Check payload length of CoAP PDU before TLS encryption

Check payload length of CoAP PDU before TLS encryption

Change-Id: I85880aaf3b81a4ebdefe491943e22b896db1f162
Signed-off-by: hyuna0213.jo <hyuna0213.jo@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/13549
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Joonghwan Lee <jh05.lee@samsung.com>
Reviewed-by: Jaehong Jo <jaehong.jo@samsung.com>
Reviewed-by: Ashok Babu Channa <ashok.channa@samsung.com>

diff --git a/resource/csdk/connectivity/inc/catcpinterface.h b/resource/csdk/connectivity/inc/catcpinterface.h
index 23b9c46..0d30c61 100644 (file)
--- a/resource/csdk/connectivity/inc/catcpinterface.h
+++ b/resource/csdk/connectivity/inc/catcpinterface.h
@@ -214,6 +214,15 @@ size_t CAGetTotalLengthFromHeader(const unsigned char *recvBuffer);
  */
 CATCPSessionInfo_t *CAGetSessionInfoFromFD(int fd, size_t *index);
 
+/**
+ * Get total payload length from CoAP over TCP header.
+ *
+ * @param[in]   data    Data to be send.
+ * @param[in]   dlen    Total data length.
+ * @return  Payload length
+ */
+size_t CACheckPayloadLengthFromHeader(const void *data, size_t dlen);
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/resource/csdk/connectivity/src/tcp_adapter/catcpadapter.c b/resource/csdk/connectivity/src/tcp_adapter/catcpadapter.c
index 93a12e8..52c311c 100644 (file)
--- a/resource/csdk/connectivity/src/tcp_adapter/catcpadapter.c
+++ b/resource/csdk/connectivity/src/tcp_adapter/catcpadapter.c
@@ -505,10 +505,30 @@ void CATCPSendDataThread(void *threadData)
     }
     else
     {
+        // Check payload length from CoAP over TCP format header.
+        CAResult_t result = CA_STATUS_OK;
+        size_t payloadLen = CACheckPayloadLengthFromHeader(tcpData->data, tcpData->dataLen);
+        if (!payloadLen)
+        {
+            // if payload length is zero, disconnect from remote device.
+            OIC_LOG(DEBUG, TAG, "payload length is zero, disconnect from remote device");
+            size_t index = 0;
+            CATCPSessionInfo_t *svritem = CAGetTCPSessionInfoFromEndpoint(tcpData->remoteEndpoint,
+                                                                          &index);
+            if (svritem)
+            {
+                result = CADisconnectTCPSession(svritem, index);
+                if (CA_STATUS_OK != result)
+                {
+                    OIC_LOG_V(ERROR, TAG, "CADisconnectTCPSession failed, result[%d]", result);
+                }
+            }
+            return;
+        }
+
 #ifdef __WITH_TLS__
          if (tcpData->remoteEndpoint && tcpData->remoteEndpoint->flags & CA_SECURE)
          {
-             CAResult_t result = CA_STATUS_OK;
              OIC_LOG(DEBUG, TAG, "CAencryptSsl called!");
              result = CAencryptSsl(tcpData->remoteEndpoint, tcpData->data, tcpData->dataLen);
 

diff --git a/resource/csdk/connectivity/src/tcp_adapter/catcpserver.c b/resource/csdk/connectivity/src/tcp_adapter/catcpserver.c
index 5b19f9c..2162b36 100644 (file)
--- a/resource/csdk/connectivity/src/tcp_adapter/catcpserver.c
+++ b/resource/csdk/connectivity/src/tcp_adapter/catcpserver.c
@@ -946,7 +946,7 @@ void CATCPSetConnectionChangedCallback(CATCPConnectionHandleCallback connHandler
     g_connectionCallback = connHandler;
 }
 
-static size_t CACheckPayloadLength(const void *data, size_t dlen)
+size_t CACheckPayloadLengthFromHeader(const void *data, size_t dlen)
 {
     VERIFY_NON_NULL_RET(data, TAG, "data", -1);
 
@@ -1003,22 +1003,7 @@ static void sendData(const CAEndpoint_t *endpoint, const void *data,
         }
     }
 
-    // #2. check payload length
-#ifdef __WITH_TLS__
-    if (false == CAIsTlsMessage(data, dlen))
-#endif
-    {
-        size_t payloadLen = CACheckPayloadLength(data, dlen);
-        // if payload length is zero, disconnect from TCP server
-        if (!payloadLen)
-        {
-            OIC_LOG(DEBUG, TAG, "payload length is zero, disconnect from remote device");
-            CADisconnectTCPSession(svritem, index);
-            return;
-        }
-    }
-
-    // #3. check connection state
+    // #2. check connection state
     if (svritem->fd < 0)
     {
         // if file descriptor value is wrong, remove TCP Server info from list
@@ -1031,7 +1016,7 @@ static void sendData(const CAEndpoint_t *endpoint, const void *data,
         return;
     }
 
-    // #4. send data to TCP Server
+    // #3. send data to TCP Server
     ssize_t remainLen = dlen;
     do
     {