if env.get('SECURED') == '1':
env.SConscript(build_dir + 'extlibs/tinydtls/SConscript')
env.AppendUnique(CPPPATH = ['#extlibs/tinydtls'])
+ env.SConscript(build_dir + 'extlibs/timer/SConscript')
+ env.AppendUnique(CPPPATH = ['#extlibs/timer'])
env.AppendUnique(CPPPATH = [src_dir + '/resource/csdk/security/include'])
env.AppendUnique(CPPDEFINES = ['__WITH_DTLS__'])
env.AppendUnique(CPPPATH = [os.path.join(root_dir, 'external/inc')])
lib_env.AppendUnique(LIBS = ['coap'])
if lib_env.get('SECURED') == '1':
lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto'])
+ lib_env.AppendUnique(LIBS = ['timer'])
if ca_os != 'android':
lib_env.AppendUnique(LIBS = ['rt'])
if ((lib_env.get('SECURED') == '1') and ((lib_env.get('WITH_TCP')) or (lib_env.get('WITH_CLOUD')))):
lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto'])
+ lib_env.AppendUnique(LIBS = ['timer'])
static_calib = lib_env.StaticLibrary('connectivity_abstraction', env.get('CA_SRC'))
shared_calib = lib_env.SharedLibrary('connectivity_abstraction', lib_env.get('CA_SRC'))
calib = Flatten([static_calib, shared_calib])
lib_env.AppendUnique(LIBS = ['coap', 'mswsock', 'ws2_32', 'iphlpapi', 'logger'])
if lib_env.get('SECURED') == '1':
lib_env.AppendUnique(LIBS = ['mbedtls','mbedx509','mbedcrypto'])
+ lib_env.AppendUnique(LIBS = ['timer'])
calib = lib_env.StaticLibrary('connectivity_abstraction', env.get('CA_SRC'))
else:
calib = lib_env.StaticLibrary('connectivity_abstraction', lib_env.get('CA_SRC'))
#include "oic_malloc.h"
#include "byte_array.h"
#include "octhread.h"
+#include "timer.h"
// headers required for mbed TLS
#include "mbedtls/platform.h"
* @param[in] peer remote peer
* @param[in] ret used internaly
*/
+
+/**
+ * @var RETRANSMISSION_TIME
+ * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
+ */
+#define RETRANSMISSION_TIME 1
+
#define SSL_CLOSE_NOTIFY(peer, ret) \
do \
{ \
mbedtls_ssl_config serverTlsConf;
mbedtls_ssl_config clientDtlsConf;
mbedtls_ssl_config serverDtlsConf;
-#ifdef __WITH_DTLS__
- mbedtls_ssl_cookie_ctx cookie_ctx;
- mbedtls_timing_delay_context timer;
-#endif // __WITH_DTLS__
+
AdapterCipher_t cipher;
SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
mbedtls_x509_crl crl;
uint8_t random[2*RANDOM_LEN];
#ifdef __WITH_DTLS__
mbedtls_ssl_cookie_ctx cookieCtx;
-#endif
-
+ mbedtls_timing_delay_context timer;
+#endif // __WITH_DTLS__
} SslEndPoint_t;
void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
{
- mbedtls_ssl_set_timer_cb(&tep->ssl, &g_caSslContext->timer,
+ mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
mbedtls_timing_set_delay, mbedtls_timing_get_delay);
if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
{
return 0;
}
+/**
+ * Starts DTLS retransmission.
+ */
+static void StartRetransmit()
+{
+ static int timerId = -1;
+ uint32_t listIndex = 0;
+ uint32_t listLength = 0;
+ SslEndPoint_t *tep = NULL;
+ if (timerId != -1)
+ {
+ //clear previous timer
+ unregisterTimer(timerId);
+
+ oc_mutex_lock(g_sslContextMutex);
+
+ //stop retransmission if context is invalid
+ if(NULL == g_caSslContext)
+ {
+ OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
+ oc_mutex_unlock(g_sslContextMutex);
+ return;
+ }
+
+ listLength = u_arraylist_length(g_caSslContext->peerList);
+ for (listIndex = 0; listIndex < listLength; listIndex++)
+ {
+ tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
+ if (NULL == tep
+ || MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport
+ || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
+ {
+ continue;
+ }
+ int ret = mbedtls_ssl_handshake_step(&tep->ssl);
+ if (0 != ret && MBEDTLS_ERR_SSL_CONN_EOF != ret)
+ {
+ OIC_LOG_V(ERROR, NET_SSL_TAG, "Retransmission error: -0x%x", -ret);
+ }
+ }
+ oc_mutex_unlock(g_sslContextMutex);
+ }
+ //start new timer
+ registerTimer(RETRANSMISSION_TIME, &timerId, (void *) StartRetransmit);
+}
+
CAResult_t CAinitSslAdapter()
{
OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
mbedtls_pk_init(&g_caSslContext->pkey);
mbedtls_x509_crl_init(&g_caSslContext->crl);
+#ifdef __WITH_DTLS__
+ StartRetransmit();
+#endif
+
oc_mutex_unlock(g_sslContextMutex);
OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);