From ea158d64a0aa0673807c74ce00fc854519ba589c Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Mon, 26 Feb 2024 18:11:43 -0800 Subject: tls: pass reset ntf to engines Type: improvement Change-Id: Ie042605e50656229874b7a93638f0f04c894410f Signed-off-by: Florin Coras --- src/plugins/tlsmbedtls/tls_mbedtls.c | 16 ++++++++++++++++ src/plugins/tlsopenssl/tls_openssl.c | 17 +++++++++++++++++ src/plugins/tlspicotls/tls_picotls.c | 17 +++++++++++++++++ 3 files changed, 50 insertions(+) (limited to 'src/plugins') diff --git a/src/plugins/tlsmbedtls/tls_mbedtls.c b/src/plugins/tlsmbedtls/tls_mbedtls.c index ca454199edc..00ac7fe6e17 100644 --- a/src/plugins/tlsmbedtls/tls_mbedtls.c +++ b/src/plugins/tlsmbedtls/tls_mbedtls.c @@ -551,6 +551,21 @@ mbedtls_transport_close (tls_ctx_t * ctx) return 0; } +static int +mbedtls_transport_reset (tls_ctx_t *ctx) +{ + if (!mbedtls_handshake_is_over (ctx)) + { + session_close (session_get_from_handle (ctx->tls_session_handle)); + return 0; + } + + session_transport_reset_notify (&ctx->connection); + session_transport_closed_notify (&ctx->connection); + tls_disconnect_transport (ctx); + return 0; +} + static int mbedtls_app_close (tls_ctx_t * ctx) { @@ -579,6 +594,7 @@ const static tls_engine_vft_t mbedtls_engine = { .ctx_start_listen = mbedtls_start_listen, .ctx_stop_listen = mbedtls_stop_listen, .ctx_transport_close = mbedtls_transport_close, + .ctx_transport_reset = mbedtls_transport_reset, .ctx_app_close = mbedtls_app_close, .ctx_reinit_cachain = mbedtls_reinit_ca_chain, }; diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c index 6c5f6cd9c7c..5e58913342b 100644 --- a/src/plugins/tlsopenssl/tls_openssl.c +++ b/src/plugins/tlsopenssl/tls_openssl.c @@ -1060,6 +1060,22 @@ openssl_transport_close (tls_ctx_t * ctx) return 0; } +static int +openssl_transport_reset (tls_ctx_t *ctx) +{ + if (!openssl_handshake_is_over (ctx)) + { + openssl_handle_handshake_failure (ctx); + return 0; + } + + session_transport_reset_notify (&ctx->connection); + session_transport_closed_notify (&ctx->connection); + tls_disconnect_transport (ctx); + + return 0; +} + static int openssl_app_close (tls_ctx_t * ctx) { @@ -1151,6 +1167,7 @@ const static tls_engine_vft_t openssl_engine = { .ctx_start_listen = openssl_start_listen, .ctx_stop_listen = openssl_stop_listen, .ctx_transport_close = openssl_transport_close, + .ctx_transport_reset = openssl_transport_reset, .ctx_app_close = openssl_app_close, .ctx_reinit_cachain = openssl_reinit_ca_chain, }; diff --git a/src/plugins/tlspicotls/tls_picotls.c b/src/plugins/tlspicotls/tls_picotls.c index f6b267f0901..0ab2488e4f4 100644 --- a/src/plugins/tlspicotls/tls_picotls.c +++ b/src/plugins/tlspicotls/tls_picotls.c @@ -204,6 +204,22 @@ picotls_transport_close (tls_ctx_t * ctx) return 0; } +static int +picotls_transport_reset (tls_ctx_t *ctx) +{ + if (!picotls_handshake_is_over (ctx)) + { + picotls_handle_handshake_failure (ctx); + return 0; + } + + session_transport_reset_notify (&ctx->connection); + session_transport_closed_notify (&ctx->connection); + tls_disconnect_transport (ctx); + + return 0; +} + static int picotls_app_close (tls_ctx_t * ctx) { @@ -742,6 +758,7 @@ const static tls_engine_vft_t picotls_engine = { .ctx_read = picotls_ctx_read, .ctx_write = picotls_ctx_write, .ctx_transport_close = picotls_transport_close, + .ctx_transport_reset = picotls_transport_reset, .ctx_app_close = picotls_app_close, .ctx_reinit_cachain = picotls_reinit_ca_chain, }; -- cgit 1.2.3-korg