kris/buggy_openssl_with_fullduplex
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Show bug a bit better

Browse Source
This commit is contained in:
Krzysztof Kwiatkowski 2013-09-18 13:54:07 +02:00
parent 00bf5ceff4
commit 08094e6d94
3 changed files with 109 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
client.cpp
View File

@ -49,6 +49,18 @@ bool handle_error_code(int& len, SSL* SSLHandler, int code, const char* func)
case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_WRITE:
cout << func << " WANT WRITE" << endl; cout << func << " WANT WRITE" << endl;
break; break;
case SSL_ERROR_SYSCALL:
cout << func << " ESYSCALL" << endl;
// exit(1);
break;
case SSL_ERROR_SSL:
cout << func << " ESSL" << endl;
exit(1);
break;
default:
cout << func << " SOMETHING ELSE" << endl;
exit(1);
} }
return true; return true;
} }
@ -63,35 +75,39 @@ void Sender()
int len = 0; int len = 0;
do do
{ {
lock_guard<mutex> lock(WriteReadMutex);
bool flag = true; bool flag = true;
while( flag ) while( flag )
{ {
lock_guard<mutex> lock(WriteReadMutex);
cout << "SSL_write: start" << endl;
int code = SSL_write(SSLHandler, buf.c_str()+len, buf.size()-len); int code = SSL_write(SSLHandler, buf.c_str()+len, buf.size()-len);
flag = handle_error_code(len, SSLHandler, code, "SSL_write"); // cout << "SSL_write: stop" << endl;
handle_error_code(len, SSLHandler, code, "SSL_write");
} }
// for debugging re-neg // for debugging re-neg
cout << "SSL STATE: " << SSL_state_string(SSLHandler) << endl; cout << "SSL STATE: " << SSL_state_string(SSLHandler) << endl;
} while( len != static_cast<int>(buf.size()) ); } while( len != static_cast<int>(buf.size()) );
sleep(10);
} }
}; };
void Client::receive() void Client::receive()
{ {
char buf[MAX_PACKET_SIZE]; char buf[MAX_PACKET_SIZE];
cout << "R " << endl;
// TODO: this way it takes 100% CPU, some signal would be usefull // TODO: this way it takes 100% CPU, some signal would be usefull
memset(buf,'\0',MAX_PACKET_SIZE); memset(buf,'\0',MAX_PACKET_SIZE);
int len_rcv = 0; int len_rcv = 0;
{ {
lock_guard<mutex> lock(WriteReadMutex);
bool flag = true; bool flag = true;
while( flag ) while( flag )
{ {
lock_guard<mutex> lock(WriteReadMutex);
// cout << "SSL_read: start" << endl;
len_rcv = SSL_read(SSLHandler, buf, MAX_PACKET_SIZE); len_rcv = SSL_read(SSLHandler, buf, MAX_PACKET_SIZE);
// cout << "SSL_read: stop" << endl;
flag = handle_error_code(len_rcv, SSLHandler, len_rcv, "SSL_read"); flag = handle_error_code(len_rcv, SSLHandler, len_rcv, "SSL_read");
} }
} }
@ -104,7 +120,7 @@ void Client::receive()
if( buf[len_rcv-1] == '\n' ) if( buf[len_rcv-1] == '\n' )
buf[len_rcv-1] = '\0'; buf[len_rcv-1] = '\0';
cout << buf << endl; cout << "RCVD: " << buf << endl;
} }
else else
{ {
@ -192,6 +208,8 @@ void Client::renegotiate()
{ {
lock_guard<mutex> lock_reads(WriteReadMutex); lock_guard<mutex> lock_reads(WriteReadMutex);
if( SSL_renegotiate_pending(SSLHandler) == false )
{
cout << "Starting SSL renegotiation on SSL" cout << "Starting SSL renegotiation on SSL"
<< "client (initiating by SSL client)" << endl; << "client (initiating by SSL client)" << endl;
@ -202,14 +220,15 @@ void Client::renegotiate()
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
exit(1); exit(1);
} }
cout << "SSL State: " << SSL_state_string(SSLHandler) << endl;
if(SSL_do_handshake(SSLHandler) <= 0){
cerr << "SSL_do_handshake() failed. STATE: "
<< SSL_state_string(SSLHandler) << endl;
ERR_print_errors_fp(stderr);
exit(1);
} }
// cout << "SSL State: " << SSL_state_string(SSLHandler) << endl;
// if(SSL_do_handshake(SSLHandler) <= 0){
// cerr << "SSL_do_handshake() failed. STATE: "
// << SSL_state_string(SSLHandler) << endl;
// ERR_print_errors_fp(stderr);
// exit(1);
// }
} }
void Client::init() void Client::init()

2
defs.h
View File

@ -3,7 +3,7 @@
#define IP "127.0.0.1" #define IP "127.0.0.1"
#define EXCHANGE_STRING "ABCDEFGHIJKLMNOPRSTUWXYZ" #define EXCHANGE_STRING "ABCDEFGHIJKLMNOPRSTUWXYZ"
#define EXCHANGE_STRING_LEN sizeof(EXCHANGE_STRING)/sizeof(EXCHANGE_STRING[0]) #define EXCHANGE_STRING_LEN sizeof(EXCHANGE_STRING)/sizeof(EXCHANGE_STRING[0])
#define RENEG_INIT_LEN 4200 #define RENEG_INIT_LEN 200
#define CERTIFICATE_FILE "etc/cert" #define CERTIFICATE_FILE "etc/cert"
#define PRIVATE_KEY_FILE "etc/pkey" #define PRIVATE_KEY_FILE "etc/pkey"
#define SEND_ITERATIONS 100000 #define SEND_ITERATIONS 100000

108
server.cpp
View File

@ -10,7 +10,7 @@
#include <fcntl.h> #include <fcntl.h>
#include <iostream> #include <iostream>
#include <exception> #include <exception>
#include <netinet/tcp.h>
#include <openssl/ssl.h> #include <openssl/ssl.h>
#include <openssl/err.h> #include <openssl/err.h>
#include "defs.h" #include "defs.h"
@ -39,7 +39,38 @@ mutex WriteReadMutex;
// thread functions to send and receive // thread functions to send and receive
void Receive(); void Receive();
void Send(); void Send();
int Gmaster=0;
bool handle_error_code(int& len, SSL* SSLHandler, int code, const char* func)
{
switch( SSL_get_error( SSLHandler, code ) )
{
case SSL_ERROR_NONE:
len+=code;
return false;
case SSL_ERROR_ZERO_RETURN:
cout << "CONNETION CLOSE ON WRITE" << endl;
exit(1);
break;
case SSL_ERROR_WANT_READ:
cout << func << " WANT READ" << endl;
break;
case SSL_ERROR_WANT_WRITE:
cout << func << " WANT WRITE" << endl;
break;
case SSL_ERROR_SYSCALL:
cout << func << " ESYSCALL" << endl;
// exit(1);
break;
case SSL_ERROR_SSL:
cout << func << " ESSL" << endl;
exit(1);
break;
default:
cout << func << " SOMETHING ELSE" << endl;
}
return true;
}
Server::Server() Server::Server()
: SSLProcess(true) : SSLProcess(true)
@ -80,6 +111,7 @@ void Server::start()
startListen(); startListen();
Acceptor ac(_master, _ctx); Acceptor ac(_master, _ctx);
Gmaster=_master;
_sender =new thread( Send ); _sender =new thread( Send );
_reciver =new thread( Receive ); _reciver =new thread( Receive );
_reactor =new thread( ac ); _reactor =new thread( ac );
@ -114,7 +146,11 @@ void Server::doServerSSLInit()
// set weak protocol, so it is easy to debug with wireshark // set weak protocol, so it is easy to debug with wireshark
SSL_CTX_set_options(_ctx, SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1 | SSL_OP_ALL | SSL_OP_SINGLE_DH_USE ); SSL_CTX_set_options(_ctx, SSL_OP_NO_TLSv1_2
| SSL_OP_NO_TLSv1_1
| SSL_OP_NO_TLSv1
| SSL_OP_ALL
| SSL_OP_SINGLE_DH_USE );
} }
void Acceptor::operator()() void Acceptor::operator()()
@ -177,6 +213,8 @@ void Acceptor::operator()()
int new_fd=openTCPSocket(); int new_fd=openTCPSocket();
if( new_fd >= 0 ) if( new_fd >= 0 )
{ {
int flag =1;
// setsockopt(new_fd, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, sizeof(int));
cout << "New socket with ID : " << new_fd cout << "New socket with ID : " << new_fd
<< " is going to be added to map" << endl; << " is going to be added to map" << endl;
SSL* ssl = openSSLSession(new_fd); SSL* ssl = openSSLSession(new_fd);
@ -230,10 +268,10 @@ void Receive()
cout << SSL_state_string(handler.second) << endl; cout << SSL_state_string(handler.second) << endl;
{ {
lock_guard<mutex> lock(WriteReadMutex); lock_guard<mutex> lock(WriteReadMutex);
cout << "SSL_read: start" << endl;
len_rcv = SSL_read(handler.second, buf, 1024); len_rcv = SSL_read(handler.second, buf, 1024);
switch( SSL_get_error(handler.second, len_rcv) ) // cout << "SSL_read: stop" << endl;
{ if( !handle_error_code(len_rcv, handler.second, len_rcv, "rcv") )
case SSL_ERROR_NONE:
{ {
// dirty thing - if it has \n on the end - remove it // dirty thing - if it has \n on the end - remove it
if( buf[len_rcv-1] == '\n' ) if( buf[len_rcv-1] == '\n' )
@ -251,21 +289,6 @@ void Receive()
} }
break; break;
} }
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
{
cout << "WANT_SOMETHING WHEN Receive" << endl;
exit(1);
break;
}
default :
{
cout << "Closing connection " << handler.first << endl;
::close(handler.first);
exit(1);
}
}
} }
} }
} }
@ -287,33 +310,36 @@ void Send()
for(int i=0; i<SEND_ITERATIONS; ++i) for(int i=0; i<SEND_ITERATIONS; ++i)
{ {
int len = 0; int len = 0;
// wait timer for select
struct timeval tv;
tv.tv_sec = 0;
tv.tv_usec = 10;
do do
{
fd_set fd_write;
FD_ZERO(&fd_write);
FD_SET(Gmaster, &fd_write);
FD_SET(handler.first, &fd_write);
int maxv=Gmaster;
if(Gmaster < handler.first)
maxv=handler.first;
select(maxv+1, NULL, &fd_write, NULL, (struct timeval *)&tv);
if( FD_ISSET(handler.first, &fd_write) )
{ {
lock_guard<mutex> lock(WriteReadMutex); lock_guard<mutex> lock(WriteReadMutex);
// cout << "SSL_write: start" << endl;
int write_len=SSL_write(handler.second, buf.c_str()+len, buf.size()-len); int write_len=SSL_write(handler.second, buf.c_str()+len, buf.size()-len);
switch( SSL_get_error(handler.second, write_len) ) // cout << "SSL_write: stop " << endl;
{ handle_error_code(len, handler.second, write_len, "write");
case SSL_ERROR_NONE:
{
len += write_len;
break;
}
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
{
cout << "WANT_SOMETHING WHEN Send" << endl;
exit(1);
break;
}
default :
{
cout << "Closing connection " << handler.first << endl;
::close(handler.first);
exit(1);
}
}
// for debugging re-neg // for debugging re-neg
// cout << "SSL STATE: " << SSL_state_string(handler.second) << endl; // cout << "SSL STATE: " << SSL_state_string(handler.second) << endl;
}
} while( len != static_cast<int>(buf.size()) ); } while( len != static_cast<int>(buf.size()) );
} }
} }