From cfe9fb95147c985af8a0bc286a4621865d3d43a5 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 12 Apr 2024 13:46:55 -0700 Subject: [PATCH 01/26] add a secure tunnel encode error and logging for errors during encoding of messages --- source/iotdevice.c | 3 ++ source/secure_tunneling.c | 2 +- source/secure_tunneling_operations.c | 2 -- source/serializer.c | 45 ++++++++++++++++++++++++++-- 4 files changed, 47 insertions(+), 5 deletions(-) diff --git a/source/iotdevice.c b/source/iotdevice.c index 558624c0..fc0d08c6 100644 --- a/source/iotdevice.c +++ b/source/iotdevice.c @@ -102,6 +102,9 @@ static struct aws_error_info s_errors[] = { AWS_DEFINE_ERROR_INFO_IOTDEVICE( AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INACTIVE_SERVICE_ID, "Secure Tunnel operation failed due to using inactive service id." ), + AWS_DEFINE_ERROR_INFO_IOTDEVICE( + AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_ENCODE_FAILURE, + "Error occured while encoding an outbound message." ), }; /* clang-format on */ #undef AWS_DEFINE_ERROR_INFO_IOTDEVICE diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 05c92c81..d19cebae 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -2709,7 +2709,7 @@ int aws_secure_tunnel_connection_start( if (secure_tunnel->config->local_proxy_mode == AWS_SECURE_TUNNELING_DESTINATION_MODE) { AWS_LOGF_ERROR(AWS_LS_IOTDEVICE_SECURE_TUNNELING, "Connection Start can only be sent from Source Mode"); - return AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INCORRECT_MODE; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INCORRECT_MODE); } struct aws_secure_tunnel_operation_message *message_op = aws_secure_tunnel_operation_message_new( diff --git a/source/secure_tunneling_operations.c b/source/secure_tunneling_operations.c index 29f1bb4c..0c7bc3b0 100644 --- a/source/secure_tunneling_operations.c +++ b/source/secure_tunneling_operations.c @@ -991,7 +991,6 @@ struct data_tunnel_pair *aws_secure_tunnel_data_tunnel_pair_new( pair->type = message_view->type; pair->length_prefix_written = false; if (aws_iot_st_msg_serialize_from_view(&pair->buf, allocator, message_view)) { - AWS_LOGF_ERROR(AWS_LS_IOTDEVICE_SECURE_TUNNELING, "Failure serializing message"); goto error; } @@ -1000,7 +999,6 @@ struct data_tunnel_pair *aws_secure_tunnel_data_tunnel_pair_new( return pair; error: - aws_secure_tunnel_data_tunnel_pair_destroy(pair); return NULL; } diff --git a/source/serializer.c b/source/serializer.c index 85988767..7e6f12ef 100644 --- a/source/serializer.c +++ b/source/serializer.c @@ -247,6 +247,10 @@ int aws_iot_st_msg_serialize_from_view( const struct aws_secure_tunnel_message_view *message_view) { size_t message_total_length = 0; if (s_iot_st_compute_message_length(message_view, &message_total_length)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure computing message length while serializing message", + message_view); return AWS_OP_ERR; } @@ -262,33 +266,54 @@ int aws_iot_st_msg_serialize_from_view( if (message_view->type != AWS_SECURE_TUNNEL_MT_UNKNOWN) { if (s_iot_st_encode_type(message_view->type, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding message type while serializing message", + message_view); goto cleanup; } } else { - AWS_LOGF_ERROR(AWS_LS_IOTDEVICE_SECURE_TUNNELING, "Message missing type during encoding"); + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Message type missing while serializing message", message_view); goto cleanup; } if (message_view->stream_id != 0) { if (s_iot_st_encode_stream_id(message_view->stream_id, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding stream id while serializing message", + message_view); goto cleanup; } } if (message_view->connection_id != 0) { if (s_iot_st_encode_connection_id(message_view->connection_id, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding connection id while serializing message", + message_view); goto cleanup; } } if (message_view->ignorable != 0) { if (s_iot_st_encode_ignorable(message_view->ignorable, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding ignorable while serializing message", + message_view); goto cleanup; } } if (message_view->payload != NULL) { if (s_iot_st_encode_payload(message_view->payload, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding payload while serializing message", + message_view); goto cleanup; } } @@ -296,21 +321,37 @@ int aws_iot_st_msg_serialize_from_view( if (message_view->type == AWS_SECURE_TUNNEL_MT_SERVICE_IDS) { if (message_view->service_id != 0) { if (s_iot_st_encode_service_ids(message_view->service_id, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding service id while serializing message", + message_view); goto cleanup; } } if (message_view->service_id_2 != 0) { if (s_iot_st_encode_service_ids(message_view->service_id_2, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding service id 2 while serializing message", + message_view); goto cleanup; } } if (message_view->service_id_3 != 0) { if (s_iot_st_encode_service_ids(message_view->service_id_3, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding service id 3 while serializing message", + message_view); goto cleanup; } } } else if (message_view->service_id != NULL) { if (s_iot_st_encode_service_id(message_view->service_id, buffer)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failure encoding service id while serializing message", + message_view); goto cleanup; } } @@ -319,7 +360,7 @@ int aws_iot_st_msg_serialize_from_view( cleanup: aws_byte_buf_clean_up(buffer); - return AWS_OP_ERR; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_ENCODE_FAILURE); } /***************************************************************************************************************** From b7e3f79cb23b508a9a6b4cc97f3e478a3e6fa87d Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 12 Apr 2024 13:52:05 -0700 Subject: [PATCH 02/26] encode failure error --- include/aws/iotdevice/iotdevice.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/aws/iotdevice/iotdevice.h b/include/aws/iotdevice/iotdevice.h index 48faad90..290723f6 100644 --- a/include/aws/iotdevice/iotdevice.h +++ b/include/aws/iotdevice/iotdevice.h @@ -47,6 +47,7 @@ enum aws_iotdevice_error { AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DATA_NO_ACTIVE_CONNECTION, AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DATA_PROTOCOL_VERSION_MISMATCH, AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INACTIVE_SERVICE_ID, + AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_ENCODE_FAILURE, AWS_ERROR_END_IOTDEVICE_RANGE = AWS_ERROR_ENUM_END_RANGE(AWS_C_IOTDEVICE_PACKAGE_ID), }; From eac084123e245556b7b06ee25c931125fa1d77a3 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 12 Apr 2024 14:10:26 -0700 Subject: [PATCH 03/26] more error cleanup --- source/secure_tunneling.c | 70 ++++------------------------ source/secure_tunneling_operations.c | 4 -- 2 files changed, 8 insertions(+), 66 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index d19cebae..5325780b 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -51,7 +51,7 @@ static void s_aws_secure_tunnel_connected_on_message_received( static int s_aws_secure_tunnel_remove_connection_id( struct aws_secure_tunnel *secure_tunnel, const struct aws_secure_tunnel_message_view *message_view); -int reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel); +void reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel); const char *aws_secure_tunnel_state_to_c_string(enum aws_secure_tunnel_state state) { switch (state) { @@ -1552,9 +1552,6 @@ static struct aws_secure_tunnel_change_desired_state_task *s_aws_secure_tunnel_c struct aws_secure_tunnel_change_desired_state_task *change_state_task = aws_mem_calloc(allocator, 1, sizeof(struct aws_secure_tunnel_change_desired_state_task)); - if (change_state_task == NULL) { - return NULL; - } aws_task_init(&change_state_task->task, s_change_state_task_fn, (void *)change_state_task, "ChangeStateTask"); change_state_task->allocator = secure_tunnel->allocator; @@ -1585,14 +1582,6 @@ static int s_aws_secure_tunnel_change_desired_state( struct aws_secure_tunnel_change_desired_state_task *task = s_aws_secure_tunnel_change_desired_state_task_new(secure_tunnel->allocator, secure_tunnel, desired_state); - if (task == NULL) { - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to create change desired state task", - (void *)secure_tunnel); - return AWS_OP_ERR; - } - aws_event_loop_schedule_task_now(secure_tunnel->loop, &task->task); return AWS_OP_SUCCESS; @@ -1601,19 +1590,11 @@ static int s_aws_secure_tunnel_change_desired_state( /* * Disconnect the Secure Tunnel from the Secure Tunnel service and reset all stream ids */ -int reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel) { +void reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel) { struct aws_secure_tunnel_change_desired_state_task *task = s_aws_secure_tunnel_change_desired_state_task_new( secure_tunnel->allocator, secure_tunnel, AWS_STS_CLEAN_DISCONNECT); - if (task == NULL) { - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to create change desired state task", - (void *)secure_tunnel); - return AWS_OP_ERR; - } - aws_event_loop_schedule_task_now(secure_tunnel->loop, &task->task); return AWS_OP_SUCCESS; @@ -2168,12 +2149,9 @@ static void s_secure_tunnel_submit_operation_task_fn(struct aws_task *task, void aws_mem_release(submit_operation_task->allocator, submit_operation_task); } -static int s_submit_operation(struct aws_secure_tunnel *secure_tunnel, struct aws_secure_tunnel_operation *operation) { +static void s_submit_operation(struct aws_secure_tunnel *secure_tunnel, struct aws_secure_tunnel_operation *operation) { struct aws_secure_tunnel_submit_operation_task *submit_task = aws_mem_calloc(secure_tunnel->allocator, 1, sizeof(struct aws_secure_tunnel_submit_operation_task)); - if (submit_task == NULL) { - return AWS_OP_ERR; - } aws_task_init( &submit_task->task, s_secure_tunnel_submit_operation_task_fn, submit_task, "SecureTunnelSubmitOperation"); @@ -2182,8 +2160,6 @@ static int s_submit_operation(struct aws_secure_tunnel *secure_tunnel, struct aw submit_task->operation = operation; aws_event_loop_schedule_task_now(secure_tunnel->loop, &submit_task->task); - - return AWS_OP_SUCCESS; } /********************************************************************************************************************* @@ -2655,15 +2631,9 @@ int aws_secure_tunnel_send_message( (void *)secure_tunnel, (void *)message_op); - if (s_submit_operation(secure_tunnel, &message_op->base)) { - goto error; - } + s_submit_operation(secure_tunnel, &message_op->base); return AWS_OP_SUCCESS; - -error: - aws_secure_tunnel_operation_release(&message_op->base); - return aws_last_error(); } int aws_secure_tunnel_stream_start( @@ -2690,15 +2660,9 @@ int aws_secure_tunnel_stream_start( (void *)secure_tunnel, (void *)message_op); - if (s_submit_operation(secure_tunnel, &message_op->base)) { - goto error; - } + s_submit_operation(secure_tunnel, &message_op->base); return AWS_OP_SUCCESS; - -error: - aws_secure_tunnel_operation_release(&message_op->base); - return AWS_OP_ERR; } int aws_secure_tunnel_connection_start( @@ -2725,15 +2689,9 @@ int aws_secure_tunnel_connection_start( (void *)secure_tunnel, (void *)message_op); - if (s_submit_operation(secure_tunnel, &message_op->base)) { - goto error; - } + s_submit_operation(secure_tunnel, &message_op->base); return AWS_OP_SUCCESS; - -error: - aws_secure_tunnel_operation_release(&message_op->base); - return AWS_OP_ERR; } /********************************************************************************************************************* @@ -2763,15 +2721,9 @@ int aws_secure_tunnel_stream_reset( (void *)secure_tunnel, (void *)message_op); - if (s_submit_operation(secure_tunnel, &message_op->base)) { - goto error; - } + s_submit_operation(secure_tunnel, &message_op->base); return AWS_OP_SUCCESS; - -error: - aws_secure_tunnel_operation_release(&message_op->base); - return AWS_OP_ERR; } int aws_secure_tunnel_connection_reset( @@ -2793,13 +2745,7 @@ int aws_secure_tunnel_connection_reset( (void *)secure_tunnel, (void *)message_op); - if (s_submit_operation(secure_tunnel, &message_op->base)) { - goto error; - } + s_submit_operation(secure_tunnel, &message_op->base); return AWS_OP_SUCCESS; - -error: - aws_secure_tunnel_operation_release(&message_op->base); - return AWS_OP_ERR; } diff --git a/source/secure_tunneling_operations.c b/source/secure_tunneling_operations.c index 0c7bc3b0..81440340 100644 --- a/source/secure_tunneling_operations.c +++ b/source/secure_tunneling_operations.c @@ -624,9 +624,6 @@ struct aws_secure_tunnel_operation_message *aws_secure_tunnel_operation_message_ struct aws_secure_tunnel_operation_message *message_op = aws_mem_calloc(allocator, 1, sizeof(struct aws_secure_tunnel_operation_message)); - if (message_op == NULL) { - return NULL; - } message_op->allocator = allocator; message_op->base.vtable = &s_message_operation_vtable; @@ -645,7 +642,6 @@ struct aws_secure_tunnel_operation_message *aws_secure_tunnel_operation_message_ error: aws_secure_tunnel_operation_release(&message_op->base); - return NULL; } From 734e77f5a4a74cf2cc409b63263ba89aab09a979 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 12 Apr 2024 14:13:32 -0700 Subject: [PATCH 04/26] log fix --- source/serializer.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/source/serializer.c b/source/serializer.c index 7e6f12ef..3f5c8931 100644 --- a/source/serializer.c +++ b/source/serializer.c @@ -250,7 +250,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure computing message length while serializing message", - message_view); + (void *)message_view); return AWS_OP_ERR; } @@ -269,12 +269,14 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding message type while serializing message", - message_view); + (void *)message_view); goto cleanup; } } else { AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Message type missing while serializing message", message_view); + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Message type missing while serializing message", + (void *)message_view); goto cleanup; } @@ -283,7 +285,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding stream id while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -293,7 +295,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding connection id while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -303,7 +305,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding ignorable while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -313,7 +315,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding payload while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -324,7 +326,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -333,7 +335,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id 2 while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -342,7 +344,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id 3 while serializing message", - message_view); + (void *)message_view); goto cleanup; } } @@ -351,7 +353,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id while serializing message", - message_view); + (void *)message_view); goto cleanup; } } From 0bf363871828bd17ddcc2aa636637c0958e002b9 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 12 Apr 2024 14:18:43 -0700 Subject: [PATCH 05/26] returns when function is void --- source/secure_tunneling.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 5325780b..6ba58316 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1596,8 +1596,6 @@ void reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel) { secure_tunnel->allocator, secure_tunnel, AWS_STS_CLEAN_DISCONNECT); aws_event_loop_schedule_task_now(secure_tunnel->loop, &task->task); - - return AWS_OP_SUCCESS; } /********************************************************************************************************************* From b29444b5ac0f9cfd94e20e3868c0ea0bd92dd888 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 15 Apr 2024 08:59:42 -0700 Subject: [PATCH 06/26] more error stuff --- source/iotdevice.c | 2 +- source/secure_tunneling.c | 41 ++++++++++++++++++++------------------- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/source/iotdevice.c b/source/iotdevice.c index fc0d08c6..140d866e 100644 --- a/source/iotdevice.c +++ b/source/iotdevice.c @@ -92,7 +92,7 @@ static struct aws_error_info s_errors[] = { "Secure Tunnel terminated by user request."), AWS_DEFINE_ERROR_INFO_IOTDEVICE( AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DECODE_FAILURE, - "Error occured while decoding an incoming message." ), + "Error occurred while decoding an incoming message." ), AWS_DEFINE_ERROR_INFO_IOTDEVICE( AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DATA_NO_ACTIVE_CONNECTION, "DATA message processing failed due to no active connection found." ), diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 6ba58316..8283e272 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -242,7 +242,7 @@ static bool s_aws_secure_tunnel_stream_id_match_check( return (stream_id == service_id_elem->stream_id); } -static bool s_aws_secure_tunnel_active_stream_check( +static int s_aws_secure_tunnel_active_stream_check( const struct aws_secure_tunnel *secure_tunnel, const struct aws_secure_tunnel_message_view *message_view) { /* @@ -250,7 +250,7 @@ static bool s_aws_secure_tunnel_active_stream_check( */ if (message_view->service_id == NULL || message_view->service_id->len == 0) { if (secure_tunnel->connections->stream_id != message_view->stream_id) { - return false; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_STREAM_ID); } uint32_t connection_id = message_view->connection_id; @@ -265,25 +265,22 @@ static bool s_aws_secure_tunnel_active_stream_check( struct aws_hash_element *connection_id_elem = NULL; aws_hash_table_find(&secure_tunnel->connections->connection_ids, &connection_id, &connection_id_elem); if (connection_id_elem == NULL) { - aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID); - return false; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID); } - return true; + return AWS_OP_SUCCESS; } /* Check if service id is being used by the secure tunnel */ struct aws_hash_element *elem = NULL; aws_hash_table_find(&secure_tunnel->connections->service_ids, message_view->service_id, &elem); if (elem == NULL) { - aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_SERVICE_ID); - return false; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_SERVICE_ID); } /* Check if the stream id is the currently active one */ struct aws_service_id_element *service_id_elem = elem->value; if (message_view->stream_id != service_id_elem->stream_id) { - aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_STREAM_ID); - return false; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_STREAM_ID); } /* V1 and V2 will be considered active at this point with a matching stream id but V3 streams will need to have @@ -292,12 +289,11 @@ static bool s_aws_secure_tunnel_active_stream_check( struct aws_hash_element *connection_id_elem = NULL; aws_hash_table_find(&service_id_elem->connection_ids, &message_view->connection_id, &connection_id_elem); if (connection_id_elem == NULL) { - aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID); - return false; + return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID); } } - return true; + return AWS_OP_SUCCESS; } static int s_aws_secure_tunnel_set_stream( @@ -440,6 +436,7 @@ static int s_aws_secure_tunnel_set_connection_id( .connection_id = connection_id, }; + // TODO unchecked return value s_aws_secure_tunnel_remove_connection_id(secure_tunnel, &reset_message); if (secure_tunnel->config->on_connection_reset) { secure_tunnel->config->on_connection_reset( @@ -467,6 +464,8 @@ static int s_aws_secure_tunnel_remove_connection_id( const struct aws_secure_tunnel_message_view *message_view) { if (s_aws_secure_tunnel_active_stream_check(secure_tunnel, message_view)) { + return AWS_OP_ERR; + } else { struct aws_hash_table *table_to_remove_from = NULL; if (message_view->service_id == NULL || message_view->service_id->len == 0) { @@ -494,8 +493,6 @@ static int s_aws_secure_tunnel_remove_connection_id( AWS_BYTE_CURSOR_PRI(*message_view->service_id), message_view->connection_id); } - } else { - return aws_last_error(); } return AWS_OP_SUCCESS; @@ -531,10 +528,6 @@ static void s_aws_secure_tunnel_on_data_received( } if (s_aws_secure_tunnel_active_stream_check(secure_tunnel, message_view)) { - if (secure_tunnel->config->on_message_received) { - secure_tunnel->config->on_message_received(message_view, secure_tunnel->config->user_data); - } - } else { if (message_view->service_id->len > 0) { AWS_LOGF_INFO( AWS_LS_IOTDEVICE_SECURE_TUNNELING, @@ -552,6 +545,10 @@ static void s_aws_secure_tunnel_on_data_received( message_view->stream_id, message_view->connection_id); } + } else { + if (secure_tunnel->config->on_message_received) { + secure_tunnel->config->on_message_received(message_view, secure_tunnel->config->user_data); + } } } @@ -784,7 +781,11 @@ static void s_aws_secure_tunnel_on_connection_reset_received( */ s_set_absent_connection_id_to_one(message_view, &message_view->connection_id); - int result = s_aws_secure_tunnel_remove_connection_id(secure_tunnel, message_view); + int result = AWS_OP_SUCCESS; + + if (s_aws_secure_tunnel_remove_connection_id(secure_tunnel, message_view)) { + result = aws_last_error(); + } if (secure_tunnel->config->on_connection_reset) { secure_tunnel->config->on_connection_reset(message_view, result, secure_tunnel->config->user_data); @@ -1769,7 +1770,7 @@ static void s_process_outbound_data_message( } /* If a data message attempts to be sent on an unopen stream, discard it. */ - if (!s_aws_secure_tunnel_active_stream_check(secure_tunnel, current_operation->message_view)) { + if (s_aws_secure_tunnel_active_stream_check(secure_tunnel, current_operation->message_view)) { error_code = aws_last_error(); if (current_operation->message_view->service_id && current_operation->message_view->service_id->len > 0) { AWS_LOGF_DEBUG( From d98600eeae410f9e34357f39fb8a96ef223c2bc5 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 15 Apr 2024 13:27:24 -0700 Subject: [PATCH 07/26] tries to remove with no error state --- source/secure_tunneling.c | 101 +++++++++++++++++++++++++------------- 1 file changed, 67 insertions(+), 34 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 8283e272..cb50f49e 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -48,7 +48,7 @@ static void s_reevaluate_service_task(struct aws_secure_tunnel *secure_tunnel); static void s_aws_secure_tunnel_connected_on_message_received( struct aws_secure_tunnel *secure_tunnel, struct aws_secure_tunnel_message_view *message_view); -static int s_aws_secure_tunnel_remove_connection_id( +static void s_aws_secure_tunnel_remove_connection_id( struct aws_secure_tunnel *secure_tunnel, const struct aws_secure_tunnel_message_view *message_view); void reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel); @@ -406,11 +406,10 @@ static int s_aws_secure_tunnel_set_connection_id( AWS_BYTE_CURSOR_PRI(*service_id), connection_id); } - } else { /* - * If the connection id is already stored something is wrong and this connection id must be removed and a - * connection reset must be sent for this connection id + * If the connection id is already stored, something is wrong and this connection id must + * be removed and a connection reset must be sent for this connection id. */ aws_connection_id_destroy(connection_id_elem); if (service_id == NULL || service_id->len == 0) { @@ -456,29 +455,60 @@ static int s_aws_secure_tunnel_set_connection_id( (void *)secure_tunnel); return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID); } + return AWS_OP_SUCCESS; } -static int s_aws_secure_tunnel_remove_connection_id( +static void s_aws_secure_tunnel_remove_connection_id( struct aws_secure_tunnel *secure_tunnel, const struct aws_secure_tunnel_message_view *message_view) { - if (s_aws_secure_tunnel_active_stream_check(secure_tunnel, message_view)) { - return AWS_OP_ERR; - } else { - struct aws_hash_table *table_to_remove_from = NULL; + struct aws_hash_table *table_to_remove_from = NULL; + uint32_t connection_id = message_view->connection_id; - if (message_view->service_id == NULL || message_view->service_id->len == 0) { - table_to_remove_from = &secure_tunnel->connections->connection_ids; - } else { - struct aws_hash_element *elem = NULL; - aws_hash_table_find(&secure_tunnel->connections->service_ids, message_view->service_id, &elem); - struct aws_service_id_element *service_id_elem = elem->value; - table_to_remove_from = &service_id_elem->connection_ids; - } + /* + * No service id means either V1 protocol is being used or V3 protocol is being used on a tunnel without service ids + */ + if (message_view->service_id == NULL || message_view->service_id->len == 0) { + /* + * No service id means either V1 protocol is being used or V3 protocol is being used on a tunnel + * without service ids. In both cases, the connection_ids table is being used to store the connection. + */ + table_to_remove_from = &secure_tunnel->connections->connection_ids; - aws_hash_table_remove(table_to_remove_from, &message_view->connection_id, NULL, NULL); + if (connection_id == 0) { + connection_id = 1; + } + } else { + /* + * Since a service id is being used, we must first check that the service id exists for this secure tunnel. + */ + struct aws_hash_element *elem = NULL; + aws_hash_table_find(&secure_tunnel->connections->service_ids, message_view->service_id, &elem); + if (elem == NULL) { + /* + * service id did not exist for connection id to be removed from. There is nothing left to do. + */ + return; + } + /* + * The service id was found and its table of connection ids set to table_to_remove_from + */ + struct aws_service_id_element *service_id_elem = elem->value; + table_to_remove_from = &service_id_elem->connection_ids; + } + /* + * Before attempting to remove the connection id, we check if it exists in the table. If it doesn't, + * there's nothing left to do. + */ + struct aws_hash_element *connection_id_elem = NULL; + aws_hash_table_find(table_to_remove_from, &connection_id, &connection_id_elem); + if (connection_id_elem != NULL) { + /* + * We know it exists so we remove it. + */ + aws_hash_table_remove(table_to_remove_from, &connection_id, NULL, NULL); if (message_view->service_id == NULL || message_view->service_id->len == 0) { AWS_LOGF_INFO( AWS_LS_IOTDEVICE_SECURE_TUNNELING, @@ -494,8 +524,6 @@ static int s_aws_secure_tunnel_remove_connection_id( message_view->connection_id); } } - - return AWS_OP_SUCCESS; } /***************************************************************************************************************** @@ -597,8 +625,11 @@ static void s_aws_secure_tunnel_on_stream_start_received( */ s_set_absent_connection_id_to_one(message_view, &connection_id); - int result = - s_aws_secure_tunnel_set_stream(secure_tunnel, message_view->service_id, message_view->stream_id, connection_id); + int result = AWS_OP_SUCCESS; + if (s_aws_secure_tunnel_set_stream( + secure_tunnel, message_view->service_id, message_view->stream_id, connection_id)) { + result = aws_last_error(); + } if (secure_tunnel->config->on_stream_start) { secure_tunnel->config->on_stream_start(message_view, result, secure_tunnel->config->user_data); @@ -620,9 +651,11 @@ static void s_aws_secure_tunnel_on_stream_reset_received( return; } - int result = AWS_OP_SUCCESS; if (s_aws_secure_tunnel_stream_id_match_check(secure_tunnel, message_view->service_id, message_view->stream_id)) { - result = s_aws_secure_tunnel_set_stream(secure_tunnel, message_view->service_id, INVALID_STREAM_ID, 0); + int result = AWS_OP_SUCCESS; + if (s_aws_secure_tunnel_set_stream(secure_tunnel, message_view->service_id, INVALID_STREAM_ID, 0)) { + result = aws_last_error(); + } if (secure_tunnel->config->on_stream_reset) { secure_tunnel->config->on_stream_reset(message_view, result, secure_tunnel->config->user_data); } @@ -739,8 +772,11 @@ static void s_aws_secure_tunnel_on_connection_start_received( s_set_absent_connection_id_to_one(message_view, &message_view->connection_id); if (s_aws_secure_tunnel_stream_id_match_check(secure_tunnel, message_view->service_id, message_view->stream_id)) { - int result = - s_aws_secure_tunnel_set_connection_id(secure_tunnel, message_view->service_id, message_view->connection_id); + int result = AWS_OP_SUCCESS; + if (s_aws_secure_tunnel_set_connection_id( + secure_tunnel, message_view->service_id, message_view->connection_id)) { + result = aws_last_error(); + } if (secure_tunnel->config->on_connection_start) { secure_tunnel->config->on_connection_start(message_view, result, secure_tunnel->config->user_data); } @@ -781,14 +817,10 @@ static void s_aws_secure_tunnel_on_connection_reset_received( */ s_set_absent_connection_id_to_one(message_view, &message_view->connection_id); - int result = AWS_OP_SUCCESS; - - if (s_aws_secure_tunnel_remove_connection_id(secure_tunnel, message_view)) { - result = aws_last_error(); - } + s_aws_secure_tunnel_remove_connection_id(secure_tunnel, message_view); if (secure_tunnel->config->on_connection_reset) { - secure_tunnel->config->on_connection_reset(message_view, result, secure_tunnel->config->user_data); + secure_tunnel->config->on_connection_reset(message_view, AWS_OP_SUCCESS, secure_tunnel->config->user_data); } } @@ -1963,6 +1995,8 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure if (s_secure_tunneling_send(secure_tunnel, current_operation->message_view)) { error_code = aws_last_error(); } else { + // TODO handle this error. It will return an AWS_OP_ERR if something fails at which point + // aws_last_error() should be used to report the error that occurred. s_aws_secure_tunnel_set_stream( secure_tunnel, current_operation->message_view->service_id, @@ -2021,8 +2055,7 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure current_operation, secure_tunnel)) { error_code = aws_last_error(); } else { - error_code = - s_aws_secure_tunnel_remove_connection_id(secure_tunnel, current_operation->message_view); + s_aws_secure_tunnel_remove_connection_id(secure_tunnel, current_operation->message_view); /* * If we have a stream id, we should send the CONNECTION RESET message even if we do not have a From d6c8d142cc976dcb8c58c9d766fa02c3b6f31152 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 15 Apr 2024 14:05:39 -0700 Subject: [PATCH 08/26] handle more error results --- source/secure_tunneling.c | 33 ++++++++++++++++++++++++--------- 1 file changed, 24 insertions(+), 9 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index cb50f49e..30585daf 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -412,6 +412,7 @@ static int s_aws_secure_tunnel_set_connection_id( * be removed and a connection reset must be sent for this connection id. */ aws_connection_id_destroy(connection_id_elem); + if (service_id == NULL || service_id->len == 0) { AWS_LOGF_INFO( AWS_LS_IOTDEVICE_SECURE_TUNNELING, @@ -435,8 +436,8 @@ static int s_aws_secure_tunnel_set_connection_id( .connection_id = connection_id, }; - // TODO unchecked return value s_aws_secure_tunnel_remove_connection_id(secure_tunnel, &reset_message); + if (secure_tunnel->config->on_connection_reset) { secure_tunnel->config->on_connection_reset( &reset_message, @@ -444,7 +445,9 @@ static int s_aws_secure_tunnel_set_connection_id( secure_tunnel->config->user_data); } - aws_secure_tunnel_connection_reset(secure_tunnel, &reset_message); + if (aws_secure_tunnel_connection_reset(secure_tunnel, &reset_message)) { + return AWS_OP_ERR; + } return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID); } @@ -607,13 +610,25 @@ static void s_aws_secure_tunnel_on_stream_start_received( "Protocol Version and Protocol Version used by incoming STREAM START message.", (void *)secure_tunnel); reset_secure_tunnel_connection(secure_tunnel); - aws_secure_tunnel_message_storage_init( - &secure_tunnel->connections->restore_stream_message, - secure_tunnel->allocator, - message_view, - AWS_STOT_STREAM_START); - secure_tunnel->connections->restore_stream_message_view = &secure_tunnel->connections->restore_stream_message; - return; + if (aws_secure_tunnel_message_storage_init( + &secure_tunnel->connections->restore_stream_message, + secure_tunnel->allocator, + message_view, + AWS_STOT_STREAM_START)) { + int error_code = aws_last_error(); + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Secure Tunnel reset due to Protocol Version mismatch failed to set a restore stream message " + "with error %d(%s)", + (void *)secure_tunnel, + error_code, + aws_error_debug_str(error_code)); + return; + } else { + secure_tunnel->connections->restore_stream_message_view = + &secure_tunnel->connections->restore_stream_message; + return; + } } uint32_t connection_id = message_view->connection_id; From 4102f17119afd4eca97dcb9d071b716c00b957c8 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 16 Apr 2024 11:54:41 -0700 Subject: [PATCH 09/26] further error handling --- source/secure_tunneling.c | 201 +++++++++++++++++--------------------- 1 file changed, 92 insertions(+), 109 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 30585daf..64cac530 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -957,7 +957,6 @@ static bool secure_tunneling_websocket_stream_outgoing_payload( return false; } pair->length_prefix_written = true; - space_available = out_buf->capacity - out_buf->len; } if (pair->length_prefix_written == true) { @@ -1059,6 +1058,7 @@ static bool s_on_websocket_incoming_frame_complete( (void *)user_data, error_code, aws_error_debug_str(error_code)); + return false; } return true; @@ -1068,7 +1068,7 @@ static void s_secure_tunnel_shutdown(struct aws_client_bootstrap *bootstrap, int (void)bootstrap; struct aws_secure_tunnel *secure_tunnel = user_data; - if (error_code == AWS_ERROR_SUCCESS) { + if (error_code == AWS_OP_SUCCESS) { error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_UNEXPECTED_HANGUP; } @@ -1088,7 +1088,6 @@ static void s_secure_tunnel_shutdown(struct aws_client_bootstrap *bootstrap, int /* Normal call to shutdown the websocket */ static void s_secure_tunnel_shutdown_websocket(struct aws_secure_tunnel *secure_tunnel, int error_code) { - (void)error_code; if (secure_tunnel->current_state != AWS_STS_CONNECTED && secure_tunnel->current_state != AWS_STS_CLEAN_DISCONNECT) { AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, @@ -1153,14 +1152,13 @@ static void s_on_websocket_setup(const struct aws_websocket_on_connection_setup_ if (secure_tunnel->desired_state != AWS_STS_CONNECTED) { aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP); - goto error; + s_on_websocket_shutdown( + secure_tunnel->websocket, AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP, secure_tunnel); + return; } s_change_current_state(secure_tunnel, AWS_STS_CONNECTED); - return; -error: - s_on_websocket_shutdown(secure_tunnel->websocket, setup->error_code, secure_tunnel); } struct aws_secure_tunnel_websocket_transform_complete_task { @@ -1188,52 +1186,50 @@ void s_secure_tunneling_websocket_transform_complete_task_fn( secure_tunnel->handshake_request = aws_http_message_acquire(websocket_transform_complete_task->handshake); int error_code = websocket_transform_complete_task->error_code; - if (error_code == 0 && secure_tunnel->desired_state == AWS_STS_CONNECTED) { - struct aws_websocket_client_connection_options websocket_options = { - .allocator = secure_tunnel->allocator, - .bootstrap = secure_tunnel->config->bootstrap, - .socket_options = &secure_tunnel->config->socket_options, - .tls_options = &secure_tunnel->tls_con_opt, - .host = aws_byte_cursor_from_string(secure_tunnel->config->endpoint_host), - .port = 443, - .handshake_request = secure_tunnel->handshake_request, - .manual_window_management = false, - .user_data = secure_tunnel, - .requested_event_loop = secure_tunnel->loop, - - .on_connection_setup = s_on_websocket_setup, - .on_connection_shutdown = s_on_websocket_shutdown, - .on_incoming_frame_begin = s_on_websocket_incoming_frame_begin, - .on_incoming_frame_payload = s_on_websocket_incoming_frame_payload, - .on_incoming_frame_complete = s_on_websocket_incoming_frame_complete, - - .host_resolution_config = &secure_tunnel->host_resolution_config, - }; - - if (secure_tunnel->config->http_proxy_config != NULL) { - websocket_options.proxy_options = &secure_tunnel->config->http_proxy_options; - } + if (error_code == AWS_OP_SUCCESS) { + if (secure_tunnel->desired_state == AWS_STS_CONNECTED) { + struct aws_websocket_client_connection_options websocket_options = { + .allocator = secure_tunnel->allocator, + .bootstrap = secure_tunnel->config->bootstrap, + .socket_options = &secure_tunnel->config->socket_options, + .tls_options = &secure_tunnel->tls_con_opt, + .host = aws_byte_cursor_from_string(secure_tunnel->config->endpoint_host), + .port = 443, + .handshake_request = secure_tunnel->handshake_request, + .manual_window_management = false, + .user_data = secure_tunnel, + .requested_event_loop = secure_tunnel->loop, + + .on_connection_setup = s_on_websocket_setup, + .on_connection_shutdown = s_on_websocket_shutdown, + .on_incoming_frame_begin = s_on_websocket_incoming_frame_begin, + .on_incoming_frame_payload = s_on_websocket_incoming_frame_payload, + .on_incoming_frame_complete = s_on_websocket_incoming_frame_complete, + + .host_resolution_config = &secure_tunnel->host_resolution_config, + }; - if (secure_tunnel->vtable->aws_websocket_client_connect_fn(&websocket_options)) { - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: Failed to initiate websocket connection.", - (void *)secure_tunnel); - error_code = aws_last_error(); - goto error; - } + if (secure_tunnel->config->http_proxy_config != NULL) { + websocket_options.proxy_options = &secure_tunnel->config->http_proxy_options; + } - goto done; - } else { - if (error_code == AWS_ERROR_SUCCESS) { + if (secure_tunnel->vtable->aws_websocket_client_connect_fn(&websocket_options)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failed to initiate websocket connection.", + (void *)secure_tunnel); + error_code = aws_last_error(); + } + } else { AWS_ASSERT(secure_tunnel->desired_state != AWS_STS_CONNECTED); error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP; } } -error:; - struct aws_websocket_on_connection_setup_data websocket_setup = {.error_code = error_code}; - s_on_websocket_setup(&websocket_setup, secure_tunnel); + if (error_code != AWS_OP_SUCCESS) { + struct aws_websocket_on_connection_setup_data websocket_setup = {.error_code = error_code}; + s_on_websocket_setup(&websocket_setup, secure_tunnel); + } done: aws_http_message_release(websocket_transform_complete_task->handshake); @@ -1318,7 +1314,7 @@ static int s_websocket_connect(struct aws_secure_tunnel *secure_tunnel) { struct aws_http_message *handshake = s_new_handshake_request(secure_tunnel); if (handshake == NULL) { - goto error; + return AWS_OP_ERR; } AWS_LOGF_TRACE( @@ -1340,9 +1336,6 @@ static int s_websocket_connect(struct aws_secure_tunnel *secure_tunnel) { aws_event_loop_schedule_task_now(secure_tunnel->loop, &task->task); return AWS_OP_SUCCESS; - -error: - return AWS_OP_ERR; } static void s_reset_ping(struct aws_secure_tunnel *secure_tunnel) { @@ -1639,7 +1632,6 @@ static int s_aws_secure_tunnel_change_desired_state( * Disconnect the Secure Tunnel from the Secure Tunnel service and reset all stream ids */ void reset_secure_tunnel_connection(struct aws_secure_tunnel *secure_tunnel) { - struct aws_secure_tunnel_change_desired_state_task *task = s_aws_secure_tunnel_change_desired_state_task_new( secure_tunnel->allocator, secure_tunnel, AWS_STS_CLEAN_DISCONNECT); @@ -1937,18 +1929,16 @@ static void s_process_outbound_stream_start_message( } } -int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure_tunnel) { +void aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure_tunnel) { const struct aws_secure_tunnel_vtable *vtable = secure_tunnel->vtable; uint64_t now = (*vtable->get_current_time_fn)(); /* Should we write data? */ bool should_service = s_aws_secure_tunnel_should_service_operational_state(secure_tunnel, now); if (!should_service) { - return AWS_OP_SUCCESS; + return; } - int operational_error_code = AWS_ERROR_SUCCESS; - do { /* if no current operation, pull one in and setup encode */ if (secure_tunnel->current_operation == NULL) { @@ -1991,7 +1981,9 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure AWS_ZERO_STRUCT(frame_options); frame_options.opcode = AWS_WEBSOCKET_OPCODE_PING; frame_options.fin = true; - secure_tunnel->vtable->aws_websocket_send_frame_fn(secure_tunnel->websocket, &frame_options); + if (secure_tunnel->vtable->aws_websocket_send_frame_fn(secure_tunnel->websocket, &frame_options)) { + error_code = aws_last_error(); + } break; case AWS_STOT_MESSAGE: @@ -2005,21 +1997,28 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure case AWS_STOT_STREAM_RESET: if ((*current_operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn)( current_operation, secure_tunnel) == AWS_OP_SUCCESS) { + if (current_operation->message_view->connection_id == 0) { /* Send the Stream Reset message through the WebSocket */ if (s_secure_tunneling_send(secure_tunnel, current_operation->message_view)) { error_code = aws_last_error(); } else { - // TODO handle this error. It will return an AWS_OP_ERR if something fails at which point - // aws_last_error() should be used to report the error that occurred. - s_aws_secure_tunnel_set_stream( - secure_tunnel, - current_operation->message_view->service_id, - INVALID_STREAM_ID, - current_operation->message_view->connection_id); + if (s_aws_secure_tunnel_set_stream( + secure_tunnel, + current_operation->message_view->service_id, + INVALID_STREAM_ID, + current_operation->message_view->connection_id)) { + error_code = aws_last_error(); + } } aws_secure_tunnel_message_view_log(current_operation->message_view, AWS_LL_DEBUG); } else { + /* + * There is no callback specific to a Stream Reset failing. + * aws_secure_tunnel_stream_reset() should not be called as it is using deprecated API and + * functionality related to Stream Reset should be handled without customer interaction. + * We will log a warning on failure but take no further action. + */ AWS_LOGF_WARN( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: failed to send STREAM RESET message must not have a connection id", @@ -2059,6 +2058,11 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure aws_secure_tunnel_message_view_log(current_operation->message_view, AWS_LL_DEBUG); } + /* + * There is a singular callback for all outbound messages. The customer will need to coordinate + * and parse the callback contents to determine what operation they initiated that resulted in + * the message completion callback. + */ if (error_code && secure_tunnel->config->on_send_message_complete) { secure_tunnel->config->on_send_message_complete( AWS_SECURE_TUNNEL_MT_CONNECTION_START, error_code, secure_tunnel->config->user_data); @@ -2077,17 +2081,24 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure * currently active stream */ if (s_secure_tunneling_send(secure_tunnel, current_operation->message_view)) { + error_code = aws_last_error(); AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: failed to send DATA message with error %d(%s)", (void *)secure_tunnel, - aws_last_error(), - aws_error_debug_str(aws_last_error())); + error_code, + aws_error_debug_str(error_code)); } } if (error_code) { - AWS_LOGF_ERROR( + /* + * There is no callback specific to a Connection Reset failing. + * aws_secure_tunnel_connection_reset() should not be called as it is using deprecated API and + * functionality related to Connection Reset should be handled without customer interaction. + * We will log a warning on failure but take no further action. + */ + AWS_LOGF_WARN( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: failed to send CONNECTION RESET message with error %d(%s)", (void *)secure_tunnel, @@ -2101,18 +2112,22 @@ int aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secure break; } + if (error_code != AWS_OP_SUCCESS) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: error encountered during servicing of operation type `(%s)`: %d(%s)", + (void *)secure_tunnel, + aws_secure_tunnel_operation_type_to_c_string(current_operation->operation_type), + error_code, + aws_error_debug_str(error_code)); + } + s_complete_operation(secure_tunnel, current_operation, AWS_OP_SUCCESS, NULL); secure_tunnel->current_operation = NULL; now = (*vtable->get_current_time_fn)(); should_service = s_aws_secure_tunnel_should_service_operational_state(secure_tunnel, now); } while (should_service); - - if (operational_error_code != AWS_ERROR_SUCCESS) { - return aws_raise_error(operational_error_code); - } - - return AWS_OP_SUCCESS; } void aws_secure_tunnel_operational_state_clean_up(struct aws_secure_tunnel *secure_tunnel) { @@ -2362,7 +2377,7 @@ static void s_reevaluate_service_task(struct aws_secure_tunnel *secure_tunnel) { * Update Loop ********************************************************************************************************************/ -static int s_aws_secure_tunnel_queue_ping(struct aws_secure_tunnel *secure_tunnel) { +static void s_aws_secure_tunnel_queue_ping(struct aws_secure_tunnel *secure_tunnel) { s_reset_ping(secure_tunnel); AWS_LOGF_DEBUG(AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: queuing PING", (void *)secure_tunnel); @@ -2370,8 +2385,6 @@ static int s_aws_secure_tunnel_queue_ping(struct aws_secure_tunnel *secure_tunne struct aws_secure_tunnel_operation_pingreq *pingreq_op = aws_secure_tunnel_operation_pingreq_new(secure_tunnel->allocator); s_enqueue_operation_front(secure_tunnel, &pingreq_op->base); - - return AWS_OP_SUCCESS; } static bool s_service_state_stopped(struct aws_secure_tunnel *secure_tunnel) { @@ -2402,30 +2415,10 @@ static void s_service_state_connected(struct aws_secure_tunnel *secure_tunnel, u } if (now >= secure_tunnel->next_ping_time) { - if (s_aws_secure_tunnel_queue_ping(secure_tunnel)) { - int error_code = aws_last_error(); - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to queue PINGREQ with error %d(%s)", - (void *)secure_tunnel, - error_code, - aws_error_debug_str(error_code)); - s_secure_tunnel_shutdown_websocket(secure_tunnel, error_code); - return; - } + s_aws_secure_tunnel_queue_ping(secure_tunnel); } - if (aws_secure_tunnel_service_operational_state(secure_tunnel)) { - int error_code = aws_last_error(); - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to service CONNECTED operation queue with error %d(%s)", - (void *)secure_tunnel, - error_code, - aws_error_debug_str(error_code)); - s_secure_tunnel_shutdown_websocket(secure_tunnel, error_code); - return; - } + aws_secure_tunnel_service_operational_state(secure_tunnel); } static void s_service_state_clean_disconnect(struct aws_secure_tunnel *secure_tunnel, uint64_t now) { @@ -2448,17 +2441,7 @@ static void s_service_state_clean_disconnect(struct aws_secure_tunnel *secure_tu return; } - if (aws_secure_tunnel_service_operational_state(secure_tunnel)) { - int error_code = aws_last_error(); - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to service CLEAN_DISCONNECT operation queue with error %d(%s)", - (void *)secure_tunnel, - error_code, - aws_error_debug_str(error_code)); - s_secure_tunnel_shutdown_websocket(secure_tunnel, error_code); - return; - } + aws_secure_tunnel_service_operational_state(secure_tunnel); } static void s_service_state_pending_reconnect(struct aws_secure_tunnel *secure_tunnel, uint64_t now) { @@ -2669,7 +2652,7 @@ int aws_secure_tunnel_send_message( secure_tunnel->allocator, secure_tunnel, message_options, AWS_STOT_MESSAGE); if (message_op == NULL) { - return aws_last_error(); + return AWS_OP_ERR; } AWS_LOGF_DEBUG( From 9a204b3a4a9fbb577efd72e6f0d8dc31440bfad9 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 16 Apr 2024 12:53:55 -0700 Subject: [PATCH 10/26] test checks last error instead of return code --- tests/secure_tunnel_tests.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secure_tunnel_tests.c b/tests/secure_tunnel_tests.c index 2638912a..aa2244d7 100644 --- a/tests/secure_tunnel_tests.c +++ b/tests/secure_tunnel_tests.c @@ -1448,7 +1448,7 @@ static int s_secure_tunneling_max_payload_exceed_test_fn(struct aws_allocator *a int result = aws_secure_tunnel_send_message(secure_tunnel, &data_message_view); - ASSERT_INT_EQUALS(result, AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DATA_OPTIONS_VALIDATION); + ASSERT_INT_EQUALS(result, aws_last_error()); ASSERT_SUCCESS(aws_secure_tunnel_stop(secure_tunnel)); s_wait_for_connection_shutdown(&test_fixture); From d50be305451164499c56a3a85a7c19dc160af329 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 16 Apr 2024 13:00:15 -0700 Subject: [PATCH 11/26] assert that the send message failed --- tests/secure_tunnel_tests.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secure_tunnel_tests.c b/tests/secure_tunnel_tests.c index aa2244d7..6c58a898 100644 --- a/tests/secure_tunnel_tests.c +++ b/tests/secure_tunnel_tests.c @@ -1448,7 +1448,7 @@ static int s_secure_tunneling_max_payload_exceed_test_fn(struct aws_allocator *a int result = aws_secure_tunnel_send_message(secure_tunnel, &data_message_view); - ASSERT_INT_EQUALS(result, aws_last_error()); + ASSERT_INT_EQUALS(result, AWS_OP_ERR); ASSERT_SUCCESS(aws_secure_tunnel_stop(secure_tunnel)); s_wait_for_connection_shutdown(&test_fixture); From e541a99f16541c8772d51d700b23600359e0afb7 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Thu, 18 Apr 2024 10:03:59 -0700 Subject: [PATCH 12/26] report proper error during operation failures --- source/secure_tunneling.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 64cac530..0faae87d 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1079,10 +1079,7 @@ static void s_secure_tunnel_shutdown(struct aws_client_bootstrap *bootstrap, int } if (!aws_linked_list_empty(&secure_tunnel->queued_operations)) { - s_complete_operation_list( - secure_tunnel, - &secure_tunnel->queued_operations, - AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_OPERATION_FAILED_DUE_TO_OFFLINE_QUEUE_POLICY); + s_complete_operation_list(secure_tunnel, &secure_tunnel->queued_operations, error_code); } } From efc2297a2099731efe5424235743b6f62e590c5f Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Thu, 13 Jun 2024 11:23:42 -0700 Subject: [PATCH 13/26] goto error --- source/serializer.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/source/serializer.c b/source/serializer.c index 3f5c8931..9481bd30 100644 --- a/source/serializer.c +++ b/source/serializer.c @@ -260,7 +260,7 @@ int aws_iot_st_msg_serialize_from_view( (void *)message_view, message_total_length); - if (aws_byte_buf_init(buffer, allocator, message_total_length) != AWS_OP_SUCCESS) { + if (aws_byte_buf_init(buffer, allocator, message_total_length)) { return AWS_OP_ERR; } @@ -270,14 +270,14 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding message type while serializing message", (void *)message_view); - goto cleanup; + goto error; } } else { AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Message type missing while serializing message", (void *)message_view); - goto cleanup; + goto error; } if (message_view->stream_id != 0) { @@ -286,7 +286,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding stream id while serializing message", (void *)message_view); - goto cleanup; + goto error; } } @@ -296,7 +296,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding connection id while serializing message", (void *)message_view); - goto cleanup; + goto error; } } @@ -306,7 +306,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding ignorable while serializing message", (void *)message_view); - goto cleanup; + goto error; } } @@ -316,7 +316,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding payload while serializing message", (void *)message_view); - goto cleanup; + goto error; } } @@ -327,7 +327,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id while serializing message", (void *)message_view); - goto cleanup; + goto error; } } if (message_view->service_id_2 != 0) { @@ -336,7 +336,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id 2 while serializing message", (void *)message_view); - goto cleanup; + goto error; } } if (message_view->service_id_3 != 0) { @@ -345,7 +345,7 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id 3 while serializing message", (void *)message_view); - goto cleanup; + goto error; } } } else if (message_view->service_id != NULL) { @@ -354,13 +354,13 @@ int aws_iot_st_msg_serialize_from_view( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Failure encoding service id while serializing message", (void *)message_view); - goto cleanup; + goto error; } } return AWS_OP_SUCCESS; -cleanup: +error: aws_byte_buf_clean_up(buffer); return aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_ENCODE_FAILURE); } From 4abd149733443948f847a489a7af9e44e3b59a37 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Thu, 13 Jun 2024 14:46:58 -0700 Subject: [PATCH 14/26] remove unecessary error_code member --- source/secure_tunneling_operations.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/source/secure_tunneling_operations.c b/source/secure_tunneling_operations.c index 81440340..d6ad1e4c 100644 --- a/source/secure_tunneling_operations.c +++ b/source/secure_tunneling_operations.c @@ -362,8 +362,6 @@ static int s_aws_secure_tunnel_operation_message_assign_stream_id( struct aws_secure_tunnel_message_view *message_view = &message_op->options_storage.storage_view; - int error_code = AWS_OP_SUCCESS; - if (message_view->service_id == NULL || message_view->service_id->len == 0) { stream_id = secure_tunnel->connections->stream_id; } else { @@ -375,20 +373,20 @@ static int s_aws_secure_tunnel_operation_message_assign_stream_id( "id=%p: invalid service id '" PRInSTR "' attempted to be assigned a stream id on an outbound message", (void *)message_view, AWS_BYTE_CURSOR_PRI(*message_view->service_id)); - error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_SERVICE_ID; + aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_SERVICE_ID); goto error; } struct aws_service_id_element *service_id_elem = elem->value; stream_id = service_id_elem->stream_id; if (stream_id == INVALID_STREAM_ID) { - error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INACTIVE_SERVICE_ID; + aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INACTIVE_SERVICE_ID); goto error; } } if (stream_id == INVALID_STREAM_ID) { - error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_STREAM_ID; + aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_STREAM_ID); goto error; } @@ -411,7 +409,7 @@ static int s_aws_secure_tunnel_operation_message_assign_stream_id( aws_secure_tunnel_message_type_to_c_string(message_view->type)); } - return aws_raise_error(error_code); + return AWS_OP_ERR; } /* From 3f54ffaa14d716a9ca1c4cc23c0b92ca3456ddf6 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Thu, 13 Jun 2024 14:53:27 -0700 Subject: [PATCH 15/26] change debug to warn log --- source/secure_tunneling_operations.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/source/secure_tunneling_operations.c b/source/secure_tunneling_operations.c index d6ad1e4c..a17b8141 100644 --- a/source/secure_tunneling_operations.c +++ b/source/secure_tunneling_operations.c @@ -368,11 +368,6 @@ static int s_aws_secure_tunnel_operation_message_assign_stream_id( struct aws_hash_element *elem = NULL; aws_hash_table_find(&secure_tunnel->connections->service_ids, message_view->service_id, &elem); if (elem == NULL) { - AWS_LOGF_WARN( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: invalid service id '" PRInSTR "' attempted to be assigned a stream id on an outbound message", - (void *)message_view, - AWS_BYTE_CURSOR_PRI(*message_view->service_id)); aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_SERVICE_ID); goto error; } @@ -395,13 +390,13 @@ static int s_aws_secure_tunnel_operation_message_assign_stream_id( error: if (message_view->service_id == NULL || message_view->service_id->len == 0) { - AWS_LOGF_DEBUG( + AWS_LOGF_WARN( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: No active stream to assign outbound %s message a stream id", (void *)secure_tunnel, aws_secure_tunnel_message_type_to_c_string(message_view->type)); } else { - AWS_LOGF_DEBUG( + AWS_LOGF_WARN( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: No active stream with service id '" PRInSTR "' to assign outbound %s message a stream id", (void *)secure_tunnel, From 9d9d835f1d3eecbd9ce3287b08930a952bb64952 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 14 Jun 2024 12:36:40 -0700 Subject: [PATCH 16/26] remove unused function --- source/secure_tunneling.c | 48 ++++++++++++++++------------ source/secure_tunneling_operations.c | 20 ++++++------ 2 files changed, 38 insertions(+), 30 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 0faae87d..4cf062c9 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1808,27 +1808,33 @@ static void s_process_outbound_data_message( /* If a data message attempts to be sent on an unopen stream, discard it. */ if (s_aws_secure_tunnel_active_stream_check(secure_tunnel, current_operation->message_view)) { error_code = aws_last_error(); - if (current_operation->message_view->service_id && current_operation->message_view->service_id->len > 0) { - AWS_LOGF_DEBUG( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to send DATA message with service id '" PRInSTR - "' stream id (%d) and connection id (%d) with error %d(%s)", - (void *)secure_tunnel, - AWS_BYTE_CURSOR_PRI(*current_operation->message_view->service_id), - current_operation->message_view->stream_id, - current_operation->message_view->connection_id, - error_code, - aws_error_debug_str(error_code)); - } else { - AWS_LOGF_DEBUG( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: failed to send DATA message with stream id (%d) and connection id (%d) with error %d(%s)", - (void *)secure_tunnel, - current_operation->message_view->stream_id, - current_operation->message_view->connection_id, - error_code, - aws_error_debug_str(error_code)); - } + AWS_LOGF_DEBUG( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: failed to send DATA message with error %d(%s)", + (void *)secure_tunnel, + error_code, + aws_error_debug_str(error_code)); + // if (current_operation->message_view->service_id && current_operation->message_view->service_id->len > 0) { + // AWS_LOGF_DEBUG( + // AWS_LS_IOTDEVICE_SECURE_TUNNELING, + // "id=%p: failed to send DATA message with service id '" PRInSTR + // "' stream id (%d) and connection id (%d) with error %d(%s)", + // (void *)secure_tunnel, + // AWS_BYTE_CURSOR_PRI(*current_operation->message_view->service_id), + // current_operation->message_view->stream_id, + // current_operation->message_view->connection_id, + // error_code, + // aws_error_debug_str(error_code)); + // } else { + // AWS_LOGF_DEBUG( + // AWS_LS_IOTDEVICE_SECURE_TUNNELING, + // "id=%p: failed to send DATA message with stream id (%d) and connection id (%d) with error %d(%s)", + // (void *)secure_tunnel, + // current_operation->message_view->stream_id, + // current_operation->message_view->connection_id, + // error_code, + // aws_error_debug_str(error_code)); + // } goto done; } diff --git a/source/secure_tunneling_operations.c b/source/secure_tunneling_operations.c index a17b8141..4b1760e3 100644 --- a/source/secure_tunneling_operations.c +++ b/source/secure_tunneling_operations.c @@ -127,15 +127,17 @@ void aws_secure_tunnel_operation_complete( (*operation->vtable->aws_secure_tunnel_operation_completion_fn)(operation, error_code, associated_view); } } - -void aws_secure_tunnel_operation_assign_stream_id( - struct aws_secure_tunnel_operation *operation, - struct aws_secure_tunnel *secure_tunnel) { - AWS_FATAL_ASSERT(operation->vtable != NULL); - if (operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn != NULL) { - (*operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn)(operation, secure_tunnel); - } -} +// STEVE TODO aws_secure_tunnel_operation_assign_stream_id_fn returns an int that is not used. +// Look into where and how it should be used and whether we need to error out or do anything beyond the +// warning that is provided within the function itself. +// void aws_secure_tunnel_operation_assign_stream_id( +// struct aws_secure_tunnel_operation *operation, +// struct aws_secure_tunnel *secure_tunnel) { +// AWS_FATAL_ASSERT(operation->vtable != NULL); +// if (operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn != NULL) { +// (*operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn)(operation, secure_tunnel); +// } +// } static struct aws_secure_tunnel_operation_vtable s_empty_operation_vtable = { .aws_secure_tunnel_operation_completion_fn = NULL, From cc6dee54fbfba89983f9299105d4bc0244a9c9be Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Fri, 14 Jun 2024 12:46:53 -0700 Subject: [PATCH 17/26] fully remove unused function --- .../iotdevice/private/secure_tunneling_operations.h | 4 ---- source/secure_tunneling_operations.c | 11 ----------- 2 files changed, 15 deletions(-) diff --git a/include/aws/iotdevice/private/secure_tunneling_operations.h b/include/aws/iotdevice/private/secure_tunneling_operations.h index 0cb242a0..c30032ec 100644 --- a/include/aws/iotdevice/private/secure_tunneling_operations.h +++ b/include/aws/iotdevice/private/secure_tunneling_operations.h @@ -113,10 +113,6 @@ AWS_IOTDEVICE_API void aws_secure_tunnel_operation_complete( int error_code, const void *associated_view); -AWS_IOTDEVICE_API void aws_secure_tunnel_operation_assign_stream_id( - struct aws_secure_tunnel_operation *operation, - struct aws_secure_tunnel *secure_tunnel); - AWS_IOTDEVICE_API int32_t aws_secure_tunnel_operation_get_stream_id(const struct aws_secure_tunnel_operation *operation); diff --git a/source/secure_tunneling_operations.c b/source/secure_tunneling_operations.c index 4b1760e3..1b43a773 100644 --- a/source/secure_tunneling_operations.c +++ b/source/secure_tunneling_operations.c @@ -127,17 +127,6 @@ void aws_secure_tunnel_operation_complete( (*operation->vtable->aws_secure_tunnel_operation_completion_fn)(operation, error_code, associated_view); } } -// STEVE TODO aws_secure_tunnel_operation_assign_stream_id_fn returns an int that is not used. -// Look into where and how it should be used and whether we need to error out or do anything beyond the -// warning that is provided within the function itself. -// void aws_secure_tunnel_operation_assign_stream_id( -// struct aws_secure_tunnel_operation *operation, -// struct aws_secure_tunnel *secure_tunnel) { -// AWS_FATAL_ASSERT(operation->vtable != NULL); -// if (operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn != NULL) { -// (*operation->vtable->aws_secure_tunnel_operation_assign_stream_id_fn)(operation, secure_tunnel); -// } -// } static struct aws_secure_tunnel_operation_vtable s_empty_operation_vtable = { .aws_secure_tunnel_operation_completion_fn = NULL, From aad5078f76a35497fc78d3f5d66f2a07ad7e3211 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 17 Jun 2024 14:22:51 -0700 Subject: [PATCH 18/26] cleaning --- source/secure_tunneling.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 4cf062c9..e0b1c511 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -591,9 +591,7 @@ static void s_aws_secure_tunnel_on_stream_start_received( * being used this session */ if (secure_tunnel->connections->protocol_version == 0) { - - uint8_t message_protocol_version = s_aws_secure_tunnel_message_min_protocol_check(message_view); - secure_tunnel->connections->protocol_version = message_protocol_version; + secure_tunnel->connections->protocol_version = s_aws_secure_tunnel_message_min_protocol_check(message_view); AWS_LOGF_INFO( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: Secure tunnel client Protocol set to V%d based on received STREAM START", From 7e9f895b1c65a71e068736b7df98bd59d3d6a962 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 17 Jun 2024 14:46:49 -0700 Subject: [PATCH 19/26] remove unecessary aws_raise_error() --- source/secure_tunneling.c | 1 - 1 file changed, 1 deletion(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index e0b1c511..796b7c84 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1146,7 +1146,6 @@ static void s_on_websocket_setup(const struct aws_websocket_on_connection_setup_ AWS_FATAL_ASSERT(aws_event_loop_thread_is_callers_thread(secure_tunnel->loop)); if (secure_tunnel->desired_state != AWS_STS_CONNECTED) { - aws_raise_error(AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP); s_on_websocket_shutdown( secure_tunnel->websocket, AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP, secure_tunnel); return; From 1da2903742c877e072e2189eaf69da62e936c9fc Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 17 Jun 2024 14:55:30 -0700 Subject: [PATCH 20/26] remove uneccessary AWS_ASSERT() --- source/secure_tunneling.c | 1 - 1 file changed, 1 deletion(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 796b7c84..4162d2c3 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1215,7 +1215,6 @@ void s_secure_tunneling_websocket_transform_complete_task_fn( error_code = aws_last_error(); } } else { - AWS_ASSERT(secure_tunnel->desired_state != AWS_STS_CONNECTED); error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP; } } From 0c31c79a180d510231a90675bdc2ddff0ff6583a Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 18 Jun 2024 09:12:57 -0700 Subject: [PATCH 21/26] revert websocket order --- source/secure_tunneling.c | 77 ++++++++++++++++++++------------------- 1 file changed, 40 insertions(+), 37 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 4162d2c3..53a6f57e 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1180,49 +1180,52 @@ void s_secure_tunneling_websocket_transform_complete_task_fn( secure_tunnel->handshake_request = aws_http_message_acquire(websocket_transform_complete_task->handshake); int error_code = websocket_transform_complete_task->error_code; - if (error_code == AWS_OP_SUCCESS) { - if (secure_tunnel->desired_state == AWS_STS_CONNECTED) { - struct aws_websocket_client_connection_options websocket_options = { - .allocator = secure_tunnel->allocator, - .bootstrap = secure_tunnel->config->bootstrap, - .socket_options = &secure_tunnel->config->socket_options, - .tls_options = &secure_tunnel->tls_con_opt, - .host = aws_byte_cursor_from_string(secure_tunnel->config->endpoint_host), - .port = 443, - .handshake_request = secure_tunnel->handshake_request, - .manual_window_management = false, - .user_data = secure_tunnel, - .requested_event_loop = secure_tunnel->loop, - - .on_connection_setup = s_on_websocket_setup, - .on_connection_shutdown = s_on_websocket_shutdown, - .on_incoming_frame_begin = s_on_websocket_incoming_frame_begin, - .on_incoming_frame_payload = s_on_websocket_incoming_frame_payload, - .on_incoming_frame_complete = s_on_websocket_incoming_frame_complete, - - .host_resolution_config = &secure_tunnel->host_resolution_config, - }; + if (error_code == 0 && secure_tunnel->desired_state == AWS_STS_CONNECTED) { + struct aws_websocket_client_connection_options websocket_options = { + .allocator = secure_tunnel->allocator, + .bootstrap = secure_tunnel->config->bootstrap, + .socket_options = &secure_tunnel->config->socket_options, + .tls_options = &secure_tunnel->tls_con_opt, + .host = aws_byte_cursor_from_string(secure_tunnel->config->endpoint_host), + .port = 443, + .handshake_request = secure_tunnel->handshake_request, + .manual_window_management = false, + .user_data = secure_tunnel, + .requested_event_loop = secure_tunnel->loop, + + .on_connection_setup = s_on_websocket_setup, + .on_connection_shutdown = s_on_websocket_shutdown, + .on_incoming_frame_begin = s_on_websocket_incoming_frame_begin, + .on_incoming_frame_payload = s_on_websocket_incoming_frame_payload, + .on_incoming_frame_complete = s_on_websocket_incoming_frame_complete, + + .host_resolution_config = &secure_tunnel->host_resolution_config, + }; - if (secure_tunnel->config->http_proxy_config != NULL) { - websocket_options.proxy_options = &secure_tunnel->config->http_proxy_options; - } + if (secure_tunnel->config->http_proxy_config != NULL) { + websocket_options.proxy_options = &secure_tunnel->config->http_proxy_options; + } - if (secure_tunnel->vtable->aws_websocket_client_connect_fn(&websocket_options)) { - AWS_LOGF_ERROR( - AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "id=%p: Failed to initiate websocket connection.", - (void *)secure_tunnel); - error_code = aws_last_error(); - } - } else { + if (secure_tunnel->vtable->aws_websocket_client_connect_fn(&websocket_options)) { + AWS_LOGF_ERROR( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Failed to initiate websocket connection.", + (void *)secure_tunnel); + error_code = aws_last_error(); + goto error; + } + + goto done; + } else { + if (error_code == AWS_ERROR_SUCCESS) { + AWS_ASSERT(secure_tunnel->desired_state != AWS_STS_CONNECTED); error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_USER_REQUESTED_STOP; } } - if (error_code != AWS_OP_SUCCESS) { - struct aws_websocket_on_connection_setup_data websocket_setup = {.error_code = error_code}; - s_on_websocket_setup(&websocket_setup, secure_tunnel); - } +error: + struct aws_websocket_on_connection_setup_data websocket_setup = {.error_code = error_code}; + s_on_websocket_setup(&websocket_setup, secure_tunnel); done: aws_http_message_release(websocket_transform_complete_task->handshake); From 3d2588213cb6427052d9da11ce6af0b3066a75be Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 18 Jun 2024 09:26:29 -0700 Subject: [PATCH 22/26] remove commented code --- source/secure_tunneling.c | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 53a6f57e..47d6dee3 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1813,27 +1813,6 @@ static void s_process_outbound_data_message( (void *)secure_tunnel, error_code, aws_error_debug_str(error_code)); - // if (current_operation->message_view->service_id && current_operation->message_view->service_id->len > 0) { - // AWS_LOGF_DEBUG( - // AWS_LS_IOTDEVICE_SECURE_TUNNELING, - // "id=%p: failed to send DATA message with service id '" PRInSTR - // "' stream id (%d) and connection id (%d) with error %d(%s)", - // (void *)secure_tunnel, - // AWS_BYTE_CURSOR_PRI(*current_operation->message_view->service_id), - // current_operation->message_view->stream_id, - // current_operation->message_view->connection_id, - // error_code, - // aws_error_debug_str(error_code)); - // } else { - // AWS_LOGF_DEBUG( - // AWS_LS_IOTDEVICE_SECURE_TUNNELING, - // "id=%p: failed to send DATA message with stream id (%d) and connection id (%d) with error %d(%s)", - // (void *)secure_tunnel, - // current_operation->message_view->stream_id, - // current_operation->message_view->connection_id, - // error_code, - // aws_error_debug_str(error_code)); - // } goto done; } From c6e8e667b5376aeee91fd2000b093a819ee96a29 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 18 Jun 2024 12:27:23 -0700 Subject: [PATCH 23/26] cleanup --- source/secure_tunneling.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 47d6dee3..1699a89f 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -2013,10 +2013,14 @@ void aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secur if (secure_tunnel->connections->protocol_version != 3) { AWS_LOGF_WARN( AWS_LS_IOTDEVICE_SECURE_TUNNELING, - "Connection Start may only be used with a Protocol V3 stream."); + "id=%p: Connection Start may only be used with a Protocol V3 stream.", + (void *)secure_tunnel); error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_PROTOCOL_VERSION_MISMATCH; } else if (current_operation->message_view->connection_id == 0) { - AWS_LOGF_WARN(AWS_LS_IOTDEVICE_SECURE_TUNNELING, "Connection Start must include a connection id."); + AWS_LOGF_WARN( + AWS_LS_IOTDEVICE_SECURE_TUNNELING, + "id=%p: Connection Start must include a connection id.", + (void *)secure_tunnel); error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_INVALID_CONNECTION_ID; } /* If a connection start attempts to be sent on an unopen stream, discard it. */ From b3f255096722329cb9837fab6304117b69d75632 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Tue, 18 Jun 2024 12:35:36 -0700 Subject: [PATCH 24/26] label needs to be followed by a statement --- source/secure_tunneling.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index 1699a89f..d929b996 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -1223,7 +1223,7 @@ void s_secure_tunneling_websocket_transform_complete_task_fn( } } -error: +error:; struct aws_websocket_on_connection_setup_data websocket_setup = {.error_code = error_code}; s_on_websocket_setup(&websocket_setup, secure_tunnel); From a90d5efe347a1a93042d4ed53ce8729f1655d279 Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Wed, 17 Jul 2024 14:07:13 -0700 Subject: [PATCH 25/26] AWS_OP_SUCCESS -> AWS_ERROR_SUCCESS where we are using error codes --- source/secure_tunneling.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/source/secure_tunneling.c b/source/secure_tunneling.c index d929b996..c5de57b4 100644 --- a/source/secure_tunneling.c +++ b/source/secure_tunneling.c @@ -638,14 +638,14 @@ static void s_aws_secure_tunnel_on_stream_start_received( */ s_set_absent_connection_id_to_one(message_view, &connection_id); - int result = AWS_OP_SUCCESS; + int error_code = AWS_ERROR_SUCCESS; if (s_aws_secure_tunnel_set_stream( secure_tunnel, message_view->service_id, message_view->stream_id, connection_id)) { - result = aws_last_error(); + error_code = aws_last_error(); } if (secure_tunnel->config->on_stream_start) { - secure_tunnel->config->on_stream_start(message_view, result, secure_tunnel->config->user_data); + secure_tunnel->config->on_stream_start(message_view, error_code, secure_tunnel->config->user_data); } } @@ -665,12 +665,12 @@ static void s_aws_secure_tunnel_on_stream_reset_received( } if (s_aws_secure_tunnel_stream_id_match_check(secure_tunnel, message_view->service_id, message_view->stream_id)) { - int result = AWS_OP_SUCCESS; + int error_code = AWS_ERROR_SUCCESS; if (s_aws_secure_tunnel_set_stream(secure_tunnel, message_view->service_id, INVALID_STREAM_ID, 0)) { - result = aws_last_error(); + error_code = aws_last_error(); } if (secure_tunnel->config->on_stream_reset) { - secure_tunnel->config->on_stream_reset(message_view, result, secure_tunnel->config->user_data); + secure_tunnel->config->on_stream_reset(message_view, error_code, secure_tunnel->config->user_data); } } else { if (message_view->service_id->len > 0) { @@ -785,13 +785,13 @@ static void s_aws_secure_tunnel_on_connection_start_received( s_set_absent_connection_id_to_one(message_view, &message_view->connection_id); if (s_aws_secure_tunnel_stream_id_match_check(secure_tunnel, message_view->service_id, message_view->stream_id)) { - int result = AWS_OP_SUCCESS; + int error_code = AWS_ERROR_SUCCESS; if (s_aws_secure_tunnel_set_connection_id( secure_tunnel, message_view->service_id, message_view->connection_id)) { - result = aws_last_error(); + error_code = aws_last_error(); } if (secure_tunnel->config->on_connection_start) { - secure_tunnel->config->on_connection_start(message_view, result, secure_tunnel->config->user_data); + secure_tunnel->config->on_connection_start(message_view, error_code, secure_tunnel->config->user_data); } } else { if (message_view->service_id->len > 0) { @@ -833,7 +833,7 @@ static void s_aws_secure_tunnel_on_connection_reset_received( s_aws_secure_tunnel_remove_connection_id(secure_tunnel, message_view); if (secure_tunnel->config->on_connection_reset) { - secure_tunnel->config->on_connection_reset(message_view, AWS_OP_SUCCESS, secure_tunnel->config->user_data); + secure_tunnel->config->on_connection_reset(message_view, AWS_ERROR_SUCCESS, secure_tunnel->config->user_data); } } @@ -1066,7 +1066,7 @@ static void s_secure_tunnel_shutdown(struct aws_client_bootstrap *bootstrap, int (void)bootstrap; struct aws_secure_tunnel *secure_tunnel = user_data; - if (error_code == AWS_OP_SUCCESS) { + if (error_code == AWS_ERROR_SUCCESS) { error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_UNEXPECTED_HANGUP; } @@ -1780,7 +1780,7 @@ static void s_process_outbound_data_message( struct aws_secure_tunnel *secure_tunnel, struct aws_secure_tunnel_operation *current_operation) { - int error_code = AWS_OP_SUCCESS; + int error_code = AWS_ERROR_SUCCESS; if (secure_tunnel->connections->protocol_version == 0) { error_code = AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DATA_NO_ACTIVE_CONNECTION; @@ -1942,7 +1942,7 @@ void aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secur if (current_operation == NULL) { break; } - int error_code = AWS_OP_SUCCESS; + int error_code = AWS_ERROR_SUCCESS; AWS_LOGF_TRACE( AWS_LS_IOTDEVICE_SECURE_TUNNELING, @@ -2097,7 +2097,7 @@ void aws_secure_tunnel_service_operational_state(struct aws_secure_tunnel *secur break; } - if (error_code != AWS_OP_SUCCESS) { + if (error_code != AWS_ERROR_SUCCESS) { AWS_LOGF_ERROR( AWS_LS_IOTDEVICE_SECURE_TUNNELING, "id=%p: error encountered during servicing of operation type `(%s)`: %d(%s)", From a95b385b71cf172da8c1c009c8447192b590321e Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Mon, 29 Jul 2024 14:27:54 -0700 Subject: [PATCH 26/26] check for correct validation error in payload exceed test --- tests/secure_tunnel_tests.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/secure_tunnel_tests.c b/tests/secure_tunnel_tests.c index aac26c2b..69f5ed10 100644 --- a/tests/secure_tunnel_tests.c +++ b/tests/secure_tunnel_tests.c @@ -1451,6 +1451,7 @@ static int s_secure_tunneling_max_payload_exceed_test_fn(struct aws_allocator *a int result = aws_secure_tunnel_send_message(secure_tunnel, &data_message_view); ASSERT_INT_EQUALS(result, AWS_OP_ERR); + ASSERT_INT_EQUALS(aws_last_error(), AWS_ERROR_IOTDEVICE_SECURE_TUNNELING_DATA_OPTIONS_VALIDATION); ASSERT_SUCCESS(aws_secure_tunnel_stop(secure_tunnel)); s_wait_for_connection_shutdown(&test_fixture);