Updated Branches: refs/heads/master f753ff583 -> aa09ec6d9
TS-841 Fix SSL/NPN when accept threads are disabled. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/aa09ec6d Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/aa09ec6d Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/aa09ec6d Branch: refs/heads/master Commit: aa09ec6d95fab7c1040eb8da6e327e2d0e2c2c9a Parents: f753ff5 Author: Leif Hedstrom <[email protected]> Authored: Mon Feb 20 11:51:20 2012 -0700 Committer: Leif Hedstrom <[email protected]> Committed: Mon Feb 20 11:51:20 2012 -0700 ---------------------------------------------------------------------- iocore/net/P_SSLNetVConnection.h | 46 +-------------------------------- iocore/net/SSLNetVConnection.cc | 20 ++++++-------- 2 files changed, 10 insertions(+), 56 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/aa09ec6d/iocore/net/P_SSLNetVConnection.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index 90c0fb6..00247d6 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -123,8 +123,7 @@ public: X509 *client_cert; X509 *server_cert; - static int advertise_next_protocol(SSL *ssl, - const unsigned char **out, unsigned int *outlen, void *arg); + static int advertise_next_protocol(SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg); Continuation * endpoint() const { return npnEndpoint; @@ -144,47 +143,4 @@ typedef int (SSLNetVConnection::*SSLNetVConnHandler) (int, void *); extern ClassAllocator<SSLNetVConnection> sslNetVCAllocator; -// -// Local functions -// - - -static inline SSLNetVConnection * -new_SSLNetVConnection(EThread * thread) -{ - NOWARN_UNUSED(thread); - NET_SUM_GLOBAL_DYN_STAT(net_connections_currently_open_stat, 1); - SSLNetVConnection *vc = sslNetVCAllocator.alloc(); - vc->connect_calls = 0; - vc->write_calls = 0; - vc->read_calls = 0; - vc->accept_calls = 0; - vc->connect_want_write = 0; - vc->connect_want_read = 0; - vc->connect_want_connect = 0; - vc->connect_want_ssl = 0; - vc->connect_want_syscal = 0; - vc->connect_want_accept = 0; - vc->connect_want_x509 = 0; - vc->connect_error_zero = 0; - vc->read_want_write = 0; - vc->read_want_read = 0; - vc->read_want_ssl = 0; - vc->read_want_syscal = 0; - vc->read_want_x509 = 0; - vc->read_error_zero = 0; - vc->write_want_write = 0; - vc->write_want_read = 0; - vc->write_want_ssl = 0; - vc->write_want_syscal = 0; - vc->write_want_x509 = 0; - vc->write_error_zero = 0; - - vc->ssl = NULL; - vc->setSSLHandShakeComplete(0); - vc->id = net_next_connection_number(); - return vc; -} - - #endif /* _SSLNetVConnection_h_ */ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/aa09ec6d/iocore/net/SSLNetVConnection.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index 7d7597a..ab05a43 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -427,8 +427,8 @@ SSLNetVConnection::SSLNetVConnection(): write_error_zero(0), sslHandShakeComplete(false), sslClientConnection(false), - npnSet(0), - npnEndpoint(0) + npnSet(NULL), + npnEndpoint(NULL) { ssl = NULL; } @@ -479,8 +479,9 @@ SSLNetVConnection::free(EThread * t) { SSL_free(ssl); ssl = NULL; } - sslHandShakeComplete = 0; - sslClientConnection = 0; + sslHandShakeComplete = false; + sslClientConnection = false; + npnSet = NULL; if (from_accept_thread) { sslNetVCAllocator.free(this); @@ -557,22 +558,19 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err) sslHandShakeComplete = 1; #if TS_USE_TLS_NPN - if (diags->on("ssl")) { const unsigned char * proto = NULL; unsigned len = 0; SSL_get0_next_proto_negotiated(ssl, &proto, &len); if (len) { + if (this->npnSet) { + this->npnEndpoint = this->npnSet->findEndpoint(proto, len); + this->npnSet = NULL; + } Debug("ssl", "client selected next protocol %.*s", len, proto); } else { Debug("ssl", "client did not select a next protocol"); } - - if (len && this->npnSet) { - this->npnEndpoint = this->npnSet->findEndpoint(proto, len); - this->npnSet = NULL; - } - } #endif /* TS_USE_TLS_NPN */ return EVENT_DONE;
