From d95e34b83b5f9255cb04e01788a6c1cc96239725 Mon Sep 17 00:00:00 2001
From: Jozef Kralik <jojo.lwin@gmail.com>
Date: Fri, 22 Sep 2023 07:35:32 +0000
Subject: [PATCH] TLS: Drop messages associated with a closed endpoint in the
 processes

When a session has been closed, we also need to clean up the process
events associated with the endpoint.
---
 security/oc_tls.c | 47 +++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 43 insertions(+), 4 deletions(-)

diff --git a/security/oc_tls.c b/security/oc_tls.c
index e5c1c83e05..2aa9ab3b69 100644
--- a/security/oc_tls.c
+++ b/security/oc_tls.c
@@ -393,7 +393,14 @@ process_drop_event_for_removed_endpoint(oc_process_event_t ev,
 {
   const oc_endpoint_t *endpoint = (const oc_endpoint_t *)user_data;
   if (ev != oc_event_to_oc_process_event(RI_TO_TLS_EVENT) &&
-      ev != oc_event_to_oc_process_event(UDP_TO_TLS_EVENT)) {
+      ev != oc_event_to_oc_process_event(UDP_TO_TLS_EVENT) &&
+#ifdef OC_OSCORE
+      ev != oc_event_to_oc_process_event(INBOUND_OSCORE_EVENT) &&
+      ev != oc_event_to_oc_process_event(OUTBOUND_OSCORE_EVENT) &&
+#endif /* OC_OSCORE */
+      ev != oc_event_to_oc_process_event(INBOUND_RI_EVENT) &&
+      ev != oc_event_to_oc_process_event(OUTBOUND_NETWORK_EVENT) &&
+      ev != oc_event_to_oc_process_event(INBOUND_NETWORK_EVENT)) {
     return false;
   }
   oc_message_t *message = (oc_message_t *)data;
@@ -401,9 +408,31 @@ process_drop_event_for_removed_endpoint(oc_process_event_t ev,
 #if OC_DBG_IS_ENABLED
     oc_string64_t endpoint_str;
     oc_endpoint_to_string64(&message->endpoint, &endpoint_str);
-    OC_DBG("oc_tls: dropping %s message for removed endpoint(%s)",
-           (ev == oc_event_to_oc_process_event(RI_TO_TLS_EVENT)) ? "sent"
-                                                                 : "received",
+    const char *msg = "";
+    if (ev == oc_event_to_oc_process_event(RI_TO_TLS_EVENT)) {
+      msg = "send-tls-message";
+    }
+    if (ev == oc_event_to_oc_process_event(UDP_TO_TLS_EVENT)) {
+      msg = "received-tls-message";
+    }
+    if (ev == oc_event_to_oc_process_event(OUTBOUND_NETWORK_EVENT)) {
+      msg = "send-message";
+    }
+    if (ev == oc_event_to_oc_process_event(INBOUND_NETWORK_EVENT)) {
+      msg = "received-message";
+    }
+    if (ev == oc_event_to_oc_process_event(INBOUND_RI_EVENT)) {
+      msg = "received-coap-message";
+    }
+#ifdef OC_OSCORE
+    if (ev == oc_event_to_oc_process_event(INBOUND_OSCORE_EVENT)) {
+      msg = "received-oscore-message";
+    }
+    if (ev == oc_event_to_oc_process_event(OUTBOUND_OSCORE_EVENT)) {
+      msg = "send-oscore-message";
+    }
+#endif /* OC_OSCORE */
+    OC_DBG("oc_tls: dropping %s for removed endpoint(%s)", msg,
            oc_string(endpoint_str));
 #endif /* OC_DBG_IS_ENABLED */
     oc_message_unref(message);
@@ -464,6 +493,16 @@ oc_tls_free_peer(oc_tls_peer_t *peer, bool inactivity_cb, bool from_reset)
   }
   oc_process_drop(&oc_tls_handler, process_drop_event_for_removed_endpoint,
                   &peer->endpoint);
+  OC_PROCESS_NAME(oc_message_buffer_handler);
+  oc_process_drop(&oc_message_buffer_handler,
+                  process_drop_event_for_removed_endpoint, &peer->endpoint);
+  OC_PROCESS_NAME(g_coap_engine);
+  oc_process_drop(&g_coap_engine, process_drop_event_for_removed_endpoint,
+                  &peer->endpoint);
+#ifdef OC_OSCORE
+  oc_process_drop(&oc_oscore_handler, process_drop_event_for_removed_endpoint,
+                  &peer->endpoint);
+#endif /* OC_OSCORE */
 #ifdef OC_PKI
   oc_free_string(&peer->public_key);
 #endif /* OC_PKI */