For enterprise mode we need to install multiple certs to the TLS
credentials store, so, add a helper script in python to make it work
cross-platforms.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The command should work with existing certs rather than a generic
example, also fix the key-management.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
RSA3K based certs are not supported on all platforms, so, keep both
variants, rsa2k (the older certs but with longer expiry 9999 days) and
rsa3k (latest ones) and we can have more variants in this folders.
Also, add a cmake variable to override the path with default as rsa3k.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Instead of having an overlay move the Enterprise configurations to a
dedicated snippet so that it can be enabled with any sample.
Can be used along with Wi-Fi snippet e.g., `-S
"wifi-ipv4;wifi-enterprise"`.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Using TLS credentials library add support for run-time certificates where
the installed certs are retrieved from the credential store (as of now
only volatile backend is tested).
This helps in production environments.
Implements #79564.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add a "net filter" command that will allow user to see the
current network packet filter configuration.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
TLS_CREDENTIAL_SERVER_CERTIFICATE credential type is misleading, as in
fact it just represents a public certificate, it does not matter if the
certificate belongs to a server or a client. And actually, it was
already used in-tree for clients as well, for example in LwM2M.
Therefore rename the credential type to a more generic
TLS_CREDENTIAL_PUBLIC_CERTIFICATE and deprecate the old one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
"native POSIX" in Zephyr's context is typically understood as something
else than what this text refers to. Let's rephrase it.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Add documentation showing how to use the _detail parameter when
registering an HTTP service to provide a default resource handling any
unknown path. Also update the 4.1 release migration guide.
Signed-off-by: Matt Rodgers <mrodgers@witekio.com>
Update HTTP server documentation and migration guide to account for
added request_ctx parameter to the http_resource_websocket_cb_t
callback.
Signed-off-by: Matt Rodgers <mrodgers@witekio.com>
Dynamic resource callback function signature has changed to combine the
data, data length and request header details into a struct
http_request_ctx. Update documentation to describe this, and add a note
in the 4.1 migration guide since this is a public API change.
Signed-off-by: Matt Rodgers <mrodgers@witekio.com>
Fixes: #78010
This commit implements the "Gateway Advertisement and Discovery" process
defined in section 6.1 of the MQTT-SN specification.
This includes breaking changes to the transport interface and the default
included UDP interface implementation as support for UDP multicast
messages is added as implemented by the Paho MQTT-SN Gateway.
Signed-off-by: Kenneth Witham <kennywitham4@gmail.com>
This updates the documentation of all the Qemu boards
to use the new `zephyr:board::` directive.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
This updates the documentation of all the Atmel boards to use
the new `zephyr:board::` directive.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
This updates the documentation of all the STM32 boards to use
the new `zephyr:board::` directive.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
This updates the documentation of all the NXP boards to use
the new `zephyr:board::` directive.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Add EAP-TLS, EAP-PEAP-MSCHAPv2, EAP-PEAP-GTC, EAP-TTLS-MSCHAPv2,
EAP-PEAP-TLS, EAP-TLS-SHA256 enterprise wpa2 and wpa3 suiteb
support for station.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
Add missing entry to the documentation to also support CMake linker
generator with CoAP services.
Update hard coded value with linker script defined value.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Update documentation to describe the method of returning response data
to the HTTP server using the response_ctx callback parameter.
Signed-off-by: Matt Rodgers <mrodgers@witekio.com>
Fixes bad usage of single backticks in lieu of double backticks for
rendering inline literals, or simple '*' for italics.
When appropriate, a better construct than double backticks has been
selected (ex. :file:, :kconfig:option:, :c:func:, ...), or proper :ref:
have been used if the original intention was to have a link.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Dangling hyphens at the end of a line are usually a problem, ie. you
have an "hyphenated-word" and breaking it on two line will render it as
"hyphenated- word".
This commit fixes the few occurences of such dangling hyphens.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Move the network buffer documentation from networking to services as the
implementation now lives outside of the networking subsystem.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Move the network buffer header file from zephyr/net/buf.h to
zephyr/net_buf.h as the implementation now lives outside of the networking
subsystem.
Add (deprecated) zephyr/net/buf.h header to maintain compatibility with old
file path.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Add basic WPA2 EAP-TLS support.
Also, add test infrasturcture esp. the certification handling,
non-certificate credentials are take as runtime input and certificated
are build time input for testing.
A real application can set certificates at runtime too.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Deprecate the net_buf_put() and net_buf_get() functions.
Special handling of net_bufs in k_fifos is no longer needed after commit
3d306c181f, since these actions are now
atomic regardless of any net_buf fragments.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
When socket errors call sm_handle_timeout_state() we might be
in a state where application assumes we are in registered state
but we are dropping it.
Therefore we must ensure that all registration states emit either
REGISTRATION_TIMEOUT event for application to indicate that
we have lost the connection to server.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Allow an application to add a Block2 option to an initial request for a
resource. For any subsequent requests as part of a blockwise transfer,
drop the application-added Block2 option since the coap_client must
append a Block2 option with updated NUM and SZX fields based on the
server response.
Signed-off-by: Matt Rodgers <mrodgers@witekio.com>
adds filesystem as a resource for the http_server which serves static
(gzipped) files from a filesystem to the client.
Signed-off-by: Gerhard Jörges <joerges@metratec.com>
Fixes: #72363
The existing function to set the postfix is converting postfix
string to hexadecimal. Adding a new function to handle a use case
where the provided postfix should be used as is without any conversion.
Signed-off-by: Vineeta S Narkhede <VineetaSNarkhede@Eaton.com>
Utilize a code spell-checking tool to scan for and correct spelling errors
in various files within the `doc` directory.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Add information about these missing Kconfig options:
CONFIG_NET_CONFIG_MY_IPV6_ADDR
CONFIG_NET_CONFIG_PEER_IPV6_ADDR
CONFIG_NET_CONFIG_MY_IPV4_ADDR
CONFIG_NET_CONFIG_MY_IPV4_NETMASK
CONFIG_NET_CONFIG_MY_IPV4_GW
CONFIG_NET_CONFIG_PEER_IPV4_ADDR
Fixes#75211
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
For each of the fdtable.h functions listed below, convert the
z_ prefixed semi-private functions to use the zvfs_ prefix.
ZVFS stands for Zephyr Virtual File System and
is intended to be a common library used by the C library,
POSIX API, Networking, Filesystem, and other areas.
There are already a few functions in fdtable.h that use the
zvfs_ prefix, so this change is mostly about unifying them in
a way that uses a suitable prefix ("namespace") so that it can
be considered a public API.
- z_alloc_fd
- z_fdtable_call_ioctl
- z_finalize_fd
- z_finalize_typed_fd
- z_free_fd
- z_get_fd_obj
- z_get_fd_obj_and_vtable
- z_get_obj_lock_and_cond
- z_reserve_fd
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
