From 97fd52c529e293f98674f313fb2da9a9f8b85fbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 6 May 2015 15:38:52 +0100 Subject: [PATCH] Split ssl_set_read_timeout() out of bio_timeout() --- include/mbedtls/ssl.h | 17 ++++++++++++++--- library/ssl_tls.c | 9 ++++++--- programs/ssl/dtls_client.c | 3 +-- programs/ssl/dtls_server.c | 3 +-- programs/ssl/mini_client.c | 2 +- programs/ssl/ssl_client1.c | 2 +- programs/ssl/ssl_client2.c | 10 +++++----- programs/ssl/ssl_fork_server.c | 2 +- programs/ssl/ssl_mail_client.c | 2 +- programs/ssl/ssl_pthread_server.c | 2 +- programs/ssl/ssl_server.c | 2 +- programs/ssl/ssl_server2.c | 9 +++++---- programs/x509/cert_app.c | 2 +- 13 files changed, 39 insertions(+), 26 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 16a6a13bd..aa8f1e39b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1298,7 +1298,6 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * \param f_recv read callback * \param f_recv_timeout read callback with timeout. * The last argument of the callback is the timeout in seconds - * \param timeout value of the mbedtls_ssl_read() timeout in milliseconds * * \note f_recv_timeout is required for DTLS, unless f_recv performs * non-blocking reads. @@ -1309,8 +1308,20 @@ void mbedtls_ssl_set_bio_timeout( mbedtls_ssl_context *ssl, void *p_bio, int (*f_send)(void *, const unsigned char *, size_t), int (*f_recv)(void *, unsigned char *, size_t), - int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t), - uint32_t timeout ); + int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t) ); + +/** + * \brief Set the timeout period for mbedtls_ssl_read() + * (Default: no timeout.) + * + * \param conf SSL configuration context + * \param timeout Timeout value in milliseconds. + * Use 0 for no timeout (default). + * + * \note With blocking I/O, this will only work if a non-NULL + * \c f_recv_timeout was set with \c mbedtls_ssl_set_bio_timeout(). + */ +void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ad95a1f46..f7ee5f232 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5249,14 +5249,17 @@ void mbedtls_ssl_set_bio_timeout( mbedtls_ssl_context *ssl, void *p_bio, int (*f_send)(void *, const unsigned char *, size_t), int (*f_recv)(void *, unsigned char *, size_t), - int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t), - uint32_t timeout ) + int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t) ) { ssl->p_bio = p_bio; ssl->f_send = f_send; ssl->f_recv = f_recv; ssl->f_recv_timeout = f_recv_timeout; - ssl->conf->read_timeout = timeout; +} + +void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) +{ + conf->read_timeout = timeout; } #if defined(MBEDTLS_SSL_SRV_C) diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 9f8fcbfa3..f8ecf077d 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -191,8 +191,7 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout, - READ_TIMEOUT_MS ); + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 9a925ec27..2b53fbead 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -280,8 +280,7 @@ reset: } mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout, - READ_TIMEOUT_MS ); + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); printf( " ok\n" ); diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index d6ee5702f..dc41b398b 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -250,7 +250,7 @@ int main( void ) goto exit; } - mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); if( mbedtls_ssl_handshake( &ssl ) != 0 ) { diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index d7cb14199..14f089e2d 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -178,7 +178,7 @@ int main( void ) mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); /* * 4. Handshake diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index aaf22db33..5d21450d5 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1119,16 +1119,16 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); if( opt.nbio == 2 ) - mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, my_send, my_recv, NULL, - opt.read_timeout ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, my_send, my_recv, NULL ); else mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, #if defined(MBEDTLS_HAVE_TIME) - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL #else - NULL, + NULL #endif - opt.read_timeout ); + ); + mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout ); #if defined(MBEDTLS_SSL_SESSION_TICKETS) if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 ) diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 50de5ef54..91f0060c5 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -267,7 +267,7 @@ int main( void ) mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL ); if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index ab849a95c..84ae22e62 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -606,7 +606,7 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite ); diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 1fc326263..7e576d4e1 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -197,7 +197,7 @@ static void *handle_ssl_connection( void *data ) mbedtls_printf( " [ #%d ] ok\n", thread_id ); - mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_printf( " [ #%d ] ok\n", thread_id ); diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 61b9dc95e..eb5a039b3 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -252,7 +252,7 @@ reset: goto exit; } - mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 954ae430d..87b4a2e36 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1819,15 +1819,16 @@ reset: } if( opt.nbio == 2 ) - mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, my_send, my_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, my_send, my_recv, NULL ); else mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, #if defined(MBEDTLS_HAVE_TIME) - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL #else - NULL, + NULL #endif - opt.read_timeout ); + ); + mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout ); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 2bac2ae7a..9459b2d60 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -421,7 +421,7 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) {