mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-02 08:54:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Prepare the SSL modules for using timer callbacks

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-05-12 20:55:41 +02:00
parent ca3bdc5632
commit 2e01291739
2 changed files with 56 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/mbedtls/ssl.h
View File

@ -998,8 +998,10 @@ struct mbedtls_ssl_context
* Timers * Timers
*/ */
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
struct mbedtls_timing_hr_time time_info; /*!< timer context */ mbedtls_timing_delay_context WIP_timer; /* temporary */
unsigned long time_limit; /*!< limit for the running timer */ void *p_timer; /*!< context for the timer callbacks */
void (*f_set_timer)(void *, uint32_t, uint32_t); /*!< set timer callback */
int (*f_get_timer)(void *); /*!< get timer callback */
#endif #endif
/* /*
@ -1303,6 +1305,26 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
*/ */
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
/**
* \brief Set the timer callbacks
* (Mandatory for DTLS.)
*
* \param ssl SSL context
* \param p_timer parameter (context) shared by timer callback
* \param f_set_timer set timer callback
* Accepts an intermediate and a final delay in milliseconcs
* If the final delay is 0, cancels the running timer.
* \param f_get_timer get timer callback. Must return:
* -1 if cancelled
* 0 if none of the delays is expired
* 1 if the intermediate delay only is expired
* 2 if the final delay is expired
*/
void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
void *p_timer,
void (*f_set_timer)(void *, uint32_t int_ms, uint32_t fin_ms),
int (*f_get_timer)(void *) );
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
/** /**
* \brief Set client's transport-level identification info. * \brief Set client's transport-level identification info.

42
library/ssl_tls.c
View File

@ -81,12 +81,14 @@ static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl )
/* /*
* Start a timer. * Start a timer.
* Passing millisecs = 0 cancels a running timer. * Passing millisecs = 0 cancels a running timer.
* The timer is already running iff time_limit != 0.
*/ */
static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
{ {
ssl->time_limit = millisecs; if( ssl->f_set_timer == NULL )
mbedtls_timing_get_timer( &ssl->time_info, 1 ); return;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) );
ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs );
} }
/* /*
@ -94,11 +96,11 @@ static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
*/ */
static int ssl_check_timer( mbedtls_ssl_context *ssl ) static int ssl_check_timer( mbedtls_ssl_context *ssl )
{ {
if( ssl->time_limit != 0 && if( ssl->f_get_timer == NULL )
mbedtls_timing_get_timer( &ssl->time_info, 0 ) > ssl->time_limit ) return( -2 );
{
if( ssl->f_get_timer( ssl->p_timer ) == 2 )
return( -1 ); return( -1 );
}
return( 0 ); return( 0 );
} }
@ -2210,6 +2212,14 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
{ {
uint32_t timeout; uint32_t timeout;
/* Just to be sure */
if( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use "
"mbedtls_ssl_set_timer_cb() for DTLS" ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
/* /*
* The point is, we need to always read a full datagram at once, so we * The point is, we need to always read a full datagram at once, so we
* sometimes read more then requested, and handle the additional data. * sometimes read more then requested, and handle the additional data.
@ -2265,8 +2275,6 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
} }
MBEDTLS_SSL_DEBUG_MSG( 3, ( "current timer: %u", ssl->time_limit ) );
/* /*
* Don't even try to read if time's out already. * Don't even try to read if time's out already.
* This avoids by-passing the timer when repeatedly receiving messages * This avoids by-passing the timer when repeatedly receiving messages
@ -4967,6 +4975,10 @@ static int ssl_cookie_check_dummy( void *ctx,
void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
{ {
memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
/* Temporary WIP */
mbedtls_ssl_set_timer_cb( ssl, &ssl->WIP_timer,
mbedtls_timing_set_delay, mbedtls_timing_get_delay );
} }
/* /*
@ -5260,6 +5272,16 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
conf->read_timeout = timeout; conf->read_timeout = timeout;
} }
void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
void *p_timer,
void (*f_set_timer)(void *, uint32_t int_ms, uint32_t fin_ms),
int (*f_get_timer)(void *) )
{
ssl->p_timer = p_timer;
ssl->f_set_timer = f_set_timer;
ssl->f_get_timer = f_get_timer;
}
#if defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_SSL_SRV_C)
void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
void *p_cache, void *p_cache,
@ -6040,7 +6062,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
{ {
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
/* Start timer if not already running */ /* Start timer if not already running */
if( ssl->time_limit == 0 ) if( ssl->f_get_timer( ssl->p_timer ) == -1 )
ssl_set_timer( ssl, ssl->conf->read_timeout ); ssl_set_timer( ssl, ssl->conf->read_timeout );
#endif #endif