This will be needed for Thread/MLE.
Change-Id: Ib421da66cfc4da8111ff131f08cac74a11674928
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
These requests are used to set/get the key, the mode and the level of
the IEEE 802.15.4 link layer security.
Only implicit key mode is supported for now.
Change-Id: Ifbc9a5d08f9fbf0d51d6c3e4b650cfdce3d263db
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Initialize the ciphers.
Once the header is parsed and validated, we get all the necessary info
to decrypt the frame properly.
Change-Id: I3142fa572c7566b40efe18cf9d4e3f2b4bce0612
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
It's not only about decrypting and authentifying but also setting the
right frag's length after that.
Change-Id: Ifc766b212b37d4e3593c210f6646ee85dff2ab6d
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Take into account the current security context to compute the header
size.
Provide the function to fill-in the aux security header in a frame.
Finally, call the generic encryption function which will process the
frame relevantly according to the given security context.
For now, only implicit key mode is supported.
Change-Id: I5412c32179e70217c0946b1b54d9a752375d522f
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This provides the means to authentify with/without encryption or
decryption of a frame following a generic 15.4 security context.
Change-Id: Ia5dbb7f43936a8131112fe4b16c9780e30f904c1
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Some call use a boolean for it, and since it's supposed to be 1 or 0
let's ask for a boolean always.
Change-Id: If4fbe5d58d5c25fb2a86719435c59af53ea02445
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
When applying security, there will be needs for accessing payload as
well, thus providing the whole frag directly instead of a data pointer
on the ll part.
Change-Id: Ia97a1f07f2a12fc5cdf085c3cc6350d50b419cae
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This will ensure basic auxiliary security header fields are relevantly
filled-in as well as moving the parsing buffer pointer to the right
position for further parsing.
Change-Id: Ib09e312add783b13bf8b59a81a2ffe64eb6f8dc2
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
These will be used to parse and create 802.15.4 frames with security
enabled.
Change-Id: Icad214c8d7aa658b8483bf601b091b266e1b8d77
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If the destination IP address is one of our own address,
then reroute it back to us.
Jira: ZEP-1966
Change-Id: I8b93fc5425f3f18b0b9e85ca9a57cb122129c47f
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The fields in "net conn" output were unaligned and looked
generally very ugly.
Change-Id: I56b29982d4f6b984405944d155bbb6c682383318
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
It is possible that CONFIG_NET_CONTEXT_NBUF_POOL is set but
application has not defined any pools. In this case the tx and
data pool pointers will be NULL in net_context struct and we
must use the default pools instead.
Change-Id: I286f34c87d9182aace71e0a61f038945810e4916
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The default timeout (4 min) is very long. Allow tweaking the
value via Kconfig option.
Change-Id: Iddfd48b96f3612b9bba7caa4d64357505df9644d
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Match neighbour with link layer address. And get RPL parent with
matching ll address. DAG id different which is prefix based address
from the parent.
Change-Id: I75ecdfa7aa63da210676a3f44b8510d24c38d1d5
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Let intermediate node reply DAO ACK only if it can not forward original
DAO messages to it's parent. If DAO forwarding is success let the final
parent sends DAO ACK.
Change-Id: I14ff9b5b110a639cad6415741dde71c2cdd222ef
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
DIO message suboptions can contain PAD1, PADN, Metric container,
Routing information, DODAG configuration and Prefix information.
Right now we are not skipping PADN and unknown options payload.
Change-Id: I43557962784f68a223ea209eae5ca0367a3d5410
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
DAO message suboptions can contain PAD1, PADN, Target, Transit
and Target descriptor. Right now we are not skipping PADN and
Target descriptor payload.
Change-Id: I89a9c3cb59de5397d1430f0fa5de95beee193880
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Parse DAO ACK from parent and analyze it.
Change-Id: I2394bd5e339ff00c87b9b4835dd5a21e2bafb2e5
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Indentation is wrong for few options. And few options does not
properly aligned.
Change-Id: Ib4a8a90a17fd20ddd16ec6f29558eb937f035bb9
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Earlier net_nbuf_copy() mangled the original buffer. So cacheing
src and dst address was necessary. Now original buffer does not
get affected by net_nbuf_copy() call. Cacheing is not required.
Change-Id: I25f60bc6db2a75612e562e56024d4459478d80b4
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Do not call callback if destination ll address is not set. This
happens when dst is multicast or broadcast.
Change-Id: I34dda92799a987d9cff031dc97f4a01b94437561
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
There is no transition from tentative state etc... It should directly go
to preferred.
This is fixing ND processing when DAD is disabled: source address was
never set, as tentative state is not a valid in
is_proper_ipv6_address().
Change-Id: I6f0a0fdd99dd13d28849f9749f89ec21fdd370d8
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Add "net dns <hostname> [A | AAAA]" command support that can be
used to query IPv4 or IPv6 address for a given host name.
Change-Id: I86b2258efa994a67163f9b3b340f44d65767f11b
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the config file contains DNS server addresses, then
configure the DNS resolver to use them.
Change-Id: Ie7f2bdcf7ac4bb7ee0ecf7fb5b7bd2df3379cdc3
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit introduces a generic DNS resolving API that can
be used by applications. Later commits will introduce a system
level DNS support which simplifies the DNS resolving so that
DNS server names can be given from config file.
Change-Id: I60fbc81e2a44928d2ca53d51e703b9cde222b382
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Length parameter was always useless, only used in debugging, so that can
be removed.
Change-Id: If597f424840f37955202fa5fe827dd992e4cf776
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Thus the ping command is more user-friendly: at least user knows the
ping got a reply or not.
Change-Id: I740a2f77d288f6287ac04c908f3d517a49df57d2
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As it is done for ICMPv6. This will prove to be useful for implementing
an echo reply handler in a ping for instance.
Change-Id: I969a1da60f2a4ea59eee5c9983eb6e340923e2ef
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
net_addr_pton always returns -EINVAL in case of error, so let's play with
it to factorize the code.
net_icmpv<4/6>_send_echo_request always returns -EIO in case of error.
Change-Id: I89e5ccd4b936701f7dad194089dda845fab5d738
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Refining the names around IPv6's neighbor states to differentiate them
easily from any net_nbr related names (which are not tighten to IPv6).
Change-Id: Ibc24df2a9485477a53fe5fe1c8f993f0fcd91635
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Probably some refactoring left-over.
Change-Id: I9715441a54b2e675135ce4072651dcead3216d3b
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
We incorrectly changed the state from FIN_WAIT_1 to CLOSE_WAIT.
This caused ACK be sent in CLOSE_WAIT state when the connection
was closed by peer. Sending ACK in this state is not allowed
according to RFC. The connection was still closed but slightly
wrong way.
Jira: ZEP-1961
Change-Id: Ie4aa6818128d4190230b679e26ac9630c7d45d69
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
User can open a TCP connection (just one at a time) by
using "tcp connect <ip> port" command.
Data can be sent by "tcp send <data>" command.
Connection can be closed by "tcp close" command.
Change-Id: I75aedd873a30575a6f742926b716afb7dbbfb92b
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
No functionality changes, use separate variable so that we do
not need to do big-endian conversion multiple times.
Change-Id: I8874b427bd39dfa2d952034a2623c47544a644fc
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If IPv6 router is added, then NET_EVENT_IPV6_ROUTER_ADD event
is generated. When router is removed, NET_EVENT_IPV6_ROUTER_DEL
is then generated. This is useful info if we want to have a generic
connectivity to outside of our local network.
Change-Id: Ia03958a071ceb998127894025c99ab72a8b648d5
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If the bind port is set to 0, then return the real bind port and
show it in the debug print.
Change-Id: If75b52bdacfc916329222d0d9e8aa4669e7a7160
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This is part of a patch series to decouple TCP/IP offload, which
currently occurs at the transport layer (L4), from the data link
layer (L2).
- Rename struct net_l2_offload_ip to struct net_offload
- Rename struct field offload_ip to just offload
- Rename include/net/offload_ip.h -> include/net/net_offload.h
Change-Id: I3cd891c2b13e0e8f3ad1c66264f90b5031ae17c2
Signed-off-by: Gil Pitney <gil.pitney@linaro.org>
This is part of a patch series to decouple TCP/IP offload, which
currently occurs at the transport layer (L4), from the data link
layer (L2).
This patch simply renames the NET_L2_OFFLOAD_IP Kconfig variable
to NET_OFFLOAD.
Change-Id: Ic8b1d004cbac09b7c636475aaed75b0a31e4be1c
Signed-off-by: Gil Pitney <gil.pitney@linaro.org>
When route not found try with default router if it exists. Consider
default router as nexthop. If default router also does not exist
then drop the packet.
Change-Id: I56cc9e4a1432fc25687cbaea600bfe9cf5b1d51e
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
No memory leak but debug prints shows buffer dropped due to
NET_DROP verdict. Added TODO comments to support DAO ACK.
Change-Id: I32deb2e1d2eea98f19ef26ad429ba8d03ae13751
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When an intermediate node received DAO message, it should forward it
to its parent (if exists) and it ack to orignal DAO sender. But
dao_forward() function steals frag chain from original buffer. Src
and dst address pointers to original buffer are not valid to
continue in dao_ack_send. So cache them for DAO ACK.
Change-Id: I3a4df4837a133afe4e2badb183f729c37d267f63
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When DAO message is required to be forwarding to a parent addr,
only frag chain and iface is considered. But for newly created Tx buf
other metadata also required. In this particular case setting
inet type, ip header length. Also update checksum as dst address
is changed.
Change-Id: If0e0a52e943db66be4aeecb6d0e3b9d7c3f04f58
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Path lifetime exists at 6 byte in RPL Transit information. So after
type and option length 3 bytes should be skipped to read lifetime.
Change-Id: Ic90c3bd75e3c7c63ffe9be27c0d206fc8fd58604
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
NET_RPL_DAO_ACK Kconfig option was missed. subsys/net/ip/rpl.c has
functionality of this option. By default it is disabled. Enable it
if you want to know the status of DAO message.
Change-Id: If5ed86c9c8c6c62991fc92d2f1e2a35331811356
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If DAO message is not inteded to destination node then
intermediate node will forward original message with final
destination address. But verdict not passed properly.
Change-Id: If61c7b683b55b24b68f5235d0eee5ed60b611aef
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Unref the buffer if net_context_sendto() fails to send.
Change-Id: Iaae81f3044ad7197974493018b873bb76b2c0760
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Two size_t variables were printed using %d which gave warning
if RPL debugging was enabled.
Change-Id: I6bc135c76a31da304e94af34ecd571163ddf2a0e
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Selecting RPL will need to enable NBR cache support,
it is not enough just to select IPv6.
Change-Id: I8162497111354d0fa9e44564fa5cc5ee46110b96
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
