From 1abfa3ca5f36a681c7f391cb70c78f346c31c2b2 Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Wed, 17 Oct 2018 08:52:27 +0900 Subject: [PATCH] nghttpx: Make TLS handshake state enum class --- src/shrpx_connection.cc | 24 +++++++++++++----------- src/shrpx_connection.h | 14 +++++++------- src/shrpx_tls.cc | 8 ++++---- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/src/shrpx_connection.cc b/src/shrpx_connection.cc index f189d282..d1f361d1 100644 --- a/src/shrpx_connection.cc +++ b/src/shrpx_connection.cc @@ -121,7 +121,7 @@ void Connection::disconnect() { tls.warmup_writelen = 0; tls.last_writelen = 0; tls.last_readlen = 0; - tls.handshake_state = TLS_CONN_NORMAL; + tls.handshake_state = TLSHandshakeState::NORMAL; tls.initial_handshake_done = false; tls.reneg_started = false; tls.sct_requested = false; @@ -354,9 +354,9 @@ int Connection::tls_handshake() { } switch (tls.handshake_state) { - case TLS_CONN_WAIT_FOR_SESSION_CACHE: + case TLSHandshakeState::WAIT_FOR_SESSION_CACHE: return SHRPX_ERR_INPROGRESS; - case TLS_CONN_GOT_SESSION_CACHE: { + case TLSHandshakeState::GOT_SESSION_CACHE: { // Use the same trick invented by @kazuho in h2o project. // Discard all outgoing data. @@ -380,11 +380,13 @@ int Connection::tls_handshake() { SSL_set_accept_state(tls.ssl); - tls.handshake_state = TLS_CONN_NORMAL; + tls.handshake_state = TLSHandshakeState::NORMAL; break; } - case TLS_CONN_CANCEL_SESSION_CACHE: - tls.handshake_state = TLS_CONN_NORMAL; + case TLSHandshakeState::CANCEL_SESSION_CACHE: + tls.handshake_state = TLSHandshakeState::NORMAL; + break; + default: break; } @@ -409,7 +411,7 @@ int Connection::tls_handshake() { // client, which voids the purpose of 0-RTT data. The left // over of handshake is done through write_tls or read_tls. if (tlsconf.no_postpone_early_data && - (tls.handshake_state == TLS_CONN_WRITE_STARTED || + (tls.handshake_state == TLSHandshakeState::WRITE_STARTED || tls.wbuf.rleft()) && tls.earlybuf.rleft()) { rv = 1; @@ -432,7 +434,7 @@ int Connection::tls_handshake() { tls.early_data_finish = true; // The same reason stated above. if (tlsconf.no_postpone_early_data && - (tls.handshake_state == TLS_CONN_WRITE_STARTED || + (tls.handshake_state == TLSHandshakeState::WRITE_STARTED || tls.wbuf.rleft()) && tls.earlybuf.rleft()) { rv = 1; @@ -484,7 +486,7 @@ int Connection::tls_handshake() { } } - if (tls.handshake_state == TLS_CONN_WAIT_FOR_SESSION_CACHE) { + if (tls.handshake_state == TLSHandshakeState::WAIT_FOR_SESSION_CACHE) { if (LOG_ENABLED(INFO)) { LOG(INFO) << "tls: handshake is still in progress"; } @@ -496,8 +498,8 @@ int Connection::tls_handshake() { // negotiated before sending finished message to the peer. if (rv != 1 && tls.wbuf.rleft()) { // First write indicates that resumption stuff has done. - if (tls.handshake_state != TLS_CONN_WRITE_STARTED) { - tls.handshake_state = TLS_CONN_WRITE_STARTED; + if (tls.handshake_state != TLSHandshakeState::WRITE_STARTED) { + tls.handshake_state = TLSHandshakeState::WRITE_STARTED; // If peek has already disabled, this is noop. tls.rbuf.disable_peek(true); } diff --git a/src/shrpx_connection.h b/src/shrpx_connection.h index 71f1be7e..5d0d79a3 100644 --- a/src/shrpx_connection.h +++ b/src/shrpx_connection.h @@ -45,12 +45,12 @@ namespace tls { struct TLSSessionCache; } // namespace tls -enum { - TLS_CONN_NORMAL, - TLS_CONN_WAIT_FOR_SESSION_CACHE, - TLS_CONN_GOT_SESSION_CACHE, - TLS_CONN_CANCEL_SESSION_CACHE, - TLS_CONN_WRITE_STARTED, +enum class TLSHandshakeState { + NORMAL, + WAIT_FOR_SESSION_CACHE, + GOT_SESSION_CACHE, + CANCEL_SESSION_CACHE, + WRITE_STARTED, }; struct TLSConnection { @@ -68,7 +68,7 @@ struct TLSConnection { // required since these functions require the exact same parameters // on non-blocking I/O. size_t last_writelen, last_readlen; - int handshake_state; + TLSHandshakeState handshake_state; bool initial_handshake_done; bool reneg_started; // true if ssl is prepared to do handshake as server. diff --git a/src/shrpx_tls.cc b/src/shrpx_tls.cc index 8b089597..a5821e8a 100644 --- a/src/shrpx_tls.cc +++ b/src/shrpx_tls.cc @@ -416,7 +416,7 @@ SSL_SESSION *tls_session_get_cb(SSL *ssl, conn->tls.cached_session_lookup_req = nullptr; if (res.status_code != 0) { - conn->tls.handshake_state = TLS_CONN_CANCEL_SESSION_CACHE; + conn->tls.handshake_state = TLSHandshakeState::CANCEL_SESSION_CACHE; return; } @@ -427,15 +427,15 @@ SSL_SESSION *tls_session_get_cb(SSL *ssl, if (LOG_ENABLED(INFO)) { LOG(INFO) << "cannot materialize session"; } - conn->tls.handshake_state = TLS_CONN_CANCEL_SESSION_CACHE; + conn->tls.handshake_state = TLSHandshakeState::CANCEL_SESSION_CACHE; return; } conn->tls.cached_session = session; - conn->tls.handshake_state = TLS_CONN_GOT_SESSION_CACHE; + conn->tls.handshake_state = TLSHandshakeState::GOT_SESSION_CACHE; }; - conn->tls.handshake_state = TLS_CONN_WAIT_FOR_SESSION_CACHE; + conn->tls.handshake_state = TLSHandshakeState::WAIT_FOR_SESSION_CACHE; conn->tls.cached_session_lookup_req = req.get(); dispatcher->add_request(std::move(req));