Update unused headers and NULL checks for platform wrappers (FreeRTOS#367)

yourslab · n9wxu · web-flow · commit 559772a4db3c · 2020-10-28T11:11:55.000-07:00
- Remove unused headers in the plaintext FreeRTOS sockets wrapper
- Update MFLN even though the preceding optional configuration returned an mbedTLS error
- Remove an unused `NULL` check in a private method that is already checked by the public connect method
- Add a `NULL` check to the public disconnect method

Co-authored-by: Joseph Julicher &lt;jjulicher@mac.com&gt;
diff --git a/FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/plaintext_freertos.c b/FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/plaintext_freertos.c
@@ -24,8 +24,6 @@
 
 /* FreeRTOS includes. */
 #include "FreeRTOS.h"
-#include "atomic.h"
-#include "semphr.h"
 
 /* FreeRTOS+TCP includes. */
 #include "FreeRTOS_IP.h"
diff --git a/FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/tls_freertos.c b/FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/tls_freertos.c
@@ -328,12 +328,9 @@ static int32_t setCredentials( SSLContext_t * pSslContext,
     mbedtls_ssl_conf_cert_profile( &( pSslContext->config ),
                                    &( pSslContext->certProfile ) );
 
-    if( pNetworkCredentials->pRootCa != NULL )
-    {
-        mbedtlsError = setRootCa( pSslContext,
-                                  pNetworkCredentials->pRootCa,
-                                  pNetworkCredentials->rootCaSize );
-    }
+    mbedtlsError = setRootCa( pSslContext,
+                              pNetworkCredentials->pRootCa,
+                              pNetworkCredentials->rootCaSize );
 
     if( ( pNetworkCredentials->pClientCert != NULL ) &&
         ( pNetworkCredentials->pPrivateKey != NULL ) )
@@ -405,8 +402,7 @@ static void setOptionalConfigurations( SSLContext_t * pSslContext,
 
     /* Set Maximum Fragment Length if enabled. */
     #ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-    if( 0 == mbedtlsError )
-    {
+
         /* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted.
          * See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information.
          *
@@ -420,9 +416,7 @@ static void setOptionalConfigurations( SSLContext_t * pSslContext,
                         mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
                         mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
         }
-    }
-    #endif
-
+    #endif /* ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 }
 /*-----------------------------------------------------------*/
 
@@ -672,12 +666,14 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
     /* Clean up on failure. */
     if( returnStatus != TLS_TRANSPORT_SUCCESS )
     {
-        sslContextFree( &( pNetworkContext->sslContext ) );
-
-        if( ( pNetworkContext != NULL ) &&
-            ( pNetworkContext->tcpSocket != FREERTOS_INVALID_SOCKET ) )
+        if( pNetworkContext != NULL )
         {
-            ( void ) FreeRTOS_closesocket( pNetworkContext->tcpSocket );
+            sslContextFree( &( pNetworkContext->sslContext ) );
+
+            if( pNetworkContext->tcpSocket != FREERTOS_INVALID_SOCKET )
+            {
+                ( void ) FreeRTOS_closesocket( pNetworkContext->tcpSocket );
+            }
         }
     }
     else
@@ -695,40 +691,43 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
 {
     BaseType_t tlsStatus = 0;
 
-    /* Attempting to terminate TLS connection. */
-    tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
-
-    /* Ignore the WANT_READ and WANT_WRITE return values. */
-    if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
-        ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
+    if( pNetworkContext != NULL )
     {
-        if( tlsStatus == 0 )
+        /* Attempting to terminate TLS connection. */
+        tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
+
+        /* Ignore the WANT_READ and WANT_WRITE return values. */
+        if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
+            ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
         {
-            LogInfo( ( "(Network connection %p) TLS close-notify sent.",
-                       pNetworkContext ) );
+            if( tlsStatus == 0 )
+            {
+                LogInfo( ( "(Network connection %p) TLS close-notify sent.",
+                           pNetworkContext ) );
+            }
+            else
+            {
+                LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.",
+                            pNetworkContext,
+                            mbedtlsHighLevelCodeOrDefault( tlsStatus ),
+                            mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
+            }
         }
         else
         {
-            LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.",
-                        pNetworkContext,
-                        mbedtlsHighLevelCodeOrDefault( tlsStatus ),
-                        mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
+            /* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
+            LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
+                       "received %s as the TLS status can be ignored for close-notify."
+                       ( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
+                       pNetworkContext ) );
         }
-    }
-    else
-    {
-        /* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
-        LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
-                   "received %s as the TLS status can be ignored for close-notify."
-                   ( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
-                   pNetworkContext ) );
-    }
 
-    /* Call socket shutdown function to close connection. */
-    Sockets_Disconnect( pNetworkContext->tcpSocket );
+        /* Call socket shutdown function to close connection. */
+        Sockets_Disconnect( pNetworkContext->tcpSocket );
 
-    /* Free mbed TLS contexts. */
-    sslContextFree( &( pNetworkContext->sslContext ) );
+        /* Free mbed TLS contexts. */
+        sslContextFree( &( pNetworkContext->sslContext ) );
+    }
 
     /* Clear the mutex functions for mbed TLS thread safety. */
     mbedtls_threading_free_alt();
diff --git a/FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/tls_freertos_pkcs11.c b/FreeRTOS-Plus/Source/Application-Protocols/platform/freertos/transport/src/tls_freertos_pkcs11.c
@@ -395,24 +395,24 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
 
     /* Set Maximum Fragment Length if enabled. */
     #ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-    if( returnStatus == TLS_TRANSPORT_SUCCESS )
-    {
-        /* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted.
-         * See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information.
-         *
-         * Smaller values can be found in "mbedtls/include/ssl.h".
-         */
-        mbedtlsError = mbedtls_ssl_conf_max_frag_len( &( pNetworkContext->sslContext.config ), MBEDTLS_SSL_MAX_FRAG_LEN_4096 );
-
-        if( mbedtlsError != 0 )
+        if( returnStatus == TLS_TRANSPORT_SUCCESS )
         {
-            LogError( ( "Failed to maximum fragment length extension: mbedTLSError= %s : %s.",
-                        mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
-                        mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
-            returnStatus = TLS_TRANSPORT_INTERNAL_ERROR;
+            /* Enable the max fragment extension. 4096 bytes is currently the largest fragment size permitted.
+             * See RFC 8449 https://tools.ietf.org/html/rfc8449 for more information.
+             *
+             * Smaller values can be found in "mbedtls/include/ssl.h".
+             */
+            mbedtlsError = mbedtls_ssl_conf_max_frag_len( &( pNetworkContext->sslContext.config ), MBEDTLS_SSL_MAX_FRAG_LEN_4096 );
+
+            if( mbedtlsError != 0 )
+            {
+                LogError( ( "Failed to maximum fragment length extension: mbedTLSError= %s : %s.",
+                            mbedtlsHighLevelCodeOrDefault( mbedtlsError ),
+                            mbedtlsLowLevelCodeOrDefault( mbedtlsError ) ) );
+                returnStatus = TLS_TRANSPORT_INTERNAL_ERROR;
+            }
         }
-    }
-    #endif
+    #endif /* ifdef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 
     if( returnStatus == TLS_TRANSPORT_SUCCESS )
     {
@@ -853,40 +853,43 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
 {
     BaseType_t tlsStatus = 0;
 
-    /* Attempting to terminate TLS connection. */
-    tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
-
-    /* Ignore the WANT_READ and WANT_WRITE return values. */
-    if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
-        ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
+    if( pNetworkContext != NULL )
     {
-        if( tlsStatus == 0 )
+        /* Attempting to terminate TLS connection. */
+        tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
+
+        /* Ignore the WANT_READ and WANT_WRITE return values. */
+        if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
+            ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_WRITE ) )
         {
-            LogInfo( ( "(Network connection %p) TLS close-notify sent.",
-                       pNetworkContext ) );
+            if( tlsStatus == 0 )
+            {
+                LogInfo( ( "(Network connection %p) TLS close-notify sent.",
+                           pNetworkContext ) );
+            }
+            else
+            {
+                LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.",
+                            pNetworkContext,
+                            mbedtlsHighLevelCodeOrDefault( tlsStatus ),
+                            mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
+            }
         }
         else
         {
-            LogError( ( "(Network connection %p) Failed to send TLS close-notify: mbedTLSError= %s : %s.",
-                        pNetworkContext,
-                        mbedtlsHighLevelCodeOrDefault( tlsStatus ),
-                        mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
+            /* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
+            LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
+                       "received %s as the TLS status can be ignored for close-notify."
+                       ( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
+                       pNetworkContext ) );
         }
-    }
-    else
-    {
-        /* WANT_READ and WANT_WRITE can be ignored. Logging for debugging purposes. */
-        LogInfo( ( "(Network connection %p) TLS close-notify sent; ",
-                   "received %s as the TLS status can be ignored for close-notify."
-                   ( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ? "WANT_READ" : "WANT_WRITE",
-                   pNetworkContext ) );
-    }
 
-    /* Call socket shutdown function to close connection. */
-    Sockets_Disconnect( pNetworkContext->tcpSocket );
+        /* Call socket shutdown function to close connection. */
+        Sockets_Disconnect( pNetworkContext->tcpSocket );
 
-    /* Free mbed TLS contexts. */
-    sslContextFree( &( pNetworkContext->sslContext ) );
+        /* Free mbed TLS contexts. */
+        sslContextFree( &( pNetworkContext->sslContext ) );
+    }
 
     /* Clear the mutex functions for mbed TLS thread safety. */
     mbedtls_threading_free_alt();
