Handle OnSessionReleased in PairingSessions (#17881)

kghost · pull[bot] · commit 693454eb991f · 2023-10-10T16:01:52.000Z
diff --git a/src/protocols/secure_channel/CASESession.cpp b/src/protocols/secure_channel/CASESession.cpp
@@ -127,6 +127,13 @@ CASESession::~CASESession()
     Clear();
 }
 
+void CASESession::OnSessionReleased()
+{
+    Clear();
+    // Do this last in case the delegate frees us.
+    mDelegate->OnSessionEstablishmentError(CHIP_ERROR_CONNECTION_ABORTED);
+}
+
 void CASESession::Clear()
 {
     // This function zeroes out and resets the memory used by the object.
diff --git a/src/protocols/secure_channel/CASESession.h b/src/protocols/secure_channel/CASESession.h
@@ -154,6 +154,9 @@ class DLL_EXPORT CASESession : public Messaging::UnsolicitedMessageHandler,
     void OnResponseTimeout(Messaging::ExchangeContext * ec) override;
     Messaging::ExchangeMessageDispatch & GetMessageDispatch() override { return SessionEstablishmentExchangeDispatch::Instance(); }
 
+    //// SessionReleaseDelegate ////
+    void OnSessionReleased() override;
+
     FabricIndex GetFabricIndex() const { return mFabricInfo != nullptr ? mFabricInfo->GetFabricIndex() : kUndefinedFabricIndex; }
 
     // TODO: remove Clear, we should create a new instance instead reset the old instance.
diff --git a/src/protocols/secure_channel/PASESession.cpp b/src/protocols/secure_channel/PASESession.cpp
@@ -69,6 +69,13 @@ PASESession::~PASESession()
     Clear();
 }
 
+void PASESession::OnSessionReleased()
+{
+    Clear();
+    // Do this last in case the delegate frees us.
+    mDelegate->OnSessionEstablishmentError(CHIP_ERROR_CONNECTION_ABORTED);
+}
+
 void PASESession::Finish()
 {
     mPairingComplete = true;
diff --git a/src/protocols/secure_channel/PASESession.h b/src/protocols/secure_channel/PASESession.h
@@ -178,6 +178,9 @@ class DLL_EXPORT PASESession : public Messaging::UnsolicitedMessageHandler,
 
     Messaging::ExchangeMessageDispatch & GetMessageDispatch() override { return SessionEstablishmentExchangeDispatch::Instance(); }
 
+    //// SessionReleaseDelegate ////
+    void OnSessionReleased() override;
+
 private:
     enum Spake2pErrorType : uint8_t
     {
diff --git a/src/protocols/secure_channel/PairingSession.cpp b/src/protocols/secure_channel/PairingSession.cpp
@@ -153,21 +153,20 @@ void PairingSession::Clear()
         mExchangeCtxt = nullptr;
     }
 
-    if (mSessionManager != nullptr)
+    if (mSecureSessionHolder)
     {
-        if (mSecureSessionHolder && !mSecureSessionHolder->AsSecureSession()->IsActiveSession())
+        SessionHandle session = mSecureSessionHolder.Get();
+        // Call Release before ExpirePairing because we don't want to receive OnSessionReleased() event here
+        mSecureSessionHolder.Release();
+        if (!session->AsSecureSession()->IsActiveSession() && mSessionManager != nullptr)
         {
             // Make sure to clean up our pending session, since we're the only
             // ones who have access to it do do so.
-            mSessionManager->ExpirePairing(mSecureSessionHolder.Get());
+            mSessionManager->ExpirePairing(session);
         }
     }
 
     mPeerSessionId.ClearValue();
-    // If we called ExpirePairing above, the holder has already released the
-    // session (due to it being destroyed).  If not, we need to release it.
-    // Release is idempotent, so it's OK to just call it here.
-    mSecureSessionHolder.Release();
     mSessionManager = nullptr;
 }
 
diff --git a/src/protocols/secure_channel/PairingSession.h b/src/protocols/secure_channel/PairingSession.h
@@ -38,9 +38,10 @@ namespace chip {
 
 class SessionManager;
 
-class DLL_EXPORT PairingSession
+class DLL_EXPORT PairingSession : public SessionReleaseDelegate
 {
 public:
+    PairingSession() : mSecureSessionHolder(*this) {}
     virtual ~PairingSession() { Clear(); }
 
     virtual Transport::SecureSession::Type GetSecureSessionType() const = 0;
@@ -170,7 +171,7 @@ class DLL_EXPORT PairingSession
 
 protected:
     CryptoContext::SessionRole mRole;
-    SessionHolder mSecureSessionHolder;
+    SessionHolderWithDelegate mSecureSessionHolder;
     // mSessionManager is set if we actually allocate a secure session, so we
     // can clean it up later as needed.
     SessionManager * mSessionManager           = nullptr;
diff --git a/src/protocols/secure_channel/tests/TestPairingSession.cpp b/src/protocols/secure_channel/tests/TestPairingSession.cpp
@@ -44,6 +44,8 @@ class TestPairingSession : public PairingSession
     ScopedNodeId GetLocalScopedNodeId() const override { return ScopedNodeId(); }
     CATValues GetPeerCATs() const override { return CATValues(); };
 
+    void OnSessionReleased() override {}
+
     const ReliableMessageProtocolConfig & GetRemoteMRPConfig() const { return mRemoteMRPConfig; }
 
     CHIP_ERROR DeriveSecureSession(CryptoContext & session) const override { return CHIP_NO_ERROR; }

Original file line number	Diff line number	Diff line change
`@@ -127,6 +127,13 @@ CASESession::~CASESession()`
`127`	`127`	`Clear();`
`128`	`128`	`}`
`129`	`129`
	`130`	`+void CASESession::OnSessionReleased()`
	`131`	`+{`
	`132`	`+ Clear();`
	`133`	`+ // Do this last in case the delegate frees us.`
	`134`	`+ mDelegate->OnSessionEstablishmentError(CHIP_ERROR_CONNECTION_ABORTED);`
	`135`	`+}`
	`136`	`+`
`130`	`137`	`void CASESession::Clear()`
`131`	`138`	`{`
`132`	`139`	`// This function zeroes out and resets the memory used by the object.`
Original file line number	Diff line number	Diff line change
`@@ -69,6 +69,13 @@ PASESession::~PASESession()`
`69`	`69`	`Clear();`
`70`	`70`	`}`
`71`	`71`
	`72`	`+void PASESession::OnSessionReleased()`
	`73`	`+{`
	`74`	`+ Clear();`
	`75`	`+ // Do this last in case the delegate frees us.`
	`76`	`+ mDelegate->OnSessionEstablishmentError(CHIP_ERROR_CONNECTION_ABORTED);`
	`77`	`+}`
	`78`	`+`
`72`	`79`	`void PASESession::Finish()`
`73`	`80`	`{`
`74`	`81`	`mPairingComplete = true;`
Original file line number	Diff line number	Diff line change
`@@ -178,6 +178,9 @@ class DLL_EXPORT PASESession : public Messaging::UnsolicitedMessageHandler,`
`178`	`178`
`179`	`179`	`Messaging::ExchangeMessageDispatch & GetMessageDispatch() override { return SessionEstablishmentExchangeDispatch::Instance(); }`
`180`	`180`
	`181`	`+ //// SessionReleaseDelegate ////`
	`182`	`+ void OnSessionReleased() override;`
	`183`	`+`
`181`	`184`	`private:`
`182`	`185`	`enum Spake2pErrorType : uint8_t`
`183`	`186`	`{`
Original file line number	Diff line number	Diff line change
`@@ -153,21 +153,20 @@ void PairingSession::Clear()`
`153`	`153`	`mExchangeCtxt = nullptr;`
`154`	`154`	`}`
`155`	`155`
`156`		`- if (mSessionManager != nullptr)`
	`156`	`+ if (mSecureSessionHolder)`
`157`	`157`	`{`
`158`		`- if (mSecureSessionHolder && !mSecureSessionHolder->AsSecureSession()->IsActiveSession())`
	`158`	`+ SessionHandle session = mSecureSessionHolder.Get();`
	`159`	`+ // Call Release before ExpirePairing because we don't want to receive OnSessionReleased() event here`
	`160`	`+ mSecureSessionHolder.Release();`
	`161`	`+ if (!session->AsSecureSession()->IsActiveSession() && mSessionManager != nullptr)`
`159`	`162`	`{`
`160`	`163`	`// Make sure to clean up our pending session, since we're the only`
`161`	`164`	`// ones who have access to it do do so.`
`162`		`- mSessionManager->ExpirePairing(mSecureSessionHolder.Get());`
	`165`	`+ mSessionManager->ExpirePairing(session);`
`163`	`166`	`}`
`164`	`167`	`}`
`165`	`168`
`166`	`169`	`mPeerSessionId.ClearValue();`
`167`		`- // If we called ExpirePairing above, the holder has already released the`
`168`		`- // session (due to it being destroyed). If not, we need to release it.`
`169`		`- // Release is idempotent, so it's OK to just call it here.`
`170`		`- mSecureSessionHolder.Release();`
`171`	`170`	`mSessionManager = nullptr;`
`172`	`171`	`}`
`173`	`172`