From b84f16e07336eecfb6dd30a4ef3824de76525265 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 19 Nov 2013 10:04:47 +0100 Subject: ssl: API and supervisor --- lib/ssl/src/Makefile | 3 +- lib/ssl/src/dtls_connection_sup.erl | 60 +++++++++++++++++++++++++++++++++ lib/ssl/src/ssl.app.src | 9 ++--- lib/ssl/src/ssl.erl | 38 +++++++++++++-------- lib/ssl/src/ssl_connection_sup.erl | 66 ------------------------------------- lib/ssl/src/ssl_dist_sup.erl | 4 +-- lib/ssl/src/ssl_sup.erl | 36 ++++++++++---------- lib/ssl/src/tls_connection.erl | 8 ++--- lib/ssl/src/tls_connection_sup.erl | 66 +++++++++++++++++++++++++++++++++++++ 9 files changed, 181 insertions(+), 109 deletions(-) create mode 100644 lib/ssl/src/dtls_connection_sup.erl delete mode 100644 lib/ssl/src/ssl_connection_sup.erl create mode 100644 lib/ssl/src/tls_connection_sup.erl (limited to 'lib') diff --git a/lib/ssl/src/Makefile b/lib/ssl/src/Makefile index 8f0b01d62f..1089809a33 100644 --- a/lib/ssl/src/Makefile +++ b/lib/ssl/src/Makefile @@ -56,7 +56,8 @@ MODULES= \ tls_connection \ dtls_connection \ ssl_connection \ - ssl_connection_sup \ + tls_connection_sup \ + dtls_connection_sup \ tls_handshake \ dtls_handshake\ ssl_handshake\ diff --git a/lib/ssl/src/dtls_connection_sup.erl b/lib/ssl/src/dtls_connection_sup.erl new file mode 100644 index 0000000000..9fe545be18 --- /dev/null +++ b/lib/ssl/src/dtls_connection_sup.erl @@ -0,0 +1,60 @@ +%% +%% %CopyrightBegin% +%% +%% Copyright Ericsson AB 2007-2013. All Rights Reserved. +%% +%% The contents of this file are subject to the Erlang Public License, +%% Version 1.1, (the "License"); you may not use this file except in +%% compliance with the License. You should have received a copy of the +%% Erlang Public License along with this software. If not, it can be +%% retrieved online at http://www.erlang.org/. +%% +%% Software distributed under the License is distributed on an "AS IS" +%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See +%% the License for the specific language governing rights and limitations +%% under the License. +%% +%% %CopyrightEnd% +%% + +%% +%%---------------------------------------------------------------------- +%% Purpose: Supervisor of DTLS connection. +%%---------------------------------------------------------------------- +-module(dtls_connection_sup). + +-behaviour(supervisor). + +%% API +-export([start_link/0]). +-export([start_child/1]). + +%% Supervisor callback +-export([init/1]). + +%%%========================================================================= +%%% API +%%%========================================================================= +start_link() -> + supervisor:start_link({local, ?MODULE}, ?MODULE, []). + +start_child(Args) -> + supervisor:start_child(?MODULE, Args). + +%%%========================================================================= +%%% Supervisor callback +%%%========================================================================= +init(_O) -> + RestartStrategy = simple_one_for_one, + MaxR = 0, + MaxT = 3600, + + Name = undefined, % As simple_one_for_one is used. + StartFunc = {dtls_connection, start_link, []}, + Restart = temporary, % E.g. should not be restarted + Shutdown = 4000, + Modules = [dtls_connection], + Type = worker, + + ChildSpec = {Name, StartFunc, Restart, Shutdown, Type, Modules}, + {ok, {{RestartStrategy, MaxR, MaxT}, [ChildSpec]}}. diff --git a/lib/ssl/src/ssl.app.src b/lib/ssl/src/ssl.app.src index 1d47aa9374..f255909365 100644 --- a/lib/ssl/src/ssl.app.src +++ b/lib/ssl/src/ssl.app.src @@ -15,9 +15,9 @@ dtls_record, dtls_v1, %% API - tls, %% Future API module - dtls, %% Future API module - ssl, + ssl, %% Main API + tls, %% TLS specific + dtls, %% DTLS specific ssl_session_cache_api, %% Both TLS/SSL and DTLS ssl_connection, @@ -40,7 +40,8 @@ %% App structure ssl_app, ssl_sup, - ssl_connection_sup + tls_connection_sup, + dtls_connection_sup ]}, {registered, [ssl_sup, ssl_manager]}, {applications, [crypto, public_key, kernel, stdlib]}, diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 067c31d9e8..6df2f89436 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -140,7 +140,8 @@ listen(_Port, []) -> listen(Port, Options0) -> try {ok, Config} = handle_options(Options0, server), - #config{transport_info = {Transport, _, _, _}, inet_user = Options} = Config, + ConnectionCb = connection_cb(Options0), + #config{transport_info = {Transport, _, _, _}, inet_user = Options, connection_cb = ConnectionCb} = Config, case Transport:listen(Port, Options) of {ok, ListenSocket} -> {ok, #sslsocket{pid = {ListenSocket, Config}}}; @@ -163,7 +164,9 @@ transport_accept(ListenSocket) -> transport_accept(ListenSocket, infinity). transport_accept(#sslsocket{pid = {ListenSocket, - #config{transport_info = CbInfo, ssl = SslOpts}}}, Timeout) -> + #config{transport_info = CbInfo, + connection_cb = ConnectionCb, + ssl = SslOpts}}}, Timeout) -> %% The setopt could have been invoked on the listen socket %% and options should be inherited. EmOptions = emulated_options(), @@ -176,9 +179,10 @@ transport_accept(#sslsocket{pid = {ListenSocket, {ok, Port} = ssl_socket:port(Transport, Socket), ConnArgs = [server, "localhost", Port, Socket, {SslOpts, socket_options(SocketValues)}, self(), CbInfo], - case ssl_connection_sup:start_child(ConnArgs) of + ConnectionSup = connection_sup(ConnectionCb), + case ConnectionSup:start_child(ConnArgs) of {ok, Pid} -> - tls_connection:socket_control(Socket, Pid, Transport); + ConnectionCb:socket_control(Socket, Pid, Transport); {error, Reason} -> {error, Reason} end; @@ -211,13 +215,14 @@ ssl_accept(Socket, SslOptions, Timeout) when is_port(Socket) -> proplists:get_value(cb_info, SslOptions, {gen_tcp, tcp, tcp_closed, tcp_error}), EmulatedOptions = emulated_options(), {ok, SocketValues} = ssl_socket:getopts(Transport, Socket, EmulatedOptions), + ConnetionCb = connection_cb(SslOptions), try handle_options(SslOptions ++ SocketValues, server) of {ok, #config{transport_info = CbInfo, ssl = SslOpts, emulated = EmOpts}} -> ok = ssl_socket:setopts(Transport, Socket, internal_inet_values()), {ok, Port} = ssl_socket:port(Transport, Socket), - tls_connection:ssl_accept(Port, Socket, - {SslOpts, EmOpts}, - self(), CbInfo, Timeout) + ConnetionCb:ssl_accept(Port, Socket, + {SslOpts, EmOpts}, + self(), CbInfo, Timeout) catch Error = {error, _Reason} -> Error end. @@ -654,13 +659,8 @@ handle_options(Opts0, _Role) -> end, Opts, SslOptions), {SSLsock, Emulated} = emulated_options(SockOpts), + ConnetionCb = connection_cb(Opts), - ConnetionCb = case proplists:get_value(protocol, Opts, tls) of - tls -> - tls_connection; - dtls -> - dtls_connection - end, {ok, #config{ssl = SSLOptions, emulated = Emulated, inet_ssl = SSLsock, inet_user = SockOpts, transport_info = CbInfo, connection_cb = ConnetionCb }}. @@ -1020,3 +1020,15 @@ make_next_protocol_selector({server, AllProtocols, DefaultProtocol}) -> PreferredProtocol end end. + +connection_cb(tls) -> + tls_connection; +connection_cb(dtls) -> + dtls_connection; +connection_cb(Opts) -> + connection_cb(proplists:get_value(protocol, Opts, tls)). + +connection_sup(tls_connection) -> + tls_connection_sup; +connection_sup(dtls_connection) -> + dtls_connection_sup. diff --git a/lib/ssl/src/ssl_connection_sup.erl b/lib/ssl/src/ssl_connection_sup.erl deleted file mode 100644 index fb1c6e11a6..0000000000 --- a/lib/ssl/src/ssl_connection_sup.erl +++ /dev/null @@ -1,66 +0,0 @@ -%% -%% %CopyrightBegin% -%% -%% Copyright Ericsson AB 2007-2013. All Rights Reserved. -%% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. -%% -%% %CopyrightEnd% -%% - -%% -%%---------------------------------------------------------------------- -%% Purpose: The top supervisor for the ftp hangs under inets_sup. -%%---------------------------------------------------------------------- --module(ssl_connection_sup). - --behaviour(supervisor). - -%% API --export([start_link/0, start_link_dist/0]). --export([start_child/1, start_child_dist/1]). - -%% Supervisor callback --export([init/1]). - -%%%========================================================================= -%%% API -%%%========================================================================= -start_link() -> - supervisor:start_link({local, ?MODULE}, ?MODULE, []). - -start_link_dist() -> - supervisor:start_link({local, ssl_connection_sup_dist}, ?MODULE, []). - -start_child(Args) -> - supervisor:start_child(?MODULE, Args). - -start_child_dist(Args) -> - supervisor:start_child(ssl_connection_sup_dist, Args). - -%%%========================================================================= -%%% Supervisor callback -%%%========================================================================= -init(_O) -> - RestartStrategy = simple_one_for_one, - MaxR = 0, - MaxT = 3600, - - Name = undefined, % As simple_one_for_one is used. - StartFunc = {tls_connection, start_link, []}, - Restart = temporary, % E.g. should not be restarted - Shutdown = 4000, - Modules = [tls_connection], - Type = worker, - - ChildSpec = {Name, StartFunc, Restart, Shutdown, Type, Modules}, - {ok, {{RestartStrategy, MaxR, MaxT}, [ChildSpec]}}. diff --git a/lib/ssl/src/ssl_dist_sup.erl b/lib/ssl/src/ssl_dist_sup.erl index 9d9afb7707..22614a2d34 100644 --- a/lib/ssl/src/ssl_dist_sup.erl +++ b/lib/ssl/src/ssl_dist_sup.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2011-2011. All Rights Reserved. +%% Copyright Ericsson AB 2011-2013. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -65,7 +65,7 @@ session_and_cert_manager_child_spec() -> connection_manager_child_spec() -> Name = ssl_connection_dist, - StartFunc = {ssl_connection_sup, start_link_dist, []}, + StartFunc = {tls_connection_sup, start_link_dist, []}, Restart = permanent, Shutdown = 4000, Modules = [ssl_connection], diff --git a/lib/ssl/src/ssl_sup.erl b/lib/ssl/src/ssl_sup.erl index 59039a6e0a..77b40a7b38 100644 --- a/lib/ssl/src/ssl_sup.erl +++ b/lib/ssl/src/ssl_sup.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1998-2011. All Rights Reserved. +%% Copyright Ericsson AB 1998-2013. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -43,22 +43,12 @@ start_link() -> %%%========================================================================= init([]) -> - %% OLD ssl - moved start to ssl.erl only if old - %% ssl is acctualy run! - %%Child1 = {ssl_server, {ssl_server, start_link, []}, - %% permanent, 2000, worker, [ssl_server]}, - - %% Does not start any port programs so it does matter - %% so much if it is not used! - %% Child2 = {ssl_broker_sup, {ssl_broker_sup, start_link, []}, - %% permanent, 2000, supervisor, [ssl_broker_sup]}, - - - %% New ssl SessionCertManager = session_and_cert_manager_child_spec(), - ConnetionManager = connection_manager_child_spec(), + TLSConnetionManager = tls_connection_manager_child_spec(), + %% Not supported yet + %%DTLSConnetionManager = tls_connection_manager_child_spec(), - {ok, {{one_for_all, 10, 3600}, [SessionCertManager, ConnetionManager]}}. + {ok, {{one_for_all, 10, 3600}, [SessionCertManager, TLSConnetionManager]}}. manager_opts() -> @@ -90,15 +80,23 @@ session_and_cert_manager_child_spec() -> Type = worker, {Name, StartFunc, Restart, Shutdown, Type, Modules}. -connection_manager_child_spec() -> - Name = ssl_connection, - StartFunc = {ssl_connection_sup, start_link, []}, +tls_connection_manager_child_spec() -> + Name = tls_connection, + StartFunc = {tls_connection_sup, start_link, []}, Restart = permanent, Shutdown = 4000, - Modules = [ssl_connection], + Modules = [tls_connection, ssl_connection], Type = supervisor, {Name, StartFunc, Restart, Shutdown, Type, Modules}. +dtls_connection_manager_child_spec() -> + Name = dtls_connection, + StartFunc = {dtls_connection_sup, start_link, []}, + Restart = permanent, + Shutdown = 4000, + Modules = [dtls_connection, ssl_connection], + Type = supervisor, + {Name, StartFunc, Restart, Shutdown, Type, Modules}. session_cb_init_args() -> case application:get_env(ssl, session_cb_init_args) of diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl index c8380c109c..37d4928531 100644 --- a/lib/ssl/src/tls_connection.erl +++ b/lib/ssl/src/tls_connection.erl @@ -49,7 +49,7 @@ register_session/4 ]). -%% Called by ssl_connection_sup +%% Called by tls_connection_sup -export([start_link/7]). %% gen_fsm callbacks @@ -263,7 +263,7 @@ send_change_cipher(Msg, #state{connection_states = ConnectionStates0, State0#state{connection_states = ConnectionStates}. %%==================================================================== -%% ssl_connection_sup API +%% tls_connection_sup API %%==================================================================== %%-------------------------------------------------------------------- @@ -777,7 +777,7 @@ start_fsm(Role, Host, Port, Socket, {#ssl_options{erl_dist = false},_} = Opts, User, {CbModule, _,_, _} = CbInfo, Timeout) -> try - {ok, Pid} = ssl_connection_sup:start_child([Role, Host, Port, Socket, + {ok, Pid} = tls_connection_sup:start_child([Role, Host, Port, Socket, Opts, User, CbInfo]), {ok, SslSocket} = socket_control(Socket, Pid, CbModule), ok = handshake(SslSocket, Timeout), @@ -791,7 +791,7 @@ start_fsm(Role, Host, Port, Socket, {#ssl_options{erl_dist = true},_} = Opts, User, {CbModule, _,_, _} = CbInfo, Timeout) -> try - {ok, Pid} = ssl_connection_sup:start_child_dist([Role, Host, Port, Socket, + {ok, Pid} = tls_connection_sup:start_child_dist([Role, Host, Port, Socket, Opts, User, CbInfo]), {ok, SslSocket} = socket_control(Socket, Pid, CbModule), ok = handshake(SslSocket, Timeout), diff --git a/lib/ssl/src/tls_connection_sup.erl b/lib/ssl/src/tls_connection_sup.erl new file mode 100644 index 0000000000..6f0d8a7262 --- /dev/null +++ b/lib/ssl/src/tls_connection_sup.erl @@ -0,0 +1,66 @@ +%% +%% %CopyrightBegin% +%% +%% Copyright Ericsson AB 2007-2013. All Rights Reserved. +%% +%% The contents of this file are subject to the Erlang Public License, +%% Version 1.1, (the "License"); you may not use this file except in +%% compliance with the License. You should have received a copy of the +%% Erlang Public License along with this software. If not, it can be +%% retrieved online at http://www.erlang.org/. +%% +%% Software distributed under the License is distributed on an "AS IS" +%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See +%% the License for the specific language governing rights and limitations +%% under the License. +%% +%% %CopyrightEnd% +%% + +%% +%%---------------------------------------------------------------------- +%% Purpose: Supervisor for a SSL/TLS connection +%%---------------------------------------------------------------------- +-module(tls_connection_sup). + +-behaviour(supervisor). + +%% API +-export([start_link/0, start_link_dist/0]). +-export([start_child/1, start_child_dist/1]). + +%% Supervisor callback +-export([init/1]). + +%%%========================================================================= +%%% API +%%%========================================================================= +start_link() -> + supervisor:start_link({local, ?MODULE}, ?MODULE, []). + +start_link_dist() -> + supervisor:start_link({local, ssl_connection_sup_dist}, ?MODULE, []). + +start_child(Args) -> + supervisor:start_child(?MODULE, Args). + +start_child_dist(Args) -> + supervisor:start_child(ssl_connection_sup_dist, Args). + +%%%========================================================================= +%%% Supervisor callback +%%%========================================================================= +init(_O) -> + RestartStrategy = simple_one_for_one, + MaxR = 0, + MaxT = 3600, + + Name = undefined, % As simple_one_for_one is used. + StartFunc = {tls_connection, start_link, []}, + Restart = temporary, % E.g. should not be restarted + Shutdown = 4000, + Modules = [tls_connection], + Type = worker, + + ChildSpec = {Name, StartFunc, Restart, Shutdown, Type, Modules}, + {ok, {{RestartStrategy, MaxR, MaxT}, [ChildSpec]}}. -- cgit v1.2.3