nghttpx: Make TLS handshake state enum class
This commit is contained in:
Tatsuhiro Tsujikawa
parent
f2159bc2c1
commit
1abfa3ca5f
|
|
@ -121,7 +121,7 @@ void Connection::disconnect() {
|
||||||
tls.warmup_writelen = 0;
|
tls.warmup_writelen = 0;
|
||||||
tls.last_writelen = 0;
|
tls.last_writelen = 0;
|
||||||
tls.last_readlen = 0;
|
tls.last_readlen = 0;
|
||||||
tls.handshake_state = TLS_CONN_NORMAL;
|
tls.handshake_state = TLSHandshakeState::NORMAL;
|
||||||
tls.initial_handshake_done = false;
|
tls.initial_handshake_done = false;
|
||||||
tls.reneg_started = false;
|
tls.reneg_started = false;
|
||||||
tls.sct_requested = false;
|
tls.sct_requested = false;
|
||||||
|
|
@ -354,9 +354,9 @@ int Connection::tls_handshake() {
|
||||||
}
|
}
|
||||||
|
|
||||||
switch (tls.handshake_state) {
|
switch (tls.handshake_state) {
|
||||||
case TLS_CONN_WAIT_FOR_SESSION_CACHE:
|
case TLSHandshakeState::WAIT_FOR_SESSION_CACHE:
|
||||||
return SHRPX_ERR_INPROGRESS;
|
return SHRPX_ERR_INPROGRESS;
|
||||||
case TLS_CONN_GOT_SESSION_CACHE: {
|
case TLSHandshakeState::GOT_SESSION_CACHE: {
|
||||||
// Use the same trick invented by @kazuho in h2o project.
|
// Use the same trick invented by @kazuho in h2o project.
|
||||||
|
|
||||||
// Discard all outgoing data.
|
// Discard all outgoing data.
|
||||||
|
|
@ -380,11 +380,13 @@ int Connection::tls_handshake() {
|
||||||
|
|
||||||
SSL_set_accept_state(tls.ssl);
|
SSL_set_accept_state(tls.ssl);
|
||||||
|
|
||||||
tls.handshake_state = TLS_CONN_NORMAL;
|
tls.handshake_state = TLSHandshakeState::NORMAL;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case TLS_CONN_CANCEL_SESSION_CACHE:
|
case TLSHandshakeState::CANCEL_SESSION_CACHE:
|
||||||
tls.handshake_state = TLS_CONN_NORMAL;
|
tls.handshake_state = TLSHandshakeState::NORMAL;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -409,7 +411,7 @@ int Connection::tls_handshake() {
|
||||||
// client, which voids the purpose of 0-RTT data. The left
|
// client, which voids the purpose of 0-RTT data. The left
|
||||||
// over of handshake is done through write_tls or read_tls.
|
// over of handshake is done through write_tls or read_tls.
|
||||||
if (tlsconf.no_postpone_early_data &&
|
if (tlsconf.no_postpone_early_data &&
|
||||||
(tls.handshake_state == TLS_CONN_WRITE_STARTED ||
|
(tls.handshake_state == TLSHandshakeState::WRITE_STARTED ||
|
||||||
tls.wbuf.rleft()) &&
|
tls.wbuf.rleft()) &&
|
||||||
tls.earlybuf.rleft()) {
|
tls.earlybuf.rleft()) {
|
||||||
rv = 1;
|
rv = 1;
|
||||||
|
|
@ -432,7 +434,7 @@ int Connection::tls_handshake() {
|
||||||
tls.early_data_finish = true;
|
tls.early_data_finish = true;
|
||||||
// The same reason stated above.
|
// The same reason stated above.
|
||||||
if (tlsconf.no_postpone_early_data &&
|
if (tlsconf.no_postpone_early_data &&
|
||||||
(tls.handshake_state == TLS_CONN_WRITE_STARTED ||
|
(tls.handshake_state == TLSHandshakeState::WRITE_STARTED ||
|
||||||
tls.wbuf.rleft()) &&
|
tls.wbuf.rleft()) &&
|
||||||
tls.earlybuf.rleft()) {
|
tls.earlybuf.rleft()) {
|
||||||
rv = 1;
|
rv = 1;
|
||||||
|
|
@ -484,7 +486,7 @@ int Connection::tls_handshake() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (tls.handshake_state == TLS_CONN_WAIT_FOR_SESSION_CACHE) {
|
if (tls.handshake_state == TLSHandshakeState::WAIT_FOR_SESSION_CACHE) {
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
LOG(INFO) << "tls: handshake is still in progress";
|
LOG(INFO) << "tls: handshake is still in progress";
|
||||||
}
|
}
|
||||||
|
|
@ -496,8 +498,8 @@ int Connection::tls_handshake() {
|
||||||
// negotiated before sending finished message to the peer.
|
// negotiated before sending finished message to the peer.
|
||||||
if (rv != 1 && tls.wbuf.rleft()) {
|
if (rv != 1 && tls.wbuf.rleft()) {
|
||||||
// First write indicates that resumption stuff has done.
|
// First write indicates that resumption stuff has done.
|
||||||
if (tls.handshake_state != TLS_CONN_WRITE_STARTED) {
|
if (tls.handshake_state != TLSHandshakeState::WRITE_STARTED) {
|
||||||
tls.handshake_state = TLS_CONN_WRITE_STARTED;
|
tls.handshake_state = TLSHandshakeState::WRITE_STARTED;
|
||||||
// If peek has already disabled, this is noop.
|
// If peek has already disabled, this is noop.
|
||||||
tls.rbuf.disable_peek(true);
|
tls.rbuf.disable_peek(true);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -45,12 +45,12 @@ namespace tls {
|
||||||
struct TLSSessionCache;
|
struct TLSSessionCache;
|
||||||
} // namespace tls
|
} // namespace tls
|
||||||
|
|
||||||
enum {
|
enum class TLSHandshakeState {
|
||||||
TLS_CONN_NORMAL,
|
NORMAL,
|
||||||
TLS_CONN_WAIT_FOR_SESSION_CACHE,
|
WAIT_FOR_SESSION_CACHE,
|
||||||
TLS_CONN_GOT_SESSION_CACHE,
|
GOT_SESSION_CACHE,
|
||||||
TLS_CONN_CANCEL_SESSION_CACHE,
|
CANCEL_SESSION_CACHE,
|
||||||
TLS_CONN_WRITE_STARTED,
|
WRITE_STARTED,
|
||||||
};
|
};
|
||||||
|
|
||||||
struct TLSConnection {
|
struct TLSConnection {
|
||||||
|
|
@ -68,7 +68,7 @@ struct TLSConnection {
|
||||||
// required since these functions require the exact same parameters
|
// required since these functions require the exact same parameters
|
||||||
// on non-blocking I/O.
|
// on non-blocking I/O.
|
||||||
size_t last_writelen, last_readlen;
|
size_t last_writelen, last_readlen;
|
||||||
int handshake_state;
|
TLSHandshakeState handshake_state;
|
||||||
bool initial_handshake_done;
|
bool initial_handshake_done;
|
||||||
bool reneg_started;
|
bool reneg_started;
|
||||||
// true if ssl is prepared to do handshake as server.
|
// true if ssl is prepared to do handshake as server.
|
||||||
|
|
|
||||||
|
|
@ -416,7 +416,7 @@ SSL_SESSION *tls_session_get_cb(SSL *ssl,
|
||||||
|
|
||||||
conn->tls.cached_session_lookup_req = nullptr;
|
conn->tls.cached_session_lookup_req = nullptr;
|
||||||
if (res.status_code != 0) {
|
if (res.status_code != 0) {
|
||||||
conn->tls.handshake_state = TLS_CONN_CANCEL_SESSION_CACHE;
|
conn->tls.handshake_state = TLSHandshakeState::CANCEL_SESSION_CACHE;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -427,15 +427,15 @@ SSL_SESSION *tls_session_get_cb(SSL *ssl,
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
LOG(INFO) << "cannot materialize session";
|
LOG(INFO) << "cannot materialize session";
|
||||||
}
|
}
|
||||||
conn->tls.handshake_state = TLS_CONN_CANCEL_SESSION_CACHE;
|
conn->tls.handshake_state = TLSHandshakeState::CANCEL_SESSION_CACHE;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
conn->tls.cached_session = session;
|
conn->tls.cached_session = session;
|
||||||
conn->tls.handshake_state = TLS_CONN_GOT_SESSION_CACHE;
|
conn->tls.handshake_state = TLSHandshakeState::GOT_SESSION_CACHE;
|
||||||
};
|
};
|
||||||
|
|
||||||
conn->tls.handshake_state = TLS_CONN_WAIT_FOR_SESSION_CACHE;
|
conn->tls.handshake_state = TLSHandshakeState::WAIT_FOR_SESSION_CACHE;
|
||||||
conn->tls.cached_session_lookup_req = req.get();
|
conn->tls.cached_session_lookup_req = req.get();
|
||||||
|
|
||||||
dispatcher->add_request(std::move(req));
|
dispatcher->add_request(std::move(req));
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue