diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/include/ipxe/tls.h | 9 | ||||
-rw-r--r-- | src/net/tls.c | 16 |
2 files changed, 18 insertions, 7 deletions
diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 7de1f19..4273e4e 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -18,6 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include <ipxe/sha1.h> #include <ipxe/sha256.h> #include <ipxe/x509.h> +#include <ipxe/pending.h> /** A TLS header */ struct tls_header { @@ -240,10 +241,10 @@ struct tls_session { /** Certificate validator */ struct interface validator; - /** Client has finished security negotiation */ - unsigned int client_finished; - /** Server has finished security negotiation */ - unsigned int server_finished; + /** Client security negotiation pending operation */ + struct pending_operation client_negotiation; + /** Server security negotiation pending operation */ + struct pending_operation server_negotiation; /** TX sequence number */ uint64_t tx_seq; diff --git a/src/net/tls.c b/src/net/tls.c index 97e013d..8d6620d 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -31,6 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include <time.h> #include <errno.h> #include <byteswap.h> +#include <ipxe/pending.h> #include <ipxe/hmac.h> #include <ipxe/md5.h> #include <ipxe/sha1.h> @@ -101,7 +102,8 @@ static void tls_set_uint24 ( uint8_t field24[3], unsigned long value ) { * @ret is_ready TLS session is ready */ static int tls_ready ( struct tls_session *tls ) { - return ( tls->client_finished && tls->server_finished ); + return ( ( ! is_pending ( &tls->client_negotiation ) ) && + ( ! is_pending ( &tls->server_negotiation ) ) ); } /****************************************************************************** @@ -205,6 +207,10 @@ static void free_tls ( struct refcnt *refcnt ) { */ static void tls_close ( struct tls_session *tls, int rc ) { + /* Remove pending operations, if applicable */ + pending_put ( &tls->client_negotiation ); + pending_put ( &tls->server_negotiation ); + /* Remove process */ process_del ( &tls->process ); @@ -1141,7 +1147,7 @@ static int tls_send_finished ( struct tls_session *tls ) { return rc; /* Mark client as finished */ - tls->client_finished = 1; + pending_put ( &tls->client_negotiation ); return 0; } @@ -1489,7 +1495,7 @@ static int tls_new_finished ( struct tls_session *tls, } /* Mark server as finished */ - tls->server_finished = 1; + pending_put ( &tls->server_negotiation ); /* Send notification of a window change */ xfer_window_changed ( &tls->plainstream ); @@ -2396,6 +2402,10 @@ int add_tls ( struct interface *xfer, const char *name, tls->handshake_ctx = tls->handshake_sha256_ctx; tls->tx_pending = TLS_TX_CLIENT_HELLO; + /* Add pending operations for server and client Finished messages */ + pending_get ( &tls->client_negotiation ); + pending_get ( &tls->server_negotiation ); + /* Attach to parent interface, mortalise self, and return */ intf_plug_plug ( &tls->plainstream, xfer ); *next = &tls->cipherstream; |