#if HAVE_UNISTD_H
#include <unistd.h>
#endif
+#include <yaz/thread_create.h>
#ifdef WIN32
/* VS 2003 or later has getaddrinfo; older versions do not */
#if HAVE_GNUTLS_H
#include <gnutls/x509.h>
#include <gnutls/gnutls.h>
-#define ENABLE_SSL 1
#endif
#include <yaz/comstack.h>
#include <yaz/tcpip.h>
#include <yaz/errno.h>
+#define RESOLVER_THREAD 1
+
static void tcpip_close(COMSTACK h);
static int tcpip_put(COMSTACK h, char *buf, int size);
static int tcpip_get(COMSTACK h, char **buf, int *bufsize);
void *cd);
static int tcpip_set_blocking(COMSTACK p, int blocking);
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
static int ssl_get(COMSTACK h, char **buf, int *bufsize);
static int ssl_put(COMSTACK h, char *buf, int size);
#endif
int (*complete)(const char *buf, int len); /* length/complete. */
#if HAVE_GETADDRINFO
struct addrinfo *ai;
- struct addrinfo *ai_this;
+ struct addrinfo *ai_connect;
#else
struct sockaddr_in addr; /* returned by cs_straddr */
#endif
int connect_request_len;
char *connect_response_buf;
int connect_response_len;
+ int ipv6_only;
+#if RESOLVER_THREAD
+ int pipefd[2];
+ char *hoststr;
+ const char *port;
+ yaz_thread_t thread_id;
+#endif
} tcpip_state;
static int tcpip_init(void)
#endif
#if HAVE_GETADDRINFO
+#if RESOLVER_THREAD
+ sp->hoststr = 0;
+ sp->pipefd[0] = sp->pipefd[1] = -1;
+ sp->port = 0;
+#endif
sp->ai = 0;
#endif
sp->altbuf = 0;
COMSTACK ssl_type(int s, int flags, int protocol, void *vp)
{
-#if !ENABLE_SSL
- return 0;
-#else
+#if HAVE_GNUTLS_H
tcpip_state *sp;
COMSTACK p;
p->type = ssl_type;
sp = (tcpip_state *) p->cprivate;
-#if HAVE_GNUTLS_H
sp->session = (gnutls_session_t) vp;
-#endif
/* note: we don't handle already opened socket in SSL mode - yet */
return p;
+#else
+ return 0;
#endif
}
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
static int ssl_check_error(COMSTACK h, tcpip_state *sp, int res)
{
-#if HAVE_GNUTLS_H
TRC(fprintf(stderr, "ssl_check_error error=%d fatal=%d msg=%s\n",
res,
gnutls_error_is_fatal(res),
h->io_pending = dir ? CS_WANT_WRITE : CS_WANT_READ;
return 1;
}
-#endif
h->cerrno = CSERRORSSL;
return 0;
}
}
#if HAVE_GETADDRINFO
+static struct addrinfo *create_net_socket(COMSTACK h)
+{
+ tcpip_state *sp = (tcpip_state *)h->cprivate;
+ int s = -1;
+ struct addrinfo *ai = 0;
+ if (sp->ipv6_only >= 0)
+ {
+ for (ai = sp->ai; ai; ai = ai->ai_next)
+ {
+ if (ai->ai_family == AF_INET6)
+ {
+ s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+ if (s != -1)
+ break;
+ }
+ }
+ }
+ if (s == -1)
+ {
+ for (ai = sp->ai; ai; ai = ai->ai_next)
+ {
+ s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+ if (s != -1)
+ break;
+ }
+ }
+ if (s == -1)
+ return 0;
+ TRC(fprintf(stderr, "First socket fd=%d\n", s));
+ assert(ai);
+ h->iofile = s;
+ if (ai->ai_family == AF_INET6 && sp->ipv6_only >= 0 &&
+ setsockopt(h->iofile,
+ IPPROTO_IPV6,
+ IPV6_V6ONLY, &sp->ipv6_only, sizeof(sp->ipv6_only)))
+ return 0;
+ if (!tcpip_set_blocking(h, h->flags))
+ return 0;
+ return ai;
+}
+
+#if RESOLVER_THREAD
+
+void *resolver_thread(void *arg)
+{
+ COMSTACK h = (COMSTACK) arg;
+ tcpip_state *sp = (tcpip_state *)h->cprivate;
+
+ sp->ipv6_only = 0;
+ if (sp->ai)
+ freeaddrinfo(sp->ai);
+ sp->ai = tcpip_getaddrinfo(sp->hoststr, sp->port, &sp->ipv6_only);
+ write(sp->pipefd[1], "1", 1);
+ return 0;
+}
+
+static struct addrinfo *wait_resolver_thread(COMSTACK h)
+{
+ tcpip_state *sp = (tcpip_state *)h->cprivate;
+ char buf;
+
+ read(sp->pipefd[0], &buf, 1);
+ yaz_thread_join(&sp->thread_id, 0);
+ close(sp->pipefd[0]);
+ close(sp->pipefd[1]);
+ sp->pipefd[0] = -1;
+ return create_net_socket(h);
+}
+
+#endif
+
void *tcpip_straddr(COMSTACK h, const char *str)
{
tcpip_state *sp = (tcpip_state *)h->cprivate;
const char *port = "210";
- struct addrinfo *ai = 0;
- int ipv6_only = 0;
+
+ if (!tcpip_init())
+ return 0;
+
if (h->protocol == PROTO_HTTP)
{
if (h->type == ssl_type)
else
port = "80";
}
- if (!tcpip_init())
+#if RESOLVER_THREAD
+ if (sp->pipefd[0] != -1)
+ return 0;
+ if (pipe(sp->pipefd) == -1)
return 0;
+ sp->port = port;
+ xfree(sp->hoststr);
+ sp->hoststr = xstrdup(str);
+ sp->thread_id = yaz_thread_create(resolver_thread, h);
+ return sp->hoststr;
+#else
if (sp->ai)
freeaddrinfo(sp->ai);
- sp->ai = tcpip_getaddrinfo(str, port, &ipv6_only);
+ sp->ai = tcpip_getaddrinfo(str, port, &sp->ipv6_only);
if (sp->ai && h->state == CS_ST_UNBND)
{
- int s = -1;
- if (ipv6_only >= 0)
- {
- for (ai = sp->ai; ai; ai = ai->ai_next)
- {
- if (ai->ai_family == AF_INET6)
- {
- s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (s != -1)
- break;
- }
- }
- }
- if (s == -1)
- {
- for (ai = sp->ai; ai; ai = ai->ai_next)
- {
- s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (s != -1)
- break;
- }
- }
- if (s == -1)
- return 0;
- fprintf(stderr, "First socket fd=%d\n", s);
- sp->ai_this = ai;
- assert(ai);
- h->iofile = s;
- if (ai->ai_family == AF_INET6 && ipv6_only >= 0 &&
- setsockopt(h->iofile,
- IPPROTO_IPV6,
- IPV6_V6ONLY, &ipv6_only, sizeof(ipv6_only)))
- return 0;
- if (!tcpip_set_blocking(h, h->flags))
- return 0;
+ return create_net_socket(h);
}
- return ai;
+ return sp->ai;
+#endif
}
+
#else
void *tcpip_straddr(COMSTACK h, const char *str)
{
{
#if HAVE_GETADDRINFO
tcpip_state *sp = (tcpip_state *)h->cprivate;
- struct addrinfo *ai = sp->ai_this;
+ struct addrinfo *ai = sp->ai_connect;
while (ai && (ai = ai->ai_next))
{
int s;
s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (s != -1)
{
+#if HAVE_GNUTLS_H
+ if (h->type == ssl_type && sp->session)
+ {
+ gnutls_bye(sp->session, GNUTLS_SHUT_WR);
+ gnutls_deinit(sp->session);
+ sp->session = 0;
+ }
+#endif
#ifdef WIN32
closesocket(h->iofile);
#else
close(h->iofile);
#endif
- fprintf(stderr, "Other socket call fd=%d\n", s);
+ TRC(fprintf(stderr, "Other socket call fd=%d\n", s));
h->state = CS_ST_UNBND;
h->iofile = s;
- sp->ai_this = ai;
tcpip_set_blocking(h, h->flags);
return tcpip_connect(h, ai);
}
{
#if HAVE_GETADDRINFO
struct addrinfo *ai = (struct addrinfo *) address;
+ tcpip_state *sp = (tcpip_state *)h->cprivate;
#else
struct sockaddr_in *add = (struct sockaddr_in *) address;
#endif
h->cerrno = CSOUTSTATE;
return -1;
}
+#if RESOLVER_THREAD
+ if (sp->pipefd[0] != -1)
+ {
+ if (h->flags & CS_FLAGS_BLOCKING)
+ {
+ ai = wait_resolver_thread(h);
+ if (!ai)
+ return -1;
+ }
+ else
+ {
+ h->event = CS_CONNECT;
+ h->state = CS_ST_CONNECTING;
+ h->io_pending = CS_WANT_READ;
+ h->iofile = sp->pipefd[0];
+ return 1;
+ }
+ }
+#endif
#if HAVE_GETADDRINFO
r = connect(h->iofile, ai->ai_addr, ai->ai_addrlen);
+ sp->ai_connect = ai;
#else
r = connect(h->iofile, (struct sockaddr *) add, sizeof(*add));
#endif
#else
if (yaz_errno() == EINPROGRESS)
{
- fprintf(stderr, "Pending fd=%d\n", h->iofile);
+ TRC(fprintf(stderr, "Pending fd=%d\n", h->iofile));
h->event = CS_CONNECT;
h->state = CS_ST_CONNECTING;
h->io_pending = CS_WANT_WRITE|CS_WANT_READ;
*/
int tcpip_rcvconnect(COMSTACK h)
{
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
tcpip_state *sp = (tcpip_state *)h->cprivate;
#endif
TRC(fprintf(stderr, "tcpip_rcvconnect\n"));
if (h->state == CS_ST_DATAXFER)
return 0;
+#if RESOLVER_THREAD
+ if (sp->pipefd[0] != -1)
+ {
+ struct addrinfo *ai = wait_resolver_thread(h);
+ if (!ai)
+ return -1;
+ h->state = CS_ST_UNBND;
+ return tcpip_connect(h, ai);
+ }
+#endif
if (h->state != CS_ST_CONNECTING)
{
h->cerrno = CSOUTSTATE;
{
if (ssl_check_error(h, sp, res))
return 1;
- return -1;
+ return cont_connect(h);
}
}
#endif
int one = 1;
#endif
+#if RESOLVER_THREAD
+ if (sp->pipefd[0] != -1)
+ {
+ ai = wait_resolver_thread(h);
+ if (!ai)
+ return -1;
+ }
+#endif
#if HAVE_GNUTLS_H
if (h->type == ssl_type && !sp->session)
{
int res;
- gnutls_global_init();
-
tcpip_create_cred(h);
-
res = gnutls_certificate_set_x509_key_file(sp->cred_ptr->xcred,
sp->cert_fname,
sp->cert_fname,
GNUTLS_X509_FMT_PEM);
if (res != GNUTLS_E_SUCCESS)
{
+ fprintf(stderr, "Error 1\n");
h->cerrno = CSERRORSSL;
return -1;
}
}
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
/*
* Return: -1 error, >1 good, len of buffer, ==1 incomplete buffer,
* 0=connection closed.
else if (*bufsize - hasread < CS_TCPIP_BUFCHUNK)
if (!(*buf =(char *)xrealloc(*buf, *bufsize *= 2)))
return -1;
-#if HAVE_GNUTLS_H
res = gnutls_record_recv(sp->session, *buf + hasread,
CS_TCPIP_BUFCHUNK);
if (res == 0)
break;
return -1;
}
-#else
- res = SSL_read(sp->ssl, *buf + hasread, CS_TCPIP_BUFCHUNK);
- TRC(fprintf(stderr, " SSL_read res=%d, hasread=%d\n", res, hasread));
- if (res <= 0)
- {
- if (ssl_check_error(h, sp, res))
- break;
- return -1;
- }
-#endif
hasread += res;
}
TRC (fprintf (stderr, " Out of read loop with hasread=%d, berlen=%d\n",
}
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
/*
* Returns 1, 0 or -1
* In nonblocking mode, you must call again with same buffer while
}
while (state->towrite > state->written)
{
-#if HAVE_GNUTLS_H
res = gnutls_record_send(state->session, buf + state->written,
size - state->written);
if (res <= 0)
return 1;
return -1;
}
-#else
- res = SSL_write(state->ssl, buf + state->written,
- size - state->written);
- if (res <= 0)
- {
- if (ssl_check_error(h, state, res))
- return 1;
- return -1;
- }
-#endif
state->written += res;
TRC(fprintf(stderr, " Wrote %d, written=%d, nbytes=%d\n",
res, state->written, size));
#if HAVE_GETADDRINFO
if (sp->ai)
freeaddrinfo(sp->ai);
+#if RESOLVER_THREAD
+ xfree(sp->hoststr);
+#endif
#endif
xfree(sp->connect_request_buf);
xfree(sp->connect_response_buf);
int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
{
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
if (cs && cs->type == ssl_type)
{
/* doesn't do anything for GNUTLS */
int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
{
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
if (cs && cs->type == ssl_type)
{
struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;