arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-07-30 16:24:09 +03:00
Code Activity

Add option for blocking reads

Browse Source
This commit is contained in:
Ivan Grokhotkov
2016-05-10 23:17:44 +08:00
parent cd6c04a809
commit 139914f312
3 changed files with 29 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ssl/ssl.h
View File

@ -83,6 +83,7 @@ extern "C" {
#define SSL_DISPLAY_CERTS 0x00200000 #define SSL_DISPLAY_CERTS 0x00200000
#define SSL_DISPLAY_RSA 0x00400000 #define SSL_DISPLAY_RSA 0x00400000
#define SSL_CONNECT_IN_PARTS 0x00800000 #define SSL_CONNECT_IN_PARTS 0x00800000
#define SSL_READ_BLOCKING 0x01000000
/* errors that can be generated */ /* errors that can be generated */
#define SSL_OK 0 #define SSL_OK 0

37
ssl/tls1.c
View File

@ -260,21 +260,23 @@ EXP_FUNC void STDCALL ssl_free(SSL *ssl)
*/ */
EXP_FUNC int STDCALL ssl_read(SSL *ssl, uint8_t **in_data) EXP_FUNC int STDCALL ssl_read(SSL *ssl, uint8_t **in_data)
{ {
int ret = basic_read(ssl, in_data); int ret = SSL_OK;
do {
ret= basic_read(ssl, in_data);
/* check for return code so we can send an alert */ /* check for return code so we can send an alert */
if (ret < SSL_OK && ret != SSL_CLOSE_NOTIFY) if (ret < SSL_OK && ret != SSL_CLOSE_NOTIFY)
{
if (ret != SSL_ERROR_CONN_LOST)
{ {
send_alert(ssl, ret); if (ret != SSL_ERROR_CONN_LOST)
#ifndef CONFIG_SSL_SKELETON_MODE {
/* something nasty happened, so get rid of this session */ send_alert(ssl, ret);
kill_ssl_session(ssl->ssl_ctx->ssl_sessions, ssl); #ifndef CONFIG_SSL_SKELETON_MODE
#endif /* something nasty happened, so get rid of this session */
kill_ssl_session(ssl->ssl_ctx->ssl_sessions, ssl);
#endif
}
} }
} } while (IS_SET_SSL_FLAG(SSL_READ_BLOCKING) && (ssl->got_bytes < ssl->need_bytes) && ret == 0 && !IS_SET_SSL_FLAG(SSL_NEED_RECORD));
return ret; return ret;
} }
@ -558,6 +560,9 @@ SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd)
/* a bit hacky but saves a few bytes of memory */ /* a bit hacky but saves a few bytes of memory */
ssl->flag |= ssl_ctx->options; ssl->flag |= ssl_ctx->options;
if (IS_SET_SSL_FLAG(SSL_CONNECT_IN_PARTS) && IS_SET_SSL_FLAG(SSL_READ_BLOCKING)) {
CLR_SSL_FLAG(SSL_READ_BLOCKING);
}
SSL_CTX_LOCK(ssl_ctx->mutex); SSL_CTX_LOCK(ssl_ctx->mutex);
if (ssl_ctx->head == NULL) if (ssl_ctx->head == NULL)
@ -1293,6 +1298,14 @@ int basic_read(SSL *ssl, uint8_t **in_data)
ssl->need_bytes = (buf[3] << 8) + buf[4]; ssl->need_bytes = (buf[3] << 8) + buf[4];
/* do we violate the spec with the message size? */ /* do we violate the spec with the message size? */
if (ssl->need_bytes > RT_MAX_PLAIN_LENGTH+RT_EXTRA-BM_RECORD_OFFSET)
{
printf("ssl->need_bytes=%d violates spec\r\n", ssl->need_bytes, RT_MAX_PLAIN_LENGTH+RT_EXTRA-BM_RECORD_OFFSET);
ret = SSL_ERROR_INVALID_PROT_MSG;
goto error;
}
/* is the allocated buffer large enough to handle all the data? if not, increase its size*/
if (ssl->need_bytes > ssl->max_plain_length+RT_EXTRA-BM_RECORD_OFFSET) if (ssl->need_bytes > ssl->max_plain_length+RT_EXTRA-BM_RECORD_OFFSET)
{ {
printf("ssl->need_bytes=%d > %d\r\n", ssl->need_bytes, ssl->max_plain_length+RT_EXTRA-BM_RECORD_OFFSET); printf("ssl->need_bytes=%d > %d\r\n", ssl->need_bytes, ssl->max_plain_length+RT_EXTRA-BM_RECORD_OFFSET);

3
ssl/tls1_clnt.c
View File

@ -124,6 +124,9 @@ int do_clnt_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len)
case HS_FINISHED: case HS_FINISHED:
ret = process_finished(ssl, buf, hs_len); ret = process_finished(ssl, buf, hs_len);
disposable_free(ssl); disposable_free(ssl);
if (ssl->ssl_ctx->options & SSL_READ_BLOCKING) {
ssl->flag |= SSL_READ_BLOCKING;
}
/* note: client renegotiation is not allowed after this */ /* note: client renegotiation is not allowed after this */
break; break;