Skip to content

Commit

Permalink
[nrf fromlist] net: lib: tls_credentials: return size required
Browse files Browse the repository at this point in the history
If either no buffer is provided or the size of it
is too small, return the required length.

Upstream PR #:83137

Signed-off-by: Pete Skeggs <[email protected]>
  • Loading branch information
plskeggs committed Dec 18, 2024
1 parent 7c3bd68 commit 48d38e1
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
1 change: 1 addition & 0 deletions include/zephyr/net/tls_credentials.h
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@ int tls_credential_add(sec_tag_t tag, enum tls_credential_type type,
* @retval -EACCES Access to the TLS credential subsystem was denied.
* @retval -ENOENT Requested TLS credential was not found.
* @retval -EFBIG Requested TLS credential does not fit in the buffer provided.
* Check *credlen for size required.
*/
int tls_credential_get(sec_tag_t tag, enum tls_credential_type type,
void *cred, size_t *credlen);
Expand Down
12 changes: 12 additions & 0 deletions subsys/net/lib/tls_credentials/tls_credentials.c
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,11 @@
#include "tls_internal.h"
#include "tls_credentials_digest_raw.h"

#include <zephyr/logging/log.h>

LOG_MODULE_DECLARE(tls_credentials,
CONFIG_TLS_CREDENTIALS_LOG_LEVEL);

Check notice on line 18 in subsys/net/lib/tls_credentials/tls_credentials.c

View workflow job for this annotation

GitHub Actions / Run compliance checks on patch series (PR)

You may want to run clang-format on this change

subsys/net/lib/tls_credentials/tls_credentials.c:18 -LOG_MODULE_DECLARE(tls_credentials, - CONFIG_TLS_CREDENTIALS_LOG_LEVEL); +LOG_MODULE_DECLARE(tls_credentials, CONFIG_TLS_CREDENTIALS_LOG_LEVEL);
/* Global pool of credentials shared among TLS contexts. */
static struct tls_credential credentials[CONFIG_TLS_MAX_CREDENTIALS_NUMBER];

Expand Down Expand Up @@ -158,11 +163,18 @@ int tls_credential_get(sec_tag_t tag, enum tls_credential_type type,
credential = credential_get(tag, type);
if (credential == NULL) {
ret = -ENOENT;
*credlen = 0;
goto exit;
}

if (credential->len > *credlen) {
ret = -EFBIG;
LOG_DBG("Not enough room in the credential buffer to "
"retrieve credential with sectag %d and type %d. "
"Increase TLS_CREDENTIALS_SHELL_MAX_CRED_LEN "
">= %d.\n",
tag, (int)type, (int)credential->len);
*credlen = credential->len;
goto exit;
}

Expand Down

0 comments on commit 48d38e1

Please sign in to comment.