Skip to content

dtls: improve different peer recvfrom and better error reporting on ipv6#6087

Merged
JacobBarthelmeh merged 7 commits intowolfSSL:masterfrom
rizlik:embed_recv_from_fix_peer
May 24, 2023
Merged

dtls: improve different peer recvfrom and better error reporting on ipv6#6087
JacobBarthelmeh merged 7 commits intowolfSSL:masterfrom
rizlik:embed_recv_from_fix_peer

Conversation

@rizlik
Copy link
Copy Markdown
Contributor

@rizlik rizlik commented Feb 14, 2023
edited by dgarske
Loading

Description

  • Ignore messages from a different ip/src-port instead of returning WANT_READ which will bother blocking sockets
  • Return error if wolfSSL_dtls_set_peer is invoked with an IPv6 address when IPv6 support is disabled

Fixes #5999

Testing

A test was added to the test suite

@rizlik rizlik self-assigned this Feb 14, 2023
@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch 4 times, most recently from 9c62894 to 5e48823 Compare February 15, 2023 10:40
@rizlik rizlik requested a review from julek-wolfssl February 15, 2023 14:06
@rizlik rizlik assigned julek-wolfssl and unassigned rizlik Feb 15, 2023
julek-wolfssl
julek-wolfssl requested changes Feb 16, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@julek-wolfssl julek-wolfssl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice! Better built-in network support is always welcome.

Comment thread tests/api.c Outdated
Comment thread src/ssl.c Outdated
Comment thread tests/api.c Outdated
Comment thread src/wolfio.c Outdated
@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch 2 times, most recently from 82996c8 to 2466542 Compare February 21, 2023 14:42
@Flole998
Copy link
Copy Markdown

Flole998 commented Feb 23, 2023

This would fix #5999, you might want to add this to the PR description

@dgarske
Copy link
Copy Markdown
Member

dgarske commented Feb 23, 2023

Retest this please

@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch from 2466542 to 0c9d2ec Compare March 1, 2023 08:32
@rizlik rizlik requested a review from julek-wolfssl March 1, 2023 10:38
@rizlik rizlik assigned julek-wolfssl and unassigned rizlik Mar 1, 2023
julek-wolfssl
julek-wolfssl requested changes Mar 1, 2023
View reviewed changes
Comment thread tests/api.c Outdated
@julek-wolfssl
Copy link
Copy Markdown
Member

julek-wolfssl commented Mar 1, 2023

When NO_ASN_TIME do you think we should return a WANT_READ in all cases instead of continue in EmbedReceiveFrom? If a DTLS peer is sent a stream of messages from the wrong peer then it will never return. Is it better for the user to know about this and let them decide what to do?

@julek-wolfssl julek-wolfssl assigned rizlik and unassigned julek-wolfssl Mar 1, 2023
@rizlik
Copy link
Copy Markdown
Contributor Author

rizlik commented Mar 8, 2023

When NO_ASN_TIME do you think we should return a WANT_READ in all cases instead of continue in EmbedReceiveFrom? If a DTLS peer is sent a stream of messages from the wrong peer then it will never return. Is it better for the user to know about this and let them decide what to do?

To correctly have timeout we already depend on haveing a timer, so I think it's ok to allow a no-timeout situation in caseof ASN_NO_TIME

@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch from 0c9d2ec to 19ac4db Compare March 8, 2023 11:43
@rizlik rizlik assigned julek-wolfssl and unassigned rizlik Mar 8, 2023
@rizlik rizlik requested a review from julek-wolfssl March 8, 2023 11:43
@julek-wolfssl
Copy link
Copy Markdown
Member

julek-wolfssl commented Mar 21, 2023

To correctly have timeout we already depend on haveing a timer, so I think it's ok to allow a no-timeout situation in caseof ASN_NO_TIME

Yes but currently, you run the risk of never returning. Maybe at least a counter in that case? Like ignore 10 packets before returning WANT_READ?

@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch from 19ac4db to ce380ff Compare April 5, 2023 13:55
@rizlik rizlik requested a review from JacobBarthelmeh May 18, 2023 16:59
@rizlik rizlik assigned julek-wolfssl and unassigned rizlik May 18, 2023
julek-wolfssl
julek-wolfssl requested changes May 19, 2023
View reviewed changes
Comment thread wolfssl/test.h Outdated
Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c Outdated
@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch from 08a97a9 to 06c620f Compare May 19, 2023 09:06
@rizlik rizlik requested a review from julek-wolfssl May 19, 2023 09:06
@rizlik
Copy link
Copy Markdown
Contributor Author

rizlik commented May 19, 2023

jenkins retest this please

1 similar comment
@rizlik
Copy link
Copy Markdown
Contributor Author

rizlik commented May 19, 2023

jenkins retest this please

@rizlik rizlik assigned julek-wolfssl and rizlik and unassigned rizlik and julek-wolfssl May 19, 2023
@rizlik rizlik force-pushed the embed_recv_from_fix_peer branch from 06c620f to 5182fe3 Compare May 22, 2023 15:33
@rizlik rizlik assigned julek-wolfssl and unassigned rizlik May 22, 2023
@rizlik
Copy link
Copy Markdown
Contributor Author

rizlik commented May 23, 2023

Jenkins retest this please

julek-wolfssl
julek-wolfssl approved these changes May 23, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@julek-wolfssl julek-wolfssl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Thanks @rizlik!

@JacobBarthelmeh JacobBarthelmeh merged commit 1218cfb into wolfSSL:master May 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JacobBarthelmeh JacobBarthelmeh JacobBarthelmeh approved these changes

@julek-wolfssl julek-wolfssl julek-wolfssl approved these changes

Assignees

@JacobBarthelmeh JacobBarthelmeh

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: DTLS using IPv6 fails with error 2

5 participants

@rizlik @Flole998 @dgarske @julek-wolfssl @JacobBarthelmeh