Commit 29f737c0 authored by Joonghwan Lee's avatar Joonghwan Lee Committed by Randeep

Fix handshake error check

- Only delete peer info without sending alert message when socket error returned during handshake
  : this will prevent re-trying TLS handsake in order to send alert message
- Check if received data size is larger than zero

Change-Id: I3e5423b9f82e5b6bc703814fd72166844e6149b3
Signed-off-by: default avatarJoonghwan Lee <jh05.lee@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/15605Tested-by: default avatarjenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: default avatarChul Lee <chuls.lee@samsung.com>
Reviewed-by: default avatardongik Lee <dongik.lee@samsung.com>
Reviewed-by: default avatarJongsung Lee <js126.lee@samsung.com>
Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/15887
parent 4d819ca2
......@@ -1194,6 +1194,12 @@ static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
{
break;
}
else if (-1 == ret)
{
OIC_LOG(ERROR, NET_SSL_TAG, "Handshake failed due to socket error");
RemovePeerFromList(&tep->sep.endpoint);
return NULL;
}
SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
}
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
......@@ -1816,17 +1822,20 @@ CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t d
oc_mutex_unlock(g_sslContextMutex);
return CA_STATUS_FAILED;
}
int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
if (0 == adapterIndex || adapterIndex == 1)
else if (0 < ret)
{
g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
}
else
{
OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
RemovePeerFromList(&peer->sep.endpoint);
oc_mutex_unlock(g_sslContextMutex);
return CA_STATUS_FAILED;
int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
if (0 == adapterIndex || adapterIndex == 1)
{
g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
}
else
{
OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
RemovePeerFromList(&peer->sep.endpoint);
oc_mutex_unlock(g_sslContextMutex);
return CA_STATUS_FAILED;
}
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment