tinydtls 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2e326a7a3bf6820d5596c83553eb9d0cd9c2309ffbb00e24d3045e5a2b69e8c5
-  data.tar.gz: b446f4a18ca71e313bf5ad06d651e89442ac847526ac181b826fa9fac1d1d99c
+  metadata.gz: 3b48d5e01a994d57069810a71731fd775130cb0231a3fc3e8d3ac2e7fb574d7a
+  data.tar.gz: 2379fc9678ee3ebdac8c6221f78e6e90287693709268bb3fde5792abdf6478bd
 SHA512:
-  metadata.gz: 3e1a1a8fe929488102db4cdf3d2d0ef3ec9dec8518fb74d00ed29afb868ea60010d7ee0b5fe64300a61f6b0cd7633293ccca4cdef4bb3122f6e2e70a27118319
-  data.tar.gz: 5b873f6d31d0ce0ba9cc3f0795bc8a95b078761ceab382c719acb3a19a1de2a3231873b4cdd86bc419db79682ea154532928261b3503d6906bd58e7c810906c1
+  metadata.gz: 9b844e51a0fc9c877b2ca94083af2b043c3654f78d7538fa7d5dfc2e0f83af2546a73328c89a820bc232aaa41e0b05418504dfbc7894a2225a403129b8bacff0
+  data.tar.gz: '0585c7d6f6aaa33295807097b30567399ac1de499bb2fc16def2b0a57f0defa22836daa1f438ef9caf8e6ae6fc78548fdd6af95e4f29b0de92a4d30f8d961d0e'

data/lib/tinydtls/context.rb

@@ -19,11 +19,14 @@ module TinyDTLS
       @sendfn  = sendfn
       @queue   = queue
       @secconf = secconf
+
+      @ffi_struct = Wrapper::DTLSContextStruct.new(
+        Wrapper::dtls_new_context(FFI::Pointer.new(key)))
     end
 
-    # Create a new instance of this class from a pointer to a `struct
-    # dtls_context_t`. Such a pointer is, for instance, passed to the
-    # various tinydtls callback functions.
+    # Retrieves an instance of this class from the TinyDTLS::CONTEXT_MAP
+    # using a pointer to a `struct dtls_context_t`. Such a pointer is,
+    # for instance, passed to the various tinydtls callback functions.
     #
     # The `struct dtls_context_t` which the given pointer points to must
     # have been created by TinyDTLS::UDPSocket#initialize.
@@ -31,5 +34,17 @@ module TinyDTLS
       obj = Wrapper::DTLSContextStruct.new(ptr)
       return CONTEXT_MAP[Wrapper::dtls_get_app_data(obj).to_i]
     end
+
+    # Returns a key which should be used to store this context in the
+    # global TinyDTLS::CONTEXT_MAP.
+    def key
+      object_id
+    end
+
+    # Returns an FFI::Struct for this object, representing the
+    # underlying `dtls_context_t`.
+    def to_ffi
+      @ffi_struct
+    end
   end
 end

data/lib/tinydtls/security_conf.rb

@@ -4,6 +4,10 @@ module TinyDTLS
   # function pointer used in the `dtls_handler_t` struct which is used
   # by tinydtls to retrieve keys and identities.
   #
+  # The API of this class is quite strict and raises lots of exceptions
+  # because it is quite annoying to debug errors occuring in the
+  # GetPSKInfo callback.
+  #
   # XXX: Currently this function doesn't map IP address to keys/identities.
   class SecurityConfig
     # Implementation of the `get_psk_info` function pointer as used by
@@ -44,27 +48,43 @@ module TinyDTLS
       end
     end
 
-    # Create a new instance of this class. A #default_key and a
-    # #default_id can be optionally specified. If they are not specified
-    # the first key/identity added is used as the default value.
-    def initialize(default_id = nil, default_key = nil)
-      @default_id  = default_id
-      @default_key = default_key
-
+    # Creates a new instance of this class. At least one key/identity
+    # pair need to be added to the new instance of this class using
+    # #add_client otherwise the #default_id and #default_key methods
+    # always raise an error causing TinyDTLS handshakes to fail.
+    def initialize
       @identity_map = Hash.new
     end
 
-    # Adds a security configuration for the given identity.
+    # Adds a security configuration for the given identity, key must be
+    # non-null otherwise a TypeError is raise.
     def add_client(id, key)
-      @identity_map[id] = key
+      if key.nil?
+        raise TypeError.new("Key must be non-nil")
+      else
+        @identity_map[id] = key
+      end
     end
 
-    # Retrieves the key associated with the given identity.
+    # Retrieves the key associated with the given identity, nil is
+    # returned if no key was specified for the given identity.
     def get_key(id)
-      @identity_map[id]
+      if @identity_map.has_key? id
+        @identity_map[id]
+      end
     end
 
+    # Retrieves the default identity used for establishing new
+    # handshakes. If a #default_id hasn't been explicitly set it returns
+    # the first identity added using #add_client.
+    #
+    # At least one identity must have been added to the instance,
+    # otherwise this methods raises a TypeError.
     def default_id
+      if @identity_map.empty?
+        raise TypeError.new("Cannot retrieve a default identity from an empty store")
+      end
+
       if @default_id.nil?
         @identity_map.to_a.first.first
       else
@@ -72,12 +92,48 @@ module TinyDTLS
       end
     end
 
+    # Changes the default identity, the given identity must already
+    # exist in the store.
+    def default_id=(id)
+      if @identity_map.has_key? id
+        @default_id = id
+      else
+        raise TypeError.new("Default identity must already exist")
+      end
+    end
+
+    # Retrieves the default key used when a call to #GetPSKInfo didn't
+    # specify a key. If a #default_key hasn't been explicitly set it
+    # returns the first key added using #add_client.
+    #
+    # At least one key must have been added to the instance,
+    # otherwise this methods raises a TypeError.
     def default_key
+      if @identity_map.empty?
+        raise TypeError.new("Cannot retrieve a default key from an empty store")
+      end
+
       if @default_key.nil?
         @identity_map.to_a.first.last
       else
         @default_key
       end
     end
+
+    # Changes the default key, the given key must already exist in the store.
+    def default_key=(key)
+      if @identity_map.key(key)
+        @default_key = key
+      else
+        raise TypeError.new("Default key must already exist")
+      end
+    end
+
+    # Sets the #default_id and #default_key, restrictions mentioned in
+    # #default_id= and #default_key= apply.
+    def set_defaults(id, key)
+      default_id = id
+      default_key = key
+    end
   end
 end

data/lib/tinydtls/session.rb

@@ -3,11 +3,14 @@ module TinyDTLS
   class Session
     attr_reader :addrinfo
 
-    # Creates a new instance of this class from the given Addrinfo.
+    # Creates a new instance of this class from a given Addrinfo
+    # instance. This functions allocates memory for the underlying
+    # `session_t` type which needs to be freed explicitly freed using
+    # #close.
     def initialize(addrinfo)
       @addrinfo = addrinfo
       unless @addrinfo.is_a? Addrinfo
-        raise TypeError
+        raise TypeError.new("Expected Addrinfo or FFI::Pointer")
       end
 
       sockaddr = @addrinfo.to_sockaddr
@@ -17,15 +20,13 @@ module TinyDTLS
       end
     end
 
-    # Creates a new instance of this class from a pointer to a
-    # `session_t` tinydtls type. Such a pointer is, for instance, passed
-    # to the various tinydtls callback functions.
-    def self.from_ptr(ptr)
+    # Extracts an Addrinfo instance of a FFI::Pointer to a `session_t`
+    # as returned by #to_ptr.
+    def self.addr_from_ptr(ptr)
       lenptr = Wrapper::SocklenPtr.new
       sockaddr = Wrapper::dtls_session_addr(ptr, lenptr)
 
-      addrinfo = Addrinfo.new(sockaddr.read_string(lenptr[:value]))
-      return Session.new(addrinfo)
+      Addrinfo.new(sockaddr.read_string(lenptr[:value]))
     end
 
     # Converts the object into a C pointer to a `session_t` tinydtls
@@ -35,13 +36,18 @@ module TinyDTLS
       @session
     end
 
-    # Frees all resources associated with the underlying `session_t`
-    # tinydtls type and reset any existing connections.
-    def destroy!(ctx)
-      peer = Wrapper::dtls_get_peer(ctx, @session)
-      unless peer.null?
-        Wrapper::dtls_reset_peer(ctx, peer)
+    # Frees all resources associated with the underlying `session_t`.
+    # Optionally it also resets all peer connections associated with the
+    # session (if any). In order to do so a TinyDTLS::Context needs to
+    # be passed.
+    def close(ctx = nil)
+      unless ctx.nil?
+        peer = Wrapper::dtls_get_peer(ctx.to_ffi, @session)
+        Wrapper::dtls_reset_peer(ctx.to_ffi, peer) unless peer.null?
       end
+
+      Wrapper::dtls_free_session(@session)
+      @session = nil
     end
   end
 end

data/lib/tinydtls/session_manager.rb

@@ -12,16 +12,24 @@ module TinyDTLS
     # Default timeout for the cleanup thread in seconds.
     DEFAULT_TIMEOUT = (5 * 60).freeze
 
-    attr_accessor :timeout
+    # Timeout used by the cleanup thread. If a session hasn't been used
+    # within `timeout * 2` seconds it will be freed automatically.
+    attr_reader :timeout
 
     # Creates a new instance of this class. A tinydtls `context_t`
     # pointer is required to free sessions in the background thread.
-    def initialize(ctx, timeout = DEFAULT_TIMEOUT)
+    #
+    # Memory for sessions created using #[] needs to be explicitly freed
+    # by calling #close as soons as this class instance is no longer
+    # needed.
+    def initialize(context, timeout = DEFAULT_TIMEOUT)
       @store = {}
       @mutex = Mutex.new
+
       @timeout = timeout
+      @context = context
 
-      start_thread(ctx)
+      start_thread
     end
 
     # Retrieve a session from the session manager.
@@ -31,21 +39,28 @@ module TinyDTLS
       end
 
       key = addrinfo.getnameinfo
-      if @store.has_key? key
-        sess, _ = @store[key]
-      else
-        sess = Session.new(addrinfo)
-        @store[key] = [sess, true]
-      end
+      @mutex.synchronize do
+        if @store.has_key? key
+          sess, _ = @store[key]
+        else
+          sess = Session.new(addrinfo)
+          @store[key] = [sess, true]
+        end
 
-      @mutex.synchronize { f.call(sess) }
+        f.call(sess)
+      end
     end
 
-    # Frees all ressources associated with this class.
-    def destroy!
-      @mutex.lock
-      @store.clear
-      @thread.kill
+    # Kills the background thread. All established sessions are closed
+    # as well, see Session#close.
+    def close
+      @mutex.synchronize do
+        @thread.kill
+        @store.each_value do |value|
+          sess, _ = value
+          sess.close(@context)
+        end
+      end
     end
 
     private
@@ -55,13 +70,9 @@ module TinyDTLS
     # as described in Modern Operating Systems, p. 212.
     #
     # The thread is only created once.
-    def start_thread(ctx)
+    def start_thread
       @thread ||= Thread.new do
-        while true
-          # XXX: How does concurrent access to variables work in ruby?
-          # as known as: Is this a concurrency problems since the value
-          # of @timeout might be changed by a different thread since an
-          # attr_accessor for it is declared.
+        loop do
           sleep @timeout
 
           @mutex.lock
@@ -70,7 +81,7 @@ module TinyDTLS
             if used
               [sess, !used]
             else # Not used since we've been here last time → free resources
-              sess.destroy!(ctx)
+              sess.close(@context)
               nil
             end
           end

data/lib/tinydtls/udpsocket.rb

@@ -8,8 +8,11 @@ module TinyDTLS
   #
   # Basic send and receive methods are implemented and should work.
   class UDPSocket < ::UDPSocket
+    # Maximum of times a dtls_send is retried.
+    MAX_RETRY = 5.freeze
+
     Write = Proc.new do |ctx, sess, buf, len|
-      addrinfo = Session.from_ptr(sess).addrinfo
+      addrinfo = Session.addr_from_ptr(sess)
 
       ctxobj = TinyDTLS::Context.from_ptr(ctx)
       ctxobj.sendfn.call(buf.read_string(len),
@@ -18,14 +21,15 @@ module TinyDTLS
     end
 
     Read = Proc.new do |ctx, sess, buf, len|
-      addrinfo = Session.from_ptr(sess).addrinfo
+      addrinfo = Session.addr_from_ptr(sess)
 
       # We need to perform a reverse lookup here because
       # the #recvfrom function needs to return the DNS
       # hostname.
       sender = Socket.getaddrinfo(addrinfo.ip_address,
-                                  addrinfo.ip_port, nil, :DGRAM,
-                                  0, 0, true).first
+                                  addrinfo.ip_port,
+                                  addrinfo.afamily,
+                                  :DGRAM, 0, 0, true).first
 
       ctxobj = TinyDTLS::Context.from_ptr(ctx)
       ctxobj.queue.push([buf.read_string(len), sender])
@@ -46,27 +50,33 @@ module TinyDTLS
       @sendfn  = method(:send).super_method
       @secconf = SecurityConfig.new
 
-      id = object_id
-      CONTEXT_MAP[id] = TinyDTLS::Context.new(@sendfn, @queue, @secconf)
-
-      cptr = Wrapper::dtls_new_context(FFI::Pointer.new(id))
-      @ctx = Wrapper::DTLSContextStruct.new(cptr)
+      @context = TinyDTLS::Context.new(@sendfn, @queue, @secconf)
+      CONTEXT_MAP[@context.key] = @context
 
       if timeout.nil?
-        @sessions = SessionManager.new(@ctx)
+        @sessions = SessionManager.new(@context)
       else
-        @sessions = SessionManager.new(@ctx, timeout)
+        @sessions = SessionManager.new(@context, timeout)
       end
 
       @handler = Wrapper::DTLSHandlerStruct.new
       @handler[:write] = UDPSocket::Write
       @handler[:read] = UDPSocket::Read
       @handler[:get_psk_info] = SecurityConfig::GetPSKInfo
-      Wrapper::dtls_set_handler(@ctx, @handler)
+      Wrapper::dtls_set_handler(@context.to_ffi, @handler)
     end
 
-    def add_client(id, key)
+    # Adds a new identity/key pair to the underlying
+    # TinyDTLS::SessionManager. By default the first pair added to the
+    # store will be used for establishing new handshakes, this behaviour
+    # can be changed using the optional default argument.
+    def add_client(id, key, default = false)
       @secconf.add_client(id, key)
+
+      if default
+        @secconf.default_id  = id
+        @secconf.default_key = key
+      end
     end
 
     def bind(host, port)
@@ -77,18 +87,28 @@ module TinyDTLS
     # TODO: close_{read,write}
 
     def close
-      @sessions.destroy!
-      @thread.kill unless @thread.nil?
+      # This method can't be called twice since we actually free memory
+      # allocated by ruby-ffi in this function. Since we can't free it
+      # twice we ensure that this function is only called once.
+      return unless CONTEXT_MAP.has_key? @context.key
+
+      @sessions.close
+      unless @thread.nil?
+        @thread.kill
+        while @thread.alive?
+          @thread.join
+        end
+      end
 
-      # DTLS free context sends messages to peers so we need to
-      # call it before we actually close the underlying socket.
-      Wrapper::dtls_free_context(@ctx)
+      # dtls_free_context sends messages to peers so we need to
+      # explicitly free the dtls_context_t before closing the socket.
+      Wrapper::dtls_free_context(@context.to_ffi)
       super
 
       # Assuming the @thread is already stopped at this point
       # we can safely access the CONTEXT_MAP without running
       # into any kind of concurrency problems.
-      CONTEXT_MAP.delete(object_id)
+      CONTEXT_MAP.delete(@context.key)
     end
 
     def connect(host, port)
@@ -149,20 +169,25 @@ module TinyDTLS
         port, host = Socket.unpack_sockaddr_in(host)
       end
 
-      addr = Addrinfo.getaddrinfo(host, port, nil, :DGRAM).first
+      addr = Addrinfo.getaddrinfo(host, port, @family, :DGRAM).first
 
       # If a new thread has been started above a new handshake needs to
       # be performed by it. We need to block here until the handshake
       # was completed.
       #
-      # The current approach is calling `Wrapper::dtls_write` until it
-      # succeeds which is suboptimal because it doesn't take into
-      # account that the handshake may fail.
-      until (res = dtls_send(addr, mesg)) > 0
+      # The current approach is calling `Wrapper::dtls_write` up to
+      # MAX_RETRY times. If we didn't manage to send our data to the
+      # peer after MAX_RETRY times an exception is raised.
+      MAX_RETRY.times do
+        res = dtls_send(addr, mesg)
+        if res > 0
+          return res
+        end
+
         sleep 1
       end
 
-      return res
+      raise Errno::ECONNREFUSED.new("DTLS handshake failed")
     end
 
     private
@@ -180,7 +205,8 @@ module TinyDTLS
     # of locking the session manager and is thus thread-safe.
     def dtls_send(addr, mesg)
       @sessions[addr] do |sess|
-        res = Wrapper::dtls_write(@ctx, sess.to_ptr, mesg, mesg.bytesize)
+        res = Wrapper::dtls_write(@context.to_ffi, sess.to_ptr,
+                                  mesg, mesg.bytesize)
         res == -1 ? raise(Errno::EIO) : res
       end
     end
@@ -191,13 +217,14 @@ module TinyDTLS
     # The thread is only created once.
     def start_thread
       @thread ||= Thread.new do
-        while true
+        loop do
           data, addr = method(:recvfrom).super_method
             .call(Wrapper::DTLS_MAX_BUF)
           addrinfo = to_addrinfo(*addr)
 
           @sessions[addrinfo] do |sess|
-            Wrapper::dtls_handle_message(@ctx, sess.to_ptr, data, data.bytesize)
+            Wrapper::dtls_handle_message(@context.to_ffi, sess.to_ptr,
+                                         data, data.bytesize)
           end
         end
       end

data/lib/tinydtls/wrapper.rb

@@ -112,6 +112,7 @@ module TinyDTLS
     # sockaddr_in{,6}`.
     attach_function :dtls_new_session,
       [:pointer, :socklen_t], :pointer
+    attach_function :dtls_free_session, [:pointer], :void
     attach_function :dtls_session_addr, [:pointer, SocklenPtr], :pointer
 
     def self.dtls_get_app_data(ctx)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tinydtls
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Sören Tempel
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-07-14 00:00:00.000000000 Z
+date: 2018-08-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -72,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.7.3
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: It wraps the tinydtls library