Have you been following the work Ondrej has been doing? OCF Cloud is up in the air afaik. Pun intended.
On Tue, Aug 21, 2018, 3:50 AM <[email protected]> wrote: > I am currently trying to get a setup working with OCF devices connecting > to the cloud using TLS. I found the following issues: > 1. There is a easy to reproduce deadlock (reproducable via the > airconditioner examples).since there is a lock on the ssl resource > (g_sslContextMutex in ca_adapter_net_ssl.c), and on the tcp resource > (g_mutexObjectList in catcpserver.c). When a message is sent (ssl is locked > and then tcp) and another received (tcp is locked and then ssl) around the > same time, there is a deadlock. > 2. I tried breaking up the deadlock by naively unifying the locks. This > causes a major slowdown, especially if the connections fail. The reason for > this is that the ssl resource lock holds locks around connection related > events which can take a long time. Usually threads should not be waiting > for locks on network events! > 3. I then tried to modify the way the ssl resource lock works, and to have > it not lock around connection related events. It still didn't help because > it turns out that the way the ssl handshake implemented in a seemingly > strange way where it is created from jumping around between different parts > of the code which happen to only work if the locks are implemented as there > were. > > Another issue that I found is when I run a OCF server more than once, the > function "OCSaveTrustCertChain" used to register a certificate will just > continue to a dd the certificate to the secure db, causing the file to > grow, and worse, causing resource discovery on an ocf server to stop > working. > > My conclusion from this is that TLS connection with cloud is utterly > broken.I would like to hear some input on this issue, hopefully proving me > wrong. > I can provide more details as needed. > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9884): https://lists.iotivity.org/g/iotivity-dev/message/9884 Mute This Topic: https://lists.iotivity.org/mt/24874400/21656 Group Owner: [email protected] Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
