size_t
SSLStream::read(void *buffer, size_t length)
{
const int toRead = (int)std::min<size_t>(0x0fffffff, length);
while (true) {
unsigned long error = SSL_ERROR_NONE;
const int result = sslCallWithLock(std::bind(SSL_read, m_ssl.get(), buffer, toRead), &error);
if (result > 0) {
return result;
}
MORDOR_LOG_DEBUG(g_log) << this << " SSL_read(" << m_ssl.get() << ", "
<< toRead << "): " << result << " (" << error << ")";
switch (error) {
case SSL_ERROR_NONE:
return result;
case SSL_ERROR_ZERO_RETURN:
// Received close_notify message
MORDOR_ASSERT(result == 0);
return 0;
case SSL_ERROR_WANT_READ:
wantRead();
continue;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_CONNECT:
case SSL_ERROR_WANT_ACCEPT:
case SSL_ERROR_WANT_X509_LOOKUP:
MORDOR_NOTREACHED();
case SSL_ERROR_SYSCALL:
if (hasOpenSSLError()) {
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_read("
<< m_ssl.get() << ", " << toRead << "): " << result
<< " (" << error << ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_read");
;
}
MORDOR_LOG_WARNING(g_log) << this << " SSL_read("
<< m_ssl.get() << ", " << toRead << "): " << result
<< " (" << error << ")";
if (result == 0) {
return 0;
}
MORDOR_THROW_EXCEPTION_FROM_LAST_ERROR_API("SSL_read");
case SSL_ERROR_SSL:
{
MORDOR_ASSERT(hasOpenSSLError());
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_read("
<< m_ssl.get() << ", " << toRead << "): " << result
<< " (" << error << ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_read");
;
}
default:
MORDOR_NOTREACHED();
}
}
}
void
SSLStream::clearSSLError()
{
std::string msg;
unsigned long err = SSL_ERROR_NONE;
while ((err = ERR_get_error()) != SSL_ERROR_NONE) {
switch (ERR_GET_REASON(err)) {
case ERR_R_MALLOC_FAILURE:
msg = "bad alloc";
break;
case ERR_R_PASSED_NULL_PARAMETER:
msg = "invalid argument";
break;
default:
{
char buf[120];
const char * errBuf = ERR_error_string(err, buf);
if (errBuf != NULL) {
msg = errBuf;
}
}
}
MORDOR_LOG_ERROR(g_log) << this
<< " ssl: " << m_ssl.get()
<< " ignoring error: " << err
<< " error msg: " << msg;
};
// Clear it again for insurance.
ERR_clear_error();
}
int Logger::writeLog(std::string& msg, Mordor::Log::Level log_level)
{
//show all g_logs
Mordor::Log::visit(boost::bind(&printLogger, &(std::cout), _1));
MORDOR_LOG_ERROR(g_app_log)<<msg;
MORDOR_LOG_INFO(g_app_log)<<msg;
MORDOR_LOG_DEBUG(g_app_log)<<msg; //can not see it by default. should provide some config?
return 0;
}
void
SSLStream::serverNameIndication(const std::string &hostname)
{
// Older versions of OpenSSL don't support this (I'm looking at you,
// Leopard); just ignore it then
#ifdef SSL_set_tlsext_host_name
std::lock_guard<std::mutex> lock(m_mutex);
if (!SSL_set_tlsext_host_name(m_ssl.get(), hostname.c_str())) {
if (!hasOpenSSLError()) return;
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_set_tlsext_host_name("
<< m_ssl.get() << ", " << hostname.c_str() << "): " << message;
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_set_tlsext_host_name");
;
}
#endif
}
bool
TimerManager::detectClockRollover(unsigned long long nowUs)
{
// If the time jumps backward, expire timers (rather than have them
// expire in the distant future or not at all).
// We check this way because now() will not roll from 0xffff... to zero
// since the underlying hardware counter doesn't count microseconds.
// Use a threshold value so we don't overreact to minor clock jitter.
bool rollover = false;
if (nowUs < m_previousTime && // check first in case the next line would underflow
nowUs < m_previousTime - g_clockRolloverThreshold->val())
{
MORDOR_LOG_ERROR(g_log) << this << " clock has rolled back from "
<< m_previousTime << " to " << nowUs << "; expiring all timers";
rollover = true;
}
m_previousTime = nowUs;
return rollover;
}
void
SSLStream::connect()
{
while (true) {
unsigned long error = SSL_ERROR_NONE;
const int result = sslCallWithLock(std::bind(SSL_connect, m_ssl.get()), &error);
MORDOR_LOG_DEBUG(g_log) << this << " SSL_connect(" << m_ssl.get()
<< "): " << result << " (" << error << ")";
if (result > 0) {
flush(false);
return;
}
switch (error) {
case SSL_ERROR_NONE:
flush(false);
return;
case SSL_ERROR_ZERO_RETURN:
// Received close_notify message
return;
case SSL_ERROR_WANT_READ:
flush();
wantRead();
continue;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_CONNECT:
case SSL_ERROR_WANT_ACCEPT:
case SSL_ERROR_WANT_X509_LOOKUP:
MORDOR_NOTREACHED();
case SSL_ERROR_SYSCALL:
if (hasOpenSSLError()) {
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_connect("
<< m_ssl.get() << "): " << result << " (" << error
<< ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_connect");
;
}
MORDOR_LOG_ERROR(g_log) << this << " SSL_connect("
<< m_ssl.get() << "): " << result << " (" << error
<< ")";
if (result == 0) {
MORDOR_THROW_EXCEPTION(UnexpectedEofException());
}
MORDOR_THROW_EXCEPTION_FROM_LAST_ERROR_API("SSL_connect");
case SSL_ERROR_SSL:
{
MORDOR_ASSERT(hasOpenSSLError());
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_connect("
<< m_ssl.get() << "): " << result << " (" << error
<< ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_connect");
;
}
default:
MORDOR_NOTREACHED();
}
}
}
void
SSLStream::close(CloseType type)
{
MORDOR_ASSERT(type == BOTH);
if (!(sslCallWithLock(std::bind(SSL_get_shutdown, m_ssl.get()), NULL) & SSL_SENT_SHUTDOWN)) {
unsigned long error = SSL_ERROR_NONE;
const int result = sslCallWithLock(std::bind(SSL_shutdown, m_ssl.get()), &error);
if (result <= 0) {
MORDOR_LOG_DEBUG(g_log) << this << " SSL_shutdown(" << m_ssl.get()
<< "): " << result << " (" << error << ")";
switch (error) {
case SSL_ERROR_NONE:
case SSL_ERROR_ZERO_RETURN:
break;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_CONNECT:
case SSL_ERROR_WANT_ACCEPT:
case SSL_ERROR_WANT_X509_LOOKUP:
MORDOR_NOTREACHED();
case SSL_ERROR_SYSCALL:
if (hasOpenSSLError()) {
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_shutdown("
<< m_ssl.get() << "): " << result << " (" << error
<< ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_shutdown");
;
}
MORDOR_LOG_ERROR(g_log) << this << " SSL_shutdown("
<< m_ssl.get() << "): " << result << " (" << error
<< ")";
if (result == 0)
break;
MORDOR_THROW_EXCEPTION_FROM_LAST_ERROR_API("SSL_shutdown");
case SSL_ERROR_SSL:
{
MORDOR_ASSERT(hasOpenSSLError());
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_shutdown("
<< m_ssl.get() << "): " << result << " (" << error
<< ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_shutdown");
;
}
default:
MORDOR_NOTREACHED();
}
}
flush(false);
}
while (!(sslCallWithLock(std::bind(SSL_get_shutdown, m_ssl.get()), NULL) & SSL_RECEIVED_SHUTDOWN)) {
unsigned long error = SSL_ERROR_NONE;
const int result = sslCallWithLock(std::bind(SSL_shutdown, m_ssl.get()), &error);
MORDOR_LOG_DEBUG(g_log) << this << " SSL_shutdown(" << m_ssl.get()
<< "): " << result << " (" << error << ")";
if (result > 0) {
break;
}
switch (error) {
case SSL_ERROR_NONE:
case SSL_ERROR_ZERO_RETURN:
break;
case SSL_ERROR_WANT_READ:
flush();
wantRead();
continue;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_CONNECT:
case SSL_ERROR_WANT_ACCEPT:
case SSL_ERROR_WANT_X509_LOOKUP:
MORDOR_NOTREACHED();
case SSL_ERROR_SYSCALL:
if (hasOpenSSLError()) {
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_shutdown("
<< m_ssl.get() << "): " << result << " (" << error
<< ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_shutdown");
;
}
MORDOR_LOG_WARNING(g_log) << this << " SSL_shutdown(" << m_ssl.get()
<< "): " << result << " (" << error << ")";
if (result == 0) {
break;
}
MORDOR_THROW_EXCEPTION_FROM_LAST_ERROR_API("SSL_shutdown");
case SSL_ERROR_SSL:
{
MORDOR_ASSERT(hasOpenSSLError());
std::string message = getOpenSSLErrorMessage();
MORDOR_LOG_ERROR(g_log) << this << " SSL_shutdown("
<< m_ssl.get() << "): " << result << " (" << error
<< ", " << message << ")";
MORDOR_THROW_EXCEPTION(OpenSSLException(message))
// << boost::errinfo_api_function("SSL_shutdown");
;
}
default:
MORDOR_NOTREACHED();
}
break;
}
parent()->close();
}
