Commit af6ee6b

committed

libraries/SocketWrapper: Fix agrs and improve error handling.

- Fix socket timeout arg to use proper struct timeval - Initialize addrinfo structs to prevent undefined behavior - Add error checking for tls_credential_add() and setsockopt() calls - Centralize socket cleanup in error path - Change default return value to false for safer error handling - Change cert args to const Signed-off-by: iabdalkader <i.abdalkader@gmail.com>

1 parent 69260c8 commit af6ee6bCopy full SHA for af6ee6b

File tree

3 files changed

+27

-20

lines changed

libraries/SocketWrapper

3 files changed

+27

-20

lines changed

`‎libraries/SocketWrapper/SocketWrapper.h‎`

Lines changed: 24 additions & 17 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,8 +30,8 @@ class ZephyrSocketWrapper {`
`30`	`30`	`bool connect(const char *host, uint16_t port) {`
`31`	`31`
`32`	`32`	`// Resolve address`
`33`		`- struct addrinfo hints;`
`34`		`- struct addrinfo *res;`
	`33`	`+ struct addrinfo hints = {0};`
	`34`	`+ struct addrinfo *res = nullptr;`
`35`	`35`	`bool rv = true;`
`36`	`36`
`37`	`37`	`hints.ai_family = AF_INET;`
`@@ -102,24 +102,27 @@ class ZephyrSocketWrapper {`
`102`	`102`	`}`
`103`	`103`
`104`	`104`	`#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)`
`105`		`- bool connectSSL(const char host, uint16_t port, char ca_certificate_pem = nullptr) {`
	`105`	`+ bool connectSSL(const char host, uint16_t port, constchar ca_certificate_pem = nullptr) {`
`106`	`106`
`107`	`107`	`// Resolve address`
`108`		`- struct addrinfo hints;`
`109`		`- struct addrinfo *res;`
	`108`	`+ struct addrinfo hints = {0};`
	`109`	`+ struct addrinfo *res = nullptr;`
`110`	`110`
`111`	`111`	`hints.ai_family = AF_INET;`
`112`	`112`	`hints.ai_socktype = SOCK_STREAM;`
`113`	`113`
`114`	`114`	`int resolve_attempts = 100;`
`115`	`115`	`int ret;`
`116`		`- bool rv = true;`
	`116`	`+ bool rv = false;`
`117`	`117`
`118`	`118`	`sec_tag_t sec_tag_opt[] = {`
`119`	`119`	`CA_CERTIFICATE_TAG,`
`120`	`120`	`};`
`121`	`121`
`122`		`- uint32_t timeo_optval = 100;`
	`122`	`+ struct timeval timeout_opt = {`
	`123`	`+ .tv_sec = 0,`
	`124`	`+ .tv_usec = 100000,`
	`125`	`+ };`
`123`	`126`
`124`	`127`	`while (resolve_attempts--) {`
`125`	`128`	`ret = getaddrinfo(host, String(port).c_str(), &hints, &res);`
`@@ -132,33 +135,33 @@ class ZephyrSocketWrapper {`
`132`	`135`	`}`
`133`	`136`
`134`	`137`	`if (ret != 0) {`
`135`		`- rv = false;`
`136`	`138`	`goto exit;`
`137`	`139`	`}`
`138`	`140`
`139`	`141`	`if (ca_certificate_pem != nullptr) {`
`140`	`142`	`ret = tls_credential_add(CA_CERTIFICATE_TAG, TLS_CREDENTIAL_CA_CERTIFICATE,`
`141`	`143`	`ca_certificate_pem, strlen(ca_certificate_pem) + 1);`
	`144`	`+ if (ret != 0) {`
	`145`	`+ goto exit;`
	`146`	`+ }`
`142`	`147`	`}`
`143`	`148`
`144`	`149`	`sock_fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TLS_1_2);`
`145`	`150`	`if (sock_fd < 0) {`
`146`		`- rv = false;`
`147`	`151`	`goto exit;`
`148`	`152`	`}`
`149`	`153`
`150`		`- setsockopt(sock_fd, SOL_TLS, TLS_SEC_TAG_LIST, sec_tag_opt, sizeof(sec_tag_opt));`
`151`		`-`
`152`		`- setsockopt(sock_fd, SOL_TLS, TLS_HOSTNAME, host, strlen(host));`
`153`		`-`
`154`		`- setsockopt(sock_fd, SOL_SOCKET, SO_RCVTIMEO, &timeo_optval, sizeof(timeo_optval));`
	`154`	`+ if (setsockopt(sock_fd, SOL_TLS, TLS_HOSTNAME, host, strlen(host)) \|\|`
	`155`	`+setsockopt(sock_fd, SOL_TLS, TLS_SEC_TAG_LIST, sec_tag_opt, sizeof(sec_tag_opt)) \|\|`
	`156`	`+ setsockopt(sock_fd, SOL_SOCKET, SO_RCVTIMEO, &timeout_opt, sizeof(timeout_opt))) {`
	`157`	`+goto exit;`
	`158`	`+ }`
`155`	`159`
`156`	`160`	`if (::connect(sock_fd, res->ai_addr, res->ai_addrlen) < 0) {`
`157`		`- ::close(sock_fd);`
`158`		`- sock_fd = -1;`
`159`		`- rv = false;`
`160`	`161`	`goto exit;`
`161`	`162`	`}`
	`163`	`+`
	`164`	`+ rv = true;`
`162`	`165`	`is_ssl = true;`
`163`	`166`
`164`	`167`	`exit:`
`@@ -167,6 +170,10 @@ class ZephyrSocketWrapper {`
`167`	`170`	`res = nullptr;`
`168`	`171`	`}`
`169`	`172`
	`173`	`+ if (!rv && sock_fd >= 0) {`
	`174`	`+ ::close(sock_fd);`
	`175`	`+ sock_fd = -1;`
	`176`	`+ }`
`170`	`177`	`return rv;`
`171`	`178`	`}`
`172`	`179`	`#endif`

`‎libraries/SocketWrapper/ZephyrClient.h‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -32,8 +32,8 @@ class ZephyrClient : public arduino::Client, ZephyrSocketWrapper {`
`32`	`32`	`return ret;`
`33`	`33`	`}`
`34`	`34`	`#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)`
`35`		`- int connectSSL(const char host, uint16_t port, char cert) {`
`36`		`- auto ret = ZephyrSocketWrapper::connectSSL((char *)host, port, cert);`
	`35`	`+ int connectSSL(const char host, uint16_t port, constchar cert) {`
	`36`	`+ auto ret = ZephyrSocketWrapper::connectSSL(host, port, cert);`
`37`	`37`	`if (ret) {`
`38`	`38`	`_connected = true;`
`39`	`39`	`}`

`‎libraries/SocketWrapper/ZephyrSSLClient.h‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ class ZephyrSSLClient : public ZephyrClient {`
`14`	`14`	`return connectSSL(host, port, nullptr);`
`15`	`15`	`}`
`16`	`16`
`17`		`- int connect(const char host, uint16_t port, char cert) {`
	`17`	`+ int connect(const char host, uint16_t port, constchar cert) {`
`18`	`18`	`return connectSSL(host, port, cert);`
`19`	`19`	`}`
`20`	`20`	`};`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit af6ee6b

File tree

3 files changed

3 files changed

`‎libraries/SocketWrapper/SocketWrapper.h‎`

`‎libraries/SocketWrapper/ZephyrClient.h‎`

`‎libraries/SocketWrapper/ZephyrSSLClient.h‎`

0 commit comments