Commit cbf1ccad authored by Oleksii Beketov's avatar Oleksii Beketov Committed by Phil Coval
parent f3d056b1
......@@ -174,7 +174,7 @@ if (g_sslCallback)
* @param[in] ret error code
* @param[in] str debug string
* @param[in] mutex ca mutex
* @param[in] return error code
* @param[in] if code does not equal to -1 returns error code
* @param[in] msg allert message
*/
#define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
......@@ -203,7 +203,10 @@ if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) &&
oc_mutex_unlock(g_sslContextMutex); \
} \
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
return (error); \
if (-1 != error) \
{ \
return (error); \
} \
}
/** @def CHECK_MBEDTLS_RET(f, ...)
* A macro that checks \a f function return code
......@@ -363,6 +366,10 @@ typedef struct SslContext
bool cipherFlag[2];
int selectedCipher;
#ifdef __WITH_DTLS__
int timerId;
#endif
} SslContext_t;
/**
......@@ -1187,7 +1194,18 @@ static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
return tep;
}
#ifdef __WITH_DTLS__
/**
* Stops DTLS retransmission.
*/
static void StopRetransmit()
{
if (g_caSslContext)
{
unregisterTimer(g_caSslContext->timerId);
}
}
#endif
void CAdeinitSslAdapter()
{
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
......@@ -1214,7 +1232,9 @@ void CAdeinitSslAdapter()
#endif // __WITH_DTLS__
mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
mbedtls_entropy_free(&g_caSslContext->entropy);
#ifdef __WITH_DTLS__
StopRetransmit();
#endif
// De-initialize tls Context
OICFree(g_caSslContext);
g_caSslContext = NULL;
......@@ -1257,30 +1277,25 @@ static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
return 0;
}
#ifdef __WITH_DTLS__
/**
* Starts DTLS retransmission.
*/
static void StartRetransmit()
static int StartRetransmit()
{
static int timerId = -1;
uint32_t listIndex = 0;
uint32_t listLength = 0;
SslEndPoint_t *tep = NULL;
if (timerId != -1)
if (NULL == g_caSslContext)
{
OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
return -1;
}
oc_mutex_lock(g_sslContextMutex);
if (g_caSslContext->timerId != -1)
{
//clear previous timer
unregisterTimer(timerId);
oc_mutex_lock(g_sslContextMutex);
//stop retransmission if context is invalid
if(NULL == g_caSslContext)
{
OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
oc_mutex_unlock(g_sslContextMutex);
return;
}
unregisterTimer(g_caSslContext->timerId);
listLength = u_arraylist_length(g_caSslContext->peerList);
for (listIndex = 0; listIndex < listLength; listIndex++)
......@@ -1293,16 +1308,20 @@ static void StartRetransmit()
continue;
}
int ret = mbedtls_ssl_handshake_step(&tep->ssl);
if (0 != ret && MBEDTLS_ERR_SSL_CONN_EOF != ret)
if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
{
OIC_LOG_V(ERROR, NET_SSL_TAG, "Retransmission error: -0x%x", -ret);
SSL_CHECK_FAIL(tep, ret, "Retransmission", NULL, -1,
MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
}
}
oc_mutex_unlock(g_sslContextMutex);
}
//start new timer
registerTimer(RETRANSMISSION_TIME, &timerId, (void *) StartRetransmit);
registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
oc_mutex_unlock(g_sslContextMutex);
return 0;
}
#endif
CAResult_t CAinitSslAdapter()
{
......@@ -1446,10 +1465,13 @@ CAResult_t CAinitSslAdapter()
mbedtls_x509_crl_init(&g_caSslContext->crl);
#ifdef __WITH_DTLS__
StartRetransmit();
g_caSslContext->timerId = -1;
#endif
oc_mutex_unlock(g_sslContextMutex);
oc_mutex_unlock(g_sslContextMutex);
#ifdef __WITH_DTLS__
StartRetransmit();
#endif
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
return CA_STATUS_OK;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment