circuitpython/ports/espressif/common-hal/ssl/SSLSocket.c

173 lines
6.8 KiB
C

/*
* This file is part of the MicroPython project, http://micropython.org/
*
* The MIT License (MIT)
*
* Copyright (c) 2020 Scott Shawcroft for Adafruit Industries
* Copyright (c) 2021 Lucian Copeland for Adafruit Industries
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
#include "shared-bindings/ssl/SSLSocket.h"
#include "shared-bindings/socketpool/Socket.h"
#include "shared-bindings/ssl/SSLContext.h"
#include "bindings/espidf/__init__.h"
#include "shared/runtime/interrupt_char.h"
#include "py/mperrno.h"
#include "py/runtime.h"
#include "supervisor/shared/tick.h"
ssl_sslsocket_obj_t *common_hal_ssl_sslsocket_accept(ssl_sslsocket_obj_t *self,
uint8_t *ip, uint32_t *port) {
socketpool_socket_obj_t *sock = common_hal_socketpool_socket_accept(self->sock, ip, port);
ssl_sslsocket_obj_t *sslsock = common_hal_ssl_sslcontext_wrap_socket(self->ssl_context, sock, false, NULL);
return sslsock;
}
bool common_hal_ssl_sslsocket_bind(ssl_sslsocket_obj_t *self,
const char *host, size_t hostlen, uint32_t port) {
return common_hal_socketpool_socket_bind(self->sock, host, hostlen, port);
}
void common_hal_ssl_sslsocket_close(ssl_sslsocket_obj_t *self) {
common_hal_socketpool_socket_close(self->sock);
esp_tls_conn_destroy(self->tls);
self->tls = NULL;
}
void common_hal_ssl_sslsocket_connect(ssl_sslsocket_obj_t *self,
const char *host, size_t hostlen, uint32_t port) {
int result = esp_tls_conn_new_sync(host, hostlen, port, &self->ssl_config, self->tls);
self->sock->connected = result >= 0;
if (result < 0) {
int esp_tls_code;
int flags;
esp_err_t err = esp_tls_get_and_clear_last_error(self->tls->error_handle, &esp_tls_code, &flags);
if (err == ESP_ERR_MBEDTLS_SSL_SETUP_FAILED) {
mp_raise_espidf_MemoryError();
} else if (err == ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED) {
mp_raise_OSError_msg_varg(translate("Failed SSL handshake"));
} else {
mp_raise_OSError_msg_varg(translate("Unhandled ESP TLS error %d %d %x %d"), esp_tls_code, flags, err, result);
}
} else {
// Connection successful, set the timeout on the underlying socket. We can't rely on the IDF
// to do it because the config structure is only used for TLS connections. Generally, we
// shouldn't hit this timeout because we try to only read available data. However, there is
// always a chance that we try to read something that is used internally.
int fd;
esp_tls_get_conn_sockfd(self->tls, &fd);
struct timeval tv;
tv.tv_sec = 2 * 60; // Two minutes
tv.tv_usec = 0;
setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv));
setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv));
}
}
bool common_hal_ssl_sslsocket_get_closed(ssl_sslsocket_obj_t *self) {
return self->tls == NULL && self->sock->num < 0;
}
bool common_hal_ssl_sslsocket_get_connected(ssl_sslsocket_obj_t *self) {
return self->sock->connected;
}
bool common_hal_ssl_sslsocket_listen(ssl_sslsocket_obj_t *self, int backlog) {
return common_hal_socketpool_socket_listen(self->sock, backlog);
}
mp_uint_t common_hal_ssl_sslsocket_recv_into(ssl_sslsocket_obj_t *self, uint8_t *buf, uint32_t len) {
int received = 0;
bool timed_out = false;
int status = 0;
uint64_t start_ticks = supervisor_ticks_ms64();
int sockfd;
esp_err_t err = esp_tls_get_conn_sockfd(self->tls, &sockfd);
if (err != ESP_OK) {
mp_raise_OSError(MP_EBADF);
}
while (received == 0 &&
status >= 0 &&
!timed_out &&
!mp_hal_is_interrupted()) {
if (self->sock->timeout_ms != (uint)-1 && self->sock->timeout_ms != 0) {
timed_out = self->sock->timeout_ms == 0 || supervisor_ticks_ms64() - start_ticks >= self->sock->timeout_ms;
}
RUN_BACKGROUND_TASKS;
size_t available = esp_tls_get_bytes_avail(self->tls);
if (available == 0) {
// This reads the raw socket buffer and is used for non-TLS connections
// and between encrypted TLS blocks.
status = lwip_ioctl(sockfd, FIONREAD, &available);
}
size_t remaining = len - received;
if (available > remaining) {
available = remaining;
}
if (available > 0) {
status = esp_tls_conn_read(self->tls, (void *)buf + received, available);
if (status == 0) {
// Reading zero when something is available indicates a closed
// connection. (The available bytes could have been TLS internal.)
break;
}
if (status > 0) {
received += status;
}
}
// In non-blocking mode, fail instead of timing out
if (received == 0 && self->sock->timeout_ms == 0) {
mp_raise_OSError(MP_EAGAIN);
}
}
if (timed_out) {
mp_raise_OSError(ETIMEDOUT);
}
return received;
}
mp_uint_t common_hal_ssl_sslsocket_send(ssl_sslsocket_obj_t *self, const uint8_t *buf, uint32_t len) {
int sent = -1;
sent = esp_tls_conn_write(self->tls, buf, len);
if (sent < 0) {
int esp_tls_code;
int flags;
esp_err_t err = esp_tls_get_and_clear_last_error(self->tls->error_handle, &esp_tls_code, &flags);
if (err == ESP_ERR_MBEDTLS_SSL_SETUP_FAILED) {
mp_raise_espidf_MemoryError();
} else if (err == ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED) {
mp_raise_OSError_msg_varg(translate("Failed SSL handshake"));
} else {
mp_raise_OSError_msg_varg(translate("Unhandled ESP TLS error %d %d %x %d"), esp_tls_code, flags, err, sent);
}
}
return sent;
}
void common_hal_ssl_sslsocket_settimeout(ssl_sslsocket_obj_t *self, uint32_t timeout_ms) {
self->sock->timeout_ms = timeout_ms;
}