As the DNS might listen to multicast addresses (like in mDNS) in
different network interfaces, make sure to check the network
interface index when registering the dispatcher context. This
allows two mDNS registrations to more than one network interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
System lists are not thread safe, therefore all accesses should be
protected with a mutex. Introduce a LwM2M context specific mutex,
and use it whenever lists defined per-context are acessed.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The LwM2M message allocation was not thread safe, i. e. the message was
acquired by setting the ctx pointer, and it was freed by clearing the
entire message structure.
If preemptive threads were enabled, and memset() clearing the message
content was preempted, the message structure being currently zeroed
migh've been allocated and initialized by some other thread. If the
thread releasing the message resumed work, it would continue clearing
the freshly allocated and initialized message structure.
In order to prevent this, introduce a new global mutex for the lwm2m
engine global variables. The mutex is used when LwM2M message is
allocated/deallocated. This will prevent reallocating the message
during the release process.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add EAP-TLS, EAP-PEAP-MSCHAPv2, EAP-PEAP-GTC, EAP-TTLS-MSCHAPv2,
EAP-PEAP-TLS, EAP-TLS-SHA256 enterprise wpa2 and wpa3 suiteb
support for station.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
If AP indicates the presence of buffered traffic, then it is up to the
STA to decide whether to stay in PS or come out of PS, add configuration
options that can be used at runtime to choose this.
This is tagged as "noup" because it's a backport and "fromlist" cannot
be used as it won't apply cleanly.
Signed-off-by: Ajay Parida <ajay.parida@nordicsemi.no>
Add igmp.h file to declare definitions for IGMP that are not meant te be
included by the application but can be used in e.g. tests.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
According to RFC2236 section 2.5, the IGMP message may be longer then 8
bytes. The rest of the bytes should be ignored.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
The header length of the net ip packet was calculated using only the
net_pkt_ip_hdr_len function. The correct header length should be
calculated by adding net_pkt_ip_hdr_len and net_pkt_ipv4_opts_len. This
resulted in an incorrect IGMP version type in case of IGMPv2 message
(when IGMPv3 was enabled). The IGMP message was not parsed correctly and
therefore dropped.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
MbedTLS specifically checks for null-terminator, else it skips PEM
format processing and tries to parse it as DER causing parsing failures.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
This creates a websocket based shell backend that is used to
implement a websocket console that can be connected using a browser.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The 11v_btm_query shell command was calling parse_number() using
a pointer to uint8_t. This will cause memory overwrite and possible
crash. Convert to use long temporary value to avoid this.
Fix also the output prints in case of an error.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Rework the wifi-shell code so that external subcommands can be
bolted into it easily. This means that the commands should be
created using SHELL_SUBCMD_ADD().
Place the various subcommands in alphabetical order to find them
more easily.
Split long lines in order to pass CI checks.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Two ethernet capabilities were missing. Added them to allow
the 2.5G and 5G strings to appended.
Signed-off-by: Christoph Seitz <christoph.seitz@infineon.com>
CONFIG_ZVFS_POLL_MAX is now used to control the maximum number of poll()
entires. Thereby, CONFIG_NET_SOCKETS_POLL_MAX is redundant and shall
be deprecated.
Modify the defaults for NET_SOCKETS_POLL_MAX and ZVS_POLL_MAX so that
the deprecation actually makes sense instead of symbol removal. In case
the application still sets the old config, it will modify the
ZVS_POLL_MAX default.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Move the implementation of zsock_select() to zvfs_select(). This
allows other types of file descriptors to also make use of
select() functionality even when the network subsystem is not
enabled.
Additionally, it partially removes a dependency cycle between
posix and networking by moving functionality into a mutual
dependency.
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Move the implementation of zsock_poll to zvfs_poll. This allows
other types of file descriptors to also make use of poll()
functionality even when the network subsystem is not enabled.
Additionally, it partially removes a dependency cycle between
posix and networking by moving functionality into a mutual
dependency.
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
msghdr_non_empty_iov_count() is used by TLS sockets too therefore should
be available regardless of native IP sockets being enabled or not.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
IPv6 based interface lookups doesn't require native IP stack support,
hence reflect that in the API.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Remove the `work_q` parameter from `NET_SOCKET_SERVICE_SYNC_DEFINE` and
`NET_SOCKET_SERVICE_SYNC_DEFINE_STATIC` as this feature was dropped
during review but the removal was not 100% complete.
Signed-off-by: Jordan Yates <jordan@embeint.com>
IPv6 MLD API was so far defined in an internal header. This does not
seem correct though, as application code should be able to join/leave
multicast groups, hence the API should be exposed in a public header,
just as it is done for its IPv4 countepart - IGMP.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case CONFIG_DNS_RESOLVER_MAX_SERVERS is larger than the actual number
of DNS servers configured, some server entries may be left
uninitialized. The dispatcher needs to take this into account, otherwise
it may cause memory corruptions.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Extend the `coap_transmission_parameters` struct with the field
`ack_random_percent`. This was the last remaining CoAP transmission
parameter that was not configurable at runtime.
Signed-off-by: Adrian Friedli <adrian.friedli@husqvarnagroup.com>
In case WPA supplicant disabled DPP, we need to compile out the
corresponding DPP code in Wi-Fi shell too.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The `cmd_wifi_dpp_ap_auth_init` function was added but is not yet
aligned with others.
This update enhances consistency with the following changes:
- Unified the order of declaration for `opt`, `opt_index`,
`state`, and `long_options`.
- Wrapped lines in the `long_options` declaration to prevent them
from extending too far to the right.
- Applied `struct option` as `static const`
- Unified the wrapping of `getopt_long` calls, regardless of
the length of the `options` string.
- Using `getopt_state` to access `optarg` and also `optopt` offers
a better alternative to direct global access.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
GCC 12.2.0 can give this warning (version 11.4.0 did not), when
CONFIG_SPEED_OPTIMIZATIONS=y
subsys/net/lib/http/http_client.c: In function 'http_send_data.constprop':
subsys/net/lib/http/http_client.c:114:33: warning: 'strncpy' specified
bound depends on the length of the source argument [-Wstringop-truncation]
114 | strncpy(send_buf + end_of_send,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
115 | data + end_of_data,
| ~~~~~~~~~~~~~~~~~~~
116 | remaining);
| ~~~~~~~~~~
subsys/net/lib/http/http_client.c:87:41: note: length computed here
87 | remaining_len = strlen(data + end_of_data);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
The code properly checks that we do not overwrite the destination
buffer even if we use the source buffer length to determine how much
to copy. One possible fix is to use memcpy() or strcpy(), I opted
to use memcpy() because it has the length option which feels more
natural.
Fixes#79326
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The size of the output array for the find call in resolver
is invalid: expected array size while overall memory size
provided. As the latter is bigger there is a high probability
of memory overwrite occurring on the stack.
Signed-off-by: Krzysztof Bartnicki <krzysztof.bartnicki@embevity.com>
Use security mode (PSK or X509) to detect if we should
set the socket option to verify hostname.
PSK security mode cannot verify hostnames as this information
is coming in the certificate, so don't set the options.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Macros with flow control are discouraged and generate compliance error,
hence remove it and replace the corresponding code with simple errno
assignments.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Net offloading doesn't need net TC threads to be enabled as they're used
by the native stack. This fixes build if CONFIG_NET_OFFLOAD is enabled
but native stack is disabled.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case NET_NATIVE is disabled, certain network stack components do not
need to be compiled. Otherwise, they could throw errors if
--no-gc-sections compiler options is enabled.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Native IP socket implementation need only be build if native IP stack is
enabled. Therefore, split the native IP sockets from the common socket
syscalls shared across all socket implementations.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Fix the following compilation warning given when using newlibc:
warning: 'response_truncated' may be used
uninitialized [-Wmaybe-uninitialized]
Issue is not seen with picolibc.
The variable was introduced as part of PR #76257
Signed-off-by: Tommi Rantanen <tommi.rantanen@nordicsemi.no>
The stack size for the event_mon_stack task may need to be larger than the
default 1024 to avoid crashes. It should be configurable through Kconfig
so that source code doesn't need to be modified to increase it.
Signed-off-by: Dave Rensberger <davidr@beechwoods.com>
Not all offloaded network stacks support this socket option so
control it using a Kconfig CONFIG_COAP_CLIENT_TRUNCATE_MSGS,
and enable it by default.
Signed-off-by: Pete Skeggs <peter.skeggs@nordicsemi.no>
The dispatcher table needs to be large enough to have support
for all file descriptor values.
Fixes#79042
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This allows downstream modules to overwrite the default log level choice
using Kconfig.defconfig files.
For example, this becomes possible:
```
choice LWM2M_LOG_LEVEL_CHOICE
default LWM2M_LOG_LEVEL_WRN
endchoice
```
In contrast to the configuration method, this then has an effect on all
applications stored in the downstream module.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
A null check for the TCP connection `conn` was added at the start of
the function, but the previous checks were not removed, leading to
a redundant null check, which is unnecessary.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
The http_client_req() function's timeout parameter is allowed
to be SYS_FOREVER_MS. However, K_MSEC() does not convert this
to a proper k_timeout_t, so sys_timepoint_calc() ends up
returning 0, which is causes immediate timeouts.
Check for this case specifically and force value passed to
sys_timepoint_calc() to be correct.
Signed-off-by: Pete Skeggs <peter.skeggs@nordicsemi.no>
This commit makes sure we continue to wait for extra confirmations even
after the request is done so we can handle duplicate confirmations if any.
Detailed description:
rfc7252#section-4.5 specifies that:
"The recipient SHOULD acknowledge each duplicate copy of a
Confirmable message".
So if, for example, the client sends to a multicast destination address,
the server will get multiple requests and will confirm all of them.
Without this commit, the client will set the request to done after
receiving the first answer.
From here the request object will be marked as free and the duplicate
acknowledgements will stay buffered in the network stack.
Once the client tries to send a new request, it will unbuffer those
duplicate acknowledgements but now the request object is unallocated
so the client won't be able to handle those acknowledgements as duplicates.
It will instead treat it as an unexpected ACK.
To work around this issue, rfc7252#section-4.8.2 states that:
"EXCHANGE_LIFETIME is the time from starting to send a Confirmable
message to the time when an acknowledgement is no longer expected,
i.e., message-layer information about the message exchange can be
purged."
Keeping the request object allocated for EXCHANGE_LIFETIME ensures that
duplicate acknowledgements can be handled accordingly.
This commit adds a basic implementation of what is stated in the RFC.
EXCHANGE_LIFETIME has been arbitrarily set to 3 * ACK_TIMEOUT which
seems more reasonable than the 247 seconds stated in the RFC.
Signed-off-by: Francois Gervais <francoisgervais@gmail.com>
