[vlc-commits] tls: split server-specific session creation function...
Rémi Denis-Courmont
git at videolan.org
Wed Jan 13 21:49:50 CET 2016
vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Wed Jan 13 19:16:22 2016 +0200| [32c3a6039c8e60459afd9cf561de650103d2472d] | committer: Rémi Denis-Courmont
tls: split server-specific session creation function...
...from common code. And document.
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=32c3a6039c8e60459afd9cf561de650103d2472d
---
include/vlc_tls.h | 24 +++++++++++++++++++++---
src/libvlccore.sym | 2 +-
src/network/httpd.c | 2 +-
src/network/tls.c | 30 ++++++++++++++++++------------
test/modules/misc/tls.c | 2 +-
5 files changed, 42 insertions(+), 18 deletions(-)
diff --git a/include/vlc_tls.h b/include/vlc_tls.h
index 02e3c18..8529727 100644
--- a/include/vlc_tls.h
+++ b/include/vlc_tls.h
@@ -73,9 +73,27 @@ VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd,
const char *host, const char *service,
const char *const *alpn, char **alp);
-VLC_API vlc_tls_t *vlc_tls_SessionCreate (vlc_tls_creds_t *, int fd,
- const char *host,
- const char *const *alpn);
+/**
+ * Creates a TLS server session.
+ *
+ * Allocates a Transport Layer Security (TLS) session as the server side, using
+ * cryptographic keys pair and X.509 certificates chain already loaded with
+ * vlc_tls_ServerCreate().
+ *
+ * Unlike vlc_tls_ClientSessionCreate(), this function does not perform any
+ * actual network I/O. vlc_tls_SessionHandshake() must be used to perform the
+ * TLS handshake before sending and receiving data through the TLS session.
+ *
+ * This function is non-blocking and is not a cancellation point.
+ *
+ * @param creds server credentials, i.e. keys pair and X.509 certificates chain
+ * @param alpn NULL-terminated list of Application Layer Protocols
+ * to negotiate, or NULL to not negotiate protocols
+ *
+ * @return TLS session, or NULL on error.
+ */
+VLC_API vlc_tls_t *vlc_tls_ServerSessionCreate(vlc_tls_creds_t *creds, int fd,
+ const char *const *alpn);
/**
* Destroys a TLS session down.
diff --git a/src/libvlccore.sym b/src/libvlccore.sym
index d3be85a..477b632 100644
--- a/src/libvlccore.sym
+++ b/src/libvlccore.sym
@@ -431,7 +431,7 @@ vlc_tls_ClientCreate
vlc_tls_ServerCreate
vlc_tls_Delete
vlc_tls_ClientSessionCreate
-vlc_tls_SessionCreate
+vlc_tls_ServerSessionCreate
vlc_tls_SessionDelete
vlc_tls_Read
vlc_tls_Write
diff --git a/src/network/httpd.c b/src/network/httpd.c
index 9364a4c..4672e10 100644
--- a/src/network/httpd.c
+++ b/src/network/httpd.c
@@ -2042,7 +2042,7 @@ static void httpdLoop(httpd_host_t *host)
{
const char *alpn[] = { "http/1.1", NULL };
- p_tls = vlc_tls_SessionCreate(host->p_tls, fd, NULL, alpn);
+ p_tls = vlc_tls_ServerSessionCreate(host->p_tls, fd, alpn);
}
else
p_tls = NULL;
diff --git a/src/network/tls.c b/src/network/tls.c
index c67c3cf..e8a3caf 100644
--- a/src/network/tls.c
+++ b/src/network/tls.c
@@ -128,8 +128,9 @@ void vlc_tls_Delete (vlc_tls_creds_t *crd)
/*** TLS session ***/
-vlc_tls_t *vlc_tls_SessionCreate (vlc_tls_creds_t *crd, int fd,
- const char *host, const char *const *alpn)
+static vlc_tls_t *vlc_tls_SessionCreate(vlc_tls_creds_t *crd, int fd,
+ const char *host,
+ const char *const *alpn)
{
vlc_tls_t *sock = vlc_tls_SocketOpen(VLC_OBJECT(crd), fd);
if (unlikely(sock == NULL))
@@ -145,12 +146,15 @@ vlc_tls_t *vlc_tls_SessionCreate (vlc_tls_creds_t *crd, int fd,
session->obj = crd->p_parent;
session->p = sock;
- int val = crd->open(crd, session, sock, host, alpn);
- if (val != VLC_SUCCESS)
+ int canc = vlc_savecancel();
+
+ if (crd->open(crd, session, sock, host, alpn) != VLC_SUCCESS)
{
free(session);
- session= NULL;
+ session = NULL;
}
+
+ vlc_restorecancel(canc);
return session;
}
@@ -180,17 +184,13 @@ vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
const char *host, const char *service,
const char *const *alpn, char **alp)
{
- vlc_tls_t *session;
- int canc, val;
+ int val;
- canc = vlc_savecancel();
- session = vlc_tls_SessionCreate (crd, fd, host, alpn);
+ vlc_tls_t *session = vlc_tls_SessionCreate(crd, fd, host, alpn);
if (session == NULL)
- {
- vlc_restorecancel(canc);
return NULL;
- }
+ int canc = vlc_savecancel();
mtime_t deadline = mdate ();
deadline += var_InheritInteger (crd, "ipv4-timeout") * 1000;
@@ -230,6 +230,12 @@ error:
return session;
}
+vlc_tls_t *vlc_tls_ServerSessionCreate(vlc_tls_creds_t *crd, int fd,
+ const char *const *alpn)
+{
+ return vlc_tls_SessionCreate(crd, fd, NULL, alpn);
+}
+
ssize_t vlc_tls_Read(vlc_tls_t *session, void *buf, size_t len, bool waitall)
{
struct pollfd ufd;
diff --git a/test/modules/misc/tls.c b/test/modules/misc/tls.c
index f4fec82..99182fa 100644
--- a/test/modules/misc/tls.c
+++ b/test/modules/misc/tls.c
@@ -113,7 +113,7 @@ static int securepair(vlc_thread_t *th, vlc_tls_t **restrict client,
val = tlspair(insecurev);
assert(val == 0);
- server = vlc_tls_SessionCreate(server_creds, insecurev[0], NULL, alpnv[0]);
+ server = vlc_tls_ServerSessionCreate(server_creds, insecurev[0], alpnv[0]);
assert(server != NULL);
val = vlc_clone(th, tls_echo, server, VLC_THREAD_PRIORITY_LOW);
More information about the vlc-commits
mailing list