wpa_supplicant: clean tls client state machine (backport v4.0)

components/wpa_supplicant/src/crypto/tls_mbedtls.c

@@ -121,6 +121,10 @@ static int tls_mbedtls_read(void *ctx, unsigned char *buf, size_t len)
 	struct wpabuf *local_buf;
 	size_t data_len = len;
 
+	if (data->in_data == NULL) {
+		return MBEDTLS_ERR_SSL_WANT_READ;
+	}
+
 	if (len > wpabuf_len(data->in_data)) {
 		wpa_printf(MSG_ERROR, "don't have suffient data\n");
 		data_len = wpabuf_len(data->in_data);
@@ -466,6 +470,10 @@ static int tls_create_mbedtls_handle(const struct tls_connection_params *params,
 		wpa_printf(MSG_ERROR, "mbedtls_ssl_setup returned -0x%x", -ret);
 		goto exit;
 	}
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+	/* Disable BEAST attack countermeasures for Windows 2008 interoperability */
+	mbedtls_ssl_conf_cbc_record_splitting(&tls->conf, MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED);
+#endif
 
 	/* Enable debug prints in case supplicant's prints are enabled */
 #if defined(DEBUG_PRINT) && defined(CONFIG_MBEDTLS_DEBUG) && defined(ESPRESSIF_USE)
@@ -552,56 +560,26 @@ struct wpabuf * tls_connection_handshake(void *tls_ctx,
 	if (wpabuf_len(in_data)) {
 		conn->tls_io_data.in_data = wpabuf_dup(in_data);
 	}
-	ret = mbedtls_ssl_handshake_step(&tls->ssl);
-	if (ret < 0) {
-		wpa_printf(MSG_ERROR, "%s:%d", __func__, __LINE__);
-		goto end;
-	}
 
 	/* Multiple reads */
-	while (conn->tls_io_data.in_data) {
+	while (tls->ssl.state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+		if (tls->ssl.state == MBEDTLS_SSL_CLIENT_CERTIFICATE) {
+			/* Read random data before session completes, not present after handshake */
+			if (tls->ssl.handshake) {
+				os_memcpy(conn->randbytes, tls->ssl.handshake->randbytes,
+					  TLS_RANDOM_LEN * 2);
+			}
+		}
 		ret = mbedtls_ssl_handshake_step(&tls->ssl);
+
 		if (ret < 0)
 			break;
 	}
-
+	if (ret < 0 && ret != MBEDTLS_ERR_SSL_WANT_READ) {
-	/* State machine just started, get client hello */
+		wpa_printf(MSG_INFO, "%s: ret is %d line:%d", __func__, ret, __LINE__);
-	if (tls->ssl.state == MBEDTLS_SSL_CLIENT_HELLO) {
-		ret = mbedtls_ssl_handshake_step(&tls->ssl);
-	}
-
-	if (ret < 0) {
-		wpa_printf(MSG_ERROR, "%s:%d", __func__, __LINE__);
 		goto end;
 	}
 
-	/* Already read sever data till hello done */
-	if (tls->ssl.state == MBEDTLS_SSL_CLIENT_CERTIFICATE) {
-		/* Read random data before session completes, not present after handshake */
-		if (tls->ssl.handshake) {
-			os_memcpy(conn->randbytes, tls->ssl.handshake->randbytes,
-				  TLS_RANDOM_LEN * 2);
-		}
-
-		/* trigger state machine multiple times to reach till finish */
-		while (tls->ssl.state <= MBEDTLS_SSL_CLIENT_FINISHED) {
-			ret = mbedtls_ssl_handshake_step(&tls->ssl);
-			if (ret < 0) {
-				break;
-			}
-		}
-	}
-
-	/* Trigger state machine till handshake is complete or error occures */
-	if (tls->ssl.state == MBEDTLS_SSL_FLUSH_BUFFERS) {
-		while (tls->ssl.state <= MBEDTLS_SSL_HANDSHAKE_OVER) {
-			ret = mbedtls_ssl_handshake_step(&tls->ssl);
-			if (ret < 0) {
-				break;
-			}
-		}
-	}
-
 	if (!conn->tls_io_data.out_data) {
 		wpa_printf(MSG_INFO, "application data is null, adding one byte for ack");
 		u8 *dummy = os_zalloc(1);