From 67820900af4fc6d290ac0d34939ae6dd91c3899d Mon Sep 17 00:00:00 2001 From: Juraj Andrassy Date: Fri, 10 May 2024 17:47:15 +0200 Subject: [PATCH 1/2] NetworkClientSecure made copyable --- .../src/NetworkClientSecure.cpp | 49 +++++++++---------- .../src/NetworkClientSecure.h | 7 +-- .../NetworkClientSecure/src/ssl_client.cpp | 2 +- .../NetworkClientSecure/src/ssl_client.h | 2 +- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp b/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp index 0ab7168ebab..4313362757d 100644 --- a/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp +++ b/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp @@ -32,8 +32,12 @@ NetworkClientSecure::NetworkClientSecure() { _connected = false; _timeout = 30000; // Same default as ssl_client - sslclient = new sslclient_context; - ssl_init(sslclient); + sslclient.reset(new sslclient_context, [](struct sslclient_context *sslclient) { + stop_ssl_socket(sslclient); + delete sslclient; + + }); + ssl_init(sslclient.get()); sslclient->socket = -1; sslclient->handshake_timeout = 120000; _use_insecure = false; @@ -53,8 +57,12 @@ NetworkClientSecure::NetworkClientSecure(int sock) { _lastReadTimeout = 0; _lastWriteTimeout = 0; - sslclient = new sslclient_context; - ssl_init(sslclient); + sslclient.reset(new sslclient_context, [](struct sslclient_context *sslclient) { + stop_ssl_socket(sslclient); + delete sslclient; + + }); + ssl_init(sslclient.get()); sslclient->socket = sock; sslclient->handshake_timeout = 120000; @@ -72,19 +80,10 @@ NetworkClientSecure::NetworkClientSecure(int sock) { } NetworkClientSecure::~NetworkClientSecure() { - stop(); - delete sslclient; -} - -NetworkClientSecure &NetworkClientSecure::operator=(const NetworkClientSecure &other) { - stop(); - sslclient->socket = other.sslclient->socket; - _connected = other._connected; - return *this; } void NetworkClientSecure::stop() { - stop_ssl_socket(sslclient, _CA_cert, _cert, _private_key); + stop_ssl_socket(sslclient.get()); _connected = false; _peek = -1; @@ -130,10 +129,10 @@ int NetworkClientSecure::connect(const char *host, uint16_t port, const char *CA } int NetworkClientSecure::connect(IPAddress ip, uint16_t port, const char *host, const char *CA_cert, const char *cert, const char *private_key) { - int ret = start_ssl_client(sslclient, ip, port, host, _timeout, CA_cert, _use_ca_bundle, cert, private_key, NULL, NULL, _use_insecure, _alpn_protos); + int ret = start_ssl_client(sslclient.get(), ip, port, host, _timeout, CA_cert, _use_ca_bundle, cert, private_key, NULL, NULL, _use_insecure, _alpn_protos); if (ret >= 0 && !_stillinPlainStart) { - ret = ssl_starttls_handshake(sslclient); + ret = ssl_starttls_handshake(sslclient.get()); } else { log_i("Actual TLS start postponed."); } @@ -153,7 +152,7 @@ int NetworkClientSecure::startTLS() { int ret = 1; if (_stillinPlainStart) { log_i("startTLS: starting TLS/SSL on this dplain connection"); - ret = ssl_starttls_handshake(sslclient); + ret = ssl_starttls_handshake(sslclient.get()); if (ret < 0) { log_e("startTLS: %d", ret); stop(); @@ -178,7 +177,7 @@ int NetworkClientSecure::connect(const char *host, uint16_t port, const char *ps return 0; } - int ret = start_ssl_client(sslclient, address, port, host, _timeout, NULL, false, NULL, NULL, pskIdent, psKey, _use_insecure, _alpn_protos); + int ret = start_ssl_client(sslclient.get(), address, port, host, _timeout, NULL, false, NULL, NULL, pskIdent, psKey, _use_insecure, _alpn_protos); _lastError = ret; if (ret < 0) { log_e("start_ssl_client: connect failed %d", ret); @@ -213,7 +212,7 @@ size_t NetworkClientSecure::write(const uint8_t *buf, size_t size) { } if (_stillinPlainStart) { - return send_net_data(sslclient, buf, size); + return send_net_data(sslclient.get(), buf, size); } if (_lastWriteTimeout != _timeout) { @@ -224,7 +223,7 @@ size_t NetworkClientSecure::write(const uint8_t *buf, size_t size) { _lastWriteTimeout = _timeout; } } - int res = send_ssl_data(sslclient, buf, size); + int res = send_ssl_data(sslclient.get(), buf, size); if (res < 0) { log_e("Closing connection on failed write"); stop(); @@ -235,7 +234,7 @@ size_t NetworkClientSecure::write(const uint8_t *buf, size_t size) { int NetworkClientSecure::read(uint8_t *buf, size_t size) { if (_stillinPlainStart) { - return get_net_receive(sslclient, buf, size); + return get_net_receive(sslclient.get(), buf, size); } if (_lastReadTimeout != _timeout) { @@ -268,7 +267,7 @@ int NetworkClientSecure::read(uint8_t *buf, size_t size) { buf++; peeked = 1; } - res = get_ssl_receive(sslclient, buf, size); + res = get_ssl_receive(sslclient.get(), buf, size); if (res < 0) { log_e("Closing connection on failed read"); @@ -280,14 +279,14 @@ int NetworkClientSecure::read(uint8_t *buf, size_t size) { int NetworkClientSecure::available() { if (_stillinPlainStart) { - return peek_net_receive(sslclient, 0); + return peek_net_receive(sslclient.get(), 0); } int peeked = (_peek >= 0), res = -1; if (!_connected) { return peeked; } - res = data_to_read(sslclient); + res = data_to_read(sslclient.get()); if (res < 0 && !_stillinPlainStart) { log_e("Closing connection on failed available check"); @@ -346,7 +345,7 @@ bool NetworkClientSecure::verify(const char *fp, const char *domain_name) { return false; } - return verify_ssl_fingerprint(sslclient, fp, domain_name); + return verify_ssl_fingerprint(sslclient.get(), fp, domain_name); } char *NetworkClientSecure::_streamLoad(Stream &stream, size_t size) { diff --git a/libraries/NetworkClientSecure/src/NetworkClientSecure.h b/libraries/NetworkClientSecure/src/NetworkClientSecure.h index 17240820b77..50520e072ef 100644 --- a/libraries/NetworkClientSecure/src/NetworkClientSecure.h +++ b/libraries/NetworkClientSecure/src/NetworkClientSecure.h @@ -24,10 +24,11 @@ #include "IPAddress.h" #include "Network.h" #include "ssl_client.h" +#include class NetworkClientSecure : public NetworkClient { protected: - sslclient_context *sslclient; + std::shared_ptr sslclient; int _lastError = 0; int _peek = -1; @@ -97,14 +98,14 @@ class NetworkClientSecure : public NetworkClient { return mbedtls_ssl_get_peer_cert(&sslclient->ssl_ctx); }; bool getFingerprintSHA256(uint8_t sha256_result[32]) { - return get_peer_fingerprint(sslclient, sha256_result); + return get_peer_fingerprint(sslclient.get(), sha256_result); }; int fd() const; operator bool() { return connected(); } - NetworkClientSecure &operator=(const NetworkClientSecure &other); + bool operator==(const bool value) { return bool() == value; } diff --git a/libraries/NetworkClientSecure/src/ssl_client.cpp b/libraries/NetworkClientSecure/src/ssl_client.cpp index fd0b8aa4eb8..b33782b71f2 100644 --- a/libraries/NetworkClientSecure/src/ssl_client.cpp +++ b/libraries/NetworkClientSecure/src/ssl_client.cpp @@ -344,7 +344,7 @@ int ssl_starttls_handshake(sslclient_context *ssl_client) { return ssl_client->socket; } -void stop_ssl_socket(sslclient_context *ssl_client, const char *rootCABuff, const char *cli_cert, const char *cli_key) { +void stop_ssl_socket(sslclient_context *ssl_client) { log_v("Cleaning SSL connection."); if (ssl_client->socket >= 0) { diff --git a/libraries/NetworkClientSecure/src/ssl_client.h b/libraries/NetworkClientSecure/src/ssl_client.h index 5690529c112..2309996bb14 100644 --- a/libraries/NetworkClientSecure/src/ssl_client.h +++ b/libraries/NetworkClientSecure/src/ssl_client.h @@ -34,7 +34,7 @@ int start_ssl_client( const char *cli_cert, const char *cli_key, const char *pskIdent, const char *psKey, bool insecure, const char **alpn_protos ); int ssl_starttls_handshake(sslclient_context *ssl_client); -void stop_ssl_socket(sslclient_context *ssl_client, const char *rootCABuff, const char *cli_cert, const char *cli_key); +void stop_ssl_socket(sslclient_context *ssl_client); int data_to_read(sslclient_context *ssl_client); int send_ssl_data(sslclient_context *ssl_client, const uint8_t *data, size_t len); int get_ssl_receive(sslclient_context *ssl_client, uint8_t *data, int length); From ada18107d0828556ecdd810dcbaa22d79c5bc309 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci-lite[bot]" <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 14:22:46 +0000 Subject: [PATCH 2/2] ci(pre-commit): Apply automatic fixes --- libraries/NetworkClientSecure/src/NetworkClientSecure.cpp | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp b/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp index 4313362757d..1dc2e75bbce 100644 --- a/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp +++ b/libraries/NetworkClientSecure/src/NetworkClientSecure.cpp @@ -35,7 +35,6 @@ NetworkClientSecure::NetworkClientSecure() { sslclient.reset(new sslclient_context, [](struct sslclient_context *sslclient) { stop_ssl_socket(sslclient); delete sslclient; - }); ssl_init(sslclient.get()); sslclient->socket = -1; @@ -60,7 +59,6 @@ NetworkClientSecure::NetworkClientSecure(int sock) { sslclient.reset(new sslclient_context, [](struct sslclient_context *sslclient) { stop_ssl_socket(sslclient); delete sslclient; - }); ssl_init(sslclient.get()); sslclient->socket = sock; @@ -79,8 +77,7 @@ NetworkClientSecure::NetworkClientSecure(int sock) { _alpn_protos = NULL; } -NetworkClientSecure::~NetworkClientSecure() { -} +NetworkClientSecure::~NetworkClientSecure() {} void NetworkClientSecure::stop() { stop_ssl_socket(sslclient.get());