robin.thoni
/
ipxe
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 11 百科 动态
浏览代码

[tls] Add missing call to tls_tx_resume() when restarting negotiation 

The restart of negotiation triggered by a HelloRequest currently does
not call tls_tx_resume() and so may end up leaving the connection in
an idle state in which the pending ClientHello is never sent.

Fix by calling tls_tx_resume() as part of tls_restart(), since the
call to tls_tx_resume() logically belongs alongside the code that sets
bits in tls->tx_pending.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 6 年前
父节点
d8a1958ba5
当前提交
fd96acb7de
共有 1 个文件被更改,包括 24 次插入22 次删除
合并视图 显示文件统计
  1. 24
    22
      src/net/tls.c

+ 24
- 22
src/net/tls.c 查看文件

940 
  ******************************************************************************
 940 
  ******************************************************************************
941 
  */
 941 
  */
942
942
943 
+/**
944 
+ * Resume TX state machine
945 
+ *
946 
+ * @v tls		TLS connection
947 
+ */
948 
+static void tls_tx_resume ( struct tls_connection *tls ) {
949 
+	process_add ( &tls->process );
950 
+}
951 
+
952 
+/**
953 
+ * Resume TX state machine for all connections within a session
954 
+ *
955 
+ * @v session		TLS session
956 
+ */
957 
+static void tls_tx_resume_all ( struct tls_session *session ) {
958 
+	struct tls_connection *tls;
959 
+
960 
+	list_for_each_entry ( tls, &session->conn, list )
961 
+		tls_tx_resume ( tls );
962 
+}
963 
+
943 
 /**
 964 
 /**
944 
  * Restart negotiation
 965 
  * Restart negotiation
945 
  *
 966 
  *
961
982
962 
 	/* (Re)start negotiation */
 983 
 	/* (Re)start negotiation */
963 
 	tls->tx_pending = TLS_TX_CLIENT_HELLO;
 984 
 	tls->tx_pending = TLS_TX_CLIENT_HELLO;
985 
+	tls_tx_resume ( tls );
964 
 	pending_get ( &tls->client_negotiation );
 986 
 	pending_get ( &tls->client_negotiation );
965 
 	pending_get ( &tls->server_negotiation );
 987 
 	pending_get ( &tls->server_negotiation );
966 
 }
 988 
 }
967
989
968 
-/**
969 
- * Resume TX state machine
970 
- *
971 
- * @v tls		TLS connection
972 
- */
973 
-static void tls_tx_resume ( struct tls_connection *tls ) {
974 
-	process_add ( &tls->process );
975 
-}
976 
-
977 
-/**
978 
- * Resume TX state machine for all connections within a session
979 
- *
980 
- * @v session		TLS session
981 
- */
982 
-static void tls_tx_resume_all ( struct tls_session *session ) {
983 
-	struct tls_connection *tls;
984 
-
985 
-	list_for_each_entry ( tls, &session->conn, list )
986 
-		tls_tx_resume ( tls );
987 
-}
988 
-
989 
 /**
 990 
 /**
990 
  * Transmit Handshake record
 991 
  * Transmit Handshake record
991 
  *
 992 
  *
3086 
 	intf_init ( &tls->plainstream, &tls_plainstream_desc, &tls->refcnt );
 3087 
 	intf_init ( &tls->plainstream, &tls_plainstream_desc, &tls->refcnt );
3087 
 	intf_init ( &tls->cipherstream, &tls_cipherstream_desc, &tls->refcnt );
 3088 
 	intf_init ( &tls->cipherstream, &tls_cipherstream_desc, &tls->refcnt );
3088 
 	intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt );
 3089 
 	intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt );
3089 
-	process_init ( &tls->process, &tls_process_desc, &tls->refcnt );
3090 
+	process_init_stopped ( &tls->process, &tls_process_desc,
3091 
+			       &tls->refcnt );
3090 
 	tls->version = TLS_VERSION_TLS_1_2;
 3092 
 	tls->version = TLS_VERSION_TLS_1_2;
3091 
 	tls_clear_cipher ( tls, &tls->tx_cipherspec );
 3093 
 	tls_clear_cipher ( tls, &tls->tx_cipherspec );
3092 
 	tls_clear_cipher ( tls, &tls->tx_cipherspec_pending );
 3094 
 	tls_clear_cipher ( tls, &tls->tx_cipherspec_pending );

撰写 预览
正在加载...
取消
保存