Commit ad1f7db6 authored by saurabh.s9's avatar saurabh.s9 Committed by Randeep

Security error notification engine

Purpose:
Errors happens during OCDoResource calls should be returned to app layer

Previously, session errors (handshake failed) didn't returned properly to app layer
and this cause side effects (CA retransmission works in cases when it should not)

Current state:
1. Source code builds ok
2. Secure stack samples (UDP/TCP) works well (both positive/negative cases)
3. Provisioning (OTM, 20th menu item) works well for following:
   a. justworks    positive UDP/TCP, negative UDP case
   b. mfg          positive UDP/TCP, negative UDP case
   c. mv_justworks positive UDP/TCP, negative UDP case
   d. randompin    positive UDP/TCP, negative UDP case
4. OTM in provisioning via TCP - negative case - should work properly after fix IOT-2454

How to test:
1. Positive case - just test samples (f.e secure stack samples) & provisioning with all servers
2. Negative case - add following code which artificially breaks handshake (to ca_adapter_net_ssl.c)
   if (peer->ssl.state == MBEDTLS_SSL_CERTIFICATE_REQUEST)
   {
       ret = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR;
   }
   And again test all samples and provisioning with all servers.
   As result - you should see an error returned to app immidiately (without timeouts, etc)
   and there should be no CA retransmission attempts (UDP case)

Change-Id: Ia1fe1c7c58f9e40040a0be5e7e83abbc66f80bfe
Signed-off-by: default avatarAndrii Shtompel <a.shtompel@samsung.com>
Signed-off-by: default avatarsaurabh.s9 <saurabh.s9@samsung.com>
parent 48a45c00
......@@ -369,6 +369,8 @@ typedef enum
CA_NOT_SUPPORTED, /**< Not supported */
CA_STATUS_NOT_INITIALIZED, /**< Not Initialized*/
CA_DTLS_AUTHENTICATION_FAILURE, /**< Decryption error in DTLS */
CA_CONTINUE_OPERATION, /**< Error happens but current operation should continue */
CA_HANDLE_ERROR_OTHER_MODULE, /**< Error happens but it should be handled in other module */
CA_STATUS_FAILED =255 /**< Failure */
/* Result code - END HERE */
} CAResult_t;
......@@ -712,6 +714,14 @@ typedef void (*CAResponseCallback)(const CAEndpoint_t *object,
typedef void (*CAErrorCallback)(const CAEndpoint_t *object,
const CAErrorInfo_t *errorInfo);
/**
* Callback function type for error.
* @param[out] object remote device information.
* @param[out] result error information.
*/
typedef CAResult_t (*CAHandshakeErrorCallback)(const CAEndpoint_t *object,
const CAErrorInfo_t *errorInfo);
/**
* Callback function type for network status changes delivery from CA common logic.
* @param[out] info Endpoint object from which the network status is changed.
......
......@@ -136,7 +136,7 @@ CAResult_t CAregisterGetCredentialTypesHandler(CAgetCredentialTypesHandler getCr
* @param[in] tlsHandshakeCallback callback for get tls handshake result
* @return ::CA_STATUS_OK
*/
CAResult_t CAregisterSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback);
CAResult_t CAregisterSslHandshakeCallback(CAHandshakeErrorCallback tlsHandshakeCallback);
/**
* Register callback to get TLS PSK credentials.
......
......@@ -26,6 +26,7 @@ extern "C" {
#include "caadapterutils.h"
#include "cainterface.h"
#include "caadapterinterface.h"
/**
* Currently TLS supported adapters(3) WIFI, ETHENET and BLE for linux platform.
......@@ -58,15 +59,17 @@ typedef ssize_t (*CAPacketSendCallback)(CAEndpoint_t *endpoint,
CAResult_t CAsetTlsCipherSuite(const uint32_t cipher);
/**
* Used set send and recv callbacks for different adapters(WIFI,EtherNet).
* Used set send,recv and error callbacks for different adapters(WIFI,EtherNet).
*
* @param[in] recvCallback packet received callback.
* @param[in] sendCallback packet sent callback.
* @param[in] errorCallback packet error callback.
* @param[in] type type of adapter.
*
*/
void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
CAPacketSendCallback sendCallback,
CAErrorHandleCallback errorCallback,
CATransportAdapter_t type);
/**
......@@ -153,7 +156,7 @@ CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint);
* Register callback to deliver the result of TLS handshake
* @param[in] tlsHandshakeCallback Callback to receive the result of TLS handshake.
*/
void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback);
void CAsetSslHandshakeCallback(CAHandshakeErrorCallback tlsHandshakeCallback);
/**
* Generate ownerPSK using PRF
......
......@@ -188,24 +188,6 @@ do
(ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
} while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
/**@def SSL_RES(peer, status)
*
* Sets SSL result for callback.
*
* @param[in] peer remote peer
*/
#define SSL_RES(peer, status) \
do \
{ \
oc_mutex_assert_owner(g_sslContextMutex, true); \
if (g_sslCallback) \
{ \
CAErrorInfo_t errorInfo; \
errorInfo.result = (status); \
g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
} \
} while(false)
/* OCF-defined EKU value indicating an identity certificate, that can be used for
* TLS client and server authentication. This is the DER encoding of the OID
* 1.3.6.1.4.1.44924.1.6.
......@@ -367,6 +349,7 @@ typedef struct TlsCallBacks
{
CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
CAErrorHandleCallback errorCallback; /**< Callback used to pass error to upper layer. */
} SslCallbacks_t;
/**
......@@ -433,7 +416,7 @@ static oc_mutex g_sslContextMutex = NULL;
* @var g_sslCallback
* @brief callback to deliver the TLS handshake result
*/
static CAErrorCallback g_sslCallback = NULL;
static CAHandshakeErrorCallback g_sslCallback = NULL;
/**
* Data structure for holding the data to be received.
......@@ -482,6 +465,24 @@ void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
}
/**
* Sets SSL result for callback.
*
* @param[in] peer remote peer
*/
static CAResult_t notifySubscriber(SslEndPoint_t* peer, CAResult_t status)
{
CAResult_t result = CA_STATUS_OK;
oc_mutex_assert_owner(g_sslContextMutex, true);
if (g_sslCallback)
{
CAErrorInfo_t errorInfo;
errorInfo.result = status;
result = g_sslCallback(&peer->sep.endpoint, &errorInfo);
}
return result;
}
static int GetAdapterIndex(CATransportAdapter_t adapter)
{
switch (adapter)
......@@ -497,6 +498,9 @@ static int GetAdapterIndex(CATransportAdapter_t adapter)
return -1;
}
}
static void SendCacheMessages(SslEndPoint_t * tep, CAResult_t errorCode);
/**
* Write callback.
*
......@@ -1018,6 +1022,17 @@ static void DeleteCacheList(u_arraylist_t * cacheList)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
}
static CAResult_t ConvertMbedtlsCodesToCAResult(int code)
{
//TODO:properly implement
switch (code)
{
case 0: return CA_STATUS_OK;
default: return CA_DTLS_AUTHENTICATION_FAILURE;
}
}
/**
* Deletes endpoint with session.
*
......@@ -1107,14 +1122,25 @@ static bool checkSslOperation(SslEndPoint_t* peer,
OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -ret);
// Make a copy of the endpoint, because the callback might
// free the peer object, during SSL_RES() below.
// free the peer object, during notifySubscriber() below.
CAEndpoint_t removedEndpoint = (peer)->sep.endpoint;
oc_mutex_lock(g_sslContextMutex);
if (MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != ret)
{
SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE);
CAResult_t result = notifySubscriber(peer, CA_DTLS_AUTHENTICATION_FAILURE);
//return an error to app layer
if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
{
if (CA_STATUS_OK == result)
{
result = ConvertMbedtlsCodesToCAResult(ret);
}
SendCacheMessages(peer, result);
}
}
RemovePeerFromList(&removedEndpoint);
......@@ -1906,7 +1932,7 @@ CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
*
* @param[in] tep remote address with session info
*/
static void SendCacheMessages(SslEndPoint_t * tep)
static void SendCacheMessages(SslEndPoint_t * tep, CAResult_t errorCode)
{
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
......@@ -1915,6 +1941,16 @@ static void SendCacheMessages(SslEndPoint_t * tep)
VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
CAErrorHandleCallback sendError = NULL;
if (errorCode != CA_STATUS_OK)
{
int adapterIndex = GetAdapterIndex(tep->sep.endpoint.adapter);
if (adapterIndex >= 0)
{
sendError = g_caSslContext->adapterCallbacks[adapterIndex].errorCallback;
}
}
size_t listIndex = 0;
size_t listLength = 0;
listLength = u_arraylist_length(tep->cacheList);
......@@ -1924,26 +1960,34 @@ static void SendCacheMessages(SslEndPoint_t * tep)
SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
if (NULL != msg && NULL != msg->data && 0 != msg->len)
{
unsigned char *dataBuf = (unsigned char *)msg->data;
size_t written = 0;
do
if (CA_STATUS_OK == errorCode)
{
ret = mbedtls_ssl_write(&tep->ssl, dataBuf, msg->len - written);
if (ret < 0)
unsigned char *dataBuf = (unsigned char *)msg->data;
size_t written = 0;
do
{
if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
ret = mbedtls_ssl_write(&tep->ssl, dataBuf, msg->len - written);
if (ret < 0)
{
OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned -0x%x", -ret);
break;
if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
{
OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned -0x%x", -ret);
break;
}
continue;
}
continue;
}
OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
dataBuf += ret;
written += ret;
} while (msg->len > written);
dataBuf += ret;
written += ret;
} while (msg->len > written);
}
else if (NULL != sendError)
{
//send error info via error callback to app layer
sendError(&tep->sep.endpoint, (uint8_t *)msg->data, msg->len, errorCode);
}
if (u_arraylist_remove(tep->cacheList, listIndex))
{
......@@ -1966,7 +2010,7 @@ static void SendCacheMessages(SslEndPoint_t * tep)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
}
void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
void CAsetSslHandshakeCallback(CAHandshakeErrorCallback tlsHandshakeCallback)
{
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s(%p)", __func__, tlsHandshakeCallback);
......@@ -2077,10 +2121,11 @@ CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, size_t dat
if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
{
SSL_RES(peer, CA_STATUS_OK);
CAResult_t result = notifySubscriber(peer, CA_STATUS_OK);
if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
{
SendCacheMessages(peer);
SendCacheMessages(peer, result);
}
int selectedCipher = peer->ssl.session->ciphersuite;
......@@ -2234,28 +2279,28 @@ CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, size_t dat
return CA_STATUS_OK;
}
if (0 > ret)
int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
if (adapterIndex >= 0)
{
OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
//SSL_RES(peer, CA_STATUS_FAILED);
RemovePeerFromList(&peer->sep.endpoint);
oc_mutex_unlock(g_sslContextMutex);
return CA_STATUS_FAILED;
}
else if (0 < ret)
{
int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
{
g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
}
else
if (0 > ret)
{
OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
g_caSslContext->adapterCallbacks[adapterIndex].errorCallback(&peer->sep.endpoint, peer->recBuf.buff, peer->recBuf.len, CA_STATUS_FAILED);
RemovePeerFromList(&peer->sep.endpoint);
oc_mutex_unlock(g_sslContextMutex);
return CA_STATUS_FAILED;
}
else if (0 < ret)
{
g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
}
}
else
{
OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
RemovePeerFromList(&peer->sep.endpoint);
oc_mutex_unlock(g_sslContextMutex);
return CA_STATUS_FAILED;
}
}
......@@ -2266,11 +2311,14 @@ CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, size_t dat
void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
CAPacketSendCallback sendCallback,
CAErrorHandleCallback errorCallback,
CATransportAdapter_t type)
{
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
VERIFY_NON_NULL_VOID(errorCallback, NET_SSL_TAG, "errorCallback is NULL");
oc_mutex_lock(g_sslContextMutex);
if (NULL == g_caSslContext)
{
......@@ -2279,22 +2327,12 @@ void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
return;
}
switch (type)
int index = GetAdapterIndex(type);
if (index >= 0)
{
case CA_ADAPTER_IP:
g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
break;
case CA_ADAPTER_TCP:
g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
break;
case CA_ADAPTER_GATT_BTLE:
g_caSslContext->adapterCallbacks[2].recvCallback = recvCallback;
g_caSslContext->adapterCallbacks[2].sendCallback = sendCallback;
break;
default:
OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
g_caSslContext->adapterCallbacks[index].recvCallback = recvCallback;
g_caSslContext->adapterCallbacks[index].sendCallback = sendCallback;
g_caSslContext->adapterCallbacks[index].errorCallback = errorCallback;
}
oc_mutex_unlock(g_sslContextMutex);
......
......@@ -2824,6 +2824,13 @@ static void CALESecureReceiveDataCB(const CASecureEndpoint_t *sep,
}
#endif
static void CALEErrorHandlerInternal(const CAEndpoint_t *endpoint,
const void *data, size_t dataLen,
CAResult_t result)
{
g_errorHandler(endpoint, data, dataLen, result);
}
CAResult_t CAInitializeLE(CARegisterConnectivityCallback registerCallback,
CANetworkPacketReceivedCallback reqRespCallback,
CAAdapterChangeCallback netCallback,
......@@ -2890,7 +2897,7 @@ CAResult_t CAInitializeLE(CARegisterConnectivityCallback registerCallback,
}
else
{
CAsetSslAdapterCallbacks(CALESecureReceiveDataCB, CALESecureSendDataCB, CA_ADAPTER_GATT_BTLE);
CAsetSslAdapterCallbacks(CALESecureReceiveDataCB, CALESecureSendDataCB, CALEErrorHandlerInternal, CA_ADAPTER_GATT_BTLE);
}
#endif
......@@ -2982,7 +2989,7 @@ static void CATerminateLE()
#endif
#ifdef __WITH_DTLS__
CAsetSslAdapterCallbacks(NULL, NULL, CA_ADAPTER_GATT_BTLE);
CAsetSslAdapterCallbacks(NULL, NULL, NULL, CA_ADAPTER_GATT_BTLE);
#endif
CATerminateLEAdapterMutex();
......@@ -3748,8 +3755,7 @@ static void CALEErrorHandler(const char *remoteAddress,
remoteAddress,
0);
// if required, will be used to build remote endpoint
g_errorHandler(rep, data, dataLen, result);
CALEErrorHandlerInternal(rep, data, dataLen, result);
CAFreeEndpoint(rep);
......
......@@ -189,7 +189,7 @@ bool CAGetSecureEndpointAttributes(const CAEndpoint_t* peer, uint32_t* attribute
return success;
}
CAResult_t CAregisterSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
CAResult_t CAregisterSslHandshakeCallback(CAHandshakeErrorCallback tlsHandshakeCallback)
{
OIC_LOG(DEBUG, TAG, "CAregisterSslHandshakeCallback");
......
......@@ -1297,6 +1297,40 @@ void CAErrorHandler(const CAEndpoint_t *endpoint,
return;
}
#ifdef WITH_TCP
if (CAIsSupportedCoAPOverTCP(endpoint->adapter))
{
OIC_LOG(INFO, TAG, "retransmission is not supported");
}
else
#endif
{
//Fix up CoAP message to adjust it to current retransmission implementation
coap_hdr_t *hdr = (coap_hdr_t *)(pdu->transport_hdr);
hdr->type = CA_MSG_RESET;
hdr->code = CA_EMPTY;
// for retransmission
void *retransmissionPdu = NULL;
CARetransmissionReceivedData(&g_retransmissionContext, cadata->remoteEndpoint,
pdu->transport_hdr, pdu->length, &retransmissionPdu);
// get token from saved data in retransmission list
if (retransmissionPdu && cadata->errorInfo)
{
CAInfo_t *info = &cadata->errorInfo->info;
CAResult_t res = CAGetTokenFromPDU((const coap_hdr_transport_t *)retransmissionPdu,
info, endpoint);
if (CA_STATUS_OK != res)
{
OIC_LOG(ERROR, TAG, "fail to get Token from retransmission list");
OICFree(info->token);
info->tokenLength = 0;
}
}
OICFree(retransmissionPdu);
}
cadata->errorInfo->result = result;
CAQueueingThreadAddData(&g_receiveThread, cadata, sizeof(CAData_t));
......
......@@ -362,7 +362,7 @@ CAResult_t CAInitializeIP(CARegisterConnectivityCallback registerCallback,
}
else
{
CAsetSslAdapterCallbacks(CAIPPacketReceivedCB, CAIPPacketSendCB, CA_ADAPTER_IP);
CAsetSslAdapterCallbacks(CAIPPacketReceivedCB, CAIPPacketSendCB, CAIPErrorHandler, CA_ADAPTER_IP);
}
#endif
......@@ -540,7 +540,7 @@ CAResult_t CAStopIP()
void CATerminateIP()
{
#ifdef __WITH_DTLS__
CAsetSslAdapterCallbacks(NULL, NULL, CA_ADAPTER_IP);
CAsetSslAdapterCallbacks(NULL, NULL, NULL, CA_ADAPTER_IP);
#endif
CAIPSetPacketReceiveCallback(NULL);
......
......@@ -374,7 +374,7 @@ CAResult_t CAInitializeTCP(CARegisterConnectivityCallback registerCallback,
}
else
{
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPErrorHandler, CA_ADAPTER_TCP);
}
#endif
......@@ -557,6 +557,9 @@ CAResult_t CAStopTCP()
void CATerminateTCP()
{
#ifdef __WITH_TLS__
CAsetSslAdapterCallbacks(NULL, NULL, NULL, CA_ADAPTER_TCP);
#endif
CAStopTCP();
CATCPSetPacketReceiveCallback(NULL);
......
......@@ -888,6 +888,10 @@ static void CATCPPacketReceivedCB(const CASecureEndpoint_t *, const void *data,
msglen = dataLength;
}
static void CATCPPacketErrorCB(const CAEndpoint_t *, const void *, size_t, CAResult_t)
{
}
static void PacketReceive(unsigned char *data, int * datalen)
{
int n;
......@@ -1001,6 +1005,10 @@ static void CATCPPacketReceivedCB_server(const CASecureEndpoint_t *, const void
msglen = dataLength;
}
static void CATCPPacketErrorCB_server(const CAEndpoint_t *, const void *, size_t, CAResult_t)
{
}
static void PacketReceive_server(unsigned char *data, int * datalen)
{
int n;
......@@ -1797,11 +1805,13 @@ static int testCAsetSslAdapterCallbacks()
return 1;
}
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, (CATransportAdapter_t)0);
if (g_caSslContext->adapterCallbacks[0].recvCallback == NULL &&
g_caSslContext->adapterCallbacks[0].sendCallback == NULL &&
g_caSslContext->adapterCallbacks[1].recvCallback == NULL &&
g_caSslContext->adapterCallbacks[1].sendCallback == NULL)
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, (CATransportAdapter_t)0);
if (g_caSslContext->adapterCallbacks[0].recvCallback == NULL &&
g_caSslContext->adapterCallbacks[0].sendCallback == NULL &&
g_caSslContext->adapterCallbacks[0].errorCallback == NULL &&
g_caSslContext->adapterCallbacks[1].recvCallback == NULL &&
g_caSslContext->adapterCallbacks[1].sendCallback == NULL &&
g_caSslContext->adapterCallbacks[1].errorCallback == NULL)
{
ret = 0;
}
......@@ -1809,12 +1819,14 @@ static int testCAsetSslAdapterCallbacks()
{
ret = 1;
}
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_IP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
if (g_caSslContext->adapterCallbacks[0].recvCallback == CATCPPacketReceivedCB &&
g_caSslContext->adapterCallbacks[0].sendCallback == CATCPPacketSendCB &&
g_caSslContext->adapterCallbacks[1].recvCallback == CATCPPacketReceivedCB &&
g_caSslContext->adapterCallbacks[1].sendCallback == CATCPPacketSendCB)
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, CA_ADAPTER_IP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, CA_ADAPTER_TCP);
if (g_caSslContext->adapterCallbacks[0].recvCallback == CATCPPacketReceivedCB &&
g_caSslContext->adapterCallbacks[0].sendCallback == CATCPPacketSendCB &&
g_caSslContext->adapterCallbacks[0].errorCallback == CATCPPacketErrorCB &&
g_caSslContext->adapterCallbacks[1].recvCallback == CATCPPacketReceivedCB &&
g_caSslContext->adapterCallbacks[1].sendCallback == CATCPPacketSendCB &&
g_caSslContext->adapterCallbacks[1].errorCallback == CATCPPacketErrorCB)
{
ret += 0;
}
......@@ -2061,7 +2073,7 @@ static void * testCAencryptSsl(void * arg)
CAinitSslAdapter();
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, CA_ADAPTER_TCP);
CAsetPkixInfoCallback(infoCallback_that_loads_x509);
......@@ -2475,7 +2487,7 @@ static void * testCAdecryptSsl(void * arg)
CAinitSslAdapter();
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, CA_ADAPTER_TCP);
CAsetPkixInfoCallback(infoCallback_that_loads_x509);
......@@ -2598,7 +2610,7 @@ static int testCAdeinitSslAdapter()
CAinitSslAdapter();
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, CA_ADAPTER_TCP);
CAsetPkixInfoCallback(infoCallback_that_loads_x509);
......@@ -2648,7 +2660,7 @@ static void * testServer(void * arg)
CAinitSslAdapter();
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB_server, CATCPPacketSendCB_server, CA_ADAPTER_TCP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB_server, CATCPPacketSendCB_server, CATCPPacketErrorCB_server, CA_ADAPTER_TCP);
CAsetPkixInfoCallback(infoCallback_that_loads_x509);
CAsetCredentialTypesCallback(clutch);
......@@ -2977,7 +2989,7 @@ TEST(TLSAdapter, Test_11)
mbedtls_x509_crl_init(&g_caSslContext->crl);
oc_mutex_unlock(g_sslContextMutex);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CATCPPacketErrorCB, CA_ADAPTER_TCP);
CAsetPkixInfoCallback(infoCallback_that_loads_x509);
......
......@@ -1114,6 +1114,7 @@ typedef enum
*/
OC_STACK_AUTHENTICATION_FAILURE,
OC_STACK_NOT_ALLOWED_OXM,
OC_STACK_CONTINUE_OPERATION,