Skip to content
This repository was archived by the owner on Oct 28, 2023. It is now read-only.

Commit e302b6c

Browse files
basvsbasvs
authored
Merge pull request SHA2017-badge#100 from SHA2017-badge/basvs-mbedtls-errors
report tls error messages instead of crashing.
2 parents c17ad10 + 47c4063 commit e302b6c

File tree

4 files changed

+160
-13
lines changed

4 files changed

+160
-13
lines changed

extmod/modussl_mbedtls.c

Lines changed: 67 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@
3333
#include <errno.h>
3434
#include <string.h>
3535

36+
#include <esp_log.h>
37+
3638
#include "py/nlr.h"
3739
#include "py/runtime.h"
3840
#include "py/stream.h"
@@ -46,9 +48,12 @@
4648
#include "mbedtls/entropy.h"
4749
#include "mbedtls/ctr_drbg.h"
4850
#include "mbedtls/debug.h"
51+
#include "mbedtls/error.h"
4952

5053
#include "wildcard_sha2017_org.h"
5154

55+
#define TAG "modussl_mbedtls.c"
56+
5257
typedef struct _mp_obj_ssl_socket_t {
5358
mp_obj_base_t base;
5459
mp_obj_t sock;
@@ -86,6 +91,11 @@ int _mbedtls_ssl_send(void *ctx, const byte *buf, size_t len) {
8691
if (mp_is_nonblocking_error(err)) {
8792
return MBEDTLS_ERR_SSL_WANT_WRITE;
8893
}
94+
95+
char errstr[256];
96+
mbedtls_strerror(err, errstr, sizeof(errstr));
97+
ESP_LOGW(TAG, "sock_stream->write(): error %d: %s", -err, errstr);
98+
8999
return -err;
90100
}
91101
return out_sz;
@@ -102,6 +112,11 @@ int _mbedtls_ssl_recv(void *ctx, byte *buf, size_t len) {
102112
if (mp_is_nonblocking_error(err)) {
103113
return MBEDTLS_ERR_SSL_WANT_READ;
104114
}
115+
116+
char errstr[256];
117+
mbedtls_strerror(err, errstr, sizeof(errstr));
118+
ESP_LOGW(TAG, "sock_stream->read(): error %d: %s", -err, errstr);
119+
105120
return -err;
106121
}
107122
return out_sz;
@@ -139,8 +154,11 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
139154
mbedtls_entropy_init(&o->entropy);
140155
ret = mbedtls_ctr_drbg_seed(&o->ctr_drbg, mbedtls_entropy_func, &o->entropy, NULL, 0);
141156
if (ret != 0) {
142-
printf("ret=%d\n", ret);
143-
assert(0);
157+
char errstr[256];
158+
mbedtls_strerror(ret, errstr, sizeof(errstr));
159+
ESP_LOGW(TAG, "mbedtls_ctr_drbg_seed(): error %d: %s", -ret, errstr);
160+
161+
mp_raise_OSError(MP_EIO);
144162
}
145163

146164
bool sha2017_subdomain = false;
@@ -158,8 +176,11 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
158176
if (sha2017_subdomain) {
159177
ret = mbedtls_x509_crt_parse_der(&o->cacert, wildcard_sha2017_org, 856);
160178
if(ret < 0) {
161-
printf("mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
162-
assert(0);
179+
char errstr[256];
180+
mbedtls_strerror(ret, errstr, sizeof(errstr));
181+
ESP_LOGW(TAG, "mbedtls_x509_crt_parse_der(): error %d: %s", -ret, errstr);
182+
183+
mp_raise_OSError(MP_EIO);
163184
}
164185
}
165186

@@ -168,7 +189,11 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
168189
MBEDTLS_SSL_TRANSPORT_STREAM,
169190
MBEDTLS_SSL_PRESET_DEFAULT);
170191
if (ret != 0) {
171-
assert(0);
192+
char errstr[256];
193+
mbedtls_strerror(ret, errstr, sizeof(errstr));
194+
ESP_LOGW(TAG, "mbedtls_ssl_config_defaults(): error %d: %s", -ret, errstr);
195+
196+
mp_raise_OSError(MP_EIO);
172197
}
173198

174199
if (sha2017_subdomain) {
@@ -182,14 +207,22 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
182207

183208
ret = mbedtls_ssl_setup(&o->ssl, &o->conf);
184209
if (ret != 0) {
185-
assert(0);
210+
char errstr[256];
211+
mbedtls_strerror(ret, errstr, sizeof(errstr));
212+
ESP_LOGW(TAG, "mbedtls_ssl_setup(): error %d: %s", -ret, errstr);
213+
214+
mp_raise_OSError(MP_EIO);
186215
}
187216

188217
if (args->server_hostname.u_obj != mp_const_none) {
189218
const char *sni = mp_obj_str_get_str(args->server_hostname.u_obj);
190219
ret = mbedtls_ssl_set_hostname(&o->ssl, sni);
191220
if (ret != 0) {
192-
assert(0);
221+
char errstr[256];
222+
mbedtls_strerror(ret, errstr, sizeof(errstr));
223+
ESP_LOGW(TAG, "mbedtls_ssl_set_hostname(): error %d: %s", -ret, errstr);
224+
225+
mp_raise_OSError(MP_EIO);
193226
}
194227
}
195228

@@ -203,25 +236,46 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
203236
const byte *key = (const byte*)mp_obj_str_get_data(args->key.u_obj, &key_len);
204237
// len should include terminating null
205238
ret = mbedtls_pk_parse_key(&o->pkey, key, key_len + 1, NULL, 0);
206-
assert(ret == 0);
239+
if (ret != 0) {
240+
char errstr[256];
241+
mbedtls_strerror(ret, errstr, sizeof(errstr));
242+
ESP_LOGW(TAG, "mbedtls_pk_parse_key(): error %d: %s", -ret, errstr);
243+
244+
mp_raise_OSError(MP_EIO);
245+
}
207246

208247
size_t cert_len;
209248
const byte *cert = (const byte*)mp_obj_str_get_data(args->cert.u_obj, &cert_len);
210249
// len should include terminating null
211250
ret = mbedtls_x509_crt_parse(&o->cert, cert, cert_len + 1);
212-
assert(ret == 0);
251+
if (ret != 0) {
252+
char errstr[256];
253+
mbedtls_strerror(ret, errstr, sizeof(errstr));
254+
ESP_LOGW(TAG, "mbedtls_x509_crt_parse(): error %d: %s", -ret, errstr);
255+
256+
mp_raise_OSError(MP_EIO);
257+
}
213258

214259
ret = mbedtls_ssl_conf_own_cert(&o->conf, &o->cert, &o->pkey);
215-
assert(ret == 0);
260+
if (ret != 0) {
261+
char errstr[256];
262+
mbedtls_strerror(ret, errstr, sizeof(errstr));
263+
ESP_LOGW(TAG, "mbedtls_ssl_conf_own_cert(): error %d: %s", -ret, errstr);
264+
265+
mp_raise_OSError(MP_EIO);
266+
}
216267
}
217268

218269
if (args->server_side.u_bool) {
219-
assert(0);
270+
ESP_LOGW(TAG, "args->server_side.u_bool set");
271+
mp_raise_OSError(MP_EIO);
220272
} else {
221273
while ((ret = mbedtls_ssl_handshake(&o->ssl)) != 0) {
222274
if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
223-
//assert(0);
224-
printf("mbedtls_ssl_handshake error: -%x\n", -ret);
275+
char errstr[256];
276+
mbedtls_strerror(ret, errstr, sizeof(errstr));
277+
ESP_LOGW(TAG, "mbedtls_ssl_handshake(): error %d: %s", -ret, errstr);
278+
225279
mp_raise_OSError(MP_EIO);
226280
}
227281
}

unix/Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -176,6 +176,7 @@ SRC_C = \
176176
alloc.c \
177177
coverage.c \
178178
fatfs_port.c \
179+
esp_log.c \
179180
$(SRC_MOD)
180181

181182
OPT_GFXDRIVER = SDL

unix/esp_log.c

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
#include <stdint.h>
2+
#include <stdio.h>
3+
#include <stdarg.h>
4+
#include <time.h>
5+
#include "esp_log.h"
6+
7+
uint32_t
8+
esp_log_timestamp(void)
9+
{
10+
static time_t t_first = 0;
11+
if (t_first) {
12+
t_first = time(NULL);
13+
return 0;
14+
}
15+
return time(NULL) - t_first;
16+
}
17+
18+
void
19+
esp_log_write(esp_log_level_t level, const char* tag, const char* format, ...)
20+
{
21+
va_list ap;
22+
va_start(ap, format);
23+
vprintf(format, ap);
24+
va_end(ap);
25+
}

unix/esp_log.h

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
#ifndef ESP_LOG_H
2+
#define ESP_LOG_H
3+
4+
/* based on Espressif's esp-idf code */
5+
6+
#include <stdint.h>
7+
#include <stdarg.h>
8+
#include "sdkconfig.h"
9+
10+
typedef enum {
11+
ESP_LOG_NONE,
12+
ESP_LOG_ERROR,
13+
ESP_LOG_WARN,
14+
ESP_LOG_INFO,
15+
ESP_LOG_DEBUG,
16+
ESP_LOG_VERBOSE
17+
} esp_log_level_t;
18+
19+
uint32_t esp_log_timestamp(void);
20+
21+
void esp_log_write(esp_log_level_t level, const char* tag, const char* format, ...) __attribute__ ((format (printf, 3, 4)));
22+
23+
24+
#if CONFIG_LOG_COLORS
25+
#define LOG_COLOR_BLACK "30"
26+
#define LOG_COLOR_RED "31"
27+
#define LOG_COLOR_GREEN "32"
28+
#define LOG_COLOR_BROWN "33"
29+
#define LOG_COLOR_BLUE "34"
30+
#define LOG_COLOR_PURPLE "35"
31+
#define LOG_COLOR_CYAN "36"
32+
#define LOG_COLOR(COLOR) "\033[0;" COLOR "m"
33+
#define LOG_BOLD(COLOR) "\033[1;" COLOR "m"
34+
#define LOG_RESET_COLOR "\033[0m"
35+
#define LOG_COLOR_E LOG_COLOR(LOG_COLOR_RED)
36+
#define LOG_COLOR_W LOG_COLOR(LOG_COLOR_BROWN)
37+
#define LOG_COLOR_I LOG_COLOR(LOG_COLOR_GREEN)
38+
#define LOG_COLOR_D
39+
#define LOG_COLOR_V
40+
#else //CONFIG_LOG_COLORS
41+
#define LOG_COLOR_E
42+
#define LOG_COLOR_W
43+
#define LOG_COLOR_I
44+
#define LOG_COLOR_D
45+
#define LOG_COLOR_V
46+
#define LOG_RESET_COLOR
47+
#endif //CONFIG_LOG_COLORS
48+
49+
#define LOG_FORMAT(letter, format) LOG_COLOR_ ## letter #letter " (%d) %s: " format LOG_RESET_COLOR "\n"
50+
51+
#ifndef LOG_LOCAL_LEVEL
52+
#define LOG_LOCAL_LEVEL ((esp_log_level_t) CONFIG_LOG_DEFAULT_LEVEL)
53+
#endif
54+
55+
#define ESP_EARLY_LOGE( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_ERROR) { ets_printf(LOG_FORMAT(E, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
56+
#define ESP_EARLY_LOGW( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_WARN) { ets_printf(LOG_FORMAT(W, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
57+
#define ESP_EARLY_LOGI( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_INFO) { ets_printf(LOG_FORMAT(I, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
58+
#define ESP_EARLY_LOGD( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_DEBUG) { ets_printf(LOG_FORMAT(D, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
59+
#define ESP_EARLY_LOGV( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_VERBOSE) { ets_printf(LOG_FORMAT(V, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
60+
61+
#define ESP_LOGE( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_ERROR) { esp_log_write(ESP_LOG_ERROR, tag, LOG_FORMAT(E, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
62+
#define ESP_LOGW( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_WARN) { esp_log_write(ESP_LOG_WARN, tag, LOG_FORMAT(W, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
63+
#define ESP_LOGI( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_INFO) { esp_log_write(ESP_LOG_INFO, tag, LOG_FORMAT(I, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
64+
#define ESP_LOGD( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_DEBUG) { esp_log_write(ESP_LOG_DEBUG, tag, LOG_FORMAT(D, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
65+
#define ESP_LOGV( tag, format, ... ) if (LOG_LOCAL_LEVEL >= ESP_LOG_VERBOSE) { esp_log_write(ESP_LOG_VERBOSE, tag, LOG_FORMAT(V, format), esp_log_timestamp(), tag, ##__VA_ARGS__); }
66+
67+
#endif // ESP_LOG_H

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy