Detect tls close all sessions event (#191)

* coap: update status code after tls conections are closed * Add function to check if closing of tls is scheduled
iotivity · Feb 18, 2022 · 1694014 · 1694014
1 parent a3a75a5
commit 1694014
Show file tree

Hide file tree

Showing 6 changed files with 64 additions and 4 deletions.
diff --git a/api/oc_events.h b/api/oc_events.h
@@ -52,6 +52,14 @@ typedef enum {
 
 extern oc_process_event_t oc_events[];
 
+/**
+ * @brief convert oc_events_t value to oc_process_event_t value
+ *
+ * @param event value to convert
+ * @return corresponding oc_process_event_t value
+ */
+oc_process_event_t oc_event_to_oc_process_event(oc_events_t event);
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/api/oc_ri.c b/api/oc_ri.c
@@ -30,6 +30,7 @@
 #include "messaging/coap/coap_signal.h"
 #endif /* OC_TCP */
 
+#include "port/oc_assert.h"
 #include "port/oc_random.h"
 
 #include "oc_buffer.h"
@@ -340,12 +341,18 @@ oc_ri_query_exists(const char *query, size_t query_len, const char *key)
 static void
 allocate_events(void)
 {
-  int i = 0;
-  for (i = 0; i < __NUM_OC_EVENT_TYPES__; i++) {
+  for (int i = 0; i < __NUM_OC_EVENT_TYPES__; i++) {
     oc_events[i] = oc_process_alloc_event();
   }
 }
 
+oc_process_event_t
+oc_event_to_oc_process_event(oc_events_t event)
+{
+  oc_assert(event < __NUM_OC_EVENT_TYPES__);
+  return oc_events[event];
+}
+
 static void
 start_processes(void)
 {

diff --git a/messaging/coap/engine.c b/messaging/coap/engine.c
@@ -168,6 +168,9 @@ close_all_tls_sessions(void *data)
 {
   size_t device = (size_t)data;
   oc_close_all_tls_sessions_for_device(device);
+  if (coap_status_code == CLOSE_ALL_TLS_SESSIONS) {
+    coap_status_code = COAP_NO_ERROR;
+  }
   oc_set_drop_commands(device, false);
   return OC_EVENT_DONE;
 }

diff --git a/security/oc_pstat.c b/security/oc_pstat.c
@@ -137,6 +137,9 @@ close_all_tls_sessions(void *data)
 {
   size_t device = (size_t)data;
   oc_close_all_tls_sessions_for_device(device);
+  if (coap_status_code == CLOSE_ALL_TLS_SESSIONS) {
+    coap_status_code = COAP_NO_ERROR;
+  }
   return OC_EVENT_DONE;
 }
 
@@ -205,9 +208,11 @@ oc_pstat_handle_state(oc_sec_pstat_t *ps, size_t device, bool from_storage,
       goto pstat_state_error;
     }
     oc_factory_presets_t *fp = oc_get_factory_presets_cb();
+    coap_status_t status_code = CLOSE_ALL_TLS_SESSIONS;
     if (fp->cb != NULL) {
       if (self_reset) {
         oc_close_all_tls_sessions_for_device(device);
+        status_code = COAP_NO_ERROR;
       } else {
         oc_set_delayed_callback((void *)device, close_all_tls_sessions, 0);
       }
@@ -217,7 +222,7 @@ oc_pstat_handle_state(oc_sec_pstat_t *ps, size_t device, bool from_storage,
       OC_DBG("oc_pstat: returned from the factory presets callback");
       memcpy(ps, &pstat[device], sizeof(oc_sec_pstat_t));
     }
-    coap_status_code = CLOSE_ALL_TLS_SESSIONS;
+    coap_status_code = status_code;
     ps->p = false;
   } break;
   case OC_DOS_RFPRO: {

diff --git a/util/oc_process.c b/util/oc_process.c
@@ -41,6 +41,11 @@
 #include <stdlib.h>
 #include <string.h>
 #endif /* OC_DYNAMIC_ALLOCATION */
+#ifdef OC_SECURITY
+#include "api/oc_events.h"       // oc_event_to_oc_process_event
+#include "messaging/coap/coap.h" // coap_status_code
+
+#endif /* OC_SECURITY */
 
 /*
  * Pointer to the currently running process structure.
@@ -61,7 +66,7 @@ struct event_data
 };
 
 #ifdef OC_DYNAMIC_ALLOCATION
-static unsigned long OC_PROCESS_NUMEVENTS = 10;
+static oc_process_num_events_t OC_PROCESS_NUMEVENTS = 10;
 #else /* OC_DYNAMIC_ALLOCATION */
 #define OC_PROCESS_NUMEVENTS 10
 #endif /* !OC_DYNAMIC_ALLOCATION */
@@ -343,6 +348,27 @@ oc_process_nevents(void)
   return nevents + OC_ATOMIC_LOAD8(g_poll_requested);
 }
 /*---------------------------------------------------------------------------*/
+#ifdef OC_SECURITY
+bool
+oc_process_is_closing_all_tls_sessions()
+{
+  if (coap_status_code == CLOSE_ALL_TLS_SESSIONS) {
+    return true;
+  }
+
+  const oc_process_event_t tls_close =
+    oc_event_to_oc_process_event(TLS_CLOSE_ALL_SESSIONS);
+  for (oc_process_num_events_t i = 0; i < nevents; ++i) {
+    oc_process_num_events_t index =
+      (oc_process_num_events_t)(fevent + i) % OC_PROCESS_NUMEVENTS;
+    if (events[index].ev == tls_close) {
+      return true;
+    }
+  }
+  return false;
+}
+#endif /* OC_SECURITY */
+/*---------------------------------------------------------------------------*/
 int
 oc_process_post(struct oc_process *p, oc_process_event_t ev,
                 oc_process_data_t data)

diff --git a/util/oc_process.h b/util/oc_process.h
@@ -45,6 +45,7 @@
 
 #include "util/oc_atomic.h"
 #include "util/pt/pt.h"
+#include <stdbool.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -526,6 +527,16 @@ int oc_process_is_running(struct oc_process *p);
  */
 int oc_process_nevents(void);
 
+#ifdef OC_SECURITY
+/**
+ * Check if closing of all tls sessions is currently scheduled by the process.
+ *
+ * \return true closing of all tls is sessions is scheduled by the process
+ * \return false otherwise
+ */
+bool oc_process_is_closing_all_tls_sessions();
+#endif /* OC_SECURITY */
+
 /** @} */
 
 extern struct oc_process *oc_process_list;