Replace tls double channel (awslabs#441)

* Remove test first
* Add codebuild job spec that will run downstream integration tests (aws-c-http) that exercise double tls
* Add channel API to read from initial handler

Author: bretambrose

codebuild/linux-integration-tests.yml

@@ -0,0 +1,25 @@
+version: 0.2
+#this build spec assumes the manylinux1 image for pypi
+#additional packages we installed: cmake 3.5, libcrypto 1.1.0j, gcc 4.8.4
+phases:
+  install:
+    commands:
+      - add-apt-repository ppa:ubuntu-toolchain-r/test
+      - apt-get update -y
+      - apt-get install gcc-7 cmake ninja-build python3 -y
+  pre_build:
+    commands:
+      - export CC=gcc-7
+      - export BUILDER_VERSION=v0.8.27
+      - export BUILDER_SOURCE=releases
+      - export BUILDER_HOST=https://d19elf31gohf1l.cloudfront.net
+  build:
+    commands:
+      - echo Build started on `date`
+      - aws s3 cp s3://aws-crt-test-stuff/setup_proxy_test_env.sh /tmp/setup_proxy_test_env.sh
+      - chmod a+xr /tmp/setup_proxy_test_env.sh
+      - python3 -c "from urllib.request import urlretrieve; urlretrieve('$BUILDER_HOST/$BUILDER_SOURCE/$BUILDER_VERSION/builder.pyz', 'builder.pyz')"
+      - python3 builder.pyz build downstream -p aws-c-io --cmake-extra=-DENABLE_PROXY_INTEGRATION_TESTS=ON
+  post_build:
+    commands:
+      - echo Build completed on `date`

include/aws/io/channel.h

@@ -119,6 +119,12 @@ struct aws_channel_handler_vtable {
      * associated with the channel's handler chain.
      */
     void (*gather_statistics)(struct aws_channel_handler *handler, struct aws_array_list *stats_list);
+
+    /*
+     * If this handler represents a source of data (like the socket_handler), then this will trigger a read
+     * from the data source.
+     */
+    void (*trigger_read)(struct aws_channel_handler *handler);
 };
 
 struct aws_channel_handler {
@@ -467,6 +473,15 @@ size_t aws_channel_handler_initial_window_size(struct aws_channel_handler *handl
 AWS_IO_API
 struct aws_channel_slot *aws_channel_get_first_slot(struct aws_channel *channel);
 
+/**
+ * A way for external processes to force a read by the data-source channel handler.  Necessary in certain cases, like
+ * when a server channel finishes setting up its initial handlers, a read may have already been triggered on the
+ * socket (the client's CLIENT_HELLO tls payload, for example) and absent further data/notifications, this data
+ * would never get processed.
+ */
+AWS_IO_API
+int aws_channel_trigger_read(struct aws_channel *channel);
+
 AWS_EXTERN_C_END
 
 #endif /* AWS_IO_CHANNEL_H */

source/channel.c

@@ -1142,3 +1142,29 @@ int aws_channel_set_statistics_handler(struct aws_channel *channel, struct aws_c
 struct aws_event_loop *aws_channel_get_event_loop(struct aws_channel *channel) {
     return channel->loop;
 }
+
+int aws_channel_trigger_read(struct aws_channel *channel) {
+    if (channel == NULL) {
+        return aws_raise_error(AWS_ERROR_INVALID_ARGUMENT);
+    }
+
+    if (!aws_channel_thread_is_callers_thread(channel)) {
+        return aws_raise_error(AWS_ERROR_INVALID_STATE);
+    }
+
+    struct aws_channel_slot *slot = channel->first;
+    if (slot == NULL) {
+        return aws_raise_error(AWS_ERROR_INVALID_STATE);
+    }
+
+    struct aws_channel_handler *handler = slot->handler;
+    if (handler == NULL) {
+        return aws_raise_error(AWS_ERROR_INVALID_STATE);
+    }
+
+    if (handler->vtable->trigger_read != NULL) {
+        handler->vtable->trigger_read(handler);
+    }
+
+    return AWS_OP_SUCCESS;
+}

source/channel_bootstrap.c

@@ -1085,6 +1085,16 @@ static inline int s_setup_server_tls(struct server_channel_data *channel_data, s
         }
     }
 
+    /*
+     * Server-side channels can reach this point in execution and actually have the CLIENT_HELLO payload already
+     * on the socket in a signalled state, but there was no socket handler or read handler at the time of signal.
+     * So we need to manually trigger a read here to cover that case, otherwise the negotiation will time out because
+     * we will not receive any more data/notifications (unless we read and react).
+     */
+    if (aws_channel_trigger_read(channel)) {
+        return AWS_OP_ERR;
+    }
+
     return AWS_OP_SUCCESS;
 }
 

source/socket_channel_handler.c

@@ -348,13 +348,19 @@ static void s_reset_statistics(struct aws_channel_handler *handler) {
     aws_crt_statistics_socket_reset(&socket_handler->stats);
 }
 
-void s_gather_statistics(struct aws_channel_handler *handler, struct aws_array_list *stats_list) {
+static void s_gather_statistics(struct aws_channel_handler *handler, struct aws_array_list *stats_list) {
     struct socket_handler *socket_handler = (struct socket_handler *)handler->impl;
 
     void *stats_base = &socket_handler->stats;
     aws_array_list_push_back(stats_list, &stats_base);
 }
 
+static void s_trigger_read(struct aws_channel_handler *handler) {
+    struct socket_handler *socket_handler = (struct socket_handler *)handler->impl;
+
+    s_do_read(socket_handler);
+}
+
 static struct aws_channel_handler_vtable s_vtable = {
     .process_read_message = s_socket_process_read_message,
     .destroy = s_socket_destroy,
@@ -365,6 +371,7 @@ static struct aws_channel_handler_vtable s_vtable = {
     .message_overhead = s_message_overhead,
     .reset_statistics = s_reset_statistics,
     .gather_statistics = s_gather_statistics,
+    .trigger_read = s_trigger_read,
 };
 
 struct aws_channel_handler *aws_socket_handler_new(

tests/CMakeLists.txt

@@ -149,7 +149,6 @@ if (NOT BYO_CRYPTO)
     add_net_test_case(tls_server_hangup_during_negotiation)
     add_net_test_case(tls_client_channel_no_verify)
     add_net_test_case(test_tls_negotiation_timeout)
-    add_net_test_case(tls_double_channel)
     add_net_test_case(alpn_successfully_negotiates)
     add_net_test_case(alpn_no_protocol_message)
     add_net_test_case(test_ecc_cert_import)