Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
OWEALs
/
openssl
-ын хуулбар git://git.openssl.org/openssl.git
2
0
Салаа 0
Файлууд Асуудлууд 1 Мэдлэгийн сан
Мод: 48435b2098
Салаанууд Тагууд
openssl
/
demos
/
tunala
/
sm.c

sm.c 4.4 KB
Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151 
  1. #include "tunala.h"
    2. 

  2. 

  3. #ifndef NO_TUNALA
    4. 

  4. 

  5. void state_machine_init(state_machine_t *machine)
    6. 

  6. {
    7. 

  7. 	machine->ssl = NULL;
    8. 

  8. 	machine->bio_intossl = machine->bio_fromssl = NULL;
    9. 

  9. 	buffer_init(&machine->clean_in);
    10. 

  10. 	buffer_init(&machine->clean_out);
    11. 

  11. 	buffer_init(&machine->dirty_in);
    12. 

  12. 	buffer_init(&machine->dirty_out);
    13. 

  13. }
    14. 

  14. 

  15. void state_machine_close(state_machine_t *machine)
    16. 

  16. {
    17. 

  17. 	if(machine->ssl)
    18. 

  18. 		SSL_free(machine->ssl);
    19. 

  19. /* SSL_free seems to decrement the reference counts already so doing this goes
    20. 

  20.  * kaboom. */
    21. 

  21. #if 0
    22. 

  22. 	if(machine->bio_intossl)
    23. 

  23. 		BIO_free(machine->bio_intossl);
    24. 

  24. 	if(machine->bio_fromssl)
    25. 

  25. 		BIO_free(machine->bio_fromssl);
    26. 

  26. #endif
    27. 

  27. 	buffer_close(&machine->clean_in);
    28. 

  28. 	buffer_close(&machine->clean_out);
    29. 

  29. 	buffer_close(&machine->dirty_in);
    30. 

  30. 	buffer_close(&machine->dirty_out);
    31. 

  31. 	state_machine_init(machine);
    32. 

  32. }
    33. 

  33. 

  34. buffer_t *state_machine_get_buffer(state_machine_t *machine, sm_buffer_t type)
    35. 

  35. {
    36. 

  36. 	switch(type) {
    37. 

  37. 	case SM_CLEAN_IN:
    38. 

  38. 		return &machine->clean_in;
    39. 

  39. 	case SM_CLEAN_OUT:
    40. 

  40. 		return &machine->clean_out;
    41. 

  41. 	case SM_DIRTY_IN:
    42. 

  42. 		return &machine->dirty_in;
    43. 

  43. 	case SM_DIRTY_OUT:
    44. 

  44. 		return &machine->dirty_out;
    45. 

  45. 	default:
    46. 

  46. 		break;
    47. 

  47. 	}
    48. 

  48. 	/* Should never get here */
    49. 

  49. 	abort();
    50. 

  50. 	return NULL;
    51. 

  51. }
    52. 

  52. 

  53. SSL *state_machine_get_SSL(state_machine_t *machine)
    54. 

  54. {
    55. 

  55. 	return machine->ssl;
    56. 

  56. }
    57. 

  57. 

  58. int state_machine_set_SSL(state_machine_t *machine, SSL *ssl, int is_server)
    59. 

  59. {
    60. 

  60. 	if(machine->ssl)
    61. 

  61. 		/* Shouldn't ever be set twice */
    62. 

  62. 		abort();
    63. 

  63. 	machine->ssl = ssl;
    64. 

  64. 	/* Create the BIOs to handle the dirty side of the SSL */
    65. 

  65. 	if((machine->bio_intossl = BIO_new(BIO_s_mem())) == NULL)
    66. 

  66. 		abort();
    67. 

  67. 	if((machine->bio_fromssl = BIO_new(BIO_s_mem())) == NULL)
    68. 

  68. 		abort();
    69. 

  69. 	/* Hook up the BIOs on the dirty side of the SSL */
    70. 

  70. 	SSL_set_bio(machine->ssl, machine->bio_intossl, machine->bio_fromssl);
    71. 

  71. 	if(is_server)
    72. 

  72. 		SSL_set_accept_state(machine->ssl);
    73. 

  73. 	else
    74. 

  74. 		SSL_set_connect_state(machine->ssl);
    75. 

  75. 	/* If we're the first one to generate traffic - do it now otherwise we
    76. 

  76. 	 * go into the next select empty-handed and our peer will not send data
    77. 

  77. 	 * but will similarly wait for us. */
    78. 

  78. 	return state_machine_churn(machine);
    79. 

  79. }
    80. 

  80. 

  81. /* Performs the data-IO loop and returns zero if the machine should close */
    82. 

  82. int state_machine_churn(state_machine_t *machine)
    83. 

  83. {
    84. 

  84. 	unsigned int loop;
    85. 

  85. 	if(machine->ssl == NULL) {
    86. 

  86. 		if(buffer_empty(&machine->clean_out))
    87. 

  87. 			/* Time to close this state-machine altogether */
    88. 

  88. 			return 0;
    89. 

  89. 		else
    90. 

  90. 			/* Still buffered data on the clean side to go out */
    91. 

  91. 			return 1;
    92. 

  92. 	}
    93. 

  93. 	/* Do this loop twice to cover any dependencies about which precise
    94. 

  94. 	 * order of reads and writes is required. */
    95. 

  95. 	for(loop = 0; loop < 2; loop++) {
    96. 

  96. 		buffer_to_SSL(&machine->clean_in, machine->ssl);
    97. 

  97. 		buffer_to_BIO(&machine->dirty_in, machine->bio_intossl);
    98. 

  98. 		buffer_from_SSL(&machine->clean_out, machine->ssl);
    99. 

  99. 		buffer_from_BIO(&machine->dirty_out, machine->bio_fromssl);
    100. 

  100. 	}
    101. 

  101. 	/* We close on the SSL side if the info callback noticed some problems
    102. 

  102. 	 * or an SSL shutdown was underway and shutdown traffic had all been
    103. 

  103. 	 * sent. */
    104. 

  104. 	if(SSL_get_app_data(machine->ssl) || (SSL_get_shutdown(machine->ssl) &&
    105. 

  105. 				buffer_empty(&machine->dirty_out))) {
    106. 

  106. 		/* Great, we can seal off the dirty side completely */
    107. 

  107. 		if(!state_machine_close_dirty(machine))
    108. 

  108. 			return 0;
    109. 

  109. 	}
    110. 

  110. 	/* Either the SSL is alive and well, or the closing process still has
    111. 

  111. 	 * outgoing data waiting to be sent */
    112. 

  112. 	return 1;
    113. 

  113. }
    114. 

  114. 

  115. /* Called when the clean side of the SSL has lost its connection */
    116. 

  116. int state_machine_close_clean(state_machine_t *machine)
    117. 

  117. {
    118. 

  118. 	/* Well, first thing to do is null out the clean-side buffers - they're
    119. 

  119. 	 * no use any more. */
    120. 

  120. 	buffer_close(&machine->clean_in);
    121. 

  121. 	buffer_close(&machine->clean_out);
    122. 

  122. 	/* And start an SSL shutdown */
    123. 

  123. 	if(machine->ssl)
    124. 

  124. 		SSL_shutdown(machine->ssl);
    125. 

  125. 	/* This is an "event", so flush the SSL of any generated traffic */
    126. 

  126. 	state_machine_churn(machine);
    127. 

  127. 	if(buffer_empty(&machine->dirty_in) &&
    128. 

  128. 			buffer_empty(&machine->dirty_out))
    129. 

  129. 		return 0;
    130. 

  130. 	return 1;
    131. 

  131. }
    132. 

  132. 

  133. /* Called when the dirty side of the SSL has lost its connection. This is pretty
    134. 

  134.  * terminal as all that can be left to do is send any buffered output on the
    135. 

  135.  * clean side - after that, we're done. */
    136. 

  136. int state_machine_close_dirty(state_machine_t *machine)
    137. 

  137. {
    138. 

  138. 	buffer_close(&machine->dirty_in);
    139. 

  139. 	buffer_close(&machine->dirty_out);
    140. 

  140. 	buffer_close(&machine->clean_in);
    141. 

  141. 	if(machine->ssl)
    142. 

  142. 		SSL_free(machine->ssl);
    143. 

  143. 	machine->ssl = NULL;
    144. 

  144. 	machine->bio_intossl = machine->bio_fromssl = NULL;
    145. 

  145. 	if(buffer_empty(&machine->clean_out))
    146. 

  146. 		return 0;
    147. 

  147. 	return 1;
    148. 

  148. }
    149. 

  149. 

  150. #endif /* !defined(NO_TUNALA) */
    151. 

  151.