Skip to content

Commit

Permalink
Abort PASE session establishment process if not completed within 60 s…
Browse files Browse the repository at this point in the history
…econds (#9997)
  • Loading branch information
pan-apple authored Sep 28, 2021
1 parent 083c9ad commit a107895
Show file tree
Hide file tree
Showing 5 changed files with 31 additions and 8 deletions.
15 changes: 15 additions & 0 deletions src/app/server/CommissioningWindowManager.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,12 @@ void HandleCommissioningWindowTimeout(chip::System::Layer * aSystemLayer, void *
commissionMgr->CloseCommissioningWindow();
}

void HandleSessionEstablishmentTimeout(chip::System::Layer * aSystemLayer, void * aAppState)
{
chip::CommissioningWindowManager * commissionMgr = static_cast<chip::CommissioningWindowManager *>(aAppState);
commissionMgr->OnSessionEstablishmentError(CHIP_ERROR_TIMEOUT);
}

void OnPlatformEventWrapper(const chip::DeviceLayer::ChipDeviceEvent * event, intptr_t arg)
{
chip::CommissioningWindowManager * commissionMgr = reinterpret_cast<chip::CommissioningWindowManager *>(arg);
Expand Down Expand Up @@ -85,6 +91,7 @@ void CommissioningWindowManager::Cleanup()

void CommissioningWindowManager::OnSessionEstablishmentError(CHIP_ERROR err)
{
DeviceLayer::SystemLayer().CancelTimer(HandleSessionEstablishmentTimeout, this);
mFailedCommissioningAttempts++;
ChipLogError(AppServer, "Commissioning failed (attempt %d): %s", mFailedCommissioningAttempts, ErrorStr(err));

Expand All @@ -107,8 +114,16 @@ void CommissioningWindowManager::OnSessionEstablishmentError(CHIP_ERROR err)
}
}

void CommissioningWindowManager::OnSessionEstablishmentStarted()
{
// As per specifications, section 5.5: Commissioning Flows
constexpr uint16_t kPASESessionEstablishmentTimeoutSeconds = 60;
DeviceLayer::SystemLayer().StartTimer(kPASESessionEstablishmentTimeoutSeconds * 1000, HandleSessionEstablishmentTimeout, this);
}

void CommissioningWindowManager::OnSessionEstablished()
{
DeviceLayer::SystemLayer().CancelTimer(HandleSessionEstablishmentTimeout, this);
CHIP_ERROR err = mServer->GetSecureSessionManager().NewPairing(
Optional<Transport::PeerAddress>::Value(mPairingSession.GetPeerAddress()), mPairingSession.GetPeerNodeId(),
&mPairingSession, CryptoContext::SessionRole::kResponder, 0);
Expand Down
1 change: 1 addition & 0 deletions src/app/server/CommissioningWindowManager.h
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ class CommissioningWindowManager : public SessionEstablishmentDelegate

//////////// SessionEstablishmentDelegate Implementation ///////////////
void OnSessionEstablishmentError(CHIP_ERROR error) override;
void OnSessionEstablishmentStarted() override;
void OnSessionEstablished() override;

void Cleanup();
Expand Down
6 changes: 6 additions & 0 deletions src/protocols/secure_channel/CASESession.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,8 @@ CHIP_ERROR CASESession::SendSigma1()

ChipLogDetail(SecureChannel, "Sent Sigma1 msg");

mDelegate->OnSessionEstablishmentStarted();

return CHIP_NO_ERROR;
}

Expand Down Expand Up @@ -461,6 +463,8 @@ CHIP_ERROR CASESession::HandleSigma1(System::PacketBufferHandle && msg)
// Send Sigma2Resume message to the initiator
SuccessOrExit(err = SendSigma2Resume(ByteSpan(initiatorRandom)));

mDelegate->OnSessionEstablishmentStarted();

// Early returning here, since we have sent Sigma2Resume, and no further processing is needed for the Sigma1 message
return CHIP_NO_ERROR;
}
Expand All @@ -486,6 +490,8 @@ CHIP_ERROR CASESession::HandleSigma1(System::PacketBufferHandle && msg)

SuccessOrExit(err = SendSigma2());

mDelegate->OnSessionEstablishmentStarted();

exit:

if (err == CHIP_ERROR_KEY_NOT_FOUND)
Expand Down
4 changes: 4 additions & 0 deletions src/protocols/secure_channel/PASESession.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -316,6 +316,8 @@ CHIP_ERROR PASESession::Pair(const Transport::PeerAddress peerAddress, uint32_t
err = SendPBKDFParamRequest();
SuccessOrExit(err);

mDelegate->OnSessionEstablishmentStarted();

exit:
if (err != CHIP_NO_ERROR)
{
Expand Down Expand Up @@ -426,6 +428,8 @@ CHIP_ERROR PASESession::HandlePBKDFParamRequest(System::PacketBufferHandle && ms
err = SendPBKDFParamResponse(ByteSpan(initiatorRandom), hasPBKDFParameters);
SuccessOrExit(err);

mDelegate->OnSessionEstablishmentStarted();

exit:

if (err != CHIP_NO_ERROR)
Expand Down
13 changes: 5 additions & 8 deletions src/protocols/secure_channel/SessionEstablishmentDelegate.h
Original file line number Diff line number Diff line change
Expand Up @@ -35,20 +35,17 @@ class DLL_EXPORT SessionEstablishmentDelegate
{
public:
/**
* @brief
* Called when session establishment fails with an error
*
* @param error error code
*
* TODO: Rename function as per issue: https://github.com/project-chip/connectedhomeip/issues/4468
*/
virtual void OnSessionEstablishmentError(CHIP_ERROR error) {}

/**
* @brief
* Called on start of session establishment process
*/
virtual void OnSessionEstablishmentStarted() {}

/**
* Called when the new secure session has been established
*
* TODO: Rename function as per issue: https://github.com/project-chip/connectedhomeip/issues/4468
*/
virtual void OnSessionEstablished() {}

Expand Down

0 comments on commit a107895

Please sign in to comment.