Lines Matching refs:sock
106 tls_read_start(isc_nmsocket_t *restrict sock);
109 tls_read_stop(isc_nmsocket_t *sock);
112 tls_failed_read_cb(isc_nmsocket_t *sock, const isc_result_t result);
115 tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
123 async_tls_do_bio(isc_nmsocket_t *sock);
135 tls_keep_client_tls_session(isc_nmsocket_t *sock);
149 inactive(isc_nmsocket_t *sock) {
150 return !isc__nmsocket_active(sock) || sock->closing ||
151 sock->outerhandle == NULL ||
152 !isc__nmsocket_active(sock->outerhandle->sock) ||
153 sock->outerhandle->sock->closing ||
154 isc__nm_closing(sock->worker);
158 tls_call_connect_cb(isc_nmsocket_t *sock, isc_nmhandle_t *handle,
160 INSIST(sock->connect_cb != NULL);
161 sock->connect_cb(handle, result, sock->connect_cbarg);
163 isc__nmsocket_clearcb(handle->sock);
178 REQUIRE(VALID_NMSOCK(handle->sock));
212 handle->sock->worker->mctx);
219 isc_mem_put(handle->sock->worker->mctx, send_req,
264 tls_failed_read_cb(isc_nmsocket_t *sock, isc_result_t result) {
265 REQUIRE(VALID_NMSOCK(sock));
269 if (!sock->tlsstream.server &&
270 (sock->tlsstream.state == TLS_INIT ||
271 sock->tlsstream.state == TLS_HANDSHAKE) &&
272 sock->connect_cb != NULL)
275 INSIST(sock->statichandle == NULL);
276 handle = isc__nmhandle_get(sock, &sock->peer, &sock->iface);
277 tls_call_connect_cb(sock, handle, result);
278 isc__nmsocket_clearcb(sock);
283 isc__nmsocket_timer_stop(sock);
286 if (sock->statichandle == NULL) {
291 if (sock->client && result == ISC_R_TIMEDOUT) {
292 INSIST(sock->statichandle != NULL);
294 if (sock->recv_cb != NULL) {
295 isc__nm_uvreq_t *req = isc__nm_get_read_req(sock, NULL);
296 isc__nm_readcb(sock, req, ISC_R_TIMEDOUT, false);
299 if (isc__nmsocket_timer_running(sock)) {
304 isc__nmsocket_clearcb(sock);
315 if (sock->recv_cb != NULL) {
316 isc__nm_uvreq_t *req = isc__nm_get_read_req(sock, NULL);
317 isc__nmsocket_clearcb(sock);
318 isc__nm_readcb(sock, req, result, false);
322 isc__nmsocket_prep_destroy(sock);
326 isc__nm_tls_failed_read_cb(isc_nmsocket_t *sock, isc_result_t result,
328 if (!inactive(sock) && sock->tlsstream.state == TLS_IO) {
329 tls_do_bio(sock, NULL, NULL, true);
333 tls_failed_read_cb(sock, result);
338 isc_nmsocket_t *sock = arg;
340 REQUIRE(VALID_NMSOCK(sock));
342 tls_do_bio(sock, NULL, NULL, false);
344 isc__nmsocket_detach(&sock);
348 async_tls_do_bio(isc_nmsocket_t *sock) {
349 isc__nmsocket_attach(sock, &(isc_nmsocket_t *){ NULL });
350 isc_async_run(sock->worker->loop, tls_do_bio_cb, sock);
354 tls_send_outgoing(isc_nmsocket_t *sock, bool finish, isc_nmhandle_t *tlshandle,
362 bool shutting_down = isc__nm_closing(sock->worker);
364 if (shutting_down || inactive(sock)) {
375 tls_try_shutdown(sock->tlsstream.tls, false);
376 tls_keep_client_tls_session(sock);
379 pending = BIO_pending(sock->tlsstream.bio_out);
385 if (sock->tlsstream.send_req != NULL) {
386 send_req = sock->tlsstream.send_req;
388 sock->tlsstream.send_req = NULL;
390 send_req = isc_mem_get(sock->worker->mctx, sizeof(*send_req));
398 isc_buffer_setmctx(&send_req->data, sock->worker->mctx);
402 isc__nmsocket_attach(sock, &send_req->tlssock);
412 rv = BIO_read_ex(sock->tlsstream.bio_out,
417 INSIST(VALID_NMHANDLE(sock->outerhandle));
419 sock->tlsstream.nsending++;
421 isc_nm_send(sock->outerhandle, &used_region, tls_senddone, send_req);
427 tls_process_outgoing(isc_nmsocket_t *sock, bool finish,
431 bool received_shutdown = ((SSL_get_shutdown(sock->tlsstream.tls) &
433 bool sent_shutdown = ((SSL_get_shutdown(sock->tlsstream.tls) &
442 pending = tls_send_outgoing(sock, finish, send_data->handle,
446 pending = tls_send_outgoing(sock, finish, NULL, NULL, NULL);
453 tls_try_handshake(isc_nmsocket_t *sock, isc_result_t *presult) {
454 REQUIRE(sock->tlsstream.state == TLS_HANDSHAKE);
456 if (SSL_is_init_finished(sock->tlsstream.tls) == 1) {
460 int rv = SSL_do_handshake(sock->tlsstream.tls);
465 REQUIRE(sock->statichandle == NULL);
466 INSIST(SSL_is_init_finished(sock->tlsstream.tls) == 1);
468 isc__nmsocket_log_tls_session_reuse(sock, sock->tlsstream.tls);
469 tlshandle = isc__nmhandle_get(sock, &sock->peer, &sock->iface);
470 isc__nmsocket_timer_stop(sock);
471 tls_read_stop(sock);
473 if (isc__nm_closing(sock->worker)) {
477 if (sock->tlsstream.server) {
489 result = sock->accept_cb(tlshandle, result,
490 sock->accept_cbarg);
493 tls_call_connect_cb(sock, tlshandle, result);
496 sock->tlsstream.state = TLS_IO;
507 tls_try_to_close_unused_socket(isc_nmsocket_t *sock) {
508 if (sock->tlsstream.state > TLS_HANDSHAKE &&
509 sock->statichandle == NULL && sock->tlsstream.nsending == 0)
516 isc__nmsocket_prep_destroy(sock);
524 tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
532 REQUIRE(VALID_NMSOCK(sock));
533 REQUIRE(sock->tid == isc_tid());
556 if (sock->tlsstream.state == TLS_INIT) {
558 if (sock->tlsstream.server) {
559 SSL_set_accept_state(sock->tlsstream.tls);
561 SSL_set_connect_state(sock->tlsstream.tls);
563 sock->tlsstream.state = TLS_HANDSHAKE;
564 rv = tls_try_handshake(sock, NULL);
565 INSIST(SSL_is_init_finished(sock->tlsstream.tls) == 0);
566 isc__nmsocket_timer_restart(sock);
567 } else if (sock->tlsstream.state == TLS_CLOSED) {
572 rv = BIO_write_ex(sock->tlsstream.bio_in,
587 if (sock->tlsstream.state == TLS_HANDSHAKE) {
589 rv = tls_try_handshake(sock, &hs_result);
590 if (sock->tlsstream.state == TLS_IO &&
600 sock->tlsstream.tls) ==
607 INSIST(sock->tlsstream.state > TLS_HANDSHAKE);
609 ((SSL_get_shutdown(sock->tlsstream.tls) &
612 ((SSL_get_shutdown(sock->tlsstream.tls) &
640 rv = SSL_write_ex(sock->tlsstream.tls, sendbuf,
647 rv = SSL_write_ex(sock->tlsstream.tls,
667 if (sock->tlsstream.state >= TLS_IO && sock->recv_cb != NULL &&
668 sock->statichandle != NULL && sock->reading && !finish)
672 INSIST(sock->tlsstream.state > TLS_HANDSHAKE);
673 while ((rv = SSL_read_ex(sock->tlsstream.tls, recv_buf,
681 INSIST(VALID_NMHANDLE(sock->statichandle));
682 sock->recv_cb(sock->statichandle, ISC_R_SUCCESS,
683 ®ion, sock->recv_cbarg);
685 * sock->recv_cb, making the sock->statichandle
693 if (sock->statichandle == NULL) {
696 } else if (sock->recv_cb == NULL) {
698 * The 'sock->recv_cb' might have been
700 * 'sock->recv_cb'. That could happen,
710 } else if (!sock->reading) {
720 if (was_new_data && !sock->manual_read_timer) {
726 isc__nmsocket_timer_stop(sock);
736 * 'sock->manual_read_timer' value.
739 isc__nmsocket_timer_stop(sock);
743 tls_status = SSL_get_error(sock->tlsstream.tls, rv);
767 pending = tls_process_outgoing(sock, finish, send_data);
775 (void)tls_try_to_close_unused_socket(sock);
778 if (sock->tlsstream.nsending == 0) {
783 async_tls_do_bio(sock);
787 if (tls_try_to_close_unused_socket(sock) ||
788 sock->outerhandle == NULL)
791 } else if (sock->reading == false &&
792 sock->tlsstream.state == TLS_HANDSHAKE)
796 * 'sock->reading == false'. It will be stopped when
799 tls_read_start(sock);
801 } else if (sock->reading == false) {
805 tls_read_start(sock);
808 result = tls_error_to_result(tls_status, sock->tlsstream.state,
809 sock->tlsstream.tls);
815 isc__nmsocket_log(sock, ISC_LOG_NOTICE,
822 tls_failed_read_cb(sock, result);
837 } else if (isc__nmsocket_closing(handle->sock)) {
847 initialize_tls(isc_nmsocket_t *sock, bool server) {
848 REQUIRE(sock->tid == isc_tid());
850 sock->tlsstream.bio_in = BIO_new(BIO_s_mem());
851 if (sock->tlsstream.bio_in == NULL) {
852 isc_tls_free(&sock->tlsstream.tls);
855 sock->tlsstream.bio_out = BIO_new(BIO_s_mem());
856 if (sock->tlsstream.bio_out == NULL) {
857 BIO_free_all(sock->tlsstream.bio_in);
858 sock->tlsstream.bio_in = NULL;
859 isc_tls_free(&sock->tlsstream.tls);
863 if (BIO_set_mem_eof_return(sock->tlsstream.bio_in, EOF) != 1 ||
864 BIO_set_mem_eof_return(sock->tlsstream.bio_out, EOF) != 1)
869 SSL_set_bio(sock->tlsstream.tls, sock->tlsstream.bio_in,
870 sock->tlsstream.bio_out);
871 sock->tlsstream.server = server;
872 sock->tlsstream.nsending = 0;
873 sock->tlsstream.state = TLS_INIT;
874 if (sock->tlsstream.sni_hostname != NULL) {
875 INSIST(sock->client);
877 sock->tlsstream.tls, sock->tlsstream.sni_hostname);
884 isc_tls_free(&sock->tlsstream.tls);
885 sock->tlsstream.bio_out = sock->tlsstream.bio_in = NULL;
913 REQUIRE(VALID_NMSOCK(handle->sock));
917 if (isc__nm_closing(handle->sock->worker)) {
919 } else if (isc__nmsocket_closing(handle->sock)) {
927 tlssock = isc_mempool_get(handle->sock->worker->nmsocket_pool);
928 isc__nmsocket_init(tlssock, handle->sock->worker, isc_nm_tlssocket,
946 isc__nmsocket_attach(handle->sock, &tlssock->listener);
950 atomic_load_relaxed(&handle->sock->worker->netmgr->init);
956 handle->sock->tlsstream.tlssocket = tlssock;
1019 /* copy the actual port we're listening on into sock->iface */
1047 isc_nmsocket_t *sock = req->sock;
1049 REQUIRE(VALID_NMSOCK(sock));
1050 REQUIRE(sock->tid == isc_tid());
1052 if (isc__nm_closing(sock->worker)) {
1055 } else if (inactive(sock)) {
1060 tls_do_bio(sock, NULL, req, false);
1070 isc_nmsocket_t *sock = NULL;
1073 REQUIRE(VALID_NMSOCK(handle->sock));
1075 sock = handle->sock;
1077 REQUIRE(sock->type == isc_nm_tlssocket);
1079 uvreq = isc__nm_uvreq_get(sock);
1089 isc_job_run(sock->worker->loop, &uvreq->job, tls_send_direct, uvreq);
1106 isc_nmsocket_t *sock = NULL;
1110 sock = handle->sock;
1111 REQUIRE(VALID_NMSOCK(sock));
1112 REQUIRE(sock->statichandle == handle);
1113 REQUIRE(sock->tid == isc_tid());
1115 if (isc__nm_closing(sock->worker)) {
1118 } else if (inactive(sock)) {
1123 sock->recv_cb = cb;
1124 sock->recv_cbarg = cbarg;
1125 sock->reading = true;
1127 async_tls_do_bio(sock);
1131 tls_read_start(isc_nmsocket_t *restrict sock) {
1132 if (sock->tlsstream.reading) {
1135 sock->tlsstream.reading = true;
1137 INSIST(VALID_NMHANDLE(sock->outerhandle));
1139 isc_nm_read(sock->outerhandle, tls_readcb, sock);
1140 if (!sock->manual_read_timer) {
1141 isc__nmsocket_timer_start(sock);
1146 tls_read_stop(isc_nmsocket_t *sock) {
1147 sock->tlsstream.reading = false;
1148 if (sock->outerhandle != NULL) {
1149 isc_nm_read_stop(sock->outerhandle);
1156 REQUIRE(VALID_NMSOCK(handle->sock));
1158 handle->sock->reading = false;
1160 if (!handle->sock->manual_read_timer) {
1161 isc__nmsocket_timer_stop(handle->sock);
1164 tls_read_stop(handle->sock);
1168 isc__nm_tls_close(isc_nmsocket_t *sock) {
1169 REQUIRE(VALID_NMSOCK(sock));
1170 REQUIRE(sock->type == isc_nm_tlssocket);
1171 REQUIRE(!sock->closing);
1172 REQUIRE(sock->tid == isc_tid());
1173 REQUIRE(!sock->closed);
1174 REQUIRE(!sock->closing);
1176 sock->closing = true;
1182 tls_read_stop(sock);
1183 if (sock->outerhandle != NULL) {
1184 isc__nmsocket_timer_stop(sock);
1185 isc_nm_read_stop(sock->outerhandle);
1186 isc_nmhandle_close(sock->outerhandle);
1187 isc_nmhandle_detach(&sock->outerhandle);
1190 if (sock->listener != NULL) {
1191 isc__nmsocket_detach(&sock->listener);
1194 if (sock->server != NULL) {
1195 isc__nmsocket_detach(&sock->server);
1199 sock->closed = true;
1200 sock->active = false;
1201 sock->tlsstream.state = TLS_CLOSED;
1205 isc__nm_tls_stoplistening(isc_nmsocket_t *sock) {
1206 REQUIRE(VALID_NMSOCK(sock));
1207 REQUIRE(sock->type == isc_nm_tlslistener);
1208 REQUIRE(sock->tlsstream.tls == NULL);
1209 REQUIRE(sock->tlsstream.ctx == NULL);
1211 isc__nmsocket_stop(sock);
1224 isc_nmsocket_t *sock = NULL;
1236 sock = isc_mempool_get(worker->nmsocket_pool);
1237 isc__nmsocket_init(sock, worker, isc_nm_tlssocket, local, NULL);
1238 sock->connect_cb = connect_cb;
1239 sock->connect_cbarg = connect_cbarg;
1240 sock->connect_timeout = timeout;
1241 isc_tlsctx_attach(ctx, &sock->tlsstream.ctx);
1243 sock->tlsstream.sni_hostname =
1244 isc_mem_strdup(sock->worker->mctx, sni_hostname);
1246 sock->client = true;
1251 client_sess_cache, &sock->tlsstream.client_sess_cache);
1255 isc_nm_proxystreamconnect(mgr, local, peer, tcp_connected, sock,
1256 sock->connect_timeout, NULL, NULL,
1259 isc_nm_tcpconnect(mgr, local, peer, tcp_connected, sock,
1260 sock->connect_timeout);
1285 } else if (isc__nmsocket_closing(handle->sock)) {
1317 handle->sock->tlsstream.tlssocket = tlssock;
1333 isc__nm_tls_cleanup_data(isc_nmsocket_t *sock) {
1334 if ((sock->type == isc_nm_tcplistener ||
1335 sock->type == isc_nm_proxystreamlistener) &&
1336 sock->tlsstream.tlslistener != NULL)
1338 isc__nmsocket_detach(&sock->tlsstream.tlslistener);
1339 } else if (sock->type == isc_nm_tlslistener) {
1340 tls_cleanup_listener_tlsctx(sock);
1341 } else if (sock->type == isc_nm_tlssocket) {
1342 if (sock->tlsstream.tls != NULL) {
1347 tls_try_shutdown(sock->tlsstream.tls, true);
1348 tls_keep_client_tls_session(sock);
1349 isc_tls_free(&sock->tlsstream.tls);
1351 sock->tlsstream.bio_out = NULL;
1352 sock->tlsstream.bio_in = NULL;
1354 if (sock->tlsstream.ctx != NULL) {
1355 isc_tlsctx_free(&sock->tlsstream.ctx);
1357 if (sock->tlsstream.sni_hostname != NULL) {
1358 isc_mem_free(sock->worker->mctx,
1359 sock->tlsstream.sni_hostname);
1361 if (sock->tlsstream.client_sess_cache != NULL) {
1362 INSIST(sock->client);
1364 &sock->tlsstream.client_sess_cache);
1367 if (sock->tlsstream.send_req != NULL) {
1368 isc_buffer_clearmctx(&sock->tlsstream.send_req->data);
1369 isc_buffer_invalidate(&sock->tlsstream.send_req->data);
1370 isc_mem_put(sock->worker->mctx,
1371 sock->tlsstream.send_req,
1372 sizeof(*sock->tlsstream.send_req));
1374 } else if ((sock->type == isc_nm_tcpsocket ||
1375 sock->type == isc_nm_proxystreamsocket) &&
1376 sock->tlsstream.tlssocket != NULL)
1382 isc__nmsocket_detach(&sock->tlsstream.tlssocket);
1388 isc_nmsocket_t *sock = NULL;
1391 REQUIRE(VALID_NMSOCK(handle->sock));
1392 REQUIRE(handle->sock->type == isc_nm_tlssocket);
1394 sock = handle->sock;
1395 if (sock->outerhandle != NULL) {
1396 INSIST(VALID_NMHANDLE(sock->outerhandle));
1397 isc_nmhandle_cleartimeout(sock->outerhandle);
1403 isc_nmsocket_t *sock = NULL;
1406 REQUIRE(VALID_NMSOCK(handle->sock));
1407 REQUIRE(handle->sock->type == isc_nm_tlssocket);
1409 sock = handle->sock;
1410 if (sock->outerhandle != NULL) {
1411 INSIST(VALID_NMHANDLE(sock->outerhandle));
1412 isc_nmhandle_settimeout(sock->outerhandle, timeout);
1418 isc_nmsocket_t *sock = NULL;
1421 REQUIRE(VALID_NMSOCK(handle->sock));
1422 REQUIRE(handle->sock->type == isc_nm_tlssocket);
1424 sock = handle->sock;
1425 if (sock->outerhandle != NULL) {
1426 INSIST(VALID_NMHANDLE(sock->outerhandle));
1428 isc_nmhandle_keepalive(sock->outerhandle, value);
1435 isc_nmsocket_t *sock = NULL;
1438 REQUIRE(VALID_NMSOCK(handle->sock));
1439 REQUIRE(handle->sock->type == isc_nm_tlssocket);
1441 sock = handle->sock;
1442 if (sock->outerhandle != NULL) {
1443 INSIST(VALID_NMHANDLE(sock->outerhandle));
1445 isc_nmhandle_setwritetimeout(sock->outerhandle, write_timeout);
1450 isc__nmsocket_tls_reset(isc_nmsocket_t *sock) {
1451 REQUIRE(VALID_NMSOCK(sock));
1452 REQUIRE(sock->type == isc_nm_tlssocket);
1454 if (sock->outerhandle != NULL) {
1455 INSIST(VALID_NMHANDLE(sock->outerhandle));
1456 REQUIRE(VALID_NMSOCK(sock->outerhandle->sock));
1457 isc__nmsocket_reset(sock->outerhandle->sock);
1462 isc__nmsocket_tls_timer_running(isc_nmsocket_t *sock) {
1463 REQUIRE(VALID_NMSOCK(sock));
1464 REQUIRE(sock->type == isc_nm_tlssocket);
1466 if (sock->outerhandle != NULL) {
1467 INSIST(VALID_NMHANDLE(sock->outerhandle));
1468 REQUIRE(VALID_NMSOCK(sock->outerhandle->sock));
1469 return isc__nmsocket_timer_running(sock->outerhandle->sock);
1476 isc__nmsocket_tls_timer_restart(isc_nmsocket_t *sock) {
1477 REQUIRE(VALID_NMSOCK(sock));
1478 REQUIRE(sock->type == isc_nm_tlssocket);
1480 if (sock->outerhandle != NULL) {
1481 INSIST(VALID_NMHANDLE(sock->outerhandle));
1482 REQUIRE(VALID_NMSOCK(sock->outerhandle->sock));
1483 isc__nmsocket_timer_restart(sock->outerhandle->sock);
1488 isc__nmsocket_tls_timer_stop(isc_nmsocket_t *sock) {
1489 REQUIRE(VALID_NMSOCK(sock));
1490 REQUIRE(sock->type == isc_nm_tlssocket);
1492 if (sock->outerhandle != NULL) {
1493 INSIST(VALID_NMHANDLE(sock->outerhandle));
1494 REQUIRE(VALID_NMSOCK(sock->outerhandle->sock));
1495 isc__nmsocket_timer_stop(sock->outerhandle->sock);
1501 isc_nmsocket_t *sock = NULL;
1504 REQUIRE(VALID_NMSOCK(handle->sock));
1505 REQUIRE(handle->sock->type == isc_nm_tlssocket);
1507 sock = handle->sock;
1508 if (sock->tlsstream.tls == NULL) {
1512 return isc_tls_verify_peer_result_string(sock->tlsstream.tls);
1575 tls_keep_client_tls_session(isc_nmsocket_t *sock) {
1580 REQUIRE(sock->tid == isc_tid());
1581 if (sock->tlsstream.client_sess_cache != NULL &&
1582 sock->tlsstream.client_session_saved == false)
1584 INSIST(sock->client);
1586 sock->tlsstream.client_sess_cache, &sock->peer,
1587 sock->tlsstream.tls);
1588 sock->tlsstream.client_session_saved = true;
1603 isc_nmsocket_t *sock;
1606 sock = handle->sock;
1607 REQUIRE(VALID_NMSOCK(sock));
1608 REQUIRE(sock->type == isc_nm_tlssocket);
1609 REQUIRE(sock->tid == isc_tid());
1611 sock->manual_read_timer = manual;
1618 isc_nmsocket_t *sock;
1621 sock = handle->sock;
1622 REQUIRE(VALID_NMSOCK(sock));
1623 REQUIRE(sock->type == isc_nm_tlssocket);
1624 REQUIRE(sock->tid == isc_tid());
1626 isc_tls_get_selected_alpn(sock->tlsstream.tls, alpn, alpnlen);
1631 isc_nmsocket_t *sock = NULL;
1635 REQUIRE(VALID_NMSOCK(handle->sock));
1636 REQUIRE(handle->sock->type == isc_nm_tlssocket);
1638 sock = handle->sock;
1639 if (sock->outerhandle != NULL) {
1640 INSIST(VALID_NMHANDLE(sock->outerhandle));
1642 if (value == sock->tlsstream.tcp_nodelay_value) {
1645 result = isc_nmhandle_set_tcp_nodelay(sock->outerhandle,
1648 sock->tlsstream.tcp_nodelay_value = value;
Indexes created Sat Feb 28 05:31:39 UTC 2026