This new option allows to include `sockets_tls.c` into the build when
socket offloading is enabled.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Given that the offloaded poll handling differs from the poll handling of
native sockets (entire poll function call is offloaded), some
adjustements were needed to make TLS socket work with offloaded poll
calls.
To achieve this, in case socket offloading is used, instead of jumping
directly to the offloaded poll call, a TLS wrapper for the offloaded
poll will be called. This wrapper will do additional checks at the
mbedtls level, to verify that the event is only notified to the caller
when the application data is available (i. e. not to report events
during handshake or when partial data is received, not ready to
decrypt).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Separate TLS sockets implementation from net_context layer. Instead of
calling net_context functions directly, create an underlying TCP/UDP
socket, and call socket functions on it instead. This results in a
simpler design, where we don't need to duplicate specific parts of code
from the native socket implementation. Additionally, this allows to use
a different TCP/UDP stack underneath (i. e. when sockets offloading is
used).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commit adds helper function to verify protocol, which was done in
two different places in the code. The function returns the underlying
protocol information on success.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When connection is closed and we send ACK flag, use proper seq
values so that any data that is still in flight will get acked too.
Currently this assumes that window is still open.
Fixes#27876
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Entropy device, as being unique here, does not need to be passed through
mbedtls and can instead set static locally.
Fixes#27399
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Now that device_api attribute is unmodified at runtime, as well as all
the other attributes, it is possible to switch all device driver
instance to be constant.
A coccinelle rule is used for this:
@r_const_dev_1
disable optional_qualifier
@
@@
-struct device *
+const struct device *
@r_const_dev_2
disable optional_qualifier
@
@@
-struct device * const
+const struct device *
Fixes#27399
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Following are the changes to variable names that are matching
with tag names (Rule 5.7 violations)
In kernel.h, event_type is matching with a tag name in
lib/os/onoff.c. Added a _ prefix to event_type and
also to the macro argument names.
In userspace.c, *dyn_obj is matching with the tag name
dyn_obj in the file itslef. Changed it to dyn
In device.h, device_mmio.h, init.h and init.c,
changed the *device to dev. Except for one change in
init.h
Signed-off-by: Spoorthy Priya Yerabolu <spoorthy.priya.yerabolu@intel.com>
Add more tests to verify that we discard malformed packets.
In order to simplify the testing, separate message validation to
dns_validate_msg() function in resolve.c. Allow that function to
be called from unit test. This way we can construct invalid DNS
messages in unit test and verify that they are discarded when
needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The ANCOUNT has nothing to do with label count so remove the
original while loop and just go through all the labels until
we have read all of them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This is not possible with valid DNS messages but is possible if
we receive malformed DNS packet.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Allow user to create SOCK_DGRAM type AF_PACKET socket. This
allows user to send raw IP packets without specifying
L2 (like Ethernet) headers.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The steps_removed field must be placed right after root_system_id
so that priority vector comparision can be done in one memcmp()
call. This fixes the best master clock selection algorithm (BMCA).
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
In 'struct coap_resource' path description:
- the plus symbol represents a single-level wild card in the path;
- the hash symbol represents the multi-level wild card in the path.
This change keeps compatibility with RFC 7252 but allows handling
multiple requests in single function.
Signed-off-by: Eug Krashtan <eug.krashtan@gmail.com>
-Wimplicit-fallthrough=2 requires a fallthrough comment or a compiler
to tells gcc that this happens intentionally.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Added additonal checks in net_ipv6_input to ensure that multicasts
are only passed to the upper layer if the originating interface
actually joined the destination multicast group.
Signed-off-by: Philip Serbin <philip.serbin@lemonbeat.com>
Now that TCP2 is the default stack, make the shell compatible
with both stacks.
Note: net_tcp_foreach is not implemented in TCP2, so related
code depends on TCP1.
Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
PPP Phase Diagram [1] allows only one way phase change. In current
implementation there is an additional RUNNING phase, which is entered
just after NETWORK phase.
Prevent going back from RUNNING to NETWORK phase when Term-Req was
received, as this is meaningless for overall PPP operation and violates
PPP Phase Diagram property of having one way direction change.
This change also improves Adminitrative Close handling (calling
lcp_close()). This request results in moving into TERMINATE phase. Then
LCP is put down (by calling lcp_down()) and then ppp_link_down() is
called, which so far (before this patch) resulted in moving back to
NETWORK and then to DEAD. Right now (after this patch) we move directly
from TERMINATE to DEAD phase, which is exactly how [1] specifies it.
[1] https://tools.ietf.org/html/rfc1661#section-3.2
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
State Transition Table [1] specifies that Administrative Close should
result in CLOSING state. This is not respected in case of LCP, as
STOPPED state was forced in lcp_close().
Don't force going into STOPPED state in lcp_close() and rely on
ppp_fsm_close() to move to CLOSING state instead.
This patch fixes overall Adminitrative Close procedure and allows to
move back into fully operating PPP connection once again after
Adminitrative Open.
[1] https://tools.ietf.org/html/rfc1661#section-4.1
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Print role information next to port information. Also make
sure that port number is set correctly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Save some memory and separate common string snippets from larger
strings. In this case "does not match" sub-string is printed by
several warning prints so separate the sub-string from the bigger
string.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
net: route: Add prefix-based ipv6 multicast forwarding
This adds/reenables the feature of multicast routing/forwarding.
The forwarding decision is based on the added multicast routes
and the new network interface flag:
NET_IF_FORWARD_MULTICASTS.
Signed-off-by: Jan Georgi <jan.georgi@lemonbeat.com>
This patch implements optional authentication phase, which is done
between link establishment and network phases. It is part of LCP option
negotiation to decide whether authentication is needed and which
protocol will be used. For now we add only PAP support and try to
negotiate it when some other protocol (e.g. CHAP or EAP) is proposed
earlier. For simplicity reason we only add one way authentication
support, which means that we try to authenticate to the other peer, but
do not require authentication from it.
This is an important step to make PPP work with cellular network modems,
because most of them require to provide username and password within PPP
authentication phase. Those credentials are used by modem to login to
cellular network. In most cases however it is enough to provide dummy
values, because they are not verified. For this reason and simplicity of
this patch we hardcode PAP Peer-ID and Password now.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
This module had only some header includes, without actual code. Remove
it, as it is better to create one module per authentication protocol
anyway.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Add enums of PAP, CHAP and EAP authentication protocols. Also add their
string representations, so they will nicely show up in logs during
debugging.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Interpret -EINVAL return value from options' parse() callback as "option
value is not supported". After receiving such value nack() callback will
be executed in order to put supported value in the response.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Given the comment in `ipv6_event_handler`, the init function shall wait
for the last added IPv6 address to be confirmed with DAD. This is
contrary with current logic, which will only wait for the first address
to be confirmed.
This commit adds a break statement in the loop, not to overwrite the
recent address to verify with an older one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When verifying the parameters check NULL value separately.
This will avoid nasty warning message to be printed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add function pointer to vtable and use that directly instead of
routing via ioctl() call. This is done as we are trying to get
rid of ioctl() calls in the system.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Do not route close() calls via ioctl() as that is error prone
and quite pointless. Instead create a callback for close() in
fdtable and use it directly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of casting struct in6_addr, sin6_addr member is now used
directly, like in every other instance of calling net_ipv6_is_prefix().
Signed-off-by: Christian Taedcke <christian.taedcke@lemonbeat.com>
This macro has no use in code and was most probably replaced by
FSM_TIMEOUT (which resolves to CONFIG_NET_L2_PPP_TIMEOUT) with the same
default value.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Those macros are not used anymore after commit 35a2519091 ("net: l2:
ppp: add generic function for handling Conf-Req"), because we no longer
need preallocated table on stack for parsing option information.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
This option is not used after commit 50b2cafc42 ("net: l2: ppp: use
net_pkt API for replying to Configure-Req") has been applied. We don't
need to preallocate table on stack for parsing option information, so
information about maximum number of supported options is useless.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
This commit allows let build zperf sample with overlay-netusb.conf.
USB subsystem must be enabled by the application.
Signed-off-by: Emil Obalski <emil.obalski@nordicsemi.no>
For platforms using non-native stacks, net_tcp_init() should be
compiled out, similar to how it is done in tcp_internal.h.
Fixes#27463
Signed-off-by: Vincent Wan <vwan@ti.com>
Instead of just showing network interface pointer, print also
network interface index. This helps debugging.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
OT_RADIO_CAPS_SLEEP_TO_TX was added as a radio capability
for ieee802154 radio. Waiting on RX state before transmission
is alternative condition to OT_RADIO_CAPS_SLEEP_TO_TX support
as it was a result of OpenThread architecture and is actually
not needed in the Zephyr. Such change lets to start transmission
faster and lower SED device power consumption in active state
about 30%.
Signed-off-by: Kamil Kasperczyk <kamil.kasperczyk@nordicsemi.no>
Enable the new TCP stack as a default one in order to get people
to use it before Zephyr 2.4 is released.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Zephyr platform does not support MAC retransmissions on its own,
so OT_RADIO_CAPS_TRANSMIT_RETRIES capability was removed.
It should not be enabled basing on IEEE802154_HW_CSMA support,
as these are quite seperate features. Current implementation
assumes that platform performs retransmissions on its own,
what is not provided and leads to lack of MAC retransmissions.
Signed-off-by: Kamil Kasperczyk <kamil.kasperczyk@nordicsemi.no>
Allow user to enable CONFIG_NET_PKT_TXTIME and
CONFIG_NET_PKT_TXTIME_STATS at the same time. This will increase
memory consumption but as the CONFIG_NET_PKT_TXTIME_STATS is
only meant to be enabled for debugging purposes this overhead
can be accepted.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
