Mercurial > hg > freeDiameter
comparison freeDiameter/sctps.c @ 214:5a1b93f59f8f
Added trace facility for GNUTLS calls
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Thu, 18 Feb 2010 15:20:00 +0900 |
parents | b9f48f2f2a22 |
children | d8e3336e4744 |
comparison
equal
deleted
inserted
replaced
213:890a9b6379f0 | 214:5a1b93f59f8f |
---|---|
209 | 209 |
210 /* Set the parameters of a session to use the appropriate fifo and stream information */ | 210 /* Set the parameters of a session to use the appropriate fifo and stream information */ |
211 static void set_sess_transport(gnutls_session_t session, struct sctps_ctx *ctx) | 211 static void set_sess_transport(gnutls_session_t session, struct sctps_ctx *ctx) |
212 { | 212 { |
213 /* Set the transport pointer passed to push & pull callbacks */ | 213 /* Set the transport pointer passed to push & pull callbacks */ |
214 gnutls_transport_set_ptr( session, (gnutls_transport_ptr_t) ctx ); | 214 GNUTLS_TRACE( gnutls_transport_set_ptr( session, (gnutls_transport_ptr_t) ctx ) ); |
215 | 215 |
216 /* Reset the low water value, since we don't use sockets */ | 216 /* Reset the low water value, since we don't use sockets */ |
217 gnutls_transport_set_lowat( session, 0 ); | 217 GNUTLS_TRACE( gnutls_transport_set_lowat( session, 0 ) ); |
218 | 218 |
219 /* Set the push and pull callbacks */ | 219 /* Set the push and pull callbacks */ |
220 gnutls_transport_set_pull_function(session, sctps_pull); | 220 GNUTLS_TRACE( gnutls_transport_set_pull_function(session, sctps_pull) ); |
221 gnutls_transport_set_push_function(session, sctps_push); | 221 GNUTLS_TRACE( gnutls_transport_set_push_function(session, sctps_push) ); |
222 | 222 |
223 return; | 223 return; |
224 } | 224 } |
225 | 225 |
226 /*************************************************************/ | 226 /*************************************************************/ |
239 struct fd_list chain; | 239 struct fd_list chain; |
240 gnutls_datum_t key; | 240 gnutls_datum_t key; |
241 gnutls_datum_t data; | 241 gnutls_datum_t data; |
242 }; | 242 }; |
243 | 243 |
244 /* The level at which we debug session resuming */ | |
245 #define SR_LEVEL (FULL + 1) | |
246 | |
247 /* Initialize the store area for a connection */ | 244 /* Initialize the store area for a connection */ |
248 static int store_init(struct cnxctx * conn) | 245 static int store_init(struct cnxctx * conn) |
249 { | 246 { |
250 TRACE_ENTRY("%p", conn); | 247 TRACE_ENTRY("%p", conn); |
251 CHECK_PARAMS( conn && !conn->cc_sctps_data.sess_store ); | 248 CHECK_PARAMS( conn && !conn->cc_sctps_data.sess_store ); |
323 struct fd_list * li; | 320 struct fd_list * li; |
324 struct sr_data * sr; | 321 struct sr_data * sr; |
325 int match = 0; | 322 int match = 0; |
326 int ret = 0; | 323 int ret = 0; |
327 | 324 |
325 TRACE_DEBUG( GNUTLS_DBG_LEVEL, "Callback: %s", __PRETTY_FUNCTION__ ); | |
328 CHECK_PARAMS_DO( sto && key.data && data.data, return -1 ); | 326 CHECK_PARAMS_DO( sto && key.data && data.data, return -1 ); |
329 | 327 |
330 CHECK_POSIX_DO( pthread_rwlock_wrlock(&sto->lock), return -1 ); | 328 CHECK_POSIX_DO( pthread_rwlock_wrlock(&sto->lock), return -1 ); |
331 TRACE_DEBUG_BUFFER(SR_LEVEL, "Session store [key ", key.data, key.size, "]"); | 329 TRACE_DEBUG_BUFFER(GNUTLS_DBG_LEVEL, "Session store [key ", key.data, key.size, "]"); |
332 | 330 |
333 li = find_or_next(sto, key, &match); | 331 li = find_or_next(sto, key, &match); |
334 if (match) { | 332 if (match) { |
335 sr = (struct sr_data *)li; | 333 sr = (struct sr_data *)li; |
336 | 334 |
337 /* Check the data is the same */ | 335 /* Check the data is the same */ |
338 if ((data.size != sr->data.size) || memcmp(data.data, sr->data.data, data.size)) { | 336 if ((data.size != sr->data.size) || memcmp(data.data, sr->data.data, data.size)) { |
339 TRACE_DEBUG(INFO, "GnuTLS tried to store a session with same key and different data!"); | 337 TRACE_DEBUG(INFO, "GnuTLS tried to store a session with same key and different data!"); |
340 ret = -1; | 338 ret = -1; |
341 } else { | 339 } else { |
342 TRACE_DEBUG(SR_LEVEL, "GnuTLS tried to store a session with same key and same data, skipped."); | 340 TRACE_DEBUG(GNUTLS_DBG_LEVEL, "GnuTLS tried to store a session with same key and same data, skipped."); |
343 } | 341 } |
344 goto out; | 342 goto out; |
345 } | 343 } |
346 | 344 |
347 /* Create a new entry */ | 345 /* Create a new entry */ |
372 struct fd_list * li; | 370 struct fd_list * li; |
373 struct sr_data * sr; | 371 struct sr_data * sr; |
374 int match = 0; | 372 int match = 0; |
375 int ret = 0; | 373 int ret = 0; |
376 | 374 |
375 TRACE_DEBUG( GNUTLS_DBG_LEVEL, "Callback: %s", __PRETTY_FUNCTION__ ); | |
377 CHECK_PARAMS_DO( sto && key.data, return -1 ); | 376 CHECK_PARAMS_DO( sto && key.data, return -1 ); |
378 | 377 |
379 CHECK_POSIX_DO( pthread_rwlock_wrlock(&sto->lock), return -1 ); | 378 CHECK_POSIX_DO( pthread_rwlock_wrlock(&sto->lock), return -1 ); |
380 TRACE_DEBUG_BUFFER(SR_LEVEL, "Session delete [key ", key.data, key.size, "]"); | 379 TRACE_DEBUG_BUFFER(GNUTLS_DBG_LEVEL, "Session delete [key ", key.data, key.size, "]"); |
381 | 380 |
382 li = find_or_next(sto, key, &match); | 381 li = find_or_next(sto, key, &match); |
383 if (match) { | 382 if (match) { |
384 sr = (struct sr_data *)li; | 383 sr = (struct sr_data *)li; |
385 | 384 |
404 struct sr_data * sr; | 403 struct sr_data * sr; |
405 int match = 0; | 404 int match = 0; |
406 gnutls_datum_t res = { NULL, 0 }; | 405 gnutls_datum_t res = { NULL, 0 }; |
407 gnutls_datum_t error = { NULL, 0 }; | 406 gnutls_datum_t error = { NULL, 0 }; |
408 | 407 |
408 TRACE_DEBUG( GNUTLS_DBG_LEVEL, "Callback: %s", __PRETTY_FUNCTION__ ); | |
409 CHECK_PARAMS_DO( sto && key.data, return error ); | 409 CHECK_PARAMS_DO( sto && key.data, return error ); |
410 | 410 |
411 CHECK_POSIX_DO( pthread_rwlock_rdlock(&sto->lock), return error ); | 411 CHECK_POSIX_DO( pthread_rwlock_rdlock(&sto->lock), return error ); |
412 TRACE_DEBUG_BUFFER(SR_LEVEL, "Session fetch [key ", key.data, key.size, "]"); | 412 TRACE_DEBUG_BUFFER(GNUTLS_DBG_LEVEL, "Session fetch [key ", key.data, key.size, "]"); |
413 | 413 |
414 li = find_or_next(sto, key, &match); | 414 li = find_or_next(sto, key, &match); |
415 if (match) { | 415 if (match) { |
416 sr = (struct sr_data *)li; | 416 sr = (struct sr_data *)li; |
417 CHECK_MALLOC_DO(res.data = gnutls_malloc(sr->data.size), goto out ); | 417 GNUTLS_TRACE( CHECK_MALLOC_DO(res.data = gnutls_malloc(sr->data.size), goto out ) ); |
418 res.size = sr->data.size; | 418 res.size = sr->data.size; |
419 memcpy(res.data, sr->data.data, res.size); | 419 memcpy(res.data, sr->data.data, res.size); |
420 } | 420 } |
421 out: | 421 out: |
422 TRACE_DEBUG(SR_LEVEL, "Fetched (%p, %d) from store %p", res.data, res.size, sto); | 422 TRACE_DEBUG(GNUTLS_DBG_LEVEL, "Fetched (%p, %d) from store %p", res.data, res.size, sto); |
423 CHECK_POSIX_DO( pthread_rwlock_unlock(&sto->lock), return error); | 423 CHECK_POSIX_DO( pthread_rwlock_unlock(&sto->lock), return error); |
424 return res; | 424 return res; |
425 } | 425 } |
426 | 426 |
427 /* Set the session pointer in a session object */ | 427 /* Set the session pointer in a session object */ |
428 static void set_resume_callbacks(gnutls_session_t session, struct cnxctx * conn) | 428 static void set_resume_callbacks(gnutls_session_t session, struct cnxctx * conn) |
429 { | 429 { |
430 TRACE_ENTRY("%p", conn); | 430 TRACE_ENTRY("%p", conn); |
431 | 431 |
432 gnutls_db_set_retrieve_function(session, sr_fetch); | 432 GNUTLS_TRACE( gnutls_db_set_retrieve_function(session, sr_fetch)); |
433 gnutls_db_set_remove_function (session, sr_remove); | 433 GNUTLS_TRACE( gnutls_db_set_remove_function (session, sr_remove)); |
434 gnutls_db_set_store_function (session, sr_store); | 434 GNUTLS_TRACE( gnutls_db_set_store_function (session, sr_store)); |
435 gnutls_db_set_ptr (session, conn->cc_sctps_data.sess_store); | 435 GNUTLS_TRACE( gnutls_db_set_ptr (session, conn->cc_sctps_data.sess_store)); |
436 | 436 |
437 return; | 437 return; |
438 } | 438 } |
439 | 439 |
440 /* The handshake is made in parallel in several threads to speed up */ | 440 /* The handshake is made in parallel in several threads to speed up */ |
453 } | 453 } |
454 | 454 |
455 TRACE_DEBUG(FULL, "Starting TLS resumed handshake on stream %hu", ctx->strid); | 455 TRACE_DEBUG(FULL, "Starting TLS resumed handshake on stream %hu", ctx->strid); |
456 CHECK_GNUTLS_DO( gnutls_handshake( ctx->session ), return NULL); | 456 CHECK_GNUTLS_DO( gnutls_handshake( ctx->session ), return NULL); |
457 | 457 |
458 resumed = gnutls_session_is_resumed(ctx->session); | 458 GNUTLS_TRACE( resumed = gnutls_session_is_resumed(ctx->session) ); |
459 if (!resumed) { | 459 if (!resumed) { |
460 /* Check the credentials here also */ | 460 /* Check the credentials here also */ |
461 CHECK_FCT_DO( fd_tls_verify_credentials(ctx->session, ctx->parent, 0), return NULL ); | 461 CHECK_FCT_DO( fd_tls_verify_credentials(ctx->session, ctx->parent, 0), return NULL ); |
462 } | 462 } |
463 if (TRACE_BOOL(FULL)) { | 463 if (TRACE_BOOL(FULL)) { |
527 | 527 |
528 /* For client side, retrieve the master session parameters */ | 528 /* For client side, retrieve the master session parameters */ |
529 if (conn->cc_tls_para.mode == GNUTLS_CLIENT) { | 529 if (conn->cc_tls_para.mode == GNUTLS_CLIENT) { |
530 CHECK_GNUTLS_DO( gnutls_session_get_data2(conn->cc_tls_para.session, &master_data), return ENOMEM ); | 530 CHECK_GNUTLS_DO( gnutls_session_get_data2(conn->cc_tls_para.session, &master_data), return ENOMEM ); |
531 /* For debug: */ | 531 /* For debug: */ |
532 if (TRACE_BOOL(SR_LEVEL)) { | 532 if (TRACE_BOOL(GNUTLS_DBG_LEVEL)) { |
533 uint8_t id[256]; | 533 uint8_t id[256]; |
534 size_t ids = sizeof(id); | 534 size_t ids = sizeof(id); |
535 CHECK_GNUTLS_DO( gnutls_session_get_id(conn->cc_tls_para.session, id, &ids), /* continue */ ); | 535 CHECK_GNUTLS_DO( gnutls_session_get_id(conn->cc_tls_para.session, id, &ids), /* continue */ ); |
536 TRACE_DEBUG_BUFFER(SR_LEVEL, "Master session id: [", id, ids, "]"); | 536 TRACE_DEBUG_BUFFER(GNUTLS_DBG_LEVEL, "Master session id: [", id, ids, "]"); |
537 } | 537 } |
538 } | 538 } |
539 | 539 |
540 /* Initialize the session objects and start the handshake in a separate thread */ | 540 /* Initialize the session objects and start the handshake in a separate thread */ |
541 for (i = 1; i < conn->cc_sctp_para.pairs; i++) { | 541 for (i = 1; i < conn->cc_sctp_para.pairs; i++) { |
556 CHECK_POSIX( pthread_create( &conn->cc_sctps_data.array[i].thr, NULL, handshake_resume_th, &conn->cc_sctps_data.array[i] ) ); | 556 CHECK_POSIX( pthread_create( &conn->cc_sctps_data.array[i].thr, NULL, handshake_resume_th, &conn->cc_sctps_data.array[i] ) ); |
557 } | 557 } |
558 | 558 |
559 /* We can now release the memory of master session data if any */ | 559 /* We can now release the memory of master session data if any */ |
560 if (conn->cc_tls_para.mode == GNUTLS_CLIENT) { | 560 if (conn->cc_tls_para.mode == GNUTLS_CLIENT) { |
561 gnutls_free(master_data.data); | 561 GNUTLS_TRACE( gnutls_free(master_data.data) ); |
562 } | 562 } |
563 | 563 |
564 /* Now wait for all handshakes to finish */ | 564 /* Now wait for all handshakes to finish */ |
565 for (i = 1; i < conn->cc_sctp_para.pairs; i++) { | 565 for (i = 1; i < conn->cc_sctp_para.pairs; i++) { |
566 void * ret; | 566 void * ret; |
636 TRACE_ENTRY("%p", conn); | 636 TRACE_ENTRY("%p", conn); |
637 CHECK_PARAMS_DO( conn && conn->cc_sctps_data.array, return ); | 637 CHECK_PARAMS_DO( conn && conn->cc_sctps_data.array, return ); |
638 | 638 |
639 for (i = 1; i < conn->cc_sctp_para.pairs; i++) { | 639 for (i = 1; i < conn->cc_sctp_para.pairs; i++) { |
640 if (conn->cc_sctps_data.array[i].session) { | 640 if (conn->cc_sctps_data.array[i].session) { |
641 gnutls_deinit(conn->cc_sctps_data.array[i].session); | 641 GNUTLS_TRACE( gnutls_deinit(conn->cc_sctps_data.array[i].session) ); |
642 conn->cc_sctps_data.array[i].session = NULL; | 642 conn->cc_sctps_data.array[i].session = NULL; |
643 } | 643 } |
644 } | 644 } |
645 } | 645 } |
646 | 646 |
676 for (i = 0; i < conn->cc_sctp_para.pairs; i++) { | 676 for (i = 0; i < conn->cc_sctp_para.pairs; i++) { |
677 if (conn->cc_sctps_data.array[i].raw_recv) | 677 if (conn->cc_sctps_data.array[i].raw_recv) |
678 fd_event_destroy( &conn->cc_sctps_data.array[i].raw_recv, free ); | 678 fd_event_destroy( &conn->cc_sctps_data.array[i].raw_recv, free ); |
679 free(conn->cc_sctps_data.array[i].partial.buf); | 679 free(conn->cc_sctps_data.array[i].partial.buf); |
680 if (conn->cc_sctps_data.array[i].session) { | 680 if (conn->cc_sctps_data.array[i].session) { |
681 gnutls_deinit(conn->cc_sctps_data.array[i].session); | 681 GNUTLS_TRACE( gnutls_deinit(conn->cc_sctps_data.array[i].session) ); |
682 conn->cc_sctps_data.array[i].session = NULL; | 682 conn->cc_sctps_data.array[i].session = NULL; |
683 } | 683 } |
684 } | 684 } |
685 | 685 |
686 /* Free the array itself now */ | 686 /* Free the array itself now */ |