extmod/modussl: Improve exception error messages.

This commit adds human readable error messages when mbedtls or axtls raise an exception. Currently often just an EIO error is raised so the user is lost and can't tell whether it's a cert error, buffer overrun, connecting to a non-ssl port, etc. The axtls and mbedtls error raising in the ussl module is modified to raise: OSError(-err_num, "error string") For axtls a small error table of strings is added and used for the second argument of the OSErrer. For mbedtls the code uses mbedtls' built-in strerror function, and if there is an out of memory condition it just produces OSError(-err_num). Producing the error string for mbedtls is conditional on them being included in the mbedtls build, via MBEDTLS_ERROR_C.
author: Thorsten von Eicken <tve@voneicken.com> 2020-03-26 23:17:35 -0700
committer: Damien George <damien@micropython.org> 2020-07-20 23:41:45 +1000
commit: 9aa214077e6d1e0fba1a775431fedea4c8d76558 (patch)
tree: d04efd64de63ed54a32b53392125bebf2f394672
parent: c7f7c0214c433d52204fe73613bd6162507a0482 (diff)
7 files changed, 173 insertions, 9 deletions
diff --git a/extmod/modussl_axtls.c b/extmod/modussl_axtls.c
index 7b0e3cbcb..0b0ce35fc 100644
--- a/extmod/modussl_axtls.c
+++ b/extmod/modussl_axtls.c
@@ -29,6 +29,7 @@
 
 #include "py/runtime.h"
 #include "py/stream.h"
+#include "py/objstr.h"
 
 #if MICROPY_PY_USSL && MICROPY_SSL_AXTLS
 
@@ -54,6 +55,56 @@ struct ssl_args {
 
 STATIC const mp_obj_type_t ussl_socket_type;
 
+// Table of errors
+struct ssl_errs {
+    int16_t errnum;
+    const char *errstr;
+};
+STATIC const struct ssl_errs ssl_error_tab[] = {
+    { SSL_NOT_OK, "NOT_OK" },
+    { SSL_ERROR_DEAD, "DEAD" },
+    { SSL_CLOSE_NOTIFY, "CLOSE_NOTIFY" },
+    { SSL_EAGAIN, "EAGAIN" },
+    { SSL_ERROR_CONN_LOST, "CONN_LOST" },
+    { SSL_ERROR_RECORD_OVERFLOW, "RECORD_OVERFLOW" },
+    { SSL_ERROR_SOCK_SETUP_FAILURE, "SOCK_SETUP_FAILURE" },
+    { SSL_ERROR_INVALID_HANDSHAKE, "INVALID_HANDSHAKE" },
+    { SSL_ERROR_INVALID_PROT_MSG, "INVALID_PROT_MSG" },
+    { SSL_ERROR_INVALID_HMAC, "INVALID_HMAC" },
+    { SSL_ERROR_INVALID_VERSION, "INVALID_VERSION" },
+    { SSL_ERROR_UNSUPPORTED_EXTENSION, "UNSUPPORTED_EXTENSION" },
+    { SSL_ERROR_INVALID_SESSION, "INVALID_SESSION" },
+    { SSL_ERROR_NO_CIPHER, "NO_CIPHER" },
+    { SSL_ERROR_INVALID_CERT_HASH_ALG, "INVALID_CERT_HASH_ALG" },
+    { SSL_ERROR_BAD_CERTIFICATE, "BAD_CERTIFICATE" },
+    { SSL_ERROR_INVALID_KEY, "INVALID_KEY" },
+    { SSL_ERROR_FINISHED_INVALID, "FINISHED_INVALID" },
+    { SSL_ERROR_NO_CERT_DEFINED, "NO_CERT_DEFINED" },
+    { SSL_ERROR_NO_CLIENT_RENOG, "NO_CLIENT_RENOG" },
+    { SSL_ERROR_NOT_SUPPORTED, "NOT_SUPPORTED" },
+};
+
+STATIC NORETURN void ussl_raise_error(int err) {
+    for (size_t i = 0; i < MP_ARRAY_SIZE(ssl_error_tab); i++) {
+        if (ssl_error_tab[i].errnum == err) {
+            // construct string object
+            mp_obj_str_t *o_str = m_new_obj_maybe(mp_obj_str_t);
+            if (o_str == NULL) {
+                break;
+            }
+            o_str->base.type = &mp_type_str;
+            o_str->data = (const byte *)ssl_error_tab[i].errstr;
+            o_str->len = strlen((char *)o_str->data);
+            o_str->hash = qstr_compute_hash(o_str->data, o_str->len);
+            // raise
+            mp_obj_t args[2] = { MP_OBJ_NEW_SMALL_INT(err), MP_OBJ_FROM_PTR(o_str)};
+            nlr_raise(mp_obj_exception_make_new(&mp_type_OSError, 2, 0, args));
+        }
+    }
+    mp_raise_OSError(err);
+}
+
+
 STATIC mp_obj_ssl_socket_t *ussl_socket_new(mp_obj_t sock, struct ssl_args *args) {
     #if MICROPY_PY_USSL_FINALISER
     mp_obj_ssl_socket_t *o = m_new_obj_with_finaliser(mp_obj_ssl_socket_t);
@@ -107,9 +158,7 @@ STATIC mp_obj_ssl_socket_t *ussl_socket_new(mp_obj_t sock, struct ssl_args *args
             int res = ssl_handshake_status(o->ssl_sock);
 
             if (res != SSL_OK) {
-                printf("ssl_handshake_status: %d\n", res);
-                ssl_display_error(res);
-                mp_raise_OSError(MP_EIO);
+                ussl_raise_error(res);
             }
         }
 
diff --git a/extmod/modussl_mbedtls.c b/extmod/modussl_mbedtls.c
index 9e117c82c..94061ddc8 100644
--- a/extmod/modussl_mbedtls.c
+++ b/extmod/modussl_mbedtls.c
@@ -34,6 +34,7 @@
 
 #include "py/runtime.h"
 #include "py/stream.h"
+#include "py/objstr.h"
 
 // mbedtls_time_t
 #include "mbedtls/platform.h"
@@ -43,6 +44,7 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/ctr_drbg.h"
 #include "mbedtls/debug.h"
+#include "mbedtls/error.h"
 
 typedef struct _mp_obj_ssl_socket_t {
     mp_obj_base_t base;
@@ -74,6 +76,42 @@ STATIC void mbedtls_debug(void *ctx, int level, const char *file, int line, cons
 }
 #endif
 
+STATIC NORETURN void mbedtls_raise_error(int err) {
+    #if defined(MBEDTLS_ERROR_C)
+    // Including mbedtls_strerror takes about 16KB on the esp32 due to all the strings.
+    // MBEDTLS_ERROR_C is the define used by mbedtls to conditionally include mbedtls_strerror.
+    // It is set/unset in the MBEDTLS_CONFIG_FILE which is defined in the Makefile.
+    // "small" negative integer error codes come from underlying stream/sockets, not mbedtls
+    if (err < 0 && err > -256) {
+        mp_raise_OSError(-err);
+    }
+
+    // Try to allocate memory for the message
+    #define ERR_STR_MAX 100  // mbedtls_strerror truncates if it doesn't fit
+    mp_obj_str_t *o_str = m_new_obj_maybe(mp_obj_str_t);
+    byte *o_str_buf = m_new_maybe(byte, ERR_STR_MAX);
+    if (o_str == NULL || o_str_buf == NULL) {
+        mp_raise_OSError(err);
+    }
+
+    // print the error message into the allocated buffer
+    mbedtls_strerror(err, (char *)o_str_buf, ERR_STR_MAX);
+    size_t len = strnlen((char *)o_str_buf, ERR_STR_MAX);
+
+    // Put the exception object together
+    o_str->base.type = &mp_type_str;
+    o_str->data = o_str_buf;
+    o_str->len = len;
+    o_str->hash = qstr_compute_hash(o_str->data, o_str->len);
+    // raise
+    mp_obj_t args[2] = { MP_OBJ_NEW_SMALL_INT(err), MP_OBJ_FROM_PTR(o_str)};
+    nlr_raise(mp_obj_exception_make_new(&mp_type_OSError, 2, 0, args));
+    #else
+    // mbedtls is compiled without error strings so we simply return the err number
+    mp_raise_OSError(err); // typ. err is negative
+    #endif
+}
+
 STATIC int _mbedtls_ssl_send(void *ctx, const byte *buf, size_t len) {
     mp_obj_t sock = *(mp_obj_t *)ctx;
 
@@ -85,7 +123,7 @@ STATIC int _mbedtls_ssl_send(void *ctx, const byte *buf, size_t len) {
         if (mp_is_nonblocking_error(err)) {
             return MBEDTLS_ERR_SSL_WANT_WRITE;
         }
-        return -err;
+        return -err; // convert an MP_ERRNO to something mbedtls passes through as error
     } else {
         return out_sz;
     }
@@ -197,7 +235,6 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
     if (args->do_handshake.u_bool) {
         while ((ret = mbedtls_ssl_handshake(&o->ssl)) != 0) {
             if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
-                printf("mbedtls_ssl_handshake error: -%x\n", -ret);
                 goto cleanup;
             }
         }
@@ -221,7 +258,7 @@ cleanup:
     } else if (ret == MBEDTLS_ERR_X509_BAD_INPUT_DATA) {
         mp_raise_ValueError(MP_ERROR_TEXT("invalid cert"));
     } else {
-        mp_raise_OSError(MP_EIO);
+        mbedtls_raise_error(ret);
     }
 }
 
diff --git a/tests/extmod/ussl_basic.py b/tests/extmod/ussl_basic.py
index b4e21c7dc..9e1821dca 100644
--- a/tests/extmod/ussl_basic.py
+++ b/tests/extmod/ussl_basic.py
@@ -9,7 +9,7 @@ except ImportError:
 
 # create in client mode
 try:
-    ss = ssl.wrap_socket(io.BytesIO())
+    ss = ssl.wrap_socket(io.BytesIO(), server_hostname="test.example.com")
 except OSError as er:
     print("wrap_socket:", repr(er))
 
diff --git a/tests/extmod/ussl_basic.py.exp b/tests/extmod/ussl_basic.py.exp
index 528233831..eb7df855a 100644
--- a/tests/extmod/ussl_basic.py.exp
+++ b/tests/extmod/ussl_basic.py.exp
@@ -1,5 +1,4 @@
-ssl_handshake_status: -256
-wrap_socket: OSError(5,)
+wrap_socket: OSError(-256, 'CONN_LOST')
 <_SSLSocket 
 4
 b''
diff --git a/tests/net_inet/tls_num_errors.py b/tests/net_inet/tls_num_errors.py
new file mode 100644
index 000000000..dd7f714e6
--- /dev/null
+++ b/tests/net_inet/tls_num_errors.py
@@ -0,0 +1,44 @@
+# test that modtls produces a numerical error message when out of heap
+
+try:
+    import usocket as socket, ussl as ssl, sys
+except:
+    import socket, ssl, sys
+try:
+    from micropython import alloc_emergency_exception_buf, heap_lock, heap_unlock
+except:
+    print("SKIP")
+    raise SystemExit
+
+
+# test with heap locked to see it switch to number-only error message
+def test(addr):
+    alloc_emergency_exception_buf(256)
+    s = socket.socket()
+    s.connect(addr)
+    try:
+        s.setblocking(False)
+        s = ssl.wrap_socket(s, do_handshake=False)
+        heap_lock()
+        print("heap is locked")
+        while True:
+            ret = s.write("foo")
+            if ret:
+                break
+        heap_unlock()
+        print("wrap: no exception")
+    except OSError as e:
+        heap_unlock()
+        # mbedtls produces "-29184"
+        # axtls produces "RECORD_OVERFLOW"
+        ok = "-29184" in str(e) or "RECORD_OVERFLOW" in str(e)
+        print("wrap:", ok)
+        if not ok:
+            print("got exception:", e)
+    s.close()
+
+
+if __name__ == "__main__":
+    # connect to plain HTTP port, oops!
+    addr = socket.getaddrinfo("micropython.org", 80)[0][-1]
+    test(addr)
diff --git a/tests/net_inet/tls_num_errors.py.exp b/tests/net_inet/tls_num_errors.py.exp
new file mode 100644
index 000000000..e6a15634d
--- /dev/null
+++ b/tests/net_inet/tls_num_errors.py.exp
@@ -0,0 +1,2 @@
+heap is locked
+wrap: True
diff --git a/tests/net_inet/tls_text_errors.py b/tests/net_inet/tls_text_errors.py
new file mode 100644
index 000000000..2ba167b86
--- /dev/null
+++ b/tests/net_inet/tls_text_errors.py
@@ -0,0 +1,33 @@
+# test that modtls produces a text error message
+
+try:
+    import usocket as socket, ussl as ssl, sys
+except:
+    import socket, ssl, sys
+
+
+def test(addr):
+    s = socket.socket()
+    s.connect(addr)
+    try:
+        s = ssl.wrap_socket(s)
+        print("wrap: no exception")
+    except OSError as e:
+        # mbedtls produces "mbedtls -0x7200: SSL - An invalid SSL record was received"
+        # axtls produces "RECORD_OVERFLOW"
+        # CPython produces "[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1108)"
+        ok = (
+            "invalid SSL record" in str(e)
+            or "RECORD_OVERFLOW" in str(e)
+            or "wrong version" in str(e)
+        )
+        print("wrap:", ok)
+        if not ok:
+            print("got exception:", e)
+    s.close()
+
+
+if __name__ == "__main__":
+    # connect to plain HTTP port, oops!
+    addr = socket.getaddrinfo("micropython.org", 80)[0][-1]
+    test(addr)
author	Thorsten von Eicken <tve@voneicken.com>	2020-03-26 23:17:35 -0700
committer	Damien George <damien@micropython.org>	2020-07-20 23:41:45 +1000
commit	9aa214077e6d1e0fba1a775431fedea4c8d76558 (patch)
tree	d04efd64de63ed54a32b53392125bebf2f394672
parent	c7f7c0214c433d52204fe73613bd6162507a0482 (diff)