Logo Search packages:      
Sourcecode: openssl version File versions  Download package

sm.c

#include "tunala.h"

#ifndef NO_TUNALA

void state_machine_init(state_machine_t *machine)
{
      machine->ssl = NULL;
      machine->bio_intossl = machine->bio_fromssl = NULL;
      buffer_init(&machine->clean_in);
      buffer_init(&machine->clean_out);
      buffer_init(&machine->dirty_in);
      buffer_init(&machine->dirty_out);
}

void state_machine_close(state_machine_t *machine)
{
      if(machine->ssl)
            SSL_free(machine->ssl);
/* SSL_free seems to decrement the reference counts already so doing this goes
 * kaboom. */
#if 0
      if(machine->bio_intossl)
            BIO_free(machine->bio_intossl);
      if(machine->bio_fromssl)
            BIO_free(machine->bio_fromssl);
#endif
      buffer_close(&machine->clean_in);
      buffer_close(&machine->clean_out);
      buffer_close(&machine->dirty_in);
      buffer_close(&machine->dirty_out);
      state_machine_init(machine);
}

buffer_t *state_machine_get_buffer(state_machine_t *machine, sm_buffer_t type)
{
      switch(type) {
      case SM_CLEAN_IN:
            return &machine->clean_in;
      case SM_CLEAN_OUT:
            return &machine->clean_out;
      case SM_DIRTY_IN:
            return &machine->dirty_in;
      case SM_DIRTY_OUT:
            return &machine->dirty_out;
      default:
            break;
      }
      /* Should never get here */
      abort();
      return NULL;
}

SSL *state_machine_get_SSL(state_machine_t *machine)
{
      return machine->ssl;
}

int state_machine_set_SSL(state_machine_t *machine, SSL *ssl, int is_server)
{
      if(machine->ssl)
            /* Shouldn't ever be set twice */
            abort();
      machine->ssl = ssl;
      /* Create the BIOs to handle the dirty side of the SSL */
      if((machine->bio_intossl = BIO_new(BIO_s_mem())) == NULL)
            abort();
      if((machine->bio_fromssl = BIO_new(BIO_s_mem())) == NULL)
            abort();
      /* Hook up the BIOs on the dirty side of the SSL */
      SSL_set_bio(machine->ssl, machine->bio_intossl, machine->bio_fromssl);
      if(is_server)
            SSL_set_accept_state(machine->ssl);
      else
            SSL_set_connect_state(machine->ssl);
      /* If we're the first one to generate traffic - do it now otherwise we
       * go into the next select empty-handed and our peer will not send data
       * but will similarly wait for us. */
      return state_machine_churn(machine);
}

/* Performs the data-IO loop and returns zero if the machine should close */
int state_machine_churn(state_machine_t *machine)
{
      unsigned int loop;
      if(machine->ssl == NULL) {
            if(buffer_empty(&machine->clean_out))
                  /* Time to close this state-machine altogether */
                  return 0;
            else
                  /* Still buffered data on the clean side to go out */
                  return 1;
      }
      /* Do this loop twice to cover any dependencies about which precise
       * order of reads and writes is required. */
      for(loop = 0; loop < 2; loop++) {
            buffer_to_SSL(&machine->clean_in, machine->ssl);
            buffer_to_BIO(&machine->dirty_in, machine->bio_intossl);
            buffer_from_SSL(&machine->clean_out, machine->ssl);
            buffer_from_BIO(&machine->dirty_out, machine->bio_fromssl);
      }
      /* We close on the SSL side if the info callback noticed some problems
       * or an SSL shutdown was underway and shutdown traffic had all been
       * sent. */
      if(SSL_get_app_data(machine->ssl) || (SSL_get_shutdown(machine->ssl) &&
                        buffer_empty(&machine->dirty_out))) {
            /* Great, we can seal off the dirty side completely */
            if(!state_machine_close_dirty(machine))
                  return 0;
      }
      /* Either the SSL is alive and well, or the closing process still has
       * outgoing data waiting to be sent */
      return 1;
}

/* Called when the clean side of the SSL has lost its connection */
int state_machine_close_clean(state_machine_t *machine)
{
      /* Well, first thing to do is null out the clean-side buffers - they're
       * no use any more. */
      buffer_close(&machine->clean_in);
      buffer_close(&machine->clean_out);
      /* And start an SSL shutdown */
      if(machine->ssl)
            SSL_shutdown(machine->ssl);
      /* This is an "event", so flush the SSL of any generated traffic */
      state_machine_churn(machine);
      if(buffer_empty(&machine->dirty_in) &&
                  buffer_empty(&machine->dirty_out))
            return 0;
      return 1;
}

/* Called when the dirty side of the SSL has lost its connection. This is pretty
 * terminal as all that can be left to do is send any buffered output on the
 * clean side - after that, we're done. */
int state_machine_close_dirty(state_machine_t *machine)
{
      buffer_close(&machine->dirty_in);
      buffer_close(&machine->dirty_out);
      buffer_close(&machine->clean_in);
      if(machine->ssl)
            SSL_free(machine->ssl);
      machine->ssl = NULL;
      machine->bio_intossl = machine->bio_fromssl = NULL;
      if(buffer_empty(&machine->clean_out))
            return 0;
      return 1;
}

#endif /* !defined(NO_TUNALA) */


Generated by  Doxygen 1.6.0   Back to index