X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fstream-ssl.c;h=7a0d2189a73f29d92c614ecf1b0bf6bdb7fd649b;hb=28c5588e8e1a8d091c5d2275232c35f2968a97fa;hp=a6f1362e309ffd0d9c4f6bdb593728c6a4da6f1f;hpb=e731d71bf47b8370e4bfa87827113eedd20b7398;p=sliver-openvswitch.git

diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index a6f1362e3..7a0d2189a 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -29,7 +29,7 @@
 #include <openssl/ssl.h>
 #include <openssl/x509v3.h>
 #include <poll.h>
-#include <sys/fcntl.h>
+#include <fcntl.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include "coverage.h"
@@ -47,6 +47,21 @@
 #include "timeval.h"
 #include "vlog.h"
 
+#ifdef _WIN32
+/* Ref: https://www.openssl.org/support/faq.html#PROG2
+ * Your application must link against the same version of the Win32 C-Runtime
+ * against which your openssl libraries were linked.  The default version for
+ * OpenSSL is /MD - "Multithreaded DLL". If we compile Open vSwitch with
+ * something other than /MD, instead of re-compiling OpenSSL
+ * toolkit, openssl/applink.c can be #included. Also, it is important
+ * to add CRYPTO_malloc_init prior first call to OpenSSL.
+ *
+ * XXX: The behavior of the following #include when Open vSwitch is
+ * compiled with /MD is not tested. */
+#include <openssl/applink.c>
+#define SHUT_RDWR SD_BOTH
+#endif
+
 VLOG_DEFINE_THIS_MODULE(stream_ssl);
 
 /* Active SSL. */
@@ -67,6 +82,7 @@ struct ssl_stream
     enum ssl_state state;
     enum session_type type;
     int fd;
+    HANDLE wevent;
     SSL *ssl;
     struct ofpbuf *txbuf;
     unsigned int session_nr;
@@ -183,6 +199,8 @@ static void stream_ssl_set_ca_cert_file__(const char *file_name,
 static void ssl_protocol_cb(int write_p, int version, int content_type,
                             const void *, size_t, SSL *, void *sslv_);
 static bool update_ssl_config(struct ssl_config_file *, const char *file_name);
+static int sock_errno(void);
+static void clear_handle(int fd, HANDLE wevent);
 
 static short int
 want_to_poll_events(int want)
@@ -245,8 +263,9 @@ new_ssl_stream(const char *name, int fd, enum session_type type,
     /* Disable Nagle. */
     retval = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof on);
     if (retval) {
-        VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name, ovs_strerror(errno));
-        retval = errno;
+        retval = sock_errno();
+        VLOG_ERR("%s: setsockopt(TCP_NODELAY): %s", name,
+                 sock_strerror(retval));
         goto error;
     }
 
@@ -272,6 +291,9 @@ new_ssl_stream(const char *name, int fd, enum session_type type,
     sslv->state = state;
     sslv->type = type;
     sslv->fd = fd;
+#ifdef _WIN32
+    sslv->wevent = CreateEvent(NULL, FALSE, FALSE, NULL);
+#endif
     sslv->ssl = ssl;
     sslv->txbuf = NULL;
     sslv->rx_want = sslv->tx_want = SSL_NOTHING;
@@ -290,7 +312,7 @@ error:
     if (ssl) {
         SSL_free(ssl);
     }
-    close(fd);
+    closesocket(fd);
     return retval;
 }
 
@@ -500,7 +522,8 @@ ssl_close(struct stream *stream)
     ERR_clear_error();
 
     SSL_free(sslv->ssl);
-    close(sslv->fd);
+    clear_handle(sslv->fd, sslv->wevent);
+    closesocket(sslv->fd);
     free(sslv);
 }
 
@@ -627,14 +650,15 @@ ssl_do_tx(struct stream *stream)
 
     for (;;) {
         int old_state = SSL_get_state(sslv->ssl);
-        int ret = SSL_write(sslv->ssl, sslv->txbuf->data, sslv->txbuf->size);
+        int ret = SSL_write(sslv->ssl,
+                            ofpbuf_data(sslv->txbuf), ofpbuf_size(sslv->txbuf));
         if (old_state != SSL_get_state(sslv->ssl)) {
             sslv->rx_want = SSL_NOTHING;
         }
         sslv->tx_want = SSL_NOTHING;
         if (ret > 0) {
             ofpbuf_pull(sslv->txbuf, ret);
-            if (sslv->txbuf->size == 0) {
+            if (ofpbuf_size(sslv->txbuf) == 0) {
                 return 0;
             }
         } else {
@@ -691,7 +715,8 @@ ssl_run_wait(struct stream *stream)
     struct ssl_stream *sslv = ssl_stream_cast(stream);
 
     if (sslv->tx_want != SSL_NOTHING) {
-        poll_fd_wait(sslv->fd, want_to_poll_events(sslv->tx_want));
+        poll_fd_wait_event(sslv->fd, sslv->wevent,
+                           want_to_poll_events(sslv->tx_want));
     }
 }
 
@@ -707,14 +732,14 @@ ssl_wait(struct stream *stream, enum stream_wait_type wait)
         } else {
             switch (sslv->state) {
             case STATE_TCP_CONNECTING:
-                poll_fd_wait(sslv->fd, POLLOUT);
+                poll_fd_wait_event(sslv->fd, sslv->wevent, POLLOUT);
                 break;
 
             case STATE_SSL_CONNECTING:
                 /* ssl_connect() called SSL_accept() or SSL_connect(), which
                  * set up the status that we test here. */
-                poll_fd_wait(sslv->fd,
-                             want_to_poll_events(SSL_want(sslv->ssl)));
+                poll_fd_wait_event(sslv->fd, sslv->wevent,
+                                   want_to_poll_events(SSL_want(sslv->ssl)));
                 break;
 
             default:
@@ -725,7 +750,8 @@ ssl_wait(struct stream *stream, enum stream_wait_type wait)
 
     case STREAM_RECV:
         if (sslv->rx_want != SSL_NOTHING) {
-            poll_fd_wait(sslv->fd, want_to_poll_events(sslv->rx_want));
+            poll_fd_wait_event(sslv->fd, sslv->wevent,
+                               want_to_poll_events(sslv->rx_want));
         } else {
             poll_immediate_wake();
         }
@@ -765,6 +791,7 @@ struct pssl_pstream
 {
     struct pstream pstream;
     int fd;
+    HANDLE wevent;
 };
 
 const struct pstream_class pssl_pstream_class;
@@ -806,6 +833,9 @@ pssl_open(const char *name OVS_UNUSED, char *suffix, struct pstream **pstreamp,
     pstream_init(&pssl->pstream, &pssl_pstream_class, bound_name);
     pstream_set_bound_port(&pssl->pstream, htons(port));
     pssl->fd = fd;
+#ifdef _WIN32
+    pssl->wevent = CreateEvent(NULL, FALSE, FALSE, NULL);
+#endif
     *pstreamp = &pssl->pstream;
     return 0;
 }
@@ -814,7 +844,8 @@ static void
 pssl_close(struct pstream *pstream)
 {
     struct pssl_pstream *pssl = pssl_pstream_cast(pstream);
-    close(pssl->fd);
+    clear_handle(pssl->fd, pssl->wevent);
+    closesocket(pssl->fd);
     free(pssl);
 }
 
@@ -831,16 +862,21 @@ pssl_accept(struct pstream *pstream, struct stream **new_streamp)
 
     new_fd = accept(pssl->fd, (struct sockaddr *) &ss, &ss_len);
     if (new_fd < 0) {
-        error = errno;
+        error = sock_errno();
+#ifdef _WIN32
+        if (error == WSAEWOULDBLOCK) {
+            error = EAGAIN;
+        }
+#endif
         if (error != EAGAIN) {
-            VLOG_DBG_RL(&rl, "accept: %s", ovs_strerror(error));
+            VLOG_DBG_RL(&rl, "accept: %s", sock_strerror(error));
         }
         return error;
     }
 
     error = set_nonblocking(new_fd);
     if (error) {
-        close(new_fd);
+        closesocket(new_fd);
         return error;
     }
 
@@ -855,7 +891,7 @@ static void
 pssl_wait(struct pstream *pstream)
 {
     struct pssl_pstream *pssl = pssl_pstream_cast(pstream);
-    poll_fd_wait(pssl->fd, POLLIN);
+    poll_fd_wait_event(pssl->fd, pssl->wevent, POLLIN);
 }
 
 static int
@@ -903,6 +939,10 @@ do_ssl_init(void)
 {
     SSL_METHOD *method;
 
+#ifdef _WIN32
+    /* The following call is needed if we "#include <openssl/applink.c>". */
+    CRYPTO_malloc_init();
+#endif
     SSL_library_init();
     SSL_load_error_strings();
 
@@ -1374,3 +1414,16 @@ ssl_protocol_cb(int write_p, int version OVS_UNUSED, int content_type,
 
     ds_destroy(&details);
 }
+
+static void
+clear_handle(int fd OVS_UNUSED, HANDLE wevent OVS_UNUSED)
+{
+#ifdef _WIN32
+    if (fd) {
+        WSAEventSelect(fd, NULL, 0);
+    }
+    if (wevent) {
+        CloseHandle(wevent);
+    }
+#endif
+}