GitHub/paho.mqtt-sn.embedded-c
1
0
Fork 0
mirror of https://github.com/eclipse/paho.mqtt-sn.embedded-c.git synced 2025-12-15 16:36:52 +01:00
Code Issues Projects Releases Wiki Activity

Bugfix of DTLS6 #241

Browse Source 
This fix doesn't work on OpenSSL version 1.1.1 11.sep 2018
Upgrade to version 1.1.1k 25 Mar. 2021

Signed-off-by: tomoaki <tomoaki@tomy-tech.com>
This commit is contained in:
tomoaki
2021-08-05 13:18:01 +09:00
parent a136f50c75
commit 4dcfa98303
19 changed files with 285 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
MQTTSNGateway/GatewayTester/Makefile
View File

@@ -40,14 +40,14 @@ $(SUBDIR)/Util.cpp \
CXX := g++
CPPFLAGS +=
INCLUDES += -I$(SUBDIR)
INCLUDES += -I$(SUBDIR) -I/usr/local/opt/openssl/include
DEF1 :=
DEF2 :=
DEFS := -D$(SN) $(DEF1) $(DEF2)
LIBS += -L/usr/local/lib -L/usr/local/opt/openssl
LIBS += -L/usr/local/lib -L/usr/local/opt/openssl/lib
LDFLAGS :=
CXXFLAGS := -Wall -O3 -std=c++11
LDADD := -lbluetooth -lssl -lcrypto
LDADD := -lssl -lcrypto $(LDADDBLT)
OUTDIR := Build
PROG := $(OUTDIR)/$(PROGTEST)

3
MQTTSNGateway/GatewayTester/build.sh
View File

@@ -8,6 +8,7 @@ if [ $1 == "udp" ] ; then
elif [ $1 == "udp6" ] ; then
make SN=UDP6 $DEF1 $DEF2
elif [ $1 == "rfcomm" ] ; then
export LDADDBLT=-lbluetooth
make SN=RFCOMM $DEF1 $DEF2
elif [ $1 == "dtls" ] ; then
make SN=DTLS $DEF1 $DEF2
@@ -16,7 +17,7 @@ elif [ $1 == "dtls6" ] ; then
elif [ $1 == "clean" ] ; then
make clean
else
echo "Usage: build.sh [ udp | udp6 | rfcomm | dtls | dtls6] | clean"
echo "Usage: build.sh [ udp | udp6 | rfcomm | dtls | dtls6 | clean]"
fi

2
MQTTSNGateway/GatewayTester/samples/mainTest.cpp
View File

@@ -52,7 +52,7 @@ extern LScreen* theScreen;
* UDP,DTLS Configuration (theNetcon)
*------------------------------------------------------*/
UDPCONF = { "GatewayTestClient", // ClientId
{ 225, 1, 1, 1 }, // Multicast group IP
{ 225, 1, 1, 1 }, // Multicast group IP
1883, // Multicast group Port
20020, // Local PortNo
};

4
MQTTSNGateway/GatewayTester/src/LGwProxy.cpp
View File

@@ -207,12 +207,12 @@ int LGwProxy::getConnectResponce(void)
if (_network.sslConnect() > 0)
{
_status = GW_CONNECTING;
DISPLAY("\033[0m\033[0;32m\n\nLGwProxy::getConnectResponce SSL connection established.\033[0m\033[0;37m\n\n");
DISPLAY("\033[0m\033[0;32m\n\nLGwProxy::getConnectResponce DTLS connection established.\033[0m\033[0;37m\n\n");
break;
}
else
{
DISPLAY("\033[0m\033[0;32m\n\nLGwProxy::getConnectResponce SSL connection failed.\033[0m\033[0;37m\n\n");
DISPLAY("\033[0m\033[0;32m\n\nLGwProxy::getConnectResponce DTLS connection failed.\033[0m\033[0;37m\n\n");
}
}
#else

6
MQTTSNGateway/GatewayTester/src/LMqttsnClientApp.h
View File

@@ -252,11 +252,11 @@ typedef enum
/*=================================
* Starting prompt
==================================*/
#define TESTER_VERSION " * Version: 2.0.0"
#define TESTER_VERSION " * Version: 2.1.0"
#define PAHO_COPYRIGHT0 " * MQTT-SN Gateway Tester"
#define PAHO_COPYRIGHT0 " * "
#define PAHO_COPYRIGHT1 " * Part of Project Paho in Eclipse"
#define PAHO_COPYRIGHT2 " * (http://git.eclipse.org/c/paho/org.eclipse.paho.mqtt-sn.embedded-c.git/)"
#define PAHO_COPYRIGHT2 " * (https://github.com/eclipse/paho.mqtt-sn.embedded-c.git)"
#define PAHO_COPYRIGHT3 " * Author : Tomoaki YAMAGUCHI"
#define PAHO_COPYRIGHT4 " ***************************************************************************"

5
MQTTSNGateway/GatewayTester/src/LNetworkDtls.cpp
View File

@@ -224,7 +224,6 @@ bool LDtlsPort::open(LUdpConfig *config)
if (setsockopt(_sockfdMcast, IPPROTO_IP, IP_MULTICAST_LOOP, &optval, sizeof(optval)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror IP_MULTICAST_LOOP in LDtlsPort::open\033[0m\033[0;37m\n");
DISPLAY("\033[0m\033[0;31m\nerror IP_MULTICAST_LOOP in LDtlsPort::open\033[0m\033[0;37m\n");
close();
return false;
}
@@ -236,7 +235,6 @@ bool LDtlsPort::open(LUdpConfig *config)
if (setsockopt(_sockfdMcast, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror IP_ADD_MEMBERSHIP in LDtlsPort::open\033[0m\033[0;37m\n");
DISPLAY("\033[0m\033[0;31m\nerror IP_ADD_MEMBERSHIP in LDtlsPort::open\033[0m\033[0;37m\n");
close();
return false;
}
@@ -256,7 +254,6 @@ int LDtlsPort::unicast(const uint8_t *buf, uint32_t length)
{
int rc = 0;
SSL_get_error(_ssl, rc);
D_NWLOG("errno == %d in LDtlsPort::unicast\n", rc);
DISPLAY("errno == %d in LDtlsPort::unicast\n", rc);
}
else
@@ -386,7 +383,7 @@ bool LDtlsPort::checkRecvBuf()
return true;
}
}
_castStat = 0;
_castStat = STAT_NONE;
return false;
}

7
MQTTSNGateway/GatewayTester/src/LNetworkDtls.h
View File

@@ -36,13 +36,14 @@
#define SOCKET_MAXRECV 500
#define SOCKET_MAXBUFFER_LENGTH 500 // buffer size
#define STAT_UNICAST 1
#define STAT_MULTICAST 2
#define STAT_SSL 3
using namespace std;
namespace linuxAsyncClient {
#define STAT_NONE 0
#define STAT_UNICAST 1
#define STAT_MULTICAST 2
#define STAT_SSL 3
/*========================================
Class LDtlsPort
=======================================*/

179
MQTTSNGateway/GatewayTester/src/LNetworkDtls6.cpp
View File

@@ -75,8 +75,8 @@ uint8_t* LNetwork::getMessage(int *len)
if (checkRecvBuf())
{
uint16_t recvLen = LDtls6Port::recv(_rxDataBuf, MQTTSN_MAX_PACKET_SIZE, false, &_ipAddress, &_portNo);
int diffAddr = memcmp(_ipAddress.s6_addr, _gwIpAddress.s6_addr, sizeof(_gwIpAddress.s6_addr));
if (isUnicast() && diffAddr && (_portNo != _gwPortNo))
int addrFlg = memcmp(_ipAddress.s6_addr, _gwIpAddress.s6_addr, sizeof(_gwIpAddress.s6_addr));
if (isUnicast() && addrFlg && (_portNo != _gwPortNo))
{
return 0;
}
@@ -141,11 +141,14 @@ int LNetwork::sslConnect(void)
LDtls6Port::LDtls6Port()
{
_disconReq = false;
memset(_pollfds, 0, sizeof(_pollfds));
_sock = 0;
_castStat = 0;
_castStat = STAT_NONE;
_ifIndex = 0;
_gIpAddrStr = NULL;
_gIpAddrStr = nullptr;
_sockfdMcast = 0;
_sockfdSsl = 0;
_ctx = nullptr;
_ssl = nullptr;
_gPortNo = _uPortNo = 0;
}
LDtls6Port::~LDtls6Port()
@@ -159,12 +162,14 @@ LDtls6Port::~LDtls6Port()
void LDtls6Port::close()
{
for (int i = 0; i < 2; i++)
if (_sockfdMcast > 0)
{
if (_pollfds[i].fd > 0)
::close(_sockfdMcast);
_sockfdMcast = 0;
if (_sockfdSsl > 0)
{
::close(_pollfds[i].fd);
_pollfds[i].fd = 0;
::close(_sockfdSsl);
_sockfdSsl = 0;
}
}
}
@@ -172,7 +177,6 @@ void LDtls6Port::close()
bool LDtls6Port::open(LUdp6Config *config)
{
int optval = 1;
int sock = 0;
sockaddr_in6 addr6;
char errmsg[256];
@@ -205,22 +209,22 @@ bool LDtls6Port::open(LUdp6Config *config)
}
/* create a multicast socket */
sock = socket(AF_INET6, SOCK_DGRAM, 0);
if (sock < 0)
_sockfdMcast = socket(AF_INET6, SOCK_DGRAM, 0);
if (_sockfdMcast < 0)
{
return false;
}
optval = 1;
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &optval, sizeof(optval));
setsockopt(_sockfdMcast, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
setsockopt(_sockfdMcast, IPPROTO_IPV6, IPV6_V6ONLY, &optval, sizeof(optval));
memset(&addr6, 0, sizeof(addr6));
addr6.sin6_family = AF_INET6;
addr6.sin6_port = _gPortNo;
addr6.sin6_addr = in6addr_any;
if (::bind(sock, (sockaddr*) &addr6, sizeof(addr6)) < 0)
if (::bind(_sockfdMcast, (sockaddr*) &addr6, sizeof(addr6)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror %s ::bind() in Udp6Port::open\033[0m\033[0;37m\n", strerror(errno));
return false;
@@ -229,21 +233,21 @@ bool LDtls6Port::open(LUdp6Config *config)
ipv6_mreq addrm;
addrm.ipv6mr_interface = _ifIndex;
inet_pton(AF_INET6, config->ipAddress, &addrm.ipv6mr_multiaddr);
if (setsockopt(sock, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &addrm, sizeof(addrm)) < 0)
if (setsockopt(_sockfdMcast, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &addrm, sizeof(addrm)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror %s IPV6_ADD_MEMBERSHIP in Udp6Port::open\033[0m\033[0;37m\n", strerror(errno));
close();
return false;
}
optval = 0;
if (setsockopt(sock, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &optval, sizeof(optval)) < 0)
optval = 1;
if (setsockopt(_sockfdMcast, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &optval, sizeof(optval)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror %s IPV6_MULTICAST_LOOP in Udp6Port::open\033[0m\033[0;37m\n", strerror(errno));
close();
return false;
}
_pollfds[1].fd = sock;
_pollfds[1].events = POLLIN;
_gIpAddr.sin6_family = AF_INET6;
_gIpAddr.sin6_port = _gPortNo;
memcpy(&_gIpAddr.sin6_addr, (const void*) &addrm.ipv6mr_multiaddr, sizeof(addrm.ipv6mr_multiaddr));
@@ -253,7 +257,7 @@ bool LDtls6Port::open(LUdp6Config *config)
bool LDtls6Port::isUnicast()
{
return (_sock == _pollfds[0].fd && _sock > 0);
return (_castStat == STAT_UNICAST);
}
int LDtls6Port::unicast(const uint8_t *buf, uint32_t length)
@@ -267,11 +271,13 @@ int LDtls6Port::unicast(const uint8_t *buf, uint32_t length)
}
else
{
D_NWLOG("sendto gateway via DTLS ");
D_NWLOG("sendto gateway via DTLS6 ");
for (uint16_t i = 0; i < length; i++)
{
D_NWLOG(" %02x", *(buf + i));
}D_NWLOG("\n");
}
D_NWLOG("\n");
if (!theClientMode)
{
@@ -299,12 +305,12 @@ int LDtls6Port::multicast(const uint8_t *buf, uint32_t length)
{
char sbuf[SCREEN_BUFF_SIZE];
char portStr[8];
sprintf(portStr, "%d", ntohs(_gPortNo));
sprintf(portStr, "%d", ntohs(_gIpAddr.sin6_port));
int status = ::sendto(_pollfds[1].fd, buf, length, 0, (sockaddr*) &_gIpAddr, sizeof(_gIpAddr));
int status = ::sendto(_sockfdMcast, buf, length, 0, (sockaddr*) &_gIpAddr, sizeof(_gIpAddr));
if (status < 0)
{
D_NWLOG("multicast to [%s]:%-6s ", _gIpAddrStr, portStr);D_NWLOG("\033[0m\033[0;31merrno = %d %s in Udp6Port::multicast\033[0m\033[0;37m\n", errno, strerror(errno));
DISPLAY("\033[0m\033[0;31merrno == %d in LDtls6Port::multicast\033[0m\033[0;37m\n", errno);
return errno;
}
else
@@ -313,7 +319,9 @@ int LDtls6Port::multicast(const uint8_t *buf, uint32_t length)
for (uint16_t i = 0; i < length; i++)
{
D_NWLOG(" %02x", *(buf + i));
}D_NWLOG("\n");
}
D_NWLOG("\n");
if (!theClientMode)
{
@@ -339,32 +347,52 @@ int LDtls6Port::multicast(const uint8_t *buf, uint32_t length)
bool LDtls6Port::checkRecvBuf()
{
timeval timeout;
timeout.tv_sec = 0;
timeout.tv_usec = 50000; // 50 msec
uint8_t buf[2];
fd_set recvfds;
int maxSock = 0;
int cnt = poll(_pollfds, 2, 2000); // Timeout 2secs
if (cnt == 0)
FD_ZERO(&recvfds);
if (_sockfdMcast)
{
return false;
FD_SET(_sockfdMcast, &recvfds);
}
if (_sockfdSsl)
{
FD_SET(_sockfdSsl, &recvfds);
}
if (_pollfds[0].revents & POLLIN)
if (_sockfdMcast > _sockfdSsl)
{
if (::recv(_pollfds[0].fd, buf, 1, MSG_DONTWAIT | MSG_PEEK) > 0)
{
_castStat = STAT_SSL;
_sock = _pollfds[0].fd;
return true;
}
maxSock = _sockfdMcast;
}
else if (_pollfds[1].revents & POLLIN)
else
{
if (::recv(_pollfds[1].fd, buf, 1, MSG_DONTWAIT | MSG_PEEK) > 0)
maxSock = _sockfdSsl;
}
select(maxSock + 1, &recvfds, 0, 0, &timeout);
if (FD_ISSET(_sockfdMcast, &recvfds))
{
if (::recv(_sockfdMcast, buf, 1, MSG_DONTWAIT | MSG_PEEK) > 0)
{
_castStat = STAT_MULTICAST;
_sock = _pollfds[1].fd;
return true;
}
}
else if (FD_ISSET(_sockfdSsl, &recvfds))
{
if (::recv(_sockfdSsl, buf, 1, MSG_DONTWAIT | MSG_PEEK) > 0)
{
_castStat = STAT_SSL;
return true;
}
}
_castStat = STAT_NONE;
return false;
}
@@ -393,7 +421,7 @@ int LDtls6Port::recvfrom(uint8_t *buf, uint16_t length, int flags, in6_addr *ipA
else if (_castStat == STAT_MULTICAST)
{
D_NWLOG("Mcast ");
status = ::recvfrom(_sock, buf, length, flags, (sockaddr*) &sender, &addrlen);
status = ::recvfrom(_sockfdMcast, buf, length, flags, (sockaddr*) &sender, &addrlen);
}
else
{
@@ -445,63 +473,82 @@ int LDtls6Port::recvfrom(uint8_t *buf, uint16_t length, int flags, in6_addr *ipA
return status;
}
int LDtls6Port::sslConnect(in6_addr ipAddress, uint16_t portNo)
int LDtls6Port::sslConnect(in6_addr ipAddress, in_port_t portNo)
{
int optval = 1;
int sock = _pollfds[0].fd;
if (_ssl != 0)
{
D_NWLOG("LDtls6Port::sslConnect SSL exists.\n");
SSL_shutdown(_ssl);
SSL_free(_ssl);
_sockfdSsl = 0;
_ssl = 0;
}
if (sock > 0)
if (_sockfdSsl > 0)
{
::close(sock);
D_NWLOG("LDtls6Port::sslConnect socket exists.\n");
::close(_sockfdSsl);
}
sock = socket(AF_INET6, SOCK_DGRAM, 0);
if (sock <= 0)
_sockfdSsl = socket(AF_INET6, SOCK_DGRAM, 0);
if (_sockfdSsl <= 0)
{
D_NWLOG("LDtls6Port::sslConnect Can't create a socket\n");
return -1;
}
optval = 1;
setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &optval, sizeof(optval));
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR || SO_REUSEPORT, &optval, sizeof(optval));
setsockopt(_sockfdSsl, IPPROTO_IPV6, IPV6_V6ONLY, &optval, sizeof(optval));
setsockopt(_sockfdSsl, SOL_SOCKET, SO_REUSEADDR || SO_REUSEPORT, &optval, sizeof(optval));
if (_ifIndex > 0)
{
#ifdef __APPLE__
setsockopt(sock, IPPROTO_IP, IP_BOUND_IF, &_ifIndex, sizeof(_ifIndex));
setsockopt(_sockfdSsl, IPPROTO_IP, IP_BOUND_IF, &_ifIndex, sizeof(_ifIndex));
#else
setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, _interfaceName.c_str(), _interfaceName.size());
setsockopt(_sockfdSsl, SOL_SOCKET, SO_BINDTODEVICE, _interfaceName.c_str(), _interfaceName.size());
#endif
}
struct sockaddr_in6 addr;
sockaddr_in6 addr;
addr.sin6_family = AF_INET6;
addr.sin6_port = _uPortNo;
addr.sin6_addr = in6addr_any;
if (::bind(sock, (struct sockaddr*) &addr, sizeof(addr)) < 0)
if (::bind(_sockfdSsl, (struct sockaddr*) &addr, sizeof(addr)) < 0)
{
::close(_sockfdSsl);
D_NWLOG("LDtlsPort::sslConnect Can't bind a socket\n");
return -1;
}
_pollfds[0].fd = sock;
_pollfds[0].events = POLLIN;
uint16_t listenPort = htons(portNo);
struct sockaddr_in6 dest;
// Destination is a gateway address and portNo
int rc = 0;
sockaddr_in6 dest;
dest.sin6_family = AF_INET6;
dest.sin6_port = htons(listenPort);
dest.sin6_port = portNo;
memcpy(dest.sin6_addr.s6_addr, (const void*) ipAddress.s6_addr, sizeof(ipAddress.s6_addr));
int rc = 0;
BIO *cbio = BIO_new_dgram(_sockfdSsl, BIO_NOCLOSE);
if (connect(_sockfdSsl, (sockaddr*) &dest, sizeof(sockaddr_in6)) < 0)
{
D_NWLOG("socket can't connect %s\n",strerror(errno));
return -1;
}
if (BIO_ctrl(cbio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, &dest) <0)
{
D_NWLOG("BIO_ctrl %s\n",strerror(errno));
return -1;
}
BIO *cbio = BIO_new_dgram(sock, BIO_NOCLOSE);
connect(sock, (sockaddr*) &dest, sizeof(sockaddr_in6));
BIO_ctrl(cbio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, &dest);
_ssl = SSL_new(_ctx);
if (_ssl == nullptr)
{
D_NWLOG("SSL_new %s\n",strerror(errno));
return -1;
}
SSL_set_bio(_ssl, cbio, cbio);
#ifdef DEBUG_NW
@@ -510,7 +557,12 @@ int LDtls6Port::sslConnect(in6_addr ipAddress, uint16_t portNo)
D_NWLOG("connect to %-15s:%-6u\n", addrBuf, ntohs(dest.sin6_port));
#endif
timeval timeout;
timeout.tv_sec = 5;
timeout.tv_usec = 0;
BIO_ctrl(cbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
errno = 0;
int stat = SSL_connect(_ssl);
if (stat != 1)
{
@@ -519,6 +571,7 @@ int LDtls6Port::sslConnect(in6_addr ipAddress, uint16_t portNo)
}
else
{
rc = 1;
D_NWLOG("SSL connected\n");
}
return rc;

5
MQTTSNGateway/GatewayTester/src/LNetworkDtls6.h
View File

@@ -37,6 +37,7 @@
#define SOCKET_MAXRECV 500
#define SOCKET_MAXBUFFER_LENGTH 500 // buffer size
#define STAT_NONE 0
#define STAT_UNICAST 1
#define STAT_MULTICAST 2
#define STAT_SSL 3
@@ -68,9 +69,10 @@ private:
void close();
int recvfrom ( uint8_t* buf, uint16_t len, int flags, in6_addr* ipaddress, in_port_t* port );
int _sockfdMcast;
int _sockfdSsl;
SSL_CTX *_ctx;
SSL *_ssl;
pollfd _pollfds[2];
in_port_t _gPortNo;
in_port_t _uPortNo;
sockaddr_in6 _gIpAddr;
@@ -78,7 +80,6 @@ private:
uint32_t _ifIndex;
string _interfaceName;
uint8_t _castStat;
int _sock;
bool _disconReq;
};

2
MQTTSNGateway/GatewayTester/src/LNetworkUdp.cpp
View File

@@ -197,6 +197,7 @@ bool LUdpPort::open(LUdpConfig *config)
if (::bind(_sockfdUcast, (struct sockaddr*) &addr, sizeof(addr)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror %s ::bind() to unicast address\033[0m\033[0;37m\n", strerror(errno));
return false;
}
@@ -216,6 +217,7 @@ bool LUdpPort::open(LUdpConfig *config)
if (::bind(_sockfdMcast, (struct sockaddr*) &addrm, sizeof(addrm)) < 0)
{
D_NWLOG("\033[0m\033[0;31merror %s ::bind() in UdpPort::open\033[0m\033[0;37m\n", strerror(errno));
return false;
}

2
MQTTSNGateway/GatewayTester/src/LNetworkUdp6.cpp
View File

@@ -350,7 +350,7 @@ bool LUdp6Port::checkRecvBuf()
{
uint8_t buf[2];
int cnt = poll(_pollfds, 2, 2000); // Timeout 2secs
int cnt = poll(_pollfds, 2, 50); // Timeout 50m secs
if (cnt == 0)
{
return false;