ssl: API and supervisor

author: Ingela Anderton Andin <[email protected]> 2013-11-19 10:04:47 +0100
committer: Ingela Anderton Andin <[email protected]> 2013-12-02 09:50:27 +0100
commit: b84f16e07336eecfb6dd30a4ef3824de76525265 (patch)
tree: c4398187a5f0c4c942a1b7fa5f6cd2a6d4798054 /lib/ssl/src
parent: c46f856dda536d92537461115112b2021c08b52a (diff)
download: otp-b84f16e07336eecfb6dd30a4ef3824de76525265.tar.gz
otp-b84f16e07336eecfb6dd30a4ef3824de76525265.tar.bz2
otp-b84f16e07336eecfb6dd30a4ef3824de76525265.zip
8 files changed, 117 insertions, 45 deletions
diff --git a/lib/ssl/src/Makefile b/lib/ssl/src/Makefile
index 8f0b01d62f..1089809a33 100644
--- a/lib/ssl/src/Makefile
+++ b/lib/ssl/src/Makefile
@@ -56,7 +56,8 @@ MODULES= \
 	tls_connection \
 	dtls_connection \
 	ssl_connection \
-	ssl_connection_sup \
+	tls_connection_sup \
+	dtls_connection_sup \
 	tls_handshake \
 	dtls_handshake\
 	ssl_handshake\
diff --git a/lib/ssl/src/dtls_connection_sup.erl b/lib/ssl/src/dtls_connection_sup.erl
new file mode 100644
index 0000000000..9fe545be18
--- /dev/null
+++ b/lib/ssl/src/dtls_connection_sup.erl
@@ -0,0 +1,60 @@
+%%
+%% %CopyrightBegin%
+%% 
+%% Copyright Ericsson AB 2007-2013. All Rights Reserved.
+%% 
+%% The contents of this file are subject to the Erlang Public License,
+%% Version 1.1, (the "License"); you may not use this file except in
+%% compliance with the License. You should have received a copy of the
+%% Erlang Public License along with this software. If not, it can be
+%% retrieved online at http://www.erlang.org/.
+%% 
+%% Software distributed under the License is distributed on an "AS IS"
+%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+%% the License for the specific language governing rights and limitations
+%% under the License.
+%% 
+%% %CopyrightEnd%
+%%
+
+%%
+%%----------------------------------------------------------------------
+%% Purpose: Supervisor of DTLS connection.
+%%----------------------------------------------------------------------
+-module(dtls_connection_sup).
+
+-behaviour(supervisor).
+
+%% API
+-export([start_link/0]).
+-export([start_child/1]).
+
+%% Supervisor callback
+-export([init/1]).
+
+%%%=========================================================================
+%%%  API
+%%%=========================================================================
+start_link() ->
+    supervisor:start_link({local, ?MODULE}, ?MODULE, []).
+
+start_child(Args) ->
+    supervisor:start_child(?MODULE, Args).
+    
+%%%=========================================================================
+%%%  Supervisor callback
+%%%=========================================================================
+init(_O) ->
+    RestartStrategy = simple_one_for_one,
+    MaxR = 0,
+    MaxT = 3600,
+   
+    Name = undefined, % As simple_one_for_one is used.
+    StartFunc = {dtls_connection, start_link, []},
+    Restart = temporary, % E.g. should not be restarted
+    Shutdown = 4000,
+    Modules = [dtls_connection],
+    Type = worker,
+    
+    ChildSpec = {Name, StartFunc, Restart, Shutdown, Type, Modules},
+    {ok, {{RestartStrategy, MaxR, MaxT}, [ChildSpec]}}.
diff --git a/lib/ssl/src/ssl.app.src b/lib/ssl/src/ssl.app.src
index 1d47aa9374..f255909365 100644
--- a/lib/ssl/src/ssl.app.src
+++ b/lib/ssl/src/ssl.app.src
@@ -15,9 +15,9 @@
 	       dtls_record,
 	       dtls_v1,
 	       %% API
-	       tls, %% Future API module
-	       dtls, %% Future API module
-               ssl,
+	       ssl,  %% Main API		  
+	       tls,  %% TLS specific
+	       dtls, %% DTLS specific 
 	       ssl_session_cache_api,
 	       %% Both TLS/SSL and DTLS
 	       ssl_connection,
@@ -40,7 +40,8 @@
 	       %% App structure
 	       ssl_app,
 	       ssl_sup,
-	       ssl_connection_sup
+	       tls_connection_sup,
+	       dtls_connection_sup	
 	       ]},
     {registered, [ssl_sup, ssl_manager]},
     {applications, [crypto, public_key, kernel, stdlib]},
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 067c31d9e8..6df2f89436 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -140,7 +140,8 @@ listen(_Port, []) ->
 listen(Port, Options0) ->
     try
 	{ok, Config} = handle_options(Options0, server),
-	#config{transport_info = {Transport, _, _, _}, inet_user = Options} = Config,
+	ConnectionCb = connection_cb(Options0),
+	#config{transport_info = {Transport, _, _, _}, inet_user = Options, connection_cb = ConnectionCb} = Config,
 	case Transport:listen(Port, Options) of
 	    {ok, ListenSocket} ->
 		{ok, #sslsocket{pid = {ListenSocket, Config}}};
@@ -163,7 +164,9 @@ transport_accept(ListenSocket) ->
     transport_accept(ListenSocket, infinity).
 
 transport_accept(#sslsocket{pid = {ListenSocket,
-				   #config{transport_info = CbInfo, ssl = SslOpts}}}, Timeout) ->
+				   #config{transport_info = CbInfo,
+					   connection_cb = ConnectionCb,
+					   ssl = SslOpts}}}, Timeout) ->
     %% The setopt could have been invoked on the listen socket
     %% and options should be inherited.
     EmOptions = emulated_options(),
@@ -176,9 +179,10 @@ transport_accept(#sslsocket{pid = {ListenSocket,
 	    {ok, Port} = ssl_socket:port(Transport, Socket),
 	    ConnArgs = [server, "localhost", Port, Socket,
 			{SslOpts, socket_options(SocketValues)}, self(), CbInfo],
-	    case ssl_connection_sup:start_child(ConnArgs) of
+	    ConnectionSup = connection_sup(ConnectionCb),
+	    case ConnectionSup:start_child(ConnArgs) of
 		{ok, Pid} ->
-		    tls_connection:socket_control(Socket, Pid, Transport);
+		    ConnectionCb:socket_control(Socket, Pid, Transport);
 		{error, Reason} ->
 		    {error, Reason}
 	    end;
@@ -211,13 +215,14 @@ ssl_accept(Socket, SslOptions, Timeout) when is_port(Socket) ->
 	proplists:get_value(cb_info, SslOptions, {gen_tcp, tcp, tcp_closed, tcp_error}),
     EmulatedOptions = emulated_options(),
     {ok, SocketValues} = ssl_socket:getopts(Transport, Socket, EmulatedOptions),
+    ConnetionCb = connection_cb(SslOptions),
     try handle_options(SslOptions ++ SocketValues, server) of
 	{ok, #config{transport_info = CbInfo, ssl = SslOpts, emulated = EmOpts}} ->
 	    ok = ssl_socket:setopts(Transport, Socket, internal_inet_values()),
 	    {ok, Port} = ssl_socket:port(Transport, Socket),
-	    tls_connection:ssl_accept(Port, Socket,
-				      {SslOpts, EmOpts},
-				      self(), CbInfo, Timeout)
+	    ConnetionCb:ssl_accept(Port, Socket,
+				   {SslOpts, EmOpts},
+				   self(), CbInfo, Timeout)
     catch
 	Error = {error, _Reason} -> Error
     end.
@@ -654,13 +659,8 @@ handle_options(Opts0, _Role) ->
 			   end, Opts, SslOptions),
 
     {SSLsock, Emulated} = emulated_options(SockOpts),
+    ConnetionCb = connection_cb(Opts),
 
-    ConnetionCb = case proplists:get_value(protocol, Opts, tls) of
-		      tls ->
-			  tls_connection;
-		      dtls ->
-			  dtls_connection
-		  end,
     {ok, #config{ssl = SSLOptions, emulated = Emulated, inet_ssl = SSLsock,
 		 inet_user = SockOpts, transport_info = CbInfo, connection_cb = ConnetionCb
 		}}.
@@ -1020,3 +1020,15 @@ make_next_protocol_selector({server, AllProtocols, DefaultProtocol}) ->
 		    PreferredProtocol
 	    end
     end.
+
+connection_cb(tls) ->
+    tls_connection;
+connection_cb(dtls) ->
+    dtls_connection;
+connection_cb(Opts) ->
+   connection_cb(proplists:get_value(protocol, Opts, tls)).
+
+connection_sup(tls_connection) ->
+    tls_connection_sup;
+connection_sup(dtls_connection) ->
+    dtls_connection_sup.
diff --git a/lib/ssl/src/ssl_dist_sup.erl b/lib/ssl/src/ssl_dist_sup.erl
index 9d9afb7707..22614a2d34 100644
--- a/lib/ssl/src/ssl_dist_sup.erl
+++ b/lib/ssl/src/ssl_dist_sup.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2011-2011. All Rights Reserved.
+%% Copyright Ericsson AB 2011-2013. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -65,7 +65,7 @@ session_and_cert_manager_child_spec() ->
 
 connection_manager_child_spec() ->
     Name = ssl_connection_dist,  
-    StartFunc = {ssl_connection_sup, start_link_dist, []},
+    StartFunc = {tls_connection_sup, start_link_dist, []},
     Restart = permanent, 
     Shutdown = 4000,
     Modules = [ssl_connection],
diff --git a/lib/ssl/src/ssl_sup.erl b/lib/ssl/src/ssl_sup.erl
index 59039a6e0a..77b40a7b38 100644
--- a/lib/ssl/src/ssl_sup.erl
+++ b/lib/ssl/src/ssl_sup.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 1998-2011. All Rights Reserved.
+%% Copyright Ericsson AB 1998-2013. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -43,22 +43,12 @@ start_link() ->
 %%%=========================================================================
 
 init([]) ->    
-    %% OLD ssl - moved start to ssl.erl only if old
-    %% ssl is acctualy run!
-    %%Child1 = {ssl_server, {ssl_server, start_link, []},
-    %%	       permanent, 2000, worker, [ssl_server]},
-
-    %% Does not start any port programs so it does matter
-    %% so much if it is not used!
-    %% Child2 = {ssl_broker_sup, {ssl_broker_sup, start_link, []},
-    %% 	      permanent, 2000, supervisor, [ssl_broker_sup]},
-
-
-    %% New ssl
     SessionCertManager = session_and_cert_manager_child_spec(),
-    ConnetionManager = connection_manager_child_spec(),
+    TLSConnetionManager = tls_connection_manager_child_spec(),
+    %% Not supported yet
+    %%DTLSConnetionManager = tls_connection_manager_child_spec(),
 
-    {ok, {{one_for_all, 10, 3600}, [SessionCertManager, ConnetionManager]}}.
+    {ok, {{one_for_all, 10, 3600}, [SessionCertManager, TLSConnetionManager]}}.
 
 
 manager_opts() ->
@@ -90,15 +80,23 @@ session_and_cert_manager_child_spec() ->
     Type = worker,
     {Name, StartFunc, Restart, Shutdown, Type, Modules}.
 
-connection_manager_child_spec() ->
-    Name = ssl_connection,  
-    StartFunc = {ssl_connection_sup, start_link, []},
+tls_connection_manager_child_spec() ->
+    Name = tls_connection,  
+    StartFunc = {tls_connection_sup, start_link, []},
     Restart = permanent, 
     Shutdown = 4000,
-    Modules = [ssl_connection],
+    Modules = [tls_connection, ssl_connection],
     Type = supervisor,
     {Name, StartFunc, Restart, Shutdown, Type, Modules}.
 
+dtls_connection_manager_child_spec() ->
+    Name = dtls_connection,  
+    StartFunc = {dtls_connection_sup, start_link, []},
+    Restart = permanent, 
+    Shutdown = 4000,
+    Modules = [dtls_connection, ssl_connection],
+    Type = supervisor,
+    {Name, StartFunc, Restart, Shutdown, Type, Modules}.
 
 session_cb_init_args() ->
     case application:get_env(ssl, session_cb_init_args) of
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index c8380c109c..37d4928531 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -49,7 +49,7 @@
 	 register_session/4
 	]).
 
-%% Called by ssl_connection_sup
+%% Called by tls_connection_sup
 -export([start_link/7]). 
 
 %% gen_fsm callbacks
@@ -263,7 +263,7 @@ send_change_cipher(Msg, #state{connection_states = ConnectionStates0,
     State0#state{connection_states = ConnectionStates}.
 
 %%====================================================================
-%% ssl_connection_sup API
+%% tls_connection_sup API
 %%====================================================================
 
 %%--------------------------------------------------------------------
@@ -777,7 +777,7 @@ start_fsm(Role, Host, Port, Socket, {#ssl_options{erl_dist = false},_} = Opts,
 	  User, {CbModule, _,_, _} = CbInfo, 
 	  Timeout) -> 
     try 
-	{ok, Pid} = ssl_connection_sup:start_child([Role, Host, Port, Socket, 
+	{ok, Pid} = tls_connection_sup:start_child([Role, Host, Port, Socket, 
 						    Opts, User, CbInfo]), 
 	{ok, SslSocket} = socket_control(Socket, Pid, CbModule),
 	ok = handshake(SslSocket, Timeout),
@@ -791,7 +791,7 @@ start_fsm(Role, Host, Port, Socket, {#ssl_options{erl_dist = true},_} = Opts,
 	  User, {CbModule, _,_, _} = CbInfo, 
 	  Timeout) -> 
     try 
-	{ok, Pid} = ssl_connection_sup:start_child_dist([Role, Host, Port, Socket, 
+	{ok, Pid} = tls_connection_sup:start_child_dist([Role, Host, Port, Socket, 
 							 Opts, User, CbInfo]), 
 	{ok, SslSocket} = socket_control(Socket, Pid, CbModule),
 	ok = handshake(SslSocket, Timeout),
diff --git a/lib/ssl/src/ssl_connection_sup.erl b/lib/ssl/src/tls_connection_sup.erl
index fb1c6e11a6..6f0d8a7262 100644
--- a/lib/ssl/src/ssl_connection_sup.erl
+++ b/lib/ssl/src/tls_connection_sup.erl
@@ -19,9 +19,9 @@
 
 %%
 %%----------------------------------------------------------------------
-%% Purpose: The top supervisor for the ftp hangs under inets_sup.
+%% Purpose: Supervisor for a SSL/TLS connection
 %%----------------------------------------------------------------------
--module(ssl_connection_sup).
+-module(tls_connection_sup).
 
 -behaviour(supervisor).
author	Ingela Anderton Andin <[email protected]>	2013-11-19 10:04:47 +0100
committer	Ingela Anderton Andin <[email protected]>	2013-12-02 09:50:27 +0100
commit	b84f16e07336eecfb6dd30a4ef3824de76525265 (patch)
tree	c4398187a5f0c4c942a1b7fa5f6cd2a6d4798054 /lib/ssl/src
parent	c46f856dda536d92537461115112b2021c08b52a (diff)
download	otp-b84f16e07336eecfb6dd30a4ef3824de76525265.tar.gz otp-b84f16e07336eecfb6dd30a4ef3824de76525265.tar.bz2 otp-b84f16e07336eecfb6dd30a4ef3824de76525265.zip