mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 03:52:28 +02:00
Extract session_move_active into its own function
This makes the tls_process function smaller and easier to understand and this state easier to understand in its own function. Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20220426132324.76517-2-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24212.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
04c3779922
commit
4dbe508ab6
@ -2431,6 +2431,54 @@ session_move_pre_start(const struct tls_session *session,
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Moves the key to state to S_ACTIVE and also advances the multi_state state
|
||||
* machine if this is the initial connection.
|
||||
*/
|
||||
static void
|
||||
session_move_active(struct tls_multi *multi, struct tls_session *session,
|
||||
struct link_socket_info *to_link_socket_info,
|
||||
struct key_state *ks)
|
||||
{
|
||||
dmsg(D_TLS_DEBUG_MED, "STATE S_ACTIVE");
|
||||
|
||||
ks->established = now;
|
||||
if (check_debug_level(D_HANDSHAKE))
|
||||
{
|
||||
print_details(&ks->ks_ssl, "Control Channel:");
|
||||
}
|
||||
ks->state = S_ACTIVE;
|
||||
/* Cancel negotiation timeout */
|
||||
ks->must_negotiate = 0;
|
||||
INCR_SUCCESS;
|
||||
|
||||
/* Set outgoing address for data channel packets */
|
||||
link_socket_set_outgoing_addr(to_link_socket_info, &ks->remote_addr,
|
||||
session->common_name, session->opt->es);
|
||||
|
||||
/* Check if we need to advance the tls_multi state machine */
|
||||
if (multi->multi_state == CAS_NOT_CONNECTED)
|
||||
{
|
||||
if (session->opt->mode == MODE_SERVER)
|
||||
{
|
||||
/* On a server we continue with running connect scripts next */
|
||||
multi->multi_state = CAS_WAITING_AUTH;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Skip the connect script related states */
|
||||
multi->multi_state = CAS_WAITING_OPTIONS_IMPORT;
|
||||
}
|
||||
}
|
||||
|
||||
/* Flush any payload packets that were buffered before our state transitioned to S_ACTIVE */
|
||||
flush_payload_buffer(ks);
|
||||
|
||||
#ifdef MEASURE_TLS_HANDSHAKE_STATS
|
||||
show_tls_performance_stats();
|
||||
#endif
|
||||
}
|
||||
/*
|
||||
* This is the primary routine for processing TLS stuff inside the
|
||||
* the main event loop. When this routine exits
|
||||
@ -2545,47 +2593,11 @@ tls_process(struct tls_multi *multi,
|
||||
|
||||
/* Wait for ACK */
|
||||
if (((ks->state == S_GOT_KEY && !session->opt->server)
|
||||
|| (ks->state == S_SENT_KEY && session->opt->server)))
|
||||
|| (ks->state == S_SENT_KEY && session->opt->server))
|
||||
&& no_pending_reliable_packets(ks))
|
||||
{
|
||||
if (no_pending_reliable_packets(ks))
|
||||
{
|
||||
ks->established = now;
|
||||
dmsg(D_TLS_DEBUG_MED, "STATE S_ACTIVE");
|
||||
if (check_debug_level(D_HANDSHAKE))
|
||||
{
|
||||
print_details(&ks->ks_ssl, "Control Channel:");
|
||||
}
|
||||
session_move_active(multi, session, to_link_socket_info, ks);
|
||||
state_change = true;
|
||||
ks->state = S_ACTIVE;
|
||||
/* Cancel negotiation timeout */
|
||||
ks->must_negotiate = 0;
|
||||
INCR_SUCCESS;
|
||||
|
||||
/* Set outgoing address for data channel packets */
|
||||
link_socket_set_outgoing_addr(to_link_socket_info, &ks->remote_addr, session->common_name, session->opt->es);
|
||||
|
||||
/* Check if we need to advance the tls_multi state machine */
|
||||
if (multi->multi_state == CAS_NOT_CONNECTED)
|
||||
{
|
||||
if (session->opt->mode == MODE_SERVER)
|
||||
{
|
||||
/* On a server we continue with running connect scripts next */
|
||||
multi->multi_state = CAS_WAITING_AUTH;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Skip the connect script related states */
|
||||
multi->multi_state = CAS_WAITING_OPTIONS_IMPORT;
|
||||
}
|
||||
}
|
||||
|
||||
/* Flush any payload packets that were buffered before our state transitioned to S_ACTIVE */
|
||||
flush_payload_buffer(ks);
|
||||
|
||||
#ifdef MEASURE_TLS_HANDSHAKE_STATS
|
||||
show_tls_performance_stats();
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
/* Reliable buffer to outgoing TCP/UDP (send up to CONTROL_SEND_ACK_MAX ACKs
|
||||
|
Loading…
Reference in New Issue
Block a user