Commit 6a508c51 authored by Chul Lee's avatar Chul Lee Committed by Randeep

connectivity: Add NULL check across the ca_adapter_net_ssl.c

[Philippe Coval]

Ported from 1.2-rel to master branch
Conflicts:
	resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c

Change-Id: If2f43c0150afcb344c290f8bcb21f7647b0daa01
Signed-off-by: default avatarChul Lee <chuls.lee@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/16487Tested-by: default avatarjenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
Signed-off-by: default avatarPhilippe Coval <philippe.coval@osg.samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/17299Reviewed-by: default avatarKevin Kane <kkane@microsoft.com>
parent c200c3a6
...@@ -556,6 +556,7 @@ static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen) ...@@ -556,6 +556,7 @@ static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1); VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1); VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen); OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter); OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
ssize_t sentLen = 0; ssize_t sentLen = 0;
...@@ -727,7 +728,13 @@ static int InitPKIX(CATransportAdapter_t adapter) ...@@ -727,7 +728,13 @@ static int InitPKIX(CATransportAdapter_t adapter)
{ {
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1); VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
g_getPkixInfoCallback(&g_pkiInfo); // load pk key, cert, trust chain and crl
if (g_getPkixInfoCallback)
{
g_getPkixInfoCallback(&g_pkiInfo);
}
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
mbedtls_x509_crt_free(&g_caSslContext->ca); mbedtls_x509_crt_free(&g_caSslContext->ca);
mbedtls_x509_crt_free(&g_caSslContext->crt); mbedtls_x509_crt_free(&g_caSslContext->crt);
...@@ -862,6 +869,7 @@ static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer) ...@@ -862,6 +869,7 @@ static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
uint32_t listLength = 0; uint32_t listLength = 0;
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL); VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
SslEndPoint_t *tep = NULL; SslEndPoint_t *tep = NULL;
listLength = u_arraylist_length(g_caSslContext->peerList); listLength = u_arraylist_length(g_caSslContext->peerList);
...@@ -990,8 +998,9 @@ static void DeleteSslEndPoint(SslEndPoint_t * tep) ...@@ -990,8 +998,9 @@ static void DeleteSslEndPoint(SslEndPoint_t * tep)
*/ */
static void RemovePeerFromList(CAEndpoint_t * endpoint) static void RemovePeerFromList(CAEndpoint_t * endpoint)
{ {
uint32_t listLength = u_arraylist_length(g_caSslContext->peerList); VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint"); VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
for (uint32_t listIndex = 0; listIndex < listLength; listIndex++) for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
{ {
SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex); SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
...@@ -1013,6 +1022,8 @@ static void RemovePeerFromList(CAEndpoint_t * endpoint) ...@@ -1013,6 +1022,8 @@ static void RemovePeerFromList(CAEndpoint_t * endpoint)
*/ */
static void DeletePeerList() static void DeletePeerList()
{ {
VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
uint32_t listLength = u_arraylist_length(g_caSslContext->peerList); uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
for (uint32_t listIndex = 0; listIndex < listLength; listIndex++) for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
{ {
...@@ -1120,6 +1131,7 @@ static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl ...@@ -1120,6 +1131,7 @@ static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL); VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL); VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t)); tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
if (NULL == tep) if (NULL == tep)
...@@ -1210,11 +1222,9 @@ static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapte ...@@ -1210,11 +1222,9 @@ static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapte
{ {
int index = 0; int index = 0;
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
if (NULL == g_getCredentialTypesCallback) VERIFY_NON_NULL_VOID(config, NET_SSL_TAG, "Invaild param");
{ VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null"); VERIFY_NON_NULL_VOID(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null");
return;
}
g_getCredentialTypesCallback(g_caSslContext->cipherFlag); g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
// Retrieve the PSK credential from SRM // Retrieve the PSK credential from SRM
...@@ -1272,7 +1282,7 @@ static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint) ...@@ -1272,7 +1282,7 @@ static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL); VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP || mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ||
endpoint->adapter == CA_ADAPTER_GATT_BTLE ? endpoint->adapter == CA_ADAPTER_GATT_BTLE ?
...@@ -1372,6 +1382,7 @@ static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode) ...@@ -1372,6 +1382,7 @@ static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
{ {
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1); VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
mbedtls_ssl_config_init(conf); mbedtls_ssl_config_init(conf);
if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0) if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
{ {
...@@ -2062,6 +2073,8 @@ static SslCipher_t GetCipherIndex(const uint32_t cipher) ...@@ -2062,6 +2073,8 @@ static SslCipher_t GetCipherIndex(const uint32_t cipher)
CAResult_t CAsetTlsCipherSuite(const uint32_t cipher) CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
{ {
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__); OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL context is not initialized." , CA_STATUS_NOT_INITIALIZED);
CAResult_t res = CA_STATUS_FAILED; CAResult_t res = CA_STATUS_FAILED;
SslCipher_t index = GetCipherIndex(cipher); SslCipher_t index = GetCipherIndex(cipher);
if (SSL_CIPHER_MAX == index) if (SSL_CIPHER_MAX == index)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment