mirror of
				https://github.com/esp8266/Arduino.git
				synced 2025-10-25 18:38:07 +03:00 
			
		
		
		
	Fix BearSSL Server WDT (#5702)
Fixes #5701 WDTs and other issues with BearSSL::WiFiServerSecure The BSSL server was creating the client it returns on a connection in a way that caused the counter for the stack_thunk to get out of sync and cause it to be freed improperly by having the destructor be called one more time than the constructor. Looks like RVO. Rewrite the ::available() function in order to avoid this issue with help from @devyte.
This commit is contained in:
		
				
					committed by
					
						 GitHub
						GitHub
					
				
			
			
				
	
			
			
			
						parent
						
							7d512c4c7c
						
					
				
				
					commit
					3f8cd46dc2
				
			| @@ -76,6 +76,8 @@ void WiFiServerSecure::setECCert(const X509List *chain, unsigned cert_issuer_key | |||||||
| // Return a client if there's an available connection waiting.  If one is returned, | // Return a client if there's an available connection waiting.  If one is returned, | ||||||
| // then any validation (i.e. client cert checking) will have succeeded. | // then any validation (i.e. client cert checking) will have succeeded. | ||||||
| WiFiClientSecure WiFiServerSecure::available(uint8_t* status) { | WiFiClientSecure WiFiServerSecure::available(uint8_t* status) { | ||||||
|  |   WiFiClientSecure client; | ||||||
|  |  | ||||||
|   (void) status; // Unused |   (void) status; // Unused | ||||||
|   if (_unclaimed) { |   if (_unclaimed) { | ||||||
|     if (_sk && _sk->isRSA()) { |     if (_sk && _sk->isRSA()) { | ||||||
| @@ -83,22 +85,21 @@ WiFiClientSecure WiFiServerSecure::available(uint8_t* status) { | |||||||
|       _unclaimed = _unclaimed->next(); |       _unclaimed = _unclaimed->next(); | ||||||
|       result.setNoDelay(_noDelay); |       result.setNoDelay(_noDelay); | ||||||
|       DEBUGV("WS:av\r\n"); |       DEBUGV("WS:av\r\n"); | ||||||
|       return result; |       client = result; | ||||||
|     } else if (_sk && _sk->isEC()) { |     } else if (_sk && _sk->isEC()) { | ||||||
|       WiFiClientSecure result(_unclaimed, _chain, _cert_issuer_key_type, _sk, _iobuf_in_size, _iobuf_out_size, _client_CA_ta); |       WiFiClientSecure result(_unclaimed, _chain, _cert_issuer_key_type, _sk, _iobuf_in_size, _iobuf_out_size, _client_CA_ta); | ||||||
|       _unclaimed = _unclaimed->next(); |       _unclaimed = _unclaimed->next(); | ||||||
|       result.setNoDelay(_noDelay); |       result.setNoDelay(_noDelay); | ||||||
|       DEBUGV("WS:av\r\n"); |       DEBUGV("WS:av\r\n"); | ||||||
|       return result; |       client = result; | ||||||
|     } else { |     } else { | ||||||
|       // No key was defined, so we can't actually accept and attempt accept() and SSL handshake. |       // No key was defined, so we can't actually accept and attempt accept() and SSL handshake. | ||||||
|       DEBUGV("WS:nokey\r\n"); |       DEBUGV("WS:nokey\r\n"); | ||||||
|     } |     } | ||||||
|  |   } else { | ||||||
|  |     optimistic_yield(1000); | ||||||
|   } |   } | ||||||
|  |   return client; | ||||||
|   // Something weird, return a no-op object |  | ||||||
|   optimistic_yield(1000); |  | ||||||
|   return WiFiClientSecure(); |  | ||||||
| } | } | ||||||
|  |  | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user