Move handshake retry logic to connectionhandler side

source/m2mconnectionsecuritypimpl.cpp

@@ -19,7 +19,7 @@
 #include "mbed-client/m2mtimer.h"
 #include "mbed-client/m2msecurity.h"
 #include "mbed-trace/mbed_trace.h"
-
+#include "mbedtls/debug.h"
 #include <string.h>
 
 #define TRACE_GROUP "mClt"
@@ -37,6 +37,15 @@ random_number_cb    __random_number_callback;
 entropy_cb          __entropy_callback;
 
 
+/*
+static void mbedtls_debug( void *ctx, int level,
+                      const char *file, int line, const char *str )
+{
+    ((void) level);
+    tr_debug("%s", str);
+}
+*/
+
 M2MConnectionSecurityPimpl::M2MConnectionSecurityPimpl(M2MConnectionSecurity::SecurityMode mode)
   : _flags(0),
     _sec_mode(mode)
@@ -61,19 +70,20 @@ M2MConnectionSecurityPimpl::~M2MConnectionSecurityPimpl(){
     mbedtls_pk_free(&_pkey);
     mbedtls_ctr_drbg_free( &_ctr_drbg );
     mbedtls_entropy_free( &_entropy );
-    delete _timer; 
+    delete _timer;
 }
 
 void M2MConnectionSecurityPimpl::timer_expired(M2MTimerObserver::Type type){
     tr_debug("M2MConnectionSecurityPimpl::timer_expired");
     if(type == M2MTimerObserver::Dtls && !cancelled){
         int error = continue_connecting();
-        if(MBEDTLS_ERR_SSL_TIMEOUT == error) {
+        if(MBEDTLS_ERR_SSL_TIMEOUT == error || error == -1) {
             tr_error("M2MConnectionSecurityPimpl::timer_expired - handshake timeout");
             if(_ssl.p_bio) {
                 M2MConnectionHandler* ptr = (M2MConnectionHandler*)_ssl.p_bio;
-                ptr->handle_connection_error(M2MConnectionHandler::SSL_CONNECTION_ERROR);
+                ptr->handle_connection_error(M2MConnectionHandler::SSL_HANDSHAKE_ERROR);
             }
+            reset();
         }
     }
 }
@@ -176,6 +186,10 @@ int M2MConnectionSecurityPimpl::init(const M2MSecurity *security)
             ret = -1;
         }
 
+        /* Enable following two lines to get traces from mbedtls */
+        /*mbedtls_ssl_conf_dbg( &_conf, mbedtls_debug, stdout );
+        mbedtls_debug_set_threshold(3);*/
+
         free(srv_public_key);
         free(public_key);
         free(sec_key);
@@ -192,18 +206,12 @@ int M2MConnectionSecurityPimpl::init(const M2MSecurity *security)
 int M2MConnectionSecurityPimpl::start_handshake(){
     tr_debug("M2MConnectionSecurityPimpl::start_handshake");
     int ret = -1;
-    int retry_count = 0;
     do
     {
        ret = mbedtls_ssl_handshake( &_ssl );
-       if (ret == -1) {
-           retry_count++;
-           tr_debug("M2MConnectionSecurityPimpl::start_handshake - try again");
-       }
     }
     while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE ||
-           (ret == -1 && retry_count <= RETRY_COUNT));
+           ret == MBEDTLS_ERR_SSL_WANT_WRITE);
 
     if( ret != 0 ) {
         ret = -1;
@@ -300,6 +308,10 @@ int M2MConnectionSecurityPimpl::continue_connecting()
         if( MBEDTLS_ERR_SSL_WANT_READ == ret ){
             ret = M2MConnectionHandler::CONNECTION_ERROR_WANTS_READ;
         }
+        else if (ret == -1) {
+            return -1;
+        }
+
         if(MBEDTLS_ERR_SSL_TIMEOUT == ret ||
            MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO == ret ||
            MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE == ret ||

test/mbed-client-mbed-tls/unittest/m2mconnectionsecuritypimpl_mbedtls/test_m2mconnectionsecuritypimpl_mbedtls.cpp

@@ -49,7 +49,7 @@ class TestObserver : public M2MConnectionObserver {
                         uint16_t,
                         const M2MConnectionObserver::SocketAddress &){}
 
-    void socket_error(uint8_t error_code){}
+    void socket_error(uint8_t error_code, bool retry = true){}
 
     void address_ready(const M2MConnectionObserver::SocketAddress &,
                        M2MConnectionObserver::ServerType,
@@ -319,6 +319,10 @@ void Test_M2MConnectionSecurityPimpl::test_continue_connecting()
     mbedtls_stub::expected_int = MBEDTLS_ERR_SSL_WANT_READ;
     CHECK( M2MConnectionHandler::CONNECTION_ERROR_WANTS_READ == impl.continue_connecting());
 
+    mbedtls_stub::expected_int = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST;
+    impl._ssl.state = MBEDTLS_SSL_CLIENT_HELLO;
+    CHECK( MBEDTLS_ERR_SSL_TIMEOUT == impl.continue_connecting());
+
     mbedtls_stub::expected_int = -6;
     impl._ssl.state = MBEDTLS_SSL_HANDSHAKE_OVER;
     CHECK( 0 == impl.continue_connecting());

test/mbed-client-mbed-tls/unittest/stub/m2mbase_stub.cpp

@@ -308,3 +308,8 @@ const String& M2MBase::uri_path() const
 {
     return *m2mbase_stub::string_value;
 }
+
+bool M2MBase::is_under_observation() const
+{
+    return m2mbase_stub::bool_value;
+}