Implement full shutdown #78
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Or rather move it to the end where it is called at most once. This resolves the TODO on sspi_handshake::state and is intended to simplify the code to allow for further refactoring. There is a small change in behavior: As a server, all communication with the client is now done before manual_auth. Before, manual_auth was called as early as possible and possibly more data was sent through the stream after that.
What the comment stated for the AcceptSecurityContext documentation holds for InitializeSecurityContext just as much.
Again this is to simplify the code. I do not currently see a reason for the function to be a coroutine. Also add a comment about posting self.complete on the first call.
This reverts commit b437f7a.
Change the code such that posting self is only needed once. Also add a comment explaining why this is necessary.
See comments in post_self.hpp.
This failed once on the github CI. Assuming that the failure was due to high load on the test server, this increases the timeout so that hopefully this will not fail again in the future.
The handshake loop shall be used for shutdown as well.
This seemingly worked correctly before, but the documentation clearly states that AcceptSecurityContext should be used when acting as a server. See https://learn.microsoft.com/en-us/windows/win32/secauthn/shutting-down-an-schannel-connection
More precisely, add test where one of the endpoints closes the underlying stream without shutting down the TLS stream. WinTLS will currently not produce an error in such cases.
WinTLS will now produce asio::error::eof when the underlying stream gets closed without the peer sending its close notify. This should be changed to a separate error code analogously to Asio.SSL.
The error code is designed to be analogously to the one in asio.ssl.
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The implementation still has Issues, but it generally solves #75.
This is particularly documented in the new tests in shutdown_test.cpp, so I close #74 in favor of this branch.
The branch is based on top of #77.
Besides smaller things, there are two major problems still:
small reads/async client testin stream_test.cpp fails.io_context.run()inecho test/async testin echo_test.cpp blocks with wintls_server.client.run()andserver.run(), as shown in the last commit. But that is no proper solution, obviously. Again, any hints are appreciated.Both problems are introduced with the commit 26fc986.