Skip to content

HTTPS WebSocket casts SOCKET storage to mbedtls_net_context

Summary

The HTTPS WebSocket path passes the address of a WinSock SOCKET to mbedTLS callbacks as if it were an mbedtls_net_context. In the pinned mbedTLS headers, mbedtls_net_context stores an int fd, while Windows SOCKET is pointer-sized on x64. This can truncate socket handles, close the wrong socket, or leave the real socket open.

This blocks Beta 0.7.3 because HTTPS Web UI and REST traffic can become nondeterministic on the supported x64 build.

Evidence

  • srchybrid/WebSocket.cpp:452 passes &hSocket to mbedtls_ssl_set_bio.
  • srchybrid/WebSocket.cpp:571 casts &hSocket to mbedtls_net_context* for mbedtls_net_free.
  • repos/third_party/emulebb-mbedtls/include/mbedtls/net_sockets.h:83 defines mbedtls_net_context with an int fd.
  • repos/third_party/emulebb-mbedtls/library/net_sockets.c:620 reads that int fd before send/receive.

Execution Plan

  1. Revalidate the exact ABI on supported x64 and ARM64 builds, including the pinned mbedTLS fork and compiler configuration.
  2. Replace the casted SOCKET storage with an actual owned transport context: either a real mbedtls_net_context initialized with a validated descriptor representation, or narrow local send/recv/close callbacks that own a SOCKET without pretending it is an mbedTLS context.
  3. Make ownership explicit so exactly one close path owns each accepted socket.
  4. Ensure HTTP and HTTPS accepted-client cleanup share the same lifetime model where practical.
  5. Add focused test/seam coverage or a debug validation seam proving the HTTPS BIO callback receives the full socket value on x64.
  6. Re-run Web UI/REST HTTPS smoke coverage and shutdown coverage.

Acceptance Criteria

  • No cast from SOCKET* to mbedtls_net_context* remains in the WebSocket accepted-client path.
  • HTTPS send, receive, close, and shutdown use the full WinSock SOCKET value on x64 and ARM64.
  • Socket ownership is single-owner and documented by the code structure.
  • HTTP Web UI and REST behavior are unchanged.

Validation

  • 2026-05-08: Done in app commit c6c1526.
  • python -m emule_workspace build app --workspace-root . --config Release --platform x64 --variant main passed; log root workspaces\v0.72a\state\build-logs\20260508-093855.
  • python -m emule_workspace validate --workspace-root . passed.
  • Code validation: the HTTPS WebSocket accepted-client path now binds mbedTLS to a WebSocket-owned WinSock callback context and closes the accepted SOCKET through the same explicit cleanup path used by HTTP.