From 07ff5af5dced65f6e7877f8a1b1bbd524bc930dd Mon Sep 17 00:00:00 2001 From: thetek42 Date: Tue, 3 Sep 2024 13:47:01 +0200 Subject: [PATCH] fix: make esp_mbedtls_server_session_create async compatible --- components/esp-tls/esp_tls_mbedtls.c | 46 ++++++++++++++----- .../esp-tls/private_include/esp_tls_mbedtls.h | 16 +++++++ 2 files changed, 51 insertions(+), 11 deletions(-) diff --git a/components/esp-tls/esp_tls_mbedtls.c b/components/esp-tls/esp_tls_mbedtls.c index a861db4e47..043857e204 100644 --- a/components/esp-tls/esp_tls_mbedtls.c +++ b/components/esp-tls/esp_tls_mbedtls.c @@ -914,6 +914,21 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t * @brief Create TLS/SSL server session */ int esp_mbedtls_server_session_create(esp_tls_cfg_server_t *cfg, int sockfd, esp_tls_t *tls) +{ + int ret = 0; + if ((ret = esp_mbedtls_server_session_create_start(cfg, sockfd, tls)) != 0) return ret; + while ((ret = esp_mbedtls_server_session_create_continue_async(tls)) != 0) { + if (ret != ESP_TLS_ERR_SSL_WANT_READ && ret != ESP_TLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + return ret; +} + +/** + * @brief Initialization part of esp_mbedtls_server_session_create + */ +int esp_mbedtls_server_session_create_start(esp_tls_cfg_server_t *cfg, int sockfd, esp_tls_t *tls) { if (tls == NULL || cfg == NULL) { return -1; @@ -932,19 +947,28 @@ int esp_mbedtls_server_session_create(esp_tls_cfg_server_t *cfg, int sockfd, esp tls->read = esp_mbedtls_read; tls->write = esp_mbedtls_write; - int ret; - while ((ret = mbedtls_ssl_handshake(&tls->ssl)) != 0) { - if (ret != ESP_TLS_ERR_SSL_WANT_READ && ret != ESP_TLS_ERR_SSL_WANT_WRITE) { - ESP_LOGE(TAG, "mbedtls_ssl_handshake returned -0x%04X", -ret); - mbedtls_print_error_msg(ret); - ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ESP_TLS_ERR_TYPE_MBEDTLS, -ret); - ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ESP_TLS_ERR_TYPE_ESP, ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED); - tls->conn_state = ESP_TLS_FAIL; - return ret; - } - } return 0; } + +/** + * @brief Asyncronous continue of esp_mbedtls_server_session_create, to be + * called in a loop by the user until it returns 0, ESP_TLS_ERR_SSL_WANT_READ + * or ESP_TLS_ERR_SSL_WANT_WRITE + */ +int esp_mbedtls_server_session_create_continue_async(esp_tls_t *tls) +{ + int ret = mbedtls_ssl_handshake(&tls->ssl); + if (ret != 0 && ret != ESP_TLS_ERR_SSL_WANT_READ && ret != ESP_TLS_ERR_SSL_WANT_WRITE) { + ESP_LOGE(TAG, "mbedtls_ssl_handshake returned -0x%04X", -ret); + mbedtls_print_error_msg(ret); + ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ESP_TLS_ERR_TYPE_MBEDTLS, -ret); + ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ESP_TLS_ERR_TYPE_ESP, ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED); + tls->conn_state = ESP_TLS_FAIL; + return ret; + } + return ret; +} + /** * @brief Close the server side TLS/SSL connection and free any allocated resources. */ diff --git a/components/esp-tls/private_include/esp_tls_mbedtls.h b/components/esp-tls/private_include/esp_tls_mbedtls.h index 6bb1071ab0..0800f95831 100644 --- a/components/esp-tls/private_include/esp_tls_mbedtls.h +++ b/components/esp-tls/private_include/esp_tls_mbedtls.h @@ -69,6 +69,22 @@ void *esp_mbedtls_get_ssl_context(esp_tls_t *tls); */ int esp_mbedtls_server_session_create(esp_tls_cfg_server_t *cfg, int sockfd, esp_tls_t *tls); +/** + * Initialization part of internal callback for mbedtls_server_session_create + * + * /note :- The function can only be used with mbedtls ssl library + */ +int esp_mbedtls_server_session_create_start(esp_tls_cfg_server_t *cfg, int sockfd, esp_tls_t *tls); + +/** + * Asynchronous continue of internal callback for mbedtls_server_session_create, + * to be called in a loop by the user until it returns 0, + * ESP_TLS_ERR_SSL_WANT_READ or ESP_TLS_ERR_SSL_WANT_WRITE + * + * /note :- The function can only be used with mbedtls ssl library + */ +int esp_mbedtls_server_session_create_continue_async(esp_tls_t *tls); + /** * Internal Callback for mbedtls_server_session_delete *