Fixing the websocket command output to align the fields and
printing interface index instead of a pointer value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add socket obj_core support to websocket so that the socket
information can be viewed by "net sockets" command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
After upgrading the HTTP connection to websocket, call the
application registered callback to transfer the ownership of
the socket to the application.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the other end closes the connection, it is not exactly an
error so downgrade the print to debug level.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The http_server needs a way to bind a websocket socket to the
upgraded http connection socket. So websocket_register() is used
for that.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use normal "config" in order to avoid this error from compliance
check script:
Found pointless 'menuconfig' symbols without children.
Use regular 'config' symbols instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow connection to be upgraded from HTTP/1.1 to websocket.
This commit does nothing yet with the upgraded connection.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Check what kind of upgrading we are doing and return error
if we receive upgrade that we do not support.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Two issues fixed:
When pull-context is created, it does not have to wake up the RD
client context. Ignore the EPERM warning.
When new pull-context creates a new socket, sometimes socket-loop
gets to recvfrom() before we have set O_NONBLOCK on the socket.
So use ZSOCK_MSG_DONTWAIT on zsock_recvfrom() so it does not
block the socket loop.
Fixes#71450
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
The local address used for established TCP socket needs to be
dig out from TCP internals and not from context->local.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for IPv6 Source Address Selection defined in RFC 5014.
This commit does not add any address selection support to getaddrinfo()
as described in the RFC. The AI_EXTFLAGS symbol and also the ai_eflags
to hints is added but they are not used by the code.
The public/temporary address selection is only done internally by
the net_if_ipv6_select_src_addr_hint() according to flags set by
setsockopt().
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When printing IPv4 and IPv6 address information in "net ipv4" and
"net ipv6" commands, print also reference count of the IP address.
This is useful for debugging purposes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add events to be generated when privacy extension is enabled
or disabled, or when allow/deny filter is added or deleted.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When executing "net iface" command, print current status of
IPv6 privacy extension if it is enabled in config file.
The "net ipv6 ..." command prints IPv6 privacy extension
information, and can add or delete IPv6 prefix filters.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If IPv6 address expires and moves to deprecated state, then
send a mgmt event so that listeners can act on it.
One such action is to close a socket bound to that source address
so that the address can be released.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The coap_client lib only handled "one-shot" requests properly. This
patch allows it to keep listening for additional responses to a request,
if the request was made with the CoAP OBSERVE option appended.
An API for canceling such requests is also added.
Signed-off-by: Benjamin Lindqvist <benjamin@eub.se>
The size field in net_buf should not be used directly as then
the optional headroom will not be taken into account.
There is the net_buf_max_len() API that should be used instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Kconfig option to enable object version reporting should
be moved into sub section "Engine features" so
it does not clutter up the main LwM2M menu.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Original code developed as a GSoC 2023 project by Emna Rekik.
Code refactored in order to provide better bisectability
as the origical commits were not bisectable.
The server supports static and dynamic resources, managed by
HTTP_SERVICE/HTTP_RESOURCE macros.
Fixes#59685Fixes#59686Fixes#59688Fixes#59690Fixes#59670Fixes#59700Fixes#59684Fixes#59693Fixes#59693Fixes#59694Fixes#59699Fixes#59696Fixes#59688Fixes#59690Fixes#59670Fixes#59700Fixes#59685Fixes#59686Fixes#59688Fixes#59691
Signed-off-by: Emna Rekik <emna.rekik007@gmail.com>
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add HTTP/2 helper libraries to encode and decode HPACK encoded headers,
according to RFC7541.
HPACK string encoding requires to support certain set of Huffman codes,
therefore implement Huffman encoder/decoder as well.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Adds a config that enables sending the object version for all objects.
According to LwM2M specification v1.0 and v1.1, non-core object versions
other than 1.0 'must' be provided, while all other versions 'may' be
provided. With specification v1.2, a client 'can always attach Object
Version Information'. Or in other words, it is OK to always report the
object version with all specifications.
Signed-off-by: Andreas Rudolf <andreas.rudolf@husqvarnagroup.com>
Updates the linker script fragments under 'subsys' to use
Z_LINK_ITERABLE_SUBALIGN for the subalignment instead of
a hardcoded value of 4.
Signed-off-by: Peter Mitsis <peter.mitsis@intel.com>
This commit change a method of printing multicast routes by showing
all interfaces per entry instead of aggregating them by interface.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
Allow changing the CoAP Block-wise transfers block-size
for subsequent GET requests.
It looks like Leshan switches block size back to its
configured value, if it is smaller.
So even when we send block N=0 with size of 512, Leshan
seem to handle that properly but still asks N=2 with
block size 256(if that is configured).
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Minor improvements to usage of zperf_shell upload.
Added common defaults for the upload commands arguments.
Print defaults in cmd help.
Throw warning when user sets baud rate for TCP upload.
Signed-off-by: Adam Matus <adam.matus@nxp.com>
Add more error logs in case of (mostly) mbed TLS errors, so it's easier
to get an initial idea of what went wrong based on logs only. Getting
an information on an actual mbed TLS error code is quite helpful in such
cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Block size is a 3-bit value mapping values [0, 6] to powers of 2 in the
range [16, 1024]. Value 7 is invalid.
The previous formula was not working in case the client's preferred size
was 4 (or more) times bigger than the server's.
This commit takes into account also the case the client's preferred size
is smaller than the server's.
Signed-off-by: Marco Argiolas <marco.argiolas@ftpsolutions.com.au>
Remove IPSP support from the tree.
It has no maintainers, and is regularly broken. The fact that it's
nontrivial to set-up in linux makes it hard to fix reported issues.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
The "struct sockaddr" should only be used in casts and never
as a standalone variable because it might not have enough
space allocated for all the protocol specific fields.
So refactor the port_in_use() function to reflect that.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
errno values are positive, therefore they should be negated when
assigned as return values for net_dhcpv4_server_start().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Check if the interface is down before joining IPv4 mDNS multicast
group. This avoids warning later when the network packet cannot be sent.
Fixes#71121
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Correct various small edge-case behaviors that have been accidentally
introduced in the http_client.
- http_client_req no longer incorrectly returns -ETIMEDOUT on NULL HTTP
resonse. -ETIMEDOUT is now only returned when the underlying TLS
socket times out.
- http_client_req now returns -ECONRESET upon incomplete (but non-NULL)
HTTP response. The request callback is no longer called in this case
(as with any other error state).
- http_wait_data has been refactored slightly to increase clarity.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
If user created the capture device using the API and not via
the shell, then the device name was not set. Use the default
capture device in this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The event NET_EVENT_CAPTURE_STARTED is generated when the
capture is enabled, and NET_EVENT_CAPTURE_STOPPED when capture
is disabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The net_capture_pkt() does not return information what happened
to the net_pkt because the packet was always cloned. With cooked
capture we can avoid the cloning in which case we need to know
the capture status in order to unref the packet if needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for capturing arbitrary data via the cooked mode (sll)
capture API. The actual packet capture is done using net_capture_data()
function, the packet capture infrastructure does not need any changes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add hostname changed printout to event monitor. As the name
says, it is generated when the hostname of the device changes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Starting with b1d24e425c (net: lwm2m:
device object: optionally store error list in settings), it was no
longer possible to build the code with coverage enabled when the
settings subsystem was disabled.
The build would fail with an error like this:
> subsys/net/lib/lwm2m/lwm2m_obj_device.c:262: undefined reference to
> `settings_name_steq'
This fixes#70923.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
According to the `RFC8415` the length of the DUID is at least 1 octet
up to 128 octets. Now a user can choose buffer length without the need
for source code modification.
Signed-off-by: Marcin Gasiorek <marcin.gasiorek@nordicsemi.no>
Instead of having a single config specifying the memory pool size for
variable-sized net buffers, have a separate one for TX and RX for better
configuration granularity when optimizing memory usage of the
application.
Deprecate the old configuration but use its value as a default (for now)
for the new configs. This will need to change when the config is
deleted.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Outgoing block-transfers now set the socket hint
to ONGOING as long as the BLOCK1/BLOCK2 header has
MORE flag set to true.
This means as only the last packet in the block-transfer
set the socket hint to LAST or ONE_RESPONSE.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Print information whether a multicast address is properly
joined to a multicast group when print addresses using
"net iface" command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
As the interface type is always Virtual, no need to print it.
Print instead the name of the network interface as it is more
useful to the user.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Changing remaining users of fcntl.h to use the include from our own
POSIX file so that the values in there are consistent in all parts
of the sources.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use only Zephyr specific POSIX header files so that the whole
system is getting values from the same files. There was an issue with
native_sim run of tests/net/socket/af_packet which had O_BLOCKING set
to 0x4000 from include/zephyr/posix/fcntl.h, but then the file
subsys/net/lib/socket/sockets.c was having O_BLOCKING set to 0x0800
because different header files were used.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Currently the socks library does not use sockets so there
is no need to select socket symbols.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The library should be using internal socket API functions
so that we do not need to depend on POSIX_API inside the
network stack.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Have special wrappers for zsock_fcntl and zsock_ioctl functions
so that gcc warning can be avoided.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The CONFIG_NET_SOCKETS_POSIX_NAMES option is marked as deprecated in
favor of using normal POSIX socket API includes found under the
include/zephyr/posix directory. If you want to use BSD socket API calls,
you need to select POSIX_API and use the socket headers found in the
POSIX subsystem. If you do not want to or cannot enable POSIX_API,
then you must use zsock_ prefix when working with BSD socket calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
As stated in "[RFC7959], Section 2.5":
"The Block1 Option provides no way for a single endpoint to perform
multiple concurrently proceeding block-wise request payload transfer
(e.g., PUT or POST) operations to the same resource. Starting a new
block-wise sequence of requests to the same resource (before an old
sequence from the same endpoint was finished) simply overwrites the
context the server may still be keeping."
Signed-off-by: Marco Argiolas <marco.argiolas@ftpsolutions.com.au>
If the network interface does not enable IPv4, then it is pointless
to print DHCPv4 information when invoking "iface" shell command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add an error log if there's a failure when attempting to load
certificates during socket connect.
Signed-off-by: Noah Pendleton <noah.pendleton@gmail.com>
Current implementation of mDNS responder does makes it mandatory to have
all the records set at compile time. It is not suited well for applications
that have to publish/unpublish or change records in runtime, e.g. data
received from the network.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
Zephyr's DHCPv4 server does not implement persistent storage of address
leases. In result, all leases are lost on reboot, which can cause
delays with clients starting in INIT-REBOOT state and thus sending
(potentially several) Requests before attempting full Discover-Request
procedure.
Add option to override RFC defined behavior, which states that if we
don't recognize the client sending the Request, the server shall remain
silent. Enabling that option allows the server to send NAK reply in case
client is not recognized, informing the client it should proceed with
full procedure.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
RFC6842 updated RFC2131 in terms of including client ID option in
responses sent from the server. According to that RFC, the server MUST
include the client ID option in Offer/Ack/Nak replies, if it was
provided by the client.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case ACK from the server was lost, we'd not reply Request
retransmissions, as the lease state is already in allocated state on the
server side. Therefore we also need to allow to reply with ACK in such
case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
5 seconds turned out to be too short timeout in case retransmissions
kicked in at DHCP level, hence increase the timeout.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The function inteval_timeout() was missing "r", the function
should be called interval_timeout()
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Zperf upload multicast always use default interface.
Zperf download multicast cannot receive packets from other than
224.0.0.1 which is default multicast group.
Add zperf upload/download option -I <interface name> for multicast.
So that user can select interface for multicast.
Add join multicast group for zperf download.
Use the "device list" command to get the interface name as
follows:
"- ua (READY)" #uAP interface name
"- ml (READY)" #STA interface name
Multicast traffic commands:
zperf udp upload -a -I ua 224.0.0.2 5001 10 1470 1M
zperf udp download -I ua 5001 224.0.0.3
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
In order to reduce dns resolve requests when using the dns
resolver an optional cache was introduced. This cache
retains query requests for the TTL duration and therefore
prevents premature refetching of DNS RRs.
Signed-off-by: Carlo Kirchmeier <carlo.kirchmeier@zuehlke.com>
Implement the ALPN Support for Mqtt Library allow mqtt to have
ability to utilize ALPN for connect to server that support ALPN, such
as AWS IoT Core
Signed-off-by: sukrit buddeewong <sukrit.omu@gmail.com>
For command zperf udp download 5001 192.168.10.1,
zperf will bind both ipv4 and ipv6 sockets on ipv4 address.
But bind ipv6 socket will fail, thus command return fail.
Fix it by check ip address when zperf download.
For ipv4 address only bind ipv4 socket.
For ipv6 address only bind ipv6 socket.
For unspecific address bind both ipv4 and ipv6 sockets.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
On some content-types, it might be impossible to
send strings with size of zero.
Therefore empty URI should also allow cases
where strlen() is zero.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
With recently introduced DNS retransmission mechanism, a certain bug
could occur when calculating query timeout.
If the time until the final DNS timeout (as indicated by
CONFIG_NET_SOCKETS_DNS_TIMEOUT) was less than 1 millisecond, the actual
millisecond timeout value was rounded down, resulting in 0 ms timeout.
This in order was interpreted as invalid argument by dns_get_addr_info()
function, so in result, instead of reporting query timeout, the function
reported invalid argument error.
Fix this by rounding the millisecond timeout up, instead of down, so
that in any case, if the final timeout is not due, we always provide
non-zero timeout to dns_get_addr_info().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Rework TELNET shell backend to use socket API for communication and
socket service library for socket monitoring.
Additionally, rework the TX part so that non-blocking TX is used when
sending from the system work queue. In case transfer is not possible at
the moment, the TX work is rescheduled instead of blocking the system
work queue.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Socket service pollfd count should not exceed the configured
NET_SOCKETS_POLL_MAX limit, as poll() will not be able to monitor
sockets beyond that limit anyway. Adding +1 there prevented the library
from catching the configuration error.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When we receive the subnet mask option from the server, we
cannot yet set the netmask to the network interface as the
mask is tied to the IP address we received from the server.
We need to delay the setting of netmask until we have added
the requested IP address to the interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In case the LL address is not set on a packet for any reason, don't try
to access address structure to determine packet type.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In iperf2, for multicast data, if it is a client, it will not wait for
the server's AckFIN packet. Because the iperf2 server will not send an
AckFIN packet.
So in zperf_upload_fin(), an error will occur when the zperf client
waits for the server's AckFIN packet.
Multicast only send the negative sequence number packet and doesn't
wait for a server ack can fix this issue.
Signed-off-by: Gang Li <gang.li_1@nxp.com>
The count stack variable is also used when CONFIG_NET_L2_ETHERNET_MGMT is
enabled. Make sure it is available.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
If getaddrinfo() is called with a long DNS timeout, then split
the timeout to smaller pieces with exponential backoff. Reason
for this is that if a DNS query is lost, then we do not need
to wait for a long time to find it out.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
DTLS socket should be able to combine more than one message into a
single datagram when calling sendmsg().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In certain scenarios, it may be necessary to get values of additional
options from the application layer. With this patch, this can be
accomplished by registering a callback with the DHCP client.
This change has been tested using the posix build in qemu.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
Nearly all other code places for k_thread_entry_t also keep
unused params in place to stay compatible with k_thread_entry_t.
Signed-off-by: Florian La Roche <Florian.LaRoche@gmail.com>
Fixes two bugs:
* When a notify is executed before any observers are added, the age is
incremented from 0 to 1. When an observer is registered, the age is not 0
as expected, causing the age to be 1 instead of the expected 2
* The check if a message is newer than the last received one is described
in RFC7641, section 3.4. Simply incrementing age will not comply to what
the RFC describes once the value wraps around. This is now fixed
Signed-off-by: Sibert Declercq <sibert.declercq@basalte.be>
Convert various networking subsystem files to use ARRAY_FOR_EACH
macro to make the looping more robust.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The netmask should be tied to the IPv4 address instead of being
global for the network interface.
If there is only one IPv4 address specified to the network interface,
nothing changes from user point of view. But if there are more than
one IPv4 address / network interface, the netmask must be specified
to each address separately.
This means that net_if_ipv4_get_netmask() and net_if_ipv4_set_netmask()
functions should not be used as they only work reliably if there is
only one IPv4 address in the network interface.
The new net_if_ipv4_get_netmask_by_addr() and
net_if_ipv4_set_netmask_by_addr() functions should be used as they make
sure that the netmask is tied to correct IPv4 address in the network
interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Net MGMT mask should be fully configured first, prior to be used to
initialize and add the callback.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As for adding an ipv6 address, removing one should return the same error
code when the network interface is not found.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
It's an optional support, and it should not select it by default.
Improving information message in case such support is disabled.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
The zperf received or sent bytes length and duration are in 32bits,
if running long-duration zperf test more than 20min, the value will
overflow, and the test result is wrong. Change it to 64bits can fix
this issue.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
When the zperf command is called with '-S' option which means IP_TOS
for IPv4 and IPV6_TCLASS for IPv6, an error is printed and the
setting does not work. The socket option handling was changed by
commit 77e522a5a243('net: context: Refactor option setters'), but the
callers of option setters were not changed. This causes the IP_TOS
or IPV6_TCLASS option failed to set. The fix is to use uint8_t to
store the value of the -S option.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Allow the use of the NTP server address, set by
dhcpv4 option, by the net_init_clock_via_sntp function.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
It was an overlook to return 0 on TLS send() call, after detecting that
TLS session has been closed by peer, such a behavior is only valid for
recv(). Instead, an error should be returned.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Return error to the caller if no data was received or there
was some other error. Earlier we did not check the error
condition properly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We select sockets service API in Kconfig but should select also
sockets API so that user does not need to set the sockets API separately.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "net sockets" command did not print network management
socket information properly but claimed that the socket
was IPv4 one which it is not.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The net_mgmt socket does not support poll() or fcntl(), so
return EOPNOTSUPP error if user tries to use those functions
for AF_NET_MGMT type socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Check the value of net_dhcpv4_add_option_callback()
and net_dhcpv4_remove_option_callback() explicitly.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
Apply ranges to DHCPv4 server timeout Kconfig options, so that it cannot
be set to a negative value by mistake.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case conflict is detected (either due to receiving Decline message or
due to ICMP probe getting reply), the conflicting address becomes
blocked for further use.
Although the RFC is not specific about how long should the address be
blocked, it make sense to implement some fallback mechanisms to reuse
blocked addresses in the server, otherwise, after longer period of
operation, it may run out of usable address.
This commit adds a timeout for declined addresses, so that by default
the address is marked back as "free" after 24 hrs (default lease time).
It also implements a mechanism, which allows to re-use the oldest
declined entry in case the server runs out of fresh addresses to assign.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It is possible that the `sh` was not set before use.
This change adds a NULL check for `sh` in the following macros:
PR, PR_SHELL, PR_ERROR, PR_INFO, and PR_WARNING.
In case `sh` is NULL, the above macros will call `printk` instead.
Fixes#68793
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Add a command `net ipv4 gateway` that allows
setting IPv4 gateway for an interface from net shell.
Signed-off-by: Mateusz Karlic <mkarlic@antmicro.com>
Add CONFIG_NET_SOCKETS_DTLS_MAX_FRAGMENT_LENGTH for limiting
the Maximum Fragment Length (MFL) for DTLS with Mbed TLS.
This is needed when MBEDTLS_SSL_OUT_CONTENT_LEN and
MBEDTLS_SSL_IN_CONTENT_LEN are set to larger values than the MTU
of the network and IP fragmentation is not supported.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
Make sure that socket service is started earlier than
config library. This is enforced in config libs init.c
but set the default value here too.
The reason for this is that the config library might need
to start dhcpv4 server which needs socket service to work,
so the ordering is important here.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the CONFIG_NET_SOCKETS_POLL_MAX is smaller than what is needed
for the socket service API to work properly, then we should not
start the service thread as the service API cannot work and might
cause memory overwrite in ctx.events[] array.
Fixes#69233
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
There's not much to be done in case waking up the server thread with
socketpair send() fails, but at least we can log an error on such event
(to please coverity).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The Imax_abs value should be printed using %u instead of %d
as it can be large and should be printed as positive value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add COAP_RESPONSE_CODE_TOO_MANY_REQUESTS to coap_header_get_code(). CoAP
4.29 response code for "Too many requests" is defined in coap.h but was
missing from the list of cases, resulting in a 0 being returned instead
of the proper code.
Signed-off-by: Mike Szczys <mike@golioth.io>
Changed poll to perform incoming data check with connected
DTLS connections. This allows the CONFIG_NET_SOCKETS_DTLS_TIMEOUT
to timeout the connections to server socket if there is no
incoming data.
Previously, if the remote client closed the DTLS connection without
close notify, the timeout of the ongoing connection only happened
when next connection was taken to the server socket. Depending on
the timeouts, this could prevent the next connection from succeeding.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
If recvmsg() does not update control data, then it must
set msg_controllen length to 0 so that the caller can
understand this.
Fixes#68352
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In case zperf session was aborted by the user (by for instance stopping
it from shell), or practically in case of any other
communication-related error, the zperf session could end up in a state
other than NULL or COMPLETED, with no way to recover. This made the
session no longer usable and eventually could lead to zperf being not
able to start a new session anymore.
Fix this by introducing zperf_session_reset() function, which resets the
session state back to defaults. The function is called when the zperf
receiver service is stopped.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The issues found for UDP receiver were also identified for TCP receiver,
this commit applies practically the same set of changes as in case of
UDP.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commit fixes restarting of UDP receiver service, along with some
other minor cleanups:
* The core issue was udp_server_running flag not being cleared when
service was stopped. Fix this by introducing udp_receiver_cleanup()
which does all of the required cleanups when receiver service is
stopped. The function is called either when the application stopped
the service with zperf_udp_download_stop(), or when the service was
stopped due to error.
* net_socket_service_unregister() was not called on
zperf_udp_download_stop(), but only from the service callback - that
would not work in case there's no active communication.
* at the same time, net_socket_service_unregister() would be called from
the service callback in case of errors. Fix this, by making
udp_recv_data() only return an error, and let the service callback to
do the cleanup.
* Remove no longer used udp_server_run semaphore
* Remove udp_server_stop - with socket services it seems no longer
needed.
* zperf_udp_receiver_init() now returns an error, so that we don't
mark the service as running in case of socket/services error.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add sockaddr member in struct net_pkt to store peer address if offloaded
network inteface is used. This enables recvfrom() to fill in src_addr if
socket type is UDP and offloaded interface driver supports it.
Signed-off-by: John Johnson <john.filip.johnson@gmail.com>
DHCPv4 server will send an ICMP probe (echo request) for the requested
address before replying with DHCP Offer, unless probing is disabled in
Kconfig.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
We cannot always start the service monitor thread statically
because the static threads are started after the application
level. This means that when config library wants to start
dhcpv4 server which uses socket services, there would be a
deadlock. Simplest solution is to start the service thread
directly from socket service init function.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Not only check if the address pool belongs to the same subnet as the
server, but also that it does not overlap with the server address -
otherwise the server might end up assigning its own address.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Adds an option to disable the automatic initialization of the default
dns_context. This lets applications use the default context, while also
managing the `init` and `close` functions.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
As discussed during DHCPv4 server integration, group DHCPv4 client files
with DHCPv4 server in a single lib directory.
Renamed internal "dhcpv4.h" header to "dhcpv4_internal.h" so that it's
not confused with the public "dhcpv4.h" header.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The net-shell printed virtual interface name so that it got
the impression it was the network interface name which is not
correct. Now the name is printed as "Virtual name" which is
unambiguous.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The ratio between mbps and kbps, kbps and bps should be 1000, instead of
1024, as common sense.
The wrong ratio will decrease the Zperf throughput result.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
When ENABLED flag is used, we generate 32 byte DTLS
Connection Identifier and include that in our
DTLS Client HELO. This has no benefit as client only
has one connection toward the server, it does not need
any identification.
When SUPPORTED flag is used, we just include
zero length Connection Identifier in the handshake,
which tell server that we support Connection Identifier
and server can generate one for it.
We then use the CID in the packets that we send towards
server, but response packets don't contain any CID.
This gives all the benefit of CID as server is able to
identify us even when NAT mapping have changed.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Instead of relaying on those macros having been defined
somewhere else let's define them for this file.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Add macro that allows registration of initialization functions that
are called when LwM2M engine starts.
On LwM2M engine starts up, it first executes all initialization
functions in following priority order:
1. LWM2M_PRIO_ENGINE
2. LWM2M_PRIO_CORE, this is where all LwM2M core objects are initialized
3. LWM2M_PRIO_OBJ, this is where all other objects are initialized
4. LwM2M_PRIO_APP, application initialization.
Now on the initialization phase, we could rely that certain objects have
already been registered.
For example custom objects can register callbacks to core objects.
On application phase, we can initialize sensor objects and register
their callbacks because objects have already been initialized.
This LWM2M_ON_INIT() should replace all use of SYS_INIT()
with the default CONFIG_KERNEL_INIT_PRIORITY_DEFAULT.
Priority order is actually just alphabetical order of names, so
the order is set on a linkin phase, and we don't need any
runtime checking for it.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
If bootstrap fails, RD client will call lwm2m_engine_stop()
which will close the context.
The socket loop, however still contains a call to
hint_socket_state(context, NULL) which has a null pointer now.
Fix the segfault by allowing nullpointer on hint_socket_state().
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Implement DHCPv4 shell module, which allows to start/stop DHCPv4 server
operation, and print server status (address leases).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Increase socket services thread default stack size when DHCPv4 server is
enabled, as it uses synchronous processing.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add new kconfig CONFIG_LWM2M_QUEUE_MODE_NO_MSG_BUFFERING.
When enabled and device is sleeping, Reqistration Update
message is skipped and messages from send operation and
notifications are sent right away.
Reqistration update message is also skipped when
lwm2m_engine resumes from pause state.
Signed-off-by: Juha Ylinen <juha.ylinen@nordicsemi.no>
Get TLS_DTLS_CID_STATUS and TLS_DTLS_PEER_CID_VALUE utilize
mbedtls_ssl_get_peer_cid, which expects that mbedtls_ssl_setup
has been done.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
User is able to tweak the socket service dispatcher thread
priority in order to get better performance from the system
if needed. By default the dispatcher thread runs in lowest
application thread priority (K_LOWEST_APPLICATION_THREAD_PRIO).
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The thread name output field was a bit too short in "net sockets"
command, so make it 25 char long.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "net sockets" command was not checking if there is any
sockets in the system before trying to access them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The place where TF-M places its non-secure api header files has changed
Therefore changing it for for all applications that use it.
Signed-off-by: Markus Swarowsky <markus.swarowsky@nordicsemi.no>
If user has not supplied address pointer when calling accept(),
then we would not be able to figure out the used socket domain
properly. But as there is now SO_DOMAIN option supported, use
that to get the correct socket domain.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The getsockopt() will return the address domain of the given
socket like AF_INET or AF_INET6.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
gcc prints this warning message
'strncat' specified bound 1 equals source length [-Wstringop-overflow=]
58 | strncat(fd, "C", 1);
There was no error in the code but avoid the warning by not using
strncat().
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The socket service provides a similar functionality as what
initd provides in Linux. It listens user registered sockets
for any activity and then launches a k_work for it. This way
each application does not need to create a thread to listen
a blocking socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
According to the POSIX specification, null pointer
is a valid value for the `address` argument
of the `accept` function.
This commit adds a check to prevent a null pointer
dereference inside `z_impl_zsock_accept`.
Signed-off-by: Mirko Covizzi <mirko.covizzi@nordicsemi.no>
Adding a callback for handling lwm2m messages with prefixed paths defined
by the gateway object. If CONFIG_LWM2M_GATEWAY_OBJ_SUPPORT is set,
each path is checked for the prefix stored in the object instances of the
gateway object 25. If prefixes match the msg is passed to the gw_msg_cb.
Signed-off-by: Simon Walz <simon.walz@autosen.com>
lwm2m_engine_pause() caused deadlock if it was called within
engine thread.
Remove while loop from lwm2m_engine_resume().
Signed-off-by: Juha Ylinen <juha.ylinen@nordicsemi.no>
Add short delay before triggering registration update. This allows
postponing the update from application side if needed.
Signed-off-by: Juha Ylinen <juha.ylinen@nordicsemi.no>
DTLS socket is not really connection-less as UDP, as it required the
DTLS handshake to take place before the socket is usable. Therefore,
align the DTLS connect() behavior with regular TLS.
The change is backward compatible. connect() call is still optional for
DTLS socket (the handshake can still take place from send()/recv()) and
a socket option was provided to disable DTLS handshake on connect().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When using DTLS socket, the application may choose to monitor socket
with poll() before handshake has been complete. This could lead to
potential crash (as the TLS context may have been left uninitialized)
and unexpected POLLIN reports (while handshake was still not complete).
This commit fixes the above - POLLIN will only be reported once
handshake is complete and data is available
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case a socket error was caused by TLS layer, it was not reported with
POLLERR. This commit fixes this.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case TLS session is closed at the TLS level (and thus recv() reports
0 to the application) a certain race occurs between consecutive recv()
call, and TCP session teardown. As mbedtls_ssl_read() only reports
session close upon receiving CLOSE alert, consecutive non-blocking
recv() calls would report EAGAIN instead of connection closed, if called
before underlying TCP connection was closed.
Fix this, by storing the information that TLS session has ended at TLS
socket level. The new flag will be checked before attempting further
mbed TLS actions, so that connection status is reported correctly.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Make sure iovec is initialized to a value so that there
is no possibility that it is accessed uninitialized.
Fixes: #66838
Coverity-CID: 334911
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The original idea was to check that we have enough network
interfaces in the system. The check needs to verify max IPv4
and IPv6 supported interfaces instead of always checking
IPv6 one.
Fixes: #66843
Coverity-CID: 334899
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Refactored the socket state indication into its own function
that checks the state of TX queues as well as number of
pending CoAP responses.
Check the state after receiving a packet, as it might
have been a last Ack packet we have been waiting.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Deprecate lwm2m_set_u64() and lwm2m_get_u64 as only
LWM2M_RES_TYPE_S64 exist. Unsigned variant is not defined.
Technically these might have worked OK, but it is undefined
what happens to large unsigned values when those are
converted to various payload formats (like CBOR) that might
decode numbers differently depending of their signedness.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Allow engine to give hints about ongoing CoAP transmissions.
This information can be used to control various power saving
modes for network interfaces. For example cellular networks might
support release assist indicator.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
In slow networks, like Nb-IOT, when using queue mode,
there might be significant delay between the time we
put the packet into a transmission queue and the time
we actually start transmitting.
This might cause QUEUE_RX_OFF state to be triggered earlier
than expected. Remedy the issue by updating the timestamp on the
moment where packet is accepted by zsock_send().
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
In case a waiting TLS socket reports an error in the underlying poll
call, try to read the actual error from the socket, instead of blindly
returning -EIO in all cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
There are several subsystems and boards which require a relatively large
system heap (used by k_malloc()) to function properly. This became even
more notable with the recent introduction of the ACPICA library, which
causes ACPI-using boards to require a system heap of up to several
megabytes in size.
Until now, subsystems and boards have tried to solve this by having
Kconfig overlays which modify the default value of HEAP_MEM_POOL_SIZE.
This works ok, except when applications start explicitly setting values
in their prj.conf files:
$ git grep CONFIG_HEAP_MEM_POOL_SIZE= tests samples|wc -l
157
The vast majority of values set by current sample or test applications
is much too small for subsystems like ACPI, which results in the
application not being able to run on such boards.
To solve this situation, we introduce support for subsystems to specify
their own custom system heap size requirement. Subsystems do
this by defining Kconfig options with the prefix HEAP_MEM_POOL_ADD_SIZE_.
The final value of the system heap is the sum of the custom
minimum requirements, or the value existing HEAP_MEM_POOL_SIZE option,
whichever is greater.
We also introduce a new HEAP_MEM_POOL_IGNORE_MIN Kconfig option which
applications can use to force a lower value than what subsystems have
specficied, however this behavior is disabled by default.
Whenever the minimum is greater than the requested value a CMake warning
will be issued in the build output.
This patch ends up modifying several places outside of kernel code,
since the presence of the system heap is no longer detected using a
non-zero CONFIG_HEAP_MEM_POOL_SIZE value, rather it's now detected using
a new K_HEAP_MEM_POOL_SIZE value that's evaluated at build.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update coap_service_send and coap_resource_send to take an optional
pointer argument to the newly introduced coap_transmission_parameters.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Replace function parameter 'retries' with pointer to structure
holding coap transmission parameters. This allows setting the
retransmission parameters individually for each pending request.
Add coap transmission parameters to coap_pending structure.
Update migration guide and release notes.
Signed-off-by: Juha Ylinen <juha.ylinen@nordicsemi.no>
Use correct format specifier for LOG_ERR in lwm2m_obj_device.c. The
previously used format specifier of %u was correct for 32 bit systems
but would produce a build warning for 64 bit systems.
Fixes#66441
Signed-off-by: Daniel DeGrasse <daniel.degrasse@nxp.com>
As the common.h is only meant to be used by the network
shell files, rename it to be more descriptive in order to
avoid possible conflicts with any other common.h file.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add new functions to the public CoAP API to configure CoAP packet
retransmission settings. Application may need to re-configure the
settings for example when cellular modem changes connection from
LTE-M to NB-IoT or vice versa.
Signed-off-by: Juha Ylinen <juha.ylinen@nordicsemi.no>
When a TCP connection is established, if there is no data exchange
between the two parties within the set time, the side that enables
TCP Keep-alive will send a TCP probe packet with the same sequence
number as the previous TCP packet. This TCP probe packet is an empty
ACK packet (the specification recommends that it should not contain
any data, but can also contain 1 nonsense byte, such as 0x00.). If
there is no response from the other side after several consecutive
probe packets are sent, it is determined that the tcp connection has
failed, and the connection is closed.
The keep-alive default parameters are aligned with Linux defaults.
Signed-off-by: Horse Ma <mawei@coltsmart.com>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If observed resource was written during the pMin period, it did
not schedule any wake-up event into the future. Notify message would
then only be generated as a result of any other (like Update) event.
Refactor check_notifications() to follow same pattern as retransmit_req().
Return the next event timestamp, which could be now.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
SNTP response is not analyzed for uncertainty, and no uncertainty is given
to the `struct sntp_time` returned. Fix it with a Kconfig option that adds
optional SNTP uncertainty and timestamp fields in SNTP time struct, and
calculates these when parsing the response.
Adds two helper functions to convert Q16.16/Q32.32 in seconds to `int64_t`
in microseconds to facilitate this.
Also changes combined `lvm` field in `struct sntp_pkt` to bit-fields
`li`, `vn`, and `mode`.
Signed-off-by: Jasper Smit <git@jrhrsmit.nl>
This reverts commit 5227f24815.
The coap observer events will be replaced with net_mgmt events.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
A device can be reset before the error code list is communicated
to a LwM2M server so optionally store error list in settings so it
can restored after reset.
Signed-off-by: Nick Ward <nix.ward@gmail.com>
If server registration fails, allow fallback to secondary server,
or fallback to bootstrap.
Also allow fallback to different bootstrap server.
Add API to tell RD client when server have been disabled by
executable command.
Changes to RD state machine:
* All retry logic should be handled in NETWORK_ERROR state.
* New state SERVER_DISABLED.
* Internally disable servers that reject registration
* Temporary disable server on network error.
* Clean up all "disable timers" on start.
* Select server first, then find security object for it.
* State functions return void, error handling is done using states.
* DISCONNECT event will only come when client is requested to stop.
* NETWORK_ERROR will stop engine. This is generic error for all kinds
of registration or network failures.
* BOOTSTRAP_REG_FAILURE also stops engine. This is fatal, and we cannot
recover.
Refactoring:
* Server selection logic is inside server object.
* sm_handle_timeout_state() does not require msg parameter. Unused.
* When bootstrap fail, we should NOT back off to registration.
This is a fatal error, and it stops the engine and informs application.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
React to disable executable, as well as add callback that allows
disabling server for a period of time.
Also add API that would find a next server candidate based on the
priority and server being not-disabled.
Move all server related functions into its own header.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Zephyr has its own multicast join/leave API but for
interoperability, it is possible to use the multicast
socket API and IPV6_ADD_MEMBERSHIP and IPV6_DROP_MEMBERSHIP
socket options.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Zephyr has its own multicast join/leave API but for
interoperability, it is possible to use the multicast
socket API and IP_ADD_MEMBERSHIP and IP_DROP_MEMBERSHIP
socket options.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We are creating a multicast address in mDNS or LLMNR
responder so set the TTL or hoplimit using the multicast
variant API.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We specifically set TTL/hoplimit to 1 for LLMNR,
but only want to set it if in that specific case.
We must not pass TTL/hoplimit value 0 as that would
cause the packet to be dropped.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The IPv4 TTL could only manipulated via net_context interface.
It makes sense to allow the same from socket interface via
the setsockopt/getsockopt calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
