robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
Browse Source

[tls] Mark security negotiation as a pending operation 

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 12 years ago
parent
5482b0abb6
commit
af47789ef2
2 changed files with 18 additions and 7 deletions
Split View Show Diff Stats
  1. 5
    4
      src/include/ipxe/tls.h
  2. 13
    3
      src/net/tls.c

+ 5
- 4
src/include/ipxe/tls.h View File 

@@ -18,6 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
18 18 
 #include <ipxe/sha1.h>
19 19 
 #include <ipxe/sha256.h>
20 20 
 #include <ipxe/x509.h>
21 
+#include <ipxe/pending.h>
21 22
22 23 
 /** A TLS header */
23 24 
 struct tls_header {
 
@@ -240,10 +241,10 @@ struct tls_session {
240 241 
 	/** Certificate validator */
241 242 
 	struct interface validator;
242 243
243 
-	/** Client has finished security negotiation */
244 
-	unsigned int client_finished;
245 
-	/** Server has finished security negotiation */
246 
-	unsigned int server_finished;
244 
+	/** Client security negotiation pending operation */
245 
+	struct pending_operation client_negotiation;
246 
+	/** Server security negotiation pending operation */
247 
+	struct pending_operation server_negotiation;
247 248
248 249 
 	/** TX sequence number */
249 250 
 	uint64_t tx_seq;

+ 13
- 3
src/net/tls.c View File 

@@ -31,6 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
31 31 
 #include <time.h>
32 32 
 #include <errno.h>
33 33 
 #include <byteswap.h>
34 
+#include <ipxe/pending.h>
34 35 
 #include <ipxe/hmac.h>
35 36 
 #include <ipxe/md5.h>
36 37 
 #include <ipxe/sha1.h>
 
@@ -101,7 +102,8 @@ static void tls_set_uint24 ( uint8_t field24[3], unsigned long value ) {
101 102 
  * @ret is_ready	TLS session is ready
102 103 
  */
103 104 
 static int tls_ready ( struct tls_session *tls ) {
104 
-	return ( tls->client_finished && tls->server_finished );
105 
+	return ( ( ! is_pending ( &tls->client_negotiation ) ) &&
106 
+		 ( ! is_pending ( &tls->server_negotiation ) ) );
105 107 
 }
106 108
107 109 
 /******************************************************************************
 
@@ -205,6 +207,10 @@ static void free_tls ( struct refcnt *refcnt ) {
205 207 
  */
206 208 
 static void tls_close ( struct tls_session *tls, int rc ) {
207 209
210 
+	/* Remove pending operations, if applicable */
211 
+	pending_put ( &tls->client_negotiation );
212 
+	pending_put ( &tls->server_negotiation );
213 
+
208 214 
 	/* Remove process */
209 215 
 	process_del ( &tls->process );
210 216 
 
@@ -1141,7 +1147,7 @@ static int tls_send_finished ( struct tls_session *tls ) {
1141 1147 
 		return rc;
1142 1148
1143 1149 
 	/* Mark client as finished */
1144 
-	tls->client_finished = 1;
1150 
+	pending_put ( &tls->client_negotiation );
1145 1151
1146 1152 
 	return 0;
1147 1153 
 }
 
@@ -1489,7 +1495,7 @@ static int tls_new_finished ( struct tls_session *tls,
1489 1495 
 	}
1490 1496
1491 1497 
 	/* Mark server as finished */
1492 
-	tls->server_finished = 1;
1498 
+	pending_put ( &tls->server_negotiation );
1493 1499
1494 1500 
 	/* Send notification of a window change */
1495 1501 
 	xfer_window_changed ( &tls->plainstream );
 
@@ -2396,6 +2402,10 @@ int add_tls ( struct interface *xfer, const char *name,
2396 2402 
 	tls->handshake_ctx = tls->handshake_sha256_ctx;
2397 2403 
 	tls->tx_pending = TLS_TX_CLIENT_HELLO;
2398 2404
2405 
+	/* Add pending operations for server and client Finished messages */
2406 
+	pending_get ( &tls->client_negotiation );
2407 
+	pending_get ( &tls->server_negotiation );
2408 
+
2399 2409 
 	/* Attach to parent interface, mortalise self, and return */
2400 2410 
 	intf_plug_plug ( &tls->plainstream, xfer );
2401 2411 
 	*next = &tls->cipherstream;

Write Preview
Loading…
Cancel
Save