From fd96acb7de27241892d38efd55dffd26ef79cf2a Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Fri, 16 Aug 2019 22:40:19 +0100 Subject: [tls] Add missing call to tls_tx_resume() when restarting negotiation The restart of negotiation triggered by a HelloRequest currently does not call tls_tx_resume() and so may end up leaving the connection in an idle state in which the pending ClientHello is never sent. Fix by calling tls_tx_resume() as part of tls_restart(), since the call to tls_tx_resume() logically belongs alongside the code that sets bits in tls->tx_pending. Signed-off-by: Michael Brown --- src/net/tls.c | 46 ++++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/src/net/tls.c b/src/net/tls.c index 746274d6..12045b01 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -940,6 +940,27 @@ static void tls_verify_handshake ( struct tls_connection *tls, void *out ) { ****************************************************************************** */ +/** + * Resume TX state machine + * + * @v tls TLS connection + */ +static void tls_tx_resume ( struct tls_connection *tls ) { + process_add ( &tls->process ); +} + +/** + * Resume TX state machine for all connections within a session + * + * @v session TLS session + */ +static void tls_tx_resume_all ( struct tls_session *session ) { + struct tls_connection *tls; + + list_for_each_entry ( tls, &session->conn, list ) + tls_tx_resume ( tls ); +} + /** * Restart negotiation * @@ -961,31 +982,11 @@ static void tls_restart ( struct tls_connection *tls ) { /* (Re)start negotiation */ tls->tx_pending = TLS_TX_CLIENT_HELLO; + tls_tx_resume ( tls ); pending_get ( &tls->client_negotiation ); pending_get ( &tls->server_negotiation ); } -/** - * Resume TX state machine - * - * @v tls TLS connection - */ -static void tls_tx_resume ( struct tls_connection *tls ) { - process_add ( &tls->process ); -} - -/** - * Resume TX state machine for all connections within a session - * - * @v session TLS session - */ -static void tls_tx_resume_all ( struct tls_session *session ) { - struct tls_connection *tls; - - list_for_each_entry ( tls, &session->conn, list ) - tls_tx_resume ( tls ); -} - /** * Transmit Handshake record * @@ -3086,7 +3087,8 @@ int add_tls ( struct interface *xfer, const char *name, intf_init ( &tls->plainstream, &tls_plainstream_desc, &tls->refcnt ); intf_init ( &tls->cipherstream, &tls_cipherstream_desc, &tls->refcnt ); intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt ); - process_init ( &tls->process, &tls_process_desc, &tls->refcnt ); + process_init_stopped ( &tls->process, &tls_process_desc, + &tls->refcnt ); tls->version = TLS_VERSION_TLS_1_2; tls_clear_cipher ( tls, &tls->tx_cipherspec ); tls_clear_cipher ( tls, &tls->tx_cipherspec_pending ); -- cgit v1.2.3-55-g7522