--------------------- PatchSet 5992 Date: 2003/10/27 16:56:30 Author: hno Branch: ssl-2_5 Tag: (none) Log: Some minor corrections to the "pending" I/O operations machinery. Also backs out the now yet functional TurboSSL support. Members: src/client_side.c:1.47.2.21.2.10->1.47.2.21.2.11 src/comm.c:1.18.6.2->1.18.6.2.8.1 src/comm_select.c:1.8.6.2.2.3->1.8.6.2.2.4 src/enums.h:1.29.2.7.2.3->1.29.2.7.2.4 src/forward.c:1.13.6.1.8.6->1.13.6.1.8.7 src/peer_select.c:1.12->1.12.26.1 src/ssl_support.c:1.6.6.1.2.5->1.6.6.1.2.6 src/structs.h:1.48.2.8.2.8->1.48.2.8.2.9 Index: squid/src/client_side.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/client_side.c,v retrieving revision 1.47.2.21.2.10 retrieving revision 1.47.2.21.2.11 diff -u -r1.47.2.21.2.10 -r1.47.2.21.2.11 --- squid/src/client_side.c 25 Oct 2003 15:32:23 -0000 1.47.2.21.2.10 +++ squid/src/client_side.c 27 Oct 2003 16:56:30 -0000 1.47.2.21.2.11 @@ -1,6 +1,6 @@ /* - * $Id: client_side.c,v 1.47.2.21.2.10 2003/10/25 15:32:23 hno Exp $ + * $Id: client_side.c,v 1.47.2.21.2.11 2003/10/27 16:56:30 hno Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -3434,13 +3434,6 @@ case SSL_ERROR_WANT_WRITE: commSetSelect(fd, COMM_SELECT_WRITE, clientNegotiateSSL, conn, 0); return; -#ifdef CAVIUM_SSL - case SSL_ERROR_WANT_CAVIUM_CRYPTO: - i = -1; - fd_table[fd].read_pending = COMM_PENDING_NOW; - commSetSelect(fd, COMM_SELECT_READ, clientNegotiateSSL, conn, 0); - return; -#endif default: debug(81, 1) ("clientNegotiateSSL: Error negotiating SSL connection on FD %d: %s (%d/%d)\n", fd, ERR_error_string(ERR_get_error(), NULL), ssl_error, ret); Index: squid/src/comm.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/comm.c,v retrieving revision 1.18.6.2 retrieving revision 1.18.6.2.8.1 diff -u -r1.18.6.2 -r1.18.6.2.8.1 --- squid/src/comm.c 1 Apr 2002 10:26:59 -0000 1.18.6.2 +++ squid/src/comm.c 27 Oct 2003 16:56:31 -0000 1.18.6.2.8.1 @@ -1,6 +1,6 @@ /* - * $Id: comm.c,v 1.18.6.2 2002/04/01 10:26:59 squidadm Exp $ + * $Id: comm.c,v 1.18.6.2.8.1 2003/10/27 16:56:31 hno Exp $ * * DEBUG: section 5 Socket Functions * AUTHOR: Harvest Derived @@ -581,6 +581,16 @@ { LOCAL_ARRAY(char, buf, 1024); int n; +#if USE_SSL + if (fd_table[fd].read_pending != COMM_PENDING_NORMAL) { + fd_table[fd].read_pending = COMM_PENDING_NORMAL; + ssl_shutdown_method(fd); + if (fd_table[fd].read_pending != COMM_PENDING_NORMAL) { + commSetSelect(fd, COMM_SELECT_READ, commLingerClose, NULL, 0); + return; + } + } +#endif n = FD_READ_METHOD(fd, buf, 1024); if (n < 0) debug(5, 3) ("commLingerClose: FD %d read: %s\n", fd, xstrerror()); @@ -656,7 +666,8 @@ pconnHistCount(1, F->uses); #if USE_SSL if (F->ssl) { - SSL_free(F->ssl); + SSL *ssl = F->ssl; + SSL_free(ssl); F->ssl = NULL; } #endif Index: squid/src/comm_select.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/comm_select.c,v retrieving revision 1.8.6.2.2.3 retrieving revision 1.8.6.2.2.4 diff -u -r1.8.6.2.2.3 -r1.8.6.2.2.4 --- squid/src/comm_select.c 25 Oct 2003 15:32:26 -0000 1.8.6.2.2.3 +++ squid/src/comm_select.c 27 Oct 2003 16:56:31 -0000 1.8.6.2.2.4 @@ -1,6 +1,6 @@ /* - * $Id: comm_select.c,v 1.8.6.2.2.3 2003/10/25 15:32:26 hno Exp $ + * $Id: comm_select.c,v 1.8.6.2.2.4 2003/10/27 16:56:31 hno Exp $ * * DEBUG: section 5 Socket Functions * @@ -378,9 +378,9 @@ case COMM_PENDING_NOW: events |= POLLRDNORM; npending++; + break; } } - } if (fd_table[i].write_handler) { switch (fd_table[i].read_pending) { @@ -396,16 +396,14 @@ case COMM_PENDING_NOW: events |= POLLWRNORM; npending++; + break; } - events |= POLLWRNORM; } if (events) { pfds[nfds].fd = i; pfds[nfds].events = events; pfds[nfds].revents = 0; nfds++; - if ((events & POLLRDNORM) && fd_table[i].read_pending) - npending++; } } if (nfds == 0) { @@ -443,7 +441,7 @@ fd = pfds[i].fd; if (fd == -1) continue; - switch(fd_table[fd].read_pending) { + switch (fd_table[fd].read_pending) { case COMM_PENDING_NORMAL: case COMM_PENDING_WANTS_READ: break; @@ -455,7 +453,7 @@ revents |= POLLIN; break; } - switch(fd_table[fd].write_pending) { + switch (fd_table[fd].write_pending) { case COMM_PENDING_NORMAL: case COMM_PENDING_WANTS_WRITE: break; @@ -486,7 +484,7 @@ PF *hdl = F->read_handler; debug(5, 6) ("comm_poll: FD %d ready for reading\n", fd); if (hdl == NULL) - (void) 0; /* Nothing to do */ + (void) 0; /* Nothing to do */ #if DELAY_POOLS else if (FD_ISSET(fd, &slowfds)) commAddSlowFd(fd); Index: squid/src/enums.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/enums.h,v retrieving revision 1.29.2.7.2.3 retrieving revision 1.29.2.7.2.4 diff -u -r1.29.2.7.2.3 -r1.29.2.7.2.4 --- squid/src/enums.h 25 Oct 2003 15:32:26 -0000 1.29.2.7.2.3 +++ squid/src/enums.h 27 Oct 2003 16:56:31 -0000 1.29.2.7.2.4 @@ -1,6 +1,6 @@ /* - * $Id: enums.h,v 1.29.2.7.2.3 2003/10/25 15:32:26 hno Exp $ + * $Id: enums.h,v 1.29.2.7.2.4 2003/10/27 16:56:31 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -289,7 +289,7 @@ typedef enum { HIER_NONE, - DIRECT, + HIER_DIRECT, SIBLING_HIT, PARENT_HIT, DEFAULT_PARENT, Index: squid/src/forward.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/forward.c,v retrieving revision 1.13.6.1.8.6 retrieving revision 1.13.6.1.8.7 diff -u -r1.13.6.1.8.6 -r1.13.6.1.8.7 --- squid/src/forward.c 25 Oct 2003 15:32:26 -0000 1.13.6.1.8.6 +++ squid/src/forward.c 27 Oct 2003 16:56:31 -0000 1.13.6.1.8.7 @@ -1,6 +1,6 @@ /* - * $Id: forward.c,v 1.13.6.1.8.6 2003/10/25 15:32:26 hno Exp $ + * $Id: forward.c,v 1.13.6.1.8.7 2003/10/27 16:56:31 hno Exp $ * * DEBUG: section 17 Request Forwarding * AUTHOR: Duane Wessels @@ -229,12 +229,6 @@ case SSL_ERROR_WANT_WRITE: commSetSelect(fd, COMM_SELECT_WRITE, fwdNegotiateSSL, fwdState, 0); return; -#ifdef CAVIUM_SSL - case SSL_ERROR_WANT_CAVIUM_CRYPTO: - fd_table[fd].read_pending = COMM_PENDING_NOW; - commSetSelect(fd, COMM_SELECT_READ, clientNegotiateSSL, conn, 0); - return; -#endif default: debug(81, 1) ("fwdNegotiateSSL: Error negotiating SSL connection on FD %d: %s (%d/%d)\n", fd, ERR_error_string(ERR_get_error(), NULL), ssl_error, ret); err = errorCon(ERR_CONNECT_FAIL, HTTP_SERVICE_UNAVAILABLE); Index: squid/src/peer_select.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/peer_select.c,v retrieving revision 1.12 retrieving revision 1.12.26.1 diff -u -r1.12 -r1.12.26.1 --- squid/src/peer_select.c 18 Nov 2001 01:15:42 -0000 1.12 +++ squid/src/peer_select.c 27 Oct 2003 16:56:31 -0000 1.12.26.1 @@ -1,6 +1,6 @@ /* - * $Id: peer_select.c,v 1.12 2001/11/18 01:15:42 squidadm Exp $ + * $Id: peer_select.c,v 1.12.26.1 2003/10/27 16:56:31 hno Exp $ * * DEBUG: section 44 Peer Selection Algorithm * AUTHOR: Duane Wessels @@ -425,9 +425,9 @@ return; if (ps->request->protocol == PROTO_WAIS) /* Its not really DIRECT, now is it? */ - peerAddFwdServer(&ps->servers, Config.Wais.peer, DIRECT); + peerAddFwdServer(&ps->servers, Config.Wais.peer, HIER_DIRECT); else - peerAddFwdServer(&ps->servers, NULL, DIRECT); + peerAddFwdServer(&ps->servers, NULL, HIER_DIRECT); } static void Index: squid/src/ssl_support.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ssl_support.c,v retrieving revision 1.6.6.1.2.5 retrieving revision 1.6.6.1.2.6 diff -u -r1.6.6.1.2.5 -r1.6.6.1.2.6 --- squid/src/ssl_support.c 25 Oct 2003 15:32:26 -0000 1.6.6.1.2.5 +++ squid/src/ssl_support.c 27 Oct 2003 16:56:31 -0000 1.6.6.1.2.6 @@ -417,6 +417,10 @@ } SSL_CTX_set_options(sslContext, ssl_parse_options(options)); + if (Config.SSL.unclean_shutdown) { + debug(83, 5) ("Enabling quiet SSL shutdowns (RFC violation).\n"); + SSL_CTX_set_quiet_shutdown(sslContext, 1); + } if (cipher) { debug(83, 5) ("Using chiper suite %s.\n", cipher); if (!SSL_CTX_set_cipher_list(sslContext, cipher)) { @@ -497,7 +501,6 @@ if (dh) SSL_CTX_set_tmp_dh(sslContext, dh); } - if (fl & SSL_FLAG_DONT_VERIFY_DOMAIN) SSL_CTX_set_ex_data(sslContext, ssl_ctx_ex_index_dont_verify_domain, (void *) -1); return sslContext; @@ -635,19 +638,11 @@ i = -1; errno = EAGAIN; break; -#ifdef CAVIUM_SSL - case SSL_ERROR_WANT_CAVIUM_CRYPTO: - i = -1; - fd_table[fd].read_pending = COMM_PENDING_NOW; - errno = EAGAIN; - break; -#endif default: i = -1; break; } } - return i; } @@ -657,7 +652,9 @@ const char *buf; int len; { - int i = SSL_write(fd_table[fd].ssl, buf, len); + int i; + + i = SSL_write(fd_table[fd].ssl, buf, len); if (i <= 0) { int err = SSL_get_error(fd_table[fd].ssl, i); @@ -675,13 +672,6 @@ i = -1; errno = EAGAIN; break; -#ifdef CAVIUM_SSL - case SSL_ERROR_WANT_CAVIUM_CRYPTO: - i = -1; - fd_table[fd].write_pending = COMM_PENDING_NOW; - errno = EAGAIN; - break; -#endif default: i = -1; break; @@ -695,13 +685,6 @@ { SSL *ssl = fd_table[fd].ssl; int ret; - if (!fd_table[fd].ssl_shutdown) { - fd_table[fd].ssl_shutdown = 1; - if (Config.SSL.unclean_shutdown) - SSL_set_shutdown(ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); - else - SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN); - } ret = SSL_shutdown(ssl); if (ret <= 0) { int err = SSL_get_error(ssl, ret); @@ -721,13 +704,6 @@ ret = -1; errno = EAGAIN; break; -#ifdef CAVIUM_SSL - case SSL_ERROR_WANT_CAVIUM_CRYPTO: - ret = -1; - fd_table[fd].read_pending = COMM_PENDING_NOW; - errno = EAGAIN; - break; -#endif default: ret = -1; break; Index: squid/src/structs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/structs.h,v retrieving revision 1.48.2.8.2.8 retrieving revision 1.48.2.8.2.9 diff -u -r1.48.2.8.2.8 -r1.48.2.8.2.9 --- squid/src/structs.h 25 Oct 2003 15:32:26 -0000 1.48.2.8.2.8 +++ squid/src/structs.h 27 Oct 2003 16:56:31 -0000 1.48.2.8.2.9 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.48.2.8.2.8 2003/10/25 15:32:26 hno Exp $ + * $Id: structs.h,v 1.48.2.8.2.9 2003/10/27 16:56:31 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -827,7 +827,6 @@ WRITE_HANDLER *write_method; #if USE_SSL SSL *ssl; - int ssl_shutdown:1; #endif };