/* Copyright (c) 2018, Google Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #ifndef HEADER_TEST_HANDSHAKE #define HEADER_TEST_HANDSHAKE #include #include #include "settings_writer.h" #if defined(OPENSSL_LINUX) && !defined(OPENSSL_ANDROID) #define HANDSHAKER_SUPPORTED #endif // RetryAsync is called after a failed operation on |ssl| with return code // |ret|. If the operation should be retried, it simulates one asynchronous // event and returns true. Otherwise it returns false. bool RetryAsync(SSL *ssl, int ret); // CheckIdempotentError runs |func|, an operation on |ssl|, ensuring that // errors are idempotent. int CheckIdempotentError(const char *name, SSL *ssl, std::function func); #if defined(HANDSHAKER_SUPPORTED) // DoSplitHandshake delegates the SSL handshake to a separate process, called // the handshaker. This process proxies I/O between the handshaker and the // client, using the |BIO| from |ssl|. After a successful handshake, |ssl| is // replaced with a new |SSL| object, in a way that is intended to be invisible // to the caller. bool DoSplitHandshake(bssl::UniquePtr *ssl, SettingsWriter *writer, bool is_resume); // GetHandshakeHint requests a handshake hint from the handshaker process and // configures the result on |ssl|. It returns true on success and false on // error. bool GetHandshakeHint(SSL *ssl, SettingsWriter *writer, bool is_resume, const SSL_CLIENT_HELLO *client_hello); // The protocol between the proxy and the handshaker is defined by these // single-character prefixes. |kControlMsgDone| uses 'H' for compatibility with // older binaries. constexpr char kControlMsgWantRead = 'R'; // Handshaker wants data constexpr char kControlMsgWriteCompleted = 'W'; // Proxy has sent data constexpr char kControlMsgDone = 'H'; // Proxy should resume control constexpr char kControlMsgError = 'E'; // Handshaker hit an error // The protocol between the proxy and handshaker uses these file descriptors. constexpr int kFdControl = 3; // Bi-directional dgram socket. constexpr int kFdProxyToHandshaker = 4; // Uni-directional pipe. constexpr int kFdHandshakerToProxy = 5; // Uni-directional pipe. #endif // HANDSHAKER_SUPPORTED #endif // HEADER_TEST_HANDSHAKE