|
Packit |
549fdc |
/*
|
|
Packit |
549fdc |
* Copyright (C) 2009-2012 Free Software Foundation, Inc.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Author: Jonathan Bastien-Filiatrault
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This file is part of GNUTLS.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* The GNUTLS library is free software; you can redistribute it and/or
|
|
Packit |
549fdc |
* modify it under the terms of the GNU Lesser General Public License
|
|
Packit |
549fdc |
* as published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
549fdc |
* the License, or (at your option) any later version.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This library is distributed in the hope that it will be useful, but
|
|
Packit |
549fdc |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
549fdc |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
549fdc |
* Lesser General Public License for more details.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
549fdc |
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#ifndef DTLS_H
|
|
Packit |
549fdc |
#define DTLS_H
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#include <config.h>
|
|
Packit |
549fdc |
#include "gnutls_int.h"
|
|
Packit |
549fdc |
#include <buffers.h>
|
|
Packit |
549fdc |
#include <mbuffers.h>
|
|
Packit |
549fdc |
#include <constate.h>
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
int _dtls_transmit(gnutls_session_t session);
|
|
Packit |
549fdc |
int _dtls_record_check(struct record_parameters_st *rp, gnutls_uint64 * _seq);
|
|
Packit |
549fdc |
void _dtls_reset_hsk_state(gnutls_session_t session);
|
|
Packit |
549fdc |
void _dtls_reset_window(struct record_parameters_st *rp);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#define MAX_DTLS_TIMEOUT 60000
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#define RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, r) { \
|
|
Packit |
549fdc |
struct timespec _now; \
|
|
Packit |
549fdc |
unsigned int _diff; \
|
|
Packit |
549fdc |
gettime(&_now); \
|
|
Packit |
549fdc |
\
|
|
Packit |
549fdc |
_diff = timespec_sub_ms(&_now, &session->internals.handshake_start_time); \
|
|
Packit |
549fdc |
if (_diff > session->internals.handshake_timeout_ms) \
|
|
Packit |
549fdc |
{ \
|
|
Packit |
549fdc |
_gnutls_dtls_log("Session timeout: %u ms\n", _diff); \
|
|
Packit |
549fdc |
return gnutls_assert_val(GNUTLS_E_TIMEDOUT); \
|
|
Packit |
549fdc |
} \
|
|
Packit |
549fdc |
else \
|
|
Packit |
549fdc |
{ \
|
|
Packit |
549fdc |
int _rr; \
|
|
Packit |
549fdc |
if (r != GNUTLS_E_INTERRUPTED) _rr = GNUTLS_E_AGAIN; \
|
|
Packit |
549fdc |
else _rr = r; \
|
|
Packit |
549fdc |
if (!(session->internals.flags & GNUTLS_NONBLOCK)) \
|
|
Packit |
549fdc |
millisleep(50); \
|
|
Packit |
549fdc |
return gnutls_assert_val(_rr); \
|
|
Packit |
549fdc |
} \
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
int _dtls_wait_and_retransmit(gnutls_session_t session);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* returns true or false depending on whether we need to
|
|
Packit |
549fdc |
* handle asynchronously handshake data.
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
inline static int _dtls_is_async(gnutls_session_t session)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
if ((session->security_parameters.entity == GNUTLS_SERVER
|
|
Packit |
549fdc |
&& session->internals.resumed == RESUME_FALSE)
|
|
Packit |
549fdc |
|| (session->security_parameters.entity == GNUTLS_CLIENT
|
|
Packit |
549fdc |
&& session->internals.resumed == RESUME_TRUE))
|
|
Packit |
549fdc |
return 1;
|
|
Packit |
549fdc |
else
|
|
Packit |
549fdc |
return 0;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
inline static void _dtls_async_timer_init(gnutls_session_t session)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
if (_dtls_is_async(session)) {
|
|
Packit |
549fdc |
_gnutls_dtls_log
|
|
Packit |
549fdc |
("DTLS[%p]: Initializing timer for handshake state.\n",
|
|
Packit |
549fdc |
session);
|
|
Packit |
549fdc |
session->internals.dtls.async_term =
|
|
Packit |
549fdc |
gnutls_time(0) + MAX_DTLS_TIMEOUT / 1000;
|
|
Packit |
549fdc |
} else {
|
|
Packit |
549fdc |
_dtls_reset_hsk_state(session);
|
|
Packit |
549fdc |
_gnutls_handshake_io_buffer_clear(session);
|
|
Packit |
549fdc |
_gnutls_epoch_gc(session);
|
|
Packit |
549fdc |
session->internals.dtls.async_term = 0;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
void _dtls_async_timer_delete(gnutls_session_t session);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* Checks whether it is time to terminate the timer
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
inline static void _dtls_async_timer_check(gnutls_session_t session)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
if (!IS_DTLS(session))
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (session->internals.dtls.async_term != 0) {
|
|
Packit |
549fdc |
time_t _now = time(0);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* check if we need to expire the queued handshake data */
|
|
Packit |
549fdc |
if (_now > session->internals.dtls.async_term) {
|
|
Packit |
549fdc |
_dtls_async_timer_delete(session);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
unsigned _gnutls_record_overhead(const cipher_entry_st * cipher,
|
|
Packit |
549fdc |
const mac_entry_st * mac,
|
|
Packit |
549fdc |
unsigned max);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* Returns non-zero if the async timer is active */
|
|
Packit |
549fdc |
inline static int _dtls_async_timer_active(gnutls_session_t session)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
if (!IS_DTLS(session))
|
|
Packit |
549fdc |
return 0;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
return session->internals.dtls.async_term;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* This function is to be called from record layer once
|
|
Packit |
549fdc |
* a handshake replay is detected. It will make sure
|
|
Packit |
549fdc |
* it transmits only once per few seconds. Otherwise
|
|
Packit |
549fdc |
* it is the same as _dtls_transmit().
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
inline static int _dtls_retransmit(gnutls_session_t session)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
return _dtls_transmit(session);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#endif
|