Commit 116dc16f authored by Chul Lee's avatar Chul Lee Committed by Randeep

[IOT-1549] Add DTLS retransmission

Create thread for checking peer timer

Change-Id: I067b5924035b4b2563fcc094a5cbcf6dd9ae6e50
Signed-off-by: default avatarDmitriy Zhuravlev <d.zhuravlev@samsung.com>
Signed-off-by: default avatarChul Lee <chuls.lee@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/14287Tested-by: default avatarjenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
parent 3ff7276e
...@@ -68,6 +68,8 @@ if (('BLE' in ca_transport) or ('ALL' in ca_transport)): ...@@ -68,6 +68,8 @@ if (('BLE' in ca_transport) or ('ALL' in ca_transport)):
if env.get('SECURED') == '1': if env.get('SECURED') == '1':
env.SConscript(build_dir + 'extlibs/tinydtls/SConscript') env.SConscript(build_dir + 'extlibs/tinydtls/SConscript')
env.AppendUnique(CPPPATH = ['#extlibs/tinydtls']) env.AppendUnique(CPPPATH = ['#extlibs/tinydtls'])
env.SConscript(build_dir + 'extlibs/timer/SConscript')
env.AppendUnique(CPPPATH = ['#extlibs/timer'])
env.AppendUnique(CPPPATH = [src_dir + '/resource/csdk/security/include']) env.AppendUnique(CPPPATH = [src_dir + '/resource/csdk/security/include'])
env.AppendUnique(CPPDEFINES = ['__WITH_DTLS__']) env.AppendUnique(CPPDEFINES = ['__WITH_DTLS__'])
env.AppendUnique(CPPPATH = [os.path.join(root_dir, 'external/inc')]) env.AppendUnique(CPPPATH = [os.path.join(root_dir, 'external/inc')])
...@@ -200,10 +202,12 @@ if ca_os in ['android', 'tizen', 'linux', 'yocto']: ...@@ -200,10 +202,12 @@ if ca_os in ['android', 'tizen', 'linux', 'yocto']:
lib_env.AppendUnique(LIBS = ['coap']) lib_env.AppendUnique(LIBS = ['coap'])
if lib_env.get('SECURED') == '1': if lib_env.get('SECURED') == '1':
lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto']) lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto'])
lib_env.AppendUnique(LIBS = ['timer'])
if ca_os != 'android': if ca_os != 'android':
lib_env.AppendUnique(LIBS = ['rt']) lib_env.AppendUnique(LIBS = ['rt'])
if ((lib_env.get('SECURED') == '1') and ((lib_env.get('WITH_TCP')) or (lib_env.get('WITH_CLOUD')))): if ((lib_env.get('SECURED') == '1') and ((lib_env.get('WITH_TCP')) or (lib_env.get('WITH_CLOUD')))):
lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto']) lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto'])
lib_env.AppendUnique(LIBS = ['timer'])
static_calib = lib_env.StaticLibrary('connectivity_abstraction', env.get('CA_SRC')) static_calib = lib_env.StaticLibrary('connectivity_abstraction', env.get('CA_SRC'))
shared_calib = lib_env.SharedLibrary('connectivity_abstraction', lib_env.get('CA_SRC')) shared_calib = lib_env.SharedLibrary('connectivity_abstraction', lib_env.get('CA_SRC'))
calib = Flatten([static_calib, shared_calib]) calib = Flatten([static_calib, shared_calib])
...@@ -211,6 +215,7 @@ elif ca_os in ['msys_nt', 'windows']: ...@@ -211,6 +215,7 @@ elif ca_os in ['msys_nt', 'windows']:
lib_env.AppendUnique(LIBS = ['coap', 'mswsock', 'ws2_32', 'iphlpapi', 'logger']) lib_env.AppendUnique(LIBS = ['coap', 'mswsock', 'ws2_32', 'iphlpapi', 'logger'])
if lib_env.get('SECURED') == '1': if lib_env.get('SECURED') == '1':
lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto']) lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto'])
lib_env.AppendUnique(LIBS = ['timer'])
calib = lib_env.StaticLibrary('connectivity_abstraction', env.get('CA_SRC')) calib = lib_env.StaticLibrary('connectivity_abstraction', env.get('CA_SRC'))
else: else:
calib = lib_env.StaticLibrary('connectivity_abstraction', lib_env.get('CA_SRC')) calib = lib_env.StaticLibrary('connectivity_abstraction', lib_env.get('CA_SRC'))
......
...@@ -28,6 +28,7 @@ ...@@ -28,6 +28,7 @@
#include "oic_malloc.h" #include "oic_malloc.h"
#include "byte_array.h" #include "byte_array.h"
#include "octhread.h" #include "octhread.h"
#include "timer.h"
// headers required for mbed TLS // headers required for mbed TLS
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
...@@ -130,6 +131,13 @@ ...@@ -130,6 +131,13 @@
* @param[in] peer remote peer * @param[in] peer remote peer
* @param[in] ret used internaly * @param[in] ret used internaly
*/ */
/**
* @var RETRANSMISSION_TIME
* @brief Maximum timeout value (in seconds) to start DTLS retransmission.
*/
#define RETRANSMISSION_TIME 1
#define SSL_CLOSE_NOTIFY(peer, ret) \ #define SSL_CLOSE_NOTIFY(peer, ret) \
do \ do \
{ \ { \
...@@ -370,10 +378,7 @@ typedef struct SslContext ...@@ -370,10 +378,7 @@ typedef struct SslContext
mbedtls_ssl_config serverTlsConf; mbedtls_ssl_config serverTlsConf;
mbedtls_ssl_config clientDtlsConf; mbedtls_ssl_config clientDtlsConf;
mbedtls_ssl_config serverDtlsConf; mbedtls_ssl_config serverDtlsConf;
#ifdef __WITH_DTLS__
mbedtls_ssl_cookie_ctx cookie_ctx;
mbedtls_timing_delay_context timer;
#endif // __WITH_DTLS__
AdapterCipher_t cipher; AdapterCipher_t cipher;
SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS]; SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
mbedtls_x509_crl crl; mbedtls_x509_crl crl;
...@@ -440,8 +445,8 @@ typedef struct SslEndPoint ...@@ -440,8 +445,8 @@ typedef struct SslEndPoint
uint8_t random[2*RANDOM_LEN]; uint8_t random[2*RANDOM_LEN];
#ifdef __WITH_DTLS__ #ifdef __WITH_DTLS__
mbedtls_ssl_cookie_ctx cookieCtx; mbedtls_ssl_cookie_ctx cookieCtx;
#endif mbedtls_timing_delay_context timer;
#endif // __WITH_DTLS__
} SslEndPoint_t; } SslEndPoint_t;
void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback) void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
...@@ -989,7 +994,7 @@ static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl ...@@ -989,7 +994,7 @@ static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl
mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL); mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport) if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
{ {
mbedtls_ssl_set_timer_cb(&tep->ssl, &g_caSslContext->timer, mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
mbedtls_timing_set_delay, mbedtls_timing_get_delay); mbedtls_timing_set_delay, mbedtls_timing_get_delay);
if (MBEDTLS_SSL_IS_SERVER == config->endpoint) if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
{ {
...@@ -1216,6 +1221,52 @@ static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode) ...@@ -1216,6 +1221,52 @@ static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
return 0; return 0;
} }
/**
* Starts DTLS retransmission.
*/
static void StartRetransmit()
{
static int timerId = -1;
uint32_t listIndex = 0;
uint32_t listLength = 0;
SslEndPoint_t *tep = NULL;
if (timerId != -1)
{
//clear previous timer
unregisterTimer(timerId);
oc_mutex_lock(g_sslContextMutex);
//stop retransmission if context is invalid
if(NULL == g_caSslContext)
{
OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
oc_mutex_unlock(g_sslContextMutex);
return;
}
listLength = u_arraylist_length(g_caSslContext->peerList);
for (listIndex = 0; listIndex < listLength; listIndex++)
{
tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
if (NULL == tep
|| MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport
|| MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
{
continue;
}
int ret = mbedtls_ssl_handshake_step(&tep->ssl);
if (0 != ret && MBEDTLS_ERR_SSL_CONN_EOF != ret)
{
OIC_LOG_V(ERROR, NET_SSL_TAG, "Retransmission error: -0x%x", -ret);
}
}
oc_mutex_unlock(g_sslContextMutex);
}
//start new timer
registerTimer(RETRANSMISSION_TIME, &timerId, (void *) StartRetransmit);
}
CAResult_t CAinitSslAdapter() CAResult_t CAinitSslAdapter()
{ {
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
...@@ -1357,6 +1408,10 @@ CAResult_t CAinitSslAdapter() ...@@ -1357,6 +1408,10 @@ CAResult_t CAinitSslAdapter()
mbedtls_pk_init(&g_caSslContext->pkey); mbedtls_pk_init(&g_caSslContext->pkey);
mbedtls_x509_crl_init(&g_caSslContext->crl); mbedtls_x509_crl_init(&g_caSslContext->crl);
#ifdef __WITH_DTLS__
StartRetransmit();
#endif
oc_mutex_unlock(g_sslContextMutex); oc_mutex_unlock(g_sslContextMutex);
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
......
...@@ -35,4 +35,7 @@ OCUnlinkDevices ...@@ -35,4 +35,7 @@ OCUnlinkDevices
SetGeneratePinCB SetGeneratePinCB
SetInputPinCB SetInputPinCB
SetRandomPinPolicy SetRandomPinPolicy
\ No newline at end of file
registerTimer
unregisterTimer
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment