Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

tp_over_tls_tcp.cpp @ 5641

Last change on this file since 5641 was 5641, checked in by Christoph Mayer, 14 years ago

File size: 57.2 KB

Line
1	/// ----------------------------------------- mode: C++; ---
2	/// @file tp_over_tls_tcp.cpp
3	/// TCP/TLS-based transport module
4	/// ----------------------------------------------------------
5	/// $Id: tp_over_tls_tcp.cpp 2872 2008-02-18 10:58:03Z bless $
6	/// $HeadURL: https://svn.ipv6.tm.uka.de/nsis/protlib/trunk/src/tp_over_tls_tcp.cpp $
7	// ===========================================================
8	//
9	// Copyright (C) 2005-2007, all rights reserved by
10	// - Institute of Telematics, Universitaet Karlsruhe (TH)
11	//
12	// More information and contact:
13	// https://projekte.tm.uka.de/trac/NSIS
14	//
15	// This program is free software; you can redistribute it and/or modify
16	// it under the terms of the GNU General Public License as published by
17	// the Free Software Foundation; version 2 of the License
18	//
19	// This program is distributed in the hope that it will be useful,
20	// but WITHOUT ANY WARRANTY; without even the implied warranty of
21	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22	// GNU General Public License for more details.
23	//
24	// You should have received a copy of the GNU General Public License along
25	// with this program; if not, write to the Free Software Foundation, Inc.,
26	// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27	//
28	// ===========================================================
29
30	extern "C"
31	{
32	//#define _SOCKADDR_LEN /* use BSD 4.4 sockets */
33	#include <unistd.h> /* gethostname */
34	#include <sys/types.h> /* network socket interface */
35	#include <netinet/in.h> /* network socket interface */
36	#include <netinet/tcp.h> /* for TCP Socket Option */
37	#include <sys/socket.h>
38	#include <arpa/inet.h> /* inet_addr */
39
40	#include <fcntl.h>
41	#include <sys/poll.h>
42	}
43
44	#include <iostream>
45	#include <errno.h>
46	#include <string>
47	#include <sstream>
48
49	#include "tp_over_tls_tcp.h"
50	#include "threadsafe_db.h"
51	#include "cleanuphandler.h"
52	#include "setuid.h"
53	#include "queuemanager.h"
54	#include "logfile.h"
55
56	#include <set>
57
58	#define TCP_SUCCESS 0
59	#define TCP_SEND_FAILURE 1
60
61	const unsigned int max_listen_queue_size= 10;
62
63	namespace protlib {
64
65	using namespace log;
66
67	/** @defgroup tptcp TP over TCP
68	* @ingroup network
69	* @{
70	*/
71
72	char in6_addrstr_tls[INET6_ADDRSTRLEN+1];
73
74
75	/***** class TPoverTLS_TCP *****/
76
77	/*
78	* Obtain reason string for last SSL error
79	*
80	* Some caution is needed here since ERR_reason_error_string will
81	* return NULL if it doesn't recognize the error code. We don't
82	* want to return NULL ever.
83	*/
84	const char *
85	TPoverTLS_TCP::SSLerrmessage(void)
86	{
87	unsigned long errcode;
88	const char *errreason;
89	static char errbuf[32];
90
91	errcode = ERR_get_error();
92	if (errcode == 0)
93	return "No SSL error reported";
94	errreason = ERR_reason_error_string(errcode);
95	if (errreason != NULL)
96	return errreason;
97	snprintf(errbuf, sizeof(errbuf), "SSL error code %lu", errcode);
98	return errbuf;
99	}
100
101
102
103	/** get_connection_to() checks for already existing connections.
104	* If a connection exists, it returns "AssocData"
105	* and saves it in "connmap" for further use
106	* If no connection exists, a new connection to "addr"
107	* is created.
108	*/
109	AssocData*
110	TPoverTLS_TCP::get_connection_to(const appladdress& addr)
111	{
112	// get timeout
113	struct timespec ts;
114	get_time_of_day(ts);
115	ts.tv_nsec+= tpparam.sleep_time * 1000000L;
116	if (ts.tv_nsec>=1000000000L)
117	{
118	ts.tv_sec += ts.tv_nsec / 1000000000L;
119	ts.tv_nsec= ts.tv_nsec % 1000000000L;
120	}
121
122	// create a new AssocData pointer, initialize it to NULL
123	AssocData* assoc= NULL;
124	int new_socket;
125	// loop until timeout is exceeded: TODO: check applicability of loop
126	do
127	{
128	// check for existing connections to addr
129	// start critical section
130	lock(); // install_cleanup_thread_lock(TPoverTLS_TCP, this);
131	assoc= connmap.lookup(addr);
132	// end critical section
133	unlock(); // uninstall_cleanup(1);
134	if (assoc)
135	{
136	// If not shut down then use it, else abort, wait and check again.
137	if (!assoc->shutdown)
138	{
139	return assoc;
140	}
141	else
142	{
143	// TODO: connection is already in shutdown mode. What now?
144	Log(ERROR_LOG,LOG_CRIT,tpparam.name,"socket exists, but is already in mode shutdown");
145
146	return 0;
147	}
148	} //end __if (assoc)__
149	else
150	{
151	Log(DEBUG_LOG,LOG_UNIMP,tpparam.name,"No existing connection to "
152	<< addr.get_ip_str() << " port #" << addr.get_port() << " found, creating a new one.");
153	}
154
155	// no connection found, create a new one
156	new_socket = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
157
158	if (new_socket == -1)
159	{
160	Log(ERROR_LOG,LOG_CRIT,tpparam.name,"Couldn't create a new socket: " << strerror(errno));
161
162	return 0;
163	}
164
165	// Disable Nagle Algorithm, set (TCP_NODELAY)
166	int nodelayflag= 1;
167	int status= setsockopt(new_socket,
168	IPPROTO_TCP,
169	TCP_NODELAY,
170	&nodelayflag,
171	sizeof(nodelayflag));
172	if (status)
173	{
174	Log(ERROR_LOG,LOG_NORMAL,tpparam.name, "Could not set socket option TCP_NODELAY:" << strerror(errno));
175	}
176
177	// Reuse ports, even if they are busy
178	int socketreuseflag= 1;
179	status= setsockopt(new_socket,
180	SOL_SOCKET,
181	SO_REUSEADDR,
182	(const char *) &socketreuseflag,
183	sizeof(socketreuseflag));
184	if (status)
185	{
186	Log(ERROR_LOG,LOG_NORMAL,tpparam.name, "Could not set socket option SO_REUSEADDR:" << strerror(errno));
187	}
188
189	struct sockaddr_in6 dest_address;
190	dest_address.sin6_flowinfo= 0;
191	dest_address.sin6_scope_id= 0;
192	addr.get_sockaddr(dest_address);
193
194	// connect the socket to the destination address
195	int connect_status = connect(new_socket,
196	reinterpret_cast<const struct sockaddr*>(&dest_address),
197	sizeof(dest_address));
198
199
200	// connects to the listening_port of the peer's masterthread
201	if (connect_status != 0)
202	{
203	Log(ERROR_LOG,LOG_NORMAL, tpparam.name,"Connect to " << addr.get_ip_str() << " port #" << addr.get_port()
204	<< " failed: [" << color[red] << strerror(errno) << color[off] << "]");
205	// FIXME: that doesn't work gracefully
206	//throw TPError(TPError::ERROR_UNREACHABLE);
207	return 0;
208	}
209
210	struct sockaddr_in6 own_address;
211	socklen_t own_address_len= sizeof(own_address);
212	getsockname(new_socket, reinterpret_cast<struct sockaddr*>(&own_address), &own_address_len);
213
214
215	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name,">>--Connect-->> to " << addr.get_ip_str() << " port #" << addr.get_port()
216	<< " from " << inet_ntop(AF_INET6,&own_address.sin6_addr,in6_addrstr_tls,INET6_ADDRSTRLEN)
217	<< " port #" << ntohs(own_address.sin6_port));
218
219	// create new AssocData record (will copy addr)
220	assoc = new(nothrow) AssocData(new_socket, addr, appladdress(own_address,IPPROTO_TCP));
221
222	DLog(tpparam.name, "Before creation of a new SSL object");
223
224	SSL *ssl = NULL;
225
226	if (!ssl_ctx) ERRCLog(tpparam.name, "Could not create SSL context");
227
228	ssl = SSL_new(ssl_ctx);
229
230	if (!ssl)
231	{
232	ERRCLog(tpparam.name,"could not create SSL context: " << SSLerrmessage());
233	}
234
235	if (!ssl)
236	ERRCLog(tpparam.name, "Could not create SSL object");
237
238	DLog(tpparam.name, "Before binding it to the socket");
239
240	SSL_set_fd(ssl, new_socket);
241
242	DLog(tpparam.name, "Bound SSL object to the socket");
243
244
245	// Connect to the server
246	if ((SSL_connect(ssl)) < 1) {
247	ERRCLog(tpparam.name, "SSL connect failed in get_connection_to(): " << SSLerrmessage());
248	}
249
250	sslmap[new_socket]=ssl;
251
252	DLog(tpparam.name, "Inserted SSL object into sslmap");
253
254	// if assoc could be successfully created, insert it into ConnectionMap
255	if (assoc)
256	{
257	bool insert_success= false;
258	// start critical section
259	lock(); // install_cleanup_thread_lock(TPoverTLS_TCP, this);
260	// insert AssocData into connection map
261	insert_success= connmap.insert(assoc);
262	// end critical section
263	unlock(); // uninstall_cleanup(1);
264
265	if (insert_success == true)
266	{
267	#ifdef _DEBUG
268	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, "Connected to " << addr.get_ip_str() << ", port #" << addr.get_port()
269	<< " via socket " << new_socket);
270
271
272	#endif
273
274	// notify master thread to start a receiver thread (i.e. send selfmessage)
275	TPoverTLS_TCPMsg* newmsg= new(nothrow)TPoverTLS_TCPMsg(assoc, tpparam.source, TPoverTLS_TCPMsg::start);
276	if (newmsg)
277	{
278	newmsg->send_to(tpparam.source);
279	return assoc;
280	}
281	else
282	Log(ERROR_LOG,LOG_CRIT,tpparam.name,"get_connection_to: could not get memory for internal msg");
283	}
284	else
285	{
286	// delete data and abort
287	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Cannot insert AssocData for socket " << new_socket << ", "<< addr.get_ip_str()
288	<<", port #" << addr.get_port() << " into connection map, aborting connection");
289
290	// abort connection, delete its AssocData
291	close (new_socket);
292	if (assoc)
293	{
294	delete assoc;
295	assoc= 0;
296	}
297	return assoc;
298	} // end else connmap.insert
299
300	} // end "if (assoc)"
301	}
302	while (wait_cond(ts)!=ETIMEDOUT);
303
304	return assoc;
305	} //end get_connection_to
306
307
308	/** terminates a signaling association/connection
309	* - if no connection exists, generate a warning
310	* - otherwise: generate internal msg to related receiver thread
311	*/
312	void
313	TPoverTLS_TCP::terminate(const address& in_addr)
314	{
315
316	appladdress* addr = NULL;
317	addr= dynamic_cast<appladdress*>(in_addr.copy());
318
319	if (!addr) return;
320
321	#ifndef _NO_LOGGING
322	const char *const thisproc="terminate() - ";
323	#endif
324
325	// Create a new AssocData-pointer
326	AssocData* assoc = NULL;
327
328	// check for existing connections to addr
329
330	// start critical section:
331	// please note if receiver_thread terminated already, the assoc data is not
332	// available anymore therefore we need a lock around cleanup_receiver_thread()
333
334	lock(); // install_cleanup_thread_lock(TPoverTLS_TCP, this);
335	assoc= connmap.lookup(*addr);
336	if (assoc)
337	{
338	Log(EVENT_LOG,LOG_NORMAL,tpparam.name,thisproc<<"got request to shutdown connection for peer " << *addr);
339	// If not shut down then use it, else abort, wait and check again.
340	if (!assoc->shutdown)
341	{
342	if (assoc->socketfd)
343	{
344	// disallow sending
345	if (shutdown(assoc->socketfd,SHUT_WR))
346	{
347	Log(ERROR_LOG,LOG_UNIMP,tpparam.name,thisproc<<"shutdown (write) on socket for peer " << *addr << " returned error:" << strerror(errno));
348	}
349	else
350	{
351	Log(EVENT_LOG,LOG_NORMAL,tpparam.name,thisproc<<"initiated closing of connection for peer " << *addr << ". Shutdown (write) on socket "<< assoc->socketfd );
352	}
353	}
354	assoc->shutdown= true;
355	}
356	else
357	Log(EVENT_LOG,LOG_NORMAL,tpparam.name,thisproc<<"connection for peer " << *addr << " is already in mode shutdown");
358
359	}
360	else
361	Log(WARNING_LOG,LOG_NORMAL,tpparam.name,thisproc<<"could not find a connection for peer " << *addr);
362
363	stop_receiver_thread(assoc);
364
365	// end critical section
366	unlock(); // uninstall_cleanup(1);
367
368
369	if (addr) delete addr;
370
371	}
372
373
374	/** generates and internal TPoverTLS_TCP message to send a NetMsg to the network
375	*
376	* - it is necessary to let a thread do this, because the caller
377	* may get blocked if the connect() or send() call hangs for a while
378	* - the sending thread will call TPoverTLS_TCP::tcpsend()
379	* - if no connection exists, creates a new one
380	* @note the netmsg is deleted by the send() method when it is not used anymore
381	*/
382	void
383	TPoverTLS_TCP::send(NetMsg* netmsg, const address& in_addr, bool use_existing_connection)
384	{
385	if (netmsg == NULL) {
386	ERRCLog(tpparam.name,"send() - called without valid NetMsg buffer (NULL)");
387	return;
388	}
389
390	appladdress* addr = NULL;
391	addr = dynamic_cast<appladdress*>(in_addr.copy());
392
393	if (!addr)
394	{
395	ERRCLog(tpparam.name,"send() - given destination address is not of expected type (appladdress), has type: " << (int) in_addr.get_type());
396	return;
397	}
398
399	// lock due to sendermap access
400	lock();
401
402	// check for existing sender thread
403	sender_thread_queuemap_t::const_iterator it= senderthread_queuemap.find(*addr);
404
405	FastQueue* destqueue= 0;
406
407	if (it == senderthread_queuemap.end())
408	{ // no sender thread so far
409
410	// if we already have an existing connection it is save to create a sender thread
411	// since get_connection_to() will not be invoked, so an existing connection will
412	// be used
413	const AssocData* assoc = connmap.lookup(*addr);
414
415	//DLog(tpparam.name,"send() - use_existing_connection:" << (use_existing_connection ? "true" : "false") << " assoc:" << assoc);
416
417	if (use_existing_connection==false \|\| (assoc && assoc->shutdown==false && assoc->socketfd>0))
418	{ // it is allowed to create a new connection for this thread
419	// create a new queue for sender thread
420	FastQueue* sender_thread_queue= new FastQueue;
421	create_new_sender_thread(sender_thread_queue);
422	// remember queue for later use
423
424	//pair<sender_thread_queuemap_t::iterator, bool> tmpinsiterator=
425	senderthread_queuemap.insert( pair<appladdress,FastQueue> (addr,sender_thread_queue) );
426
427	destqueue= sender_thread_queue;
428	}
429	}
430	else
431	{ // we have a sender thread, use stored queue from map
432	destqueue= it->second;
433	}
434
435	unlock();
436
437	// send a send_data message to it (if we have a destination queue)
438	if (destqueue)
439	{
440	// both parameters will be freed after message was sent!
441
442	TPoverTLS_TCPMsg* internalmsg= new TPoverTLS_TCPMsg(netmsg,new appladdress(*addr));
443	if (internalmsg)
444	{
445	// send the internal message to the sender thread queue
446	internalmsg->send(tpparam.source,destqueue);
447	}
448	}
449	else
450	{
451	if (!use_existing_connection)
452	WLog(tpparam.name,"send() - found entry for address, but no active sender thread available for peer addr:" << *addr << " - dropping data");
453	else
454	DLog(tpparam.name,"no active sender thread found for peer " << *addr << " - but policy forbids to set up a new connection, will drop data");
455
456	// cannot send data, so we must drop it
457	delete netmsg;
458
459	}
460
461	if (addr) delete addr;
462	}
463
464	/** sends a NetMsg to the network.
465	*
466	* @param netmsg message to send
467	* @param addr transport endpoint address
468	*
469	* @note if no connection exists, creates a new one
470	* @note both parameters are deleted after the message was sent
471	*/
472	void
473	TPoverTLS_TCP::tcptlssend(NetMsg* netmsg, appladdress* addr)
474	{
475	#ifndef _NO_LOGGING
476	const char *const thisproc="sender - ";
477	#endif
478
479	// set result initially to success, set it to failure
480	// in places where these failures occur
481	int result = TCP_SUCCESS;
482	int ret= 0;
483
484	// Create a new AssocData-pointer
485	AssocData* assoc = NULL;
486
487	// tp.cpp checks for initialisation of tp and correctness of
488	// msgsize, protocol and ip,
489	// throws an error if something is not right
490	if (addr) {
491	addr->convert_to_ipv6();
492	check_send_args(netmsg,addr);
493
494	} else {
495	Log(ERROR_LOG,LOG_CRIT, tpparam.name, thisproc << "address pointer is NULL");
496	result= TCP_SEND_FAILURE;
497	throw TPErrorInternal();
498	}
499
500
501
502	// check for existing connections,
503	// if a connection exists, return its AssocData
504	// and save it in assoc for further use
505	// if no connection exists, create a new one (in get_connection_to()).
506	// Connection is inserted into connection map that must be done
507	// with exclusive access
508	assoc= get_connection_to(*addr);
509
510	if (assoc==NULL \|\| assoc->socketfd<=0)
511	{
512	Log(ERROR_LOG,LOG_CRIT, tpparam.name, thisproc << "no valid assoc/socket data");
513
514	delete netmsg;
515	delete addr;
516	return;
517	}
518	if (assoc->shutdown)
519	{
520	Log(WARNING_LOG, LOG_ALERT, tpparam.name, thisproc << "should send message although connection already half closed");
521	delete netmsg;
522	delete addr;
523
524	throw TPErrorSendFailed();
525	}
526
527	uint32 msgsize= netmsg->get_size();
528	#ifdef DEBUG_HARD
529	cerr << thisproc << "message size=" << netmsg->get_size() << endl;
530	#endif
531
532
533	// get SSL connection data
534	SSL* ssl= sslmap[assoc->socketfd];
535
536
537	// send all the data contained in netmsg to the socket
538	// which belongs to the address "addr"
539	for (uint32 bytes_sent= 0;
540	bytes_sent < msgsize;
541	bytes_sent+= ret)
542	{
543
544	#ifdef _DEBUG_HARD
545	for (uint32 i=0;i<msgsize;i++)
546	{
547	cout << "send_buf: " << i << " : ";
548	if ( isalnum(*(netmsg->get_buffer()+i)) )
549	cout << "'" << (netmsg->get_buffer()+i) << "' (0x" << hex << (unsigned short) (netmsg->get_buffer()+i) << dec << ")" ;
550	else
551	cout << "0x" << hex << (unsigned short) *(netmsg->get_buffer()+i) << dec;
552	cout << endl;
553	}
554
555	cout << endl;
556	cout << "bytes_sent: " << bytes_sent << endl;
557	cout << "Message size: " << msgsize << endl;
558	cout << "Send-Socket: " << assoc->socketfd << endl;
559	cout << "pointer-Offset. " << netmsg->get_pos() << endl;
560	cout << "vor send " << endl;
561	#endif
562
563
564	// socket send
565	//ret= ::send(assoc->socketfd,
566	// netmsg->get_buffer() + bytes_sent,
567	// msgsize - bytes_sent,
568	// MSG_NOSIGNAL);
569
570
571	ret = SSL_write(ssl, netmsg->get_buffer() + bytes_sent, msgsize - bytes_sent);
572
573	//int SSL_write(SSL ssl, const void buf, int num);
574
575	//send_buf + bytes_sent
576
577	if (debug_pdu)
578	{
579	ostringstream hexdump;
580	netmsg->hexdump(hexdump,netmsg->get_buffer(),bytes_sent);
581	Log(DEBUG_LOG,LOG_NORMAL,tpparam.name,"PDU debugging enabled - Sent:" << hexdump.str());
582	}
583
584	if (ret < 0)
585	{
586	result= TCP_SEND_FAILURE;
587	break;
588	} // end if (ret < 0)
589	} // end for
590
591	// * note: netmsg is deleted here *
592	delete netmsg;
593
594	// Throwing an exception within a critical section does not
595	// unlock the mutex.
596
597	if (result != TCP_SUCCESS)
598	{
599	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, thisproc << "TLS/TCP error, returns " << ret << ", error : " << strerror(errno));
600	delete addr;
601
602	throw TPErrorSendFailed();
603
604	}
605	else
606	Log(EVENT_LOG,LOG_NORMAL,tpparam.name, thisproc << ">>----Sent---->> message (" << msgsize << " bytes) using socket " << assoc->socketfd << " to " << *addr);
607
608	if (!assoc) {
609	// no connection
610
611	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, thisproc << "cannot get connection to " << addr->get_ip_str()
612	<< ", port #" << addr->get_port());
613
614	delete addr;
615
616	throw TPErrorUnreachable(); // should be no assoc found
617	} // end "if (!assoc)"
618
619	// * delete address *
620	delete addr;
621	}
622
623	/* this thread waits for an internal message that either:
624	* - requests transmission of a packet
625	* - requests to stop this thread
626	* @param argp points to the thread queue for internal messages
627	*/
628	void
629	TPoverTLS_TCP::sender_thread(void *argp)
630	{
631	#ifndef _NO_LOGGING
632	const char *const methodname="senderthread - ";
633	#endif
634
635	message* internal_thread_msg = NULL;
636
637	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, methodname << "starting as thread <" << pthread_self() << ">");
638
639	FastQueue* fq= reinterpret_cast<FastQueue*>(argp);
640	if (!fq)
641	{
642	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, methodname << "thread <" << pthread_self() << "> no valid pointer to msg queue. Stop.");
643	return;
644	}
645
646	bool terminate= false;
647	TPoverTLS_TCPMsg* internalmsg= 0;
648	while (terminate==false && (internal_thread_msg= fq->dequeue()) != 0 )
649	{
650	internalmsg= dynamic_cast<TPoverTLS_TCPMsg*>(internal_thread_msg);
651
652	if (internalmsg == 0)
653	{
654	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, methodname << "received not an TPoverTLS_TCPMsg but a" << internal_thread_msg->get_type_name());
655	}
656	else
657	if (internalmsg->get_msgtype() == TPoverTLS_TCPMsg::send_data)
658	{
659	// create a connection if none exists and send the netmsg
660	if (internalmsg->get_netmsg() && internalmsg->get_appladdr())
661	{
662	tcptlssend(internalmsg->get_netmsg(),internalmsg->get_appladdr());
663	}
664	else
665	{
666	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, methodname << "problem with passed arguments references, they point to 0");
667	}
668	}
669	else
670	if (internalmsg->get_msgtype() == TPoverTLS_TCPMsg::stop)
671	{
672	terminate= true;
673	}
674	} // end while
675
676	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, methodname << "<" << pthread_self() << "> terminated connection." );
677	}
678
679
680	/** receiver thread listens at a TCP socket for incoming PDUs
681	* and passes complete PDUs to the coordinator. Incomplete
682	* PDUs due to aborted connections or buffer overflows are discarded.
683	*
684	* @param argp - assoc data and flags sig_terminate and terminated
685	*
686	* @note this is a static member function, so you cannot use class variables
687	*/
688	void
689	TPoverTLS_TCP::receiver_thread(void *argp)
690	{
691	#ifndef _NO_LOGGING
692	const char *const methodname="receiver - ";
693	#endif
694	receiver_thread_arg_t receiver_thread_argp= static_cast<receiver_thread_arg_t >(argp);
695	const appladdress* peer_addr = NULL;
696	const appladdress* own_addr = NULL;
697	uint32 bytes_received = 0;
698	TPMsg* tpmsg= NULL;
699
700	//uchar* sslbuffer = NULL;
701
702
703	// argument parsing - start
704	if (receiver_thread_argp == 0)
705	{
706	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "No arguments given at start of receiver thread <" << pthread_self() << ">, exiting.");
707
708	return;
709	}
710	else
711	{
712	// change status to running, i.e., not terminated
713	receiver_thread_argp->terminated= false;
714
715	#ifdef _DEBUG
716	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, methodname << "New receiver thread <" << pthread_self() << "> started. ");
717	#endif
718	}
719
720	int conn_socket= 0;
721	if (receiver_thread_argp->peer_assoc)
722	{
723	// get socket descriptor from arg
724	conn_socket = receiver_thread_argp->peer_assoc->socketfd;
725	// get pointer to peer address of socket (source/sender address of peer) from arg
726	peer_addr= &receiver_thread_argp->peer_assoc->peer;
727	own_addr= &receiver_thread_argp->peer_assoc->ownaddr;
728	}
729	else
730	{
731	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "No peer assoc available - pointer is NULL");
732
733	return;
734	}
735
736	if (peer_addr == 0)
737	{
738	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "No peer address available for socket " << conn_socket << ", exiting.");
739
740	return;
741	}
742	// argument parsing - end
743	#ifdef _DEBUG
744	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, methodname <<
745	"Preparing to wait for data at socket "
746	<< conn_socket << " from " << receiver_thread_argp->peer_assoc->peer);
747	#endif
748
749	int ret= 0;
750	uint32 msgcontentlength= 0;
751	bool msgcontentlength_known= false;
752	bool pdu_complete= false; // when to terminate inner loop
753
754	/* maybe use this to create a new pdu,
755	/// constructor
756	contextlistpdu(type_t t, subtype_t st, uint32 fc, uint32 numobj = 0);
757	*/
758
759	// activate O_NON_BLOCK for recv on socket conn_socket
760	fcntl(conn_socket,F_SETFL, O_NONBLOCK);
761
762	// set options for polling
763	const unsigned int number_poll_sockets= 1;
764	struct pollfd poll_fd;
765	// have to set structure before poll call
766	poll_fd.fd = conn_socket;
767	poll_fd.events = POLLIN \| POLLPRI;
768
769	int poll_status;
770	bool recv_error= false;
771
772	//get SSL handle
773	SSL *ssl=sslmap[conn_socket];
774
775	NetMsg* netmsg= 0;
776	NetMsg* remainbuf= 0;
777	uint32 buffer_bytes_left= 0;
778	size_t trailingbytes= 0;
779	bool skiprecv= false;
780	// loop until we receive a terminate signal (read-only var for this thread)
781	// or get an error from socket read
782	while( receiver_thread_argp->sig_terminate == false )
783	{
784	// Read next PDU from socket or process trailing bytes in remainbuf
785	ret= 0;
786	msgcontentlength= 0;
787	msgcontentlength_known= false;
788	pdu_complete= false;
789	netmsg= 0;
790
791	// there are trailing bytes left from the last receive call
792	if (remainbuf != 0)
793	{
794	netmsg= remainbuf;
795	remainbuf= 0;
796	buffer_bytes_left= netmsg->get_size()-trailingbytes;
797	bytes_received= trailingbytes;
798	trailingbytes= 0;
799	skiprecv= true;
800	}
801	else // no trailing bytes, create a new buffer
802	if ( (netmsg= new NetMsg(NetMsg::max_size)) != 0 )
803	{
804	buffer_bytes_left= netmsg->get_size();
805	bytes_received= 0;
806	skiprecv= false;
807	}
808	else
809	{ // buffer allocation failed
810	bytes_received= 0;
811	buffer_bytes_left= 0;
812	recv_error= true;
813	}
814
815	// loops until PDU is complete
816	// >>>>>>>>>>>>>>>>>>>>>>>>>>> while >>>>>>>>>>>>>>>>>>>>>>>>
817	while (!pdu_complete &&
818	!recv_error &&
819	!receiver_thread_argp->sig_terminate)
820	{
821	if (!skiprecv)
822	{
823	// read from TCP socket or return after sleep_time
824	poll_status= poll(&poll_fd, number_poll_sockets, tpparam.sleep_time);
825
826	if (receiver_thread_argp->sig_terminate)
827	{
828	Log(EVENT_LOG,LOG_UNIMP,tpparam.name,methodname << "Thread <" << pthread_self() << "> found terminate signal after poll");
829	// disallow sending
830	AssocData* myassoc=const_cast<AssocData *>(receiver_thread_argp->peer_assoc);
831	if (myassoc->shutdown == false)
832	{
833	myassoc->shutdown= true;
834	if (shutdown(myassoc->socketfd,SHUT_WR))
835	{
836	if ( errno != ENOTCONN )
837	Log(ERROR_LOG,LOG_UNIMP,tpparam.name,methodname <<"shutdown (write) on socket " << conn_socket << " returned error:" << strerror(errno));
838	}
839	}
840	// try to read do a last read from the TCP socket or return after sleep_time
841	if (poll_status == 0)
842	{
843	poll_status= poll(&poll_fd, number_poll_sockets, tpparam.sleep_time);
844	}
845	}
846
847	if (poll_fd.revents & POLLERR) // Error condition
848	{
849	if (errno == 0 \|\| errno == EINTR)
850	{
851	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, methodname << "poll(): " << strerror(errno));
852	}
853	else
854	{
855	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "Poll indicates error: " << strerror(errno));
856	recv_error= true;
857	}
858	}
859
860	if (poll_fd.revents & POLLHUP) // Hung up
861	{
862	Log(EVENT_LOG,LOG_CRIT, tpparam.name, methodname << "Poll hung up");
863	recv_error= true;
864	}
865
866	if (poll_fd.revents & POLLNVAL) // Invalid request: fd not open
867	{
868	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "Poll Invalid request: fd not open");
869	recv_error= true;
870	}
871
872	// check status (return value) of poll call
873	switch (poll_status)
874	{
875	case -1:
876	if (errno == 0 \|\| errno == EINTR)
877	{
878	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, methodname << "Poll status: " << strerror(errno));
879	}
880	else
881	{
882	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "Poll status indicates error: " << strerror(errno) << "- aborting");
883	recv_error= true;
884	}
885
886	continue; // next while iteration
887	break;
888
889	case 0:
890	#ifdef DEBUG_HARD
891	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, methodname << "Poll timed out after " << tpparam.sleep_time << " ms.");
892	#endif
893	continue; // next while iteration
894	break;
895
896	default:
897	#ifdef DEBUG_HARD
898	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, methodname << "Poll: " << poll_status << " event(s) ocurred, of type " << poll_fd.revents);
899	#endif
900	break;
901	} // end switch
902
903	/// spawn a new buffer for SSL decoding
904	//sslbuffer = new(nothrow) uchar[NetMsg::max_size];
905
906	/// receive data from socket buffer (recv will not block)
907	//ret = recv(conn_socket,
908	// netmsg->get_buffer() + bytes_received,
909	// buffer_bytes_left,
910	// 0);
911
912	/// try to read from SSL
913	ret = SSL_read(ssl, netmsg->get_buffer() + bytes_received, buffer_bytes_left);
914
915
916	/// memcpy decoded contents back into netmsg
917	//memcpy(netmsg->get_buffer() + bytes_received, sslbuffer, buffer_bytes_left);
918
919	/// delete sslbuffer
920	//delete sslbuffer;
921
922	if ( ret < 0 )
923	{
924	if (errno!=EAGAIN && errno!=EWOULDBLOCK)
925	{
926	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "Receive at socket " << conn_socket << " failed, error: " << strerror(errno));
927	recv_error= true;
928	continue;
929	}
930	else
931	{ // errno==EAGAIN \|\| errno==EWOULDBLOCK
932	// just nothing to read from socket, continue w/ next poll
933	continue;
934	}
935	}
936	else
937	{
938	if (ret == 0)
939	{
940	// this means that EOF is reached,
941	// other side has closed connection
942	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, methodname << "Other side (" << *peer_addr << ") closed connection for socket " << conn_socket);
943	// disallow sending
944	AssocData* myassoc=const_cast<AssocData *>(receiver_thread_argp->peer_assoc);
945	if (myassoc->shutdown == false)
946	{
947	myassoc->shutdown= true;
948	if (shutdown(myassoc->socketfd,SHUT_WR))
949	{
950	if ( errno != ENOTCONN )
951	Log(ERROR_LOG,LOG_UNIMP,tpparam.name, methodname << "shutdown (write) on socket " << conn_socket << " returned error:" << strerror(errno));
952	}
953	}
954	// not a real error, but we must quit the receive loop
955	recv_error= true;
956	}
957	else
958	{
959	Log(EVENT_LOG,LOG_UNIMP, tpparam.name, methodname << "<<--Received--<< packet (" << ret << " bytes) at socket " << conn_socket << " from " << *peer_addr);
960	// track number of received bytes
961	bytes_received+= ret;
962	buffer_bytes_left-= ret;
963	}
964	}
965	} // end if do not skip recv() statement
966
967	if (buffer_bytes_left < 0) ///< buffer space exhausted now
968	{
969	recv_error= true;
970	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "during receive buffer space exhausted");
971	}
972
973	if (!msgcontentlength_known) ///< common header not parsed
974	{
975
976	// enough bytes read to parse common header?
977	if (bytes_received >= common_header_length)
978	{
979	// get message content length in number of bytes
980	if (getmsglength(*netmsg, msgcontentlength))
981	msgcontentlength_known= true;
982	else
983	{
984	Log(ERROR_LOG,LOG_CRIT, tpparam.name, methodname << "Not a valid protocol header - discarding received packet. received size " << msgcontentlength);
985
986	ostringstream hexdumpstr;
987	netmsg->hexdump(hexdumpstr,netmsg->get_buffer(),bytes_received);
988	Log(DEBUG_LOG,LOG_NORMAL,tpparam.name,"dumping received bytes:" << hexdumpstr.str());
989
990	// reset all counters
991	msgcontentlength= 0;
992	msgcontentlength_known= false;
993	bytes_received= 0;
994	pdu_complete= false;
995	continue;
996	}
997	}
998	} // endif common header not parsed
999
1000	// check whether we have read the whole Protocol PDU
1001	DLog(tpparam.name, "bytes_received - common_header_length: " << bytes_received-common_header_length << "msgcontentlength: " << msgcontentlength << ">=");
1002	if (msgcontentlength_known && bytes_received-common_header_length >= msgcontentlength )
1003	{
1004	pdu_complete= true;
1005
1006	// truncate buffer exactly at common_header_length+msgcontentlength==PDU size, trailing stuff is handled separately
1007	netmsg->truncate(common_header_length+msgcontentlength);
1008
1009	// trailing bytes are copied into new buffer
1010	if (bytes_received-common_header_length > msgcontentlength)
1011	{
1012	Log(WARNING_LOG,LOG_NORMAL,tpparam.name,"trailing bytes - received more bytes ("<<bytes_received<<") than expected for PDU (" << common_header_length+msgcontentlength << ")");
1013	remainbuf= new NetMsg(NetMsg::max_size);
1014	trailingbytes= (bytes_received-common_header_length) - msgcontentlength;
1015	bytes_received= common_header_length+msgcontentlength;
1016	memcpy(remainbuf->get_buffer(),netmsg->get_buffer()+common_header_length+msgcontentlength, trailingbytes);
1017	}
1018	}
1019	} // end while (!pdu_complete && !recv_error && !signalled for termination)
1020	// >>>>>>>>>>>>>>>>>>>>>>>>>>> while >>>>>>>>>>>>>>>>>>>>>>>>
1021
1022	// if other side closed the connection, we should still be able to deliver the remaining data
1023	if (ret == 0)
1024	{
1025	recv_error= false;
1026	}
1027
1028	// deliver only complete PDUs to signaling module
1029	if (!recv_error && pdu_complete)
1030	{
1031	// create TPMsg and send it to the signaling thread
1032	tpmsg = new(nothrow) TPMsg(netmsg, peer_addr->copy(), own_addr->copy());
1033
1034	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, methodname << "receipt of PDU now complete, sending to module " << message::get_qaddr_name(tpparam.dest));
1035
1036	debug_pdu=false;
1037
1038	if (debug_pdu)
1039	{
1040	ostringstream hexdump;
1041	netmsg->hexdump(hexdump,netmsg->get_buffer(),bytes_received);
1042	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name,"PDU debugging enabled - Received:" << hexdump.str());
1043	}
1044
1045	// send the message if it was successfully created
1046	// bool message::send_to(qaddr_t dest, bool exp = false);
1047	if (!tpmsg
1048	\|\| (!tpmsg->get_peeraddress())
1049	\|\| (!tpmsg->send_to(tpparam.dest)))
1050	{
1051	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, methodname << "Cannot allocate/send TPMsg");
1052	if (tpmsg) delete tpmsg;
1053	} // end if tpmsg not allocated or not addr or not sent
1054
1055	} // end if !recv_error
1056	else
1057	{ // error during receive or PDU incomplete
1058	if (bytes_received>0)
1059	{
1060	Log(WARNING_LOG,LOG_NORMAL, tpparam.name, methodname << "Attention! " << (recv_error? "Receive error, " : "") << (pdu_complete ? "PDU complete" : "PDU incomplete") << "received bytes: " << bytes_received);
1061	}
1062
1063	if (!pdu_complete && bytes_received>0 && bytes_received<common_header_length)
1064	{
1065	ostringstream hexdumpstr;
1066	netmsg->hexdump(hexdumpstr,netmsg->get_buffer(),bytes_received);
1067	Log(DEBUG_LOG,LOG_NORMAL,tpparam.name,"Message too short to be a valid protocol header - dumping received bytes:" << hexdumpstr.str());
1068	}
1069	// leave the outer loop
1070	/**********************/
1071	break;
1072	/**********************/
1073	} // end else
1074
1075	} // end while (thread not signalled for termination)
1076
1077	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, methodname << "Thread <" << pthread_self()
1078	<< "> shutting down and closing socket " << receiver_thread_argp->peer_assoc->peer);
1079
1080	// shutdown socket
1081	if (shutdown(conn_socket, SHUT_RD))
1082	{
1083	if ( errno != ENOTCONN )
1084	Log(ERROR_LOG,LOG_NORMAL, tpparam.name, methodname << "Thread <" << pthread_self() << "> shutdown (read) on socket failed, reason: " << strerror(errno));
1085	}
1086
1087	// close socket
1088	close(conn_socket);
1089
1090	receiver_thread_argp->terminated= true;
1091
1092	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, methodname << "Thread <" << pthread_self() << "> terminated");
1093
1094	#ifdef _DEBUG
1095	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, methodname << "Signaling main loop for cleanup");
1096	#endif
1097	// notify master thread for invocation of cleanup procedure
1098	TPoverTLS_TCPMsg* newmsg= new(nothrow)TPoverTLS_TCPMsg(receiver_thread_argp->peer_assoc);
1099	// send message to main loop thread
1100	newmsg->send_to(tpparam.source);
1101
1102
1103	}
1104
1105
1106	/** this signals a terminate to a thread and wait for the thread to stop
1107	* @note it is not safe to access any thread related data after this method returned,
1108	* because the receiver thread will initiate a cleanup_receiver_thread() method
1109	* which may erase all relevant thread data.
1110	*/
1111	void
1112	TPoverTLS_TCP::stop_receiver_thread(AssocData* peer_assoc)
1113	{
1114	// All operations on recv_thread_argmap and connmap require an already acquired lock
1115	// after this procedure peer_assoc may be invalid because it was erased
1116
1117	// start critical section
1118
1119	if (peer_assoc == 0)
1120	return;
1121
1122	pthread_t thread_id= peer_assoc->thread_ID;
1123
1124	// try to clean up receiver_thread_arg
1125	recv_thread_argmap_t::iterator recv_thread_arg_iter= recv_thread_argmap.find(thread_id);
1126	receiver_thread_arg_t* recv_thread_argp=
1127	(recv_thread_arg_iter != recv_thread_argmap.end()) ? recv_thread_arg_iter->second : 0;
1128	if (recv_thread_argp)
1129	{
1130	if (!recv_thread_argp->terminated)
1131	{
1132	// thread signaled termination, but is not?
1133	Log(EVENT_LOG,LOG_NORMAL, tpparam.name,"stop_receiver_thread() - Receiver thread <" << thread_id << "> signaled for termination");
1134
1135	// signal thread for its termination
1136	recv_thread_argp->sig_terminate= true;
1137	// wait for thread to join after termination
1138	pthread_join(thread_id, 0);
1139	// the dying thread will signal main loop to call this method, but this time we should enter the else branch
1140	return;
1141	}
1142	}
1143	else
1144	Log(ERROR_LOG,LOG_NORMAL, tpparam.name,"stop_receiver_thread() - Receiver thread <" << thread_id << "> not found");
1145
1146	}
1147
1148
1149	/** cleans up left over structures (assoc,receiver_thread_arg) from already terminated receiver_thread
1150	* usually called by the master_thread after the receiver_thread terminated
1151	* @note clean_up_receiver_thread() should be only called when an outer lock ensures that peer_assoc
1152	* is still valid
1153	*/
1154	void
1155	TPoverTLS_TCP::cleanup_receiver_thread(AssocData* peer_assoc)
1156	{
1157	// All operations on recv_thread_argmap and connmap require an already acquired lock
1158	// after this procedure peer_assoc may be invalid because it was erased
1159
1160	// start critical section
1161
1162	if (peer_assoc == 0)
1163	return;
1164
1165	pthread_t thread_id= peer_assoc->thread_ID;
1166
1167	// try to clean up receiver_thread_arg
1168	recv_thread_argmap_t::iterator recv_thread_arg_iter= recv_thread_argmap.find(thread_id);
1169	receiver_thread_arg_t* recv_thread_argp=
1170	(recv_thread_arg_iter != recv_thread_argmap.end()) ? recv_thread_arg_iter->second : 0;
1171	if (recv_thread_argp)
1172	{
1173	if (!recv_thread_argp->terminated)
1174	{
1175	// thread signaled termination, but is not?
1176	Log(ERROR_LOG,LOG_NORMAL, tpparam.name,"cleanup_receiver_thread() - Receiver thread <" << thread_id << "> not terminated yet?!");
1177	return;
1178	}
1179	else
1180	{ // if thread is already terminated
1181	Log(EVENT_LOG,LOG_NORMAL, tpparam.name,"cleanup_receiver_thread() - Receiver thread <" << thread_id << "> is terminated");
1182
1183	// delete it from receiver map
1184	recv_thread_argmap.erase(recv_thread_arg_iter);
1185
1186	// then delete receiver arg structure
1187	delete recv_thread_argp;
1188	}
1189	}
1190
1191	// delete entry from connection map
1192
1193	// cleanup sender thread
1194	// no need to lock explicitly, because caller of cleanup_receiver_thread() must already locked
1195	terminate_sender_thread(peer_assoc);
1196
1197	// delete the AssocData structure from the connection map
1198	// also frees allocated AssocData structure
1199	connmap.erase(peer_assoc);
1200
1201	// end critical section
1202
1203	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name,"cleanup_receiver_thread() - Cleanup receiver thread <" << thread_id << ">. Done.");
1204	}
1205
1206
1207	/* sends a stop message to the sender thread that belongs to the peer address given in assoc
1208	* @note terminate_receiver_thread() should be only called when an outer lock ensures that assoc
1209	* is still valid, a lock is also required, because senderthread_queuemap is changed
1210	*/
1211	void
1212	TPoverTLS_TCP::terminate_sender_thread(const AssocData* assoc)
1213	{
1214	if (assoc == 0)
1215	{
1216	Log(ERROR_LOG,LOG_NORMAL,tpparam.name,"terminate_sender_thread() - assoc data == NULL");
1217	return;
1218	}
1219
1220	sender_thread_queuemap_t::iterator it= senderthread_queuemap.find(assoc->peer);
1221
1222	if (it != senderthread_queuemap.end())
1223	{ // we have a sender thread: send a stop message to it
1224	FastQueue* destqueue= it->second;
1225	if (destqueue)
1226	{
1227	TPoverTLS_TCPMsg* internalmsg= new TPoverTLS_TCPMsg(assoc,tpparam.source,TPoverTLS_TCPMsg::stop);
1228	if (internalmsg)
1229	{
1230	// send the internal message to the sender thread queue
1231	internalmsg->send(tpparam.source,destqueue);
1232	}
1233	}
1234	else
1235	{
1236	Log(WARNING_LOG,LOG_NORMAL,tpparam.name,"terminate_sender_thread() - found entry for address, but no sender thread. addr:" << assoc->peer);
1237	}
1238	// erase entry from map
1239	senderthread_queuemap.erase(it);
1240	}
1241	}
1242
1243	/* terminate all active threads
1244	* note: locking should not be necessary here because this message is called as last method from
1245	* main_loop()
1246	*/
1247	void
1248	TPoverTLS_TCP::terminate_all_threads()
1249	{
1250	AssocData* assoc= 0;
1251	receiver_thread_arg_t* terminate_argp;
1252
1253	for (recv_thread_argmap_t::iterator terminate_iterator= recv_thread_argmap.begin();
1254	terminate_iterator != recv_thread_argmap.end();
1255	terminate_iterator++)
1256	{
1257	if ( (terminate_argp= terminate_iterator->second) != 0)
1258	{
1259	// we need a non const pointer to erase it later on
1260	assoc= const_cast<AssocData*>(terminate_argp->peer_assoc);
1261	// check whether thread is still alive
1262	if (terminate_argp->terminated == false)
1263	{
1264	terminate_argp->sig_terminate= true;
1265	// then wait for its termination
1266	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name,
1267	"Signaled receiver thread <" << terminate_iterator->first << "> for termination");
1268
1269	pthread_join(terminate_iterator->first, 0);
1270
1271	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, "Thread <" << terminate_iterator->first << "> is terminated");
1272	}
1273	else
1274	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name,
1275	"Receiver thread <" << terminate_iterator->first << "> already terminated");
1276
1277	// cleanup all remaining argument structures of terminated threads
1278	delete terminate_argp;
1279
1280	// terminate any related sender thread that is still running
1281	terminate_sender_thread(assoc);
1282
1283	connmap.erase(assoc);
1284	// delete assoc is not necessary, because connmap.erase() will do the job
1285	}
1286	} // end for
1287	}
1288
1289
1290	/**
1291	* sender thread starter:
1292	* just a static starter method to allow starting the
1293	* actual sender_thread() method.
1294	*
1295	* @param argp - pointer to the current TPoverTLS_TCP object instance and receiver_thread_arg_t struct
1296	*/
1297	void*
1298	TPoverTLS_TCP::sender_thread_starter(void *argp)
1299	{
1300	sender_thread_start_arg_t sargp= static_cast<sender_thread_start_arg_t >(argp);
1301
1302	// invoke sender thread method
1303	if (sargp != 0 && sargp->instance != 0)
1304	{
1305	// call receiver_thread member function on object instance
1306	sargp->instance->sender_thread(sargp->sender_thread_queue);
1307
1308	// no longer needed
1309	delete sargp;
1310	}
1311	else
1312	{
1313	Log(ERROR_LOG,LOG_CRIT,"sender_thread_starter","while starting sender_thread: 0 pointer to arg or object");
1314	}
1315	return 0;
1316	}
1317
1318
1319
1320
1321	/**
1322	* receiver thread starter:
1323	* just a static starter method to allow starting the
1324	* actual receiver_thread() method.
1325	*
1326	* @param argp - pointer to the current TPoverTLS_TCP object instance and receiver_thread_arg_t struct
1327	*/
1328	void*
1329	TPoverTLS_TCP::receiver_thread_starter(void *argp)
1330	{
1331	receiver_thread_start_arg_t rargp= static_cast<receiver_thread_start_arg_t >(argp);
1332	// invoke receiver thread method
1333	if (rargp != 0 && rargp->instance != 0)
1334	{
1335	// call receiver_thread member function on object instance
1336	rargp->instance->receiver_thread(rargp->rtargp);
1337
1338	// no longer needed
1339	delete rargp;
1340	}
1341	else
1342	{
1343	Log(ERROR_LOG,LOG_CRIT,"receiver_thread_starter","while starting receiver_thread: 0 pointer to arg or object");
1344	}
1345	return 0;
1346	}
1347
1348
1349	void
1350	TPoverTLS_TCP::create_new_sender_thread(FastQueue* senderfqueue)
1351	{
1352	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, "Starting new sender thread...");
1353
1354	pthread_t senderthreadid;
1355	// create new thread; (arg == 0) is handled by thread, too
1356	int pthread_status= pthread_create(&senderthreadid,
1357	NULL, // NULL: default attributes: thread is joinable and has a
1358	// default, non-realtime scheduling policy
1359	TPoverTLS_TCP::sender_thread_starter,
1360	new sender_thread_start_arg_t(this,senderfqueue));
1361	if (pthread_status)
1362	{
1363	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "A new thread could not be created: " << strerror(pthread_status));
1364
1365	delete senderfqueue;
1366	}
1367	}
1368
1369
1370	void
1371	TPoverTLS_TCP::create_new_receiver_thread(AssocData* peer_assoc)
1372	{
1373	receiver_thread_arg_t* argp=
1374	new(nothrow) receiver_thread_arg(peer_assoc);
1375
1376	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, "Starting new receiver thread...");
1377
1378	// create new thread; (arg == 0) is handled by thread, too
1379	int pthread_status= pthread_create(&peer_assoc->thread_ID,
1380	NULL, // NULL: default attributes: thread is joinable and has a
1381	// default, non-realtime scheduling policy
1382	receiver_thread_starter,
1383	new(nothrow) receiver_thread_start_arg_t(this,argp));
1384	if (pthread_status)
1385	{
1386	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "A new thread could not be created: " << strerror(pthread_status));
1387
1388	delete argp;
1389	}
1390	else
1391	{
1392	lock(); // install_cleanup_thread_lock(TPoverTLS_TCP, this);
1393
1394	// remember pointer to thread arg structure
1395	// thread arg structure should be destroyed after thread termination only
1396	pair<recv_thread_argmap_t::iterator, bool> tmpinsiterator=
1397	recv_thread_argmap.insert( pair<pthread_t,receiver_thread_arg_t*> (peer_assoc->thread_ID,argp) );
1398	if (tmpinsiterator.second == false)
1399	{
1400	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Thread argument could not be inserted into hashmap");
1401	}
1402	unlock(); // uninstall_cleanup(1);
1403	}
1404	}
1405
1406
1407	/**
1408	* master listener thread starter:
1409	* just a static starter method to allow starting the
1410	* actual master_listener_thread() method.
1411	*
1412	* @param argp - pointer to the current TPoverTLS_TCP object instance
1413	*/
1414	void*
1415	TPoverTLS_TCP::master_listener_thread_starter(void *argp)
1416	{
1417	// invoke listener thread method
1418	if (argp != 0)
1419	{
1420	(static_cast<TPoverTLS_TCP*>(argp))->master_listener_thread();
1421	}
1422	return 0;
1423	}
1424
1425
1426	int
1427	verify_callback(int ok, X509_STORE_CTX * store)
1428	{
1429	if (!ok) {
1430	ERRLog("TPoverTLS", color[red] << "Client cert check failed" << color[off]);
1431	} else {
1432	DLog("TPoverTLS", color[green] << "Client cert check OK" << color[off]);
1433	};
1434	return ok;
1435	}
1436
1437
1438	/**
1439	* master listener thread: waits for incoming connections at the well-known tcp port
1440	* when a connection request is received this thread spawns a receiver_thread for
1441	* receiving packets from the peer at the new socket.
1442	*/
1443	void
1444	TPoverTLS_TCP::master_listener_thread()
1445	{
1446	// create a new address-structure for the listening masterthread
1447	struct sockaddr_in6 own_address;
1448	own_address.sin6_family = AF_INET6;
1449	own_address.sin6_flowinfo= 0;
1450	own_address.sin6_port = htons(tpparam.port); // use port number in param structure
1451	// accept incoming connections on all interfaces
1452	own_address.sin6_addr = in6addr_any;
1453	own_address.sin6_scope_id= 0;
1454
1455	// create a listening socket
1456	int master_listener_socket= socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
1457	if (master_listener_socket == -1)
1458	{
1459	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Could not create a new socket, error: " << strerror(errno));
1460	return;
1461	}
1462
1463	// Disable Nagle Algorithm, set (TCP_NODELAY)
1464	int nodelayflag= 1;
1465	int status= setsockopt(master_listener_socket,
1466	IPPROTO_TCP,
1467	TCP_NODELAY,
1468	&nodelayflag,
1469	sizeof(nodelayflag));
1470	if (status)
1471	{
1472	Log(ERROR_LOG,LOG_NORMAL,tpparam.name, "Could not set socket option TCP_NODELAY:" << strerror(errno));
1473	}
1474
1475	// Reuse ports, even if they are busy
1476	int socketreuseflag= 1;
1477	status= setsockopt(master_listener_socket,
1478	SOL_SOCKET,
1479	SO_REUSEADDR,
1480	(const char *) &socketreuseflag,
1481	sizeof(socketreuseflag));
1482	if (status)
1483	{
1484	Log(ERROR_LOG,LOG_NORMAL,tpparam.name, "Could not set socket option SO_REUSEADDR:" << strerror(errno));
1485	}
1486
1487
1488	// bind the newly created socket to a specific address
1489	int bind_status = bind(master_listener_socket,
1490	reinterpret_cast<struct sockaddr *>(&own_address),
1491	sizeof(own_address));
1492	if (bind_status)
1493	{
1494	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Binding to "
1495	<< inet_ntop(AF_INET6, &own_address.sin6_addr, in6_addrstr_tls, INET6_ADDRSTRLEN)
1496	<< " port " << tpparam.port << " failed, error: " << strerror(errno));
1497	return;
1498	}
1499
1500	// listen at the socket,
1501	// queuesize for pending connections= max_listen_queue_size
1502	int listen_status = listen(master_listener_socket, max_listen_queue_size);
1503	if (listen_status)
1504	{
1505	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Listen at socket " << master_listener_socket
1506	<< " failed, error: " << strerror(errno));
1507	return;
1508	}
1509	else
1510	{
1511	Log(INFO_LOG,LOG_NORMAL, tpparam.name, color[green] << "Listening at port #" << tpparam.port << color[off]);
1512	}
1513
1514	// activate O_NON_BLOCK for accept (accept does not block)
1515	fcntl(master_listener_socket,F_SETFL, O_NONBLOCK);
1516
1517	// create a pollfd struct for use in the mainloop
1518	struct pollfd poll_fd;
1519	poll_fd.fd = master_listener_socket;
1520	poll_fd.events = POLLIN \| POLLPRI;
1521	/*
1522	#define POLLIN 0x001 // There is data to read.
1523	#define POLLPRI 0x002 // There is urgent data to read.
1524	#define POLLOUT 0x004 // Writing now will not block.
1525	*/
1526
1527	bool terminate = false;
1528	// check for thread terminate condition using get_state()
1529	state_t currstate= get_state();
1530	int poll_status= 0;
1531	const unsigned int number_poll_sockets= 1;
1532	struct sockaddr_in6 peer_address;
1533	socklen_t peer_address_len;
1534	int conn_socket;
1535
1536	// check whether this thread is signaled for termination
1537	while(! (terminate= (currstate==STATE_ABORT \|\| currstate==STATE_STOP) ) )
1538	{
1539	// wait on number_poll_sockets (main drm socket)
1540	// for the events specified above for sleep_time (in ms)
1541	poll_status= poll(&poll_fd, number_poll_sockets, tpparam.sleep_time);
1542	if (poll_fd.revents & POLLERR) // Error condition
1543	{
1544	if (errno != EINTR)
1545	{
1546	Log(ERROR_LOG,LOG_CRIT, tpparam.name,
1547	"Poll caused error " << strerror(errno) << " - indicated by revents");
1548	}
1549	else
1550	{
1551	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, "poll(): " << strerror(errno));
1552	}
1553
1554	}
1555	if (poll_fd.revents & POLLHUP) // Hung up
1556	{
1557	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Poll hung up");
1558	return;
1559	}
1560	if (poll_fd.revents & POLLNVAL) // Invalid request: fd not open
1561	{
1562	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Poll Invalid request: fd not open");
1563	return;
1564	}
1565
1566	switch (poll_status)
1567	{
1568	case -1:
1569	if (errno != EINTR)
1570	{
1571	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Poll status indicates error: " << strerror(errno));
1572	}
1573	else
1574	{
1575	Log(EVENT_LOG,LOG_NORMAL, tpparam.name, "Poll status: " << strerror(errno));
1576	}
1577
1578	break;
1579
1580	case 0:
1581	#ifdef DEBUG_HARD
1582	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name,
1583	"Listen Thread - Poll timed out after " << tpparam.sleep_time << " ms.");
1584	#endif
1585	currstate= get_state();
1586	continue;
1587	break;
1588
1589	default:
1590	#ifdef DEBUG_HARD
1591	Log(DEBUG_LOG,LOG_UNIMP, tpparam.name, "Poll: " << poll_status << " event(s) ocurred, of type " << poll_fd.revents);
1592	#endif
1593	break;
1594	} // end switch
1595
1596	// after a successful accept call,
1597	// accept stores the address information of the connecting party
1598	// in peer_address and the size of its address in addrlen
1599	peer_address_len= sizeof(peer_address);
1600
1601	conn_socket = accept (master_listener_socket,
1602	reinterpret_cast<struct sockaddr *>(&peer_address),
1603	&peer_address_len);
1604
1605
1606	if (conn_socket > -1) {
1607
1608	// initialise SSL handshake, save ssl pointer in sslmap
1609
1610	SSL_CTX *ssl_ctx_server = SSL_CTX_new(TLSv1_server_method());
1611
1612	// Load client certificate
1613	if (SSL_CTX_use_certificate_chain_file(ssl_ctx_server, "client_cert.pem") != 1) {
1614	ERRCLog(tpparam.name, "Unable to load client certificate");
1615	this->abort_processing();
1616
1617	}
1618
1619	// Load private key
1620	if (SSL_CTX_use_PrivateKey_file(ssl_ctx_server, "client_privkey.pem", SSL_FILETYPE_PEM) != 1) {
1621	ERRCLog(tpparam.name, "Unable to load private Key, reason:" << SSLerrmessage());
1622	this->abort_processing();
1623	}
1624
1625	// Verify private key
1626	if (SSL_CTX_load_verify_locations(ssl_ctx_server, "root_cert.pem", ".") != 1) {
1627	ERRCLog(tpparam.name, "Private Key failed verification against CA");
1628	this->abort_processing();
1629	}
1630
1631
1632
1633
1634	// We trust clients from this CA
1635	SSL_CTX_set_client_CA_list(ssl_ctx_server, SSL_load_client_CA_file("root_cert.pem"));
1636
1637	// Enable (optional) client authentication
1638	SSL_CTX_set_verify(ssl_ctx_server, SSL_VERIFY_PEER, verify_callback);
1639	SSL_CTX_set_verify_depth(ssl_ctx_server, 4);
1640
1641	SSL *ssl = SSL_new(ssl_ctx_server);
1642
1643	SSL_set_fd(ssl, conn_socket);
1644
1645	int result = SSL_accept(ssl);
1646
1647	if (result==-1) ERRCLog(tpparam.name, "SSL connect failed");
1648
1649	sslmap[conn_socket]=ssl;
1650
1651	DLog(tpparam.name, "SSL handle saved for future use with that socket");
1652
1653	}
1654
1655	if (conn_socket == -1)
1656	{
1657	if (errno != EWOULDBLOCK && errno != EAGAIN)
1658	{
1659	Log(ERROR_LOG,LOG_EMERG, tpparam.name, "Accept at socket " << master_listener_socket
1660	<< " failed, error: " << strerror(errno));
1661	return;
1662	}
1663	}
1664	else
1665	{
1666	// create a new assocdata-object for the new thread
1667	AssocData* peer_assoc = NULL;
1668	appladdress addr(peer_address, IPPROTO_TCP);
1669
1670	addr.set_protocol(prot_tls_tcp);
1671
1672	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, "<<--Received connect--<< request from " << addr.get_ip_str()
1673	<< " port #" << addr.get_port());
1674
1675	struct sockaddr_in6 own_address;
1676	socklen_t own_address_len= sizeof(own_address);
1677	getsockname(conn_socket, reinterpret_cast<struct sockaddr*>(&own_address), &own_address_len);
1678
1679	// AssocData will copy addr content into its own structure
1680	// allocated peer_assoc will be stored in connmap
1681	peer_assoc = new(nothrow) AssocData(conn_socket, addr, appladdress(own_address,IPPROTO_TCP));
1682
1683	bool insert_success= false;
1684	if (peer_assoc)
1685	{
1686	// start critical section
1687	lock(); // install_cleanup_thread_lock(TPoverTLS_TCP, this);
1688	insert_success= connmap.insert(peer_assoc);
1689
1690	// end critical section
1691	unlock(); // uninstall_cleanup(1);
1692	}
1693
1694
1695
1696
1697	if (insert_success == false) // not inserted into connmap
1698	{
1699	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Cannot insert AssocData for socket " << conn_socket
1700	<< ", " << addr.get_ip_str() << ", port #"
1701	<< addr.get_port() << " into connection map, aborting connection...");
1702
1703	// abort connection, delete its AssocData
1704	close (conn_socket);
1705	if (peer_assoc)
1706	{
1707	delete peer_assoc;
1708	peer_assoc= 0;
1709	}
1710	return;
1711
1712	} //end __else(connmap.insert());__
1713
1714	// create a new thread for each new connection
1715	create_new_receiver_thread(peer_assoc);
1716	} // end __else (connsocket)__
1717
1718	// get new thread state
1719	currstate= get_state();
1720
1721	} // end while(!terminate)
1722	return;
1723	} // end listen_for_connections()
1724
1725
1726	TPoverTLS_TCP::~TPoverTLS_TCP()
1727	{
1728	init= false;
1729
1730	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, "Destructor called");
1731
1732	QueueManager::instance()->unregister_queue(tpparam.source);
1733	}
1734
1735	/** TPoverTLS_TCP Thread main loop.
1736	* This loop checks for internal messages of either
1737	* a send() call to start a new receiver thread, or,
1738	* of a receiver_thread() that signals its own termination
1739	* for proper cleanup of control structures.
1740	* It also handles the following internal TPoverTLS_TCPMsg types:
1741	* - TPoverTLS_TCPMsg::stop - a particular receiver thread is terminated
1742	* - TPoverTLS_TCPMsg::start - a particular receiver thread is started
1743	* @param nr number of current thread instance
1744	*/
1745	void
1746	TPoverTLS_TCP::main_loop(uint32 nr)
1747	{
1748	SSL_library_init();
1749	OpenSSL_add_ssl_algorithms();
1750	SSL_load_error_strings();
1751
1752	ssl_ctx=SSL_CTX_new(TLSv1_client_method());
1753
1754	if (!ssl_ctx)
1755	{
1756	ERRCLog(tpparam.name, "could not create SSL context: "<< SSLerrmessage());
1757	}
1758
1759	// Load client certificate
1760	if (SSL_CTX_use_certificate_chain_file(ssl_ctx, tpparam.client_cert_filename) != 1) {
1761	ERRCLog(tpparam.name, "Unable to load client certificate: " << SSLerrmessage());
1762	}
1763	else
1764	{
1765	DLog(tpparam.name, color[green] << "Client certificate successfully loaded from " << tpparam.client_cert_filename << color[off]);
1766	}
1767
1768	// Load private key
1769	if (SSL_CTX_use_PrivateKey_file(ssl_ctx, tpparam.client_privkey_filename, SSL_FILETYPE_PEM) != 1) {
1770	ERRCLog(tpparam.name, "Unable to load private Key: " << SSLerrmessage());
1771	}
1772	else
1773	{
1774	DLog(tpparam.name, color[green] << "Private key successfully loaded from " << tpparam.client_privkey_filename << color[off]);
1775	}
1776
1777	// Verify private key
1778	if (SSL_CTX_load_verify_locations(ssl_ctx, tpparam.root_cert_filename, ".") != 1) {
1779	ERRCLog(tpparam.name, "Private Key failed verification against CA");
1780	}
1781	else
1782	{
1783	DLog(tpparam.name, color[green] << "Private key successfully verified as being certified by our CA " << tpparam.root_cert_filename << color[off]);
1784	}
1785
1786
1787	// get internal queue for messages from receiver_thread
1788	FastQueue* fq = get_fqueue();
1789	if (!fq)
1790	{
1791	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Cannot find message queue");
1792	return;
1793	} // end if not fq
1794	// register queue for receiving internal messages from other modules
1795	QueueManager::instance()->register_queue(fq,tpparam.source);
1796
1797
1798
1799	// start master listener thread
1800	pthread_t master_listener_thread_ID;
1801	int pthread_status= pthread_create(&master_listener_thread_ID,
1802	NULL, // NULL: default attributes: thread is joinable and has a
1803	// default, non-realtime scheduling policy
1804	master_listener_thread_starter,
1805	this);
1806	if (pthread_status)
1807	{
1808	Log(ERROR_LOG,LOG_CRIT, tpparam.name,
1809	"New master listener thread could not be created: " << strerror(pthread_status));
1810	}
1811	else
1812	DLog(tpparam.name, "Master listener thread started");
1813
1814
1815	// define max latency for thread reaction on termination/stop signal
1816	timespec wait_interval= { 0, 250000000L }; // 250ms
1817	message* internal_thread_msg = NULL;
1818	state_t currstate= get_state();
1819
1820	// check whether this thread is signaled for termination
1821	while( currstate!=STATE_ABORT && currstate!=STATE_STOP )
1822	{
1823	// poll internal message queue (blocking)
1824	if ( (internal_thread_msg= fq->dequeue_timedwait(wait_interval)) != 0 )
1825	{
1826	TPoverTLS_TCPMsg* internalmsg= dynamic_cast<TPoverTLS_TCPMsg*>(internal_thread_msg);
1827	if (internalmsg)
1828	{
1829	if (internalmsg->get_msgtype() == TPoverTLS_TCPMsg::stop)
1830	{
1831	// a receiver thread terminated and signaled for cleanup by master thread
1832	AssocData* assocd= const_cast<AssocData*>(internalmsg->get_peer_assoc());
1833	Log(DEBUG_LOG,LOG_NORMAL, tpparam.name, "Got cleanup request for thread <" << assocd->thread_ID <<'>');
1834	lock();
1835	cleanup_receiver_thread( assocd );
1836	unlock();
1837	}
1838	else
1839	if (internalmsg->get_msgtype() == TPoverTLS_TCPMsg::start)
1840	{
1841	// start a new receiver thread
1842	create_new_receiver_thread( const_cast<AssocData*>(internalmsg->get_peer_assoc()) );
1843	}
1844	else
1845	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "unexpected internal message:" << internalmsg->get_msgtype());
1846
1847	delete internalmsg;
1848	}
1849	else
1850	{
1851	Log(ERROR_LOG,LOG_CRIT, tpparam.name, "Dynamic_cast failed - received unexpected and unknown internal message source "
1852	<< internal_thread_msg->get_source());
1853	}
1854	} // endif
1855
1856	// get thread state
1857	currstate= get_state();
1858	} // end while
1859
1860	if (currstate==STATE_STOP)
1861	{
1862	// start abort actions
1863	Log(INFO_LOG,LOG_NORMAL, tpparam.name, "Asked to abort, stopping all receiver threads");
1864	} // end if stopped
1865
1866	// do not accept any more messages
1867	fq->shutdown();
1868	// terminate all receiver and sender threads that are still active
1869	terminate_all_threads();
1870	}
1871
1872	} // end namespace protlib
1873	///@}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trash/old-modules/transport/protlib/tp_over_tls_tcp.cpp @ 5641

Download in other formats: