da/d9b/ssl__session_8cc_source.html

 /*

  * Copyright (c) 2015 Juniper Networks, Inc. All rights reserved.

  */


 #include "io/ssl_session.h"


 #include <string>


 #include <boost/asio.hpp>

 #include <boost/bind.hpp>


 #include "io/event_manager.h"

 #include "io/io_log.h"

 #include "io/io_utils.h"


 using boost::asio::async_write;

 using boost::asio::buffer;

 using boost::asio::buffer_cast;

 using boost::asio::mutable_buffer;

 using boost::asio::mutable_buffers_1;

 using boost::asio::null_buffers;

 using boost::asio::placeholders::error;

 using boost::asio::placeholders::bytes_transferred;

 using boost::asio::ssl::stream_base;

 using boost::bind;

 using boost::function;

 using boost::system::error_code;

 using std::size_t;

 using std::srand;

 using std::string;

 using std::time;


 class SslSession::SslReader : public Task {

 public:

     typedef function<void(Buffer)> ReadHandler;


     SslReader(int task_id, SslSessionPtr session, ReadHandler read_fn,

               Buffer buffer)

        : Task(task_id, session->GetSessionInstance()),

          session_(session), read_fn_(read_fn), buffer_(buffer) {

     }

     virtual bool Run() {

         if (session_->IsEstablished()) {

             session_->ssl_last_read_len_ = BufferSize(buffer_);

             read_fn_(buffer_);

             if (session_->IsReaderDeferred()) {

                 // Update socket read block count.

                 session_->stats_.read_block_start_time = UTCTimestampUsec();

                 session_->stats_.read_blocked++;

                 session_->server()->stats_.read_blocked++;

             } else {

                 if (session_->IsSslDisabled()) {

                      session_->AsyncReadStart();

                 } else if (!session_->IsSslHandShakeInProgress()) {

                     session_->AsyncReadStart();

                 }

             }

         }

         return true;

     }

     string Description() const { return "SslSession::SslReader"; }


 private:

     SslSessionPtr session_;

     ReadHandler read_fn_;

     Buffer buffer_;

 };


 SslSession::SslSession(SslServer *server, SslSocket *ssl_socket,

                        bool async_read_ready)

     : TcpSession(server, NULL, async_read_ready),

       ssl_socket_(ssl_socket),

       ssl_handshake_in_progress_(false),

       ssl_handshake_success_(false),

       ssl_enabled_(true),

       ssl_handshake_delayed_(false),

       ssl_last_read_len_(0) {


     if (server) {

         ssl_enabled_ = server->ssl_enabled_;

         ssl_handshake_delayed_ = server->ssl_handshake_delayed_;

     }

 }


 SslSession::~SslSession() {

 }


 Task* SslSession::CreateReaderTask(mutable_buffer buffer,

                                    size_t bytes_transferred) {

     Buffer rdbuf(buffer_cast<const uint8_t *>(buffer), bytes_transferred);

     SslReader *task = new SslReader(this->reader_task_id(),

         SslSessionPtr(this), bind(&SslSession::OnRead, this, _1), rdbuf);

     return (task);

 }


 TcpSession::Socket *SslSession::socket() const {

     if (ssl_socket_) {

         // return tcp socket

         return &ssl_socket_->next_layer();

     }

     return NULL;

 }


 // Register for data read notification from the tcp socket or from the ssl

 // socket, as appropriate.

 void SslSession::AsyncReadSome() {

     if (established()) {

         if (ssl_last_read_len_ == 0) {

             // we have drained the read buffer of the socket

             // register for a read notification from the tcp socket

             TcpSession::AsyncReadSome();

         } else {

             // trigger Async Read Handler for immediate read

             TriggerAsyncReadHandler();

         }

     }

 }


 // Tests with large data have consistently shown 16K as the maximum read data

 // size even though when a lot more data was available in the underlying socket.

 // Also, there is no available() api for the ssl socket.

 size_t SslSession::GetReadBufferSize() const {

     return kDefaultBufferSize;

 }


 //

 // Check if a socker error is hard and fatal. Only then should we close the

 // socket. Soft errors like EINTR and EAGAIN should be ignored or properly

 // handled with retries

 //

 bool SslSession::IsSocketErrorHard(const error_code &ec) {


     bool error;

     error = TcpSession::IsSocketErrorHard(ec);

     if (ec.value() == ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ)) {

         error = false;

     }


     return error;

 }


 size_t SslSession::ReadSome(mutable_buffer buffer, error_code *error) {

     // Read data from the tcp socket or from the ssl socket, as appropriate.

     assert(!ssl_handshake_in_progress_);

     if (!IsSslHandShakeSuccessLocked())

         return TcpSession::ReadSome(buffer, error);


     return ssl_socket_->read_some(mutable_buffers_1(buffer), *error);

 }


 void SslSession::AsyncWrite(const uint8_t *data, size_t size) {

     if (IsSslHandShakeSuccessLocked()) {

         async_write(*ssl_socket_.get(), buffer(data, size),

             bind(&TcpSession::AsyncWriteHandler,

                  TcpSessionPtr(this), error, bytes_transferred));

     } else {

         return (TcpSession::AsyncWrite(data, size));

     }

 }


 void SslSession::SslHandShakeCallback(SslHandShakeCallbackHandler cb,

                                       SslSessionPtr session,

                                       const error_code &error) {

     session->ssl_handshake_in_progress_ = false;

     if (!error) {

         session->SetSslHandShakeSuccess();

     } else {

         session->SetSslHandShakeFailure();

     }


     if (session->socket() != NULL && !(session->IsClosed())) {

         cb(session, error);

     }

 }


 void SslSession::TriggerSslHandShakeInternal(

         SslSessionPtr session, SslHandShakeCallbackHandler cb) {

     srand(static_cast<unsigned>(time(0)));

     error_code ec;

     session->ssl_handshake_in_progress_ = true;

     if (session->IsServerSession()) {

         session->ssl_socket_->async_handshake(stream_base::server,

             bind(&SslSession::SslHandShakeCallback, cb, session,

             error));

     } else {

         session->ssl_socket_->async_handshake(stream_base::client,

             bind(&SslSession::SslHandShakeCallback, cb, session,

                  error));

     }

 }


 void SslSession::TriggerSslHandShake(SslHandShakeCallbackHandler cb) {

     server()->event_manager()->io_service()->post(

         bind(&TriggerSslHandShakeInternal, SslSessionPtr(this), cb));

 }

SslSession::SslReader
Definition: ssl_session.cc:33

TcpSession::Buffer
boost::asio::const_buffer Buffer
Definition: tcp_session.h:64

SslSession::SslSession
SslSession(SslServer *server, SslSocket *socket, bool async_read_ready=true)
Definition: ssl_session.cc:69

TcpSession::TcpSessionPtr
boost::intrusive_ptr< TcpSession > TcpSessionPtr
Definition: tcp_session.h:184

TcpSession::kDefaultBufferSize
static const int kDefaultBufferSize
Definition: tcp_session.h:44

TcpSession::AsyncWriteHandler
static void AsyncWriteHandler(TcpSessionPtr session, const boost::system::error_code &error, std::size_t bytes_transferred)
Definition: tcp_session.cc:378

TcpSession::ReadSome
virtual size_t ReadSome(boost::asio::mutable_buffer buffer, boost::system::error_code *error)
Definition: tcp_session.cc:468

TcpSession::BufferSize
static size_t BufferSize(const Buffer &buffer)
Definition: tcp_session.h:116

SslSession::~SslSession
virtual ~SslSession()
Definition: ssl_session.cc:85

SslSessionPtr
boost::intrusive_ptr< SslSession > SslSessionPtr
Definition: ssl_session.h:11

SslSession::CreateReaderTask
virtual Task * CreateReaderTask(boost::asio::mutable_buffer, size_t)
Definition: ssl_session.cc:88

EventManager::io_service
boost::asio::io_context * io_service()
Definition: event_manager.h:42

SslSession::ReadSome
size_t ReadSome(boost::asio::mutable_buffer buffer, boost::system::error_code *error)
Definition: ssl_session.cc:143

SslSession::IsSslHandShakeSuccessLocked
bool IsSslHandShakeSuccessLocked()
Definition: ssl_session.h:43

io_log.h

task_
Definition: task_int.h:10

TcpServer::event_manager
EventManager * event_manager()
Definition: tcp_server.h:76

SslSession::ssl_last_read_len_
size_t ssl_last_read_len_
Definition: ssl_session.h:104

TcpSession
Definition: tcp_session.h:42

SslSession::ssl_enabled_
bool ssl_enabled_
Definition: ssl_session.h:100

TcpSession::TriggerAsyncReadHandler
void TriggerAsyncReadHandler()
Definition: tcp_session.cc:346

SslSession::SslSocket
boost::asio::ssl::stream< boost::asio::ip::tcp::socket > SslSocket
Definition: ssl_session.h:18

SslSession::ssl_socket_
boost::scoped_ptr< SslSocket > ssl_socket_
Definition: ssl_session.h:92

SslSession::ssl_handshake_in_progress_
bool ssl_handshake_in_progress_
Definition: ssl_session.h:95

TcpSession::Socket
boost::asio::ip::tcp::socket Socket
Definition: tcp_session.h:60

SslSession::SslReader::Description
string Description() const
Definition: ssl_session.cc:61

SslSession::SslReader::read_fn_
ReadHandler read_fn_
Definition: ssl_session.cc:65

SslServer::ssl_enabled_
bool ssl_enabled_
Definition: ssl_server.h:57

SslSession::ssl_handshake_delayed_
bool ssl_handshake_delayed_
Definition: ssl_session.h:101

TcpSession::OnRead
virtual void OnRead(Buffer buffer)=0

ssl_session.h

SslServer
Definition: ssl_server.h:14

TcpSession::IsSocketErrorHard
static bool IsSocketErrorHard(const boost::system::error_code &ec)
Definition: tcp_session.cc:742

TcpSession::AsyncWrite
virtual void AsyncWrite(const uint8_t *data, std::size_t size)
Definition: tcp_session.cc:199

TcpSession::reader_task_id
virtual int reader_task_id() const
Definition: tcp_session.h:208

TcpSession::AsyncReadSome
virtual void AsyncReadSome()
Definition: tcp_session.cc:192

SslSession::GetReadBufferSize
virtual size_t GetReadBufferSize() const
Definition: ssl_session.cc:123

SslSession::IsSocketErrorHard
static bool IsSocketErrorHard(const boost::system::error_code &ec)
Definition: ssl_session.cc:132

SslSession::SslReader::buffer_
Buffer buffer_
Definition: ssl_session.cc:66

SslSession::SslReader::Run
virtual bool Run()
Code to execute. Returns true if task is completed. Return false to reschedule the task...
Definition: ssl_session.cc:42

SslSession::TriggerSslHandShake
void TriggerSslHandShake(SslHandShakeCallbackHandler)
Definition: ssl_session.cc:193

SslServer::ssl_handshake_delayed_
bool ssl_handshake_delayed_
Definition: ssl_server.h:58

TcpSession::established
bool established() const
Definition: tcp_session.h:212

SslSession::AsyncReadSome
virtual void AsyncReadSome()
Definition: ssl_session.cc:107

UTCTimestampUsec
static uint64_t UTCTimestampUsec()
Definition: time_util.h:13

SslSession::TriggerSslHandShakeInternal
static void TriggerSslHandShakeInternal(SslSessionPtr ptr, SslHandShakeCallbackHandler cb)
Definition: ssl_session.cc:177

TcpSession::server
TcpServer * server()
Definition: tcp_session.h:88

SslSession::SslReader::SslReader
SslReader(int task_id, SslSessionPtr session, ReadHandler read_fn, Buffer buffer)
Definition: ssl_session.cc:37

TcpSession::GetSessionInstance
virtual int GetSessionInstance() const
Definition: tcp_session.cc:530

SslSession::AsyncWrite
void AsyncWrite(const uint8_t *data, std::size_t size)
Definition: ssl_session.cc:152

io_utils.h

SslSession::SslHandShakeCallback
static void SslHandShakeCallback(SslHandShakeCallbackHandler cb, SslSessionPtr, const boost::system::error_code &error)
Definition: ssl_session.cc:162

event_manager.h

Task
Task is a wrapper over tbb::task to support policies.
Definition: task.h:86

SslSession::SslReader::session_
SslSessionPtr session_
Definition: ssl_session.cc:64

SslHandShakeCallbackHandler
boost::function< void(SslSessionPtr, const boost::system::error_code &error)> SslHandShakeCallbackHandler
Definition: ssl_session.h:14

SslSession::socket
virtual Socket * socket() const
Definition: ssl_session.cc:97

SslSession::SslReader::ReadHandler
function< void(Buffer)> ReadHandler
Definition: ssl_session.cc:35