Commit 52eb2b94 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

tls: simplify server code

parent 79a5d687
...@@ -48,9 +48,8 @@ struct vlc_tls ...@@ -48,9 +48,8 @@ struct vlc_tls
VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd, VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd,
const char *host); const char *host);
vlc_tls_t *vlc_tls_ServerSessionCreate (vlc_tls_creds_t *, int fd); vlc_tls_t *vlc_tls_ServerSessionCreate (vlc_tls_creds_t *, int fd);
int vlc_tls_ServerSessionHandshake (vlc_tls_t *); int vlc_tls_SessionHandshake (vlc_tls_t *);
VLC_API void vlc_tls_SessionDelete (vlc_tls_t *); VLC_API void vlc_tls_SessionDelete (vlc_tls_t *);
#define vlc_tls_ServerSessionDelete vlc_tls_SessionDelete
/* NOTE: It is assumed that a->sock.p_sys = a */ /* NOTE: It is assumed that a->sock.p_sys = a */
# define tls_Send( a, b, c ) (((vlc_tls_t *)a)->sock.pf_send (a, b, c)) # define tls_Send( a, b, c ) (((vlc_tls_t *)a)->sock.pf_send (a, b, c))
...@@ -77,7 +76,6 @@ VLC_API vlc_tls_creds_t *vlc_tls_ClientCreate (vlc_object_t *); ...@@ -77,7 +76,6 @@ VLC_API vlc_tls_creds_t *vlc_tls_ClientCreate (vlc_object_t *);
vlc_tls_creds_t *vlc_tls_ServerCreate (vlc_object_t *, vlc_tls_creds_t *vlc_tls_ServerCreate (vlc_object_t *,
const char *cert, const char *key); const char *cert, const char *key);
VLC_API void vlc_tls_Delete (vlc_tls_creds_t *); VLC_API void vlc_tls_Delete (vlc_tls_creds_t *);
#define vlc_tls_ServerDelete vlc_tls_Delete
int vlc_tls_ServerAddCA (vlc_tls_creds_t *srv, const char *path); int vlc_tls_ServerAddCA (vlc_tls_creds_t *srv, const char *path);
int vlc_tls_ServerAddCRL (vlc_tls_creds_t *srv, const char *path); int vlc_tls_ServerAddCRL (vlc_tls_creds_t *srv, const char *path);
......
...@@ -928,7 +928,7 @@ httpd_host_t *vlc_https_HostNew( vlc_object_t *obj ) ...@@ -928,7 +928,7 @@ httpd_host_t *vlc_https_HostNew( vlc_object_t *obj )
return httpd_HostCreate( obj, "http-host", "https-port", tls ); return httpd_HostCreate( obj, "http-host", "https-port", tls );
error: error:
vlc_tls_ServerDelete( tls ); vlc_tls_Delete( tls );
return NULL; return NULL;
} }
...@@ -987,8 +987,7 @@ static httpd_host_t *httpd_HostCreate( vlc_object_t *p_this, ...@@ -987,8 +987,7 @@ static httpd_host_t *httpd_HostCreate( vlc_object_t *p_this,
vlc_mutex_unlock( &httpd.mutex ); vlc_mutex_unlock( &httpd.mutex );
vlc_UrlClean( &url ); vlc_UrlClean( &url );
if( p_tls != NULL ) vlc_tls_Delete( p_tls );
vlc_tls_ServerDelete( p_tls );
return host; return host;
} }
...@@ -1051,10 +1050,7 @@ error: ...@@ -1051,10 +1050,7 @@ error:
} }
vlc_UrlClean( &url ); vlc_UrlClean( &url );
vlc_tls_Delete( p_tls );
if( p_tls != NULL )
vlc_tls_ServerDelete( p_tls );
return NULL; return NULL;
} }
...@@ -1100,9 +1096,7 @@ void httpd_HostDelete( httpd_host_t *host ) ...@@ -1100,9 +1096,7 @@ void httpd_HostDelete( httpd_host_t *host )
/* TODO */ /* TODO */
} }
if( host->p_tls != NULL) vlc_tls_Delete( host->p_tls );
vlc_tls_ServerDelete( host->p_tls );
net_ListenClose( host->fds ); net_ListenClose( host->fds );
vlc_cond_destroy( &host->wait ); vlc_cond_destroy( &host->wait );
vlc_mutex_destroy( &host->lock ); vlc_mutex_destroy( &host->lock );
...@@ -1300,7 +1294,7 @@ static void httpd_ClientClean( httpd_client_t *cl ) ...@@ -1300,7 +1294,7 @@ static void httpd_ClientClean( httpd_client_t *cl )
if( cl->fd >= 0 ) if( cl->fd >= 0 )
{ {
if( cl->p_tls != NULL ) if( cl->p_tls != NULL )
vlc_tls_ServerSessionDelete( cl->p_tls ); vlc_tls_SessionDelete( cl->p_tls );
net_Close( cl->fd ); net_Close( cl->fd );
cl->fd = -1; cl->fd = -1;
} }
...@@ -1324,6 +1318,8 @@ static httpd_client_t *httpd_ClientNew( int fd, vlc_tls_t *p_tls, mtime_t now ) ...@@ -1324,6 +1318,8 @@ static httpd_client_t *httpd_ClientNew( int fd, vlc_tls_t *p_tls, mtime_t now )
cl->p_tls = p_tls; cl->p_tls = p_tls;
httpd_ClientInit( cl, now ); httpd_ClientInit( cl, now );
if( p_tls != NULL )
cl->i_state = HTTPD_CLIENT_TLS_HS_OUT;
return cl; return cl;
} }
...@@ -1882,9 +1878,9 @@ static void httpd_ClientSend( httpd_client_t *cl ) ...@@ -1882,9 +1878,9 @@ static void httpd_ClientSend( httpd_client_t *cl )
} }
} }
static void httpd_ClientTlsHsIn( httpd_client_t *cl ) static void httpd_ClientTlsHandshake( httpd_client_t *cl )
{ {
switch( vlc_tls_ServerSessionHandshake( cl->p_tls ) ) switch( vlc_tls_SessionHandshake( cl->p_tls ) )
{ {
case 0: case 0:
cl->i_state = HTTPD_CLIENT_RECEIVING; cl->i_state = HTTPD_CLIENT_RECEIVING;
...@@ -1892,30 +1888,15 @@ static void httpd_ClientTlsHsIn( httpd_client_t *cl ) ...@@ -1892,30 +1888,15 @@ static void httpd_ClientTlsHsIn( httpd_client_t *cl )
case -1: case -1:
cl->i_state = HTTPD_CLIENT_DEAD; cl->i_state = HTTPD_CLIENT_DEAD;
cl->p_tls = NULL;
break;
case 2:
cl->i_state = HTTPD_CLIENT_TLS_HS_OUT;
}
}
static void httpd_ClientTlsHsOut( httpd_client_t *cl )
{
switch( vlc_tls_ServerSessionHandshake( cl->p_tls ) )
{
case 0:
cl->i_state = HTTPD_CLIENT_RECEIVING;
break;
case -1:
cl->i_state = HTTPD_CLIENT_DEAD;
cl->p_tls = NULL;
break; break;
case 1: case 1:
cl->i_state = HTTPD_CLIENT_TLS_HS_IN; cl->i_state = HTTPD_CLIENT_TLS_HS_IN;
break; break;
case 2:
cl->i_state = HTTPD_CLIENT_TLS_HS_OUT;
break;
} }
} }
...@@ -2303,13 +2284,10 @@ static void* httpd_HostThread( void *data ) ...@@ -2303,13 +2284,10 @@ static void* httpd_HostThread( void *data )
{ {
httpd_ClientSend( cl ); httpd_ClientSend( cl );
} }
else if( cl->i_state == HTTPD_CLIENT_TLS_HS_IN ) else if( cl->i_state == HTTPD_CLIENT_TLS_HS_IN
|| cl->i_state == HTTPD_CLIENT_TLS_HS_OUT )
{ {
httpd_ClientTlsHsIn( cl ); httpd_ClientTlsHandshake( cl );
}
else if( cl->i_state == HTTPD_CLIENT_TLS_HS_OUT )
{
httpd_ClientTlsHsOut( cl );
} }
} }
...@@ -2317,7 +2295,6 @@ static void* httpd_HostThread( void *data ) ...@@ -2317,7 +2295,6 @@ static void* httpd_HostThread( void *data )
for( nfd = 0; nfd < host->nfd; nfd++ ) for( nfd = 0; nfd < host->nfd; nfd++ )
{ {
httpd_client_t *cl; httpd_client_t *cl;
int i_state = -1;
int fd = ufd[nfd].fd; int fd = ufd[nfd].fd;
assert (fd == host->fds[nfd]); assert (fd == host->fds[nfd]);
...@@ -2335,34 +2312,13 @@ static void* httpd_HostThread( void *data ) ...@@ -2335,34 +2312,13 @@ static void* httpd_HostThread( void *data )
vlc_tls_t *p_tls; vlc_tls_t *p_tls;
if( host->p_tls != NULL ) if( host->p_tls != NULL )
{
p_tls = vlc_tls_ServerSessionCreate( host->p_tls, fd ); p_tls = vlc_tls_ServerSessionCreate( host->p_tls, fd );
switch( vlc_tls_ServerSessionHandshake( p_tls ) )
{
case -1:
msg_Err( host, "Rejecting TLS connection" );
/* p_tls is destroyed implicitly */
net_Close( fd );
fd = -1;
p_tls = NULL;
continue;
case 1: /* missing input - most likely */
i_state = HTTPD_CLIENT_TLS_HS_IN;
break;
case 2: /* missing output */
i_state = HTTPD_CLIENT_TLS_HS_OUT;
break;
}
}
else else
p_tls = NULL; p_tls = NULL;
cl = httpd_ClientNew( fd, p_tls, now ); cl = httpd_ClientNew( fd, p_tls, now );
TAB_APPEND( host->i_client, host->client, cl ); TAB_APPEND( host->i_client, host->client, cl );
if( i_state != -1 )
cl->i_state = i_state; // override state for TLS
} }
} }
vlc_mutex_unlock( &host->lock ); vlc_mutex_unlock( &host->lock );
......
...@@ -185,12 +185,9 @@ vlc_tls_t *vlc_tls_ServerSessionCreate (vlc_tls_creds_t *crd, int fd) ...@@ -185,12 +185,9 @@ vlc_tls_t *vlc_tls_ServerSessionCreate (vlc_tls_creds_t *crd, int fd)
return vlc_tls_SessionCreate (crd, fd, NULL); return vlc_tls_SessionCreate (crd, fd, NULL);
} }
int vlc_tls_ServerSessionHandshake (vlc_tls_t *ses) int vlc_tls_SessionHandshake (vlc_tls_t *session)
{ {
int val = ses->handshake (ses); return session->handshake (session);
if (val < 0)
vlc_tls_ServerSessionDelete (ses);
return val;
} }
/** /**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment