From c98b1f520a42004df3dff6f0e1413e49cdeb001e Mon Sep 17 00:00:00 2001 From: Amine Alami <43780877+Alami-Amine@users.noreply.github.com> Date: Tue, 22 Oct 2024 19:30:39 +0200 Subject: [PATCH] Improve Exit Error Handling for failures in PASE pairing requests (#36160) * Improve Error Handling for failures in PASE pairing requests * Integrating comments * clarifying Pair API contract regarding the delegate * integrating comment on API --- src/protocols/secure_channel/PASESession.cpp | 8 ++++++++ src/protocols/secure_channel/PASESession.h | 2 ++ 2 files changed, 10 insertions(+) diff --git a/src/protocols/secure_channel/PASESession.cpp b/src/protocols/secure_channel/PASESession.cpp index 638b99624bae6c..4bf1aa55217c57 100644 --- a/src/protocols/secure_channel/PASESession.cpp +++ b/src/protocols/secure_channel/PASESession.cpp @@ -232,7 +232,15 @@ CHIP_ERROR PASESession::Pair(SessionManager & sessionManager, uint32_t peerSetUp exit: if (err != CHIP_NO_ERROR) { + // If a failure happens before we have placed the incoming exchange into `mExchangeCtxt`, we need to make + // sure to close the exchange to fulfill our API contract. + if (!mExchangeCtxt.HasValue()) + { + exchangeCtxt->Close(); + } Clear(); + ChipLogError(SecureChannel, "Failed during PASE session pairing request: %" CHIP_ERROR_FORMAT, err.Format()); + MATTER_TRACE_COUNTER("PASEFail"); } return err; } diff --git a/src/protocols/secure_channel/PASESession.h b/src/protocols/secure_channel/PASESession.h index 2e731283c88aa8..92b4ee3d8b991c 100644 --- a/src/protocols/secure_channel/PASESession.h +++ b/src/protocols/secure_channel/PASESession.h @@ -99,6 +99,8 @@ class DLL_EXPORT PASESession : public Messaging::UnsolicitedMessageHandler, * ownership of the exchangeCtxt to PASESession object. PASESession * will close the exchange on (successful/failed) handshake completion. * @param delegate Callback object + * The delegate will be notified if and only if Pair() returns success. Errors occurring after Pair() + * returns success will be reported via the delegate. * * @return CHIP_ERROR The result of initialization */