Mercurial > hg > freeDiameter-dtls

annotate libfdcore/sctp_dtls.c @ 1227:33b94b5b8289

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Use path_mtu instead of MTU. Now large packets exchange are successful.
author Sebastien Decugis <sdecugis@freediameter.net>
date Thu, 20 Jun 2013 09:55:03 +0800
parents 835fe2345db6
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
1 /*********************************************************************************************************
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
2 * Software License Agreement (BSD License) *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
3 * Author: Sebastien Decugis <sdecugis@freediameter.net> *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
4 * *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
5 * Copyright (c) 2013, WIDE Project and NICT *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
6 * All rights reserved. *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
7 * *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
8 * Redistribution and use of this software in source and binary forms, with or without modification, are *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
9 * permitted provided that the following conditions are met: *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
10 * *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
11 * * Redistributions of source code must retain the above *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
12 * copyright notice, this list of conditions and the *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
13 * following disclaimer. *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
14 * *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
15 * * Redistributions in binary form must reproduce the above *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
16 * copyright notice, this list of conditions and the *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
17 * following disclaimer in the documentation and/or other *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
18 * materials provided with the distribution. *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
19 * *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
20 * * Neither the name of the WIDE Project or NICT nor the *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
21 * names of its contributors may be used to endorse or *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
22 * promote products derived from this software without *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
23 * specific prior written permission of WIDE Project and *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
24 * NICT. *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
25 * *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
34 *********************************************************************************************************/
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
35
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
36 /* This file contains the code for DTLS over multi-stream SCTP implementation */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
37
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
38 #include "fdcore-internal.h"
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
39 #include "cnxctx.h"
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
40
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
41
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
42 /* In DTLS over SCTP, all the DTLS internal messages (handshake, etc) must be sent over stream 0 so that we are sure they are received in order.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
43 Since we need to distinguish different DTLS payloads, we need some knowledge of DTLS protocol here.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
44 We will then chose the stream within our "push" function called by GNUTLS.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
45 */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
46 #define DTLS_TYPE_OFFSET 0 /* The TYPE byte is the first in a DTLS packet */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
47 #define DTLS_TYPE_application_data 23 /* This is the value when the DTLS packet contains DATA (i.e. Diameter payload in our case) */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
48 #define DTLS_SEQ_OFFSET 3 /* The SEQUENCE bytes come after type and proto version */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
49
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
50
1225
1804ef0240cc Fix invalid MTU value
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1223
diff changeset
51 #define DTLS_SCTP_MTU 1<<14 /* as per RFC 6083 */
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
52
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
53
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
54 /* The DTLS MTU is limited to 2^14, but Diameter messages can be larger. It means we MUST handle Diameter messages reassembly here; and this is not simple.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
55
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
56 There are two ways to deal with this problem:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
57
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
58 - first solution is to force ordering when parsing all the datagrams received (as SCTP guarantees we will receive them),
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
59 so we are guaranteed to reconstruct the stream of data in the same order as it was sent, and we can process the received data the same way as TCP.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
60 * pros: very robust, does not depend on how the remote side is sending the data (assuming they do not interleave chunks of diameter messages, we'd have no solution otherwise)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
61 * cons: less efficient than the next solution, as on the receiving side we cannot parse new payloads until all the previous ones are received.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
62 It defeats some of the benefits of the partial ordering of SCTP.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
63
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
64 - second solution is to make sure the fragmented payloads are sent over the same stream (which are always ordered) and rebuild the messages per stream.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
65 * pros: enables to process complete messages received on other streams while waiting for some chunks (similar to non-DTLS situation, except that in that case SCTP handles the fragmentation)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
66 * cons: we must be sure the sending side is actually sending pieces of a message on the same stream. And the processing on receiving side is more complex.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
67
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
68 We'd have actually more solutions, for example storing the message hop-by-hop id in the snd_ppid field of SCTP header, but this would work only in front of freeDiameter.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
69
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
70 Here is an illustration of the two solutions:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
71 we assume 3 streams S1,S2,S3 and 4 messages, message M1 of 2^14 + 2^13 (=24576) bytes and 3 messages M2,M3,M4 of 2^12 (=4096) bytes to send from peer A to peer B.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
72
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
73 Peer A calls fd_cnx_send() 4 times with the 4 messages M1,M2,M3,M4, which in turn calls gnutls_record_send(), which generates the chunks C1...C5 below:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
74 C1: gnutls_record_send(M1) -> returns 2^14 since the complete record exceed the MTU.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
75 C2: gnutls_record_send(M1+2^14) -> returns the remaining 2^13
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
76 C3: gnutls_record_send(M2)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
77 C4: gnutls_record_send(M3)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
78 C5: gnutls_record_send(M4)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
79
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
80 *** Solution 1)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
81
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
82 Implementing the first solution above, the chunks are sent as follows (assuming round-robin sending over the streams):
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
83 C1 over S1,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
84 C2 over S2,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
85 C3 over S3,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
86 C4 over S1,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
87 C5 over S2.
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
88
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
89 Given the size of the chunks, they might be delivered in the following order on the receiving side:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
90 C3
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
91 C2
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
92 C5
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
93 C1
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
94 C4
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
95
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
96 This means we have to store C3, C2 and C5 until C1 is received, then we can process C1,C2,C3,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
97 and again wait for C4 before processing C4 and C5, while C3, C4 and C5 are totally independent
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
98 and could be processed directly after being received.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
99
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
100
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
101 *** Solution 2)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
102
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
103 Here the partial ordering is enforced, so the sending side MUST send C1 and C2 over the same stream, e.g.:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
104 C1 over S1,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
105 C2 over S1,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
106 C3 over S2,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
107 C4 over S3,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
108 C5 over S1.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
109
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
110 On the receiving side, given the sizes of the message, we might receive the chunks in the following order:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
111 C3
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
112 C4
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
113 C1
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
114 C2
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
115 C5
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
116
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
117 We can process C3 and C4 as soon as they are received, then C1 is stored (when decrypted we can see it is a partial chunk)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
118 until the remaining payload is received; however we can continue to process the data received over other streams without delay.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
119
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
120
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
121 *** What we do here.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
122
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
123 freeDiameter implements the Solution 2 on the sending side (no additional cost), via fd_sctp_dtls_send() below.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
124
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
125 On the receiving side, we implement Solution 1 at the moment (safe). We do it at the lowest layer, before passing the data to GNUTLS.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
126 This way, we can catch all sequence numbers easily.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
127 Note however we have no way to handle cleanly the change of ephoch in case of cipher change (this is unclear in RFC6083 as well)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
128
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
129 We'll see later if it makes sense to implement solution 2.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
130 How to decide if we can use it? one way could be to start doing solution 1,
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
131 and when a large record is received check if the chunks were received on the same stream or not.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
132
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
133 Implementation of solution 2 is difficult because we need to pass the stream information through GNU TLS and there is no easy way to do it.
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
134
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
135 */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
136
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
137 /* Retrieve the next data from the socket. Returns 0 if no payload data is available, >0 otherwise, and <0 in case of error */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
138 static int get_next_data_from_socket(struct cnxctx * conn, uint16_t *strid, uint8_t ** buf, size_t *len)
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
139 {
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
140 int got_data = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
141 int event;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
142 CHECK_FCT_DO( fd_sctp_recvmeta(conn, strid, buf, len, &event), return -1 );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
143 switch (event) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
144 case FDEVP_CNX_MSG_RECV:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
145 got_data = 1;
1222
5d0d300a7cd9 Add more traces for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1219
diff changeset
146 LOG_A("Received DTLS data, len %zd, type %hhd, Seq %02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx, Stream %hu",
5d0d300a7cd9 Add more traces for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1219
diff changeset
147 *len, (*buf)[0],
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
148 (*buf)[3],(*buf)[4],(*buf)[5],(*buf)[6], (*buf)[7],(*buf)[8],(*buf)[9],(*buf)[10],
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
149 *strid);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
150 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
151
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
152 case FDEVP_CNX_EP_CHANGE:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
153 /* Send this event to the target queue */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
154 CHECK_FCT_DO( fd_event_send( fd_cnx_target_queue(conn), event, *len, *buf), return -1 );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
155 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
156
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
157 case FDEVP_CNX_SHUTDOWN:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
158 /* Just ignore the notification for now, we will get another error later anyway */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
159 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
160
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
161 case FDEVP_CNX_ERROR:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
162 default:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
163 return -1;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
164 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
165
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
166 return got_data;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
167 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
168
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
169 /* Count the number of records received in a chunk (including partial) and increment the nextseq field accordingly */
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
170 static void update_nextseq_from_records(struct cnxctx * conn, uint8_t * buf, size_t len)
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
171 {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
172 size_t offset = 0;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
173 uint16_t next_record_len;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
174 int i;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
175
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
176
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
177 while (offset + 13 <= len) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
178 next_record_len = (buf[offset+11] << 8) + buf[offset+12];
1222
5d0d300a7cd9 Add more traces for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1219
diff changeset
179 LOG_A("update_nextseq_from_records off:%zd Type %hhd, Ver:%02hhx.%02hhx, Len:%d, Seq:%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx",
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
180 offset,
1222
5d0d300a7cd9 Add more traces for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1219
diff changeset
181 buf[offset], buf[offset+1], buf[offset+2], (((int)buf[offset+11])<<8)+((int)buf[offset+12]),
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
182 buf[offset+3],buf[offset+4],buf[offset+5],buf[offset+6],buf[offset+7],buf[offset+8],buf[offset+9],buf[offset+10]
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
183 );
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
184
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
185 if (memcmp(buf + offset + DTLS_SEQ_OFFSET, conn->cc_sctp_dtls_data.nextseq, 8) != 0) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
186 /* The next record is not the one we expect in sequence. Is it a new epoch ? */
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
187 uint8_t newepoch[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
188 if (conn->cc_sctp_dtls_data.nextseq[1] != 0xFF) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
189 newepoch[0] = conn->cc_sctp_dtls_data.nextseq[0]; newepoch[1] = conn->cc_sctp_dtls_data.nextseq[1] + 1;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
190 } else if (conn->cc_sctp_dtls_data.nextseq[0] != 0xFF) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
191 newepoch[0] =conn->cc_sctp_dtls_data.nextseq[0] + 1; newepoch[1] = 0;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
192 } else {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
193 LOG_F("Epoch field wrapped, can this happen ???");
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
194 ASSERT(0); TODO("FFS");
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
195 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
196
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
197 if (memcmp(buf + offset + DTLS_SEQ_OFFSET, newepoch, 8) == 0) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
198 /* Yes, this is a new epoch record, store this as next seq and continue */
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
199 memcpy(conn->cc_sctp_dtls_data.nextseq, newepoch, 8);
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
200 } else {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
201 LOG_E("buf seq: %02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx", buf[offset +3], buf[offset +4], buf[offset +5], buf[offset +6], buf[offset +7], buf[offset +8], buf[offset +9], buf[offset +10]);
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
202 LOG_E("nextseq: %02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx", conn->cc_sctp_dtls_data.nextseq[0], conn->cc_sctp_dtls_data.nextseq[1], conn->cc_sctp_dtls_data.nextseq[2], conn->cc_sctp_dtls_data.nextseq[3], conn->cc_sctp_dtls_data.nextseq[4], conn->cc_sctp_dtls_data.nextseq[5], conn->cc_sctp_dtls_data.nextseq[6], conn->cc_sctp_dtls_data.nextseq[7]);
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
203 TODO("This should not be happening...");
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
204 ASSERT(0);
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
205 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
206 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
207
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
208 /* increment seq number */
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
209 for (i = 7; i>=3; i--) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
210 if (conn->cc_sctp_dtls_data.nextseq[i] == 0xFF) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
211 conn->cc_sctp_dtls_data.nextseq[i] = 0;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
212 } else {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
213 conn->cc_sctp_dtls_data.nextseq[i] ++;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
214 break;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
215 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
216 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
217 if (i==2) {
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
218 LOG_F("Sequence_number field wrapped, can this happen ???");
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
219 ASSERT(0); TODO("FFS");
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
220 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
221
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
222 offset += (size_t)next_record_len + 13;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
223 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
224 }
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
225
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
226 /***************************************************************************************************/
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
227 /* Helper functions to reorder the received chunks by sequence number */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
228 /***************************************************************************************************/
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
229
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
230 struct chunk {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
231 struct fd_list chain; /* link in the ordered list of chunks */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
232 uint8_t seq[8]; /* epoch + sequence number */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
233 uint8_t * buffer; /* the data */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
234 size_t len; /* length of the buffer */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
235 uint16_t stream; /* which stream the chunk was received on */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
236 /* We could also add a timestamp here */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
237 };
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
238
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
239 /* Inserts new buffer received from the connection in the list of chunks */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
240 static int chunk_insert(struct cnxctx * conn, uint16_t streamid, uint8_t *buffer, size_t len)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
241 {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
242 struct chunk * new;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
243 struct fd_list * li;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
244 uint8_t * newseq;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
245
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
246 /* Check the new sequence is >= what we processed in upper layer */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
247 newseq = buffer + DTLS_SEQ_OFFSET;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
248 if (memcmp(newseq, conn->cc_sctp_dtls_data.validseq, 8) < 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
249 LOG_E("Received DTLS packet with smaller sequence number than already processed, discarded. FFS.");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
250 free(buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
251 return 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
252 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
253
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
254 /* Create a new chunk structure to store this chunk */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
255 CHECK_MALLOC( new = malloc(sizeof(struct chunk)) );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
256 memset(new, 0, sizeof(struct chunk));
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
257 fd_list_init(&new->chain, new);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
258 memcpy(&new->seq, newseq, 8);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
259 new->buffer = buffer;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
260 new->len = len;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
261 new->stream = streamid;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
262
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
263 /* Insert this new structure in the list attached to the connection */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
264 for (li = conn->cc_sctp_dtls_data.chunks.prev; li != &conn->cc_sctp_dtls_data.chunks; li = li->prev) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
265 int cmp = memcmp(new->seq, ((struct chunk *)li->o)->seq, 8);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
266 if (cmp < 0) continue;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
267 if (cmp == 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
268 /* discard repeated seq */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
269 LOG_E("Received DTLS packet with duplicate sequence number, discarded. FFS.");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
270 free(buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
271 free(new);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
272 return 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
273 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
274 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
275 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
276 /* special case: if we are already delivering partially the first chunk, we do insert only after this one */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
277 if (conn->cc_sctp_dtls_data.offset && (li == &conn->cc_sctp_dtls_data.chunks))
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
278 li = li->next;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
279
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
280 fd_list_insert_after(li, &new->chain);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
281
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
282 return 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
283
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
284 }
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
285
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
286 /* Retrieve data from the list of chunks. Returns 0 if no data is ready for upper layer, the available length otherwise (up to upperlen) */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
287 static size_t chunk_retrieve(struct cnxctx * conn, void * upperbuf, size_t upperlen, int probeonly)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
288 {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
289 struct chunk * next;
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
290 int cmp;
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
291 size_t ret = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
292 redo:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
293 if (FD_IS_LIST_EMPTY(&conn->cc_sctp_dtls_data.chunks)) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
294 return 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
295 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
296
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
297 next = conn->cc_sctp_dtls_data.chunks.next->o;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
298
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
299 /* If we are already delivering this chunk, just continue until complete */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
300 if (conn->cc_sctp_dtls_data.offset != 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
301 if (probeonly)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
302 return 1;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
303
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
304 ret = next->len - conn->cc_sctp_dtls_data.offset;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
305 if (upperlen < ret)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
306 ret = upperlen;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
307
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
308 memcpy(upperbuf, next->buffer + conn->cc_sctp_dtls_data.offset, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
309 conn->cc_sctp_dtls_data.offset += ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
310 if (conn->cc_sctp_dtls_data.offset == next->len) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
311 /* we delivered the complete chunk, now we can remove it */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
312 conn->cc_sctp_dtls_data.offset = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
313 free(next->buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
314 fd_list_unlink(&next->chain);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
315 free(next);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
316 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
317 return ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
318 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
319
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
320 cmp = memcmp(next->seq, conn->cc_sctp_dtls_data.nextseq, 8);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
321 if (cmp < 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
322 cmp = memcmp(next->seq, conn->cc_sctp_dtls_data.validseq, 8);
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
323 if (cmp < 0) {
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
324 /* This is old stuff or invalid stuff, discard */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
325 LOG_E("Unqueued DTLS packet with old sequence number, discarding.");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
326 free(next->buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
327 fd_list_unlink(&next->chain);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
328 free(next);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
329 goto redo;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
330 }
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
331 /* If the first chunk in our list has a smaller seq number than what we already delivered, we pass it above (to prevent possible DoS by sending forged sequence numbers) */
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
332 if (probeonly)
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
333 return 1;
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
334
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
335 ret = next->len;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
336 if (upperlen < ret) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
337 ret = upperlen;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
338 memcpy(upperbuf, next->buffer, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
339 conn->cc_sctp_dtls_data.offset = ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
340 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
341 memcpy(upperbuf, next->buffer, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
342 free(next->buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
343 fd_list_unlink(&next->chain);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
344 free(next);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
345 }
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
346 LOG_A("Unqueueing (old) chunk with seq number %02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx",
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
347 next->seq[0],next->seq[1],next->seq[2],next->seq[3],next->seq[4],next->seq[5],next->seq[6],next->seq[7]);
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
348 return ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
349 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
350 if (cmp > 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
351 /* is this the first message of a new epoch ? */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
352 uint8_t newepoch[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
353 if (next->seq[1] != 0xFF) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
354 newepoch[0] = next->seq[0]; newepoch[1] = next->seq[1] + 1;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
355 } else if (next->seq[0] != 0xFF) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
356 newepoch[0] = next->seq[0] + 1; newepoch[1] = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
357 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
358 LOG_F("Epoch field wrapped, can this happen ???");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
359 ASSERT(0); TODO("FFS");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
360 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
361
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
362 if (memcmp(newepoch, next->seq, 8) == 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
363 /* Bingo, this is the first message of the new epoch. We update our nextseq accordingly */
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
364 if (probeonly)
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
365 return 1;
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
366 memcpy(conn->cc_sctp_dtls_data.nextseq, newepoch, 8);
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
367 update_nextseq_from_records(conn, next->buffer, next->len);
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
368
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
369 LOG_A("Unqueueing chunk with seq number %02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx (epoch change)",
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
370 next->seq[0],next->seq[1],next->seq[2],next->seq[3],next->seq[4],next->seq[5],next->seq[6],next->seq[7]);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
371 ret = next->len;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
372 if (upperlen < ret) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
373 ret = upperlen;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
374 memcpy(upperbuf, next->buffer, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
375 conn->cc_sctp_dtls_data.offset = ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
376 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
377 memcpy(upperbuf, next->buffer, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
378 free(next->buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
379 fd_list_unlink(&next->chain);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
380 free(next);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
381 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
382 return ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
383 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
384
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
385 /* otherwise, we don't return this data */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
386 return 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
387 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
388
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
389 /* next is the next chunk expected on this connection */
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
390 if (probeonly)
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
391 return 1;
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
392
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
393 /* We increment the next seq by the number or records found in this chunk */
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
394 update_nextseq_from_records(conn, next->buffer, next->len);
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
395
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
396 /* And we deliver this to upper layer */
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
397 LOG_A("Unqueueing chunk: Type %hhd, Ver:%02hhx.%02hhx, Seq:%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx",
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
398 next->buffer[0], next->buffer[1], next->buffer[2],
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
399 next->seq[0],next->seq[1],next->seq[2],next->seq[3],next->seq[4],next->seq[5],next->seq[6],next->seq[7]);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
400 ret = next->len;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
401 if (upperlen < ret) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
402 ret = upperlen;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
403 memcpy(upperbuf, next->buffer, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
404 conn->cc_sctp_dtls_data.offset = ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
405 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
406 memcpy(upperbuf, next->buffer, ret);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
407 free(next->buffer);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
408 fd_list_unlink(&next->chain);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
409 free(next);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
410 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
411 return ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
412 }
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
413
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
414 /* returns positive value if data is available for upper layer, 0 if the time is elapsed */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
415 static int chunk_select(struct cnxctx * conn, unsigned int ms)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
416 {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
417 fd_set rfds;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
418 struct timespec absend, inter;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
419 int ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
420 uint8_t * buf;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
421 size_t len;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
422 uint16_t strid;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
423
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
424 /* absolute time we will timeout */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
425 CHECK_SYS_DO( clock_gettime(CLOCK_REALTIME, &absend), return -1 );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
426 absend.tv_sec += ((ms + (absend.tv_nsec / 1000000L)) / 1000);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
427 absend.tv_nsec = ( ms * 1000000L + absend.tv_nsec ) % 1000000000L;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
428
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
429 do {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
430 /* Check if we have available data in the list of chunks */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
431 if (chunk_retrieve(conn, NULL, 0, 1) > 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
432 return 1;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
433
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
434 /* otherwise we need to retrieve more data from the socket, so we select */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
435
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
436 FD_ZERO (&rfds);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
437 FD_SET (conn->cc_socket, &rfds);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
438
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
439 /* We wait until absend only */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
440 CHECK_SYS_DO( clock_gettime(CLOCK_REALTIME, &inter), return -1 );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
441 if (inter.tv_nsec <= absend.tv_nsec) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
442 if (inter.tv_sec > absend.tv_sec) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
443 inter.tv_sec = 0; inter.tv_nsec = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
444 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
445 inter.tv_sec = absend.tv_sec - inter.tv_sec;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
446 inter.tv_nsec = absend.tv_nsec - inter.tv_nsec;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
447 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
448 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
449 if (inter.tv_sec >= absend.tv_sec) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
450 inter.tv_sec = 0; inter.tv_nsec = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
451 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
452 inter.tv_sec = absend.tv_sec - inter.tv_sec - 1;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
453 inter.tv_nsec = 1000000000L - inter.tv_nsec + absend.tv_nsec;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
454 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
455 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
456
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
457 /* Now, wait for new data on the socket */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
458 ret = pselect (conn->cc_socket + 1, &rfds, NULL, NULL, &inter, NULL);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
459 if (ret <= 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
460 break; /* no data was received, we can return */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
461
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
462 /* We got data, get it and insert in the list of chunks */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
463 ret = get_next_data_from_socket(conn, &strid, &buf, &len);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
464 if (ret < 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
465 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
466 if (ret == 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
467 continue;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
468
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
469 CHECK_FCT_DO( chunk_insert(conn, strid, buf, len), return -1 );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
470 /* and loop */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
471 } while (1);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
472
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
473 return ret;
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
474 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
475
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
476 /***************************************************************************************************/
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
477 /* Functions "under" GNU TLS */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
478 /***************************************************************************************************/
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
479
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
480 /* Send data over the connection, called by gnutls. This function checks the type of DTLS packet and sends
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
481 all non-application data over stream 0 (to enforce ordering) and application data over the stream set by
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
482 upper layer in conn->cc_sctp_para.next */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
483 static ssize_t sctp_dtls_pushv(gnutls_transport_ptr_t tr, const giovec_t * iov, int iovcnt)
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
484 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
485 struct cnxctx * conn = (struct cnxctx *)tr;
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
486 uint16_t stream = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
487
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
488
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
489 TRACE_ENTRY("%p %p %d", tr, iov, iovcnt);
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
490 CHECK_PARAMS_DO( tr && iov, { errno = EINVAL; return -1; } );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
491
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
492 if ((conn->cc_sctp_para.unordered != 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
493 && (iovcnt > 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
494 && (iov->iov_len > 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
495 && (((uint8_t *)iov->iov_base)[DTLS_TYPE_OFFSET] == DTLS_TYPE_application_data)) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
496 /* Data is sent over different streams, if allowed */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
497 stream = conn->cc_sctp_para.next;
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
498 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
499
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
500 if ((iovcnt > 0) && (iov->iov_len > 10)) {
1219
8802d3fa5876 Got successful handshake over DTLS with this version
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1217
diff changeset
501 LOG_A("Sending DTLS data, type %hhd, Seq %02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx, Stream %hu",
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
502 ((uint8_t *)iov->iov_base)[0],
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
503 ((uint8_t *)iov->iov_base)[3],((uint8_t *)iov->iov_base)[4],((uint8_t *)iov->iov_base)[5],((uint8_t *)iov->iov_base)[6],
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
504 ((uint8_t *)iov->iov_base)[7],((uint8_t *)iov->iov_base)[8],((uint8_t *)iov->iov_base)[9],((uint8_t *)iov->iov_base)[10],
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
505 stream);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
506 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
507 LOG_A("Sending DTLS data, {iovcnt=%d, iov->iov_len=%zd}, Stream %hu",
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
508 iovcnt, ((iovcnt>0) ? iov->iov_len : 0), stream);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
509 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
510
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
511 return fd_sctp_sendstrv(conn, stream, (const struct iovec *)iov, iovcnt);
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
512 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
513
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
514 /* Check if data is available for gnutls on a given connection. */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
515 static int sctp_dtls_pull_timeout(gnutls_transport_ptr_t tr, unsigned int ms)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
516 {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
517 struct cnxctx * conn = (struct cnxctx *)tr;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
518 return chunk_select(conn, ms);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
519 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
520
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
521
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
522 /* This function returns only ordered data to the upper layer */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
523 static ssize_t sctp_dtls_pull(gnutls_transport_ptr_t tr, void * gnutlsbuf, size_t gnutlslen)
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
524 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
525 struct cnxctx * conn = (struct cnxctx *)tr;
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
526 ssize_t ret = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
527
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
528 while ( (ret = chunk_retrieve(conn,gnutlsbuf,gnutlslen,0)) == 0) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
529
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
530 /* No partial data, read the next SCTP record */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
531 int stop = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
532 uint8_t * buf;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
533 size_t len;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
534 uint16_t strid;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
535 do {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
536 stop = get_next_data_from_socket(conn, &strid, &buf, &len);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
537 if (stop < 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
538 goto out;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
539 } while (!stop);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
540
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
541 CHECK_FCT_DO( chunk_insert(conn, strid, buf, len), goto out );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
542 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
543
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
544 out:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
545 return ret;
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
546
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
547 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
548
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
549
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
550 /***************************************************************************************************/
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
551 /* Functions "above" GNU TLS */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
552 /***************************************************************************************************/
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
553
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
554 /* Set the parameters of a session to use the cnxctx object */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
555 int fd_sctp_dtls_settransport(gnutls_session_t session, struct cnxctx * conn)
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
556 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
557 /* Set the transport pointer passed to push & pull callbacks */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
558 GNUTLS_TRACE( gnutls_transport_set_ptr( session, (gnutls_transport_ptr_t) conn ) );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
559
1223
33ad82ffbdde Make GNU TLS 3.x mandatory since we want to support DTLS. Removed the old compatibility code.
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1222
diff changeset
560 /* in 3.0 we have to provide the pull_timeout callback */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
561 GNUTLS_TRACE( gnutls_transport_set_pull_timeout_function( session, sctp_dtls_pull_timeout ) );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
562
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
563 /* Set the push and pull callbacks */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
564 GNUTLS_TRACE( gnutls_transport_set_pull_function(session, sctp_dtls_pull) );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
565 GNUTLS_TRACE( gnutls_transport_set_vec_push_function(session, sctp_dtls_pushv) );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
566
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
567 return 0;
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
568 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
569
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
570
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
571 /* Set additional session parameters before handshake. The GNUTLS_DATAGRAM is already set in fd_tls_prepare */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
572 int fd_sctp_dtls_prepare(gnutls_session_t session)
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
573 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
574 /* We do not use cookies at the moment. Not sure it is useful or not */
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
575 /* TODO("Cookie exchange?"); */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
576 /* gnutls_dtls_prestate_set (session, &prestate); */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
577
1222
5d0d300a7cd9 Add more traces for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1219
diff changeset
578 GNUTLS_TRACE( gnutls_dtls_set_mtu(session, DTLS_SCTP_MTU));
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
579
1222
5d0d300a7cd9 Add more traces for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1219
diff changeset
580 GNUTLS_TRACE( gnutls_dtls_set_timeouts(session, 70000, 60000)); /* Set retrans > total so that there is no retransmission, since SCTP is reliable */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
581
1223
33ad82ffbdde Make GNU TLS 3.x mandatory since we want to support DTLS. Removed the old compatibility code.
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1222
diff changeset
582 #ifdef GNUTLS_VERSION_322
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
583 TODO("Disable replay protection");
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
584 TODO("Register hook on the Finish message to change SCTP_AUTH active key on the socket");
1223
33ad82ffbdde Make GNU TLS 3.x mandatory since we want to support DTLS. Removed the old compatibility code.
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1222
diff changeset
585 #endif /* GNUTLS_VERSION_322 */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
586
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
587 return 0;
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
588
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
589 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
590
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
591 /* the following function is actually almost same as fd_tls_recv_handle_error at the moment, since all handling is done under gnutls */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
592 ssize_t fd_dtls_recv_handle_error(struct cnxctx * conn, gnutls_session_t session, void * data, size_t sz)
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
593 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
594 ssize_t ret;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
595 again:
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
596 CHECK_GNUTLS_DO( ret = gnutls_record_recv_seq(session, data, sz, conn->cc_sctp_dtls_data.validseq),
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
597 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
598 switch (ret) {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
599 case GNUTLS_E_REHANDSHAKE:
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
600 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
601 CHECK_GNUTLS_DO( ret = gnutls_handshake(session),
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
602 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
603 if (TRACE_BOOL(INFO)) {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
604 fd_log_debug("TLS re-handshake failed on socket %d (%s) : %s", conn->cc_socket, conn->cc_id, gnutls_strerror(ret));
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
605 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
606 goto end;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
607 } );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
608 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
609
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
610 case GNUTLS_E_AGAIN:
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
611 case GNUTLS_E_INTERRUPTED:
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
612 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING))
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
613 goto again;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
614 TRACE_DEBUG(FULL, "Connection is closing, so abord gnutls_record_recv now.");
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
615 break;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
616
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
617 case GNUTLS_E_UNEXPECTED_PACKET_LENGTH:
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
618 /* The connection is closed */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
619 TRACE_DEBUG(FULL, "Got 0 size while reading the socket, probably connection closed...");
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
620 break;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
621
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
622 case GNUTLS_E_WARNING_ALERT_RECEIVED:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
623 LOG_N("Received TLS WARNING ALERT: %s", gnutls_alert_get_name(gnutls_alert_get(session)) ?: "<unknown alert>");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
624 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING))
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
625 goto again;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
626 TRACE_DEBUG(FULL, "Connection is closing, so abord gnutls_record_recv now.");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
627 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
628
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
629 case GNUTLS_E_FATAL_ALERT_RECEIVED:
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
630 LOG_E("Received TLS FATAL ALERT: %s", gnutls_alert_get_name(gnutls_alert_get(session)) ?: "<unknown alert>");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
631 break;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
632
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
633 default:
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
634 if (gnutls_error_is_fatal (ret) == 0) {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
635 LOG_N("Ignoring non-fatal GNU TLS error: %s", gnutls_strerror (ret));
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
636 goto again;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
637 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
638 LOG_E("Fatal GNUTLS error: %s", gnutls_strerror (ret));
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
639 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
640 } );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
641
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
642 if (ret == 0)
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
643 CHECK_GNUTLS_DO( gnutls_bye(session, GNUTLS_SHUT_RDWR), );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
644
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
645 end:
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
646 if (ret <= 0)
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
647 fd_cnx_markerror(conn);
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
648 return ret;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
649 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
650
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
651 /* Receiver thread that reassemble the decrypted messages (when size is > 2<<14) for upper layer. Very similar to fd_tls_rcvthr_core in this version */
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
652 void * fd_sctp_dtls_rcvthr(void * arg) {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
653
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
654 struct cnxctx * conn = arg;
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
655
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
656 TRACE_ENTRY("%p", arg);
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
657 CHECK_PARAMS_DO(conn && (conn->cc_socket > 0), return NULL );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
658
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
659 /* Set the thread name */
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
660 {
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
661 char buf[48];
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
662 snprintf(buf, sizeof(buf), "Receiver (%d) DTLS", conn->cc_socket);
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
663 fd_log_threadname ( buf );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
664 }
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
665
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
666 ASSERT( fd_cnx_teststate(conn, CC_STATUS_TLS) );
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
667 ASSERT( fd_cnx_target_queue(conn) );
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
668
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
669 /* The next function only returns when there is an error on the socket */
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
670 CHECK_FCT_DO(fd_tls_rcvthr_core(conn, conn->cc_tls_para.session, 1), /* continue */);
1188
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
671
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
672 TRACE_DEBUG(FULL, "Thread terminated");
e1ced4db7f67 Backup work in progress on DTLS, not usable
Sebastien Decugis <sdecugis@freediameter.net>
parents:
diff changeset
673 return NULL;
1226
835fe2345db6 Update send logic per Nikos Mavrogiannopoulos comments
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1225
diff changeset
674 }
835fe2345db6 Update send logic per Nikos Mavrogiannopoulos comments
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1225
diff changeset
675
835fe2345db6 Update send logic per Nikos Mavrogiannopoulos comments
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1225
diff changeset
676
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
677
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
678 /* Send a new Diameter message over the association */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
679 int fd_sctp_dtls_send(struct cnxctx * conn, unsigned char * buf, size_t len)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
680 {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
681 ssize_t ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
682 size_t sent = 0;
1227
33b94b5b8289 Use path_mtu instead of MTU. Now large packets exchange are successful.
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1226
diff changeset
683 size_t maxlen = gnutls_dtls_get_data_mtu(conn->cc_tls_para.session);
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
684 TRACE_ENTRY("%p %p %zd", conn, buf, len);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
685
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
686 CHECK_PARAMS(conn);
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
687
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
688 /* First, decide which stream this data will be sent to */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
689 if (conn->cc_sctp_para.str_out > 32) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
690 TODO("Limiting to 32 streams. Remove this limit when anti-replay is disabled");
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
691 conn->cc_sctp_para.str_out = 32;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
692 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
693 if (conn->cc_sctp_para.str_out > 1) {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
694 conn->cc_sctp_para.next += 1;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
695 conn->cc_sctp_para.next %= conn->cc_sctp_para.str_out;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
696 } else {
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
697 conn->cc_sctp_para.next = 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
698 }
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
699
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
700 /* Now send the data over this stream. Do it in a loop in case the length is larger than the MTU */
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
701 do {
1226
835fe2345db6 Update send logic per Nikos Mavrogiannopoulos comments
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1225
diff changeset
702 size_t tosend = len - sent;
1227
33b94b5b8289 Use path_mtu instead of MTU. Now large packets exchange are successful.
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1226
diff changeset
703 if (tosend > maxlen)
33b94b5b8289 Use path_mtu instead of MTU. Now large packets exchange are successful.
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1226
diff changeset
704 tosend = maxlen;
1226
835fe2345db6 Update send logic per Nikos Mavrogiannopoulos comments
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1225
diff changeset
705 CHECK_GNUTLS_DO( ret = fd_tls_send_handle_error(conn, conn->cc_tls_para.session, buf + sent, tosend), );
1217
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
706 if (ret <= 0)
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
707 return ENOTCONN;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
708
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
709 sent += ret;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
710 } while ( sent < len );
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
711 return 0;
1e8267ad057c Implemented early version of sctp_dtls.c, for debug
Sebastien Decugis <sdecugis@freediameter.net>
parents: 1188
diff changeset
712 }
"Welcome to our mercurial repository"