static void
altcp_mbedtls_abort(struct altcp_pcb *conn)
{
if (conn != NULL) {
altcp_abort(conn->inner_conn);
}
}
/** Free http client state and deallocate all resources within */
static err_t
httpc_free_state(httpc_state_t* req)
{
struct altcp_pcb* tpcb;
if (req->request != NULL) {
pbuf_free(req->request);
req->request = NULL;
}
if (req->rx_hdrs != NULL) {
pbuf_free(req->rx_hdrs);
req->rx_hdrs = NULL;
}
tpcb = req->pcb;
mem_free(req);
req = NULL;
if (tpcb != NULL) {
err_t r;
altcp_arg(tpcb, NULL);
altcp_recv(tpcb, NULL);
altcp_err(tpcb, NULL);
altcp_poll(tpcb, NULL, 0);
altcp_sent(tpcb, NULL);
r = altcp_close(tpcb);
if (r != ERR_OK) {
altcp_abort(tpcb);
return ERR_ABRT;
}
}
return ERR_OK;
}
static err_t
altcp_mbedtls_lower_recv_process(struct altcp_pcb *conn, altcp_mbedtls_state_t *state)
{
if (!(state->flags & ALTCP_MBEDTLS_FLAGS_HANDSHAKE_DONE)) {
/* handle connection setup (handshake not done) */
int ret = mbedtls_ssl_handshake(&state->ssl_context);
/* try to send data... */
altcp_output(conn->inner_conn);
if (state->bio_bytes_read) {
/* acknowledge all bytes read */
altcp_mbedtls_lower_recved(conn->inner_conn, state->bio_bytes_read);
state->bio_bytes_read = 0;
}
if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
/* handshake not done, wait for more recv calls */
LWIP_ASSERT("in this state, the rx chain should be empty", state->rx == NULL);
return ERR_OK;
}
if (ret != 0) {
LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("mbedtls_ssl_handshake failed: %d\n", ret));
/* handshake failed, connection has to be closed */
if (conn->err) {
conn->err(conn->arg, ERR_CLSD);
}
if (altcp_close(conn) != ERR_OK) {
altcp_abort(conn);
}
return ERR_OK;
}
/* If we come here, handshake succeeded. */
LWIP_ASSERT("state", state->bio_bytes_read == 0);
LWIP_ASSERT("state", state->bio_bytes_appl == 0);
state->flags |= ALTCP_MBEDTLS_FLAGS_HANDSHAKE_DONE;
/* issue "connect" callback" to upper connection (this can only happen for active open) */
if (conn->connected) {
err_t err;
err = conn->connected(conn->arg, conn, ERR_OK);
if (err != ERR_OK) {
return err;
}
}
if (state->rx == NULL) {
return ERR_OK;
}
}
/* handle application data */
return altcp_mbedtls_handle_rx_appldata(conn, state);
}
/* Helper function that processes rx application data stored in rx pbuf chain */
static err_t
altcp_mbedtls_handle_rx_appldata(struct altcp_pcb *conn, altcp_mbedtls_state_t *state)
{
int ret;
LWIP_ASSERT("state != NULL", state != NULL);
if (!(state->flags & ALTCP_MBEDTLS_FLAGS_HANDSHAKE_DONE)) {
/* handshake not done yet */
return ERR_VAL;
}
do {
/* allocate a full-sized unchained PBUF_POOL: this is for RX! */
struct pbuf *buf = pbuf_alloc(PBUF_RAW, PBUF_POOL_BUFSIZE, PBUF_POOL);
if (buf == NULL) {
/* We're short on pbufs, try again later from 'poll' or 'recv' callbacks.
@todo: close on excessive allocation failures or leave this up to upper conn? */
return ERR_OK;
}
/* decrypt application data, this pulls encrypted RX data off state->rx pbuf chain */
ret = mbedtls_ssl_read(&state->ssl_context, (unsigned char *)buf->payload, PBUF_POOL_BUFSIZE);
if (ret < 0) {
if (ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT) {
/* client is initiating a new connection using the same source port -> close connection or make handshake */
LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("new connection on same source port\n"));
LWIP_ASSERT("TODO: new connection on same source port, close this connection", 0);
} else if ((ret != MBEDTLS_ERR_SSL_WANT_READ) && (ret != MBEDTLS_ERR_SSL_WANT_WRITE)) {
if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("connection was closed gracefully\n"));
} else if (ret == MBEDTLS_ERR_NET_CONN_RESET) {
LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("connection was reset by peer\n"));
}
pbuf_free(buf);
return ERR_OK;
} else {
pbuf_free(buf);
return ERR_OK;
}
pbuf_free(buf);
altcp_abort(conn);
return ERR_ABRT;
} else {
err_t err;
if (ret) {
LWIP_ASSERT("bogus receive length", ret <= PBUF_POOL_BUFSIZE);
/* trim pool pbuf to actually decoded length */
pbuf_realloc(buf, (u16_t)ret);
state->bio_bytes_appl += ret;
if (mbedtls_ssl_get_bytes_avail(&state->ssl_context) == 0) {
/* Record is done, now we know the share between application and protocol bytes
and can adjust the RX window by the protocol bytes.
The rest is 'recved' by the application calling our 'recved' fn. */
int overhead_bytes;
LWIP_ASSERT("bogus byte counts", state->bio_bytes_read > state->bio_bytes_appl);
overhead_bytes = state->bio_bytes_read - state->bio_bytes_appl;
altcp_mbedtls_lower_recved(conn->inner_conn, overhead_bytes);
state->bio_bytes_read = 0;
state->bio_bytes_appl = 0;
}
if (state->rx_app == NULL) {
state->rx_app = buf;
} else {
pbuf_cat(state->rx_app, buf);
}
} else {
pbuf_free(buf);
buf = NULL;
}
err = altcp_mbedtls_pass_rx_data(conn, state);
if (err != ERR_OK) {
if (err == ERR_ABRT) {
/* recv callback needs to return this as the pcb is deallocated */
return ERR_ABRT;
}
/* we hide all other errors as we retry feeding the pbuf to the app later */
return ERR_OK;
}
}
} while (ret > 0);
return ERR_OK;
}
