- Timestamp:
- Jun 22, 2021, 9:00:19 PM (3 years ago)
- Location:
- azure_iot_hub_f767zi/trunk/azure_iot_sdk/c-utility/adapters
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
azure_iot_hub_f767zi/trunk/azure_iot_sdk/c-utility/adapters/httpapi_compact.c
r457 r464 51 51 char* x509ClientCertificate; 52 52 char* x509ClientPrivateKey; 53 const char* proxy_host;54 int proxy_port;55 const char* proxy_username;56 const char* proxy_password;57 53 XIO_HANDLE xio_handle; 58 54 size_t received_bytes_count; … … 205 201 { 206 202 HTTP_HANDLE_DATA* http_instance; 203 TLSIO_CONFIG tlsio_config; 207 204 208 205 if (hostName == NULL) … … 226 223 LogError("There is no memory to control the http connection"); 227 224 } 228 else if (mallocAndStrcpy_s((char**)&(http_instance->hostName), hostName) != 0)229 { 230 LogError(" failure allocate hostname");225 else if (mallocAndStrcpy_s(&http_instance->hostName, hostName) != 0) 226 { 227 LogError("Failed copying hostname"); 231 228 free(http_instance); 232 229 http_instance = NULL; … … 234 231 else 235 232 { 236 http_instance->xio_handle = NULL; 237 http_instance->is_connected = 0; 238 http_instance->is_io_error = 0; 239 http_instance->received_bytes_count = 0; 240 http_instance->received_bytes = NULL; 241 http_instance->certificate = NULL; 242 http_instance->x509ClientCertificate = NULL; 243 http_instance->x509ClientPrivateKey = NULL; 244 http_instance->proxy_host = NULL; 245 http_instance->proxy_port = 0; 246 http_instance->proxy_username = NULL; 247 http_instance->proxy_password = NULL; 233 tlsio_config.hostname = http_instance->hostName; 234 tlsio_config.port = 443; 235 tlsio_config.underlying_io_interface = NULL; 236 tlsio_config.underlying_io_parameters = NULL; 237 238 http_instance->xio_handle = xio_create(platform_get_default_tlsio(), (void*)&tlsio_config); 239 240 /*Codes_SRS_HTTPAPI_COMPACT_21_016: [ If the HTTPAPI_CreateConnection failed to create the connection, it shall return NULL as the handle. ]*/ 241 if (http_instance->xio_handle == NULL) 242 { 243 LogError("Create connection failed"); 244 free(http_instance->hostName); 245 free(http_instance); 246 http_instance = NULL; 247 } 248 else 249 { 250 http_instance->is_connected = 0; 251 http_instance->is_io_error = 0; 252 http_instance->received_bytes_count = 0; 253 http_instance->received_bytes = NULL; 254 http_instance->certificate = NULL; 255 http_instance->x509ClientCertificate = NULL; 256 http_instance->x509ClientPrivateKey = NULL; 257 } 248 258 } 249 259 } … … 311 321 } 312 322 313 if (http_instance->hostName != NULL)314 {315 free((void*)http_instance->hostName);316 }317 318 323 #ifndef DO_NOT_COPY_TRUSTED_CERTS_STRING 319 324 /*Codes_SRS_HTTPAPI_COMPACT_21_018: [ If there is a certificate associated to this connection, the HTTPAPI_CloseConnection shall free all allocated memory for the certificate. ]*/ … … 336 341 } 337 342 338 if (http_instance->proxy_host != NULL) 339 { 340 free((void*)http_instance->proxy_host); 341 } 342 if (http_instance->proxy_username != NULL) 343 { 344 free((void*)http_instance->proxy_username); 345 } 346 if (http_instance->proxy_password != NULL) 347 { 348 free((void*)http_instance->proxy_password); 343 if (http_instance->hostName) 344 { 345 free(http_instance->hostName); 349 346 } 350 347 … … 714 711 { 715 712 HTTPAPI_RESULT result; 716 TLSIO_CONFIG tlsio_config;717 HTTP_PROXY_IO_CONFIG http_proxy_io_config;718 713 719 714 if (http_instance->is_connected != 0) … … 725 720 { 726 721 http_instance->is_io_error = 0; 727 tlsio_config.hostname = http_instance->hostName; 728 tlsio_config.port = 443; 729 730 if (http_instance->proxy_host != NULL) { 731 tlsio_config.underlying_io_interface = http_proxy_io_get_interface_description(); 732 } 733 else { 734 tlsio_config.underlying_io_interface = NULL; 735 } 736 737 if (tlsio_config.underlying_io_interface != NULL) { 738 tlsio_config.underlying_io_parameters = (void*)&http_proxy_io_config; 739 740 http_proxy_io_config.proxy_hostname = http_instance->proxy_host; 741 http_proxy_io_config.proxy_port = http_instance->proxy_port; 742 http_proxy_io_config.username = http_instance->proxy_username; 743 http_proxy_io_config.password = http_instance->proxy_password; 744 http_proxy_io_config.hostname = http_instance->hostName; 745 http_proxy_io_config.port = 443; 746 } 747 else { 748 tlsio_config.underlying_io_parameters = NULL; 749 } 750 751 http_instance->xio_handle = xio_create(platform_get_default_tlsio(), (void*)&tlsio_config); 752 753 if (http_instance->xio_handle == NULL) 754 { 755 LogError("Create connection failed"); 756 free(http_instance); 757 http_instance = NULL; 758 result = HTTPAPI_ERROR; 759 } 722 760 723 /*Codes_SRS_HTTPAPI_COMPACT_21_022: [ If a Certificate was provided, the HTTPAPI_ExecuteRequest shall set this option on the transport layer. ]*/ 761 elseif ((http_instance->certificate != NULL) &&724 if ((http_instance->certificate != NULL) && 762 725 (xio_setoption(http_instance->xio_handle, OPTION_TRUSTED_CERT, http_instance->certificate) != 0)) 763 726 { … … 777 740 (xio_setoption(http_instance->xio_handle, SU_OPTION_X509_PRIVATE_KEY, http_instance->x509ClientPrivateKey) != 0)) 778 741 { 742 779 743 /*Codes_SRS_HTTPAPI_COMPACT_06_006: [ If the transport failed setting the client certificate private key, the HTTPAPI_ExecuteRequest shall not send any request and return HTTPAPI_SET_OPTION_FAILED. ] */ 780 744 result = HTTPAPI_SET_OPTION_FAILED; … … 800 764 { 801 765 xio_dowork(http_instance->xio_handle); 802 //LogInfo("Waiting for TLS connection");766 LogInfo("Waiting for TLS connection"); 803 767 if ((countRetry--) < 0) 804 768 { … … 1347 1311 #endif // DO_NOT_COPY_TRUSTED_CERTS_STRING 1348 1312 } 1349 else if (strcmp(SU_OPTION_X509_CERT, optionName) == 0 )1313 else if (strcmp(SU_OPTION_X509_CERT, optionName) == 0 || strcmp(OPTION_X509_ECC_CERT, optionName) == 0) 1350 1314 { 1351 1315 int len; … … 1370 1334 } 1371 1335 } 1372 else if (strcmp(SU_OPTION_X509_PRIVATE_KEY, optionName) == 0 )1336 else if (strcmp(SU_OPTION_X509_PRIVATE_KEY, optionName) == 0 || strcmp(OPTION_X509_ECC_KEY, optionName) == 0) 1373 1337 { 1374 1338 int len; … … 1395 1359 else if (strcmp(OPTION_HTTP_PROXY, optionName) == 0) 1396 1360 { 1397 HTTP_PROXY_OPTIONS* proxy_data = (HTTP_PROXY_OPTIONS*)value; 1398 if (proxy_data->host_address == NULL || proxy_data->port <= 0) 1399 { 1400 LogError("invalid proxy_data values ( host_address = %p, port = %d)", proxy_data->host_address, proxy_data->port); 1361 TLSIO_CONFIG tlsio_config; 1362 HTTP_PROXY_IO_CONFIG proxy_config; 1363 HTTP_PROXY_OPTIONS* proxy_options = (HTTP_PROXY_OPTIONS*)value; 1364 1365 if (proxy_options->host_address == NULL) 1366 { 1367 LogError("NULL host_address in proxy options"); 1401 1368 result = HTTPAPI_ERROR; 1402 1369 } 1370 else if (((proxy_options->username == NULL) || (proxy_options->password == NULL)) && 1371 (proxy_options->username != proxy_options->password)) 1372 { 1373 LogError("Only one of username and password for proxy settings was NULL"); 1374 result = HTTPAPI_ERROR; 1375 } 1403 1376 else 1404 1377 { 1405 if(http_instance->proxy_host != NULL) 1406 {1407 free((void*)http_instance->proxy_host);1408 http_instance->proxy_host = NULL;1409 }1410 if (mallocAndStrcpy_s((char**)&(http_instance->proxy_host), (const char*)proxy_data->host_address) != 0)1411 { 1412 LogError("fail ure allocate proxy host");1378 1379 /* Workaround: xio interface is already created when HTTPAPI_CreateConnection is call without proxy support 1380 * need to destroy the interface and create a new one with proxy information 1381 */ 1382 OPTIONHANDLER_HANDLE xio_options; 1383 if ((xio_options = xio_retrieveoptions(http_instance->xio_handle)) == NULL) 1384 { 1385 LogError("failed saving underlying I/O transport options"); 1413 1386 result = HTTPAPI_ERROR; 1414 1387 } 1415 1388 else 1416 1389 { 1417 http_instance->proxy_port = proxy_data->port; 1418 1419 if (proxy_data->username != NULL && proxy_data->password != NULL) 1420 { 1421 if(http_instance->proxy_username != NULL) 1390 xio_destroy(http_instance->xio_handle); 1391 1392 proxy_config.hostname = http_instance->hostName; 1393 proxy_config.proxy_hostname = proxy_options->host_address; 1394 proxy_config.password = proxy_options->password; 1395 proxy_config.username = proxy_options->username; 1396 proxy_config.proxy_port = proxy_options->port; 1397 proxy_config.port = 443; 1398 1399 tlsio_config.hostname = http_instance->hostName; 1400 tlsio_config.port = 443; 1401 tlsio_config.underlying_io_interface = http_proxy_io_get_interface_description(); 1402 tlsio_config.underlying_io_parameters = &proxy_config; 1403 1404 http_instance->xio_handle = xio_create(platform_get_default_tlsio(), (void*)&tlsio_config); 1405 1406 if (http_instance->xio_handle == NULL) 1407 { 1408 LogError("Failed to create xio handle with proxy configuration"); 1409 result = HTTPAPI_ERROR; 1410 } 1411 else 1412 { 1413 if (OptionHandler_FeedOptions(xio_options, http_instance->xio_handle) != OPTIONHANDLER_OK) 1422 1414 { 1423 free((void*)http_instance->proxy_username); 1424 http_instance->proxy_username = NULL; 1425 } 1426 if(mallocAndStrcpy_s((char**)&(http_instance->proxy_username), (const char*)proxy_data->username) != 0) 1427 { 1428 LogError("failure allocate proxy username"); 1429 free((void*)http_instance->proxy_host); 1430 http_instance->proxy_host = NULL; 1415 LogError("Failed feeding existing options to new xio instance."); 1431 1416 result = HTTPAPI_ERROR; 1432 1417 } 1433 1418 else 1434 1419 { 1435 if(http_instance->proxy_password != NULL) 1436 { 1437 free((void*)http_instance->proxy_password); 1438 http_instance->proxy_password = NULL; 1439 } 1440 if(mallocAndStrcpy_s((char**)&(http_instance->proxy_password), (const char*)proxy_data->password) != 0) 1441 { 1442 LogError("failure allocate proxy password"); 1443 free((void*)http_instance->proxy_host); 1444 http_instance->proxy_host = NULL; 1445 free((void*)http_instance->proxy_username); 1446 http_instance->proxy_username = NULL; 1447 result = HTTPAPI_ERROR; 1448 } 1449 else 1450 { 1451 result = HTTPAPI_OK; 1452 } 1420 result = HTTPAPI_OK; 1453 1421 } 1454 1422 } 1455 else 1456 { 1457 result = HTTPAPI_OK; 1458 } 1423 1424 OptionHandler_Destroy(xio_options); 1459 1425 } 1460 1426 } … … 1466 1432 LogInfo("unknown option %s", optionName); 1467 1433 } 1434 1468 1435 return result; 1469 1436 } … … 1510 1477 #endif // DO_NOT_COPY_TRUSTED_CERTS_STRING 1511 1478 } 1512 else if (strcmp(SU_OPTION_X509_CERT, optionName) == 0 )1479 else if (strcmp(SU_OPTION_X509_CERT, optionName) == 0 || strcmp(OPTION_X509_ECC_CERT, optionName) == 0) 1513 1480 { 1514 1481 certLen = strlen((const char*)value); … … 1527 1494 } 1528 1495 } 1529 else if (strcmp(SU_OPTION_X509_PRIVATE_KEY, optionName) == 0 )1496 else if (strcmp(SU_OPTION_X509_PRIVATE_KEY, optionName) == 0 || strcmp(OPTION_X509_ECC_KEY, optionName) == 0) 1530 1497 { 1531 1498 certLen = strlen((const char*)value); -
azure_iot_hub_f767zi/trunk/azure_iot_sdk/c-utility/adapters/platform_toppers.c
r457 r464 52 52 const IO_INTERFACE_DESCRIPTION* platform_get_default_tlsio(void) 53 53 { 54 //return tlsio_esp_at_get_interface_description();55 return tlsio_wolfssl_get_interface_description();54 return tlsio_esp_at_get_interface_description(); 55 //return tlsio_wolfssl_get_interface_description(); 56 56 } 57 57 -
azure_iot_hub_f767zi/trunk/azure_iot_sdk/c-utility/adapters/tlsio_wolfssl.c
r457 r464 19 19 #include "azure_c_shared_utility/xlogging.h" 20 20 #include "azure_c_shared_utility/shared_util_options.h" 21 #include "azure_c_shared_utility/threadapi.h"22 21 23 22 typedef enum TLSIO_STATE_ENUM_TAG … … 53 52 char* x509privatekey; 54 53 int wolfssl_device_id; 55 size_t socket_reads; 54 char* hostname; 55 bool ignore_host_name_check; 56 56 } TLS_IO_INSTANCE; 57 57 58 58 STATIC_VAR_UNUSED const char* const OPTION_WOLFSSL_SET_DEVICE_ID = "SetDeviceId"; 59 static const size_t SOCKET_READ_LIMIT = 10000; // 10,000 ms ?59 static const size_t SOCKET_READ_LIMIT = 5; 60 60 61 61 /*this function will clone an option given by name and value*/ … … 106 106 } 107 107 } 108 #ifdef INVALID_DEVID 109 else if(strcmp(name, OPTION_WOLFSSL_SET_DEVICE_ID) == 0 ) 110 { 111 int* value_clone; 112 113 if ((value_clone = malloc(sizeof(int))) == NULL) 114 { 115 LogError("unable to clone device id option"); 116 } 117 else 118 { 119 *value_clone = *(int*)value; 120 } 121 122 result = value_clone; 123 } 124 #endif 108 125 else 109 126 { … … 127 144 if ((strcmp(name, OPTION_TRUSTED_CERT) == 0) || 128 145 (strcmp(name, SU_OPTION_X509_CERT) == 0) || 129 (strcmp(name, SU_OPTION_X509_PRIVATE_KEY) == 0)) 146 (strcmp(name, SU_OPTION_X509_PRIVATE_KEY) == 0) || 147 (strcmp(name, OPTION_WOLFSSL_SET_DEVICE_ID) == 0)) 130 148 { 131 149 free((void*)value); … … 185 203 result = NULL; 186 204 } 205 #ifdef INVALID_DEVID 206 else if ( 207 (tls_io_instance->wolfssl_device_id != INVALID_DEVID) && 208 (OptionHandler_AddOption(result, OPTION_WOLFSSL_SET_DEVICE_ID, &tls_io_instance->wolfssl_device_id) != OPTIONHANDLER_OK) 209 ) 210 { 211 LogError("unable to save deviceid option"); 212 OptionHandler_Destroy(result); 213 result = NULL; 214 } 215 #endif 187 216 else 188 217 { … … 258 287 int res; 259 288 tls_io_instance->tlsio_state = TLSIO_STATE_IN_HANDSHAKE; 260 tls_io_instance->socket_reads = 0;261 289 262 290 res = wolfSSL_connect(tls_io_instance->ssl); 263 291 if (res != SSL_SUCCESS) 264 292 { 265 LogError("WolfSSL connect failed"); 293 // Error codes explained in https://www.wolfssl.com/docs/wolfssl-manual/appendix-c/ 294 LogError("WolfSSL connect failed (%d)", wolfSSL_get_error(tls_io_instance->ssl, res)); 266 295 indicate_open_complete(tls_io_instance, IO_OPEN_ERROR); 267 296 tls_io_instance->tlsio_state = TLSIO_STATE_ERROR; … … 355 384 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context; 356 385 unsigned char* new_socket_io_read_bytes; 386 size_t socket_reads = 0; 357 387 358 388 AZURE_UNREFERENCED_PARAMETER(ssl); 359 if (tls_io_instance->socket_io_read_byte_count == 0) 360 { 361 if (tls_io_instance->socket_reads >= SOCKET_READ_LIMIT) { 362 return WOLFSSL_CBIO_ERR_TIMEOUT; 363 } 389 while (tls_io_instance->socket_io_read_byte_count == 0 && socket_reads < SOCKET_READ_LIMIT) 390 { 364 391 xio_dowork(tls_io_instance->socket_io); 365 if (tls_io_instance->tlsio_state == TLSIO_STATE_IN_HANDSHAKE) 366 { 367 tls_io_instance->socket_reads++; 368 ThreadAPI_Sleep(1); 369 return 0; 370 } 392 if (tls_io_instance->tlsio_state != TLSIO_STATE_IN_HANDSHAKE) 393 { 394 break; 395 } 396 socket_reads++; 371 397 } 372 398 … … 417 443 } 418 444 419 static void on_send_complete(void* context, IO_SEND_RESULT send_result)420 {421 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context;422 if ((tls_io_instance == NULL) || (tls_io_instance->on_send_complete == NULL))423 return;424 425 tls_io_instance->on_send_complete(tls_io_instance->on_send_complete_callback_context, send_result);426 427 tls_io_instance->on_send_complete = NULL;428 tls_io_instance->on_send_complete_callback_context = NULL;429 }430 431 445 static int on_io_send(WOLFSSL *ssl, char *buf, int sz, void *context) 432 446 { 433 int result , ret;447 int result; 434 448 AZURE_UNREFERENCED_PARAMETER(ssl); 435 449 436 450 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context; 437 451 438 if ( (ret = xio_send(tls_io_instance->socket_io, buf, sz, on_send_complete, tls_io_instance)) != 0)439 { 440 LogError("Failed sending bytes through underlying IO %d", ret);452 if (xio_send(tls_io_instance->socket_io, buf, sz, tls_io_instance->on_send_complete, tls_io_instance->on_send_complete_callback_context) != 0) 453 { 454 LogError("Failed sending bytes through underlying IO"); 441 455 tls_io_instance->tlsio_state = TLSIO_STATE_ERROR; 442 456 indicate_error(tls_io_instance); 443 result = 0;457 result = WOLFSSL_CBIO_ERR_GENERAL; 444 458 } 445 459 else … … 455 469 AZURE_UNREFERENCED_PARAMETER(ssl); 456 470 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context; 457 if (tls_io_instance->tlsio_state == TLSIO_STATE_OPEN) { 458 LogInfo("on_handshake_done called in TLSIO_STATE_OPEN state"); 459 } 460 else if (tls_io_instance->tlsio_state != TLSIO_STATE_IN_HANDSHAKE) 471 if (tls_io_instance->tlsio_state != TLSIO_STATE_IN_HANDSHAKE) 461 472 { 462 473 LogInfo("on_handshake_done called when not in IN_HANDSHAKE state"); … … 558 569 } 559 570 571 static int enable_domain_check(TLS_IO_INSTANCE* tls_io_instance) 572 { 573 int result = 0; 574 575 if (!tls_io_instance->ignore_host_name_check) 576 { 577 if (wolfSSL_check_domain_name(tls_io_instance->ssl, tls_io_instance->hostname) != WOLFSSL_SUCCESS) 578 { 579 result = MU_FAILURE; 580 } 581 } 582 583 return result; 584 } 585 560 586 static int prepare_wolfssl_open(TLS_IO_INSTANCE* tls_io_instance) 561 587 { 562 588 int result; 563 if (add_certificate_to_store(tls_io_instance) != 0) 589 590 if (enable_domain_check(tls_io_instance)) 591 { 592 LogError("Failed to configure domain name verification"); 593 result = MU_FAILURE; 594 } 595 else if (add_certificate_to_store(tls_io_instance) != 0) 564 596 { 565 597 LogError("Failed to add certificates to store"); … … 575 607 result = MU_FAILURE; 576 608 } 577 #ifdef INVALID_DEVID578 else if (tls_io_instance->wolfssl_device_id != INVALID_DEVID && wolfSSL_SetDevId(tls_io_instance->ssl, tls_io_instance->wolfssl_device_id) != WOLFSSL_SUCCESS)579 {580 LogError("Failure setting device id");581 result = MU_FAILURE;582 }583 #endif584 609 else 585 610 { … … 628 653 { 629 654 LogError("Cannot create the wolfSSL context"); 655 free(result); 656 result = NULL; 657 } 658 else if (mallocAndStrcpy_s(&result->hostname, tls_io_config->hostname) != 0) 659 { 660 LogError("Failed copying the target hostname."); 630 661 free(result); 631 662 result = NULL; … … 660 691 LogError("Failed getting socket IO interface description."); 661 692 wolfSSL_CTX_free(result->ssl_context); 693 free(result->hostname); 662 694 free(result); 663 695 result = NULL; … … 670 702 LogError("Failure connecting to underlying socket_io"); 671 703 wolfSSL_CTX_free(result->ssl_context); 704 free(result->hostname); 672 705 free(result); 673 706 result = NULL; … … 677 710 LogError("Failure connecting to underlying socket_io"); 678 711 wolfSSL_CTX_free(result->ssl_context); 712 free(result->hostname); 679 713 free(result); 680 714 result = NULL; … … 719 753 720 754 xio_destroy(tls_io_instance->socket_io); 755 free(tls_io_instance->hostname); 721 756 free(tls_io); 722 757 } … … 843 878 result = MU_FAILURE; 844 879 } 845 if (tls_io_instance->on_send_complete != NULL)846 {847 LogError("Error writing data");848 result = MU_FAILURE;849 }850 880 else 851 881 { … … 882 912 (tls_io_instance->tlsio_state != TLSIO_STATE_ERROR)) 883 913 { 884 if (tls_io_instance->tlsio_state != TLSIO_STATE_OPENING_UNDERLYING_IO) 885 decode_ssl_received_bytes(tls_io_instance); 914 decode_ssl_received_bytes(tls_io_instance); 886 915 xio_dowork(tls_io_instance->socket_io); 887 916 } … … 892 921 static int process_option(char** destination, const char* name, const char* value) 893 922 { 923 924 (void) name; 925 894 926 int result; 895 927 if (*destination != NULL) … … 944 976 { 945 977 int device_id = *((int *)value); 946 if (tls_io_instance->ssl != NULL) 947 { 948 if (tls_io_instance->ssl != NULL && wolfSSL_SetDevId(tls_io_instance->ssl, device_id) != WOLFSSL_SUCCESS) 949 { 950 LogError("Failure setting device id on ssl"); 951 result = MU_FAILURE; 952 } 953 else 954 { 955 result = 0; 956 } 978 if (tls_io_instance->ssl != NULL && wolfSSL_SetDevId(tls_io_instance->ssl, device_id) != WOLFSSL_SUCCESS) 979 { 980 LogError("Failure setting device id on ssl"); 981 result = MU_FAILURE; 957 982 } 958 983 else 959 984 { 960 // Save the id till we create the ssl object985 // Save the device Id even if ssl object not yet created. 961 986 tls_io_instance->wolfssl_device_id = device_id; 962 987 result = 0; … … 964 989 } 965 990 #endif 991 else if (strcmp("ignore_host_name_check", optionName) == 0) 992 { 993 bool* server_name_check = (bool*)value; 994 tls_io_instance->ignore_host_name_check = *server_name_check; 995 result = 0; 996 } 966 997 else 967 998 {
Note:
See TracChangeset
for help on using the changeset viewer.