Skip to content

net: sockets: tls: Prevent infinite block during handshake #78492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 19, 2024
Merged

net: sockets: tls: Prevent infinite block during handshake #78492

merged 1 commit into from
Sep 19, 2024

Conversation

rlubos
Copy link
Contributor

@rlubos rlubos commented Sep 16, 2024
edited
Loading

In case peer goes down or we disconnect from the network during the TLS handshake, the TLS socket may block indefinitely during connect()/accept(), waiting for data from the peer. This should be avoided, hence use the preconfigured timeout for the TLS handshake, same as we use for TCP-level handshake.

Fixes #78494

@clamattia clamattia mentioned this pull request Sep 16, 2024
Closed
@clamattia
Copy link
Contributor

Thank you. Please consider updating the comment in sendto_dtls_client explaining, why K_FOREVER is ok there instead of the TODO.

@rlubos
net: sockets: tls: Prevent infinite block during handshake
0b2fbd8 
In case peer goes down or we disconnect from the network during the
TLS handshake, the TLS socket may block indefinitely during
connect()/accept(), waiting for data from the peer. This should be
avoided, hence use the preconfigured timeout for the TLS handshake,
same as we use for TCP-level handshake.

Signed-off-by: Robert Lubos <[email protected]>
@rlubos rlubos force-pushed the net/tls-socket-handshake-timeout branch from 046540b to 0b2fbd8 Compare September 16, 2024 15:28
@rlubos
Copy link
Contributor Author

rlubos commented Sep 16, 2024

Thank you. Please consider updating the comment in sendto_dtls_client explaining, why K_FOREVER is ok there instead of the TODO.

Added additional comment but left the TODO, as it's about something else (blocking/non-blocking socket behavior).

clamattia
clamattia approved these changes Sep 17, 2024
View reviewed changes
Copy link
Contributor

@clamattia clamattia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you once again

@rlubos rlubos added the backport v3.7-branch Request backport to the v3.7-branch label Sep 17, 2024
@nashif nashif merged commit fc007ee into zephyrproject-rtos:main Sep 19, 2024
26 checks passed
@zephyrbot zephyrbot mentioned this pull request Sep 19, 2024
Merged
@rlubos rlubos deleted the net/tls-socket-handshake-timeout branch April 24, 2025 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jukkar jukkar jukkar approved these changes

@pdgendt pdgendt pdgendt approved these changes

@carlescufi carlescufi carlescufi approved these changes

@ssharks ssharks Awaiting requested review from ssharks

@tbursztyka tbursztyka Awaiting requested review from tbursztyka

+1 more reviewer

@clamattia clamattia clamattia approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@jukkar jukkar

@rlubos rlubos

Labels
area: Networking area: Sockets Networking sockets backport v3.7-branch Request backport to the v3.7-branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

subsys: net: socket_tls: Connection vanishes -> Caller blocked forever
7 participants
@rlubos @clamattia @jukkar @pdgendt @carlescufi @nashif @zephyrbot