Fix DTLS retransmission error

Change-Id: I26360583ccd7df3cab98f2b13ca207040ddf5f35
Signed-off-by: Dmitriy Zhuravlev <d.zhuravlev@samsung.com>
Signed-off-by: Oleksii Beketov <ol.beketov@samsung.com>
Signed-off-by: Chul Lee <chuls.lee@samsung.com>
Signed-off-by: Oleksii Beketov <ol.beketov@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/14513
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Joonghwan Lee <jh05.lee@samsung.com>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>

diff --git a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
index 2dd024b..c555b58 100644 (file)
--- a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
+++ b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
@@ -166,7 +166,7 @@ if (g_sslCallback)
  * @param[in] ret error code
  * @param[in] str debug string
  * @param[in] mutex ca mutex
- * @param[in] return error code
+ * @param[in] if code does not equal to -1 returns error code
  * @param[in] msg allert message
  */
 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)                                          \
@@ -195,7 +195,10 @@ if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) &&
         ca_mutex_unlock(g_sslContextMutex);                                                        \
     }                                                                                              \
     OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);                                             \
-    return (error);                                                                                \
+    if (-1 != error)                                                                               \
+    {                                                                                              \
+        return (error);                                                                            \
+    }                                                                                              \
 }
 /** @def CHECK_MBEDTLS_RET(f, ...)
  * A macro that checks \a f function return code
@@ -383,6 +386,10 @@ typedef struct SslContext
     bool cipherFlag[2];
     int selectedCipher;
 
+#ifdef __WITH_DTLS__
+    int timerId;
+#endif
+
 } SslContext_t;
 
 /**
@@ -1192,7 +1199,18 @@ static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
     OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
     return tep;
 }
-
+#ifdef __WITH_DTLS__
+/**
+ * Stops DTLS retransmission.
+ */
+static void StopRetransmit()
+{
+    if (g_caSslContext)
+    {
+        unregisterTimer(g_caSslContext->timerId);
+    }
+}
+#endif
 void CAdeinitSslAdapter()
 {
     OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
@@ -1219,7 +1237,9 @@ void CAdeinitSslAdapter()
 #endif // __WITH_DTLS__
     mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
     mbedtls_entropy_free(&g_caSslContext->entropy);
-
+#ifdef __WITH_DTLS__
+    StopRetransmit();
+#endif
     // De-initialize tls Context
     OICFree(g_caSslContext);
     g_caSslContext = NULL;
@@ -1257,30 +1277,25 @@ static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
     OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
     return 0;
 }
-
+#ifdef __WITH_DTLS__
 /**
  * Starts DTLS retransmission.
  */
-static void StartRetransmit()
+static int StartRetransmit()
 {
-    static int timerId = -1;
     uint32_t listIndex = 0;
     uint32_t listLength = 0;
     SslEndPoint_t *tep = NULL;
-    if (timerId != -1)
+    if (NULL == g_caSslContext)
+    {
+        OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
+        return -1;
+    }
+    ca_mutex_lock(g_sslContextMutex);
+    if (g_caSslContext->timerId != -1)
     {
         //clear previous timer
-        unregisterTimer(timerId);
-
-        ca_mutex_lock(g_sslContextMutex);
-
-        //stop retransmission if context is invalid
-        if(NULL == g_caSslContext)
-        {
-            OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
-            ca_mutex_unlock(g_sslContextMutex);
-            return;
-        }
+        unregisterTimer(g_caSslContext->timerId);
 
         listLength = u_arraylist_length(g_caSslContext->peerList);
         for (listIndex = 0; listIndex < listLength; listIndex++)
@@ -1293,16 +1308,20 @@ static void StartRetransmit()
                 continue;
             }
             int ret = mbedtls_ssl_handshake_step(&tep->ssl);
-            if (0 != ret && MBEDTLS_ERR_SSL_CONN_EOF != ret)
+
+            if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
             {
-                OIC_LOG_V(ERROR, NET_SSL_TAG, "Retransmission error: -0x%x", -ret);
+                SSL_CHECK_FAIL(tep, ret, "Retransmission", NULL, -1,
+                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
             }
         }
-        ca_mutex_unlock(g_sslContextMutex);
     }
     //start new timer
-    registerTimer(RETRANSMISSION_TIME, &timerId, (void *) StartRetransmit);
+    registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
+    ca_mutex_unlock(g_sslContextMutex);
+    return 0;
 }
+#endif
 
 CAResult_t CAinitSslAdapter()
 {
@@ -1446,10 +1465,13 @@ CAResult_t CAinitSslAdapter()
     mbedtls_x509_crl_init(&g_caSslContext->crl);
 
 #ifdef __WITH_DTLS__
-    StartRetransmit();
+    g_caSslContext->timerId = -1;
 #endif
 
-    ca_mutex_unlock(g_sslContextMutex);
+   ca_mutex_unlock(g_sslContextMutex);
+#ifdef __WITH_DTLS__
+    StartRetransmit();
+#endif
 
     OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
     return CA_STATUS_OK;