotiation pending operation */
struct pending_operation client_negotiation;
/** Server security negotiation pending operation */
struct pending_operation server_negotiation;
/** TX sequence number */
uint64_t tx_seq;

16
src/net/tls.c
View File

@ -31,6 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <time.h>
#include <errno.h>
#include <byteswap.h>
#include <ipxe/pending.h>
#include <ipxe/hmac.h>
#include <ipxe/md5.h>
#include <ipxe/sha1.h>
@ -101,7 +102,8 @@ static void tls_set_uint24 ( uint8_t field24[3], unsigned long value ) {
* @ret is_ready TLS session is ready
*/
static int tls_ready ( struct tls_session *tls ) {
return ( tls->client_finished && tls->server_finished );
return ( ( ! is_pending ( &tls->client_negotiation ) ) &&
( ! is_pending ( &tls->server_negotiation ) ) );
}
/******************************************************************************
@ -205,6 +207,10 @@ static void free_tls ( struct refcnt *refcnt ) {
*/
static void tls_close ( struct tls_session *tls, int rc ) {
/* Remove pending operations, if applicable */
pending_put ( &tls->client_negotiation );
pending_put ( &tls->server_negotiation );
/* Remove process */
process_del ( &tls->process );
@ -1141,7 +1147,7 @@ static int tls_send_finished ( struct tls_session *tls ) {
return rc;
/* Mark client as finished */
tls->client_finished = 1;
pending_put ( &tls->client_negotiation );
return 0;
}
@ -1489,7 +1495,7 @@ static int tls_new_finished ( struct tls_session *tls,
}
/* Mark server as finished */
tls->server_finished = 1;
pending_put ( &tls->server_negotiation );
/* Send notification of a window change */
xfer_window_changed ( &tls->plainstream );
@ -2396,6 +2402,10 @@ int add_tls ( struct interface *xfer, const char *name,
tls->handshake_ctx = tls->handshake_sha256_ctx;
tls->tx_pending = TLS_TX_CLIENT_HELLO;
/* Add pending operations for server and client Finished messages */
pending_get ( &tls->client_negotiation );
pending_get ( &tls->server_negotiation );
/* Attach to parent interface, mortalise self, and return */
intf_plug_plug ( &tls->plainstream, xfer );
*next = &tls->cipherstream;