freeDiameter: libfdcore/cnxctx.c annotate

annotate libfdcore/cnxctx.c @ 1181:22de21feec64

Preparing for DTLS support

author	Sebastien Decugis <sdecugis@freediameter.net>
date	Wed, 05 Jun 2013 19:22:26 +0800
parents	773498f59520
children	56c36d1007b4

rev	line source
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1 /*********************************************************************************************************
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	2 * Software License Agreement (BSD License) *
740 4a9f08d6b6ba Updated my mail address Sebastien Decugis <sdecugis@nict.go.jp> parents: 730 diff changeset	3 * Author: Sebastien Decugis <sdecugis@freediameter.net> *
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	4 * *
928 5053f1abcf5d Updated copyright information Sebastien Decugis <sdecugis@freediameter.net> parents: 927 diff changeset	5 * Copyright (c) 2013, WIDE Project and NICT *
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	6 * All rights reserved. *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	7 * *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	8 * Redistribution and use of this software in source and binary forms, with or without modification, are *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	9 * permitted provided that the following conditions are met: *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	10 * *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	11 * * Redistributions of source code must retain the above *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	12 * copyright notice, this list of conditions and the *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	13 * following disclaimer. *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	14 * *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	15 * * Redistributions in binary form must reproduce the above *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	16 * copyright notice, this list of conditions and the *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	17 * following disclaimer in the documentation and/or other *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	18 * materials provided with the distribution. *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	19 * *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	20 * * Neither the name of the WIDE Project or NICT nor the *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	21 * names of its contributors may be used to endorse or *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	22 * promote products derived from this software without *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	23 * specific prior written permission of WIDE Project and *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	24 * NICT. *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	25 * *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	34 *********************************************************************************************************/
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	35
658 f198d16fa7f4 Initial commit for 1.1.0: Sebastien Decugis <sdecugis@nict.go.jp> parents: 591 diff changeset	36 #include "fdcore-internal.h"
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	37 #include "cnxctx.h"
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	38
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	39 #include <net/if.h>
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	40 #include <ifaddrs.h> /* for getifaddrs */
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	41
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	42 /* The maximum size of Diameter message we accept to receive (<= 2^24) to avoid too big mallocs in case of trashed headers */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	43 #ifndef DIAMETER_MSG_SIZE_MAX
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	44 #define DIAMETER_MSG_SIZE_MAX 65535 /* in bytes */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	45 #endif /* DIAMETER_MSG_SIZE_MAX */
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	46
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	47
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	48 /* Connections contexts (cnxctx) in freeDiameter are wrappers around the sockets and TLS operations .
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	49 * They are used to hide the details of the processing to the higher layers of the daemon.
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	50 * They are always oriented on connections (TCP or SCTP), connectionless modes (UDP or SCTP) are not supported.
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	51 */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	52
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	53 /* Lifetime of a cnxctx object:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	54 * 1) Creation
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	55 * a) a server socket:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	56 * - create the object with fd_cnx_serv_tcp or fd_cnx_serv_sctp
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	57 * - start listening incoming connections: fd_cnx_serv_listen
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	58 * - accept new clients with fd_cnx_serv_accept.
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	59 * b) a client socket:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	60 * - connect to a remote server with fd_cnx_cli_connect
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	61 *
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	62 * 2) Initialization
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	63 * - if TLS is started first, call fd_cnx_handshake
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	64 * - otherwise to receive clear messages, call fd_cnx_start_clear. fd_cnx_handshake can be called later.
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	65 *
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	66 * 3) Usage
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	67 * - fd_cnx_receive, fd_cnx_send : exchange messages on this connection (send is synchronous, receive is not, but blocking).
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	68 * - fd_cnx_recv_setaltfifo : when a message is received, the event is sent to an external fifo list. fd_cnx_receive does not work when the alt_fifo is set.
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	69 * - fd_cnx_getid : retrieve a descriptive string for the connection (for debug)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	70 * - fd_cnx_getremoteid : identification of the remote peer (IP address or fqdn)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	71 * - fd_cnx_getcred : get the remote peer TLS credentials, after handshake
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	72 *
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	73 * 4) End
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	74 * - fd_cnx_destroy
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	75 */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	76
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	77 /*******************************************/
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	78 /* Creation of a connection object */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	79 /*******************************************/
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	80
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	81 /* Initialize a context structure */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	82 static struct cnxctx * fd_cnx_init(int full)
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	83 {
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	84 struct cnxctx * conn = NULL;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	85
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	86 TRACE_ENTRY("%d", full);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	87
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	88 CHECK_MALLOC_DO( conn = malloc(sizeof(struct cnxctx)), return NULL );
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	89 memset(conn, 0, sizeof(struct cnxctx));
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	90
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	91 if (full) {
767 c47c16436f71 Added a limit on fifo queues to avoid memory exaustion when messages are received faster than handled Sebastien Decugis <sdecugis@nict.go.jp> parents: 740 diff changeset	92 CHECK_FCT_DO( fd_fifo_new ( &conn->cc_incoming, 5 ), return NULL );
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	93 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	94
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	95 return conn;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	96 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	97
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	98 #define CC_ID_HDR "{----} "
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	99
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	100 /* Create and bind a server socket to the given endpoint and port */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	101 struct cnxctx * fd_cnx_serv_tcp(uint16_t port, int family, struct fd_endpoint * ep)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	102 {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	103 struct cnxctx * cnx = NULL;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	104 sSS dummy;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	105 sSA * sa = (sSA *) &dummy;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	106
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	107 TRACE_ENTRY("%hu %d %p", port, family, ep);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	108
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	109 CHECK_PARAMS_DO( port, return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	110 CHECK_PARAMS_DO( ep \|\| family, return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	111 CHECK_PARAMS_DO( (! family) \|\| (family == AF_INET) \|\| (family == AF_INET6), return NULL );
730 e21d79595045 minor improvements Sebastien Decugis <sdecugis@nict.go.jp> parents: 711 diff changeset	112 CHECK_PARAMS_DO( (! ep) \|\| (ep->ss.ss_family == AF_INET) \|\| (ep->ss.ss_family == AF_INET6), return NULL );
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	113 CHECK_PARAMS_DO( (! ep) \|\| (!family) \|\| (ep->ss.ss_family == family), return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	114
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	115 /* The connection object */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	116 CHECK_MALLOC_DO( cnx = fd_cnx_init(0), return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	117
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	118 /* Prepare the socket address information */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	119 if (ep) {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	120 memcpy(sa, &ep->ss, sizeof(sSS));
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	121 } else {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	122 memset(&dummy, 0, sizeof(dummy));
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	123 sa->sa_family = family;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	124 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	125 if (sa->sa_family == AF_INET) {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	126 ((sSA4 *)sa)->sin_port = htons(port);
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	127 cnx->cc_family = AF_INET;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	128 } else {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	129 ((sSA6 *)sa)->sin6_port = htons(port);
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	130 cnx->cc_family = AF_INET6;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	131 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	132
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	133 /* Create the socket */
246 6418a188c1b5 getnameinfo is also more sensitive on freeBSD Sebastien Decugis <sdecugis@nict.go.jp> parents: 245 diff changeset	134 CHECK_FCT_DO( fd_tcp_create_bind_server( &cnx->cc_socket, sa, sSAlen(sa) ), goto error );
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	135
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	136 /* Generate the name for the connection object */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	137 {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	138 char addrbuf[INET6_ADDRSTRLEN];
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	139 int rc;
247 f89b5a12d2af Forgot a couple of getnameinfo Sebastien Decugis <sdecugis@nict.go.jp> parents: 246 diff changeset	140 rc = getnameinfo(sa, sSAlen(sa), addrbuf, sizeof(addrbuf), NULL, 0, NI_NUMERICHOST);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	141 if (rc)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	142 snprintf(addrbuf, sizeof(addrbuf), "[err:%s]", gai_strerror(rc));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	143 snprintf(cnx->cc_id, sizeof(cnx->cc_id), CC_ID_HDR "TCP srv [%s]:%hu (%d)", addrbuf, port, cnx->cc_socket);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	144 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	145
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	146 cnx->cc_proto = IPPROTO_TCP;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	147
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	148 return cnx;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	149
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	150 error:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	151 fd_cnx_destroy(cnx);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	152 return NULL;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	153 }
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	154
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	155 /* Same function for SCTP, with a list of local endpoints to bind to */
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	156 struct cnxctx * fd_cnx_serv_sctp(uint16_t port, struct fd_list * ep_list)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	157 {
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	158 #ifdef DISABLE_SCTP
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	159 TRACE_DEBUG(INFO, "This function should never been called when SCTP is disabled...");
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	160 ASSERT(0);
709 19a9470de77a Fix a few compilations errors and warnings Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	161 CHECK_FCT_DO( ENOTSUP, );
19a9470de77a Fix a few compilations errors and warnings Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	162 return NULL;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	163 #else /* DISABLE_SCTP */
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	164 struct cnxctx * cnx = NULL;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	165
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	166 TRACE_ENTRY("%hu %p", port, ep_list);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	167
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	168 CHECK_PARAMS_DO( port, return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	169
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	170 /* The connection object */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	171 CHECK_MALLOC_DO( cnx = fd_cnx_init(0), return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	172
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	173 if (fd_g_config->cnf_flags.no_ip6) {
5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	174 cnx->cc_family = AF_INET;
5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	175 } else {
5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	176 cnx->cc_family = AF_INET6; /* can create socket for both IP and IPv6 */
5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	177 }
5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	178
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	179 /* Create the socket */
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	180 CHECK_FCT_DO( fd_sctp_create_bind_server( &cnx->cc_socket, cnx->cc_family, ep_list, port ), goto error );
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	181
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	182 /* Generate the name for the connection object */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	183 snprintf(cnx->cc_id, sizeof(cnx->cc_id), CC_ID_HDR "SCTP srv :%hu (%d)", port, cnx->cc_socket);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	184
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	185 cnx->cc_proto = IPPROTO_SCTP;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	186
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	187 return cnx;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	188
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	189 error:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	190 fd_cnx_destroy(cnx);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	191 return NULL;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	192 #endif /* DISABLE_SCTP */
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	193 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	194
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	195 /* Allow clients to connect on the server socket */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	196 int fd_cnx_serv_listen(struct cnxctx * conn)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	197 {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	198 CHECK_PARAMS( conn );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	199
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	200 switch (conn->cc_proto) {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	201 case IPPROTO_TCP:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	202 CHECK_FCT(fd_tcp_listen(conn->cc_socket));
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	203 break;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	204
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	205 #ifndef DISABLE_SCTP
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	206 case IPPROTO_SCTP:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	207 CHECK_FCT(fd_sctp_listen(conn->cc_socket));
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	208 break;
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	209 #endif /* DISABLE_SCTP */
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	210
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	211 default:
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	212 CHECK_PARAMS(0);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	213 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	214
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	215 return 0;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	216 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	217
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	218 /* Accept a client (blocking until a new client connects) -- cancelable */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	219 struct cnxctx * fd_cnx_serv_accept(struct cnxctx * serv)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	220 {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	221 struct cnxctx * cli = NULL;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	222 sSS ss;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	223 socklen_t ss_len = sizeof(ss);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	224 int cli_sock = 0;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	225
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	226 TRACE_ENTRY("%p", serv);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	227 CHECK_PARAMS_DO(serv, return NULL);
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	228
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	229 /* Accept the new connection -- this is blocking until new client enters or until cancellation */
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	230 CHECK_SYS_DO( cli_sock = accept(serv->cc_socket, (sSA *)&ss, &ss_len), return NULL );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	231
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	232 CHECK_MALLOC_DO( cli = fd_cnx_init(1), { shutdown(cli_sock, SHUT_RDWR); close(cli_sock); return NULL; } );
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	233 cli->cc_socket = cli_sock;
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	234 cli->cc_family = serv->cc_family;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	235 cli->cc_proto = serv->cc_proto;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	236
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	237 /* Set the timeout */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	238 fd_cnx_s_setto(cli->cc_socket);
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	239
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	240 /* Generate the name for the connection object */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	241 {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	242 char addrbuf[INET6_ADDRSTRLEN];
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	243 char portbuf[10];
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	244 int rc;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	245
711 f7c665948e0c Use size returned by accept Sebastien Decugis <sdecugis@nict.go.jp> parents: 710 diff changeset	246 rc = getnameinfo((sSA *)&ss, ss_len, addrbuf, sizeof(addrbuf), portbuf, sizeof(portbuf), NI_NUMERICHOST \| NI_NUMERICSERV);
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	247 if (rc) {
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	248 snprintf(addrbuf, sizeof(addrbuf), "[err:%s]", gai_strerror(rc));
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	249 portbuf[0] = '\0';
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	250 }
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	251
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	252 /* Numeric values for debug... */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	253 snprintf(cli->cc_id, sizeof(cli->cc_id), CC_ID_HDR "%s from [%s]:%s (%d<-%d)",
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	254 IPPROTO_NAME(cli->cc_proto), addrbuf, portbuf, serv->cc_socket, cli->cc_socket);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	255
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	256
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	257 /* ...Name for log messages */
711 f7c665948e0c Use size returned by accept Sebastien Decugis <sdecugis@nict.go.jp> parents: 710 diff changeset	258 rc = getnameinfo((sSA *)&ss, ss_len, cli->cc_remid, sizeof(cli->cc_remid), NULL, 0, 0);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	259 if (rc)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	260 snprintf(cli->cc_remid, sizeof(cli->cc_remid), "[err:%s]", gai_strerror(rc));
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	261 }
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	262
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	263 LOG_D("Incoming connection: '%s' <- '%s' {%s}", fd_cnx_getid(serv), cli->cc_remid, cli->cc_id);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	264
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	265 #ifndef DISABLE_SCTP
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	266 /* SCTP-specific handlings */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	267 if (cli->cc_proto == IPPROTO_SCTP) {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	268 /* Retrieve the number of streams */
407 7029e6b587ac Fix warning Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	269 CHECK_FCT_DO( fd_sctp_get_str_info( cli->cc_socket, &cli->cc_sctp_para.str_in, &cli->cc_sctp_para.str_out, NULL ), {fd_cnx_destroy(cli); return NULL;} );
396 918fbb92eb8b Attempt to fix #6 Sebastien Decugis <sdecugis@nict.go.jp> parents: 378 diff changeset	270 if (cli->cc_sctp_para.str_out < cli->cc_sctp_para.str_in)
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	271 cli->cc_sctp_para.pairs = cli->cc_sctp_para.str_out;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	272 else
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	273 cli->cc_sctp_para.pairs = cli->cc_sctp_para.str_in;
396 918fbb92eb8b Attempt to fix #6 Sebastien Decugis <sdecugis@nict.go.jp> parents: 378 diff changeset	274
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	275 LOG_A( "%s : client '%s' (SCTP:%d, %d/%d streams)", fd_cnx_getid(serv), fd_cnx_getid(cli), cli->cc_socket, cli->cc_sctp_para.str_in, cli->cc_sctp_para.str_out);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	276 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	277 #endif /* DISABLE_SCTP */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	278
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	279 return cli;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	280 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	281
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	282 /* Client side: connect to a remote server -- cancelable */
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	283 struct cnxctx * fd_cnx_cli_connect_tcp(sSA * sa /* contains the port already */, socklen_t addrlen)
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	284 {
227 80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	285 int sock = 0;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	286 struct cnxctx * cnx = NULL;
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	287 char sa_buf[sSA_DUMP_STRLEN];
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	288
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	289 TRACE_ENTRY("%p %d", sa, addrlen);
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	290 CHECK_PARAMS_DO( sa && addrlen, return NULL );
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	291
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	292 fd_sa_sdump_numeric(sa_buf, sa);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	293
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	294 /* Create the socket and connect, which can take some time and/or fail */
227 80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	295 {
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	296 int ret = fd_tcp_client( &sock, sa, addrlen );
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	297 if (ret != 0) {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	298 LOG_A("TCP connection to %s failed: %s", sa_buf, strerror(ret));
227 80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	299 return NULL;
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	300 }
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	301 }
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	302
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	303 /* Once the socket is created successfuly, prepare the remaining of the cnx */
182 9ed2e3ce4434 Cleaner error handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 156 diff changeset	304 CHECK_MALLOC_DO( cnx = fd_cnx_init(1), { shutdown(sock, SHUT_RDWR); close(sock); return NULL; } );
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	305
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	306 cnx->cc_socket = sock;
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	307 cnx->cc_family = sa->sa_family;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	308 cnx->cc_proto = IPPROTO_TCP;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	309
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	310 /* Set the timeout */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	311 fd_cnx_s_setto(cnx->cc_socket);
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	312
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	313 /* Generate the names for the object */
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	314 {
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	315 int rc;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	316
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	317 snprintf(cnx->cc_id, sizeof(cnx->cc_id), CC_ID_HDR "TCP,#%d->%s", cnx->cc_socket, sa_buf);
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	318
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	319 /* ...Name for log messages */
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	320 rc = getnameinfo(sa, addrlen, cnx->cc_remid, sizeof(cnx->cc_remid), NULL, 0, 0);
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	321 if (rc)
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	322 snprintf(cnx->cc_remid, sizeof(cnx->cc_remid), "[err:%s]", gai_strerror(rc));
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	323 }
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	324
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	325 LOG_A("TCP connection to %s succeed (socket:%d).", sa_buf, sock);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	326
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	327 return cnx;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	328 }
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	329
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	330 /* Same for SCTP, accepts a list of remote addresses to connect to (see sctp_connectx for how they are used) */
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	331 struct cnxctx * fd_cnx_cli_connect_sctp(int no_ip6, uint16_t port, struct fd_list * list)
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	332 {
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	333 #ifdef DISABLE_SCTP
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	334 TRACE_DEBUG(INFO, "This function should never be called when SCTP is disabled...");
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	335 ASSERT(0);
709 19a9470de77a Fix a few compilations errors and warnings Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	336 CHECK_FCT_DO( ENOTSUP, );
19a9470de77a Fix a few compilations errors and warnings Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	337 return NULL;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	338 #else /* DISABLE_SCTP */
227 80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	339 int sock = 0;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	340 struct cnxctx * cnx = NULL;
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	341 char sa_buf[sSA_DUMP_STRLEN];
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	342 sSS primary;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	343
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	344 TRACE_ENTRY("%p", list);
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	345 CHECK_PARAMS_DO( list && !FD_IS_LIST_EMPTY(list), return NULL );
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	346
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	347 fd_sa_sdump_numeric(sa_buf, &((struct fd_endpoint *)(list->next))->sa);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	348
227 80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	349 {
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	350 int ret = fd_sctp_client( &sock, no_ip6, port, list );
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	351 if (ret != 0) {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	352 LOG_A("SCTP connection to [%s,...] failed: %s", sa_buf, strerror(ret));
227 80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	353 return NULL;
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	354 }
80a7e65167c4 Cleanup verbosity and fix unintialized variable Sebastien Decugis <sdecugis@nict.go.jp> parents: 223 diff changeset	355 }
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	356
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	357 /* Once the socket is created successfuly, prepare the remaining of the cnx */
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	358 CHECK_MALLOC_DO( cnx = fd_cnx_init(1), { shutdown(sock, SHUT_RDWR); close(sock); return NULL; } );
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	359
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	360 cnx->cc_socket = sock;
220 5f2ce627db3c Try to fix the old bug on sctp_getpaddrs Sebastien Decugis <sdecugis@nict.go.jp> parents: 214 diff changeset	361 cnx->cc_family = no_ip6 ? AF_INET : AF_INET6;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	362 cnx->cc_proto = IPPROTO_SCTP;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	363
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	364 /* Set the timeout */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	365 fd_cnx_s_setto(cnx->cc_socket);
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	366
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	367 /* Retrieve the number of streams and primary address */
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	368 CHECK_FCT_DO( fd_sctp_get_str_info( sock, &cnx->cc_sctp_para.str_in, &cnx->cc_sctp_para.str_out, &primary ), goto error );
402 1e1dc47ef241 Fix remaining problem, closes #6 Sebastien Decugis <sdecugis@nict.go.jp> parents: 396 diff changeset	369 if (cnx->cc_sctp_para.str_out < cnx->cc_sctp_para.str_in)
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	370 cnx->cc_sctp_para.pairs = cnx->cc_sctp_para.str_out;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	371 else
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	372 cnx->cc_sctp_para.pairs = cnx->cc_sctp_para.str_in;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	373
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	374 fd_sa_sdump_numeric(sa_buf, (sSA *)&primary);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	375
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	376 /* Generate the names for the object */
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	377 {
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	378 int rc;
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	379
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	380 snprintf(cnx->cc_id, sizeof(cnx->cc_id), CC_ID_HDR "SCTP,#%d->%s", cnx->cc_socket, sa_buf);
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	381
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	382 /* ...Name for log messages */
247 f89b5a12d2af Forgot a couple of getnameinfo Sebastien Decugis <sdecugis@nict.go.jp> parents: 246 diff changeset	383 rc = getnameinfo((sSA *)&primary, sSAlen(&primary), cnx->cc_remid, sizeof(cnx->cc_remid), NULL, 0, 0);
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	384 if (rc)
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	385 snprintf(cnx->cc_remid, sizeof(cnx->cc_remid), "[err:%s]", gai_strerror(rc));
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	386 }
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	387
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	388 LOG_A("SCTP connection to %s succeed (socket:%d, %d/%d streams).", sa_buf, sock, cnx->cc_sctp_para.str_in, cnx->cc_sctp_para.str_out);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	389
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	390 return cnx;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	391
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	392 error:
bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	393 fd_cnx_destroy(cnx);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	394 return NULL;
24 bd83ce9328ed Cleanups and completed sctp code (not finished) Sebastien Decugis <sdecugis@nict.go.jp> parents: 23 diff changeset	395 #endif /* DISABLE_SCTP */
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	396 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	397
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	398 /* Return a string describing the connection, for debug */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	399 char * fd_cnx_getid(struct cnxctx * conn)
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	400 {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	401 CHECK_PARAMS_DO( conn, return "" );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	402 return conn->cc_id;
20 277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	403 }
277ec00d793e Backup before typhoon... Progress on server side Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	404
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	405 /* Return the protocol of a connection */
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	406 int fd_cnx_getproto(struct cnxctx * conn)
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	407 {
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	408 CHECK_PARAMS_DO( conn, return 0 );
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	409 return conn->cc_proto;
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	410 }
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	411
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	412 /* Set the hostname to check during handshake */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	413 void fd_cnx_sethostname(struct cnxctx * conn, DiamId_t hn)
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	414 {
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	415 CHECK_PARAMS_DO( conn, return );
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	416 conn->cc_tls_para.cn = hn;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	417 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	418
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	419 /* We share a lock with many threads but we hold it only very short time so it is OK */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	420 static pthread_mutex_t state_lock = PTHREAD_MUTEX_INITIALIZER;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	421 uint32_t fd_cnx_getstate(struct cnxctx * conn)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	422 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	423 uint32_t st;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	424 CHECK_POSIX_DO( pthread_mutex_lock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	425 st = conn->cc_state;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	426 CHECK_POSIX_DO( pthread_mutex_unlock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	427 return st;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	428 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	429 int fd_cnx_teststate(struct cnxctx * conn, uint32_t flag)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	430 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	431 uint32_t st;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	432 CHECK_POSIX_DO( pthread_mutex_lock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	433 st = conn->cc_state;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	434 CHECK_POSIX_DO( pthread_mutex_unlock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	435 return st & flag;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	436 }
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	437 void fd_cnx_update_id(struct cnxctx * conn) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	438 if (conn->cc_state & CC_STATUS_CLOSING)
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	439 conn->cc_id[1] = 'C';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	440 else
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	441 conn->cc_id[1] = '-';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	442
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	443 if (conn->cc_state & CC_STATUS_ERROR)
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	444 conn->cc_id[2] = 'E';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	445 else
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	446 conn->cc_id[2] = '-';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	447
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	448 if (conn->cc_state & CC_STATUS_SIGNALED)
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	449 conn->cc_id[3] = 'S';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	450 else
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	451 conn->cc_id[3] = '-';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	452
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	453 if (conn->cc_state & CC_STATUS_TLS)
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	454 conn->cc_id[4] = 'T';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	455 else
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	456 conn->cc_id[4] = '-';
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	457 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	458 void fd_cnx_addstate(struct cnxctx * conn, uint32_t orstate)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	459 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	460 CHECK_POSIX_DO( pthread_mutex_lock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	461 conn->cc_state \|= orstate;
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	462 fd_cnx_update_id(conn);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	463 CHECK_POSIX_DO( pthread_mutex_unlock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	464 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	465 void fd_cnx_setstate(struct cnxctx * conn, uint32_t abstate)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	466 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	467 CHECK_POSIX_DO( pthread_mutex_lock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	468 conn->cc_state = abstate;
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	469 fd_cnx_update_id(conn);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	470 CHECK_POSIX_DO( pthread_mutex_unlock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	471 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	472
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	473
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	474 /* Return the TLS state of a connection */
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	475 int fd_cnx_getTLS(struct cnxctx * conn)
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	476 {
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	477 CHECK_PARAMS_DO( conn, return 0 );
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	478 return fd_cnx_teststate(conn, CC_STATUS_TLS);
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	479 }
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	480
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	481 /* Return true if the connection supports unordered delivery of messages */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	482 int fd_cnx_isMultichan(struct cnxctx * conn)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	483 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	484 CHECK_PARAMS_DO( conn, return 0 );
709 19a9470de77a Fix a few compilations errors and warnings Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	485 #ifndef DISABLE_SCTP
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	486 if (conn->cc_proto == IPPROTO_SCTP)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	487 return (conn->cc_sctp_para.str_in > 1) \|\| (conn->cc_sctp_para.str_out > 1);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	488 #endif /* DISABLE_SCTP */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	489 return 0;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	490 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	491
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	492
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	493 /* Get the list of endpoints (IP addresses) of the local and remote peers on this connection */
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	494 int fd_cnx_getremoteeps(struct cnxctx * conn, struct fd_list * eps)
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	495 {
1027 0117a7746b21 Fix a number of errors and warnings introduced/highlighted by recent commits Sebastien Decugis <sdecugis@freediameter.net> parents: 999 diff changeset	496 TRACE_ENTRY("%p %p", conn, eps);
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	497 CHECK_PARAMS(conn && eps);
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	498
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	499 /* Check we have a full connection object, not a listening socket (with no remote) */
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	500 CHECK_PARAMS( conn->cc_incoming );
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	501
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	502 /* Retrieve the peer endpoint(s) of the connection */
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	503 switch (conn->cc_proto) {
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	504 case IPPROTO_TCP: {
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	505 sSS ss;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	506 socklen_t sl;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	507 CHECK_FCT(fd_tcp_get_remote_ep(conn->cc_socket, &ss, &sl));
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	508 CHECK_FCT(fd_ep_add_merge( eps, (sSA *)&ss, sl, EP_FL_LL \| EP_FL_PRIMARY ));
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	509 }
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	510 break;
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	511
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	512 #ifndef DISABLE_SCTP
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	513 case IPPROTO_SCTP: {
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	514 CHECK_FCT(fd_sctp_get_remote_ep(conn->cc_socket, eps));
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	515 }
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	516 break;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	517 #endif /* DISABLE_SCTP */
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	518
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	519 default:
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	520 CHECK_PARAMS(0);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	521 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	522
23 db6c40b8b307 Added some code in cnxctx.c mainly Sebastien Decugis <sdecugis@nict.go.jp> parents: 22 diff changeset	523 return 0;
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	524 }
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	525
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	526 /* Get a string describing the remote peer address (ip address or fqdn) */
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	527 char * fd_cnx_getremoteid(struct cnxctx * conn)
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	528 {
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	529 CHECK_PARAMS_DO( conn, return "" );
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	530 return conn->cc_remid;
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	531 }
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	532
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	533 /* Retrieve a list of all IP addresses of the local system from the kernel, using getifaddrs */
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	534 int fd_cnx_get_local_eps(struct fd_list * list)
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	535 {
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	536 struct ifaddrs iflist, cur;
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	537
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	538 CHECK_SYS(getifaddrs(&iflist));
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	539
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	540 for (cur = iflist; cur != NULL; cur = cur->ifa_next) {
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	541 if (cur->ifa_flags & IFF_LOOPBACK)
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	542 continue;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	543
927 8bb4d749ed37 Fix for ticket #43: PPP interface have no address Sebastien Decugis <sdecugis@freediameter.net> parents: 896 diff changeset	544 if (cur->ifa_addr == NULL) /* may happen with ppp interfaces */
8bb4d749ed37 Fix for ticket #43: PPP interface have no address Sebastien Decugis <sdecugis@freediameter.net> parents: 896 diff changeset	545 continue;
8bb4d749ed37 Fix for ticket #43: PPP interface have no address Sebastien Decugis <sdecugis@freediameter.net> parents: 896 diff changeset	546
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	547 if (fd_g_config->cnf_flags.no_ip4 && (cur->ifa_addr->sa_family == AF_INET))
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	548 continue;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	549
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	550 if (fd_g_config->cnf_flags.no_ip6 && (cur->ifa_addr->sa_family == AF_INET6))
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	551 continue;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	552
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	553 CHECK_FCT(fd_ep_add_merge( list, cur->ifa_addr, sSAlen(cur->ifa_addr), EP_FL_LL ));
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	554 }
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	555
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	556 freeifaddrs(iflist);
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	557
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	558 return 0;
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	559 }
41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	560
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	561
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	562 /**************************************/
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	563 /* Use of a connection object */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	564 /**************************************/
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	565
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	566 /* An error occurred on the socket */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	567 void fd_cnx_markerror(struct cnxctx * conn)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	568 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	569 TRACE_ENTRY("%p", conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	570 CHECK_PARAMS_DO( conn, goto fatal );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	571
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	572 TRACE_DEBUG(FULL, "Error flag set for socket %d (%s, %s)", conn->cc_socket, conn->cc_id, conn->cc_remid);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	573
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	574 /* Mark the error */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	575 fd_cnx_addstate(conn, CC_STATUS_ERROR);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	576
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	577 /* Report the error if not reported yet, and not closing */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	578 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING \| CC_STATUS_SIGNALED )) {
223 85dc47afeac7 Cleanup termination Sebastien Decugis <sdecugis@nict.go.jp> parents: 220 diff changeset	579 TRACE_DEBUG(FULL, "Sending FDEVP_CNX_ERROR event");
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	580 CHECK_FCT_DO( fd_event_send( fd_cnx_target_queue(conn), FDEVP_CNX_ERROR, 0, NULL), goto fatal);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	581 fd_cnx_addstate(conn, CC_STATUS_SIGNALED);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	582 }
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	583
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	584 return;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	585 fatal:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	586 /* An unrecoverable error occurred, stop the daemon */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	587 ASSERT(0);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	588 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	589 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	590
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	591 /* Set the timeout option on the socket */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	592 void fd_cnx_s_setto(int sock)
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	593 {
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	594 struct timeval tv;
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	595
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	596 /* Set a timeout on the socket so that in any case we are not stuck waiting for something */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	597 memset(&tv, 0, sizeof(tv));
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	598 tv.tv_sec = 3; /* allow 3 seconds timeout for TLS session cleanup */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	599 CHECK_SYS_DO( setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)), /* best effort only */ );
201 1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	600 CHECK_SYS_DO( setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)), /* Also timeout for sending, to avoid waiting forever */ );
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	601 }
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	602
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	603 /* A recv-like function, taking a cnxctx object instead of socket as entry. We use it to quickly react to timeouts without traversing GNUTLS wrapper each time */
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	604 ssize_t fd_cnx_s_recv(struct cnxctx * conn, void *buffer, size_t length)
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	605 {
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	606 ssize_t ret = 0;
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	607 int timedout = 0;
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	608 again:
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	609 ret = recv(conn->cc_socket, buffer, length, 0);
710 e60376cb15e8 Minor changes Sebastien Decugis <sdecugis@nict.go.jp> parents: 709 diff changeset	610 /* Handle special case of timeout / interrupts */
e60376cb15e8 Minor changes Sebastien Decugis <sdecugis@nict.go.jp> parents: 709 diff changeset	611 if ((ret < 0) && ((errno == EAGAIN) \|\| (errno == EINTR))) {
e60376cb15e8 Minor changes Sebastien Decugis <sdecugis@nict.go.jp> parents: 709 diff changeset	612 pthread_testcancel();
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	613 if (! fd_cnx_teststate(conn, CC_STATUS_CLOSING ))
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	614 goto again; /* don't care, just ignore */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	615 if (!timedout) {
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	616 timedout ++; /* allow for one timeout while closing */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	617 goto again;
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	618 }
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	619 }
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	620
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	621 /* Mark the error */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	622 if (ret <= 0) {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	623 CHECK_SYS_DO(ret, /* continue, this is only used to log the error here */);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	624 fd_cnx_markerror(conn);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	625 }
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	626
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	627 return ret;
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	628 }
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	629
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	630 /* Send */
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	631 static ssize_t fd_cnx_s_send(struct cnxctx * conn, void *buffer, size_t length)
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	632 {
201 1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	633 ssize_t ret = 0;
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	634 int timedout = 0;
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	635 again:
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	636 ret = send(conn->cc_socket, buffer, length, 0);
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	637 /* Handle special case of timeout */
710 e60376cb15e8 Minor changes Sebastien Decugis <sdecugis@nict.go.jp> parents: 709 diff changeset	638 if ((ret < 0) && ((errno == EAGAIN) \|\| (errno == EINTR))) {
e60376cb15e8 Minor changes Sebastien Decugis <sdecugis@nict.go.jp> parents: 709 diff changeset	639 pthread_testcancel();
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	640 if (! fd_cnx_teststate(conn, CC_STATUS_CLOSING ))
201 1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	641 goto again; /* don't care, just ignore */
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	642 if (!timedout) {
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	643 timedout ++; /* allow for one timeout while closing */
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	644 goto again;
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	645 }
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	646 CHECK_SYS_DO(ret, /* continue */);
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	647 }
1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	648
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	649 /* Mark the error */
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	650 if (ret <= 0)
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	651 fd_cnx_markerror(conn);
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	652
201 1b47afa59358 Also timeout on sends Sebastien Decugis <sdecugis@nict.go.jp> parents: 199 diff changeset	653 return ret;
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	654 }
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	655
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	656 #define ALIGNOF(t) ((char )(&((struct { char c; t _h; } )0)->_h) - (char )0) / Could use __alignof__(t) on some systems but this is more portable probably */
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	657 #define PMDL_PADDED(len) ( ((len) + ALIGNOF(struct fd_msg_pmdl) - 1) & ~(ALIGNOF(struct fd_msg_pmdl) - 1) )
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	658
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	659 size_t fd_msg_pmdl_sizewithoverhead(size_t datalen)
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	660 {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	661 return PMDL_PADDED(datalen) + sizeof(struct fd_msg_pmdl);
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	662 }
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	663
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	664 struct fd_msg_pmdl * fd_msg_pmdl_get_inbuf(uint8_t * buf, size_t datalen)
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	665 {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	666 return (struct fd_msg_pmdl *)(buf + PMDL_PADDED(datalen));
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	667 }
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	668
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	669 static int fd_cnx_init_msg_buffer(uint8_t * buffer, size_t expected_len, struct fd_msg_pmdl ** pmdl)
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	670 {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	671 *pmdl = fd_msg_pmdl_get_inbuf(buffer, expected_len);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	672 fd_list_init(&(*pmdl)->sentinel, NULL);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	673 CHECK_POSIX(pthread_mutex_init(&(*pmdl)->lock, NULL) );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	674 return 0;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	675 }
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	676
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	677 static uint8_t * fd_cnx_alloc_msg_buffer(size_t expected_len, struct fd_msg_pmdl ** pmdl)
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	678 {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	679 uint8_t * ret = NULL;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	680
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	681 CHECK_MALLOC_DO( ret = malloc( fd_msg_pmdl_sizewithoverhead(expected_len) ), return NULL );
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	682 CHECK_FCT_DO( fd_cnx_init_msg_buffer(ret, expected_len, pmdl), {free(ret); return NULL;} );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	683 return ret;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	684 }
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	685
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	686 #ifndef DISABLE_SCTP /* WE use this function only in SCTP code */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	687 static uint8_t * fd_cnx_realloc_msg_buffer(uint8_t * buffer, size_t expected_len, struct fd_msg_pmdl ** pmdl)
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	688 {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	689 uint8_t * ret = NULL;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	690
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	691 CHECK_MALLOC_DO( ret = realloc( buffer, fd_msg_pmdl_sizewithoverhead(expected_len) ), return NULL );
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	692 CHECK_FCT_DO( fd_cnx_init_msg_buffer(ret, expected_len, pmdl), {free(ret); return NULL;} );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	693 return ret;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	694 }
1141 3ae22e5dc56c Fix a few compilation warnings/errors Sebastien Decugis <sdecugis@freediameter.net> parents: 1103 diff changeset	695 #endif /* DISABLE_SCTP */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	696
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	697 static void free_rcvdata(void * arg)
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	698 {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	699 struct fd_cnx_rcvdata * data = arg;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	700 struct fd_msg_pmdl * pmdl = fd_msg_pmdl_get_inbuf(data->buffer, data->length);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	701 (void) pthread_mutex_destroy(&pmdl->lock);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	702 free(data->buffer);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	703 }
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	704
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	705 /* Receiver thread (TCP & noTLS) : incoming message is directly saved into the target queue */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	706 static void * rcvthr_notls_tcp(void * arg)
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	707 {
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	708 struct cnxctx * conn = arg;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	709
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	710 TRACE_ENTRY("%p", arg);
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	711 CHECK_PARAMS_DO(conn && (conn->cc_socket > 0), goto out);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	712
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	713 /* Set the thread name */
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	714 {
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	715 char buf[48];
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	716 snprintf(buf, sizeof(buf), "Receiver (%d) TCP/noTLS)", conn->cc_socket);
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	717 fd_log_threadname ( buf );
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	718 }
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	719
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	720 ASSERT( conn->cc_proto == IPPROTO_TCP );
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	721 ASSERT( ! fd_cnx_teststate(conn, CC_STATUS_TLS ) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	722 ASSERT( fd_cnx_target_queue(conn) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	723
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	724 /* Receive from a TCP connection: we have to rebuild the message boundaries */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	725 do {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	726 uint8_t header[4];
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	727 struct fd_cnx_rcvdata rcv_data;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	728 struct fd_msg_pmdl *pmdl=NULL;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	729 ssize_t ret = 0;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	730 size_t received = 0;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	731
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	732 do {
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	733 ret = fd_cnx_s_recv(conn, &header[received], sizeof(header) - received);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	734 if (ret <= 0) {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	735 goto out; /* Stop the thread, the event was already sent */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	736 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	737
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	738 received += ret;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	739 } while (received < sizeof(header));
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	740
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	741 rcv_data.length = ((size_t)header[1] << 16) + ((size_t)header[2] << 8) + (size_t)header[3];
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	742
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	743 /* Check the received word is a valid begining of a Diameter message */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	744 if ((header[0] != DIAMETER_VERSION) /* defined in <libfdproto.h> */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	745 \|\| (rcv_data.length > DIAMETER_MSG_SIZE_MAX)) { /* to avoid too big mallocs */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	746 /* The message is suspect */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	747 LOG_E( "Received suspect header [ver: %d, size: %zd] from '%s', assuming disconnection", (int)header[0], rcv_data.length, conn->cc_remid);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	748 fd_cnx_markerror(conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	749 goto out; /* Stop the thread, the recipient of the event will cleanup */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	750 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	751
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	752 /* Ok, now we can really receive the data */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	753 CHECK_MALLOC_DO( rcv_data.buffer = fd_cnx_alloc_msg_buffer( rcv_data.length, &pmdl ), goto fatal );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	754 memcpy(rcv_data.buffer, header, sizeof(header));
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	755
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	756 while (received < rcv_data.length) {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	757 pthread_cleanup_push(free_rcvdata, &rcv_data); /* In case we are canceled, clean the partialy built buffer */
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	758 ret = fd_cnx_s_recv(conn, rcv_data.buffer + received, rcv_data.length - received);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	759 pthread_cleanup_pop(0);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	760
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	761 if (ret <= 0) {
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	762 free_rcvdata(&rcv_data);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	763 goto out;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	764 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	765 received += ret;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	766 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	767
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	768 fd_hook_call(HOOK_DATA_RECEIVED, NULL, NULL, &rcv_data, pmdl);
1098 f38d77f9cfd3 Initial implementation of the hook mechanism Sebastien Decugis <sdecugis@freediameter.net> parents: 1084 diff changeset	769
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	770 /* We have received a complete message, pass it to the daemon */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	771 CHECK_FCT_DO( fd_event_send( fd_cnx_target_queue(conn), FDEVP_CNX_MSG_RECV, rcv_data.length, rcv_data.buffer),
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	772 {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	773 free_rcvdata(&rcv_data);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	774 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	775 return NULL;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	776 } );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	777
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	778 } while (conn->cc_loop);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	779
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	780 out:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	781 TRACE_DEBUG(FULL, "Thread terminated");
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	782 return NULL;
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	783
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	784 fatal:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	785 /* An unrecoverable error occurred, stop the daemon */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	786 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	787 goto out;
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	788 }
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	789
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	790 #ifndef DISABLE_SCTP
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	791 /* Receiver thread (SCTP & noTLS) : incoming message is directly saved into cc_incoming, no need to care for the stream ID */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	792 static void * rcvthr_notls_sctp(void * arg)
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	793 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	794 struct cnxctx * conn = arg;
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	795 struct fd_cnx_rcvdata rcv_data;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	796 int event;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	797
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	798 TRACE_ENTRY("%p", arg);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	799 CHECK_PARAMS_DO(conn && (conn->cc_socket > 0), goto fatal);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	800
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	801 /* Set the thread name */
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	802 {
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	803 char buf[48];
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	804 snprintf(buf, sizeof(buf), "Receiver (%d) SCTP/noTLS)", conn->cc_socket);
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	805 fd_log_threadname ( buf );
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	806 }
5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	807
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	808 ASSERT( conn->cc_proto == IPPROTO_SCTP );
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	809 ASSERT( ! fd_cnx_teststate(conn, CC_STATUS_TLS ) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	810 ASSERT( fd_cnx_target_queue(conn) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	811
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	812 do {
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	813 struct fd_msg_pmdl *pmdl=NULL;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	814 CHECK_FCT_DO( fd_sctp_recvmeta(conn, NULL, &rcv_data.buffer, &rcv_data.length, &event), goto fatal );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	815 if (event == FDEVP_CNX_ERROR) {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	816 fd_cnx_markerror(conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	817 goto out;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	818 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	819
228 dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	820 if (event == FDEVP_CNX_SHUTDOWN) {
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	821 /* Just ignore the notification for now, we will get another error later anyway */
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	822 continue;
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	823 }
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	824
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	825 if (event == FDEVP_CNX_MSG_RECV) {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	826 CHECK_MALLOC_DO( rcv_data.buffer = fd_cnx_realloc_msg_buffer(rcv_data.buffer, rcv_data.length, &pmdl), goto fatal );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	827 fd_hook_call(HOOK_DATA_RECEIVED, NULL, NULL, &rcv_data, pmdl);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	828 }
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	829 CHECK_FCT_DO( fd_event_send( fd_cnx_target_queue(conn), event, rcv_data.length, rcv_data.buffer), goto fatal );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	830
250 07624e65c7e0 Loop anyway until we get a real message or an error Sebastien Decugis <sdecugis@nict.go.jp> parents: 247 diff changeset	831 } while (conn->cc_loop \|\| (event != FDEVP_CNX_MSG_RECV));
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	832
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	833 out:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	834 TRACE_DEBUG(FULL, "Thread terminated");
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	835 return NULL;
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	836
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	837 fatal:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	838 /* An unrecoverable error occurred, stop the daemon */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	839 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	840 goto out;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	841 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	842 #endif /* DISABLE_SCTP */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	843
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	844 /* Start receving messages in clear (no TLS) on the connection */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	845 int fd_cnx_start_clear(struct cnxctx * conn, int loop)
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	846 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	847 TRACE_ENTRY("%p %i", conn, loop);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	848
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	849 CHECK_PARAMS( conn && fd_cnx_target_queue(conn) && (!fd_cnx_teststate(conn, CC_STATUS_TLS)) && (!conn->cc_loop));
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	850
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	851 /* Release resources in case of a previous call was already made */
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	852 CHECK_FCT_DO( fd_thr_term(&conn->cc_rcvthr), /* continue */);
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	853
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	854 /* Save the loop request */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	855 conn->cc_loop = loop;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	856
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	857 switch (conn->cc_proto) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	858 case IPPROTO_TCP:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	859 /* Start the tcp_notls thread */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	860 CHECK_POSIX( pthread_create( &conn->cc_rcvthr, NULL, rcvthr_notls_tcp, conn ) );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	861 break;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	862 #ifndef DISABLE_SCTP
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	863 case IPPROTO_SCTP:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	864 /* Start the tcp_notls thread */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	865 CHECK_POSIX( pthread_create( &conn->cc_rcvthr, NULL, rcvthr_notls_sctp, conn ) );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	866 break;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	867 #endif /* DISABLE_SCTP */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	868 default:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	869 TRACE_DEBUG(INFO, "Unknown protocol: %d", conn->cc_proto);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	870 ASSERT(0);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	871 return ENOTSUP;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	872 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	873
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	874 return 0;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	875 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	876
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	877
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	878
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	879
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	880 /* Returns 0 on error, received data size otherwise (always >= 0). This is not used for DTLS-protected associations. */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	881 static ssize_t fd_tls_recv_handle_error(struct cnxctx * conn, gnutls_session_t session, void * data, size_t sz)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	882 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	883 ssize_t ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	884 again:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	885 CHECK_GNUTLS_DO( ret = gnutls_record_recv(session, data, sz),
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	886 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	887 switch (ret) {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	888 case GNUTLS_E_REHANDSHAKE:
803 d5a4b5e175c2 Add timeout in gnutls_handshake for version 3.1.x Sebastien Decugis <sdecugis@nict.go.jp> parents: 767 diff changeset	889 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	890 CHECK_GNUTLS_DO( ret = gnutls_handshake(session),
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	891 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	892 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	893 fd_log_debug("TLS re-handshake failed on socket %d (%s) : %s", conn->cc_socket, conn->cc_id, gnutls_strerror(ret));
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	894 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	895 goto end;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	896 } );
803 d5a4b5e175c2 Add timeout in gnutls_handshake for version 3.1.x Sebastien Decugis <sdecugis@nict.go.jp> parents: 767 diff changeset	897 }
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	898
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	899 case GNUTLS_E_AGAIN:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	900 case GNUTLS_E_INTERRUPTED:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	901 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING))
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	902 goto again;
228 dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	903 TRACE_DEBUG(FULL, "Connection is closing, so abord gnutls_record_recv now.");
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	904 break;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	905
228 dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	906 case GNUTLS_E_UNEXPECTED_PACKET_LENGTH:
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	907 /* The connection is closed */
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	908 TRACE_DEBUG(FULL, "Got 0 size while reading the socket, probably connection closed...");
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	909 break;
dcb58243e91f More cleanups Sebastien Decugis <sdecugis@nict.go.jp> parents: 227 diff changeset	910
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	911 default:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	912 if (gnutls_error_is_fatal (ret) == 0) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	913 LOG_N("Ignoring non-fatal GNU TLS error: %s", gnutls_strerror (ret));
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	914 goto again;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	915 }
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	916 LOG_E("Fatal GNUTLS error: %s", gnutls_strerror (ret));
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	917 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	918 } );
251 52c1547dab42 Call gnutls_bye on closing connection Sebastien Decugis <sdecugis@nict.go.jp> parents: 250 diff changeset	919
52c1547dab42 Call gnutls_bye on closing connection Sebastien Decugis <sdecugis@nict.go.jp> parents: 250 diff changeset	920 if (ret == 0)
52c1547dab42 Call gnutls_bye on closing connection Sebastien Decugis <sdecugis@nict.go.jp> parents: 250 diff changeset	921 CHECK_GNUTLS_DO( gnutls_bye(session, GNUTLS_SHUT_RDWR), );
52c1547dab42 Call gnutls_bye on closing connection Sebastien Decugis <sdecugis@nict.go.jp> parents: 250 diff changeset	922
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	923 end:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	924 if (ret <= 0)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	925 fd_cnx_markerror(conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	926 return ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	927 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	928
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	929 /* Wrapper around gnutls_record_send to handle some error codes. This is also used for DTLS-protected associations */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	930 static ssize_t fd_tls_send_handle_error(struct cnxctx * conn, gnutls_session_t session, void * data, size_t sz)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	931 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	932 ssize_t ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	933 again:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	934 CHECK_GNUTLS_DO( ret = gnutls_record_send(session, data, sz),
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	935 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	936 switch (ret) {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	937 case GNUTLS_E_REHANDSHAKE:
803 d5a4b5e175c2 Add timeout in gnutls_handshake for version 3.1.x Sebastien Decugis <sdecugis@nict.go.jp> parents: 767 diff changeset	938 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	939 CHECK_GNUTLS_DO( ret = gnutls_handshake(session),
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	940 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	941 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	942 fd_log_debug("TLS re-handshake failed on socket %d (%s) : %s", conn->cc_socket, conn->cc_id, gnutls_strerror(ret));
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	943 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	944 goto end;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	945 } );
803 d5a4b5e175c2 Add timeout in gnutls_handshake for version 3.1.x Sebastien Decugis <sdecugis@nict.go.jp> parents: 767 diff changeset	946 }
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	947
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	948 case GNUTLS_E_AGAIN:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	949 case GNUTLS_E_INTERRUPTED:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	950 if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING))
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	951 goto again;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	952 TRACE_DEBUG(INFO, "Connection is closing, so abord gnutls_record_send now.");
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	953 break;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	954
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	955 default:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	956 if (gnutls_error_is_fatal (ret) == 0) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	957 LOG_N("Ignoring non-fatal GNU TLS error: %s", gnutls_strerror (ret));
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	958 goto again;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	959 }
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	960 LOG_E("Fatal GNUTLS error: %s", gnutls_strerror (ret));
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	961 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	962 } );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	963 end:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	964 if (ret <= 0)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	965 fd_cnx_markerror(conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	966
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	967 return ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	968 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	969
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	970
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	971 /* The function that receives TLS data and re-builds a Diameter message -- it exits only on error or cancelation */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	972 /* For the case of DTLS, since we are not using SCTP_UNORDERED, the messages over a single stream are ordered.
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	973 Furthermore, as long as messages are shorter than the MTU [2^14 = 16384 bytes], they are delivered in a single
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	974 record, as far as I understand.
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	975 For larger messages, however, it is possible that pieces of messages coming from different streams can get interleaved.
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	976 As a result, we do not use the following function for DTLS reception, because we use the sequence number to rebuild the
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	977 messages. */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	978 int fd_tls_rcvthr_core(struct cnxctx * conn, gnutls_session_t session)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	979 {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	980 /* No guarantee that GnuTLS preserves the message boundaries, so we re-build it as in TCP. */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	981 do {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	982 uint8_t header[4];
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	983 struct fd_cnx_rcvdata rcv_data;
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	984 struct fd_msg_pmdl *pmdl=NULL;
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	985 ssize_t ret = 0;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	986 size_t received = 0;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	987
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	988 do {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	989 ret = fd_tls_recv_handle_error(conn, session, &header[received], sizeof(header) - received);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	990 if (ret <= 0) {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	991 /* The connection is closed */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	992 goto out;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	993 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	994 received += ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	995 } while (received < sizeof(header));
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	996
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	997 rcv_data.length = ((size_t)header[1] << 16) + ((size_t)header[2] << 8) + (size_t)header[3];
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	998
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	999 /* Check the received word is a valid beginning of a Diameter message */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1000 if ((header[0] != DIAMETER_VERSION) /* defined in <libfreeDiameter.h> */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1001 \|\| (rcv_data.length > DIAMETER_MSG_SIZE_MAX)) { /* to avoid too big mallocs */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1002 /* The message is suspect */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1102 diff changeset	1003 LOG_E( "Received suspect header [ver: %d, size: %zd] from '%s', assume disconnection", (int)header[0], rcv_data.length, conn->cc_remid);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1004 fd_cnx_markerror(conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1005 goto out;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1006 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1007
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1008 /* Ok, now we can really receive the data */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1009 CHECK_MALLOC( rcv_data.buffer = fd_cnx_alloc_msg_buffer( rcv_data.length, &pmdl ) );
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1010 memcpy(rcv_data.buffer, header, sizeof(header));
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1011
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1012 while (received < rcv_data.length) {
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1013 pthread_cleanup_push(free_rcvdata, &rcv_data); /* In case we are canceled, clean the partialy built buffer */
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1014 ret = fd_tls_recv_handle_error(conn, session, rcv_data.buffer + received, rcv_data.length - received);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1015 pthread_cleanup_pop(0);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1016
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1017 if (ret <= 0) {
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1018 free_rcvdata(&rcv_data);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1019 goto out;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1020 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1021 received += ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1022 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1023
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1024 fd_hook_call(HOOK_DATA_RECEIVED, NULL, NULL, &rcv_data, pmdl);
1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1025
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1026 /* We have received a complete message, pass it to the daemon */
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1027 CHECK_FCT_DO( ret = fd_event_send( fd_cnx_target_queue(conn), FDEVP_CNX_MSG_RECV, rcv_data.length, rcv_data.buffer),
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1028 {
1102 1d7b3ebda27f Implemented the calls to HOOK_DATA_RECEIVED hook Sebastien Decugis <sdecugis@freediameter.net> parents: 1101 diff changeset	1029 free_rcvdata(&rcv_data);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1030 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1031 return ret;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1032 } );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1033
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1034 } while (1);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1035
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1036 out:
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1037 return ENOTCONN;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1038 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1039
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1040 /* Receiver thread (TLS & 1 stream SCTP or TCP) */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1041 static void * rcvthr_tls_single(void * arg)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1042 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1043 struct cnxctx * conn = arg;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1044
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1045 TRACE_ENTRY("%p", arg);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1046 CHECK_PARAMS_DO(conn && (conn->cc_socket > 0), return NULL );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1047
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1048 /* Set the thread name */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1049 {
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1050 char buf[48];
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1051 snprintf(buf, sizeof(buf), "Receiver (%d) TLS/single stream", conn->cc_socket);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1052 fd_log_threadname ( buf );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1053 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1054
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1055 ASSERT( fd_cnx_teststate(conn, CC_STATUS_TLS) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1056 ASSERT( fd_cnx_target_queue(conn) );
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1057
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1058 /* The next function only returns when there is an error on the socket */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1059 CHECK_FCT_DO(fd_tls_rcvthr_core(conn, conn->cc_tls_para.session), /* continue */);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1060
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1061 TRACE_DEBUG(FULL, "Thread terminated");
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1062 return NULL;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1063 }
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1064
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1065 /* Prepare a gnutls session object for handshake */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1066 int fd_tls_prepare(gnutls_session_t * session, int mode, int dtls, char * priority, void * alt_creds)
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1067 {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1068 if (dtls) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1069 LOG_E("DTLS sessions not yet supported");
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1070 return ENOTSUP;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1071 }
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1072
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1073 /* Create the session context */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1074 CHECK_GNUTLS_DO( gnutls_init (session, mode), return ENOMEM );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1075
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1076 /* Set the algorithm suite */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1077 if (priority) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1078 const char * errorpos;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1079 CHECK_GNUTLS_DO( gnutls_priority_set_direct( *session, priority, &errorpos ),
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1080 { TRACE_DEBUG(INFO, "Error in priority string '%s' at position: '%s'", priority, errorpos); return EINVAL; } );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1081 } else {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1082 CHECK_GNUTLS_DO( gnutls_priority_set( *session, fd_g_config->cnf_sec_data.prio_cache ), return EINVAL );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1083 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1084
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1085 /* Set the credentials of this side of the connection */
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	1086 CHECK_GNUTLS_DO( gnutls_credentials_set (*session, GNUTLS_CRD_CERTIFICATE, alt_creds ?: fd_g_config->cnf_sec_data.credentials), return EINVAL );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1087
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1088 /* Request the remote credentials as well */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1089 if (mode == GNUTLS_SERVER) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1090 gnutls_certificate_server_set_request (*session, GNUTLS_CERT_REQUIRE);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1091 }
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1092
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1093 return 0;
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1094 }
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1095
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1096 #ifndef GNUTLS_VERSION_300
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1097
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1098 /* Verify remote credentials after successful handshake (return 0 if OK, EINVAL otherwise) */
59 067ab3fc6093 Cleanups in debug messages Sebastien Decugis <sdecugis@nict.go.jp> parents: 57 diff changeset	1099 int fd_tls_verify_credentials(gnutls_session_t session, struct cnxctx * conn, int verbose)
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1100 {
543 40141acabee7 Fix behavior of TLS/SCTP when only one peer does not accept the remote certificate Sebastien Decugis <sdecugis@nict.go.jp> parents: 542 diff changeset	1101 int i, ret = 0;
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1102 unsigned int gtret;
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1103 const gnutls_datum_t *cert_list;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1104 unsigned int cert_list_size;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1105 gnutls_x509_crt_t cert;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1106 time_t now;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1107
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1108 TRACE_ENTRY("%p %d", conn, verbose);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1109 CHECK_PARAMS(conn);
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1110
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1111 /* Trace the session information -- http://www.gnu.org/software/gnutls/manual/gnutls.html#Obtaining-session-information */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1112 #ifdef DEBUG
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1113 if (verbose) {
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1114 const char *tmp;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1115 gnutls_kx_algorithm_t kx;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1116 gnutls_credentials_type_t cred;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1117
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1118 LOG_A("TLS Session information for connection '%s':", conn->cc_id);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1119
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1120 /* print the key exchange's algorithm name */
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1121 GNUTLS_TRACE( kx = gnutls_kx_get (session) );
5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1122 GNUTLS_TRACE( tmp = gnutls_kx_get_name (kx) );
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1123 LOG_A("\t - Key Exchange: %s", tmp);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1124
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1125 /* Check the authentication type used and switch
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1126 * to the appropriate. */
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1127 GNUTLS_TRACE( cred = gnutls_auth_get_type (session) );
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1128 switch (cred)
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1129 {
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1130 case GNUTLS_CRD_IA:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1131 LOG_A("\t - TLS/IA session");
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1132 break;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1133
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1134 case GNUTLS_CRD_PSK:
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1135 /* This returns NULL in server side. */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1136 if (gnutls_psk_client_get_hint (session) != NULL)
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1137 LOG_A("\t - PSK authentication. PSK hint '%s'",
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1138 gnutls_psk_client_get_hint (session));
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1139 /* This returns NULL in client side. */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1140 if (gnutls_psk_server_get_username (session) != NULL)
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1141 LOG_A("\t - PSK authentication. Connected as '%s'",
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1142 gnutls_psk_server_get_username (session));
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1143 break;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1144
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1145 case GNUTLS_CRD_ANON: /* anonymous authentication */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1146 LOG_A("\t - Anonymous DH using prime of %d bits",
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1147 gnutls_dh_get_prime_bits (session));
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1148 break;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1149
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1150 case GNUTLS_CRD_CERTIFICATE: /* certificate authentication */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1151 /* Check if we have been using ephemeral Diffie-Hellman. */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1152 if (kx == GNUTLS_KX_DHE_RSA \|\| kx == GNUTLS_KX_DHE_DSS) {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1153 LOG_A("\t - Ephemeral DH using prime of %d bits",
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1154 gnutls_dh_get_prime_bits (session));
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1155 }
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1156 break;
591 88a494357a9d Protect against gnutls_srp_server_get_username which is not provided on some platforms, including Fedora 13 Sebastien Decugis <sdecugis@nict.go.jp> parents: 543 diff changeset	1157 #ifdef ENABLE_SRP
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1158 case GNUTLS_CRD_SRP:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1159 LOG_A("\t - SRP session with username %s",
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1160 gnutls_srp_server_get_username (session));
26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1161 break;
591 88a494357a9d Protect against gnutls_srp_server_get_username which is not provided on some platforms, including Fedora 13 Sebastien Decugis <sdecugis@nict.go.jp> parents: 543 diff changeset	1162 #endif /* ENABLE_SRP */
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1163
26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1164 default:
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1165 fd_log_debug("\t - Different type of credentials for the session (%d).", cred);
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1166 break;
26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1167
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1168 }
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1169
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1170 /* print the protocol's name (ie TLS 1.0) */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1171 tmp = gnutls_protocol_get_name (gnutls_protocol_get_version (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1172 LOG_A("\t - Protocol: %s", tmp);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1173
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1174 /* print the certificate type of the peer. ie X.509 */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1175 tmp = gnutls_certificate_type_get_name (gnutls_certificate_type_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1176 LOG_A("\t - Certificate Type: %s", tmp);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1177
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1178 /* print the compression algorithm (if any) */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1179 tmp = gnutls_compression_get_name (gnutls_compression_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1180 LOG_A("\t - Compression: %s", tmp);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1181
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1182 /* print the name of the cipher used. ie 3DES. */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1183 tmp = gnutls_cipher_get_name (gnutls_cipher_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1184 LOG_A("\t - Cipher: %s", tmp);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1185
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1186 /* Print the MAC algorithms name. ie SHA1 */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1187 tmp = gnutls_mac_get_name (gnutls_mac_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1188 LOG_A("\t - MAC: %s", tmp);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1189 }
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1190 #endif /* DEBUG */
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1191
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1192 /* First, use built-in verification */
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1193 CHECK_GNUTLS_DO( gnutls_certificate_verify_peers2 (session, &gtret), return EINVAL );
26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1194 if (gtret) {
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1195 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1196 fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1197 if (gtret & GNUTLS_CERT_INVALID)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1198 fd_log_debug(" - The certificate is not trusted (unknown CA? expired?)");
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1199 if (gtret & GNUTLS_CERT_REVOKED)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1200 fd_log_debug(" - The certificate has been revoked.");
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1201 if (gtret & GNUTLS_CERT_SIGNER_NOT_FOUND)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1202 fd_log_debug(" - The certificate hasn't got a known issuer.");
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1203 if (gtret & GNUTLS_CERT_SIGNER_NOT_CA)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1204 fd_log_debug(" - The certificate signer is not a CA, or uses version 1, or 3 without basic constraints.");
403 26aafbbc1640 Cleanup all compilation warnings in base code for 32 bit arch Sebastien Decugis <sdecugis@nict.go.jp> parents: 402 diff changeset	1205 if (gtret & GNUTLS_CERT_INSECURE_ALGORITHM)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1206 fd_log_debug(" - The certificate signature uses a weak algorithm.");
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1207 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1208 return EINVAL;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1209 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1210
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1211 /* Code from http://www.gnu.org/software/gnutls/manual/gnutls.html#Verifying-peer_0027s-certificate */
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1212 if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1213 return EINVAL;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1214
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1215 GNUTLS_TRACE( cert_list = gnutls_certificate_get_peers (session, &cert_list_size) );
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1216 if (cert_list == NULL)
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1217 return EINVAL;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1218
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1219 now = time(NULL);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1220
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1221 #ifdef DEBUG
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1222 char serial[40];
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1223 char dn[128];
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1224 size_t size;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1225 unsigned int algo, bits;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1226 time_t expiration_time, activation_time;
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1227
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1228 LOG_D("TLS Certificate information for connection '%s' (%d certs provided):", conn->cc_id, cert_list_size);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1229 for (i = 0; i < cert_list_size; i++)
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1230 {
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1231
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1232 CHECK_GNUTLS_DO( gnutls_x509_crt_init (&cert), return EINVAL);
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1233 CHECK_GNUTLS_DO( gnutls_x509_crt_import (cert, &cert_list[i], GNUTLS_X509_FMT_DER), return EINVAL);
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1234
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1235 LOG_A(" Certificate %d info:", i);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1236
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1237 GNUTLS_TRACE( expiration_time = gnutls_x509_crt_get_expiration_time (cert) );
5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1238 GNUTLS_TRACE( activation_time = gnutls_x509_crt_get_activation_time (cert) );
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1239
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1240 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "\t - Certificate is valid since: %.24s", ctime (&activation_time));
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1241 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "\t - Certificate expires: %.24s", ctime (&expiration_time));
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1242
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1243 /* Print the serial number of the certificate. */
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1244 size = sizeof (serial);
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1245 gnutls_x509_crt_get_serial (cert, serial, &size);
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1246
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1247 {
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1248 int j;
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1249 char buf[1024];
2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1250 snprintf(buf, sizeof(buf), "\t - Certificate serial number: ");
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1251 for (j = 0; j < size; j++) {
999 0f71fc6c069f Fix compilation warning Sebastien Decugis <sdecugis@freediameter.net> parents: 982 diff changeset	1252 snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), "%02hhx", serial[j]);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1253 }
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1254 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "%s", buf);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1255 }
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1256
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1257 /* Extract some of the public key algorithm's parameters */
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1258 GNUTLS_TRACE( algo = gnutls_x509_crt_get_pk_algorithm (cert, &bits) );
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1259 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "\t - Certificate public key: %s",
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1260 gnutls_pk_algorithm_get_name (algo));
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1261
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1262 /* Print the version of the X.509 certificate. */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1263 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "\t - Certificate version: #%d",
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1264 gnutls_x509_crt_get_version (cert));
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1265
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1266 size = sizeof (dn);
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1267 GNUTLS_TRACE( gnutls_x509_crt_get_dn (cert, dn, &size) );
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1268 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "\t - DN: %s", dn);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1269
cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1270 size = sizeof (dn);
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1271 GNUTLS_TRACE( gnutls_x509_crt_get_issuer_dn (cert, dn, &size) );
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1272 LOG( i ? FD_LOG_ANNOYING : FD_LOG_DEBUG, "\t - Issuer's DN: %s", dn);
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1273
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1274 GNUTLS_TRACE( gnutls_x509_crt_deinit (cert) );
53 cd5620362909 Add debug information for TLS Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1275 }
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1276 #endif /* DEBUG */
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1277
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1278 /* Check validity of all the certificates */
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1279 for (i = 0; i < cert_list_size; i++)
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1280 {
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1281 time_t deadline;
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1282
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1283 CHECK_GNUTLS_DO( gnutls_x509_crt_init (&cert), return EINVAL);
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1284 CHECK_GNUTLS_DO( gnutls_x509_crt_import (cert, &cert_list[i], GNUTLS_X509_FMT_DER), return EINVAL);
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1285
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1286 GNUTLS_TRACE( deadline = gnutls_x509_crt_get_expiration_time(cert) );
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1287 if ((deadline != (time_t)-1) && (deadline < now)) {
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1288 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1289 fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1290 fd_log_debug(" - The certificate %d in the chain is expired", i);
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1291 }
543 40141acabee7 Fix behavior of TLS/SCTP when only one peer does not accept the remote certificate Sebastien Decugis <sdecugis@nict.go.jp> parents: 542 diff changeset	1292 ret = EINVAL;
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1293 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1294
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1295 GNUTLS_TRACE( deadline = gnutls_x509_crt_get_activation_time(cert) );
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1296 if ((deadline != (time_t)-1) && (deadline > now)) {
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1297 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1298 fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1299 fd_log_debug(" - The certificate %d in the chain is not yet activated", i);
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1300 }
543 40141acabee7 Fix behavior of TLS/SCTP when only one peer does not accept the remote certificate Sebastien Decugis <sdecugis@nict.go.jp> parents: 542 diff changeset	1301 ret = EINVAL;
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1302 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1303
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1304 if ((i == 0) && (conn->cc_tls_para.cn)) {
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1305 if (!gnutls_x509_crt_check_hostname (cert, conn->cc_tls_para.cn)) {
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1306 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1307 fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1308 fd_log_debug(" - The certificate hostname does not match '%s'", conn->cc_tls_para.cn);
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1309 }
543 40141acabee7 Fix behavior of TLS/SCTP when only one peer does not accept the remote certificate Sebastien Decugis <sdecugis@nict.go.jp> parents: 542 diff changeset	1310 ret = EINVAL;
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1311 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1312 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1313
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1314 GNUTLS_TRACE( gnutls_x509_crt_deinit (cert) );
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1315 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1316
543 40141acabee7 Fix behavior of TLS/SCTP when only one peer does not accept the remote certificate Sebastien Decugis <sdecugis@nict.go.jp> parents: 542 diff changeset	1317 return ret;
31 26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1318 }
26685c67d387 Completed the test and fixed a couple issues Sebastien Decugis <sdecugis@nict.go.jp> parents: 30 diff changeset	1319
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1320 #else /* GNUTLS_VERSION_300 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1321
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1322 /* Verify remote credentials DURING handshake (return gnutls status) */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1323 int fd_tls_verify_credentials_2(gnutls_session_t session)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1324 {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1325 /* inspired from gnutls 3.x guidelines */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1326 unsigned int status;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1327 const gnutls_datum_t *cert_list = NULL;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1328 unsigned int cert_list_size;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1329 gnutls_x509_crt_t cert;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1330 struct cnxctx * conn;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1331 int hostname_verified = 0;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1332
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1333 TRACE_ENTRY("%p", session);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1334
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1335 /* get the associated connection */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1336 conn = gnutls_session_get_ptr (session);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1337
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1338 /* Trace the session information -- http://www.gnu.org/software/gnutls/manual/gnutls.html#Obtaining-session-information */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1339 #ifdef DEBUG
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1340 const char *tmp;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1341 gnutls_credentials_type_t cred;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1342 gnutls_kx_algorithm_t kx;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1343 int dhe, ecdh;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1344
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1345 dhe = ecdh = 0;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1346
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1347 LOG_A("TLS Session information for connection '%s':", conn->cc_id);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1348
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1349 /* print the key exchange's algorithm name
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1350 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1351 GNUTLS_TRACE( kx = gnutls_kx_get (session) );
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1352 GNUTLS_TRACE( tmp = gnutls_kx_get_name (kx) );
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1353 LOG_A("\t- Key Exchange: %s", tmp);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1354
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1355 /* Check the authentication type used and switch
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1356 * to the appropriate.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1357 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1358 GNUTLS_TRACE( cred = gnutls_auth_get_type (session) );
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1359 switch (cred)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1360 {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1361 case GNUTLS_CRD_IA:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1362 LOG_A("\t - TLS/IA session");
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1363 break;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1364
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1365
982 018357d4c9bb Use gnutls_srp_* functions only ifdef ENABLE_SRP Sebastien Decugis <sdecugis@freediameter.net> parents: 974 diff changeset	1366 #ifdef ENABLE_SRP
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1367 case GNUTLS_CRD_SRP:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1368 LOG_A("\t - SRP session with username %s",
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1369 gnutls_srp_server_get_username (session));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1370 break;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1371 #endif
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1372
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1373 case GNUTLS_CRD_PSK:
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1374 /* This returns NULL in server side.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1375 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1376 if (gnutls_psk_client_get_hint (session) != NULL)
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1377 LOG_A("\t - PSK authentication. PSK hint '%s'",
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1378 gnutls_psk_client_get_hint (session));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1379 /* This returns NULL in client side.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1380 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1381 if (gnutls_psk_server_get_username (session) != NULL)
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1382 LOG_A("\t - PSK authentication. Connected as '%s'",
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1383 gnutls_psk_server_get_username (session));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1384
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1385 if (kx == GNUTLS_KX_ECDHE_PSK)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1386 ecdh = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1387 else if (kx == GNUTLS_KX_DHE_PSK)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1388 dhe = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1389 break;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1390
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1391 case GNUTLS_CRD_ANON: /* anonymous authentication */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1392 LOG_A("\t - Anonymous DH using prime of %d bits",
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1393 gnutls_dh_get_prime_bits (session));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1394 if (kx == GNUTLS_KX_ANON_ECDH)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1395 ecdh = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1396 else if (kx == GNUTLS_KX_ANON_DH)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1397 dhe = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1398 break;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1399
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1400 case GNUTLS_CRD_CERTIFICATE: /* certificate authentication */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1401
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1402 /* Check if we have been using ephemeral Diffie-Hellman.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1403 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1404 if (kx == GNUTLS_KX_DHE_RSA \|\| kx == GNUTLS_KX_DHE_DSS)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1405 dhe = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1406 else if (kx == GNUTLS_KX_ECDHE_RSA \|\| kx == GNUTLS_KX_ECDHE_ECDSA)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1407 ecdh = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1408
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1409 /* Now print some info on the remote certificate */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1410 if (gnutls_certificate_type_get (session) == GNUTLS_CRT_X509) {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1411 gnutls_datum_t cinfo;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1412
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1413 cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1414
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1415 LOG_A("\t Peer provided %d certificates.", cert_list_size);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1416
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1417 if (cert_list_size > 0)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1418 {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1419 int ret;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1420
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1421 /* we only print information about the first certificate.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1422 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1423 gnutls_x509_crt_init (&cert);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1424
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1425 gnutls_x509_crt_import (cert, &cert_list[0], GNUTLS_X509_FMT_DER);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1426
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1427 LOG_A("\t Certificate info:");
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1428
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1429 /* This is the preferred way of printing short information about
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1430 a certificate. */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1431
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1432 ret = gnutls_x509_crt_print (cert, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1433 if (ret == 0)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1434 {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1435 LOG_A("\t\t%s", cinfo.data);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1436 gnutls_free (cinfo.data);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1437 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1438
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1439 if (conn->cc_tls_para.cn) {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1440 if (!gnutls_x509_crt_check_hostname (cert, conn->cc_tls_para.cn)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1441 fd_log_debug("\tTLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1442 fd_log_debug("\t - The certificate hostname does not match '%s'", conn->cc_tls_para.cn);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1443 gnutls_x509_crt_deinit (cert);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1444 return GNUTLS_E_CERTIFICATE_ERROR;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1445 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1446
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1447 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1448
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1449 hostname_verified = 1;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1450
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1451 gnutls_x509_crt_deinit (cert);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1452
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1453 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1454 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1455 break;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1456
1145 ea3a653a809e Fix warning on OpenSUSE Sebastien Decugis <sdecugis@freediameter.net> parents: 1141 diff changeset	1457 default:
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1458 LOG_A("\t - unknown session type (%d)", cred);
1145 ea3a653a809e Fix warning on OpenSUSE Sebastien Decugis <sdecugis@freediameter.net> parents: 1141 diff changeset	1459
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1460 } /* switch */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1461
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1462 if (ecdh != 0)
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1463 LOG_A("\t - Ephemeral ECDH using curve %s",
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1464 gnutls_ecc_curve_get_name (gnutls_ecc_curve_get (session)));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1465 else if (dhe != 0)
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1466 LOG_A("\t - Ephemeral DH using prime of %d bits",
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1467 gnutls_dh_get_prime_bits (session));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1468
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1469 /* print the protocol's name (ie TLS 1.0)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1470 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1471 tmp = gnutls_protocol_get_name (gnutls_protocol_get_version (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1472 LOG_A("\t - Protocol: %s", tmp);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1473
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1474 /* print the certificate type of the peer.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1475 * ie X.509
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1476 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1477 tmp = gnutls_certificate_type_get_name (gnutls_certificate_type_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1478 LOG_A("\t - Certificate Type: %s", tmp);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1479
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1480 /* print the compression algorithm (if any)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1481 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1482 tmp = gnutls_compression_get_name (gnutls_compression_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1483 LOG_A("\t - Compression: %s", tmp);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1484
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1485 /* print the name of the cipher used.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1486 * ie 3DES.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1487 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1488 tmp = gnutls_cipher_get_name (gnutls_cipher_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1489 LOG_A("\t - Cipher: %s", tmp);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1490
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1491 /* Print the MAC algorithms name.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1492 * ie SHA1
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1493 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1494 tmp = gnutls_mac_get_name (gnutls_mac_get (session));
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1495 LOG_A("\t - MAC: %s", tmp);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1496
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1497 #endif /* DEBUG */
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1498
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1499 /* This verification function uses the trusted CAs in the credentials
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1500 * structure. So you must have installed one or more CA certificates.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1501 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1502 CHECK_GNUTLS_DO( gnutls_certificate_verify_peers2 (session, &status), return GNUTLS_E_CERTIFICATE_ERROR );
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1503 if (TRACE_BOOL(INFO) && (status & GNUTLS_CERT_INVALID)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1504 fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1505 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1506 fd_log_debug(" - The certificate hasn't got a known issuer.");
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1507
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1508 if (status & GNUTLS_CERT_REVOKED)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1509 fd_log_debug(" - The certificate has been revoked.");
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1510
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1511 if (status & GNUTLS_CERT_EXPIRED)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1512 fd_log_debug(" - The certificate has expired.");
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1513
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1514 if (status & GNUTLS_CERT_NOT_ACTIVATED)
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1515 fd_log_debug(" - The certificate is not yet activated.");
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1516 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1517 if (status & GNUTLS_CERT_INVALID)
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1518 {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1519 return GNUTLS_E_CERTIFICATE_ERROR;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1520 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1521
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1522 /* Up to here the process is the same for X.509 certificates and
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1523 * OpenPGP keys. From now on X.509 certificates are assumed. This can
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1524 * be easily extended to work with openpgp keys as well.
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1525 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1526 if ((!hostname_verified) && (conn->cc_tls_para.cn)) {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1527 if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1528 TRACE_DEBUG(INFO, "TLS: Remote credentials are not x509, rejected on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1529 return GNUTLS_E_CERTIFICATE_ERROR;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1530 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1531
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1532 CHECK_GNUTLS_DO( gnutls_x509_crt_init (&cert), return GNUTLS_E_CERTIFICATE_ERROR );
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1533
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1534 cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1535 CHECK_PARAMS_DO( cert_list, return GNUTLS_E_CERTIFICATE_ERROR );
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1536
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1537 CHECK_GNUTLS_DO( gnutls_x509_crt_import (cert, &cert_list[0], GNUTLS_X509_FMT_DER), return GNUTLS_E_CERTIFICATE_ERROR );
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1538
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1539 if (!gnutls_x509_crt_check_hostname (cert, conn->cc_tls_para.cn)) {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1540 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1541 fd_log_debug("TLS: Remote certificate invalid on socket %d (Remote: '%s')(Connection: '%s') :", conn->cc_socket, conn->cc_remid, conn->cc_id);
2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1542 fd_log_debug(" - The certificate hostname does not match '%s'", conn->cc_tls_para.cn);
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1543 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1544 gnutls_x509_crt_deinit (cert);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1545 return GNUTLS_E_CERTIFICATE_ERROR;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1546 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1547
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1548 gnutls_x509_crt_deinit (cert);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1549 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1550
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1551 /* notify gnutls to continue handshake normally */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1552 return 0;
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1553 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1554
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1555 #endif /* GNUTLS_VERSION_300 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1556
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1557 static int fd_cnx_may_dtls(struct cnxctx * conn) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1558 #ifndef DISABLE_SCTP
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1559 if ((conn->cc_proto == IPPROTO_SCTP) && (conn->cc_tls_para.algo == ALGO_HANDSHAKE_DEFAULT))
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1560 return 1;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1561 #endif /* DISABLE_SCTP */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1562 return 0;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1563 }
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1564
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1565 static int fd_cnx_uses_dtls(struct cnxctx * conn) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1566 return fd_cnx_may_dtls(conn) && (fd_cnx_teststate(conn, CC_STATUS_TLS));
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1567 }
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1568
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1569 /* TLS handshake a connection; no need to have called start_clear before. Reception is active if handhsake is successful */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1570 int fd_cnx_handshake(struct cnxctx * conn, int mode, int algo, char * priority, void * alt_creds)
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1571 {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1572 int dtls = 0;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1573
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1574 TRACE_ENTRY( "%p %d %d %p %p", conn, mode, algo, priority, alt_creds);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1575 CHECK_PARAMS( conn && (!fd_cnx_teststate(conn, CC_STATUS_TLS)) && ( (mode == GNUTLS_CLIENT) \|\| (mode == GNUTLS_SERVER) ) && (!conn->cc_loop) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1576
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1577 /* Save the mode */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1578 conn->cc_tls_para.mode = mode;
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1579 conn->cc_tls_para.algo = algo;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1580
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1581 /* Cancel receiving thread if any -- it should already be terminated anyway, we just release the resources */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1582 CHECK_FCT_DO( fd_thr_term(&conn->cc_rcvthr), /* continue */);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1583
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1584 /* Once TLS handshake is done, we don't stop after the first message */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1585 conn->cc_loop = 1;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1586
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1587 dtls = fd_cnx_may_dtls(conn);
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1588
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1589 /* Prepare the master session credentials and priority */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1590 CHECK_FCT( fd_tls_prepare(&conn->cc_tls_para.session, mode, dtls, priority, alt_creds) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1591
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1592 /* Special case: multi-stream TLS is not natively managed in GNU TLS, we use a wrapper library */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1593 if ((!dtls) && (conn->cc_sctp_para.pairs > 1)) {
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1594 #ifdef DISABLE_SCTP
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1595 ASSERT(0);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1596 CHECK_FCT( ENOTSUP );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1597 #else /* DISABLE_SCTP */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1598 /* Initialize the wrapper, start the demux thread */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1599 CHECK_FCT( fd_sctp3436_init(conn) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1600 #endif /* DISABLE_SCTP */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1601 } else {
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	1602 /* Set the transport pointer passed to push & pull callbacks */
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1603 GNUTLS_TRACE( gnutls_transport_set_ptr( conn->cc_tls_para.session, (gnutls_transport_ptr_t) conn ) );
194 d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	1604
d1af490d6e85 Change in sockets options to avoid waiting forever on closing connections Sebastien Decugis <sdecugis@nict.go.jp> parents: 188 diff changeset	1605 /* Set the push and pull callbacks */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1606 if (!dtls) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1607 GNUTLS_TRACE( gnutls_transport_set_pull_function(conn->cc_tls_para.session, (void *)fd_cnx_s_recv) );
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1608 GNUTLS_TRACE( gnutls_transport_set_push_function(conn->cc_tls_para.session, (void *)fd_cnx_s_send) );
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1609 } else {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1610 TODO("DTLS push/pull functions");
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1611 return ENOTSUP;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1612 }
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1613 }
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1614
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1615 /* additional initialization for gnutls 3.x */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1616 #ifdef GNUTLS_VERSION_300
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1617 /* the verify function has already been set in the global initialization in config.c */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1618
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1619 /* fd_tls_verify_credentials_2 uses the connection */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1620 gnutls_session_set_ptr (conn->cc_tls_para.session, (void *) conn);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1621
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1622 if ((conn->cc_tls_para.cn != NULL) && (mode == GNUTLS_CLIENT)) {
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1623 /* this might allow virtual hosting on the remote peer */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1624 CHECK_GNUTLS_DO( gnutls_server_name_set (conn->cc_tls_para.session, GNUTLS_NAME_DNS, conn->cc_tls_para.cn, strlen(conn->cc_tls_para.cn)), /* ignore failure */);
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1625 }
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1626
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1627 #endif /* GNUTLS_VERSION_300 */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1628
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1629 #ifdef GNUTLS_VERSION_310
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1630 GNUTLS_TRACE( gnutls_handshake_set_timeout( conn->cc_tls_para.session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT));
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1631 #endif /* GNUTLS_VERSION_310 */
09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1632
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1633 /* Mark the connection as protected from here, so that the gnutls credentials will be freed */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1634 fd_cnx_addstate(conn, CC_STATUS_TLS);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1635
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1636 /* Handshake master session */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1637 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1638 int ret;
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1639
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1640 CHECK_GNUTLS_DO( ret = gnutls_handshake(conn->cc_tls_para.session),
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1641 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1642 if (TRACE_BOOL(INFO)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 961 diff changeset	1643 fd_log_debug("TLS Handshake failed on socket %d (%s) : %s", conn->cc_socket, conn->cc_id, gnutls_strerror(ret));
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1644 }
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1645 fd_cnx_markerror(conn);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1646 return EINVAL;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1647 } );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1648
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1649 #ifndef GNUTLS_VERSION_300
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1650 /* Now verify the remote credentials are valid -- only simple tests here */
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1651 CHECK_FCT_DO( fd_tls_verify_credentials(conn->cc_tls_para.session, conn, 1),
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1652 {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1653 CHECK_GNUTLS_DO( gnutls_bye(conn->cc_tls_para.session, GNUTLS_SHUT_RDWR), );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1654 fd_cnx_markerror(conn);
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1655 return EINVAL;
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1656 });
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1657 #endif /* GNUTLS_VERSION_300 */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1658 }
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1659
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1660 /* Multi-stream TLS: handshake other streams as well */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1661 if ((!dtls) && (conn->cc_sctp_para.pairs > 1)) {
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1662 #ifndef DISABLE_SCTP
543 40141acabee7 Fix behavior of TLS/SCTP when only one peer does not accept the remote certificate Sebastien Decugis <sdecugis@nict.go.jp> parents: 542 diff changeset	1663 /* Start reading the messages from the master session. That way, if the remote peer closed, we are not stuck inside handshake */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1664 CHECK_FCT(fd_sctp3436_startthreads(conn, 0));
807 09f8f0c4f4a4 Several changes to support GnuTLS 3.x in a more efficient way Sebastien Decugis <sdecugis@freediameter.net> parents: 803 diff changeset	1665
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1666 /* Resume all additional sessions from the master one. */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1667 CHECK_FCT(fd_sctp3436_handshake_others(conn, priority, alt_creds));
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	1668
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1669 /* Start decrypting the messages from all threads and queuing them in target queue */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1670 CHECK_FCT(fd_sctp3436_startthreads(conn, 1));
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1671 #endif /* DISABLE_SCTP */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1672 } else {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1673 /* Start decrypting the data */
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1674 if (!dtls) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1675 CHECK_POSIX( pthread_create( &conn->cc_rcvthr, NULL, rcvthr_tls_single, conn ) );
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1676 } else {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1677 TODO("Signal the dtls_push function that multiple streams can be used from this point.");
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1678 TODO("Create DTLS rcvthr (must reassembly based on seq numbers & stream id ?)");
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1679 return ENOTSUP;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1680 }
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1681 }
29 5ba91682f0bc Added a test for cnxctx (tbc) and fixed some bugs Sebastien Decugis <sdecugis@nict.go.jp> parents: 27 diff changeset	1682
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1683 return 0;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1684 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1685
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1686 /* Retrieve TLS credentials of the remote peer, after handshake */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1687 int fd_cnx_getcred(struct cnxctx * conn, const gnutls_datum_t *cert_list, unsigned int cert_list_size)
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1688 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1689 TRACE_ENTRY("%p %p %p", conn, cert_list, cert_list_size);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1690 CHECK_PARAMS( conn && fd_cnx_teststate(conn, CC_STATUS_TLS) && cert_list && cert_list_size );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1691
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1692 /* This function only works for X.509 certificates. */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1693 CHECK_PARAMS( gnutls_certificate_type_get (conn->cc_tls_para.session) == GNUTLS_CRT_X509 );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1694
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1695 GNUTLS_TRACE( *cert_list = gnutls_certificate_get_peers (conn->cc_tls_para.session, cert_list_size) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1696 if (*cert_list == NULL) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1697 TRACE_DEBUG(INFO, "No certificate was provided by remote peer / an error occurred.");
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1698 return EINVAL;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1699 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1700
54 889c55527a1d Fixed additional newline character Sebastien Decugis <sdecugis@nict.go.jp> parents: 53 diff changeset	1701 TRACE_DEBUG( FULL, "Saved certificate chain (%d certificates) in peer structure.", *cert_list_size);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1702
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1703 return 0;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1704 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1705
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1706 /* Receive next message. if timeout is not NULL, wait only until timeout. This function only pulls from a queue, mgr thread is filling that queue aynchrounously. */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1707 /* if the altfifo has been set on this conn object, this function must not be called */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1708 int fd_cnx_receive(struct cnxctx * conn, struct timespec * timeout, unsigned char *buf, size_t len)
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1709 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1710 int ev;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1711 size_t ev_sz;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1712 void * ev_data;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1713
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1714 TRACE_ENTRY("%p %p %p %p", conn, timeout, buf, len);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1715 CHECK_PARAMS(conn && (conn->cc_socket > 0) && buf && len);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1716 CHECK_PARAMS(conn->cc_rcvthr != (pthread_t)NULL);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1717 CHECK_PARAMS(conn->cc_alt == NULL);
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1718
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1719 /* Now, pull the first event */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1720 get_next:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1721 if (timeout) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1722 CHECK_FCT( fd_event_timedget(conn->cc_incoming, timeout, FDEVP_PSM_TIMEOUT, &ev, &ev_sz, &ev_data) );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1723 } else {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1724 CHECK_FCT( fd_event_get(conn->cc_incoming, &ev, &ev_sz, &ev_data) );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1725 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1726
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1727 switch (ev) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1728 case FDEVP_CNX_MSG_RECV:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1729 /* We got one */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1730 *len = ev_sz;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1731 *buf = ev_data;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1732 return 0;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1733
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1734 case FDEVP_PSM_TIMEOUT:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1735 TRACE_DEBUG(FULL, "Timeout event received");
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1736 return ETIMEDOUT;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1737
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1738 case FDEVP_CNX_EP_CHANGE:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1739 /* We ignore this event */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1740 goto get_next;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1741
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1742 case FDEVP_CNX_ERROR:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1743 TRACE_DEBUG(FULL, "Received ERROR event on the connection");
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1744 return ENOTCONN;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1745 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1746
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1747 TRACE_DEBUG(INFO, "Received unexpected event %d (%s)", ev, fd_pev_str(ev));
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1748 return EINVAL;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1749 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1750
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1751 /* Where the events are sent */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1752 struct fifo * fd_cnx_target_queue(struct cnxctx * conn)
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1753 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1754 struct fifo *q;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1755 CHECK_POSIX_DO( pthread_mutex_lock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1756 q = conn->cc_alt ?: conn->cc_incoming;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1757 CHECK_POSIX_DO( pthread_mutex_unlock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1758 return q;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1759 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1760
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1761 /* Set an alternate FIFO list to send FDEVP_CNX_* events to */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1762 int fd_cnx_recv_setaltfifo(struct cnxctx * conn, struct fifo * alt_fifo)
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1763 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1764 int ret;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1765 TRACE_ENTRY( "%p %p", conn, alt_fifo );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1766 CHECK_PARAMS( conn && alt_fifo && conn->cc_incoming );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1767
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1768 /* The magic function does it all */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1769 CHECK_POSIX_DO( pthread_mutex_lock(&state_lock), { ASSERT(0); } );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1770 CHECK_FCT_DO( ret = fd_fifo_move( conn->cc_incoming, alt_fifo, &conn->cc_alt ), );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1771 CHECK_POSIX_DO( pthread_mutex_unlock(&state_lock), { ASSERT(0); } );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1772
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1773 return ret;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1774 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1775
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1776 /* Send function when no multi-stream is involved, or sending on stream #0 (send() always use stream 0)*/
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1777 static int send_simple(struct cnxctx * conn, unsigned char * buf, size_t len)
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1778 {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1779 ssize_t ret;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1780 size_t sent = 0;
27 b3a1773e9f46 again, correct was actually %zd Sebastien Decugis <sdecugis@nict.go.jp> parents: 26 diff changeset	1781 TRACE_ENTRY("%p %p %zd", conn, buf, len);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1782 do {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1783 if (fd_cnx_teststate(conn, CC_STATUS_TLS)) {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1784 CHECK_GNUTLS_DO( ret = fd_tls_send_handle_error(conn, conn->cc_tls_para.session, buf + sent, len - sent), );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1785 } else {
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1786 /* Maybe better to replace this call with sendmsg for atomic sending? */
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1787 CHECK_SYS_DO( ret = fd_cnx_s_send(conn, buf + sent, len - sent), );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1788 }
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1789 if (ret <= 0)
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1790 return ENOTCONN;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1791
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1792 sent += ret;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1793 } while ( sent < len );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1794 return 0;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1795 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1796
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1797 /* Send a message -- this is synchronous -- and we assume it's never called by several threads at the same time (on the same conn), so we don't protect. */
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1798 int fd_cnx_send(struct cnxctx * conn, unsigned char * buf, size_t len, uint32_t flags)
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1799 {
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1800 TRACE_ENTRY("%p %p %zd %x", conn, buf, len, flags);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1801
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1802 CHECK_PARAMS(conn && (conn->cc_socket > 0) && (! fd_cnx_teststate(conn, CC_STATUS_ERROR)) && buf && len);
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1803
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1804 TRACE_DEBUG(FULL, "Sending %zdb %sdata on connection %s", len, fd_cnx_teststate(conn, CC_STATUS_TLS) ? "TLS-protected ":"", conn->cc_id);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1805
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1806 switch (conn->cc_proto) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1807 case IPPROTO_TCP:
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1808 CHECK_FCT( send_simple(conn, buf, len) );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1809 break;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1810
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1811 #ifndef DISABLE_SCTP
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1812 case IPPROTO_SCTP: {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1813 int dtls = fd_cnx_uses_dtls(conn);
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1814
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1815 if (!dtls) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1816 if (flags & FD_CNX_ORDERED) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1817 /* We send over stream #0 */
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1818 CHECK_FCT( send_simple(conn, buf, len) );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1819 } else {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1820 /* Default case : no flag specified */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1821
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1822 int another_str = 0; /* do we send over stream #0 ? */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1823
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1824 if ((conn->cc_sctp_para.str_out > 1) && ((!fd_cnx_teststate(conn, CC_STATUS_TLS)) \|\| (conn->cc_sctp_para.pairs > 1))) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1825 /* Update the id of the stream we will send this message over */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1826 conn->cc_sctp_para.next += 1;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1827 conn->cc_sctp_para.next %= (fd_cnx_teststate(conn, CC_STATUS_TLS) ? conn->cc_sctp_para.pairs : conn->cc_sctp_para.str_out);
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1828 another_str = (conn->cc_sctp_para.next ? 1 : 0);
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1829 }
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1830
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1831 if ( ! another_str ) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1832 CHECK_FCT( send_simple(conn, buf, len) );
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1833 } else {
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1834 if (!fd_cnx_teststate(conn, CC_STATUS_TLS)) {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1835 CHECK_FCT_DO( fd_sctp_sendstr(conn, conn->cc_sctp_para.next, buf, len), { fd_cnx_markerror(conn); return ENOTCONN; } );
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1836 } else {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1837 /* push the record to the appropriate session */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1838 ssize_t ret;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1839 size_t sent = 0;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1840 ASSERT(conn->cc_sctp3436_data.array != NULL);
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1841 do {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1842 CHECK_GNUTLS_DO( ret = fd_tls_send_handle_error(conn, conn->cc_sctp3436_data.array[conn->cc_sctp_para.next].session, buf + sent, len - sent), );
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1843 if (ret <= 0)
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1844 return ENOTCONN;
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1845
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1846 sent += ret;
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1847 } while ( sent < len );
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1848 }
229 965f5971dc23 Broadcast CEA over all streams to avoid possible race condition Sebastien Decugis <sdecugis@nict.go.jp> parents: 228 diff changeset	1849 }
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1850 }
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1851 } else {
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1852 /* DTLS */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1853 /* We signal the push function directly to tell if using stream 0 or round-robin */
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1854 TODO("DTLS send");
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1855 return ENOTSUP;
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1856 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1857 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1858 break;
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1859 #endif /* DISABLE_SCTP */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1860
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1861 default:
1099 6ce5c99a40af Fix some typos. Thomas Klausner <tk@giga.or.at> parents: 1084 diff changeset	1862 TRACE_DEBUG(INFO, "Unknown protocol: %d", conn->cc_proto);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1863 ASSERT(0);
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1864 return ENOTSUP; /* or EINVAL... */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1865 }
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1866
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1867 return 0;
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1868 }
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1869
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1870
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1871 /**************************************/
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1872 /* Destruction of connection */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1873 /**************************************/
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1874
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1875 /* Destroy a conn structure, and shutdown the socket */
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1876 void fd_cnx_destroy(struct cnxctx * conn)
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1877 {
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1878 TRACE_ENTRY("%p", conn);
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1879
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1880 CHECK_PARAMS_DO(conn, return);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 38 diff changeset	1881
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1882 fd_cnx_addstate(conn, CC_STATUS_CLOSING);
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1883
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1884 /* Initiate shutdown of the TLS session(s): call gnutls_bye(WR), then read until error */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1885 if (fd_cnx_teststate(conn, CC_STATUS_TLS)) {
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1886 #ifndef DISABLE_SCTP
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1887 int dtls = fd_cnx_uses_dtls(conn);
22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1180 diff changeset	1888 if ((!dtls) && (conn->cc_sctp_para.pairs > 1)) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1889 if (! fd_cnx_teststate(conn, CC_STATUS_ERROR )) {
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1890 /* Bye on master session */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1891 CHECK_GNUTLS_DO( gnutls_bye(conn->cc_tls_para.session, GNUTLS_SHUT_WR), fd_cnx_markerror(conn) );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1892 }
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1893
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1894 if (! fd_cnx_teststate(conn, CC_STATUS_ERROR ) ) {
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1895 /* and other stream pairs */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1896 fd_sctp3436_bye(conn);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1897 }
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1898
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1899 if (! fd_cnx_teststate(conn, CC_STATUS_ERROR ) ) {
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1900 /* Now wait for all decipher threads to terminate */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1901 fd_sctp3436_waitthreadsterm(conn);
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1902 } else {
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1903 /* Abord the threads, the connection is dead already */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1904 fd_sctp3436_stopthreads(conn);
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1905 }
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1906
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1907 /* Deinit gnutls resources */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1908 fd_sctp3436_gnutls_deinit_others(conn);
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1909 if (conn->cc_tls_para.session) {
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1910 GNUTLS_TRACE( gnutls_deinit(conn->cc_tls_para.session) );
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1911 conn->cc_tls_para.session = NULL;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1912 }
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1913
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1914 /* Destroy the wrapper (also stops the demux thread) */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1915 fd_sctp3436_destroy(conn);
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1916
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1917 } else {
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1918 #endif /* DISABLE_SCTP */
1180 773498f59520 Preparing for future DTLS/SCTP support Sebastien Decugis <sdecugis@freediameter.net> parents: 1145 diff changeset	1919 /* We are TLS, but not using the sctp3436 wrapper layer */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1920 if (! fd_cnx_teststate(conn, CC_STATUS_ERROR ) ) {
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1921 /* Master session */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1922 CHECK_GNUTLS_DO( gnutls_bye(conn->cc_tls_para.session, GNUTLS_SHUT_WR), fd_cnx_markerror(conn) );
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1923 }
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1924
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 662 diff changeset	1925 if (! fd_cnx_teststate(conn, CC_STATUS_ERROR ) ) {
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1926 /* In this case, just wait for thread rcvthr_tls_single to terminate */
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1927 if (conn->cc_rcvthr != (pthread_t)NULL) {
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1928 CHECK_POSIX_DO( pthread_join(conn->cc_rcvthr, NULL), /* continue */ );
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1929 conn->cc_rcvthr = (pthread_t)NULL;
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1930 }
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1931 } else {
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1932 /* Cancel the receiver thread in case it did not already terminate */
536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1933 CHECK_FCT_DO( fd_thr_term(&conn->cc_rcvthr), /* continue */ );
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1934 }
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1935
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1936 /* Free the resources of the TLS session */
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1937 if (conn->cc_tls_para.session) {
214 5a1b93f59f8f Added trace facility for GNUTLS calls Sebastien Decugis <sdecugis@nict.go.jp> parents: 211 diff changeset	1938 GNUTLS_TRACE( gnutls_deinit(conn->cc_tls_para.session) );
209 b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1939 conn->cc_tls_para.session = NULL;
b9f48f2f2a22 Some cleanups in the code Sebastien Decugis <sdecugis@nict.go.jp> parents: 208 diff changeset	1940 }
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1941 #ifndef DISABLE_SCTP
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1942 }
30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1943 #endif /* DISABLE_SCTP */
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1944 }
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1945
203 536b1dde8761 Some cleanups in the cnxctx module Sebastien Decugis <sdecugis@nict.go.jp> parents: 201 diff changeset	1946 /* Terminate the thread in case it is not done yet -- is there any such case left ?*/
155 30a7252cbb55 Cleanup connection cleanup sequence Sebastien Decugis <sdecugis@nict.go.jp> parents: 136 diff changeset	1947 CHECK_FCT_DO( fd_thr_term(&conn->cc_rcvthr), /* continue */ );
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1948
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1949 /* Shut the connection down */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1950 if (conn->cc_socket > 0) {
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1951 shutdown(conn->cc_socket, SHUT_RDWR);
38 68c1890f7049 Fixed a small bug in SCTP close Sebastien Decugis <sdecugis@nict.go.jp> parents: 31 diff changeset	1952 close(conn->cc_socket);
68c1890f7049 Fixed a small bug in SCTP close Sebastien Decugis <sdecugis@nict.go.jp> parents: 31 diff changeset	1953 conn->cc_socket = -1;
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1954 }
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1955
25 67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1956 /* Empty and destroy FIFO list */
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1957 if (conn->cc_incoming) {
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1958 fd_event_destroy( &conn->cc_incoming, free );
67ca08d5bc48 Completed connection context files Sebastien Decugis <sdecugis@nict.go.jp> parents: 24 diff changeset	1959 }
22 0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1960
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1961 /* Free the object */
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1962 free(conn);
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1963
0b3b46da2c12 Progress on server code Sebastien Decugis <sdecugis@nict.go.jp> parents: 21 diff changeset	1964 /* Done! */
21 bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1965 return;
bef197f6826f Backup before week-end, cnxctx and server in progress Sebastien Decugis <sdecugis@nict.go.jp> parents: 20 diff changeset	1966 }

Mercurial > hg > freeDiameter

annotate libfdcore/cnxctx.c @ 1181:22de21feec64