Browse Source

[tls] Add missing call to tls_tx_resume() when restarting negotiation

The restart of negotiation triggered by a HelloRequest currently does
not call tls_tx_resume() and so may end up leaving the connection in
an idle state in which the pending ClientHello is never sent.

Fix by calling tls_tx_resume() as part of tls_restart(), since the
call to tls_tx_resume() logically belongs alongside the code that sets
bits in tls->tx_pending.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 4 years ago
parent
commit
fd96acb7de
1 changed files with 24 additions and 22 deletions
  1. 24
    22
      src/net/tls.c

+ 24
- 22
src/net/tls.c View File

@@ -940,6 +940,27 @@ static void tls_verify_handshake ( struct tls_connection *tls, void *out ) {
940 940
  ******************************************************************************
941 941
  */
942 942
 
943
+/**
944
+ * Resume TX state machine
945
+ *
946
+ * @v tls		TLS connection
947
+ */
948
+static void tls_tx_resume ( struct tls_connection *tls ) {
949
+	process_add ( &tls->process );
950
+}
951
+
952
+/**
953
+ * Resume TX state machine for all connections within a session
954
+ *
955
+ * @v session		TLS session
956
+ */
957
+static void tls_tx_resume_all ( struct tls_session *session ) {
958
+	struct tls_connection *tls;
959
+
960
+	list_for_each_entry ( tls, &session->conn, list )
961
+		tls_tx_resume ( tls );
962
+}
963
+
943 964
 /**
944 965
  * Restart negotiation
945 966
  *
@@ -961,31 +982,11 @@ static void tls_restart ( struct tls_connection *tls ) {
961 982
 
962 983
 	/* (Re)start negotiation */
963 984
 	tls->tx_pending = TLS_TX_CLIENT_HELLO;
985
+	tls_tx_resume ( tls );
964 986
 	pending_get ( &tls->client_negotiation );
965 987
 	pending_get ( &tls->server_negotiation );
966 988
 }
967 989
 
968
-/**
969
- * Resume TX state machine
970
- *
971
- * @v tls		TLS connection
972
- */
973
-static void tls_tx_resume ( struct tls_connection *tls ) {
974
-	process_add ( &tls->process );
975
-}
976
-
977
-/**
978
- * Resume TX state machine for all connections within a session
979
- *
980
- * @v session		TLS session
981
- */
982
-static void tls_tx_resume_all ( struct tls_session *session ) {
983
-	struct tls_connection *tls;
984
-
985
-	list_for_each_entry ( tls, &session->conn, list )
986
-		tls_tx_resume ( tls );
987
-}
988
-
989 990
 /**
990 991
  * Transmit Handshake record
991 992
  *
@@ -3086,7 +3087,8 @@ int add_tls ( struct interface *xfer, const char *name,
3086 3087
 	intf_init ( &tls->plainstream, &tls_plainstream_desc, &tls->refcnt );
3087 3088
 	intf_init ( &tls->cipherstream, &tls_cipherstream_desc, &tls->refcnt );
3088 3089
 	intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt );
3089
-	process_init ( &tls->process, &tls_process_desc, &tls->refcnt );
3090
+	process_init_stopped ( &tls->process, &tls_process_desc,
3091
+			       &tls->refcnt );
3090 3092
 	tls->version = TLS_VERSION_TLS_1_2;
3091 3093
 	tls_clear_cipher ( tls, &tls->tx_cipherspec );
3092 3094
 	tls_clear_cipher ( tls, &tls->tx_cipherspec_pending );

Loading…
Cancel
Save