Commit 52eb2b94 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont
Browse files

tls: simplify server code

parent 79a5d687
......@@ -48,9 +48,8 @@ struct vlc_tls
VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd,
const char *host);
vlc_tls_t *vlc_tls_ServerSessionCreate (vlc_tls_creds_t *, int fd);
int vlc_tls_ServerSessionHandshake (vlc_tls_t *);
int vlc_tls_SessionHandshake (vlc_tls_t *);
VLC_API void vlc_tls_SessionDelete (vlc_tls_t *);
#define vlc_tls_ServerSessionDelete vlc_tls_SessionDelete
/* NOTE: It is assumed that a->sock.p_sys = a */
# define tls_Send( a, b, c ) (((vlc_tls_t *)a)->sock.pf_send (a, b, c))
......@@ -77,7 +76,6 @@ VLC_API vlc_tls_creds_t *vlc_tls_ClientCreate (vlc_object_t *);
vlc_tls_creds_t *vlc_tls_ServerCreate (vlc_object_t *,
const char *cert, const char *key);
VLC_API void vlc_tls_Delete (vlc_tls_creds_t *);
#define vlc_tls_ServerDelete vlc_tls_Delete
int vlc_tls_ServerAddCA (vlc_tls_creds_t *srv, const char *path);
int vlc_tls_ServerAddCRL (vlc_tls_creds_t *srv, const char *path);
......
......@@ -928,7 +928,7 @@ httpd_host_t *vlc_https_HostNew( vlc_object_t *obj )
return httpd_HostCreate( obj, "http-host", "https-port", tls );
error:
vlc_tls_ServerDelete( tls );
vlc_tls_Delete( tls );
return NULL;
}
......@@ -987,8 +987,7 @@ static httpd_host_t *httpd_HostCreate( vlc_object_t *p_this,
vlc_mutex_unlock( &httpd.mutex );
vlc_UrlClean( &url );
if( p_tls != NULL )
vlc_tls_ServerDelete( p_tls );
vlc_tls_Delete( p_tls );
return host;
}
......@@ -1051,10 +1050,7 @@ error:
}
vlc_UrlClean( &url );
if( p_tls != NULL )
vlc_tls_ServerDelete( p_tls );
vlc_tls_Delete( p_tls );
return NULL;
}
......@@ -1100,9 +1096,7 @@ void httpd_HostDelete( httpd_host_t *host )
/* TODO */
}
if( host->p_tls != NULL)
vlc_tls_ServerDelete( host->p_tls );
vlc_tls_Delete( host->p_tls );
net_ListenClose( host->fds );
vlc_cond_destroy( &host->wait );
vlc_mutex_destroy( &host->lock );
......@@ -1300,7 +1294,7 @@ static void httpd_ClientClean( httpd_client_t *cl )
if( cl->fd >= 0 )
{
if( cl->p_tls != NULL )
vlc_tls_ServerSessionDelete( cl->p_tls );
vlc_tls_SessionDelete( cl->p_tls );
net_Close( cl->fd );
cl->fd = -1;
}
......@@ -1324,6 +1318,8 @@ static httpd_client_t *httpd_ClientNew( int fd, vlc_tls_t *p_tls, mtime_t now )
cl->p_tls = p_tls;
httpd_ClientInit( cl, now );
if( p_tls != NULL )
cl->i_state = HTTPD_CLIENT_TLS_HS_OUT;
return cl;
}
......@@ -1882,9 +1878,9 @@ static void httpd_ClientSend( httpd_client_t *cl )
}
}
static void httpd_ClientTlsHsIn( httpd_client_t *cl )
static void httpd_ClientTlsHandshake( httpd_client_t *cl )
{
switch( vlc_tls_ServerSessionHandshake( cl->p_tls ) )
switch( vlc_tls_SessionHandshake( cl->p_tls ) )
{
case 0:
cl->i_state = HTTPD_CLIENT_RECEIVING;
......@@ -1892,30 +1888,15 @@ static void httpd_ClientTlsHsIn( httpd_client_t *cl )
case -1:
cl->i_state = HTTPD_CLIENT_DEAD;
cl->p_tls = NULL;
break;
case 2:
cl->i_state = HTTPD_CLIENT_TLS_HS_OUT;
}
}
static void httpd_ClientTlsHsOut( httpd_client_t *cl )
{
switch( vlc_tls_ServerSessionHandshake( cl->p_tls ) )
{
case 0:
cl->i_state = HTTPD_CLIENT_RECEIVING;
break;
case -1:
cl->i_state = HTTPD_CLIENT_DEAD;
cl->p_tls = NULL;
break;
case 1:
cl->i_state = HTTPD_CLIENT_TLS_HS_IN;
break;
case 2:
cl->i_state = HTTPD_CLIENT_TLS_HS_OUT;
break;
}
}
......@@ -2303,13 +2284,10 @@ static void* httpd_HostThread( void *data )
{
httpd_ClientSend( cl );
}
else if( cl->i_state == HTTPD_CLIENT_TLS_HS_IN )
else if( cl->i_state == HTTPD_CLIENT_TLS_HS_IN
|| cl->i_state == HTTPD_CLIENT_TLS_HS_OUT )
{
httpd_ClientTlsHsIn( cl );
}
else if( cl->i_state == HTTPD_CLIENT_TLS_HS_OUT )
{
httpd_ClientTlsHsOut( cl );
httpd_ClientTlsHandshake( cl );
}
}
......@@ -2317,7 +2295,6 @@ static void* httpd_HostThread( void *data )
for( nfd = 0; nfd < host->nfd; nfd++ )
{
httpd_client_t *cl;
int i_state = -1;
int fd = ufd[nfd].fd;
assert (fd == host->fds[nfd]);
......@@ -2335,34 +2312,13 @@ static void* httpd_HostThread( void *data )
vlc_tls_t *p_tls;
if( host->p_tls != NULL )
{
p_tls = vlc_tls_ServerSessionCreate( host->p_tls, fd );
switch( vlc_tls_ServerSessionHandshake( p_tls ) )
{
case -1:
msg_Err( host, "Rejecting TLS connection" );
/* p_tls is destroyed implicitly */
net_Close( fd );
fd = -1;
p_tls = NULL;
continue;
case 1: /* missing input - most likely */
i_state = HTTPD_CLIENT_TLS_HS_IN;
break;
case 2: /* missing output */
i_state = HTTPD_CLIENT_TLS_HS_OUT;
break;
}
}
else
p_tls = NULL;
cl = httpd_ClientNew( fd, p_tls, now );
TAB_APPEND( host->i_client, host->client, cl );
if( i_state != -1 )
cl->i_state = i_state; // override state for TLS
}
}
vlc_mutex_unlock( &host->lock );
......
......@@ -185,12 +185,9 @@ vlc_tls_t *vlc_tls_ServerSessionCreate (vlc_tls_creds_t *crd, int fd)
return vlc_tls_SessionCreate (crd, fd, NULL);
}
int vlc_tls_ServerSessionHandshake (vlc_tls_t *ses)
int vlc_tls_SessionHandshake (vlc_tls_t *session)
{
int val = ses->handshake (ses);
if (val < 0)
vlc_tls_ServerSessionDelete (ses);
return val;
return session->handshake (session);
}
/**
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment