Browse Source

[tls] Rename tls_session to tls_connection

In TLS terminology a session conceptually spans multiple individual
connections, and essentially represents the stored cryptographic state
(master secret and cipher suite) required to establish communication
without going through the certificate and key exchange handshakes.

Rename tls_session to tls_connection in order to make the name
tls_session available to represent the session state.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 6 years ago
parent
commit
4152aff103
2 changed files with 125 additions and 121 deletions
  1. 2
    2
      src/include/ipxe/tls.h
  2. 123
    119
      src/net/tls.c

+ 2
- 2
src/include/ipxe/tls.h View File

@@ -242,8 +242,8 @@ struct md5_sha1_digest {
242 242
 /** MD5+SHA1 digest size */
243 243
 #define MD5_SHA1_DIGEST_SIZE sizeof ( struct md5_sha1_digest )
244 244
 
245
-/** A TLS session */
246
-struct tls_session {
245
+/** A TLS connection */
246
+struct tls_connection {
247 247
 	/** Reference counter */
248 248
 	struct refcnt refcnt;
249 249
 

+ 123
- 119
src/net/tls.c View File

@@ -175,9 +175,9 @@ FILE_LICENCE ( GPL2_OR_LATER );
175 175
 	__einfo_uniqify ( EINFO_EPROTO, 0x01,				\
176 176
 			  "Illegal protocol version upgrade" )
177 177
 
178
-static int tls_send_plaintext ( struct tls_session *tls, unsigned int type,
178
+static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type,
179 179
 				const void *data, size_t len );
180
-static void tls_clear_cipher ( struct tls_session *tls,
180
+static void tls_clear_cipher ( struct tls_connection *tls,
181 181
 			       struct tls_cipherspec *cipherspec );
182 182
 
183 183
 /******************************************************************************
@@ -225,12 +225,12 @@ static void tls_set_uint24 ( tls24_t *field24, unsigned long value ) {
225 225
 }
226 226
 
227 227
 /**
228
- * Determine if TLS session is ready for application data
228
+ * Determine if TLS connection is ready for application data
229 229
  *
230
- * @v tls		TLS session
231
- * @ret is_ready	TLS session is ready
230
+ * @v tls		TLS connection
231
+ * @ret is_ready	TLS connection is ready
232 232
  */
233
-static int tls_ready ( struct tls_session *tls ) {
233
+static int tls_ready ( struct tls_connection *tls ) {
234 234
 	return ( ( ! is_pending ( &tls->client_negotiation ) ) &&
235 235
 		 ( ! is_pending ( &tls->server_negotiation ) ) );
236 236
 }
@@ -308,13 +308,13 @@ struct rsa_digestinfo_prefix rsa_md5_sha1_prefix __rsa_digestinfo_prefix = {
308 308
  */
309 309
 
310 310
 /**
311
- * Free TLS session
311
+ * Free TLS connection
312 312
  *
313 313
  * @v refcnt		Reference counter
314 314
  */
315 315
 static void free_tls ( struct refcnt *refcnt ) {
316
-	struct tls_session *tls =
317
-		container_of ( refcnt, struct tls_session, refcnt );
316
+	struct tls_connection *tls =
317
+		container_of ( refcnt, struct tls_connection, refcnt );
318 318
 	struct io_buffer *iobuf;
319 319
 	struct io_buffer *tmp;
320 320
 
@@ -335,12 +335,12 @@ static void free_tls ( struct refcnt *refcnt ) {
335 335
 }
336 336
 
337 337
 /**
338
- * Finish with TLS session
338
+ * Finish with TLS connection
339 339
  *
340
- * @v tls		TLS session
340
+ * @v tls		TLS connection
341 341
  * @v rc		Status code
342 342
  */
343
-static void tls_close ( struct tls_session *tls, int rc ) {
343
+static void tls_close ( struct tls_connection *tls, int rc ) {
344 344
 
345 345
 	/* Remove pending operations, if applicable */
346 346
 	pending_put ( &tls->client_negotiation );
@@ -365,12 +365,12 @@ static void tls_close ( struct tls_session *tls, int rc ) {
365 365
 /**
366 366
  * Generate random data
367 367
  *
368
- * @v tls		TLS session
368
+ * @v tls		TLS connection
369 369
  * @v data		Buffer to fill
370 370
  * @v len		Length of buffer
371 371
  * @ret rc		Return status code
372 372
  */
373
-static int tls_generate_random ( struct tls_session *tls,
373
+static int tls_generate_random ( struct tls_connection *tls,
374 374
 				 void *data, size_t len ) {
375 375
 	int rc;
376 376
 
@@ -407,7 +407,7 @@ static void tls_hmac_update_va ( struct digest_algorithm *digest,
407 407
 /**
408 408
  * Generate secure pseudo-random data using a single hash function
409 409
  *
410
- * @v tls		TLS session
410
+ * @v tls		TLS connection
411 411
  * @v digest		Hash function to use
412 412
  * @v secret		Secret
413 413
  * @v secret_len	Length of secret
@@ -415,7 +415,7 @@ static void tls_hmac_update_va ( struct digest_algorithm *digest,
415 415
  * @v out_len		Length of output buffer
416 416
  * @v seeds		( data, len ) pairs of seed data, terminated by NULL
417 417
  */
418
-static void tls_p_hash_va ( struct tls_session *tls,
418
+static void tls_p_hash_va ( struct tls_connection *tls,
419 419
 			    struct digest_algorithm *digest,
420 420
 			    void *secret, size_t secret_len,
421 421
 			    void *out, size_t out_len,
@@ -476,15 +476,15 @@ static void tls_p_hash_va ( struct tls_session *tls,
476 476
 /**
477 477
  * Generate secure pseudo-random data
478 478
  *
479
- * @v tls		TLS session
479
+ * @v tls		TLS connection
480 480
  * @v secret		Secret
481 481
  * @v secret_len	Length of secret
482 482
  * @v out		Output buffer
483 483
  * @v out_len		Length of output buffer
484 484
  * @v ...		( data, len ) pairs of seed data, terminated by NULL
485 485
  */
486
-static void tls_prf ( struct tls_session *tls, void *secret, size_t secret_len,
487
-		      void *out, size_t out_len, ... ) {
486
+static void tls_prf ( struct tls_connection *tls, void *secret,
487
+		      size_t secret_len, void *out, size_t out_len, ... ) {
488 488
 	va_list seeds;
489 489
 	va_list tmp;
490 490
 	size_t subsecret_len;
@@ -553,12 +553,12 @@ static void tls_prf ( struct tls_session *tls, void *secret, size_t secret_len,
553 553
 /**
554 554
  * Generate master secret
555 555
  *
556
- * @v tls		TLS session
556
+ * @v tls		TLS connection
557 557
  *
558 558
  * The pre-master secret and the client and server random values must
559 559
  * already be known.
560 560
  */
561
-static void tls_generate_master_secret ( struct tls_session *tls ) {
561
+static void tls_generate_master_secret ( struct tls_connection *tls ) {
562 562
 	DBGC ( tls, "TLS %p pre-master-secret:\n", tls );
563 563
 	DBGC_HD ( tls, &tls->pre_master_secret,
564 564
 		  sizeof ( tls->pre_master_secret ) );
@@ -581,11 +581,11 @@ static void tls_generate_master_secret ( struct tls_session *tls ) {
581 581
 /**
582 582
  * Generate key material
583 583
  *
584
- * @v tls		TLS session
584
+ * @v tls		TLS connection
585 585
  *
586 586
  * The master secret must already be known.
587 587
  */
588
-static int tls_generate_keys ( struct tls_session *tls ) {
588
+static int tls_generate_keys ( struct tls_connection *tls ) {
589 589
 	struct tls_cipherspec *tx_cipherspec = &tls->tx_cipherspec_pending;
590 590
 	struct tls_cipherspec *rx_cipherspec = &tls->rx_cipherspec_pending;
591 591
 	size_t hash_size = tx_cipherspec->suite->digest->digestsize;
@@ -701,7 +701,7 @@ tls_find_cipher_suite ( unsigned int cipher_suite ) {
701 701
  *
702 702
  * @v cipherspec	TLS cipher specification
703 703
  */
704
-static void tls_clear_cipher ( struct tls_session *tls __unused,
704
+static void tls_clear_cipher ( struct tls_connection *tls __unused,
705 705
 			       struct tls_cipherspec *cipherspec ) {
706 706
 
707 707
 	if ( cipherspec->suite ) {
@@ -716,12 +716,12 @@ static void tls_clear_cipher ( struct tls_session *tls __unused,
716 716
 /**
717 717
  * Set cipher suite
718 718
  *
719
- * @v tls		TLS session
719
+ * @v tls		TLS connection
720 720
  * @v cipherspec	TLS cipher specification
721 721
  * @v suite		Cipher suite
722 722
  * @ret rc		Return status code
723 723
  */
724
-static int tls_set_cipher ( struct tls_session *tls,
724
+static int tls_set_cipher ( struct tls_connection *tls,
725 725
 			    struct tls_cipherspec *cipherspec,
726 726
 			    struct tls_cipher_suite *suite ) {
727 727
 	struct pubkey_algorithm *pubkey = suite->pubkey;
@@ -759,11 +759,11 @@ static int tls_set_cipher ( struct tls_session *tls,
759 759
 /**
760 760
  * Select next cipher suite
761 761
  *
762
- * @v tls		TLS session
762
+ * @v tls		TLS connection
763 763
  * @v cipher_suite	Cipher suite specification
764 764
  * @ret rc		Return status code
765 765
  */
766
-static int tls_select_cipher ( struct tls_session *tls,
766
+static int tls_select_cipher ( struct tls_connection *tls,
767 767
 			       unsigned int cipher_suite ) {
768 768
 	struct tls_cipher_suite *suite;
769 769
 	int rc;
@@ -794,12 +794,12 @@ static int tls_select_cipher ( struct tls_session *tls,
794 794
 /**
795 795
  * Activate next cipher suite
796 796
  *
797
- * @v tls		TLS session
797
+ * @v tls		TLS connection
798 798
  * @v pending		Pending cipher specification
799 799
  * @v active		Active cipher specification to replace
800 800
  * @ret rc		Return status code
801 801
  */
802
-static int tls_change_cipher ( struct tls_session *tls,
802
+static int tls_change_cipher ( struct tls_connection *tls,
803 803
 			       struct tls_cipherspec *pending,
804 804
 			       struct tls_cipherspec *active ) {
805 805
 
@@ -858,11 +858,11 @@ tls_signature_hash_algorithm ( struct pubkey_algorithm *pubkey,
858 858
 /**
859 859
  * Add handshake record to verification hash
860 860
  *
861
- * @v tls		TLS session
861
+ * @v tls		TLS connection
862 862
  * @v data		Handshake record
863 863
  * @v len		Length of handshake record
864 864
  */
865
-static void tls_add_handshake ( struct tls_session *tls,
865
+static void tls_add_handshake ( struct tls_connection *tls,
866 866
 				const void *data, size_t len ) {
867 867
 
868 868
 	digest_update ( &md5_sha1_algorithm, tls->handshake_md5_sha1_ctx,
@@ -874,13 +874,13 @@ static void tls_add_handshake ( struct tls_session *tls,
874 874
 /**
875 875
  * Calculate handshake verification hash
876 876
  *
877
- * @v tls		TLS session
877
+ * @v tls		TLS connection
878 878
  * @v out		Output buffer
879 879
  *
880 880
  * Calculates the MD5+SHA1 or SHA256 digest over all handshake
881 881
  * messages seen so far.
882 882
  */
883
-static void tls_verify_handshake ( struct tls_session *tls, void *out ) {
883
+static void tls_verify_handshake ( struct tls_connection *tls, void *out ) {
884 884
 	struct digest_algorithm *digest = tls->handshake_digest;
885 885
 	uint8_t ctx[ digest->ctxsize ];
886 886
 
@@ -898,9 +898,9 @@ static void tls_verify_handshake ( struct tls_session *tls, void *out ) {
898 898
 /**
899 899
  * Restart negotiation
900 900
  *
901
- * @v tls		TLS session
901
+ * @v tls		TLS connection
902 902
  */
903
-static void tls_restart ( struct tls_session *tls ) {
903
+static void tls_restart ( struct tls_connection *tls ) {
904 904
 
905 905
 	/* Sanity check */
906 906
 	assert ( ! tls->tx_pending );
@@ -922,21 +922,21 @@ static void tls_restart ( struct tls_session *tls ) {
922 922
 /**
923 923
  * Resume TX state machine
924 924
  *
925
- * @v tls		TLS session
925
+ * @v tls		TLS connection
926 926
  */
927
-static void tls_tx_resume ( struct tls_session *tls ) {
927
+static void tls_tx_resume ( struct tls_connection *tls ) {
928 928
 	process_add ( &tls->process );
929 929
 }
930 930
 
931 931
 /**
932 932
  * Transmit Handshake record
933 933
  *
934
- * @v tls		TLS session
934
+ * @v tls		TLS connection
935 935
  * @v data		Plaintext record
936 936
  * @v len		Length of plaintext record
937 937
  * @ret rc		Return status code
938 938
  */
939
-static int tls_send_handshake ( struct tls_session *tls,
939
+static int tls_send_handshake ( struct tls_connection *tls,
940 940
 				void *data, size_t len ) {
941 941
 
942 942
 	/* Add to handshake digest */
@@ -949,10 +949,10 @@ static int tls_send_handshake ( struct tls_session *tls,
949 949
 /**
950 950
  * Transmit Client Hello record
951 951
  *
952
- * @v tls		TLS session
952
+ * @v tls		TLS connection
953 953
  * @ret rc		Return status code
954 954
  */
955
-static int tls_send_client_hello ( struct tls_session *tls ) {
955
+static int tls_send_client_hello ( struct tls_connection *tls ) {
956 956
 	struct {
957 957
 		uint32_t type_length;
958 958
 		uint16_t version;
@@ -1049,10 +1049,10 @@ static int tls_send_client_hello ( struct tls_session *tls ) {
1049 1049
 /**
1050 1050
  * Transmit Certificate record
1051 1051
  *
1052
- * @v tls		TLS session
1052
+ * @v tls		TLS connection
1053 1053
  * @ret rc		Return status code
1054 1054
  */
1055
-static int tls_send_certificate ( struct tls_session *tls ) {
1055
+static int tls_send_certificate ( struct tls_connection *tls ) {
1056 1056
 	struct {
1057 1057
 		uint32_t type_length;
1058 1058
 		tls24_t length;
@@ -1095,10 +1095,10 @@ static int tls_send_certificate ( struct tls_session *tls ) {
1095 1095
 /**
1096 1096
  * Transmit Client Key Exchange record
1097 1097
  *
1098
- * @v tls		TLS session
1098
+ * @v tls		TLS connection
1099 1099
  * @ret rc		Return status code
1100 1100
  */
1101
-static int tls_send_client_key_exchange ( struct tls_session *tls ) {
1101
+static int tls_send_client_key_exchange ( struct tls_connection *tls ) {
1102 1102
 	struct tls_cipherspec *cipherspec = &tls->tx_cipherspec_pending;
1103 1103
 	struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey;
1104 1104
 	size_t max_len = pubkey_max_len ( pubkey, cipherspec->pubkey_ctx );
@@ -1139,10 +1139,10 @@ static int tls_send_client_key_exchange ( struct tls_session *tls ) {
1139 1139
 /**
1140 1140
  * Transmit Certificate Verify record
1141 1141
  *
1142
- * @v tls		TLS session
1142
+ * @v tls		TLS connection
1143 1143
  * @ret rc		Return status code
1144 1144
  */
1145
-static int tls_send_certificate_verify ( struct tls_session *tls ) {
1145
+static int tls_send_certificate_verify ( struct tls_connection *tls ) {
1146 1146
 	struct digest_algorithm *digest = tls->handshake_digest;
1147 1147
 	struct x509_certificate *cert = tls->cert;
1148 1148
 	struct pubkey_algorithm *pubkey = cert->signature_algorithm->pubkey;
@@ -1229,10 +1229,10 @@ static int tls_send_certificate_verify ( struct tls_session *tls ) {
1229 1229
 /**
1230 1230
  * Transmit Change Cipher record
1231 1231
  *
1232
- * @v tls		TLS session
1232
+ * @v tls		TLS connection
1233 1233
  * @ret rc		Return status code
1234 1234
  */
1235
-static int tls_send_change_cipher ( struct tls_session *tls ) {
1235
+static int tls_send_change_cipher ( struct tls_connection *tls ) {
1236 1236
 	static const uint8_t change_cipher[1] = { 1 };
1237 1237
 	return tls_send_plaintext ( tls, TLS_TYPE_CHANGE_CIPHER,
1238 1238
 				    change_cipher, sizeof ( change_cipher ) );
@@ -1241,10 +1241,10 @@ static int tls_send_change_cipher ( struct tls_session *tls ) {
1241 1241
 /**
1242 1242
  * Transmit Finished record
1243 1243
  *
1244
- * @v tls		TLS session
1244
+ * @v tls		TLS connection
1245 1245
  * @ret rc		Return status code
1246 1246
  */
1247
-static int tls_send_finished ( struct tls_session *tls ) {
1247
+static int tls_send_finished ( struct tls_connection *tls ) {
1248 1248
 	struct digest_algorithm *digest = tls->handshake_digest;
1249 1249
 	struct {
1250 1250
 		uint32_t type_length;
@@ -1281,12 +1281,12 @@ static int tls_send_finished ( struct tls_session *tls ) {
1281 1281
 /**
1282 1282
  * Receive new Change Cipher record
1283 1283
  *
1284
- * @v tls		TLS session
1284
+ * @v tls		TLS connection
1285 1285
  * @v data		Plaintext record
1286 1286
  * @v len		Length of plaintext record
1287 1287
  * @ret rc		Return status code
1288 1288
  */
1289
-static int tls_new_change_cipher ( struct tls_session *tls,
1289
+static int tls_new_change_cipher ( struct tls_connection *tls,
1290 1290
 				   const void *data, size_t len ) {
1291 1291
 	int rc;
1292 1292
 
@@ -1310,12 +1310,12 @@ static int tls_new_change_cipher ( struct tls_session *tls,
1310 1310
 /**
1311 1311
  * Receive new Alert record
1312 1312
  *
1313
- * @v tls		TLS session
1313
+ * @v tls		TLS connection
1314 1314
  * @v data		Plaintext record
1315 1315
  * @v len		Length of plaintext record
1316 1316
  * @ret rc		Return status code
1317 1317
  */
1318
-static int tls_new_alert ( struct tls_session *tls, const void *data,
1318
+static int tls_new_alert ( struct tls_connection *tls, const void *data,
1319 1319
 			   size_t len ) {
1320 1320
 	const struct {
1321 1321
 		uint8_t level;
@@ -1349,12 +1349,12 @@ static int tls_new_alert ( struct tls_session *tls, const void *data,
1349 1349
 /**
1350 1350
  * Receive new Hello Request handshake record
1351 1351
  *
1352
- * @v tls		TLS session
1352
+ * @v tls		TLS connection
1353 1353
  * @v data		Plaintext handshake record
1354 1354
  * @v len		Length of plaintext handshake record
1355 1355
  * @ret rc		Return status code
1356 1356
  */
1357
-static int tls_new_hello_request ( struct tls_session *tls,
1357
+static int tls_new_hello_request ( struct tls_connection *tls,
1358 1358
 				   const void *data __unused,
1359 1359
 				   size_t len __unused ) {
1360 1360
 
@@ -1380,12 +1380,12 @@ static int tls_new_hello_request ( struct tls_session *tls,
1380 1380
 /**
1381 1381
  * Receive new Server Hello handshake record
1382 1382
  *
1383
- * @v tls		TLS session
1383
+ * @v tls		TLS connection
1384 1384
  * @v data		Plaintext handshake record
1385 1385
  * @v len		Length of plaintext handshake record
1386 1386
  * @ret rc		Return status code
1387 1387
  */
1388
-static int tls_new_server_hello ( struct tls_session *tls,
1388
+static int tls_new_server_hello ( struct tls_connection *tls,
1389 1389
 				  const void *data, size_t len ) {
1390 1390
 	const struct {
1391 1391
 		uint16_t version;
@@ -1548,12 +1548,12 @@ static int tls_new_server_hello ( struct tls_session *tls,
1548 1548
 /**
1549 1549
  * Parse certificate chain
1550 1550
  *
1551
- * @v tls		TLS session
1551
+ * @v tls		TLS connection
1552 1552
  * @v data		Certificate chain
1553 1553
  * @v len		Length of certificate chain
1554 1554
  * @ret rc		Return status code
1555 1555
  */
1556
-static int tls_parse_chain ( struct tls_session *tls,
1556
+static int tls_parse_chain ( struct tls_connection *tls,
1557 1557
 			     const void *data, size_t len ) {
1558 1558
 	size_t remaining = len;
1559 1559
 	int rc;
@@ -1626,12 +1626,12 @@ static int tls_parse_chain ( struct tls_session *tls,
1626 1626
 /**
1627 1627
  * Receive new Certificate handshake record
1628 1628
  *
1629
- * @v tls		TLS session
1629
+ * @v tls		TLS connection
1630 1630
  * @v data		Plaintext handshake record
1631 1631
  * @v len		Length of plaintext handshake record
1632 1632
  * @ret rc		Return status code
1633 1633
  */
1634
-static int tls_new_certificate ( struct tls_session *tls,
1634
+static int tls_new_certificate ( struct tls_connection *tls,
1635 1635
 				 const void *data, size_t len ) {
1636 1636
 	const struct {
1637 1637
 		tls24_t length;
@@ -1666,12 +1666,12 @@ static int tls_new_certificate ( struct tls_session *tls,
1666 1666
 /**
1667 1667
  * Receive new Certificate Request handshake record
1668 1668
  *
1669
- * @v tls		TLS session
1669
+ * @v tls		TLS connection
1670 1670
  * @v data		Plaintext handshake record
1671 1671
  * @v len		Length of plaintext handshake record
1672 1672
  * @ret rc		Return status code
1673 1673
  */
1674
-static int tls_new_certificate_request ( struct tls_session *tls,
1674
+static int tls_new_certificate_request ( struct tls_connection *tls,
1675 1675
 					 const void *data __unused,
1676 1676
 					 size_t len __unused ) {
1677 1677
 
@@ -1699,12 +1699,12 @@ static int tls_new_certificate_request ( struct tls_session *tls,
1699 1699
 /**
1700 1700
  * Receive new Server Hello Done handshake record
1701 1701
  *
1702
- * @v tls		TLS session
1702
+ * @v tls		TLS connection
1703 1703
  * @v data		Plaintext handshake record
1704 1704
  * @v len		Length of plaintext handshake record
1705 1705
  * @ret rc		Return status code
1706 1706
  */
1707
-static int tls_new_server_hello_done ( struct tls_session *tls,
1707
+static int tls_new_server_hello_done ( struct tls_connection *tls,
1708 1708
 				       const void *data, size_t len ) {
1709 1709
 	const struct {
1710 1710
 		char next[0];
@@ -1732,12 +1732,12 @@ static int tls_new_server_hello_done ( struct tls_session *tls,
1732 1732
 /**
1733 1733
  * Receive new Finished handshake record
1734 1734
  *
1735
- * @v tls		TLS session
1735
+ * @v tls		TLS connection
1736 1736
  * @v data		Plaintext handshake record
1737 1737
  * @v len		Length of plaintext handshake record
1738 1738
  * @ret rc		Return status code
1739 1739
  */
1740
-static int tls_new_finished ( struct tls_session *tls,
1740
+static int tls_new_finished ( struct tls_connection *tls,
1741 1741
 			      const void *data, size_t len ) {
1742 1742
 	struct digest_algorithm *digest = tls->handshake_digest;
1743 1743
 	const struct {
@@ -1776,12 +1776,12 @@ static int tls_new_finished ( struct tls_session *tls,
1776 1776
 /**
1777 1777
  * Receive new Handshake record
1778 1778
  *
1779
- * @v tls		TLS session
1779
+ * @v tls		TLS connection
1780 1780
  * @v data		Plaintext record
1781 1781
  * @v len		Length of plaintext record
1782 1782
  * @ret rc		Return status code
1783 1783
  */
1784
-static int tls_new_handshake ( struct tls_session *tls,
1784
+static int tls_new_handshake ( struct tls_connection *tls,
1785 1785
 			       const void *data, size_t len ) {
1786 1786
 	size_t remaining = len;
1787 1787
 	int rc;
@@ -1864,15 +1864,15 @@ static int tls_new_handshake ( struct tls_session *tls,
1864 1864
 /**
1865 1865
  * Receive new record
1866 1866
  *
1867
- * @v tls		TLS session
1867
+ * @v tls		TLS connection
1868 1868
  * @v type		Record type
1869 1869
  * @v rx_data		List of received data buffers
1870 1870
  * @ret rc		Return status code
1871 1871
  */
1872
-static int tls_new_record ( struct tls_session *tls, unsigned int type,
1872
+static int tls_new_record ( struct tls_connection *tls, unsigned int type,
1873 1873
 			    struct list_head *rx_data ) {
1874 1874
 	struct io_buffer *iobuf;
1875
-	int ( * handler ) ( struct tls_session *tls, const void *data,
1875
+	int ( * handler ) ( struct tls_connection *tls, const void *data,
1876 1876
 			    size_t len );
1877 1877
 	int rc;
1878 1878
 
@@ -2010,16 +2010,16 @@ static void tls_hmac ( struct tls_cipherspec *cipherspec,
2010 2010
 /**
2011 2011
  * Allocate and assemble stream-ciphered record from data and MAC portions
2012 2012
  *
2013
- * @v tls		TLS session
2013
+ * @v tls		TLS connection
2014 2014
  * @ret data		Data
2015 2015
  * @ret len		Length of data
2016 2016
  * @ret digest		MAC digest
2017 2017
  * @ret plaintext_len	Length of plaintext record
2018 2018
  * @ret plaintext	Allocated plaintext record
2019 2019
  */
2020
-static void * __malloc tls_assemble_stream ( struct tls_session *tls,
2021
-				    const void *data, size_t len,
2022
-				    void *digest, size_t *plaintext_len ) {
2020
+static void * __malloc
2021
+tls_assemble_stream ( struct tls_connection *tls, const void *data, size_t len,
2022
+		      void *digest, size_t *plaintext_len ) {
2023 2023
 	size_t mac_len = tls->tx_cipherspec.suite->digest->digestsize;
2024 2024
 	void *plaintext;
2025 2025
 	void *content;
@@ -2045,14 +2045,14 @@ static void * __malloc tls_assemble_stream ( struct tls_session *tls,
2045 2045
 /**
2046 2046
  * Allocate and assemble block-ciphered record from data and MAC portions
2047 2047
  *
2048
- * @v tls		TLS session
2048
+ * @v tls		TLS connection
2049 2049
  * @ret data		Data
2050 2050
  * @ret len		Length of data
2051 2051
  * @ret digest		MAC digest
2052 2052
  * @ret plaintext_len	Length of plaintext record
2053 2053
  * @ret plaintext	Allocated plaintext record
2054 2054
  */
2055
-static void * tls_assemble_block ( struct tls_session *tls,
2055
+static void * tls_assemble_block ( struct tls_connection *tls,
2056 2056
 				   const void *data, size_t len,
2057 2057
 				   void *digest, size_t *plaintext_len ) {
2058 2058
 	size_t blocksize = tls->tx_cipherspec.suite->cipher->blocksize;
@@ -2093,13 +2093,13 @@ static void * tls_assemble_block ( struct tls_session *tls,
2093 2093
 /**
2094 2094
  * Send plaintext record
2095 2095
  *
2096
- * @v tls		TLS session
2096
+ * @v tls		TLS connection
2097 2097
  * @v type		Record type
2098 2098
  * @v data		Plaintext record
2099 2099
  * @v len		Length of plaintext record
2100 2100
  * @ret rc		Return status code
2101 2101
  */
2102
-static int tls_send_plaintext ( struct tls_session *tls, unsigned int type,
2102
+static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type,
2103 2103
 				const void *data, size_t len ) {
2104 2104
 	struct tls_header plaintext_tlshdr;
2105 2105
 	struct tls_header *tlshdr;
@@ -2185,12 +2185,12 @@ static int tls_send_plaintext ( struct tls_session *tls, unsigned int type,
2185 2185
 /**
2186 2186
  * Split stream-ciphered record into data and MAC portions
2187 2187
  *
2188
- * @v tls		TLS session
2188
+ * @v tls		TLS connection
2189 2189
  * @v rx_data		List of received data buffers
2190 2190
  * @v mac		MAC to fill in
2191 2191
  * @ret rc		Return status code
2192 2192
  */
2193
-static int tls_split_stream ( struct tls_session *tls,
2193
+static int tls_split_stream ( struct tls_connection *tls,
2194 2194
 			      struct list_head *rx_data, void **mac ) {
2195 2195
 	size_t mac_len = tls->rx_cipherspec.suite->digest->digestsize;
2196 2196
 	struct io_buffer *iobuf;
@@ -2212,12 +2212,12 @@ static int tls_split_stream ( struct tls_session *tls,
2212 2212
 /**
2213 2213
  * Split block-ciphered record into data and MAC portions
2214 2214
  *
2215
- * @v tls		TLS session
2215
+ * @v tls		TLS connection
2216 2216
  * @v rx_data		List of received data buffers
2217 2217
  * @v mac		MAC to fill in
2218 2218
  * @ret rc		Return status code
2219 2219
  */
2220
-static int tls_split_block ( struct tls_session *tls,
2220
+static int tls_split_block ( struct tls_connection *tls,
2221 2221
 			     struct list_head *rx_data, void **mac ) {
2222 2222
 	size_t mac_len = tls->rx_cipherspec.suite->digest->digestsize;
2223 2223
 	struct io_buffer *iobuf;
@@ -2270,12 +2270,12 @@ static int tls_split_block ( struct tls_session *tls,
2270 2270
 /**
2271 2271
  * Receive new ciphertext record
2272 2272
  *
2273
- * @v tls		TLS session
2273
+ * @v tls		TLS connection
2274 2274
  * @v tlshdr		Record header
2275 2275
  * @v rx_data		List of received data buffers
2276 2276
  * @ret rc		Return status code
2277 2277
  */
2278
-static int tls_new_ciphertext ( struct tls_session *tls,
2278
+static int tls_new_ciphertext ( struct tls_connection *tls,
2279 2279
 				struct tls_header *tlshdr,
2280 2280
 				struct list_head *rx_data ) {
2281 2281
 	struct tls_header plaintext_tlshdr;
@@ -2343,10 +2343,10 @@ static int tls_new_ciphertext ( struct tls_session *tls,
2343 2343
 /**
2344 2344
  * Check flow control window
2345 2345
  *
2346
- * @v tls		TLS session
2346
+ * @v tls		TLS connection
2347 2347
  * @ret len		Length of window
2348 2348
  */
2349
-static size_t tls_plainstream_window ( struct tls_session *tls ) {
2349
+static size_t tls_plainstream_window ( struct tls_connection *tls ) {
2350 2350
 
2351 2351
 	/* Block window unless we are ready to accept data */
2352 2352
 	if ( ! tls_ready ( tls ) )
@@ -2358,12 +2358,12 @@ static size_t tls_plainstream_window ( struct tls_session *tls ) {
2358 2358
 /**
2359 2359
  * Deliver datagram as raw data
2360 2360
  *
2361
- * @v tls		TLS session
2361
+ * @v tls		TLS connection
2362 2362
  * @v iobuf		I/O buffer
2363 2363
  * @v meta		Data transfer metadata
2364 2364
  * @ret rc		Return status code
2365 2365
  */
2366
-static int tls_plainstream_deliver ( struct tls_session *tls,
2366
+static int tls_plainstream_deliver ( struct tls_connection *tls,
2367 2367
 				     struct io_buffer *iobuf,
2368 2368
 				     struct xfer_metadata *meta __unused ) {
2369 2369
 	int rc;
@@ -2385,14 +2385,16 @@ static int tls_plainstream_deliver ( struct tls_session *tls,
2385 2385
 
2386 2386
 /** TLS plaintext stream interface operations */
2387 2387
 static struct interface_operation tls_plainstream_ops[] = {
2388
-	INTF_OP ( xfer_deliver, struct tls_session *, tls_plainstream_deliver ),
2389
-	INTF_OP ( xfer_window, struct tls_session *, tls_plainstream_window ),
2390
-	INTF_OP ( intf_close, struct tls_session *, tls_close ),
2388
+	INTF_OP ( xfer_deliver, struct tls_connection *,
2389
+		  tls_plainstream_deliver ),
2390
+	INTF_OP ( xfer_window, struct tls_connection *,
2391
+		  tls_plainstream_window ),
2392
+	INTF_OP ( intf_close, struct tls_connection *, tls_close ),
2391 2393
 };
2392 2394
 
2393 2395
 /** TLS plaintext stream interface descriptor */
2394 2396
 static struct interface_descriptor tls_plainstream_desc =
2395
-	INTF_DESC_PASSTHRU ( struct tls_session, plainstream,
2397
+	INTF_DESC_PASSTHRU ( struct tls_connection, plainstream,
2396 2398
 			     tls_plainstream_ops, cipherstream );
2397 2399
 
2398 2400
 /******************************************************************************
@@ -2405,10 +2407,10 @@ static struct interface_descriptor tls_plainstream_desc =
2405 2407
 /**
2406 2408
  * Handle received TLS header
2407 2409
  *
2408
- * @v tls		TLS session
2410
+ * @v tls		TLS connection
2409 2411
  * @ret rc		Returned status code
2410 2412
  */
2411
-static int tls_newdata_process_header ( struct tls_session *tls ) {
2413
+static int tls_newdata_process_header ( struct tls_connection *tls ) {
2412 2414
 	size_t data_len = ntohs ( tls->rx_header.length );
2413 2415
 	size_t remaining = data_len;
2414 2416
 	size_t frag_len;
@@ -2470,10 +2472,10 @@ static int tls_newdata_process_header ( struct tls_session *tls ) {
2470 2472
 /**
2471 2473
  * Handle received TLS data payload
2472 2474
  *
2473
- * @v tls		TLS session
2475
+ * @v tls		TLS connection
2474 2476
  * @ret rc		Returned status code
2475 2477
  */
2476
-static int tls_newdata_process_data ( struct tls_session *tls ) {
2478
+static int tls_newdata_process_data ( struct tls_connection *tls ) {
2477 2479
 	struct io_buffer *iobuf;
2478 2480
 	int rc;
2479 2481
 
@@ -2506,10 +2508,10 @@ static int tls_newdata_process_data ( struct tls_session *tls ) {
2506 2508
 /**
2507 2509
  * Check flow control window
2508 2510
  *
2509
- * @v tls		TLS session
2511
+ * @v tls		TLS connection
2510 2512
  * @ret len		Length of window
2511 2513
  */
2512
-static size_t tls_cipherstream_window ( struct tls_session *tls ) {
2514
+static size_t tls_cipherstream_window ( struct tls_connection *tls ) {
2513 2515
 
2514 2516
 	/* Open window until we are ready to accept data */
2515 2517
 	if ( ! tls_ready ( tls ) )
@@ -2521,16 +2523,16 @@ static size_t tls_cipherstream_window ( struct tls_session *tls ) {
2521 2523
 /**
2522 2524
  * Receive new ciphertext
2523 2525
  *
2524
- * @v tls		TLS session
2526
+ * @v tls		TLS connection
2525 2527
  * @v iobuf		I/O buffer
2526 2528
  * @v meta		Data transfer metadat
2527 2529
  * @ret rc		Return status code
2528 2530
  */
2529
-static int tls_cipherstream_deliver ( struct tls_session *tls,
2531
+static int tls_cipherstream_deliver ( struct tls_connection *tls,
2530 2532
 				      struct io_buffer *iobuf,
2531 2533
 				      struct xfer_metadata *xfer __unused ) {
2532 2534
 	size_t frag_len;
2533
-	int ( * process ) ( struct tls_session *tls );
2535
+	int ( * process ) ( struct tls_connection *tls );
2534 2536
 	struct io_buffer *dest;
2535 2537
 	int rc;
2536 2538
 
@@ -2578,16 +2580,18 @@ static int tls_cipherstream_deliver ( struct tls_session *tls,
2578 2580
 
2579 2581
 /** TLS ciphertext stream interface operations */
2580 2582
 static struct interface_operation tls_cipherstream_ops[] = {
2581
-	INTF_OP ( xfer_deliver, struct tls_session *,
2583
+	INTF_OP ( xfer_deliver, struct tls_connection *,
2582 2584
 		  tls_cipherstream_deliver ),
2583
-	INTF_OP ( xfer_window, struct tls_session *, tls_cipherstream_window ),
2584
-	INTF_OP ( xfer_window_changed, struct tls_session *, tls_tx_resume ),
2585
-	INTF_OP ( intf_close, struct tls_session *, tls_close ),
2585
+	INTF_OP ( xfer_window, struct tls_connection *,
2586
+		  tls_cipherstream_window ),
2587
+	INTF_OP ( xfer_window_changed, struct tls_connection *,
2588
+		  tls_tx_resume ),
2589
+	INTF_OP ( intf_close, struct tls_connection *, tls_close ),
2586 2590
 };
2587 2591
 
2588 2592
 /** TLS ciphertext stream interface descriptor */
2589 2593
 static struct interface_descriptor tls_cipherstream_desc =
2590
-	INTF_DESC_PASSTHRU ( struct tls_session, cipherstream,
2594
+	INTF_DESC_PASSTHRU ( struct tls_connection, cipherstream,
2591 2595
 			     tls_cipherstream_ops, plainstream );
2592 2596
 
2593 2597
 /******************************************************************************
@@ -2600,10 +2604,10 @@ static struct interface_descriptor tls_cipherstream_desc =
2600 2604
 /**
2601 2605
  * Handle certificate validation completion
2602 2606
  *
2603
- * @v tls		TLS session
2607
+ * @v tls		TLS connection
2604 2608
  * @v rc		Reason for completion
2605 2609
  */
2606
-static void tls_validator_done ( struct tls_session *tls, int rc ) {
2610
+static void tls_validator_done ( struct tls_connection *tls, int rc ) {
2607 2611
 	struct tls_cipherspec *cipherspec = &tls->tx_cipherspec_pending;
2608 2612
 	struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey;
2609 2613
 	struct x509_certificate *cert;
@@ -2658,12 +2662,12 @@ static void tls_validator_done ( struct tls_session *tls, int rc ) {
2658 2662
 
2659 2663
 /** TLS certificate validator interface operations */
2660 2664
 static struct interface_operation tls_validator_ops[] = {
2661
-	INTF_OP ( intf_close, struct tls_session *, tls_validator_done ),
2665
+	INTF_OP ( intf_close, struct tls_connection *, tls_validator_done ),
2662 2666
 };
2663 2667
 
2664 2668
 /** TLS certificate validator interface descriptor */
2665 2669
 static struct interface_descriptor tls_validator_desc =
2666
-	INTF_DESC ( struct tls_session, validator, tls_validator_ops );
2670
+	INTF_DESC ( struct tls_connection, validator, tls_validator_ops );
2667 2671
 
2668 2672
 /******************************************************************************
2669 2673
  *
@@ -2675,9 +2679,9 @@ static struct interface_descriptor tls_validator_desc =
2675 2679
 /**
2676 2680
  * TLS TX state machine
2677 2681
  *
2678
- * @v tls		TLS session
2682
+ * @v tls		TLS connection
2679 2683
  */
2680
-static void tls_tx_step ( struct tls_session *tls ) {
2684
+static void tls_tx_step ( struct tls_connection *tls ) {
2681 2685
 	int rc;
2682 2686
 
2683 2687
 	/* Wait for cipherstream to become ready */
@@ -2755,7 +2759,7 @@ static void tls_tx_step ( struct tls_session *tls ) {
2755 2759
 
2756 2760
 /** TLS TX process descriptor */
2757 2761
 static struct process_descriptor tls_process_desc =
2758
-	PROC_DESC_ONCE ( struct tls_session, process, tls_tx_step );
2762
+	PROC_DESC_ONCE ( struct tls_connection, process, tls_tx_step );
2759 2763
 
2760 2764
 /******************************************************************************
2761 2765
  *
@@ -2766,7 +2770,7 @@ static struct process_descriptor tls_process_desc =
2766 2770
 
2767 2771
 int add_tls ( struct interface *xfer, const char *name,
2768 2772
 	      struct interface **next ) {
2769
-	struct tls_session *tls;
2773
+	struct tls_connection *tls;
2770 2774
 	int rc;
2771 2775
 
2772 2776
 	/* Allocate and initialise TLS structure */

Loading…
Cancel
Save