aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/ipxe/tls.h9
-rw-r--r--src/net/tls.c16
2 files changed, 18 insertions, 7 deletions
diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h
index 7de1f19..4273e4e 100644
--- a/src/include/ipxe/tls.h
+++ b/src/include/ipxe/tls.h
@@ -18,6 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <ipxe/sha1.h>
#include <ipxe/sha256.h>
#include <ipxe/x509.h>
+#include <ipxe/pending.h>
/** A TLS header */
struct tls_header {
@@ -240,10 +241,10 @@ struct tls_session {
/** Certificate validator */
struct interface validator;
- /** Client has finished security negotiation */
- unsigned int client_finished;
- /** Server has finished security negotiation */
- unsigned int server_finished;
+ /** Client security negotiation pending operation */
+ struct pending_operation client_negotiation;
+ /** Server security negotiation pending operation */
+ struct pending_operation server_negotiation;
/** TX sequence number */
uint64_t tx_seq;
diff --git a/src/net/tls.c b/src/net/tls.c
index 97e013d..8d6620d 100644
--- a/src/net/tls.c
+++ b/src/net/tls.c
@@ -31,6 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <time.h>
#include <errno.h>
#include <byteswap.h>
+#include <ipxe/pending.h>
#include <ipxe/hmac.h>
#include <ipxe/md5.h>
#include <ipxe/sha1.h>
@@ -101,7 +102,8 @@ static void tls_set_uint24 ( uint8_t field24[3], unsigned long value ) {
* @ret is_ready TLS session is ready
*/
static int tls_ready ( struct tls_session *tls ) {
- return ( tls->client_finished && tls->server_finished );
+ return ( ( ! is_pending ( &tls->client_negotiation ) ) &&
+ ( ! is_pending ( &tls->server_negotiation ) ) );
}
/******************************************************************************
@@ -205,6 +207,10 @@ static void free_tls ( struct refcnt *refcnt ) {
*/
static void tls_close ( struct tls_session *tls, int rc ) {
+ /* Remove pending operations, if applicable */
+ pending_put ( &tls->client_negotiation );
+ pending_put ( &tls->server_negotiation );
+
/* Remove process */
process_del ( &tls->process );
@@ -1141,7 +1147,7 @@ static int tls_send_finished ( struct tls_session *tls ) {
return rc;
/* Mark client as finished */
- tls->client_finished = 1;
+ pending_put ( &tls->client_negotiation );
return 0;
}
@@ -1489,7 +1495,7 @@ static int tls_new_finished ( struct tls_session *tls,
}
/* Mark server as finished */
- tls->server_finished = 1;
+ pending_put ( &tls->server_negotiation );
/* Send notification of a window change */
xfer_window_changed ( &tls->plainstream );
@@ -2396,6 +2402,10 @@ int add_tls ( struct interface *xfer, const char *name,
tls->handshake_ctx = tls->handshake_sha256_ctx;
tls->tx_pending = TLS_TX_CLIENT_HELLO;
+ /* Add pending operations for server and client Finished messages */
+ pending_get ( &tls->client_negotiation );
+ pending_get ( &tls->server_negotiation );
+
/* Attach to parent interface, mortalise self, and return */
intf_plug_plug ( &tls->plainstream, xfer );
*next = &tls->cipherstream;