len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-29 08:46:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

Return error if invalid input detected in transport layer (Send/Recv) (#773)

Browse source 
* return error if invalid input detected in transport layer
This commit is contained in:
ActoryOu 2022-01-11 11:08:43 +08:00 committed by GitHub
parent 4382969a10
commit 9b27a5de4e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 310 additions and 171 deletions
Download patch file Download diff file Expand all files Collapse all files

126
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/using_mbedtls.c
View file

@ -773,35 +773,52 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
LogDebug( ( "Failed to read data. However, a read can be retried on this error. " LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
"mbedTLSError= %s : %s.", tlsStatus = -1;
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry read
* on these errors. */
tlsStatus = 0;
} }
else if( tlsStatus < 0 ) else if( pBuffer == NULL )
{ {
LogError( ( "Failed to read data: mbedTLSError= %s : %s.", LogError( ( "invalid input, pBuffer == NULL" ) );
mbedtlsHighLevelCodeOrDefault( tlsStatus ), tlsStatus = -1;
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) ); }
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
} }
else else
{ {
/* Empty else marker. */ pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{
LogDebug( ( "Failed to read data. However, a read can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry read
* on these errors. */
tlsStatus = 0;
}
else if( tlsStatus < 0 )
{
LogError( ( "Failed to read data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
else
{
/* Empty else marker. */
}
} }
return tlsStatus; return tlsStatus;
@ -815,35 +832,52 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
LogDebug( ( "Failed to send data. However, send can be retried on this error. " LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
"mbedTLSError= %s : %s.", tlsStatus = -1;
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry send
* on these errors. */
tlsStatus = 0;
} }
else if( tlsStatus < 0 ) else if( pBuffer == NULL )
{ {
LogError( ( "Failed to send data: mbedTLSError= %s : %s.", LogError( ( "invalid input, pBuffer == NULL" ) );
mbedtlsHighLevelCodeOrDefault( tlsStatus ), tlsStatus = -1;
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) ); }
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
} }
else else
{ {
/* Empty else marker. */ pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{
LogDebug( ( "Failed to send data. However, send can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry send
* on these errors. */
tlsStatus = 0;
}
else if( tlsStatus < 0 )
{
LogError( ( "Failed to send data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
else
{
/* Empty else marker. */
}
} }
return tlsStatus; return tlsStatus;

159
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls_pkcs11/using_mbedtls_pkcs11.c
View file

@ -88,7 +88,7 @@ static const char * pNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>";
* @brief Utility for converting the high-level code in an mbedTLS error to string, * @brief Utility for converting the high-level code in an mbedTLS error to string,
* if the code-contains a high-level code; otherwise, using a default string. * if the code-contains a high-level code; otherwise, using a default string.
*/ */
#define mbedtlsHighLevelCodeOrDefault( mbedTlsCode ) \ #define mbedtlsHighLevelCodeOrDefault( mbedTlsCode ) \
( mbedtls_high_level_strerr( mbedTlsCode ) != NULL ) ? \ ( mbedtls_high_level_strerr( mbedTlsCode ) != NULL ) ? \
mbedtls_high_level_strerr( mbedTlsCode ) : pNoHighLevelMbedTlsCodeStr mbedtls_high_level_strerr( mbedTlsCode ) : pNoHighLevelMbedTlsCodeStr
@ -96,7 +96,7 @@ static const char * pNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>";
* @brief Utility for converting the level-level code in an mbedTLS error to string, * @brief Utility for converting the level-level code in an mbedTLS error to string,
* if the code-contains a level-level code; otherwise, using a default string. * if the code-contains a level-level code; otherwise, using a default string.
*/ */
#define mbedtlsLowLevelCodeOrDefault( mbedTlsCode ) \ #define mbedtlsLowLevelCodeOrDefault( mbedTlsCode ) \
( mbedtls_low_level_strerr( mbedTlsCode ) != NULL ) ? \ ( mbedtls_low_level_strerr( mbedTlsCode ) != NULL ) ? \
mbedtls_low_level_strerr( mbedTlsCode ) : pNoLowLevelMbedTlsCodeStr mbedtls_low_level_strerr( mbedTlsCode ) : pNoLowLevelMbedTlsCodeStr
@ -208,9 +208,9 @@ static int32_t privateKeySigningCallback( void * pvContext,
size_t xHashLen, size_t xHashLen,
unsigned char * pucSig, unsigned char * pucSig,
size_t * pxSigLen, size_t * pxSigLen,
int32_t ( * piRng )( void *, int32_t ( *piRng )( void *,
unsigned char *, unsigned char *,
size_t ), size_t ),
void * pvRng ); void * pvRng );
@ -703,19 +703,19 @@ static CK_RV initializeClientKeys( SSLContext_t * pxCtx,
pxCtx->privKeyInfo.get_bitlen = NULL; pxCtx->privKeyInfo.get_bitlen = NULL;
pxCtx->privKeyInfo.can_do = canDoStub; pxCtx->privKeyInfo.can_do = canDoStub;
pxCtx->privKeyInfo.verify_func = NULL; pxCtx->privKeyInfo.verify_func = NULL;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined( MBEDTLS_ECDSA_C ) && defined( MBEDTLS_ECP_RESTARTABLE )
pxCtx->privKeyInfo.verify_rs_func = NULL; pxCtx->privKeyInfo.verify_rs_func = NULL;
pxCtx->privKeyInfo.sign_rs_func = NULL; pxCtx->privKeyInfo.sign_rs_func = NULL;
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
pxCtx->privKeyInfo.decrypt_func = NULL; pxCtx->privKeyInfo.decrypt_func = NULL;
pxCtx->privKeyInfo.encrypt_func = NULL; pxCtx->privKeyInfo.encrypt_func = NULL;
pxCtx->privKeyInfo.check_pair_func = NULL; pxCtx->privKeyInfo.check_pair_func = NULL;
pxCtx->privKeyInfo.ctx_alloc_func = NULL; pxCtx->privKeyInfo.ctx_alloc_func = NULL;
pxCtx->privKeyInfo.ctx_free_func = NULL; pxCtx->privKeyInfo.ctx_free_func = NULL;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined( MBEDTLS_ECDSA_C ) && defined( MBEDTLS_ECP_RESTARTABLE )
pxCtx->privKeyInfo.rs_alloc_func = NULL; pxCtx->privKeyInfo.rs_alloc_func = NULL;
pxCtx->privKeyInfo.rs_free_func = NULL; pxCtx->privKeyInfo.rs_free_func = NULL;
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
pxCtx->privKeyInfo.debug_func = NULL; pxCtx->privKeyInfo.debug_func = NULL;
pxCtx->privKeyInfo.sign_func = privateKeySigningCallback; pxCtx->privKeyInfo.sign_func = privateKeySigningCallback;
@ -737,9 +737,9 @@ static int32_t privateKeySigningCallback( void * pvContext,
size_t xHashLen, size_t xHashLen,
unsigned char * pucSig, unsigned char * pucSig,
size_t * pxSigLen, size_t * pxSigLen,
int32_t ( * piRng )( void *, int32_t ( *piRng )( void *,
unsigned char *, unsigned char *,
size_t ), size_t ),
void * pvRng ) void * pvRng )
{ {
CK_RV xResult = CKR_OK; CK_RV xResult = CKR_OK;
@ -923,7 +923,7 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
BaseType_t tlsStatus = 0; BaseType_t tlsStatus = 0;
if( pNetworkContext != NULL && pNetworkContext->pParams != NULL ) if( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) )
{ {
pTlsTransportParams = pNetworkContext->pParams; pTlsTransportParams = pNetworkContext->pParams;
/* Attempting to terminate TLS connection. */ /* Attempting to terminate TLS connection. */
@ -975,35 +975,52 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
LogDebug( ( "Failed to read data. However, a read can be retried on this error. " LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
"mbedTLSError= %s : %s.", tlsStatus = -1;
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry read
* on these errors. */
tlsStatus = 0;
} }
else if( tlsStatus < 0 ) else if( pBuffer == NULL )
{ {
LogError( ( "Failed to read data: mbedTLSError= %s : %s.", LogError( ( "invalid input, pBuffer == NULL" ) );
mbedtlsHighLevelCodeOrDefault( tlsStatus ), tlsStatus = -1;
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) ); }
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
} }
else else
{ {
/* Empty else marker. */ pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{
LogDebug( ( "Failed to read data. However, a read can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry read
* on these errors. */
tlsStatus = 0;
}
else if( tlsStatus < 0 )
{
LogError( ( "Failed to read data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
else
{
/* Empty else marker. */
}
} }
return tlsStatus; return tlsStatus;
@ -1018,35 +1035,51 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{ {
LogDebug( ( "Failed to send data. However, send can be retried on this error. " LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
"mbedTLSError= %s : %s.", tlsStatus = -1;
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry send
* on these errors. */
tlsStatus = 0;
} }
else if( tlsStatus < 0 ) else if( pBuffer == NULL )
{ {
LogError( ( "Failed to send data: mbedTLSError= %s : %s.", LogError( ( "invalid input, pBuffer == NULL" ) );
mbedtlsHighLevelCodeOrDefault( tlsStatus ), tlsStatus = -1;
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) ); }
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
} }
else else
{ {
/* Empty else marker. */ pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{
LogDebug( ( "Failed to send data. However, send can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry send
* on these errors. */
tlsStatus = 0;
}
else if( tlsStatus < 0 )
{
LogError( ( "Failed to send data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
else
{
/* Empty else marker. */
}
} }
return tlsStatus; return tlsStatus;

114
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_plaintext/using_plaintext.c
View file

@ -133,30 +133,46 @@ int32_t Plaintext_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
PlaintextTransportParams_t * pPlaintextTransportParams = NULL; PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
int32_t socketStatus = 1; int32_t socketStatus = 1;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
pPlaintextTransportParams = pNetworkContext->pParams;
/* The TCP socket may have a receive block time. If bytesToRecv is greater
* than 1 then a frame is likely already part way through reception and
* blocking to wait for the desired number of bytes to be available is the
* most efficient thing to do. If bytesToRecv is 1 then this may be a
* speculative call to read to find the start of a new frame, in which case
* blocking is not desirable as it could block an entire protocol agent
* task for the duration of the read block time and therefore negatively
* impact performance. So if bytesToRecv is 1 then don't call recv unless
* it is known that bytes are already available. */
if( bytesToRecv == 1 )
{ {
socketStatus = ( int32_t ) FreeRTOS_recvcount( pPlaintextTransportParams->tcpSocket ); LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
socketStatus = -1;
} }
else if( pBuffer == NULL )
if( socketStatus > 0 )
{ {
socketStatus = FreeRTOS_recv( pPlaintextTransportParams->tcpSocket, LogError( ( "invalid input, pBuffer == NULL" ) );
pBuffer, socketStatus = -1;
bytesToRecv, }
0 ); else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
socketStatus = -1;
}
else
{
pPlaintextTransportParams = pNetworkContext->pParams;
/* The TCP socket may have a receive block time. If bytesToRecv is greater
* than 1 then a frame is likely already part way through reception and
* blocking to wait for the desired number of bytes to be available is the
* most efficient thing to do. If bytesToRecv is 1 then this may be a
* speculative call to read to find the start of a new frame, in which case
* blocking is not desirable as it could block an entire protocol agent
* task for the duration of the read block time and therefore negatively
* impact performance. So if bytesToRecv is 1 then don't call recv unless
* it is known that bytes are already available. */
if( bytesToRecv == 1 )
{
socketStatus = ( int32_t ) FreeRTOS_recvcount( pPlaintextTransportParams->tcpSocket );
}
if( socketStatus > 0 )
{
socketStatus = FreeRTOS_recv( pPlaintextTransportParams->tcpSocket,
pBuffer,
bytesToRecv,
0 );
}
} }
return socketStatus; return socketStatus;
@ -169,31 +185,47 @@ int32_t Plaintext_FreeRTOS_send( NetworkContext_t * pNetworkContext,
PlaintextTransportParams_t * pPlaintextTransportParams = NULL; PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
int32_t socketStatus = 0; int32_t socketStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
pPlaintextTransportParams = pNetworkContext->pParams;
socketStatus = FreeRTOS_send( pPlaintextTransportParams->tcpSocket,
pBuffer,
bytesToSend,
0 );
if( socketStatus == -pdFREERTOS_ERRNO_ENOSPC )
{ {
/* The TCP buffers could not accept any more bytes so zero bytes were sent. LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
* This is not necessarily an error that should cause a disconnect socketStatus = -1;
* unless it persists. */
socketStatus = 0;
} }
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
socketStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
socketStatus = -1;
}
else
{
pPlaintextTransportParams = pNetworkContext->pParams;
socketStatus = FreeRTOS_send( pPlaintextTransportParams->tcpSocket,
pBuffer,
bytesToSend,
0 );
#if ( configUSE_PREEMPTION == 0 ) if( socketStatus == -pdFREERTOS_ERRNO_ENOSPC )
{ {
/* FreeRTOS_send adds the packet to be sent to the IP task's queue for later processing. /* The TCP buffers could not accept any more bytes so zero bytes were sent.
* The packet is sent later by the IP task. When FreeRTOS is used in collaborative * This is not necessarily an error that should cause a disconnect
* mode (i.e. configUSE_PREEMPTION is 0), call taskYIELD to give IP task a chance to run * unless it persists. */
* so that the packet is actually sent before this function returns. */ socketStatus = 0;
taskYIELD();
} }
#endif
#if ( configUSE_PREEMPTION == 0 )
{
/* FreeRTOS_send adds the packet to be sent to the IP task's queue for later processing.
* The packet is sent later by the IP task. When FreeRTOS is used in collaborative
* mode (i.e. configUSE_PREEMPTION is 0), call taskYIELD to give IP task a chance to run
* so that the packet is actually sent before this function returns. */
taskYIELD();
}
#endif
}
return socketStatus; return socketStatus;
} }

82
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_wolfSSL/using_wolfSSL.c
View file

@ -242,7 +242,7 @@ static TlsTransportStatus_t loadCredentials( NetworkContext_t * pNetCtx,
} }
return returnStatus; return returnStatus;
#else /* if defined( democonfigCREDENTIALS_IN_BUFFER ) */ #else /* if defined( democonfigCREDENTIALS_IN_BUFFER ) */
if( wolfSSL_CTX_load_verify_locations( pNetCtx->sslContext.ctx, if( wolfSSL_CTX_load_verify_locations( pNetCtx->sslContext.ctx,
( const char * ) ( pNetCred->pRootCa ), NULL ) == SSL_SUCCESS ) ( const char * ) ( pNetCred->pRootCa ), NULL ) == SSL_SUCCESS )
{ {
@ -482,23 +482,43 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
{ {
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
int iResult = 0; int iResult = 0;
WOLFSSL * pSsl = pNetworkContext->sslContext.ssl; WOLFSSL * pSsl = NULL;
iResult = wolfSSL_read( pSsl, pBuffer, bytesToRecv ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->sslContext.ssl == NULL ) )
if( iResult > 0 )
{ {
tlsStatus = iResult; LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
} }
else if( wolfSSL_want_read( pSsl ) == 1 ) else if( pBuffer == NULL )
{ {
tlsStatus = 0; LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
} }
else else
{ {
tlsStatus = wolfSSL_state( pSsl ); pSsl = pNetworkContext->sslContext.ssl;
LogError( ( "Error from wolfSSL_read %d : %s ",
iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) ); iResult = wolfSSL_read( pSsl, pBuffer, bytesToRecv );
if( iResult > 0 )
{
tlsStatus = iResult;
}
else if( wolfSSL_want_read( pSsl ) == 1 )
{
tlsStatus = 0;
}
else
{
tlsStatus = wolfSSL_state( pSsl );
LogError( ( "Error from wolfSSL_read %d : %s ",
iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) );
}
} }
return tlsStatus; return tlsStatus;
@ -512,23 +532,43 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
{ {
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
int iResult = 0; int iResult = 0;
WOLFSSL * pSsl = pNetworkContext->sslContext.ssl; WOLFSSL * pSsl = NULL;
iResult = wolfSSL_write( pSsl, pBuffer, bytesToSend ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->sslContext.ssl == NULL ) )
if( iResult > 0 )
{ {
tlsStatus = iResult; LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
} }
else if( wolfSSL_want_write( pSsl ) == 1 ) else if( pBuffer == NULL )
{ {
tlsStatus = 0; LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
} }
else else
{ {
tlsStatus = wolfSSL_state( pSsl ); pSsl = pNetworkContext->sslContext.ssl;
LogError( ( "Error from wolfSL_write %d : %s ",
iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) ); iResult = wolfSSL_write( pSsl, pBuffer, bytesToSend );
if( iResult > 0 )
{
tlsStatus = iResult;
}
else if( wolfSSL_want_write( pSsl ) == 1 )
{
tlsStatus = 0;
}
else
{
tlsStatus = wolfSSL_state( pSsl );
LogError( ( "Error from wolfSL_write %d : %s ",
iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) );
}
} }
return tlsStatus; return tlsStatus;