lwip-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [patch #10465] Overall altcp_tls_mbedtls fixes and enhancem


From: Hamza Hajeir
Subject: [lwip-devel] [patch #10465] Overall altcp_tls_mbedtls fixes and enhancements.
Date: Thu, 18 Jul 2024 05:47:11 -0400 (EDT)

URL:
  <https://savannah.nongnu.org/patch/?10465>

                 Summary: Overall altcp_tls_mbedtls fixes and enhancements.
                   Group: lwIP - A Lightweight TCP/IP stack
               Submitter: hamzahajeir
               Submitted: Thu 18 Jul 2024 09:47:08 AM UTC
                Category: apps
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None


    _______________________________________________________

Follow-up Comments:


-------------------------------------------------------
Date: Thu 18 Jul 2024 09:47:08 AM UTC By: Hamza Hajeir <hamzahajeir>
Hi 

I'm providing several patches that fixes *altcp_tls_mbedtls* code and enhances
its operation considerably, supporting both mbedtls LTS versions (2 and 3).

Over these patches, a system composed of a HTTPS Webserver, Websockets secured
(WSS), MQTTS Client, and HTTPS Client, has already been tested for weeks with
no issues*, no memory leaks and enhanced performance in noisy environment. The
system was put into several stress tests regarding messages size and write
frequency.

This patch topic override a previous one [1].

The patches are built on top of the current master branch, and writted with
respect to the guidelines regarding the source code style.

*The fixes are as following:*
* Correctly Free client configuration (0002).
* Fixes regarding abort management (0003).
* Frees SSL Cache and Tickets where used (0004).
* Marks the freed keys and certificates NULL over freeing them (0005).
* Correctly close and free LISTEN connections (0006).
* Frees rx_app on dealloc() (0009). 
* Fixes ALTCP_MBEDTLS_PLATFORM_ALLOC definition (0010).
* Fixes the return value of altcp_mbedtls_sndbuf when the underlying tcp
sndbuf is consumed by ssl expansion bytes (0013).

*The enhancements are as following:*
* Use mbedtls_ssl_handshake_step() instead of mbedtls_ssl_handshake() to free
the MCU being blocked until the whole process ends (0007).
* Correctly manage ingoing and outgoing flags:
        * Copies ingoing PBUF_FLAG_PUSH flag to pass it to the application 
(0001).
        * Adds TCP_WRITE_FLAG_MORE where needed on altcp_write (0011).
* Port to mbedtls v3, keeping support for mbedtls v2 using appropriate macros
(0012).

*Some Additional edits:*
* Adds mbedtls return values to debug functions (0008).

I provide these patches willing for a serious consideration. I also provide
flexibitily to edit and re-submit any patch file, if seen appropriate.

With Thanks,
Hamza Hajeir

* Except for an unknown bug/memory leak at mbedtls at using TLS servers,
couldn't replicate when running mbedtls v3 until now.[2]
[1] https://savannah.nongnu.org/patch/?10368.
[2] https://github.com/Mbed-TLS/mbedtls/issues/7833.






    _______________________________________________________
File Attachments:


-------------------------------------------------------
Name: 0001-altcp_tls_mbedtls-Copy-received-TCP-flags.patch  Size: 1KiB
<https://file.savannah.nongnu.org/file/0001-altcp_tls_mbedtls-Copy-received-TCP-flags.patch?file_id=56277>
-------------------------------------------------------
Name: 0002-altcp_tls_mbedtls-Free-client-s-TLS-config-on-deallo.patch  Size:
2KiB
<https://file.savannah.nongnu.org/file/0002-altcp_tls_mbedtls-Free-client-s-TLS-config-on-deallo.patch?file_id=56278>
-------------------------------------------------------
Name: 0003-altcp_tls_mbedtls-Fix-abort-management.patch  Size: 1KiB
<https://file.savannah.nongnu.org/file/0003-altcp_tls_mbedtls-Fix-abort-management.patch?file_id=56279>
-------------------------------------------------------
Name: 0004-altcp_tls_mbedtls-Free-SSL-cache-and-session-tickets.patch  Size:
1KiB
<https://file.savannah.nongnu.org/file/0004-altcp_tls_mbedtls-Free-SSL-cache-and-session-tickets.patch?file_id=56280>

    AGPL NOTICE

These attachments are served by Savane. You can download the corresponding
source code of Savane at
https://git.savannah.nongnu.org/cgit/administration/savane.git/snapshot/savane-b921eb6f47f98f9b46802ed414f7b7f6c3798603.tar.gz

    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/patch/?10465>

_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]