[HICN-595] Bring TLS up to date

HICN-2 would enable TLS only if OpenSSL 1.1.1 was present.
However the mechanism to do so was broken and hiperf always
ended up using normal consumer and producer sockets.

This patch fixes that by updating the build files. It also fixes
various bugs in the TLS implementation that went unnoticed and
cleans up the code.

Change-Id: Ifda75a9929e14460af43fe79d737d0c926bb671e
Signed-off-by: Olivier Roques <oroques+fdio@cisco.com>
Signed-off-by: Mauro Sardara <msardara@cisco.com>

1 files changed, 20 insertions, 32 deletions

diff --git a/libtransport/src/implementation/tls_socket_consumer.cc b/libtransport/src/implementation/tls_socket_consumer.cc
index 95b287aa6..7cf653848 100644
--- a/libtransport/src/implementation/tls_socket_consumer.cc
+++ b/libtransport/src/implementation/tls_socket_consumer.cc
@@ -46,11 +46,13 @@ int readOldTLS(BIO *b, char *buf, int size) {
       socket->network_name_.setSuffix(socket->random_suffix_);
       socket->ConsumerSocket::asyncConsume(socket->network_name_);
     }
+
     if (!socket->something_to_read_) socket->cv_.wait(lck);
   }
 
   size_t size_to_read, read;
   size_t chain_size = socket->head_->length();
+
   if (socket->head_->isChained())
     chain_size = socket->head_->computeChainDataLength();
 
@@ -101,6 +103,7 @@ int writeOldTLS(BIO *b, const char *buf, int num) {
   socket = (TLSConsumerSocket *)BIO_get_data(b);
 
   socket->payload_ = utils::MemBuf::copyBuffer(buf, num);
+
   socket->ConsumerSocket::setSocketOption(
       ConsumerCallbacksOptions::INTEREST_OUTPUT,
       (ConsumerInterestCallback)std::bind(
@@ -176,12 +179,6 @@ TLSConsumerSocket::TLSConsumerSocket(interface::ConsumerSocket *consumer_socket,
   BIO_set_data(bio, this);
   SSL_set_bio(ssl_, bio, bio);
 
-  ConsumerSocket::getSocketOption(MAX_WINDOW_SIZE, old_max_win_);
-  ConsumerSocket::setSocketOption(MAX_WINDOW_SIZE, (double)1.0);
-
-  ConsumerSocket::getSocketOption(CURRENT_WINDOW_SIZE, old_current_win_);
-  ConsumerSocket::setSocketOption(CURRENT_WINDOW_SIZE, (double)1.0);
-
   std::default_random_engine generator;
   std::uniform_int_distribution<int> distribution(
       1, std::numeric_limits<uint32_t>::max());
@@ -191,10 +188,8 @@ TLSConsumerSocket::TLSConsumerSocket(interface::ConsumerSocket *consumer_socket,
                                         this);
 };
 
-/*
- * The producer interface is not owned by the application, so is TLSSocket task
- * to deallocate the memory
- */
+/* The producer interface is not owned by the application, so is TLSSocket task
+ * to deallocate the memory */
 TLSConsumerSocket::~TLSConsumerSocket() { delete consumer_interface_; }
 
 int TLSConsumerSocket::consume(const Name &name,
@@ -228,22 +223,15 @@ int TLSConsumerSocket::download_content(const Name &name) {
   something_to_read_ = false;
   content_downloaded_ = false;
 
-  decrypted_content_ = utils::MemBuf::createCombined(SSL3_RT_MAX_PLAIN_LENGTH);
-  uint8_t *buf = decrypted_content_->writableData();
-  size_t size = 0;
+  std::size_t max_buffer_size = read_callback_decrypted_->maxBufferSize();
+  std::size_t buffer_size = read_callback_decrypted_->maxBufferSize() + SSL3_RT_MAX_PLAIN_LENGTH;
+  decrypted_content_ = utils::MemBuf::createCombined(buffer_size);
   int result = -1;
+  std::size_t size = 0;
 
   while (!content_downloaded_ || something_to_read_) {
-    if (decrypted_content_->tailroom() < SSL3_RT_MAX_PLAIN_LENGTH) {
-      decrypted_content_->appendChain(
-          utils::MemBuf::createCombined(SSL3_RT_MAX_PLAIN_LENGTH));
-      // decrypted_content_->computeChainDataLength();
-      buf = decrypted_content_->prev()->writableData();
-    } else {
-      buf = decrypted_content_->writableTail();
-    }
-
-    result = SSL_read(this->ssl_, buf, SSL3_RT_MAX_PLAIN_LENGTH);
+    result = SSL_read(
+      this->ssl_, decrypted_content_->writableTail(), SSL3_RT_MAX_PLAIN_LENGTH);
 
     /* SSL_read returns the data only if there were SSL3_RT_MAX_PLAIN_LENGTH of
      * the data has been fully downloaded */
@@ -253,20 +241,20 @@ int TLSConsumerSocket::download_content(const Name &name) {
 
     if (result >= 0) {
       size += result;
-      decrypted_content_->prepend(result);
-    } else
+      decrypted_content_->append(result);
+    } else {
       throw errors::RuntimeException("Unable to download content");
+    }
 
-    if (size >= read_callback_decrypted_->maxBufferSize()) {
+    if (decrypted_content_->length() >= max_buffer_size) {
       if (read_callback_decrypted_->isBufferMovable()) {
-        // No need to perform an additional copy. The whole buffer will be
-        // tranferred to the application.
-
+        /* No need to perform an additional copy. The whole buffer will be
+         * tranferred to the application. */
         read_callback_decrypted_->readBufferAvailable(
             std::move(decrypted_content_));
-        decrypted_content_ = utils::MemBuf::create(SSL3_RT_MAX_PLAIN_LENGTH);
+        decrypted_content_ = utils::MemBuf::create(buffer_size);
       } else {
-        // The buffer will be copied into the application-provided buffer
+        /* The buffer will be copied into the application-provided buffer */
         uint8_t *buffer;
         std::size_t length;
         std::size_t total_length = decrypted_content_->length();
@@ -358,6 +346,7 @@ size_t TLSConsumerSocket::maxBufferSize() const {
 void TLSConsumerSocket::readBufferAvailable(
     std::unique_ptr<utils::MemBuf> &&buffer) noexcept {
   std::unique_lock<std::mutex> lck(this->mtx_);
+
   if (head_) {
     head_->prependChain(std::move(buffer));
   } else {
@@ -380,5 +369,4 @@ void TLSConsumerSocket::readSuccess(std::size_t total_size) noexcept {
 bool TLSConsumerSocket::isBufferMovable() noexcept { return true; }
 
 }  // namespace implementation
-
 }  // namespace transport