- Timestamp:
- Jun 22, 2021, 9:00:19 PM (3 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
azure_iot_hub_f767zi/trunk/azure_iot_sdk/c-utility/adapters/tlsio_wolfssl.c
r457 r464 19 19 #include "azure_c_shared_utility/xlogging.h" 20 20 #include "azure_c_shared_utility/shared_util_options.h" 21 #include "azure_c_shared_utility/threadapi.h"22 21 23 22 typedef enum TLSIO_STATE_ENUM_TAG … … 53 52 char* x509privatekey; 54 53 int wolfssl_device_id; 55 size_t socket_reads; 54 char* hostname; 55 bool ignore_host_name_check; 56 56 } TLS_IO_INSTANCE; 57 57 58 58 STATIC_VAR_UNUSED const char* const OPTION_WOLFSSL_SET_DEVICE_ID = "SetDeviceId"; 59 static const size_t SOCKET_READ_LIMIT = 10000; // 10,000 ms ?59 static const size_t SOCKET_READ_LIMIT = 5; 60 60 61 61 /*this function will clone an option given by name and value*/ … … 106 106 } 107 107 } 108 #ifdef INVALID_DEVID 109 else if(strcmp(name, OPTION_WOLFSSL_SET_DEVICE_ID) == 0 ) 110 { 111 int* value_clone; 112 113 if ((value_clone = malloc(sizeof(int))) == NULL) 114 { 115 LogError("unable to clone device id option"); 116 } 117 else 118 { 119 *value_clone = *(int*)value; 120 } 121 122 result = value_clone; 123 } 124 #endif 108 125 else 109 126 { … … 127 144 if ((strcmp(name, OPTION_TRUSTED_CERT) == 0) || 128 145 (strcmp(name, SU_OPTION_X509_CERT) == 0) || 129 (strcmp(name, SU_OPTION_X509_PRIVATE_KEY) == 0)) 146 (strcmp(name, SU_OPTION_X509_PRIVATE_KEY) == 0) || 147 (strcmp(name, OPTION_WOLFSSL_SET_DEVICE_ID) == 0)) 130 148 { 131 149 free((void*)value); … … 185 203 result = NULL; 186 204 } 205 #ifdef INVALID_DEVID 206 else if ( 207 (tls_io_instance->wolfssl_device_id != INVALID_DEVID) && 208 (OptionHandler_AddOption(result, OPTION_WOLFSSL_SET_DEVICE_ID, &tls_io_instance->wolfssl_device_id) != OPTIONHANDLER_OK) 209 ) 210 { 211 LogError("unable to save deviceid option"); 212 OptionHandler_Destroy(result); 213 result = NULL; 214 } 215 #endif 187 216 else 188 217 { … … 258 287 int res; 259 288 tls_io_instance->tlsio_state = TLSIO_STATE_IN_HANDSHAKE; 260 tls_io_instance->socket_reads = 0;261 289 262 290 res = wolfSSL_connect(tls_io_instance->ssl); 263 291 if (res != SSL_SUCCESS) 264 292 { 265 LogError("WolfSSL connect failed"); 293 // Error codes explained in https://www.wolfssl.com/docs/wolfssl-manual/appendix-c/ 294 LogError("WolfSSL connect failed (%d)", wolfSSL_get_error(tls_io_instance->ssl, res)); 266 295 indicate_open_complete(tls_io_instance, IO_OPEN_ERROR); 267 296 tls_io_instance->tlsio_state = TLSIO_STATE_ERROR; … … 355 384 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context; 356 385 unsigned char* new_socket_io_read_bytes; 386 size_t socket_reads = 0; 357 387 358 388 AZURE_UNREFERENCED_PARAMETER(ssl); 359 if (tls_io_instance->socket_io_read_byte_count == 0) 360 { 361 if (tls_io_instance->socket_reads >= SOCKET_READ_LIMIT) { 362 return WOLFSSL_CBIO_ERR_TIMEOUT; 363 } 389 while (tls_io_instance->socket_io_read_byte_count == 0 && socket_reads < SOCKET_READ_LIMIT) 390 { 364 391 xio_dowork(tls_io_instance->socket_io); 365 if (tls_io_instance->tlsio_state == TLSIO_STATE_IN_HANDSHAKE) 366 { 367 tls_io_instance->socket_reads++; 368 ThreadAPI_Sleep(1); 369 return 0; 370 } 392 if (tls_io_instance->tlsio_state != TLSIO_STATE_IN_HANDSHAKE) 393 { 394 break; 395 } 396 socket_reads++; 371 397 } 372 398 … … 417 443 } 418 444 419 static void on_send_complete(void* context, IO_SEND_RESULT send_result)420 {421 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context;422 if ((tls_io_instance == NULL) || (tls_io_instance->on_send_complete == NULL))423 return;424 425 tls_io_instance->on_send_complete(tls_io_instance->on_send_complete_callback_context, send_result);426 427 tls_io_instance->on_send_complete = NULL;428 tls_io_instance->on_send_complete_callback_context = NULL;429 }430 431 445 static int on_io_send(WOLFSSL *ssl, char *buf, int sz, void *context) 432 446 { 433 int result , ret;447 int result; 434 448 AZURE_UNREFERENCED_PARAMETER(ssl); 435 449 436 450 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context; 437 451 438 if ( (ret = xio_send(tls_io_instance->socket_io, buf, sz, on_send_complete, tls_io_instance)) != 0)439 { 440 LogError("Failed sending bytes through underlying IO %d", ret);452 if (xio_send(tls_io_instance->socket_io, buf, sz, tls_io_instance->on_send_complete, tls_io_instance->on_send_complete_callback_context) != 0) 453 { 454 LogError("Failed sending bytes through underlying IO"); 441 455 tls_io_instance->tlsio_state = TLSIO_STATE_ERROR; 442 456 indicate_error(tls_io_instance); 443 result = 0;457 result = WOLFSSL_CBIO_ERR_GENERAL; 444 458 } 445 459 else … … 455 469 AZURE_UNREFERENCED_PARAMETER(ssl); 456 470 TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)context; 457 if (tls_io_instance->tlsio_state == TLSIO_STATE_OPEN) { 458 LogInfo("on_handshake_done called in TLSIO_STATE_OPEN state"); 459 } 460 else if (tls_io_instance->tlsio_state != TLSIO_STATE_IN_HANDSHAKE) 471 if (tls_io_instance->tlsio_state != TLSIO_STATE_IN_HANDSHAKE) 461 472 { 462 473 LogInfo("on_handshake_done called when not in IN_HANDSHAKE state"); … … 558 569 } 559 570 571 static int enable_domain_check(TLS_IO_INSTANCE* tls_io_instance) 572 { 573 int result = 0; 574 575 if (!tls_io_instance->ignore_host_name_check) 576 { 577 if (wolfSSL_check_domain_name(tls_io_instance->ssl, tls_io_instance->hostname) != WOLFSSL_SUCCESS) 578 { 579 result = MU_FAILURE; 580 } 581 } 582 583 return result; 584 } 585 560 586 static int prepare_wolfssl_open(TLS_IO_INSTANCE* tls_io_instance) 561 587 { 562 588 int result; 563 if (add_certificate_to_store(tls_io_instance) != 0) 589 590 if (enable_domain_check(tls_io_instance)) 591 { 592 LogError("Failed to configure domain name verification"); 593 result = MU_FAILURE; 594 } 595 else if (add_certificate_to_store(tls_io_instance) != 0) 564 596 { 565 597 LogError("Failed to add certificates to store"); … … 575 607 result = MU_FAILURE; 576 608 } 577 #ifdef INVALID_DEVID578 else if (tls_io_instance->wolfssl_device_id != INVALID_DEVID && wolfSSL_SetDevId(tls_io_instance->ssl, tls_io_instance->wolfssl_device_id) != WOLFSSL_SUCCESS)579 {580 LogError("Failure setting device id");581 result = MU_FAILURE;582 }583 #endif584 609 else 585 610 { … … 628 653 { 629 654 LogError("Cannot create the wolfSSL context"); 655 free(result); 656 result = NULL; 657 } 658 else if (mallocAndStrcpy_s(&result->hostname, tls_io_config->hostname) != 0) 659 { 660 LogError("Failed copying the target hostname."); 630 661 free(result); 631 662 result = NULL; … … 660 691 LogError("Failed getting socket IO interface description."); 661 692 wolfSSL_CTX_free(result->ssl_context); 693 free(result->hostname); 662 694 free(result); 663 695 result = NULL; … … 670 702 LogError("Failure connecting to underlying socket_io"); 671 703 wolfSSL_CTX_free(result->ssl_context); 704 free(result->hostname); 672 705 free(result); 673 706 result = NULL; … … 677 710 LogError("Failure connecting to underlying socket_io"); 678 711 wolfSSL_CTX_free(result->ssl_context); 712 free(result->hostname); 679 713 free(result); 680 714 result = NULL; … … 719 753 720 754 xio_destroy(tls_io_instance->socket_io); 755 free(tls_io_instance->hostname); 721 756 free(tls_io); 722 757 } … … 843 878 result = MU_FAILURE; 844 879 } 845 if (tls_io_instance->on_send_complete != NULL)846 {847 LogError("Error writing data");848 result = MU_FAILURE;849 }850 880 else 851 881 { … … 882 912 (tls_io_instance->tlsio_state != TLSIO_STATE_ERROR)) 883 913 { 884 if (tls_io_instance->tlsio_state != TLSIO_STATE_OPENING_UNDERLYING_IO) 885 decode_ssl_received_bytes(tls_io_instance); 914 decode_ssl_received_bytes(tls_io_instance); 886 915 xio_dowork(tls_io_instance->socket_io); 887 916 } … … 892 921 static int process_option(char** destination, const char* name, const char* value) 893 922 { 923 924 (void) name; 925 894 926 int result; 895 927 if (*destination != NULL) … … 944 976 { 945 977 int device_id = *((int *)value); 946 if (tls_io_instance->ssl != NULL) 947 { 948 if (tls_io_instance->ssl != NULL && wolfSSL_SetDevId(tls_io_instance->ssl, device_id) != WOLFSSL_SUCCESS) 949 { 950 LogError("Failure setting device id on ssl"); 951 result = MU_FAILURE; 952 } 953 else 954 { 955 result = 0; 956 } 978 if (tls_io_instance->ssl != NULL && wolfSSL_SetDevId(tls_io_instance->ssl, device_id) != WOLFSSL_SUCCESS) 979 { 980 LogError("Failure setting device id on ssl"); 981 result = MU_FAILURE; 957 982 } 958 983 else 959 984 { 960 // Save the id till we create the ssl object985 // Save the device Id even if ssl object not yet created. 961 986 tls_io_instance->wolfssl_device_id = device_id; 962 987 result = 0; … … 964 989 } 965 990 #endif 991 else if (strcmp("ignore_host_name_check", optionName) == 0) 992 { 993 bool* server_name_check = (bool*)value; 994 tls_io_instance->ignore_host_name_check = *server_name_check; 995 result = 0; 996 } 966 997 else 967 998 {
Note:
See TracChangeset
for help on using the changeset viewer.