Fix handshake error check

- Only delete peer info without sending alert message when socket error returned during handshake : this will prevent re-trying TLS handsake in order to send alert message - Check if received data size is larger than zero Change-Id: I3e5423b9f82e5b6bc703814fd72166844e6149b3 Signed-off-by: Joonghwan Lee <jh05.lee@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/15605Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by: Chul Lee <chuls.lee@samsung.com> Reviewed-by: dongik Lee <dongik.lee@samsung.com> Reviewed-by: Jongsung Lee <js126.lee@samsung.com> Reviewed-by: Randeep Singh <randeep.s@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/15887

Fix handshake error check
- Only delete peer info without sending alert message when socket error returned during handshake : this will prevent re-trying TLS handsake in order to send alert message - Check if received data size is larger than zero Change-Id: I3e5423b9f82e5b6bc703814fd72166844e6149b3 Signed-off-by: Joonghwan Lee <jh05.lee@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/15605Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by: Chul Lee <chuls.lee@samsung.com> Reviewed-by: dongik Lee <dongik.lee@samsung.com> Reviewed-by: Jongsung Lee <js126.lee@samsung.com> Reviewed-by: Randeep Singh <randeep.s@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/15887
29f737c0 · Joonghwan Lee · Randeep · 4d819ca2 · 29f737c0
Commit 29f737c0 authored Dec 14, 2016 by Joonghwan Lee Committed by Randeep Dec 22, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 10 deletions

resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c ...e/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c +19 -10

No files found.
--- a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
+++ b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
@@ -1194,6 +1194,12 @@ static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
        {
            break;
        }
+        else if (-1 == ret)
+        {
+            OIC_LOG(ERROR, NET_SSL_TAG, "Handshake failed due to socket error");
+            RemovePeerFromList(&tep->sep.endpoint);
+            return NULL;
+        }
        SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
    }
    OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
@@ -1816,17 +1822,20 @@ CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t d
            oc_mutex_unlock(g_sslContextMutex);
            return CA_STATUS_FAILED;
        }
-        int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
-        if (0 == adapterIndex || adapterIndex == 1)
+        else if (0 < ret)
        {
-            g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
-        }
-        else
-        {
-            OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
-            RemovePeerFromList(&peer->sep.endpoint);
-            oc_mutex_unlock(g_sslContextMutex);
-            return CA_STATUS_FAILED;
+            int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
+            if (0 == adapterIndex || adapterIndex == 1)
+            {
+                g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
+            }
+            else
+            {
+                OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
+                RemovePeerFromList(&peer->sep.endpoint);
+                oc_mutex_unlock(g_sslContextMutex);
+                return CA_STATUS_FAILED;
+            }
        }
    }