- more tls preparation

Makefile.defs

@@ -40,7 +40,7 @@ export makefile_defs
 VERSION = 0
 PATCHLEVEL = 8
 SUBLEVEL =   12
-EXTRAVERSION = dev-t02
+EXTRAVERSION = dev-t03
 
 RELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)
 OS = $(shell uname -s | sed -e s/SunOS/solaris/ | tr "[A-Z]" "[a-z]")

globals.h

@@ -46,7 +46,12 @@
 extern char * cfg_file;
 extern char *stat_file;
 extern struct socket_info sock_info[]; /* all addresses we listen/send from*/
+#ifdef USE_TCP
 extern struct socket_info tcp_info[]; /* all tcp sockets we listen on*/
+#endif
+#ifdef USE_TLS
+extern struct socket_info tls_info[]; /* tcp-tls sockets */
+#endif
 extern int sock_no; /* number of addresses/open sockets*/
 extern unsigned short port_no;
 
@@ -69,6 +74,9 @@ extern int children_no;
 extern int tcp_children_no;
 extern int tcp_disable;
 #endif
+#ifdef USE_TLS
+extern int tls_disable;
+#endif
 extern int dont_fork;
 extern int check_via;
 extern int received_dns;

lock_alloc.h

@@ -54,7 +54,7 @@ Implements: (see also locking.h)
 #ifdef SHM_MEM
 #include "mem/shm_mem.h"
 #else
-#error "locking requires shared memroy support"
+#error "locking requires shared memory support"
 #endif
 
 #if defined(FAST_LOCK) || defined(USE_PTHREAD_MUTEX) || defined(USE_POSIX_SEM)

tcp_conn.h

@@ -63,7 +63,8 @@ enum tcp_req_states {	H_SKIP_EMPTY, H_SKIP, H_LF, H_LFCR,  H_BODY, H_STARTWS,
 	};
 
 enum tcp_conn_states { S_CONN_ERROR=-2, S_CONN_BAD=-1, S_CONN_OK=0, 
-						S_CONN_INIT, S_CONN_ACCEPT, S_CONN_CONNECT };
+						S_CONN_INIT, S_CONN_EOF, 
+						S_CONN_ACCEPT, S_CONN_CONNECT };
 
 
 /* fd communication commands */

tcp_main.c

@@ -82,6 +82,9 @@
 #include "sr_module.h"
 #include "tcp_server.h"
 #include "tcp_init.h"
+#ifdef USE_TLS
+#include "tls/tls_server.h"
+#endif
 
 
 
@@ -120,9 +123,6 @@ struct tcp_connection* tcpconn_new(int sock, union sockaddr_union* su,
 									int state)
 {
 	struct tcp_connection *c;
-#ifdef USE_TLS
-	int flags;
-#endif
 	
 	c=(struct tcp_connection*)shm_malloc(sizeof(struct tcp_connection));
 	if (c==0){
@@ -155,21 +155,7 @@ struct tcp_connection* tcpconn_new(int sock, union sockaddr_union* su,
 	c->extra_data=0;
 #ifdef USE_TLS
 	if (type==PROTO_TLS){
-		c->type=PROTO_TLS;
-		c->rcv.proto=PROTO_TLS;
-		c->flags=F_CONN_NON_BLOCKING;
-		flags=fcntl(sock, F_GETFL);
-		if (flags==-1){
-			LOG(L_ERR, "ERROR: tcpconn_new: fcntl failed :%s\n",
-					strerror(errno));
-			goto error;
-		}
-		if (fcntl(sock, F_SETFL, flags|O_NONBLOCK)==-1){
-			LOG(L_ERR, "ERROR: tcpconn_new: fcntl: set non blocking failed :"
-					" %s\n", strerror(errno));
-			goto error;
-		}
-		c->timeout=get_ticks()+TLS_CON_TIMEOUT;
+		if (tls_tcpconn_init(c, sock)==-1) goto error;
 	}else
 #endif /* USE_TLS*/
 	{

tcp_read.c

@@ -30,6 +30,8 @@
  * 2002-12-??  created by andrei.
  * 2003-02-10  zero term before calling receive_msg & undo afterwards (andrei)
  * 2003-05-13  l: (short form of Content-Length) is now recognized (andrei)
+ * 2003-07-01  tcp_read & friends take no a single tcp_connection 
+ *              parameter & they set c->state to S_CONN_EOF on eof (andrei)
  */
 
 #ifdef USE_TCP
@@ -55,16 +57,25 @@
 #include "receive.h"
 #include "timer.h"
 #include "ut.h"
+#ifdef USE_TLS
+#include "tls/tls_server.h"
+#endif
 
 
 
 /* reads next available bytes
  * return number of bytes read, 0 on EOF or -1 on error,
+ * on EOF it also sets c->state to S_CONN_EOF
+ * (to distinguish from reads that would block which could return 0)
  * sets also r->error */
-int tcp_read(struct tcp_req *r, int fd)
+int tcp_read(struct tcp_connection *c)
 {
 	int bytes_free, bytes_read;
-	
+	struct tcp_req *r;
+	int fd;
+
+	r=&c->req;
+	fd=c->fd;
 	bytes_free=TCP_BUF_SIZE- (int)(r->pos - r->buf);
 	
 	if (bytes_free==0){
@@ -84,6 +95,8 @@ again:
 			r->error=TCP_READ_ERROR;
 			return -1;
 		}
+	}else if (bytes_read==0){
+		r->state=S_CONN_EOF;
 	}
 #ifdef EXTRA_DEBUG
 	DBG("tcp_read: read %d bytes:\n%.*s\n", bytes_read, bytes_read, r->pos);
@@ -103,10 +116,11 @@ again:
  * when either r->body!=0 or r->state==H_BODY =>
  * all headers have been read. It should be called in a while loop.
  * returns < 0 if error or 0 if EOF */
-int tcp_read_headers(struct tcp_req *r, int fd)
+int tcp_read_headers(struct tcp_connection *c)
 {
 	int bytes, remaining;
 	char *p;
+	struct tcp_req* r;
 	
 	#define crlf_default_skip_case \
 					case '\n': \
@@ -149,11 +163,17 @@ int tcp_read_headers(struct tcp_req *r, int fd)
 							  break
 
 
+	r=&c->req;
 	/* if we still have some unparsed part, parse it first, don't do the read*/
 	if (r->parsed<r->pos){
 		bytes=0;
 	}else{
-		bytes=tcp_read(r, fd);
+#ifdef USE_TLS
+		if (c->type==PROTO_TLS)
+			bytes=tls_read(c);
+		else
+#endif
+			bytes=tcp_read(c);
 		if (bytes<=0) return bytes;
 	}
 	p=r->parsed;
@@ -376,9 +396,28 @@ int tcp_read_req(struct tcp_connection* con)
 		s=con->fd;
 		req=&con->req;
 		size=0;
+#ifdef USE_TLS
+		if (con->type==PROTO_TLS){
+			if (con->state==S_CONN_ACCEPT){
+				if (tls_accept(con)!=0){
+					resp=CONN_ERROR;
+					goto end_req;
+				}
+				if(con->state!=S_CONN_OK) goto end_req; /* not enough data */
+			}
+			if(con->state==S_CONN_CONNECT){
+				if (tls_connect(con)!=0){
+					resp=CONN_ERROR;
+					goto end_req;
+				}
+				if(con->state!=S_CONN_OK) goto end_req; /* not enough data */
+			}
+		}
+#endif
+
 again:
 		if(req->complete==0 && req->error==TCP_REQ_OK){
-			bytes=tcp_read_headers(req, s);
+			bytes=tcp_read_headers(con);
 #ifdef EXTRA_DEBUG
 						/* if timeout state=0; goto end__req; */
 			DBG("read= %d bytes, parsed=%d, state=%d, error=%d\n",
@@ -393,7 +432,7 @@ again:
 				resp=CONN_ERROR;
 				goto end_req;
 			}
-			if ((size==0) && (bytes==0)){
+			if ((size==0) && (bytes==0) &&(con->state==S_CONN_EOF)){
 				DBG( "tcp_read_req: EOF\n");
 				resp=CONN_EOF;
 				goto end_req;
@@ -575,6 +614,9 @@ void tcp_receive_loop(int unix_sock)
 					con->state=S_CONN_BAD;
 					release_tcpconn(con, resp, unix_sock);
 				}
+#ifdef USE_TLS
+				if (con->type==PROTO_TLS) tls_tcpconn_update_fd(con, s);
+#endif
 				con->timeout=get_ticks()+TCP_CHILD_TIMEOUT;
 				FD_SET(s, &master_set);
 				if (maxfd<s) maxfd=s;