mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
protocomm_httpd: Restart security session if request is received on a new session
This commit fixes a bug as well as changes a behaviour. Bugfix: During softap/httpd based provisioning, if a session was closed midway and a new one started, it would never proceed if the http server assigns same socket number to the new session (which happens almost always). Now, if a session is closed, using the http callbacks, the older session data is cleared so that a new one can be created. Behavioural change: If a client (mobile app particularly) does not use persistent http session i.e. all provisioning communication on the same socket, the provisioning may fail. Earlier, since the session context was not getting cleared, even if the client closed a session and continued on a new one, it would go through if the socket number assigned was same (which happens almost always). Ideally, from a security perspective, all communication related to secure provisioning must happen on the same socket, and so, this change is required.
This commit is contained in:
parent
ccdd06937f
commit
f677655fcb
@ -31,6 +31,17 @@ static uint32_t session_id = PROTOCOMM_NO_SESSION_ID;
|
|||||||
|
|
||||||
#define MAX_REQ_BODY_LEN 4096
|
#define MAX_REQ_BODY_LEN 4096
|
||||||
|
|
||||||
|
static void protocomm_httpd_session_close(void *ctx)
|
||||||
|
{
|
||||||
|
if (pc_httpd->sec && pc_httpd->sec->close_transport_session) {
|
||||||
|
ESP_LOGW(TAG, "Closing session as socket %d was closed", session_id);
|
||||||
|
if (pc_httpd->sec->close_transport_session((protocomm_security_handle_t)ctx, session_id) != ESP_OK) {
|
||||||
|
ESP_LOGW(TAG, "Error closing session with ID: %d", session_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
session_id = PROTOCOMM_NO_SESSION_ID;
|
||||||
|
}
|
||||||
|
|
||||||
static esp_err_t common_post_handler(httpd_req_t *req)
|
static esp_err_t common_post_handler(httpd_req_t *req)
|
||||||
{
|
{
|
||||||
esp_err_t ret;
|
esp_err_t ret;
|
||||||
@ -42,6 +53,7 @@ static esp_err_t common_post_handler(httpd_req_t *req)
|
|||||||
int cur_session_id = httpd_req_to_sockfd(req);
|
int cur_session_id = httpd_req_to_sockfd(req);
|
||||||
|
|
||||||
if (cur_session_id != session_id) {
|
if (cur_session_id != session_id) {
|
||||||
|
ESP_LOGI(TAG, "Creating new session: %d", cur_session_id);
|
||||||
/* Initialize new security session */
|
/* Initialize new security session */
|
||||||
if (session_id != PROTOCOMM_NO_SESSION_ID) {
|
if (session_id != PROTOCOMM_NO_SESSION_ID) {
|
||||||
ESP_LOGD(TAG, "Closing session with ID: %d", session_id);
|
ESP_LOGD(TAG, "Closing session with ID: %d", session_id);
|
||||||
@ -62,6 +74,9 @@ static esp_err_t common_post_handler(httpd_req_t *req)
|
|||||||
ret = ESP_FAIL;
|
ret = ESP_FAIL;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
req->sess_ctx = pc_httpd->sec_inst;
|
||||||
|
req->free_ctx = protocomm_httpd_session_close;
|
||||||
|
|
||||||
}
|
}
|
||||||
session_id = cur_session_id;
|
session_id = cur_session_id;
|
||||||
ESP_LOGD(TAG, "New session with ID: %d", cur_session_id);
|
ESP_LOGD(TAG, "New session with ID: %d", cur_session_id);
|
||||||
|
Loading…
Reference in New Issue
Block a user