--- /dev/null
+/*
+ * sslRingBufferThreads.cpp - SecureTransport client and server thread
+ * routines which use ringBufferIo for I/O (no sockets).
+ */
+
+#include "sslRingBufferThreads.h"
+#include <stdlib.h>
+#include <pthread.h>
+#include <stdio.h>
+#include <strings.h>
+#include <clAppUtils/sslAppUtils.h>
+#include <utilLib/common.h>
+
+#define LOG_TOP_IO 0
+#if LOG_TOP_IO
+
+static void logWrite(
+ char *who,
+ size_t written)
+{
+ pthread_mutex_lock(&printfMutex);
+ printf("+++ %s wrote %4lu bytes\n", who, (unsigned long)written);
+ pthread_mutex_unlock(&printfMutex);
+}
+
+static void logRead(
+ char *who,
+ size_t bytesRead)
+{
+ pthread_mutex_lock(&printfMutex);
+ printf("+++ %s read %4lu bytes\n", who, (unsigned long)bytesRead);
+ pthread_mutex_unlock(&printfMutex);
+}
+
+#else /* LOG_TOP_IO */
+#define logWrite(who, w)
+#define logRead(who, r)
+#endif /* LOG_TOP_IO */
+
+/* client thread - handshake and write a ton of data */
+void *sslRbClientThread(void *arg)
+{
+ SslRingBufferArgs *sslArgs = (SslRingBufferArgs *)arg;
+ OSStatus ortn;
+ SSLContextRef ctx = NULL;
+ RingBuffers ringBufs = {sslArgs->ringRead, sslArgs->ringWrite};
+ unsigned toMove = 0;
+ unsigned thisMove;
+
+ ortn = SSLNewContext(false, &ctx);
+ if(ortn) {
+ printSslErrStr("SSLNewContext", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetIOFuncs(ctx, ringReadFunc, ringWriteFunc);
+ if(ortn) {
+ printSslErrStr("SSLSetIOFuncs", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetConnection(ctx, (SSLConnectionRef)&ringBufs);
+ if(ortn) {
+ printSslErrStr("SSLSetConnection", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetEnabledCiphers(ctx, &sslArgs->cipherSuite, 1);
+ if(ortn) {
+ printSslErrStr("SSLSetEnabledCiphers", ortn);
+ goto cleanup;
+ }
+ if(sslArgs->idArray) {
+ ortn = SSLSetCertificate(ctx, sslArgs->idArray);
+ if(ortn) {
+ printSslErrStr("SSLSetCertificate", ortn);
+ goto cleanup;
+ }
+ }
+ if(sslArgs->trustedRoots) {
+ ortn = SSLSetTrustedRoots(ctx, sslArgs->trustedRoots, true);
+ if(ortn) {
+ printSslErrStr("SSLSetTrustedRoots", ortn);
+ goto cleanup;
+ }
+ }
+ SSLSetProtocolVersionEnabled(ctx, kSSLProtocolAll, false);
+ ortn = SSLSetProtocolVersionEnabled(ctx, sslArgs->prot, true);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersionEnabled", ortn);
+ goto cleanup;
+ }
+
+ /* tell main thread we're ready; wait for sync flag */
+ sslArgs->iAmReady = true;
+ while(!(*sslArgs->goFlag)) {
+ if(*sslArgs->abortFlag) {
+ goto cleanup;
+ }
+ }
+
+ /* GO handshake */
+ sslArgs->startHandshake = CFAbsoluteTimeGetCurrent();
+ do {
+ ortn = SSLHandshake(ctx);
+ if(*sslArgs->abortFlag) {
+ goto cleanup;
+ }
+ } while (ortn == errSSLWouldBlock);
+
+ if(ortn) {
+ printSslErrStr("SSLHandshake", ortn);
+ goto cleanup;
+ }
+
+ SSLGetNegotiatedCipher(ctx, &sslArgs->negotiatedCipher);
+ SSLGetNegotiatedProtocolVersion(ctx, &sslArgs->negotiatedProt);
+
+ sslArgs->startData = CFAbsoluteTimeGetCurrent();
+
+ toMove = sslArgs->xferSize;
+
+ if(toMove == 0) {
+ sslArgs->endData = sslArgs->startData;
+ goto cleanup;
+ }
+
+ /* GO data xfer */
+ do {
+ thisMove = sslArgs->chunkSize;
+ if(thisMove > toMove) {
+ thisMove = toMove;
+ }
+ size_t moved;
+ ortn = SSLWrite(ctx, sslArgs->xferBuf, thisMove, &moved);
+ /* should never fail - implemented as blocking */
+ if(ortn) {
+ printSslErrStr("SSLWrite", ortn);
+ goto cleanup;
+ }
+ logWrite("client", moved);
+ if(!sslArgs->runForever) {
+ toMove -= moved;
+ }
+ if(*sslArgs->abortFlag) {
+ goto cleanup;
+ }
+ } while(toMove || sslArgs->runForever);
+
+ sslArgs->endData = CFAbsoluteTimeGetCurrent();
+
+cleanup:
+ if(ortn) {
+ *sslArgs->abortFlag = true;
+ }
+ if(*sslArgs->abortFlag && sslArgs->pauseOnError) {
+ /* abort for any reason - freeze! */
+ testError(CSSM_FALSE);
+ }
+ if(ctx) {
+ SSLClose(ctx);
+ SSLDisposeContext(ctx);
+ }
+ if(ortn) {
+ printf("***Client thread returning %lu\n", (unsigned long)ortn);
+ }
+ pthread_exit((void*)ortn);
+ /* NOT REACHED */
+ return (void *)ortn;
+
+}
+
+/* server function - like clientThread except it runs from the main thread */
+/* handshake and read a ton of data */
+OSStatus sslRbServerThread(SslRingBufferArgs *sslArgs)
+{
+ OSStatus ortn;
+ SSLContextRef ctx = NULL;
+ RingBuffers ringBufs = {sslArgs->ringRead, sslArgs->ringWrite};
+ unsigned toMove = 0;
+ unsigned thisMove;
+
+ ortn = SSLNewContext(true, &ctx);
+ if(ortn) {
+ printSslErrStr("SSLNewContext", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetIOFuncs(ctx, ringReadFunc, ringWriteFunc);
+ if(ortn) {
+ printSslErrStr("SSLSetIOFuncs", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetConnection(ctx, (SSLConnectionRef)&ringBufs);
+ if(ortn) {
+ printSslErrStr("SSLSetConnection", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetEnabledCiphers(ctx, &sslArgs->cipherSuite, 1);
+ if(ortn) {
+ printSslErrStr("SSLSetEnabledCiphers", ortn);
+ goto cleanup;
+ }
+ if(sslArgs->idArray) {
+ ortn = SSLSetCertificate(ctx, sslArgs->idArray);
+ if(ortn) {
+ printSslErrStr("SSLSetCertificate", ortn);
+ goto cleanup;
+ }
+ }
+ if(sslArgs->trustedRoots) {
+ ortn = SSLSetTrustedRoots(ctx, sslArgs->trustedRoots, true);
+ if(ortn) {
+ printSslErrStr("SSLSetTrustedRoots", ortn);
+ goto cleanup;
+ }
+ }
+ SSLSetProtocolVersionEnabled(ctx, kSSLProtocolAll, false);
+ ortn = SSLSetProtocolVersionEnabled(ctx, sslArgs->prot, true);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersionEnabled", ortn);
+ goto cleanup;
+ }
+
+ /* tell client thread we're ready; wait for sync flag */
+ sslArgs->iAmReady = true;
+ while(!(*sslArgs->goFlag)) {
+ if(*sslArgs->abortFlag) {
+ goto cleanup;
+ }
+ }
+
+ /* GO handshake */
+ sslArgs->startHandshake = CFAbsoluteTimeGetCurrent();
+ do {
+ ortn = SSLHandshake(ctx);
+ if(*sslArgs->abortFlag) {
+ goto cleanup;
+ }
+ } while (ortn == errSSLWouldBlock);
+
+ if(ortn) {
+ printSslErrStr("SSLHandshake", ortn);
+ goto cleanup;
+ }
+
+ SSLGetNegotiatedCipher(ctx, &sslArgs->negotiatedCipher);
+ SSLGetNegotiatedProtocolVersion(ctx, &sslArgs->negotiatedProt);
+
+ sslArgs->startData = CFAbsoluteTimeGetCurrent();
+
+ toMove = sslArgs->xferSize;
+
+ if(toMove == 0) {
+ sslArgs->endData = sslArgs->startData;
+ goto cleanup;
+ }
+
+ /* GO data xfer */
+ do {
+ thisMove = sslArgs->xferSize;
+ if(thisMove > toMove) {
+ thisMove = toMove;
+ }
+ size_t moved;
+ ortn = SSLRead(ctx, sslArgs->xferBuf, thisMove, &moved);
+ switch(ortn) {
+ case noErr:
+ break;
+ case errSSLWouldBlock:
+ /* cool, try again */
+ ortn = noErr;
+ break;
+ default:
+ break;
+ }
+ if(ortn) {
+ printSslErrStr("SSLRead", ortn);
+ goto cleanup;
+ }
+ logRead("server", moved);
+ if(!sslArgs->runForever) {
+ toMove -= moved;
+ }
+ if(*sslArgs->abortFlag) {
+ goto cleanup;
+ }
+ } while(toMove || sslArgs->runForever);
+
+ sslArgs->endData = CFAbsoluteTimeGetCurrent();
+
+cleanup:
+ if(ortn) {
+ *sslArgs->abortFlag = true;
+ }
+ if(*sslArgs->abortFlag && sslArgs->pauseOnError) {
+ /* abort for any reason - freeze! */
+ testError(CSSM_FALSE);
+ }
+ if(ctx) {
+ SSLClose(ctx);
+ SSLDisposeContext(ctx);
+ }
+ if(ortn) {
+ printf("***Server thread returning %lu\n", (unsigned long)ortn);
+ }
+ return ortn;
+}
projects / apple / security.git / blobdiff