25 Commits

Author SHA1 Message Date
Paul Sokolovsky
c76445315f extmod/modussl_axtls: Add non-blocking mode support.
It consists of:

1. "do_handhake" param (default True) to wrap_socket(). If it's False,
handshake won't be performed by wrap_socket(), as it would be done in
blocking way normally. Instead, SSL socket can be set to non-blocking mode,
and handshake would be performed before the first read/write request (by
just returning EAGAIN to these requests, while instead reading/writing/
processing handshake over the connection). Unfortunately, axTLS doesn't
really support non-blocking handshake correctly. So, while framework for
this is implemented on MicroPython's module side, in case of axTLS, it
won't work reliably.

2. Implementation of .setblocking() method. It must be called on SSL socket
for blocking vs non-blocking operation to be handled correctly (for
example, it's not enough to wrap non-blocking socket with wrap_socket()
call - resulting SSL socket won't be itself non-blocking).  Note that
.setblocking() propagates call to the underlying socket object, as
expected.
2019-04-30 17:26:37 +10:00
Damien George
206c65f22c extmod/modussl_axtls: Use MP_ROM_PTR for objects in allowed args array. 2018-08-14 21:47:07 +10:00
Damien George
7a67f057d7 extmod/modussl: Support polling in ussl objects by passing through ioctl
The underlying socket can handling polling, and any other transparent ioctl
requests.  Note that CPython handles the case of polling an ssl object by
polling the file descriptor of the underlying socket file, and that
behaviour is emulated here.
2018-07-20 13:05:04 +10:00
Damien George
d11fb09333 extmod/modussl_axtls: Fix __del__ to point to mp_stream_close_obj. 2018-06-13 13:16:21 +10:00
Damien George
cf31d384f1 py/stream: Switch stream close operation from method to ioctl.
This patch moves the implementation of stream closure from a dedicated
method to the ioctl of the stream protocol, for each type that implements
closing.  The benefits of this are:

1. Rounds out the stream ioctl function, which already includes flush,
   seek and poll (among other things).

2. Makes calling mp_stream_close() on an object slightly more efficient
   because it now no longer needs to lookup the close method and call it,
   rather it just delegates straight to the ioctl function (if it exists).

3. Reduces code size and allows future types that implement the stream
   protocol to be smaller because they don't need a dedicated close method.

Code size reduction is around 200 bytes smaller for x86 archs and around
30 bytes smaller for the bare-metal archs.
2018-04-10 13:41:32 +10:00
Damien George
e511f24ddd extmod/modussl_axtls: Implement key and cert kw args to wrap_socket.
The key and cert must both be a str/bytes object in DER format.
2017-11-24 15:50:40 +11:00
Paul Sokolovsky
1cf6d488b3 extmod/modussl_axtls: Typo fix in comment. 2017-11-02 00:16:03 +02:00
Paul Sokolovsky
0719c936fb extmod/modussl_axtls: socket_read: Handle EAGAIN.
If SSL_EAGAIN is returned (which is a feature of MicroPython's axTLS fork),
return EAGAIN.

Original axTLS returns SSL_OK both when there's no data to return to user
yet and when the underlying stream returns EAGAIN. That's not distinctive
enough, for example, original module code works well for blocking stream,
but will infinite-loop for non-blocking socket with EAGAIN. But if we fix
non-blocking case, blocking calls to .read() will return few None's initially
(while axTLS progresses thru handshake).

Using SSL_EAGAIN allows to fix non-blocking case without regressing the
blocking one.

Note that this only handles case of non-blocking reads of application data.
Initial handshake and writes still don't support non-blocking mode and must
be done in the blocking way.
2017-11-02 00:14:11 +02:00
Eric Poulsen
74ec52d857 extmod/modussl: Add finaliser support for ussl objects.
Per the comment found here
https://github.com/micropython/micropython-esp32/issues/209#issuecomment-339855157,
this patch adds finaliser code to prevent memory leaks from ussl objects,
which is especially useful when memory for a ussl context is allocated
outside the uPy heap.  This patch is in-line with the finaliser code found
in many modsocket implementations for various ports.

This feature is configured via MICROPY_PY_USSL_FINALISER and is disabled by
default because there may be issues using it when the ussl state *is*
allocated on the uPy heap, rather than externally.
2017-10-30 15:25:32 +11:00
Damien George
f4059dcc0c all: Use NULL instead of "" when calling mp_raise exception helpers.
This is the established way of doing it and reduces code size by a little
bit.
2017-10-24 22:39:36 +11:00
Damien George
a3dc1b1957 all: Remove inclusion of internal py header files.
Header files that are considered internal to the py core and should not
normally be included directly are:
    py/nlr.h - internal nlr configuration and declarations
    py/bc0.h - contains bytecode macro definitions
    py/runtime0.h - contains basic runtime enums

Instead, the top-level header files to include are one of:
    py/obj.h - includes runtime0.h and defines everything to use the
        mp_obj_t type
    py/runtime.h - includes mpstate.h and hence nlr.h, obj.h, runtime0.h,
        and defines everything to use the general runtime support functions

Additional, specific headers (eg py/objlist.h) can be included if needed.
2017-10-04 12:37:50 +11:00
Javier Candeira
35a1fea90b all: Raise exceptions via mp_raise_XXX
- Changed: ValueError, TypeError, NotImplementedError
  - OSError invocations unchanged, because the corresponding utility
    function takes ints, not strings like the long form invocation.
  - OverflowError, IndexError and RuntimeError etc. not changed for now
    until we decide whether to add new utility functions.
2017-08-13 22:52:33 +10:00
Alexander Steffen
55f33240f3 all: Use the name MicroPython consistently in comments
There were several different spellings of MicroPython present in comments,
when there should be only one.
2017-07-31 18:35:40 +10:00
Damien George
aa7be82a4d all: Don't include system errno.h when it's not needed. 2017-07-24 18:43:14 +10:00
Paul Sokolovsky
4368ae3142 extmod/modussl_axtls: Allow to close ssl stream multiple times.
Make sure that 2nd close has no effect and operations on closed streams
are handled properly.
2017-07-20 00:20:53 +03:00
Paul Sokolovsky
82b9915b34 extmod/modussl_axtls: Implement server_hostname arg to wrap_socket().
As enabled by SNI support in axTLS v2+.
2017-06-14 01:01:12 +03:00
Paul Sokolovsky
75c3f2a7ab extmod/modussl_axtls: Update for axTLS 2.1.3.
ssl_client_new() accepts new SSL_EXTENSIONS* argument.
2017-06-13 17:41:46 +03:00
Paul Sokolovsky
59a1201da9 all: Remove readall() method, which is equivalent to read() w/o args.
Its addition was due to an early exploration on how to add CPython-like
stream interface. It's clear that it's not needed and just takes up
bytes in all ports.
2016-11-14 00:24:22 +03:00
Damien George
75af908c0e extmod: Use mp_raise_OSError helper function. 2016-10-07 13:52:14 +11:00
Damien George
93c4a6a3f7 all: Remove 'name' member from mp_obj_module_t struct.
One can instead lookup __name__ in the modules dict to get the value.
2016-09-22 00:23:16 +10:00
Paul Sokolovsky
4f1b0292db py/stream: Add adapter methods with POSIX-compatible signatures.
Previoussly such read() and write() methods were used by modussl_axtls,
move to py/stream for reuse.
2016-07-30 00:25:06 +03:00
Paul Sokolovsky
a53e0e59f3 extmod/modussl_axtls: Use mp_stream_close() method. 2016-07-23 00:38:56 +03:00
Paul Sokolovsky
780114e398 extmod/modussl_axtls: Add dummy setblocking() method.
Accepts only value of True.
2016-07-15 01:05:06 +03:00
Paul Sokolovsky
20283aec10 extmod/modussl_axtls: Further changes to allow alternative SSL modules.
Make variable MICROPY_SSL_AXTLS=1 should be defined to activate modussl_axtls
and link with -laxtls.
2016-07-13 01:49:38 +03:00
Paul Sokolovsky
e32d1e17bb extmod/modussl: Rename to modussl_axtls.c, to allow impl using other SSL libs. 2016-07-13 01:35:59 +03:00