In some cases (for examples when offloaded socket implementation does
not implement TLS functionality) it could be desired to create a native
TLS socket with an underlying offloaded socket.
This cannot be achieved with SO_BINDTODEVICE option only, as TLS socket
type is not really associated with a particular interface - it either
has to be offloaded, or a fully native socket is created (native TLS on
a native interface).
In order to address the problem, introduce TLS_NATIVE socket option.
This option instructs the socket dispatcher layer to create a native TLS
socket. As with the socket dispatcher the underlying socket
implementation is not decided during TLS socket creation, therefore it's
possible to use SO_BINDTODEVICE to choose either native or offloaded
interface for the underlying socket.
Additionally remove NET_SOCKETS_OFFLOAD_TLS Kconfig option, as it's no
longer needed with an runtime option to select whether to offload TLS or
not.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add an intermediate socket implementation called socket dispatcher. This
layer can be used along with the socket offloading, to postpone the
actual socket creation until a first operation on a socket is executed.
This approach leaves an opening to bind a socket to a particular
offloaded network interface, and thus offloaded socket implementation,
using SO_BINDTODEVICE socket option. Thanks to this, it is now possible
to use multiple offloaded sockets implementations along with native
sockets, and easily select which socket should use with network
interface (even if it's an offloaded interface).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Update client tx timestamp right after message is added to list
of outgoing messages. Delay between when message is generated and
sent is negligible. This will prevents bugs that appear when using
queue mode, where internal engine logic depends on timestamp being
updated when message is generated.
Signed-off-by: Marin Jurjević <marin.jurjevic@hotmail.com>
First available subcommand is for doing a send operation. Send operation
is supported by the LwM2M version 1.1.
Signed-off-by: Veijo Pesonen <veijo.pesonen@nordicsemi.no>
Introduce set/get SO_SNDBUF option using the setsockopt
function. In addition, for TCP, check the sndbuf value
before queuing data.
Signed-off-by: Mohan Kumar Kumar <mohankm@fb.com>
'optval' in setsockopt(..., SO_BINDTODEVICE, ...) was casted explicitly
from 'const void *' to 'struct ifreq *'. Rely on C implicit casting from
'const void *' to 'const struct ifreq *' and simply update variable
type. This prevents unwanted modification of ifreq value in the future.
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
This option will be used as default socket priority by offloaded socket
drivers.
Describe how to prioritize native TLS over offloaded TLS (and vice
versa) using sockets priorities.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Name OpenThread version selection option to `OPENTHREAD_STACK_VERSION`
to be able to superseed it somewhere else.
Signed-off-by: Eduardo Montoya <eduardo.montoya@nordicsemi.no>
Log an error when allocating a network packet for transmission fails.
This is a problem which can be solved by increasing
`CONFIG_NET_PKT_TX_COUNT`, but is currently hard to diagnose.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
CONFIG_NET_L2_PPP_MAX_TERMINATE_REQ_RETRANSMITS
was not having any impact and
CONFIG_NET_L2_PPP_MAX_CONFIGURE_REQ_RETRANSMITS
was used incorrectly instead for terminate().
Signed-off-by: Jani Hirsimäki <jani.hirsimaki@nordicsemi.no>
Making sure struct bt_l2cap_chan has absolutely no members related
to dynamic channels.
That way we ensure that there is no overhead for a build where only
fixed channels are used.
It's not enough that the dynamic channel-related members are put behind
ifdefs - they should be completely moved out from the struct definition.
Furthermore, the public l2cap.h header file already has a struct
that's meant to be used for dynamic channels: struct bt_l2cap_le_chan!
However, currently dynamic channel support is a mess - it's a mix
between these two structs. The bt_l2cap_le_chan struct should really
be an extension of the bt_l2cap_chan struct, i.e. the former should
contain as a member the latter.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Remove the custom MQTT logging macros and just use the NET macros
directly. The custom macros provide no additional functionality and the
non-standard naming can cause confusion.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
The autoconf.h header is not required because the definitions present in
the file are exposed using the compiler `-imacros` flag.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
When lwm2m_rd_client_stop() was called and immediately
followed by lwm2m_rd_client_start() it leaked the file
handle for existing socket.
Problem can be fixed when rd_client_stop() does not
move state machine to IDLE, but instead DEREGISTER
and then allow state machine to move forward.
I added a blocking wait for rd_client_stop() because
it needs to wait for proper clean up.
I also move couple of lwm2m_engine_context_close() to
set_sm_state() event handler or similarly in lwm2m_engine.c
there was couple of places where context was not properly
cleaned.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Fixed wrong initialized base name objed id.
Base name was added to every object instance.
Fix will save message size.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
LwM2M specification is only mentioning BASE64 encoding but SenML-JSON
specification is talking about BASE64URL encoding.
This change is silently accepting both formats and automatically pads the
data if padding is dropped.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
On dual-core architecture the platform time can be not aligned with
radio time. This happens e.g. for nRF53 devices. Unaligned times imply
mulfunction in CSL windows scheduling.
This PR fixes it by adding/subtracting the time offset in functions
which return the plaform time. The changes have no impact on platforms
where the times are the same.
Signed-off-by: Lukasz Maciejonczyk <lukasz.maciejonczyk@nordicsemi.no>
Introduce set/get SO_RCVBUF option using the setsockopt
function. In addition, use the rcvbuf value to set the
tcp recv window.
Signed-off-by: Mohan Kumar Kumar <mohankm@fb.com>
LWM2M Client Sample with DTLS enabled fails because TLS_HOSTNAME is set
but MBEDTLS_X509_CRT_PARSE_C is disabled which leads to error
'net_lwm2m_engine: Failed to set TLS_HOSTNAME option: 109'
Add new field hostname_verify to let the application decide if hostname
should be checked.
Signed-off-by: Benjamin Bigler <benjamin.bigler@securiton.ch>
When connect() is called on a TCP socket, tcp_in() is called with a NULL
packet to start establishing a connection. That in turn leads to a SYN
packet being produced which, depending on the Ethernet driver, may
result in a synchronous transmit of that packet. After that, the
connect() implementation, which at this point is executing
net_tcp_connect() starts waiting to take a semaphore until the
connection timeout is reached. However, if the transmit of the SYN
packet results in a RST packet being returned from the connection
destination (due to there being no listening socket) very quickly on a
local network, the device driver may deliver an interrupt which can
cause the receive path of the network stack to run, resulting in the
tcp_in() of the RST packet via the network RX thread. That can cause
tcp_conn_unref() to be called before the connecting thread has gotten
to the point of acquiring (or failing to) the semaphore, which results
in a deinitialized semaphore being accessed.
This commit fixes the possible race condition by ensuring that the
connection lock mutex is held until after the connection state moves
to "in connect."
Fixes#44186
Signed-off-by: Berend Ozceri <berend@recogni.com>
If NET_IPV4 and NET_SOCKETS_PACKET is enabled, NET_SOCKADDR_MAX_SIZE will
be bigger than the ipv4 address length.
This is a problem when DTLS is used as the address comparison will fail
because of the different length of the received and the stored address.
This is also a problem if NET_IPV6 and NET_IPV4 is enabled and the remote
address is a ipv4 address
Signed-off-by: Benjamin Bigler <benjamin.bigler@securiton.ch>
Use defines instead of hardcoded strings to avoid future errors if the
values would change.
Signed-off-by: Andreas Pettersson <andreaspettersson95@gmail.com>
When TCP stack enters retransmission mode, the variable tracking the
amount of unacknowledged data is cleared. This prevents the stack from
detecting when TX window is full, which could lead to queueing unlimited
amount of data, effectively consuming all of the avaiable network
buffers.
Prevent this, by returning early from net_tcp_queue_data() in case TCP
stack is in retransmission mode. The socket layer will take care of
retrying just as in case the window is full.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case a loopback or own address is used in TCP connection, the TCP
stack delegates the acatual data send to a workqueue. This is fine,
however it could lead to some aritificial delays in case a lot of data
is being sent before the workqueue has a chance to execute queued work
items. In such case, we only sent a single packet, when many could've
already been queued.
Fix this, by resubmitting the queue in case a local address is used, and
there's still more packets pending for send.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When peer reports a zero length receive window, the TCP stack block any
outgoing data from being queued. In case no further ACK comes from the
peer, the whole communication could stall. Fix this by sending a simple
Zero Window Probe, when we detect a Zero Length Window.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
NSEC_PER_SEC is an unsigned integer macro. Thus, -NSEC_PER_SEC will be
treated as unsigned integer as well which lead to calculation error on
64bits integer variables. Added the correct type casting into the formula
to fix the calculation error.
Signed-off-by: Kweh Hock Leong <hock.leong.kweh@intel.com>
The ARRAY_SIZE macro uses sizeof and thus the return
type should be an unsigned value. size_t is typically
the type used for sizeof and fits well for the
ARRAY_SIZE macro as well.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Sometimes message is being reset from multiple locations in code.
If message has already been reset, pointer to context is invalid.
Signed-off-by: Marin Jurjević <marin.jurjevic@hotmail.com>
Read operation must return empty payload when read /object_id
if there is no created object instances.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
http_client_req() was supposed to return the number of bytes sent as a
HTTP request. The return value was not riht however due to some bugs in
helper functions:
* http_send_data() returned the current buffer position istead of the
number of bytes actually sent. This could result in counting the same
data into the total request size several times. A helper variable was
added to track how many bytes were actually sent to the network.
* http_flush_data() forwarded the return value of sendall() helper
function. That function however did not return number of bytes sent,
but 0 or a negative error code.
Additionally, change the return type of sendall() function - according
to standard the ssize_t type is only capable of holding -1 negative
value, but the function could return the full range of negative errno
values. Use int instead.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Closing a listening socket will set the accept callback to NULL.
This could lead to a crash, in case an already received packet,
finalizing the connection handshake, was processed after the socket was
closed. Thereby, it's needed to verify if the callback is actually set
before processing it.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The verification function for accept() did not take into account that
addr and addrlen pointers provided could be NULL.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
TCP processed IPv4/IPv6 packets w/o verifying first if IPv4/IPv6 is
enabled in the system. This could lead to problems especially for IPv6,
where in case it's disabled the sockaddr structure is not large enough
to accomodate IPv6 address, leading to possible out-of-bound access on
the sockaddr structure.
Fix this by adding appropriate checks where applicable.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Added support for Composite observation for LwM2M v1.1.
Updated current Observation node to support linked path list.
Rename typos lwm_ to lwm2m_.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
Removed to store pmin and pmax at oberservation node structure and
use attribute list store for calculate time for next Notification.
Observation class use timestamp for triggering notification based on
resource update which use pmin and default pmax behaviour.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
