[patch #9862] altcp_mbedtls: multiple fixes and session save/restore

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[patch #9862] altcp_mbedtls: multiple fixes and session save/restore

David GIRAULT-2
URL:
  <https://savannah.nongnu.org/patch/?9862>

                 Summary: altcp_mbedtls: multiple fixes and session
save/restore
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: dgirault
            Submitted on: mar. 15 oct. 2019 13:01:04 UTC
                Category: apps
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email:
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None

    _______________________________________________________

Details:

-   Ensure no memory leaks and entropy counter is protected

-   Use ERR_CLSD only for handshake error.    
    This allow better handling of handshake error in application.

-   Call the application sent() callback with usefull len
   
    First calculate and sum TLS overhead when altcp_mbedtls_write() is
called.
    Then take care of it when calling application sent callback. Give
reveived
    len from inner_conn, minus calculated overhead.

-   Support for saving/restoring session information
   
    According to mbedTLS source code and documentation, calls to
    `mbedtls_ssl_conf_session_cache` and
`mbedtls_ssl_conf_session_tickets_cb`
    are only available if mbedTLS is configured for server mode (ie.
MBEDTLS_SSL_SRV_C
    is defined). This cannot be used on client mode to resume a previous
session.
   
    To allow session reuse in client mode, application must save session
parameters
    (including tickets provided by the server if any) after successfull
connection
    and restore them before attemting to reconnect. Since `alctp_close()` free
the
    structure, it cannot be used to store the required information.
   
    So, two new API were added, directly wrapped to mbedTLS functions, allow
application
    to do that by itself.
   
    Also added full declaration of `struct altcp_tls_session` in altcp_tls.h
to allow
    easier usage in application when using mbedTLS port.

-   Ensure configuration is properly freed.





    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: mar. 15 oct. 2019 13:01:04 UTC  Name:
0001-altcp_tls_mbedtls-ensure-configuration-is-properly-f.patch  Size: 898o  
By: dgirault

<http://savannah.nongnu.org/patch/download.php?file_id=47686>
-------------------------------------------------------
Date: mar. 15 oct. 2019 13:01:04 UTC  Name:
0002-altcp_tls-support-for-saving-restoring-session-infor.patch  Size: 4kio  
By: dgirault

<http://savannah.nongnu.org/patch/download.php?file_id=47687>
-------------------------------------------------------
Date: mar. 15 oct. 2019 13:01:04 UTC  Name:
0003-altcp_tls-call-the-application-sent-callback-with-us.patch  Size: 6kio  
By: dgirault

<http://savannah.nongnu.org/patch/download.php?file_id=47688>
-------------------------------------------------------
Date: mar. 15 oct. 2019 13:01:04 UTC  Name:
0004-altcp_tls-use-ERR_CLSD-only-for-handshake-error.patch  Size: 2kio   By:
dgirault

<http://savannah.nongnu.org/patch/download.php?file_id=47689>

    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/patch/?9862>

_______________________________________________
  Message posté via Savannah
  https://savannah.nongnu.org/


_______________________________________________
lwip-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-devel
Reply | Threaded
Open this post in threaded view
|

[patch #9862] altcp_mbedtls: multiple fixes and session save/restore

David GIRAULT-2
Additional Item Attachment, patch #9862 (project lwip):

File name: 0005-altcp_tls-ensure-no-memory-leaks-and-entropy-counter.patch
Size:7 KB
   
<https://savannah.nongnu.org/file/0005-altcp_tls-ensure-no-memory-leaks-and-entropy-counter.patch?file_id=47690>



    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/patch/?9862>

_______________________________________________
  Message posté via Savannah
  https://savannah.nongnu.org/


_______________________________________________
lwip-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-devel