walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

spdycat, spdyd: Support SPDY without SSL/TLS 

Use --no-tls option to disable SSL/TLS and specify SPDY protocol
version using -2 or -3.
This commit is contained in:
Tatsuhiro Tsujikawa 2012-11-25 21:58:44 +09:00
parent 58b1da39e3
commit f97110f092
6 changed files with 316 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

259
src/SpdyServer.cc
View File

@ -61,7 +61,7 @@ const std::string SPDYD_SERVER = "spdyd spdylay/" SPDYLAY_VERSION;
} // namespace } // namespace
Config::Config(): verbose(false), daemon(false), port(0), data_ptr(0), Config::Config(): verbose(false), daemon(false), port(0), data_ptr(0),
spdy3_only(false), verify_client(false) version(0), verify_client(false), no_tls(false)
{} {}
Request::Request(int32_t stream_id) Request::Request(int32_t stream_id)
@ -180,7 +180,7 @@ SpdyEventHandler::SpdyEventHandler(const Config* config,
int64_t session_id) int64_t session_id)
: EventHandler(config), : EventHandler(config),
fd_(fd), ssl_(ssl), version_(version), session_id_(session_id), fd_(fd), ssl_(ssl), version_(version), session_id_(session_id),
want_write_(false) io_flags_(0)
{ {
int r; int r;
r = spdylay_session_server_new(&session_, version, callbacks, this); r = spdylay_session_server_new(&session_, version, callbacks, this);
@ -202,8 +202,10 @@ SpdyEventHandler::~SpdyEventHandler()
eoi = id2req_.end(); i != eoi; ++i) { eoi = id2req_.end(); i != eoi; ++i) {
delete (*i).second; delete (*i).second;
} }
SSL_shutdown(ssl_); if(ssl_) {
SSL_free(ssl_); SSL_shutdown(ssl_);
SSL_free(ssl_);
}
shutdown(fd_, SHUT_WR); shutdown(fd_, SHUT_WR);
close(fd_); close(fd_);
} }
@ -225,12 +227,12 @@ int SpdyEventHandler::execute(Sessions *sessions)
bool SpdyEventHandler::want_read() bool SpdyEventHandler::want_read()
{ {
return spdylay_session_want_read(session_); return spdylay_session_want_read(session_) || (io_flags_ & WANT_READ);
} }
bool SpdyEventHandler::want_write() bool SpdyEventHandler::want_write()
{ {
return spdylay_session_want_write(session_) || want_write_; return spdylay_session_want_write(session_) || (io_flags_ & WANT_WRITE);
} }
int SpdyEventHandler::fd() const int SpdyEventHandler::fd() const
@ -247,29 +249,44 @@ bool SpdyEventHandler::finish()
ssize_t SpdyEventHandler::send_data(const uint8_t *data, size_t len, int flags) ssize_t SpdyEventHandler::send_data(const uint8_t *data, size_t len, int flags)
{ {
ssize_t r; ssize_t r;
ERR_clear_error(); io_flags_ = 0;
r = SSL_write(ssl_, data, len); if(ssl_) {
ERR_clear_error();
r = SSL_write(ssl_, data, len);
if(r < 0) {
io_flags_ = get_ssl_io_demand(ssl_, r);
}
} else {
while((r = ::send(fd_, data, len, 0)) == -1 && errno == EINTR);
if(r == -1 && (errno == EAGAIN || errno == EWOULDBLOCK)) {
io_flags_ |= WANT_WRITE;
}
}
return r; return r;
} }
ssize_t SpdyEventHandler::recv_data(uint8_t *data, size_t len, int flags) ssize_t SpdyEventHandler::recv_data(uint8_t *data, size_t len, int flags)
{ {
ssize_t r; ssize_t r;
want_write_ = false; io_flags_ = 0;
ERR_clear_error(); if(ssl_) {
r = SSL_read(ssl_, data, len); ERR_clear_error();
if(r < 0) { r = SSL_read(ssl_, data, len);
if(SSL_get_error(ssl_, r) == SSL_ERROR_WANT_WRITE) { if(r < 0) {
want_write_ = true; io_flags_ = get_ssl_io_demand(ssl_, r);
}
} else {
while((r = ::recv(fd_, data, len, 0)) == -1 && errno == EINTR);
if(r == -1 && (errno == EAGAIN || errno == EWOULDBLOCK)) {
io_flags_ |= WANT_READ;
} }
} }
return r; return r;
} }
bool SpdyEventHandler::would_block(int r) bool SpdyEventHandler::would_block() const
{ {
int e = SSL_get_error(ssl_, r); return io_flags_;
return e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_WANT_READ;
} }
int SpdyEventHandler::submit_file_response(const std::string& status, int SpdyEventHandler::submit_file_response(const std::string& status,
@ -368,11 +385,14 @@ ssize_t hd_send_callback(spdylay_session *session,
SpdyEventHandler *hd = (SpdyEventHandler*)user_data; SpdyEventHandler *hd = (SpdyEventHandler*)user_data;
ssize_t r = hd->send_data(data, len, flags); ssize_t r = hd->send_data(data, len, flags);
if(r < 0) { if(r < 0) {
if(hd->would_block(r)) { if(hd->would_block()) {
r = SPDYLAY_ERR_WOULDBLOCK; r = SPDYLAY_ERR_WOULDBLOCK;
} else { } else {
r = SPDYLAY_ERR_CALLBACK_FAILURE; r = SPDYLAY_ERR_CALLBACK_FAILURE;
} }
} else if(r == 0) {
// In OpenSSL, r == 0 means EOF because SSL_write may do read.
r = SPDYLAY_ERR_CALLBACK_FAILURE;
} }
return r; return r;
} }
@ -385,7 +405,7 @@ ssize_t hd_recv_callback(spdylay_session *session,
SpdyEventHandler *hd = (SpdyEventHandler*)user_data; SpdyEventHandler *hd = (SpdyEventHandler*)user_data;
ssize_t r = hd->recv_data(data, len, flags); ssize_t r = hd->recv_data(data, len, flags);
if(r < 0) { if(r < 0) {
if(hd->would_block(r)) { if(hd->would_block()) {
r = SPDYLAY_ERR_WOULDBLOCK; r = SPDYLAY_ERR_WOULDBLOCK;
} else { } else {
r = SPDYLAY_ERR_CALLBACK_FAILURE; r = SPDYLAY_ERR_CALLBACK_FAILURE;
@ -649,13 +669,35 @@ void on_stream_close_callback
} }
} // namespace } // namespace
namespace {
void fill_callback(spdylay_session_callbacks& callbacks, const Config *config)
{
memset(&callbacks, 0, sizeof(spdylay_session_callbacks));
callbacks.send_callback = hd_send_callback;
callbacks.recv_callback = hd_recv_callback;
callbacks.on_stream_close_callback = on_stream_close_callback;
callbacks.on_ctrl_recv_callback = hd_on_ctrl_recv_callback;
callbacks.on_ctrl_send_callback = hd_on_ctrl_send_callback;
callbacks.on_data_recv_callback = hd_on_data_recv_callback;
callbacks.on_data_send_callback = hd_on_data_send_callback;
if(config->verbose) {
callbacks.on_invalid_ctrl_recv_callback = on_invalid_ctrl_recv_callback;
callbacks.on_ctrl_recv_parse_error_callback =
on_ctrl_recv_parse_error_callback;
callbacks.on_unknown_ctrl_recv_callback = on_unknown_ctrl_recv_callback;
}
callbacks.on_data_chunk_recv_callback = on_data_chunk_recv_callback;
callbacks.on_request_recv_callback = config->on_request_recv_callback;
}
} // namespace
class SSLAcceptEventHandler : public EventHandler { class SSLAcceptEventHandler : public EventHandler {
public: public:
SSLAcceptEventHandler(const Config *config, SSLAcceptEventHandler(const Config *config,
int fd, SSL *ssl, int64_t session_id) int fd, SSL *ssl, int64_t session_id)
: EventHandler(config), : EventHandler(config),
fd_(fd), ssl_(ssl), version_(0), fail_(false), finish_(false), fd_(fd), ssl_(ssl), version_(0), fail_(false), finish_(false),
want_read_(true), want_write_(true), io_flags_(WANT_READ),
session_id_(session_id) session_id_(session_id)
{} {}
virtual ~SSLAcceptEventHandler() virtual ~SSLAcceptEventHandler()
@ -670,7 +712,7 @@ public:
} }
virtual int execute(Sessions *sessions) virtual int execute(Sessions *sessions)
{ {
want_read_ = want_write_ = false; io_flags_ = 0;
ERR_clear_error(); ERR_clear_error();
int r = SSL_accept(ssl_); int r = SSL_accept(ssl_);
if(r == 1) { if(r == 1) {
@ -684,6 +726,13 @@ public:
std::cout << "The negotiated next protocol: " << proto << std::endl; std::cout << "The negotiated next protocol: " << proto << std::endl;
} }
version_ = spdylay_npn_get_version(next_proto, next_proto_len); version_ = spdylay_npn_get_version(next_proto, next_proto_len);
if(config()->version != 0) {
if(config()->version != version_) {
version_ = 0;
std::cerr << "The negotiated next protocol is not supported."
<< std::endl;
}
}
if(version_) { if(version_) {
add_next_handler(sessions); add_next_handler(sessions);
} else { } else {
@ -693,34 +742,28 @@ public:
fail_ = true; fail_ = true;
} }
} else if(r == 0) { } else if(r == 0) {
int e = SSL_get_error(ssl_, r);
if(e == SSL_ERROR_SSL) {
if(config()->verbose) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
}
}
finish_ = true; finish_ = true;
fail_ = true; fail_ = true;
} else { } else {
int d = SSL_get_error(ssl_, r); io_flags_ = get_ssl_io_demand(ssl_, r);
if(d == SSL_ERROR_WANT_READ) { if(io_flags_ == 0) {
want_read_ = true;
} else if(d == SSL_ERROR_WANT_WRITE) {
want_write_ = true;
} else {
finish_ = true; finish_ = true;
fail_ = true; fail_ = true;
} }
} }
if(config()->verbose && fail_) {
std::cerr << "SSL/TLS handshake failed: "
<< ERR_error_string(ERR_get_error(), 0) << std::endl;
}
return 0; return 0;
} }
virtual bool want_read() virtual bool want_read()
{ {
return want_read_; return io_flags_ & WANT_READ;
} }
virtual bool want_write() virtual bool want_write()
{ {
return want_write_; return io_flags_ & WANT_WRITE;
} }
virtual int fd() const virtual int fd() const
{ {
@ -734,22 +777,7 @@ private:
void add_next_handler(Sessions *sessions) void add_next_handler(Sessions *sessions)
{ {
spdylay_session_callbacks callbacks; spdylay_session_callbacks callbacks;
memset(&callbacks, 0, sizeof(spdylay_session_callbacks)); fill_callback(callbacks, config());
callbacks.send_callback = hd_send_callback;
callbacks.recv_callback = hd_recv_callback;
callbacks.on_stream_close_callback = on_stream_close_callback;
callbacks.on_ctrl_recv_callback = hd_on_ctrl_recv_callback;
callbacks.on_ctrl_send_callback = hd_on_ctrl_send_callback;
callbacks.on_data_recv_callback = hd_on_data_recv_callback;
callbacks.on_data_send_callback = hd_on_data_send_callback;
if(config()->verbose) {
callbacks.on_invalid_ctrl_recv_callback = on_invalid_ctrl_recv_callback;
callbacks.on_ctrl_recv_parse_error_callback =
on_ctrl_recv_parse_error_callback;
callbacks.on_unknown_ctrl_recv_callback = on_unknown_ctrl_recv_callback;
}
callbacks.on_data_chunk_recv_callback = on_data_chunk_recv_callback;
callbacks.on_request_recv_callback = config()->on_request_recv_callback;
SpdyEventHandler *hd = new SpdyEventHandler(config(), SpdyEventHandler *hd = new SpdyEventHandler(config(),
fd_, ssl_, version_, &callbacks, fd_, ssl_, version_, &callbacks,
session_id_); session_id_);
@ -765,7 +793,7 @@ private:
SSL *ssl_; SSL *ssl_;
uint16_t version_; uint16_t version_;
bool fail_, finish_; bool fail_, finish_;
bool want_read_, want_write_; uint8_t io_flags_;
int64_t session_id_; int64_t session_id_;
}; };
@ -810,19 +838,34 @@ public:
private: private:
void add_next_handler(Sessions *sessions, int cfd) void add_next_handler(Sessions *sessions, int cfd)
{ {
SSL *ssl = sessions->ssl_session_new(cfd); int64_t session_id = ++(*session_id_seed_ptr_);
if(ssl == 0) { if(config()->no_tls) {
close(cfd); spdylay_session_callbacks callbacks;
return; fill_callback(callbacks, config());
} SpdyEventHandler *hd = new SpdyEventHandler(config(),
SSLAcceptEventHandler *hd = new SSLAcceptEventHandler cfd, 0,
(config(), cfd, ssl, ++(*session_id_seed_ptr_)); config()->version, &callbacks,
if(sessions->add_poll(hd) == -1) { session_id);
delete hd; if(sessions->add_poll(hd) == -1) {
SSL_free(ssl); delete hd;
close(cfd); } else {
sessions->add_handler(hd);
}
} else { } else {
sessions->add_handler(hd); SSL *ssl = sessions->ssl_session_new(cfd);
if(ssl == 0) {
close(cfd);
return;
}
SSLAcceptEventHandler *hd = new SSLAcceptEventHandler(config(), cfd, ssl,
session_id);
if(sessions->add_poll(hd) == -1) {
delete hd;
SSL_free(ssl);
close(cfd);
} else {
sessions->add_handler(hd);
}
} }
} }
@ -901,55 +944,61 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
int SpdyServer::run() int SpdyServer::run()
{ {
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx = 0;
ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if(!ssl_ctx) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1;
}
SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
if(SSL_CTX_use_PrivateKey_file(ssl_ctx,
config_->private_key_file.c_str(),
SSL_FILETYPE_PEM) != 1) {
std::cerr << "SSL_CTX_use_PrivateKey_file failed." << std::endl;
return -1;
}
if(SSL_CTX_use_certificate_chain_file(ssl_ctx,
config_->cert_file.c_str()) != 1) {
std::cerr << "SSL_CTX_use_certificate_file failed." << std::endl;
return -1;
}
if(SSL_CTX_check_private_key(ssl_ctx) != 1) {
std::cerr << "SSL_CTX_check_private_key failed." << std::endl;
return -1;
}
if(config_->verify_client) {
SSL_CTX_set_verify(ssl_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
}
// We speaks "spdy/2" and "spdy/3".
std::pair<unsigned char*, size_t> next_proto; std::pair<unsigned char*, size_t> next_proto;
unsigned char proto_list[14]; unsigned char proto_list[14];
if(!config_->no_tls) {
ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if(!ssl_ctx) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1;
}
SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
if(SSL_CTX_use_PrivateKey_file(ssl_ctx,
config_->private_key_file.c_str(),
SSL_FILETYPE_PEM) != 1) {
std::cerr << "SSL_CTX_use_PrivateKey_file failed." << std::endl;
return -1;
}
if(SSL_CTX_use_certificate_chain_file(ssl_ctx,
config_->cert_file.c_str()) != 1) {
std::cerr << "SSL_CTX_use_certificate_file failed." << std::endl;
return -1;
}
if(SSL_CTX_check_private_key(ssl_ctx) != 1) {
std::cerr << "SSL_CTX_check_private_key failed." << std::endl;
return -1;
}
if(config_->verify_client) {
SSL_CTX_set_verify(ssl_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
}
if(config_->spdy3_only) { // We speaks "spdy/2" and "spdy/3".
proto_list[0] = 6;
memcpy(&proto_list[1], "spdy/3", 6);
next_proto.first = proto_list;
next_proto.second = 7;
} else {
proto_list[0] = 6; proto_list[0] = 6;
memcpy(&proto_list[1], "spdy/3", 6); memcpy(&proto_list[1], "spdy/3", 6);
proto_list[7] = 6; proto_list[7] = 6;
memcpy(&proto_list[8], "spdy/2", 6); memcpy(&proto_list[8], "spdy/2", 6);
next_proto.first = proto_list;
next_proto.second = sizeof(proto_list);
}
SSL_CTX_set_next_protos_advertised_cb(ssl_ctx, next_proto_cb, &next_proto); switch(config_->version) {
case SPDYLAY_PROTO_SPDY3:
next_proto.first = proto_list;
next_proto.second = 7;
break;
case SPDYLAY_PROTO_SPDY2:
next_proto.first = proto_list+7;
next_proto.second = 7;
break;
default:
next_proto.first = proto_list;
next_proto.second = sizeof(proto_list);
}
SSL_CTX_set_next_protos_advertised_cb(ssl_ctx, next_proto_cb, &next_proto);
}
const size_t MAX_EVENTS = 256; const size_t MAX_EVENTS = 256;
Sessions sessions(MAX_EVENTS, ssl_ctx); Sessions sessions(MAX_EVENTS, ssl_ctx);

7
src/SpdyServer.h
View File

@ -52,8 +52,9 @@ struct Config {
std::string cert_file; std::string cert_file;
spdylay_on_request_recv_callback on_request_recv_callback; spdylay_on_request_recv_callback on_request_recv_callback;
void *data_ptr; void *data_ptr;
bool spdy3_only; uint16_t version;
bool verify_client; bool verify_client;
bool no_tls;
Config(); Config();
}; };
@ -113,7 +114,7 @@ public:
ssize_t recv_data(uint8_t *data, size_t len, int flags); ssize_t recv_data(uint8_t *data, size_t len, int flags);
bool would_block(int r); bool would_block() const;
int submit_file_response(const std::string& status, int submit_file_response(const std::string& status,
int32_t stream_id, int32_t stream_id,
@ -141,7 +142,7 @@ private:
SSL* ssl_; SSL* ssl_;
uint16_t version_; uint16_t version_;
int64_t session_id_; int64_t session_id_;
bool want_write_; uint8_t io_flags_;
std::map<int32_t, Request*> id2req_; std::map<int32_t, Request*> id2req_;
}; };

101
src/spdycat.cc
View File

@ -67,6 +67,7 @@ struct Config {
bool verbose; bool verbose;
bool get_assets; bool get_assets;
bool stat; bool stat;
bool no_tls;
int spdy_version; int spdy_version;
// milliseconds // milliseconds
int timeout; int timeout;
@ -75,7 +76,7 @@ struct Config {
int window_bits; int window_bits;
std::map<std::string,std::string> headers; std::map<std::string,std::string> headers;
Config():null_out(false), remote_name(false), verbose(false), Config():null_out(false), remote_name(false), verbose(false),
get_assets(false), stat(false), get_assets(false), stat(false), no_tls(false),
spdy_version(-1), timeout(-1), window_bits(-1) spdy_version(-1), timeout(-1), window_bits(-1)
{} {}
}; };
@ -231,7 +232,7 @@ void submit_request(Spdylay& sc, const std::string& hostport,
{ {
uri::UriStruct& us = req->us; uri::UriStruct& us = req->us;
std::string path = us.dir+us.file+us.query; std::string path = us.dir+us.file+us.query;
int r = sc.submit_request(hostport, path, headers, 3, req); int r = sc.submit_request(us.protocol, hostport, path, headers, 3, req);
assert(r == 0); assert(r == 0);
} }
@ -447,12 +448,7 @@ int communicate(const std::string& host, uint16_t port,
return -1; return -1;
} }
set_tcp_nodelay(fd); set_tcp_nodelay(fd);
SSL_CTX *ssl_ctx;
ssl_ctx = SSL_CTX_new(TLSv1_client_method());
if(!ssl_ctx) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1;
}
std::string next_proto; std::string next_proto;
switch(config.spdy_version) { switch(config.spdy_version) {
case SPDYLAY_PROTO_SPDY2: case SPDYLAY_PROTO_SPDY2:
@ -462,38 +458,48 @@ int communicate(const std::string& host, uint16_t port,
next_proto = "spdy/3"; next_proto = "spdy/3";
break; break;
} }
setup_ssl_ctx(ssl_ctx, &next_proto);
if(!config.keyfile.empty()) { SSL_CTX *ssl_ctx = 0;
if(SSL_CTX_use_PrivateKey_file(ssl_ctx, config.keyfile.c_str(), SSL *ssl = 0;
SSL_FILETYPE_PEM) != 1) { if(!config.no_tls) {
ssl_ctx = SSL_CTX_new(TLSv1_client_method());
if(!ssl_ctx) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl; std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1; return -1;
} }
} setup_ssl_ctx(ssl_ctx, &next_proto);
if(!config.certfile.empty()) { if(!config.keyfile.empty()) {
if(SSL_CTX_use_certificate_chain_file(ssl_ctx, if(SSL_CTX_use_PrivateKey_file(ssl_ctx, config.keyfile.c_str(),
config.certfile.c_str()) != 1) { SSL_FILETYPE_PEM) != 1) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1;
}
}
if(!config.certfile.empty()) {
if(SSL_CTX_use_certificate_chain_file(ssl_ctx,
config.certfile.c_str()) != 1) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1;
}
}
ssl = SSL_new(ssl_ctx);
if(!ssl) {
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl; std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
return -1; return -1;
} }
} if (!SSL_set_tlsext_host_name(ssl, host.c_str())) {
SSL *ssl = SSL_new(ssl_ctx); std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl;
if(!ssl) { return -1;
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl; }
return -1; rv = ssl_nonblock_handshake(ssl, fd, timeout);
} if(rv == -1) {
if (!SSL_set_tlsext_host_name(ssl, host.c_str())) { return -1;
std::cerr << ERR_error_string(ERR_get_error(), 0) << std::endl; } else if(rv == -2) {
return -1; std::cerr << "Request to " << spdySession.hostport
} << " timed out in SSL/TLS handshake."
rv = ssl_nonblock_handshake(ssl, fd, timeout); << std::endl;
if(rv == -1) { return -1;
return -1; }
} else if(rv == -2) {
std::cerr << "Request to " << spdySession.hostport
<< " timed out in SSL/TLS handshake."
<< std::endl;
return -1;
} }
spdySession.record_handshake_time(); spdySession.record_handshake_time();
@ -503,6 +509,7 @@ int communicate(const std::string& host, uint16_t port,
if (spdy_version <= 0) { if (spdy_version <= 0) {
return -1; return -1;
} }
Spdylay sc(fd, ssl, spdy_version, callbacks, &spdySession); Spdylay sc(fd, ssl, spdy_version, callbacks, &spdySession);
spdySession.sc = &sc; spdySession.sc = &sc;
@ -570,9 +577,11 @@ int communicate(const std::string& host, uint16_t port,
<< spdySession.reqvec.size() << spdySession.reqvec.size()
<< ", processed=" << spdySession.complete << std::endl; << ", processed=" << spdySession.complete << std::endl;
} }
SSL_shutdown(ssl); if(ssl) {
SSL_free(ssl); SSL_shutdown(ssl);
SSL_CTX_free(ssl_ctx); SSL_free(ssl);
SSL_CTX_free(ssl_ctx);
}
shutdown(fd, SHUT_WR); shutdown(fd, SHUT_WR);
close(fd); close(fd);
if(config.stat) { if(config.stat) {
@ -632,7 +641,7 @@ int run(char **uris, int n)
void print_usage(std::ostream& out) void print_usage(std::ostream& out)
{ {
out << "Usage: spdycat [-Oansv23] [-t <SECONDS>] [-w <WINDOW_BITS>] [--cert=<CERT>]\n" out << "Usage: spdycat [-Oansv23] [-t <SECONDS>] [-w <WINDOW_BITS>] [--cert=<CERT>]\n"
<< " [--key=<KEY>] <URI>..." << " [--key=<KEY>] [--no-tls] <URI>..."
<< std::endl; << std::endl;
} }
@ -664,6 +673,8 @@ void print_help(std::ostream& out)
<< " The file must be in PEM format.\n" << " The file must be in PEM format.\n"
<< " --key=<KEY> Use the client private key file. The file\n" << " --key=<KEY> Use the client private key file. The file\n"
<< " must be in PEM format.\n" << " must be in PEM format.\n"
<< " --no-tls Disable SSL/TLS. Use -2 or -3 to specify\n"
<< " SPDY protocol version to use.\n"
<< std::endl; << std::endl;
} }
@ -685,6 +696,7 @@ int main(int argc, char **argv)
{"key", required_argument, &flag, 2 }, {"key", required_argument, &flag, 2 },
{"help", no_argument, 0, 'h' }, {"help", no_argument, 0, 'h' },
{"header", required_argument, 0, 'H' }, {"header", required_argument, 0, 'H' },
{"no-tls", no_argument, &flag, 3 },
{0, 0, 0, 0 } {0, 0, 0, 0 }
}; };
int option_index = 0; int option_index = 0;
@ -774,12 +786,25 @@ int main(int argc, char **argv)
// key option // key option
config.keyfile = optarg; config.keyfile = optarg;
break; break;
case 3:
// no-tls option
config.no_tls = true;
break;
} }
break; break;
default: default:
break; break;
} }
} }
if(config.no_tls) {
if(config.spdy_version == -1) {
std::cerr << "Specify SPDY protocol version using either -2 or -3."
<< std::endl;
exit(EXIT_FAILURE);
}
}
struct sigaction act; struct sigaction act;
memset(&act, 0, sizeof(struct sigaction)); memset(&act, 0, sizeof(struct sigaction));
act.sa_handler = SIG_IGN; act.sa_handler = SIG_IGN;

42
src/spdyd.cc
View File

@ -47,7 +47,7 @@ extern bool ssl_debug;
namespace { namespace {
void print_usage(std::ostream& out) void print_usage(std::ostream& out)
{ {
out << "Usage: spdyd [-3DVhv] [-d <PATH>] <PORT> <PRIVATE_KEY> <CERT>" out << "Usage: spdyd [-23DVhv] [-d <PATH>] [--no-tls] <PORT> [<PRIVATE_KEY> <CERT>]"
<< std::endl; << std::endl;
} }
} // namespace } // namespace
@ -74,7 +74,10 @@ void print_help(std::ostream& out)
<< " current working directory.\n" << " current working directory.\n"
<< " -v, --verbose Print debug information such as reception/\n" << " -v, --verbose Print debug information such as reception/\n"
<< " transmission of frames and name/value pairs.\n" << " transmission of frames and name/value pairs.\n"
<< " -2, --spdy2 Only use SPDY/2.\n"
<< " -3, --spdy3 Only use SPDY/3.\n" << " -3, --spdy3 Only use SPDY/3.\n"
<< " --no-tls Disable SSL/TLS. Use -2 or -3 to specify\n"
<< " SPDY protocol version to use.\n"
<< " -h, --help Print this help.\n" << " -h, --help Print this help.\n"
<< std::endl; << std::endl;
} }
@ -84,17 +87,20 @@ int main(int argc, char **argv)
{ {
Config config; Config config;
while(1) { while(1) {
int flag;
static option long_options[] = { static option long_options[] = {
{"daemon", no_argument, 0, 'D' }, {"daemon", no_argument, 0, 'D' },
{"htdocs", required_argument, 0, 'd' }, {"htdocs", required_argument, 0, 'd' },
{"help", no_argument, 0, 'h' }, {"help", no_argument, 0, 'h' },
{"verbose", no_argument, 0, 'v' }, {"verbose", no_argument, 0, 'v' },
{"spdy2", no_argument, 0, '2' },
{"spdy3", no_argument, 0, '3' }, {"spdy3", no_argument, 0, '3' },
{"verify-client", no_argument, 0, 'V' }, {"verify-client", no_argument, 0, 'V' },
{"no-tls", no_argument, &flag, 1 },
{0, 0, 0, 0 } {0, 0, 0, 0 }
}; };
int option_index = 0; int option_index = 0;
int c = getopt_long(argc, argv, "DVd:hv3", long_options, &option_index); int c = getopt_long(argc, argv, "DVd:hv23", long_options, &option_index);
if(c == -1) { if(c == -1) {
break; break;
} }
@ -114,20 +120,45 @@ int main(int argc, char **argv)
case 'v': case 'v':
config.verbose = true; config.verbose = true;
break; break;
case '2':
config.version = SPDYLAY_PROTO_SPDY2;
break;
case '3': case '3':
config.spdy3_only = true; config.version = SPDYLAY_PROTO_SPDY3;
break; break;
case '?': case '?':
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
case 0:
switch(flag) {
case 1:
// no-tls option
config.no_tls = true;
break;
}
break;
default: default:
break; break;
} }
} }
if(argc-optind < 3) { if(argc-optind < (config.no_tls ? 1 : 3)) {
print_usage(std::cerr); print_usage(std::cerr);
std::cerr << "Too few arguments" << std::endl; std::cerr << "Too few arguments" << std::endl;
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
config.port = strtol(argv[optind++], 0, 10);
if(config.no_tls) {
if(config.version == 0) {
std::cerr << "Specify SPDY protocol version using either -2 or -3."
<< std::endl;
exit(EXIT_FAILURE);
}
} else {
config.private_key_file = argv[optind++];
config.cert_file = argv[optind++];
}
if(config.daemon) { if(config.daemon) {
if(config.htdocs.empty()) { if(config.htdocs.empty()) {
print_usage(std::cerr); print_usage(std::cerr);
@ -150,9 +181,6 @@ int main(int argc, char **argv)
SSL_load_error_strings(); SSL_load_error_strings();
SSL_library_init(); SSL_library_init();
reset_timer(); reset_timer();
config.port = strtol(argv[optind++], 0, 10);
config.private_key_file = argv[optind++];
config.cert_file = argv[optind++];
config.on_request_recv_callback = htdocs_on_request_recv_callback; config.on_request_recv_callback = htdocs_on_request_recv_callback;
ssl_debug = config.verbose; ssl_debug = config.verbose;

67
src/spdylay_ssl.cc
View File

@ -54,7 +54,7 @@ Spdylay::Spdylay(int fd, SSL *ssl, uint16_t version,
const spdylay_session_callbacks *callbacks, const spdylay_session_callbacks *callbacks,
void *user_data) void *user_data)
: fd_(fd), ssl_(ssl), version_(version), user_data_(user_data), : fd_(fd), ssl_(ssl), version_(version), user_data_(user_data),
want_write_(false) io_flags_(0)
{ {
int r = spdylay_session_client_new(&session_, version_, callbacks, this); int r = spdylay_session_client_new(&session_, version_, callbacks, this);
assert(r == 0); assert(r == 0);
@ -78,20 +78,36 @@ int Spdylay::send()
ssize_t Spdylay::send_data(const uint8_t *data, size_t len, int flags) ssize_t Spdylay::send_data(const uint8_t *data, size_t len, int flags)
{ {
ssize_t r; ssize_t r;
ERR_clear_error(); io_flags_ = 0;
r = SSL_write(ssl_, data, len); if(ssl_) {
ERR_clear_error();
r = SSL_write(ssl_, data, len);
if(r < 0) {
io_flags_ = get_ssl_io_demand(ssl_, r);
}
} else {
while((r = ::send(fd_, data, len, 0)) == -1 && errno == EINTR);
if(r == -1 && (errno == EAGAIN || errno == EWOULDBLOCK)) {
io_flags_ |= WANT_WRITE;
}
}
return r; return r;
} }
ssize_t Spdylay::recv_data(uint8_t *data, size_t len, int flags) ssize_t Spdylay::recv_data(uint8_t *data, size_t len, int flags)
{ {
ssize_t r; ssize_t r;
want_write_ = false; io_flags_ = 0;
ERR_clear_error(); if(ssl_) {
r = SSL_read(ssl_, data, len); ERR_clear_error();
if(r < 0) { r = SSL_read(ssl_, data, len);
if(SSL_get_error(ssl_, r) == SSL_ERROR_WANT_WRITE) { if(r < 0) {
want_write_ = true; io_flags_ = get_ssl_io_demand(ssl_, r);
}
} else {
while((r = ::recv(fd_, data, len, 0)) == -1 && errno == EINTR);
if(r == -1 && (errno == EAGAIN || errno == EWOULDBLOCK)) {
io_flags_ |= WANT_READ;
} }
} }
return r; return r;
@ -99,12 +115,12 @@ ssize_t Spdylay::recv_data(uint8_t *data, size_t len, int flags)
bool Spdylay::want_read() bool Spdylay::want_read()
{ {
return spdylay_session_want_read(session_); return spdylay_session_want_read(session_) || (io_flags_ & WANT_READ);
} }
bool Spdylay::want_write() bool Spdylay::want_write()
{ {
return spdylay_session_want_write(session_) || want_write_; return spdylay_session_want_write(session_) || (io_flags_ & WANT_WRITE);
} }
bool Spdylay::finish() bool Spdylay::finish()
@ -123,7 +139,8 @@ void* Spdylay::user_data()
return user_data_; return user_data_;
} }
int Spdylay::submit_request(const std::string& hostport, int Spdylay::submit_request(const std::string& scheme,
const std::string& hostport,
const std::string& path, const std::string& path,
const std::map<std::string,std::string> &headers, const std::map<std::string,std::string> &headers,
uint8_t pri, uint8_t pri,
@ -144,7 +161,7 @@ int Spdylay::submit_request(const std::string& hostport,
":method", "GET", ":method", "GET",
":path", path.c_str(), ":path", path.c_str(),
":version", "HTTP/1.1", ":version", "HTTP/1.1",
":scheme", "https", ":scheme", scheme.c_str(),
":host", hostport.c_str(), ":host", hostport.c_str(),
"accept", "*/*", "accept", "*/*",
"user-agent", "spdylay/" SPDYLAY_VERSION "user-agent", "spdylay/" SPDYLAY_VERSION
@ -196,10 +213,9 @@ int Spdylay::submit_settings(int flags, spdylay_settings_entry *iv, size_t niv)
return spdylay_submit_settings(session_, flags, iv, niv); return spdylay_submit_settings(session_, flags, iv, niv);
} }
bool Spdylay::would_block(int r) bool Spdylay::would_block()
{ {
int e = SSL_get_error(ssl_, r); return io_flags_;
return e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_WANT_READ;
} }
int connect_to(const std::string& host, uint16_t port) int connect_to(const std::string& host, uint16_t port)
@ -395,11 +411,14 @@ ssize_t send_callback(spdylay_session *session,
Spdylay *sc = (Spdylay*)user_data; Spdylay *sc = (Spdylay*)user_data;
ssize_t r = sc->send_data(data, len, flags); ssize_t r = sc->send_data(data, len, flags);
if(r < 0) { if(r < 0) {
if(sc->would_block(r)) { if(sc->would_block()) {
r = SPDYLAY_ERR_WOULDBLOCK; r = SPDYLAY_ERR_WOULDBLOCK;
} else { } else {
r = SPDYLAY_ERR_CALLBACK_FAILURE; r = SPDYLAY_ERR_CALLBACK_FAILURE;
} }
} else if(r == 0) {
// In OpenSSL, r == 0 means EOF because SSL_write may do read.
r = SPDYLAY_ERR_CALLBACK_FAILURE;
} }
return r; return r;
} }
@ -410,7 +429,7 @@ ssize_t recv_callback(spdylay_session *session,
Spdylay *sc = (Spdylay*)user_data; Spdylay *sc = (Spdylay*)user_data;
ssize_t r = sc->recv_data(data, len, flags); ssize_t r = sc->recv_data(data, len, flags);
if(r < 0) { if(r < 0) {
if(sc->would_block(r)) { if(sc->would_block()) {
r = SPDYLAY_ERR_WOULDBLOCK; r = SPDYLAY_ERR_WOULDBLOCK;
} else { } else {
r = SPDYLAY_ERR_CALLBACK_FAILURE; r = SPDYLAY_ERR_CALLBACK_FAILURE;
@ -792,6 +811,18 @@ int64_t time_delta(const timeval& a, const timeval& b)
return res; return res;
} }
uint8_t get_ssl_io_demand(SSL *ssl, ssize_t r)
{
switch(SSL_get_error(ssl, r)) {
case SSL_ERROR_WANT_WRITE:
return WANT_WRITE;
case SSL_ERROR_WANT_READ:
return WANT_READ;
default:
return 0;
}
}
namespace { namespace {
timeval base_tv; timeval base_tv;
} // namespace } // namespace

14
src/spdylay_ssl.h
View File

@ -55,11 +55,12 @@ public:
bool want_write(); bool want_write();
bool finish(); bool finish();
int fd() const; int fd() const;
int submit_request(const std::string& hostport, const std::string& path, int submit_request(const std::string& scheme,
const std::string& hostport, const std::string& path,
const std::map<std::string,std::string>& headers, const std::map<std::string,std::string>& headers,
uint8_t pri, void *stream_user_data); uint8_t pri, void *stream_user_data);
int submit_settings(int flags, spdylay_settings_entry *iv, size_t niv); int submit_settings(int flags, spdylay_settings_entry *iv, size_t niv);
bool would_block(int r); bool would_block();
void* user_data(); void* user_data();
private: private:
int fd_; int fd_;
@ -67,7 +68,7 @@ private:
uint16_t version_; uint16_t version_;
spdylay_session *session_; spdylay_session *session_;
void *user_data_; void *user_data_;
bool want_write_; uint8_t io_flags_;
bool debug_; bool debug_;
}; };
@ -148,6 +149,13 @@ void get_timer(timeval *tv);
void print_timer(); void print_timer();
enum {
WANT_READ = 1,
WANT_WRITE = 1 << 1
};
uint8_t get_ssl_io_demand(SSL *ssl, ssize_t r);
} // namespace spdylay } // namespace spdylay
#endif // SPDYLAY_SSL_H #endif // SPDYLAY_SSL_H