min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove NonblockingSslStream

This commit is contained in:
Steven Fackler 2016-01-30 10:41:47 -08:00
parent b7de627eec
commit de47d158c2
3 changed files with 14 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
openssl/src/ssl/error.rs
View File

@ -149,19 +149,6 @@ pub enum SslError {
OpenSslErrors(Vec<OpensslError>),
}
/// An error on a nonblocking stream.
#[derive(Debug)]
pub enum NonblockingSslError {
/// A standard SSL error occurred.
SslError(SslError),
/// The OpenSSL library wants data from the remote socket;
/// the caller should wait for read readiness.
WantRead,
/// The OpenSSL library wants to send data to the remote socket;
/// the caller should wait for write readiness.
WantWrite,
}
impl fmt::Display for SslError {
fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
try!(fmt.write_str(error::Error::description(self)));
@ -201,39 +188,6 @@ impl error::Error for SslError {
}
}
impl fmt::Display for NonblockingSslError {
fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
fmt.write_str(error::Error::description(self))
}
}
impl error::Error for NonblockingSslError {
fn description(&self) -> &str {
match *self {
NonblockingSslError::SslError(ref e) => e.description(),
NonblockingSslError::WantRead => {
"The OpenSSL library wants data from the remote socket"
}
NonblockingSslError::WantWrite => {
"The OpenSSL library want to send data to the remote socket"
}
}
}
fn cause(&self) -> Option<&error::Error> {
match *self {
NonblockingSslError::SslError(ref e) => e.cause(),
_ => None,
}
}
}
impl From<SslError> for NonblockingSslError {
fn from(e: SslError) -> NonblockingSslError {
NonblockingSslError::SslError(e)
}
}
/// An error from the OpenSSL library
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum OpensslError {

133
openssl/src/ssl/mod.rs
View File

@ -26,7 +26,7 @@ use std::os::windows::io::{AsRawSocket, RawSocket};
use ffi;
use ffi_extras;
use dh::DH;
use ssl::error::{NonblockingSslError, SslError, OpenSslError, OpensslError};
use ssl::error::{SslError, OpenSslError};
use x509::{X509StoreContext, X509FileType, X509};
use crypto::pkey::PKey;
@ -1572,134 +1572,3 @@ impl MaybeSslStream<net::TcpStream> {
}
}
}
/// # Deprecated
///
/// Use `SslStream` with `ssl_read` and `ssl_write`.
pub struct NonblockingSslStream<S>(SslStream<S>);
impl<S: Clone + Read + Write> Clone for NonblockingSslStream<S> {
fn clone(&self) -> Self {
NonblockingSslStream(self.0.clone())
}
}
#[cfg(unix)]
impl<S: AsRawFd> AsRawFd for NonblockingSslStream<S> {
fn as_raw_fd(&self) -> RawFd {
self.0.as_raw_fd()
}
}
#[cfg(windows)]
impl<S: AsRawSocket> AsRawSocket for NonblockingSslStream<S> {
fn as_raw_socket(&self) -> RawSocket {
self.0.as_raw_socket()
}
}
impl NonblockingSslStream<net::TcpStream> {
pub fn try_clone(&self) -> io::Result<NonblockingSslStream<net::TcpStream>> {
self.0.try_clone().map(NonblockingSslStream)
}
}
impl<S> NonblockingSslStream<S> {
/// Returns a reference to the underlying stream.
pub fn get_ref(&self) -> &S {
self.0.get_ref()
}
/// Returns a mutable reference to the underlying stream.
///
/// ## Warning
///
/// It is inadvisable to read from or write to the underlying stream as it
/// will most likely corrupt the SSL session.
pub fn get_mut(&mut self) -> &mut S {
self.0.get_mut()
}
/// Returns a reference to the Ssl.
pub fn ssl(&self) -> &Ssl {
self.0.ssl()
}
}
impl<S: Read + Write> NonblockingSslStream<S> {
/// Create a new nonblocking client ssl connection on wrapped `stream`.
///
/// Note that this method will most likely not actually complete the SSL
/// handshake because doing so requires several round trips; the handshake will
/// be completed in subsequent read/write calls managed by your event loop.
pub fn connect<T: IntoSsl>(ssl: T, stream: S) -> Result<NonblockingSslStream<S>, SslError> {
SslStream::connect(ssl, stream).map(NonblockingSslStream)
}
/// Create a new nonblocking server ssl connection on wrapped `stream`.
///
/// Note that this method will most likely not actually complete the SSL
/// handshake because doing so requires several round trips; the handshake will
/// be completed in subsequent read/write calls managed by your event loop.
pub fn accept<T: IntoSsl>(ssl: T, stream: S) -> Result<NonblockingSslStream<S>, SslError> {
SslStream::accept(ssl, stream).map(NonblockingSslStream)
}
fn convert_err(&self, err: Error) -> NonblockingSslError {
match err {
Error::ZeroReturn => SslError::SslSessionClosed.into(),
Error::WantRead(_) => NonblockingSslError::WantRead,
Error::WantWrite(_) => NonblockingSslError::WantWrite,
Error::WantX509Lookup => unreachable!(),
Error::Stream(e) => SslError::StreamError(e).into(),
Error::Ssl(e) => {
SslError::OpenSslErrors(e.iter()
.map(|e| OpensslError::from_error_code(e.error_code()))
.collect())
.into()
}
}
}
/// Read bytes from the SSL stream into `buf`.
///
/// Given the SSL state machine, this method may return either `WantWrite`
/// or `WantRead` to indicate that your event loop should respectively wait
/// for write or read readiness on the underlying stream. Upon readiness,
/// repeat your `read()` call with the same arguments each time until you
/// receive an `Ok(count)`.
///
/// An `SslError` return value, is terminal; do not re-attempt your read.
///
/// As expected of a nonblocking API, this method will never block your
/// thread on I/O.
///
/// On a return value of `Ok(count)`, count is the number of decrypted
/// plaintext bytes copied into the `buf` slice.
pub fn read(&mut self, buf: &mut [u8]) -> Result<usize, NonblockingSslError> {
match self.0.ssl_read(buf) {
Ok(n) => Ok(n),
Err(Error::ZeroReturn) => Ok(0),
Err(e) => Err(self.convert_err(e)),
}
}
/// Write bytes from `buf` to the SSL stream.
///
/// Given the SSL state machine, this method may return either `WantWrite`
/// or `WantRead` to indicate that your event loop should respectively wait
/// for write or read readiness on the underlying stream. Upon readiness,
/// repeat your `write()` call with the same arguments each time until you
/// receive an `Ok(count)`.
///
/// An `SslError` return value, is terminal; do not re-attempt your write.
///
/// As expected of a nonblocking API, this method will never block your
/// thread on I/O.
///
/// Given a return value of `Ok(count)`, count is the number of plaintext bytes
/// from the `buf` slice that were encrypted and written onto the stream.
pub fn write(&mut self, buf: &[u8]) -> Result<usize, NonblockingSslError> {
self.0.ssl_write(buf).map_err(|e| self.convert_err(e))
}
}

26
openssl/src/ssl/tests/mod.rs
View File

@ -18,8 +18,8 @@ use ssl;
use ssl::SSL_VERIFY_PEER;
use ssl::SslMethod::Sslv23;
use ssl::SslMethod;
use ssl::error::NonblockingSslError;
use ssl::{SslContext, SslStream, VerifyCallback, NonblockingSslStream};
use ssl::error::Error;
use ssl::{SslContext, SslStream, VerifyCallback};
use x509::X509StoreContext;
use x509::X509FileType;
use x509::X509;
@ -871,7 +871,7 @@ fn test_sslv2_connect_failure() {
.unwrap();
}
fn wait_io(stream: &NonblockingSslStream<TcpStream>, read: bool, timeout_ms: u32) -> bool {
fn wait_io(stream: &SslStream<TcpStream>, read: bool, timeout_ms: u32) -> bool {
unsafe {
let mut set: select::fd_set = mem::zeroed();
select::fd_set(&mut set, stream.get_ref());
@ -895,7 +895,7 @@ fn test_write_nonblocking() {
let (_s, stream) = Server::new();
stream.set_nonblocking(true).unwrap();
let cx = SslContext::new(Sslv23).unwrap();
let mut stream = NonblockingSslStream::connect(&cx, stream).unwrap();
let mut stream = SslStream::connect(&cx, stream).unwrap();
let mut iterations = 0;
loop {
@ -905,15 +905,15 @@ fn test_write_nonblocking() {
// openssl.
panic!("Too many read/write round trips in handshake!!");
}
let result = stream.write(b"hello");
let result = stream.ssl_write(b"hello");
match result {
Ok(_) => {
break;
}
Err(NonblockingSslError::WantRead) => {
Err(Error::WantRead(_)) => {
assert!(wait_io(&stream, true, 1000));
}
Err(NonblockingSslError::WantWrite) => {
Err(Error::WantWrite(_)) => {
assert!(wait_io(&stream, false, 1000));
}
Err(other) => {
@ -932,7 +932,7 @@ fn test_read_nonblocking() {
let (_s, stream) = Server::new();
stream.set_nonblocking(true).unwrap();
let cx = SslContext::new(Sslv23).unwrap();
let mut stream = NonblockingSslStream::connect(&cx, stream).unwrap();
let mut stream = SslStream::connect(&cx, stream).unwrap();
let mut iterations = 0;
loop {
@ -942,16 +942,16 @@ fn test_read_nonblocking() {
// openssl.
panic!("Too many read/write round trips in handshake!!");
}
let result = stream.write(b"GET /\r\n\r\n");
let result = stream.ssl_write(b"GET /\r\n\r\n");
match result {
Ok(n) => {
assert_eq!(n, 9);
break;
}
Err(NonblockingSslError::WantRead) => {
Err(Error::WantRead(..)) => {
assert!(wait_io(&stream, true, 1000));
}
Err(NonblockingSslError::WantWrite) => {
Err(Error::WantWrite(..)) => {
assert!(wait_io(&stream, false, 1000));
}
Err(other) => {
@ -960,7 +960,7 @@ fn test_read_nonblocking() {
}
}
let mut input_buffer = [0u8; 1500];
let result = stream.read(&mut input_buffer);
let result = stream.ssl_read(&mut input_buffer);
let bytes_read = match result {
Ok(n) => {
// This branch is unlikely, but on an overloaded VM with
@ -968,7 +968,7 @@ fn test_read_nonblocking() {
// be in the receive buffer before we issue the read() syscall...
n
}
Err(NonblockingSslError::WantRead) => {
Err(Error::WantRead(..)) => {
assert!(wait_io(&stream, true, 3000));
// Second read should return application data.
stream.read(&mut input_buffer).unwrap()