ssl: buffered handshake detection
This commit is contained in:
parent
a99d6e56b6
commit
b8bc4d77b7
|
@ -207,7 +207,6 @@ PRAGMA_WARNING_DISABLE_VS(4355)
|
||||||
buffer_ssl_init_fill = 0;
|
buffer_ssl_init_fill = 0;
|
||||||
if (is_income && m_ssl_support != epee::net_utils::ssl_support_t::e_ssl_support_disabled)
|
if (is_income && m_ssl_support != epee::net_utils::ssl_support_t::e_ssl_support_disabled)
|
||||||
socket().async_receive(boost::asio::buffer(buffer_),
|
socket().async_receive(boost::asio::buffer(buffer_),
|
||||||
boost::asio::socket_base::message_peek,
|
|
||||||
strand_.wrap(
|
strand_.wrap(
|
||||||
std::bind(&connection<t_protocol_handler>::handle_receive, self,
|
std::bind(&connection<t_protocol_handler>::handle_receive, self,
|
||||||
std::placeholders::_1,
|
std::placeholders::_1,
|
||||||
|
@ -447,16 +446,11 @@ PRAGMA_WARNING_DISABLE_VS(4355)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
buffer_ssl_init_fill = bytes_transferred;
|
buffer_ssl_init_fill += bytes_transferred;
|
||||||
MTRACE("we now have " << buffer_ssl_init_fill << "/" << get_ssl_magic_size() << " bytes needed to detect SSL");
|
MTRACE("we now have " << buffer_ssl_init_fill << "/" << get_ssl_magic_size() << " bytes needed to detect SSL");
|
||||||
if (buffer_ssl_init_fill < get_ssl_magic_size())
|
if (buffer_ssl_init_fill < get_ssl_magic_size())
|
||||||
{
|
{
|
||||||
// don't busy loop on this, ideally we'd want to queue a "async_receive_if_new_data" but there doesn't
|
socket().async_receive(boost::asio::buffer(buffer_.data() + buffer_ssl_init_fill, buffer_.size() - buffer_ssl_init_fill),
|
||||||
// seem to be something like that in boost if we want to just peek at the data, so we'd need to copy and
|
|
||||||
// have a bit more code just for this. Though I'm just seeing async_read_until which might just work.
|
|
||||||
epee::misc_utils::sleep_no_w(100);
|
|
||||||
socket().async_receive(boost::asio::buffer(buffer_.data(), buffer_.size()),
|
|
||||||
boost::asio::socket_base::message_peek,
|
|
||||||
strand_.wrap(
|
strand_.wrap(
|
||||||
boost::bind(&connection<t_protocol_handler>::handle_receive, connection<t_protocol_handler>::shared_from_this(),
|
boost::bind(&connection<t_protocol_handler>::handle_receive, connection<t_protocol_handler>::shared_from_this(),
|
||||||
boost::asio::placeholders::error,
|
boost::asio::placeholders::error,
|
||||||
|
@ -482,7 +476,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
|
||||||
if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
|
if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
|
||||||
{
|
{
|
||||||
// Handshake
|
// Handshake
|
||||||
if (!handshake(boost::asio::ssl::stream_base::server))
|
if (!handshake(boost::asio::ssl::stream_base::server, boost::asio::const_buffer(buffer_.data(), buffer_ssl_init_fill)))
|
||||||
{
|
{
|
||||||
MERROR("SSL handshake failed");
|
MERROR("SSL handshake failed");
|
||||||
boost::interprocess::ipcdetail::atomic_write32(&m_want_close_connection, 1);
|
boost::interprocess::ipcdetail::atomic_write32(&m_want_close_connection, 1);
|
||||||
|
@ -497,6 +491,11 @@ PRAGMA_WARNING_DISABLE_VS(4355)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
handle_read(e, buffer_ssl_init_fill);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
async_read_some(boost::asio::buffer(buffer_),
|
async_read_some(boost::asio::buffer(buffer_),
|
||||||
strand_.wrap(
|
strand_.wrap(
|
||||||
|
|
|
@ -132,10 +132,10 @@ class connection_basic { // not-templated base class for rapid developmet of som
|
||||||
ssl_support_t get_ssl_support() const { return m_ssl_support; }
|
ssl_support_t get_ssl_support() const { return m_ssl_support; }
|
||||||
void disable_ssl() { m_ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_disabled; }
|
void disable_ssl() { m_ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_disabled; }
|
||||||
|
|
||||||
bool handshake(boost::asio::ssl::stream_base::handshake_type type)
|
bool handshake(boost::asio::ssl::stream_base::handshake_type type, boost::asio::const_buffer buffer = {})
|
||||||
{
|
{
|
||||||
//m_state != nullptr verified in constructor
|
//m_state != nullptr verified in constructor
|
||||||
return m_state->ssl_options().handshake(socket_, type);
|
return m_state->ssl_options().handshake(socket_, type, buffer);
|
||||||
}
|
}
|
||||||
|
|
||||||
template<typename MutableBufferSequence, typename ReadHandler>
|
template<typename MutableBufferSequence, typename ReadHandler>
|
||||||
|
|
|
@ -178,7 +178,7 @@ namespace net_utils
|
||||||
// SSL Options
|
// SSL Options
|
||||||
if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_enabled || m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
|
if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_enabled || m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
|
||||||
{
|
{
|
||||||
if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, addr, timeout))
|
if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, {}, addr, timeout))
|
||||||
{
|
{
|
||||||
if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
|
if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
|
||||||
{
|
{
|
||||||
|
|
|
@ -132,6 +132,7 @@ namespace net_utils
|
||||||
bool handshake(
|
bool handshake(
|
||||||
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
|
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
|
||||||
boost::asio::ssl::stream_base::handshake_type type,
|
boost::asio::ssl::stream_base::handshake_type type,
|
||||||
|
boost::asio::const_buffer buffer = {},
|
||||||
const std::string& host = {},
|
const std::string& host = {},
|
||||||
std::chrono::milliseconds timeout = std::chrono::seconds(15)) const;
|
std::chrono::milliseconds timeout = std::chrono::seconds(15)) const;
|
||||||
};
|
};
|
||||||
|
|
|
@ -473,6 +473,7 @@ bool ssl_options_t::has_fingerprint(boost::asio::ssl::verify_context &ctx) const
|
||||||
bool ssl_options_t::handshake(
|
bool ssl_options_t::handshake(
|
||||||
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
|
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
|
||||||
boost::asio::ssl::stream_base::handshake_type type,
|
boost::asio::ssl::stream_base::handshake_type type,
|
||||||
|
boost::asio::const_buffer buffer,
|
||||||
const std::string& host,
|
const std::string& host,
|
||||||
std::chrono::milliseconds timeout) const
|
std::chrono::milliseconds timeout) const
|
||||||
{
|
{
|
||||||
|
@ -530,7 +531,7 @@ bool ssl_options_t::handshake(
|
||||||
});
|
});
|
||||||
|
|
||||||
boost::system::error_code ec = boost::asio::error::would_block;
|
boost::system::error_code ec = boost::asio::error::would_block;
|
||||||
socket.async_handshake(type, boost::lambda::var(ec) = boost::lambda::_1);
|
socket.async_handshake(type, boost::asio::buffer(buffer), boost::lambda::var(ec) = boost::lambda::_1);
|
||||||
if (io_service.stopped())
|
if (io_service.stopped())
|
||||||
{
|
{
|
||||||
io_service.reset();
|
io_service.reset();
|
||||||
|
|
Loading…
Reference in New Issue