1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
/* -*- Mode: C; tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2014 Couchbase, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* @brief
* This is the 'base' class for the lcbio_TABLE with SSL. This contains the
* core BIO and SSL structures as well as some other boilerplate needed to
* expose a complete lcbio_TABLE interface to the rest of the library.
*
* This is 'subclassed' as lcbio_CSSL and lcbio_ESSL for Completion and Event
* based I/O models respectively.
*/
typedef struct lcbio_XSSL;
/**
* @brief Get the associated lcbio_XSSL from an iops pointer
* @param iops the IOPS structure
* @return the lcbio_XSSL pointer
*/
/**
* @brief Access the iops `error` field which is exposed to the rest of LCBIO.
* The rest of the code will inspect this variable when a call fails to retrieve
* the errno.
* @param xs the lcbio_XSSL base pointer
* @return An lvaue to the error field
*/
/**
* @brief Check and handle SSL errors
*
* This function inspects the error state of the current `SSL` object. If a
* fatal error is detected, the internal error flag is set and pending errors
* are logged.
*
* @param xs The XSSL context
* @param rv The return code received from an `SSL_read()` or `SSL_write()`
* @return nonzero if a fatal error has occurred, 0 if the error is transient
* and is `SSL_ERROR_WANT_READ` or `SSL_ERROR_WANT_WRITE`.
*
* @note Do not call this function if `rv` is `>0`.
*/
int
;
/**
* Flush errors from the internal error queue. Call this whenever an error
* has taken place
* @param xs
*/
void
;
/**
* This function acts as the 'base' constructor for lcbio_XSSL. It will
* initialize and proxy the various timer and run/stop routines to the underlying
* iops plugin. The 'subclass' is still expected to implement the actual send,
* recv, close, and event routines.
*
* @param xs The lcbio_XSSL pointer to initialize (usually a pointer to a field
* within the real structure)
* @param orig The original lcbio_TABLE containing the actual socket I/O routines.
* @param ctx the `SSL_CTX*` which will be used to create the `SSL*` pointer
*/
void
;
/**
* This function acts as the base destructor for lcbio_XSSL
* @param xs the lcbio_XSSL to clean up.
* After this function has been called, none of the base fields should be
* considered valid (unless a refcounted item is specifically kept alive).
*/
void
;
/**
* Reserve a specified amount of bytes for reading into a `BUF_MEM*` structure.
* Currently the amount reserved is hard coded.
*
* Use this function to retrievw a pointer to the unused (but allocated) portion
* of the `BUF_MEM` structure rather than doing an explicit BIO_write which
* will result in needless copying of memory. Unfortunately OpenSSL does not have
* a clean way of growing this buffer but it is possible.
*
* @param bm The `BUF_MEM*` structure.
*
* @code{.c}
* BUF_MEM *bm;
* iotssl_bm_reserve(bm);
* recv(fd, bm->data, bm->max-mb->length, 0);
* @endcode
*/
void
;
/**
* Prepare the SSL structure so that a subsequent call to SSL_pending will
* actually determine if there's any data available for read
* @param ssl the SSL object
* @return
*/
/**
* Wrapper for SSL_pending. In order to work around another bug of the well
* designed OpenSSL library, which will strangely place "undefined" errors
* into the queue unless this check is done beforehand.
*
* See: https://groups.google.com/forum/#!msg/mailing.openssl.users/so242GuI6Yo/2Jp3Qoo_gsgJ
* See: http://stackoverflow.com/questions/22753221/openssl-read-write-handshake-data-with-memory-bio
* See: http://www.opensubscriber.com/message/openssl-users@openssl.org/8638179.html
*/
/**
* Create and return a pointer to an lcbio_TABLE with an underlying
* completion-based I/O model
* @param orig The original table
* @param sd The socket descriptor which is already connected
* @param sctx
* @return NULL on error
*/
lcbio_pTABLE
;
/**
* Create and return a pointer to an lcbio_TABLE with an underlying event
* based I/O model
* @param orig The original pointer
* @param fd Socket descriptor
* @param sctx
* @return NULL on error.
*/
lcbio_pTABLE
;