len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-12-16 00:25:07 -05:00
Code Issues Projects Releases Packages Wiki Activity

Update unused headers and NULL checks for platform wrappers (#367)

Browse source 
- Remove unused headers in the plaintext FreeRTOS sockets wrapper
- Update MFLN even though the preceding optional configuration returned an mbedTLS error
- Remove an unused `NULL` check in a private method that is already checked by the public connect method
- Add a `NULL` check to the public disconnect method

Co-authored-by: Joseph Julicher <jjulicher@mac.com>
This commit is contained in:
Oscar Michael Abrina 2020-10-28 11:11:55 -07:00 committed by GitHub
parent ca9dcdad7f
commit 559772a4db
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 86 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

2
FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/plaintext_freertos.c
View file

@ -24,8 +24,6 @@
/* FreeRTOS includes. */ /* FreeRTOS includes. */
#include "FreeRTOS.h" #include "FreeRTOS.h"
#include "atomic.h"
#include "semphr.h"
/* FreeRTOS+TCP includes. */ /* FreeRTOS+TCP includes. */
#include "FreeRTOS_IP.h" #include "FreeRTOS_IP.h"

83
FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/tls_freertos.c
View file

@ -328,12 +328,9 @@ static int32_t setCredentials( SSLContext_t * pSslContext,
mbedtls_ssl_conf_cert_profile( &( pSslContext->config ), mbedtls_ssl_conf_cert_profile( &( pSslContext->config ),
&( pSslContext->certProfile ) ); &( pSslContext->certProfile ) );
if( pNetworkCredentials->pRootCa != NULL ) mbedtlsError = setRootCa( pSslContext,
{ pNetworkCredentials->pRootCa,
mbedtlsError = setRootCa( pSslContext, pNetworkCredentials->rootCaSize );
pNetworkCredentials->pRootCa,
pNetworkCredentials->rootCaSize );
}
if( ( pNetworkCredentials->pClientCert != NULL ) && if( ( pNetworkCredentials->pClientCert != NULL ) &&
( pNetworkCredentials->pPrivateKey != NULL ) ) ( pNetworkCredentials->pPrivateKey != NULL ) )
@ -405,8 +402,7 @@ static void setOptionalConfigurations( SSLContext_t * pSslContext,
/* Set Maximum Fragment Length if enabled. */ /* Set Maximum Fragment Length if enabled. */
#ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH #ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
if( 0 == mbedtlsError )
{
/* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted. /* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted.
* See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information. * See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information.
* *
@ -420,9 +416,7 @@ static void setOptionalConfigurations( SSLContext_t * pSslContext,
mbedtlsHighLevelCodeOrDefault( mbedtlsError ), mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) ); mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
} }
} #endif /* ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#endif
} }
/*-----------------------------------------------------------*/ /*-----------------------------------------------------------*/
@ -672,12 +666,14 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
/* Clean up on failure. */ /* Clean up on failure. */
if( returnStatus != TLS_TRANSPORT_SUCCESS ) if( returnStatus != TLS_TRANSPORT_SUCCESS )
{ {
sslContextFree( &( pNetworkContext->sslContext ) ); if( pNetworkContext != NULL )
if( ( pNetworkContext != NULL ) &&
( pNetworkContext->tcpSocket != FREERTOS_INVALID_SOCKET ) )
{ {
( void ) FreeRTOS_closesocket( pNetworkContext->tcpSocket ); sslContextFree( &( pNetworkContext->sslContext ) );
if( pNetworkContext->tcpSocket != FREERTOS_INVALID_SOCKET )
{
( void ) FreeRTOS_closesocket( pNetworkContext->tcpSocket );
}
} }
} }
else else
@ -695,40 +691,43 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
{ {
BaseType_t tlsStatus = 0; BaseType_t tlsStatus = 0;
/* Attempting to terminate TLS connection. */ if( pNetworkContext != NULL )
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
/* Ignore the WANT_READ and WANT_WRITE return values. */
if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
if( tlsStatus == 0 ) /* Attempting to terminate TLS connection. */
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
/* Ignore the WANT_READ and WANT_WRITE return values. */
if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
LogInfo( ( "(Network connection %p) TLS close-notify sent.", if( tlsStatus == 0 )
pNetworkContext ) ); {
LogInfo( ( "(Network connection %p) TLS close-notify sent.",
pNetworkContext ) );
}
else
{
LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.",
pNetworkContext,
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
} }
else else
{ {
LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.", /* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
pNetworkContext, LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
mbedtlsHighLevelCodeOrDefault( tlsStatus ), "received %s as the TLS status can be ignored for close-notify."
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) ); ( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
pNetworkContext ) );
} }
}
else
{
/* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
"received %s as the TLS status can be ignored for close-notify."
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
pNetworkContext ) );
}
/* Call socket shutdown function to close connection. */ /* Call socket shutdown function to close connection. */
Sockets_Disconnect( pNetworkContext->tcpSocket ); Sockets_Disconnect( pNetworkContext->tcpSocket );
/* Free mbed TLS contexts. */ /* Free mbed TLS contexts. */
sslContextFree( &( pNetworkContext->sslContext ) ); sslContextFree( &( pNetworkContext->sslContext ) );
}
/* Clear the mutex functions for mbed TLS thread safety. */ /* Clear the mutex functions for mbed TLS thread safety. */
mbedtls_threading_free_alt(); mbedtls_threading_free_alt();

87
FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/tls_freertos_pkcs11.c
View file

@ -395,24 +395,24 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
/* Set Maximum Fragment Length if enabled. */ /* Set Maximum Fragment Length if enabled. */
#ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH #ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
if( returnStatus == TLS_TRANSPORT_SUCCESS ) if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
/* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted.
* See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information.
*
* Smaller values can be found in "mbedtls/include/ssl.h".
*/
mbedtlsError = mbedtls_ssl_conf_max_frag_len( &( pNetworkContext->sslContext.config ), MBEDTLS_SSL_MAX_FRAG_LEN_4096 );
if( mbedtlsError != 0 )
{ {
LogError( ( "Failed to maximum fragment length extension: mbedTLSError= %s : %s.", /* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted.
mbedtlsHighLevelCodeOrDefault( mbedtlsError ), * See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information.
mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) ); *
returnStatus = TLS_TRANSPORT_INTERNAL_ERROR; * Smaller values can be found in "mbedtls/include/ssl.h".
*/
mbedtlsError = mbedtls_ssl_conf_max_frag_len( &( pNetworkContext->sslContext.config ), MBEDTLS_SSL_MAX_FRAG_LEN_4096 );
if( mbedtlsError != 0 )
{
LogError( ( "Failed to maximum fragment length extension: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
returnStatus = TLS_TRANSPORT_INTERNAL_ERROR;
}
} }
} #endif /* ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#endif
if( returnStatus == TLS_TRANSPORT_SUCCESS ) if( returnStatus == TLS_TRANSPORT_SUCCESS )
{ {
@ -853,40 +853,43 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
{ {
BaseType_t tlsStatus = 0; BaseType_t tlsStatus = 0;
/* Attempting to terminate TLS connection. */ if( pNetworkContext != NULL )
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
/* Ignore the WANT_READ and WANT_WRITE return values. */
if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
if( tlsStatus == 0 ) /* Attempting to terminate TLS connection. */
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
/* Ignore the WANT_READ and WANT_WRITE return values. */
if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
LogInfo( ( "(Network connection %p) TLS close-notify sent.", if( tlsStatus == 0 )
pNetworkContext ) ); {
LogInfo( ( "(Network connection %p) TLS close-notify sent.",
pNetworkContext ) );
}
else
{
LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.",
pNetworkContext,
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
} }
else else
{ {
LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.", /* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
pNetworkContext, LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
mbedtlsHighLevelCodeOrDefault( tlsStatus ), "received %s as the TLS status can be ignored for close-notify."
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) ); ( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
pNetworkContext ) );
} }
}
else
{
/* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
"received %s as the TLS status can be ignored for close-notify."
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
pNetworkContext ) );
}
/* Call socket shutdown function to close connection. */ /* Call socket shutdown function to close connection. */
Sockets_Disconnect( pNetworkContext->tcpSocket ); Sockets_Disconnect( pNetworkContext->tcpSocket );
/* Free mbed TLS contexts. */ /* Free mbed TLS contexts. */
sslContextFree( &( pNetworkContext->sslContext ) ); sslContextFree( &( pNetworkContext->sslContext ) );
}
/* Clear the mutex functions for mbed TLS thread safety. */ /* Clear the mutex functions for mbed TLS thread safety. */
mbedtls_threading_free_alt(); mbedtls_threading_free_alt();