X-Git-Url: https://git.sesse.net/?p=cubemap;a=blobdiff_plain;f=server.h;fp=server.h;h=cb726c6fb818b7f73ce39ec09b2803215e635df6;hp=b05f661aa6641d5aed95953b98b1d103fee8702f;hb=16a03b9858752fae9e81af261821a2a22855fde3;hpb=afa95dd1ddca5b46ebf45e5bdb6aa5f3dad25d48 diff --git a/server.h b/server.h index b05f661..cb726c6 100644 --- a/server.h +++ b/server.h @@ -12,10 +12,13 @@ #include #include +#include "tlse.h" + #include "client.h" #include "stream.h" #include "thread.h" +class Acceptor; class ClientProto; struct Stream; @@ -47,7 +50,7 @@ public: // These will be deferred until the next time an iteration in do_work() happens, // and the order between them are undefined. // XXX: header should ideally be ordered with respect to data. - void add_client_deferred(int sock); + void add_client_deferred(int sock, Acceptor *acceptor); void add_data_deferred(int stream_index, const char *data, size_t bytes, uint16_t metacube_flags); // These should not be called while running, since that would violate @@ -63,6 +66,7 @@ public: void set_encoding(int stream_index, Stream::Encoding encoding); void set_src_encoding(int stream_index, Stream::Encoding encoding); void add_gen204(const std::string &url, const std::string &allow_origin); + void create_tls_context_for_acceptor(const Acceptor *acceptor); private: // Mutex protecting queued_add_clients. @@ -80,7 +84,7 @@ private: // can be taken a lot of the time. // // Protected by . - std::vector queued_add_clients; + std::vector > queued_add_clients; // All variables below this line are protected by the mutex. mutable pthread_mutex_t mutex; @@ -114,6 +118,9 @@ private: int epoll_fd; epoll_event events[EPOLL_MAX_EVENTS]; + // For each TLS-enabled acceptor, our private server context for its key pair. + std::map tls_server_contexts; + // The actual worker thread. virtual void do_work(); @@ -132,6 +139,22 @@ private: // but it's cheaper than taking it in and out all the time. void process_client(Client *client); + // If the TLS library wants to write anything to this client, + // output it. Returns true if the processing should go to sleep + // (an error, or lack of outgoing buffer space). + bool send_pending_tls_data(Client *client); + + // Reads regular data fro ma socket. Returns -1 if the processing + // should go to sleep (an error, or no data available yet), otherwise + // the number of bytes read. + int read_nontls_data(Client *client, char *buf, size_t max_size); + + // Reads (decrypted) data from a TLS socket. Returns -1 if the processing + // should go to sleep (an error, or no data available yet), otherwise + // the number of bytes read. The buffer will be used as scratch space + // for TLS data, so it can be overwritten by more bytes than what is returned. + int read_tls_data(Client *client, char *buf, size_t max_size); + // Close a given client socket, and clean up after it. void close_client(Client *client); @@ -152,7 +175,7 @@ private: void process_queued_data(); void skip_lost_data(Client *client); - void add_client(int sock); + void add_client(int sock, Acceptor *acceptor); }; #endif // !defined(_SERVER_H)