From c015fdd212eb49a3a9508450708694de155de388 Mon Sep 17 00:00:00 2001 From: Stephen Birarda Date: Fri, 4 Apr 2014 11:42:14 -0700 Subject: [PATCH] leverage a DummyDTLSSession to not require cleanup of DTLSSession for cookies --- domain-server/src/DomainServer.cpp | 5 +++- libraries/shared/src/DTLSClientSession.cpp | 23 +++++++++------- libraries/shared/src/DTLSClientSession.h | 5 ++-- libraries/shared/src/DTLSSession.cpp | 21 +++------------ libraries/shared/src/DTLSSession.h | 6 ++--- libraries/shared/src/DomainHandler.cpp | 6 ++--- libraries/shared/src/DummyDTLSSession.cpp | 28 +++++++++++++++++++ libraries/shared/src/DummyDTLSSession.h | 31 ++++++++++++++++++++++ libraries/shared/src/LimitedNodeList.cpp | 2 +- libraries/shared/src/NodeList.cpp | 2 ++ 10 files changed, 89 insertions(+), 40 deletions(-) create mode 100644 libraries/shared/src/DummyDTLSSession.cpp create mode 100644 libraries/shared/src/DummyDTLSSession.h diff --git a/domain-server/src/DomainServer.cpp b/domain-server/src/DomainServer.cpp index a66c46fc09..5d99a755c1 100644 --- a/domain-server/src/DomainServer.cpp +++ b/domain-server/src/DomainServer.cpp @@ -23,6 +23,7 @@ #include #include "DomainServerNodeData.h" +#include "DummyDTLSSession.h" #include "DomainServer.h" @@ -651,6 +652,7 @@ void DomainServer::readAvailableDTLSDatagrams() { DTLSServerSession* existingSession = _dtlsSessions.value(senderHifiSockAddr); if (existingSession) { + qDebug() << "There is an existing session for" << senderHifiSockAddr; if (!existingSession->completedHandshake()) { // check if we have completed handshake with this user int handshakeReturn = gnutls_handshake(*existingSession->getGnuTLSSession()); @@ -685,7 +687,8 @@ void DomainServer::readAvailableDTLSDatagrams() { if (cookieValid < 0) { // the cookie sent by the client was not valid // send a valid one - DTLSServerSession tempServerSession(LimitedNodeList::getInstance()->getDTLSSocket(), senderHifiSockAddr); + DummyDTLSSession tempServerSession(LimitedNodeList::getInstance()->getDTLSSocket(), senderHifiSockAddr); + qDebug() << "sending back a fresh cookie!"; gnutls_dtls_cookie_send(_cookieKey, &senderSockAddr, sizeof(senderSockAddr), &prestate, &tempServerSession, DTLSSession::socketPush); diff --git a/libraries/shared/src/DTLSClientSession.cpp b/libraries/shared/src/DTLSClientSession.cpp index 58ca99f1a8..73daa4e03a 100644 --- a/libraries/shared/src/DTLSClientSession.cpp +++ b/libraries/shared/src/DTLSClientSession.cpp @@ -8,17 +8,20 @@ #include "DTLSClientSession.h" +gnutls_certificate_credentials_t* DTLSClientSession::x509CACredentials() { + static gnutls_certificate_credentials_t x509Credentials; + static bool credentialsInitialized = false; + + if (!credentialsInitialized) { + gnutls_certificate_allocate_credentials(&x509Credentials); + } + + return &x509Credentials; +} + DTLSClientSession::DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket) : DTLSSession(GNUTLS_CLIENT, dtlsSocket, destinationSocket) { - // _x509 as a member variable and not global/static assumes a single DTLSClientSession per client - gnutls_certificate_allocate_credentials(&_x509Credentials); - gnutls_priority_set_direct(_gnutlsSession, "PERFORMANCE", NULL); - gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, _x509Credentials); -} - -DTLSClientSession::~DTLSClientSession() { - gnutls_certificate_free_credentials(_x509Credentials); -} - + gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, *x509CACredentials()); +} \ No newline at end of file diff --git a/libraries/shared/src/DTLSClientSession.h b/libraries/shared/src/DTLSClientSession.h index 325a162f61..a81daf6d74 100644 --- a/libraries/shared/src/DTLSClientSession.h +++ b/libraries/shared/src/DTLSClientSession.h @@ -14,9 +14,8 @@ class DTLSClientSession : public DTLSSession { public: DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket); - ~DTLSClientSession(); -private: - gnutls_certificate_credentials_t _x509Credentials; + + static gnutls_certificate_credentials_t* x509CACredentials(); }; #endif /* defined(__hifi__DTLSClientSession__) */ diff --git a/libraries/shared/src/DTLSSession.cpp b/libraries/shared/src/DTLSSession.cpp index 44829c424e..c5f4ade182 100644 --- a/libraries/shared/src/DTLSSession.cpp +++ b/libraries/shared/src/DTLSSession.cpp @@ -11,8 +11,6 @@ #include "NodeList.h" #include "DTLSSession.h" -#define DTLS_VERBOSE_DEBUG 0 - int DTLSSession::socketPullTimeout(gnutls_transport_ptr_t ptr, unsigned int ms) { DTLSSession* session = static_cast(ptr); QUdpSocket& dtlsSocket = session->_dtlsSocket; @@ -72,21 +70,8 @@ ssize_t DTLSSession::socketPull(gnutls_transport_ptr_t ptr, void* buffer, size_t return -1; } -ssize_t DTLSSession::socketPush(gnutls_transport_ptr_t ptr, const void* buffer, size_t size) { - DTLSSession* session = static_cast(ptr); - QUdpSocket& dtlsSocket = session->_dtlsSocket; - -#if DTLS_VERBOSE_DEBUG - qDebug() << "Pushing a message of size" << size << "to" << session->_destinationSocket; -#endif - - return dtlsSocket.writeDatagram(reinterpret_cast(buffer), size, - session->_destinationSocket.getAddress(), session->_destinationSocket.getPort()); -} - DTLSSession::DTLSSession(int end, QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket) : - _dtlsSocket(dtlsSocket), - _destinationSocket(destinationSocket), + DummyDTLSSession(dtlsSocket, destinationSocket), _completedHandshake(false) { gnutls_init(&_gnutlsSession, end | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK); @@ -100,13 +85,13 @@ DTLSSession::DTLSSession(int end, QUdpSocket& dtlsSocket, HifiSockAddr& destinat gnutls_dtls_set_timeouts(_gnutlsSession, DTLS_HANDSHAKE_RETRANSMISSION_TIMEOUT, DTLS_TOTAL_CONNECTION_TIMEOUT); gnutls_transport_set_ptr(_gnutlsSession, this); - gnutls_transport_set_push_function(_gnutlsSession, socketPush); + gnutls_transport_set_push_function(_gnutlsSession, DummyDTLSSession::socketPush); gnutls_transport_set_pull_function(_gnutlsSession, socketPull); gnutls_transport_set_pull_timeout_function(_gnutlsSession, socketPullTimeout); } DTLSSession::~DTLSSession() { - gnutls_bye(_gnutlsSession, GNUTLS_SHUT_WR); + qDebug() << "cleaning up current session"; gnutls_deinit(_gnutlsSession); } diff --git a/libraries/shared/src/DTLSSession.h b/libraries/shared/src/DTLSSession.h index 395809c6c6..6b5f5df5e3 100644 --- a/libraries/shared/src/DTLSSession.h +++ b/libraries/shared/src/DTLSSession.h @@ -13,9 +13,10 @@ #include +#include "DummyDTLSSession.h" #include "HifiSockAddr.h" -class DTLSSession : public QObject { +class DTLSSession : public DummyDTLSSession { Q_OBJECT public: DTLSSession(int end, QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket); @@ -23,7 +24,6 @@ public: static int socketPullTimeout(gnutls_transport_ptr_t ptr, unsigned int ms); static ssize_t socketPull(gnutls_transport_ptr_t ptr, void* buffer, size_t size); - static ssize_t socketPush(gnutls_transport_ptr_t ptr, const void* buffer, size_t size); qint64 writeDatagram(const QByteArray& datagram); @@ -32,8 +32,6 @@ public: bool completedHandshake() const { return _completedHandshake; } void setCompletedHandshake(bool completedHandshake); protected: - QUdpSocket& _dtlsSocket; - HifiSockAddr _destinationSocket; gnutls_session_t _gnutlsSession; bool _completedHandshake; }; diff --git a/libraries/shared/src/DomainHandler.cpp b/libraries/shared/src/DomainHandler.cpp index 59b7f73e0d..e1aedc4d11 100644 --- a/libraries/shared/src/DomainHandler.cpp +++ b/libraries/shared/src/DomainHandler.cpp @@ -33,14 +33,14 @@ void DomainHandler::clearConnectionInfo() { _uuid = QUuid(); _isConnected = false; - delete _dtlsSession; - _dtlsSession = NULL; - if (_handshakeTimer) { _handshakeTimer->stop(); delete _handshakeTimer; _handshakeTimer = NULL; } + + delete _dtlsSession; + _dtlsSession = NULL; } void DomainHandler::reset() { diff --git a/libraries/shared/src/DummyDTLSSession.cpp b/libraries/shared/src/DummyDTLSSession.cpp new file mode 100644 index 0000000000..df7e82274c --- /dev/null +++ b/libraries/shared/src/DummyDTLSSession.cpp @@ -0,0 +1,28 @@ +// +// DummyDTLSSession.cpp +// hifi +// +// Created by Stephen Birarda on 2014-04-04. +// Copyright (c) 2014 High Fidelity, Inc. All rights reserved. +// + +#include "DummyDTLSSession.h" + +ssize_t DummyDTLSSession::socketPush(gnutls_transport_ptr_t ptr, const void* buffer, size_t size) { + DummyDTLSSession* session = static_cast(ptr); + QUdpSocket& dtlsSocket = session->_dtlsSocket; + +#if DTLS_VERBOSE_DEBUG + qDebug() << "Pushing a message of size" << size << "to" << session->_destinationSocket; +#endif + + return dtlsSocket.writeDatagram(reinterpret_cast(buffer), size, + session->_destinationSocket.getAddress(), session->_destinationSocket.getPort()); +} + +DummyDTLSSession::DummyDTLSSession(QUdpSocket& dtlsSocket, const HifiSockAddr& destinationSocket) : + _dtlsSocket(dtlsSocket), + _destinationSocket(destinationSocket) +{ + +} \ No newline at end of file diff --git a/libraries/shared/src/DummyDTLSSession.h b/libraries/shared/src/DummyDTLSSession.h new file mode 100644 index 0000000000..6d4a54b4ca --- /dev/null +++ b/libraries/shared/src/DummyDTLSSession.h @@ -0,0 +1,31 @@ +// +// DummyDTLSSession.h +// hifi +// +// Created by Stephen Birarda on 2014-04-04. +// Copyright (c) 2014 High Fidelity, Inc. All rights reserved. +// + +#ifndef __hifi__DummyDTLSSession__ +#define __hifi__DummyDTLSSession__ + +#include + +#include + +#include "HifiSockAddr.h" + +#define DTLS_VERBOSE_DEBUG 1 + +class DummyDTLSSession : public QObject { + Q_OBJECT +public: + DummyDTLSSession(QUdpSocket& dtlsSocket, const HifiSockAddr& destinationSocket); + + static ssize_t socketPush(gnutls_transport_ptr_t ptr, const void* buffer, size_t size); +protected: + QUdpSocket& _dtlsSocket; + HifiSockAddr _destinationSocket; +}; + +#endif /* defined(__hifi__DummyDTLSSession__) */ diff --git a/libraries/shared/src/LimitedNodeList.cpp b/libraries/shared/src/LimitedNodeList.cpp index e9fdaa493c..f6e6d282d9 100644 --- a/libraries/shared/src/LimitedNodeList.cpp +++ b/libraries/shared/src/LimitedNodeList.cpp @@ -426,7 +426,7 @@ void LimitedNodeList::removeSilentNodes() { node->getMutex().lock(); - if ((usecTimestampNow() - node->getLastHeardMicrostamp()) > (NODE_SILENCE_THRESHOLD_MSECS * 1000)) { + if ((usecTimestampNow() - node->getLastHeardMicrostamp()) > (NODE_SILENCE_THRESHOLD_MSECS * 1)) { // call our private method to kill this node (removes it and emits the right signal) nodeItem = killNodeAtHashIterator(nodeItem); } else { diff --git a/libraries/shared/src/NodeList.cpp b/libraries/shared/src/NodeList.cpp index 50fa0269ef..92eb186c96 100644 --- a/libraries/shared/src/NodeList.cpp +++ b/libraries/shared/src/NodeList.cpp @@ -132,6 +132,8 @@ void NodeList::processAvailableDTLSDatagrams() { processNodeData(_domainHandler.getSockAddr(), dtlsPacket.left(receivedBytes)); } else if (gnutls_error_is_fatal(receivedBytes)) { qDebug() << "Fatal error -" << gnutls_strerror(receivedBytes) << "- receiving DTLS packet from domain-server."; + } else { + qDebug() << "non fatal receive" << receivedBytes; } } }