From 098483d6dd79daa521b395f5df4b0dccf00a6f48 Mon Sep 17 00:00:00 2001 From: Jukka Rissanen Date: Sat, 26 Aug 2017 01:04:02 +0300 Subject: [PATCH] net: app: Allow TLS and DTLS to be enabled separately TLS and DTLS are not related to each other so allow DTLS to be enabled even if TLS is disabled. Signed-off-by: Jukka Rissanen --- include/net/net_app.h | 16 ++++++++-------- subsys/net/lib/app/Kconfig | 9 +++++---- subsys/net/lib/app/client.c | 18 +++++++++--------- subsys/net/lib/app/net_app.c | 5 ++--- subsys/net/lib/app/net_app_private.h | 4 ++-- subsys/net/lib/app/server.c | 8 ++++---- 6 files changed, 30 insertions(+), 30 deletions(-) diff --git a/include/net/net_app.h b/include/net/net_app.h index 17f60040693..294508e0178 100644 --- a/include/net/net_app.h +++ b/include/net/net_app.h @@ -11,7 +11,7 @@ #ifndef __NET_APP_H #define __NET_APP_H -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) #if defined(CONFIG_MBEDTLS) #if !defined(CONFIG_MBEDTLS_CFG_FILE) #include "mbedtls/config.h" @@ -38,7 +38,7 @@ #include #include #endif /* CONFIG_MBEDTLS */ -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ #include #include @@ -169,7 +169,7 @@ typedef int (*net_app_send_data_t)(struct net_pkt *pkt, void *token, void *user_data); -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) /* Internal information for managing TLS data */ struct tls_context { struct net_pkt *rx_pkt; @@ -241,7 +241,7 @@ typedef int (*net_app_ca_cert_cb_t)(struct net_app_ctx *ctx, */ typedef int (*net_app_entropy_src_cb_t)(void *data, unsigned char *output, size_t len, size_t *olen); -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ #if defined(CONFIG_NET_APP_DTLS) struct dtls_timing_context { @@ -333,7 +333,7 @@ struct net_app_ctx { } client; #endif /* CONFIG_NET_APP_CLIENT */ -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) struct { /** TLS stack for mbedtls library. */ k_thread_stack_t stack; @@ -389,7 +389,7 @@ struct net_app_ctx { /** Have we called connect cb yet? */ bool connect_cb_called; } tls; -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ #if defined(CONFIG_NET_CONTEXT_NET_PKT_POOL) /** Network packet (net_pkt) memory pool for network contexts attached @@ -877,7 +877,7 @@ int net_app_close(struct net_app_ctx *ctx); */ int net_app_release(struct net_app_ctx *ctx); -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) #if defined(CONFIG_NET_APP_CLIENT) /** * @brief Initialize TLS support for this net_app client context. @@ -955,7 +955,7 @@ int net_app_server_tls(struct net_app_ctx *ctx, #endif /* CONFIG_NET_APP_SERVER */ -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ /** * @} diff --git a/subsys/net/lib/app/Kconfig b/subsys/net/lib/app/Kconfig index 7c940e2471a..06b601142f8 100644 --- a/subsys/net/lib/app/Kconfig +++ b/subsys/net/lib/app/Kconfig @@ -87,6 +87,7 @@ config NET_APP_CLIENT config NET_APP_TLS bool "Enable TLS support for TCP applications" default n + depends on NET_TCP select MBEDTLS help Enables net app library to use TLS for encrypted communication. @@ -94,10 +95,10 @@ config NET_APP_TLS config NET_APP_DTLS bool "Enable DTLS support for UDP applications" depends on NET_UDP - depends on NET_APP_TLS + select MBEDTLS default n help - Enables net app library to use TLS for encrypted UDP communication. + Enables net app library to use DTLS for encrypted UDP communication. config NET_APP_DTLS_TIMEOUT int "DTLS session timeout" @@ -109,7 +110,7 @@ config NET_APP_DTLS_TIMEOUT config NET_DEBUG_APP_TLS_LEVEL int "Debug level for mbedtls in net app library" - depends on NET_APP_TLS && NET_DEBUG_APP + depends on (NET_APP_TLS || NET_APP_DTLS) && NET_DEBUG_APP default 0 range 0 4 help @@ -124,7 +125,7 @@ config NET_DEBUG_APP_TLS_LEVEL config NET_APP_TLS_STACK_SIZE int "TLS handler thread stack size" default 8192 - depends on NET_APP_TLS + depends on NET_APP_TLS || NET_APP_DTLS help TLS handler thread stack size. The mbedtls routines will use this stack thus it is by default very large. diff --git a/subsys/net/lib/app/client.c b/subsys/net/lib/app/client.c index 396998d356b..995e28e8e7d 100644 --- a/subsys/net/lib/app/client.c +++ b/subsys/net/lib/app/client.c @@ -28,10 +28,10 @@ #include "net_app_private.h" -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) #define TLS_STARTUP_TIMEOUT K_SECONDS(5) static int start_tls_client(struct net_app_ctx *ctx); -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ #if defined(CONFIG_DNS_RESOLVER) static void dns_cb(enum dns_resolve_status status, @@ -422,7 +422,7 @@ static void _app_connected(struct net_context *net_ctx, { struct net_app_ctx *ctx = user_data; -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) if (ctx->is_tls) { k_sem_give(&ctx->client.connect_wait); } @@ -430,7 +430,7 @@ static void _app_connected(struct net_context *net_ctx, net_context_recv(net_ctx, ctx->recv_cb, K_NO_WAIT, ctx); -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) if (ctx->is_tls) { /* If we have TLS connection, the connect cb is called * after TLS handshakes are done. @@ -553,7 +553,7 @@ int net_app_connect(struct net_app_ctx *ctx, s32_t timeout) return -EAFNOSUPPORT; } -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) if (ctx->is_tls && !ctx->tls.tid && (ctx->proto == IPPROTO_TCP || (IS_ENABLED(CONFIG_NET_APP_DTLS) && ctx->proto == IPPROTO_UDP))) { @@ -571,7 +571,7 @@ int net_app_connect(struct net_app_ctx *ctx, s32_t timeout) } #else ARG_UNUSED(started); -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ #if defined(CONFIG_NET_APP_DTLS) if (ctx->proto == IPPROTO_UDP) { @@ -608,7 +608,7 @@ int net_app_connect(struct net_app_ctx *ctx, s32_t timeout) if (ret < 0) { NET_DBG("Cannot connect to peer (%d)", ret); -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) if (started) { _net_app_tls_handler_stop(ctx); } @@ -618,7 +618,7 @@ int net_app_connect(struct net_app_ctx *ctx, s32_t timeout) return ret; } -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) static void tls_client_handler(struct net_app_ctx *ctx, struct k_sem *startup_sync) { @@ -746,4 +746,4 @@ int net_app_client_tls(struct net_app_ctx *ctx, */ return 0; } -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ diff --git a/subsys/net/lib/app/net_app.c b/subsys/net/lib/app/net_app.c index f9e231eb474..2fa3f411593 100644 --- a/subsys/net/lib/app/net_app.c +++ b/subsys/net/lib/app/net_app.c @@ -864,7 +864,7 @@ int net_app_close(struct net_app_ctx *ctx) return 0; } -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) #if defined(MBEDTLS_DEBUG_C) && defined(CONFIG_NET_DEBUG_APP) static void my_debug(void *ctx, int level, const char *file, int line, const char *str) @@ -1301,7 +1301,6 @@ void _net_app_tls_received(struct net_context *context, */ } } -dtls_disconnect: #endif /* CONFIG_NET_APP_DTLS */ ret = k_mem_pool_alloc(ctx->tls.pool, &block, @@ -1960,5 +1959,5 @@ void _net_app_tls_handler_stop(struct net_app_ctx *ctx) k_thread_abort(ctx->tls.tid); ctx->tls.tid = 0; } -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ diff --git a/subsys/net/lib/app/net_app_private.h b/subsys/net/lib/app/net_app_private.h index 0d63b857a15..379d44ae9e1 100644 --- a/subsys/net/lib/app/net_app_private.h +++ b/subsys/net/lib/app/net_app_private.h @@ -103,7 +103,7 @@ void _net_app_accept_cb(struct net_context *net_ctx, #if defined(CONFIG_NET_APP_CLIENT) #endif /* CONFIG_NET_APP_CLIENT */ -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) bool _net_app_server_tls_enable(struct net_app_ctx *ctx); bool _net_app_server_tls_disable(struct net_app_ctx *ctx); void _net_app_tls_handler_stop(struct net_app_ctx *ctx); @@ -111,7 +111,7 @@ int _net_app_tls_init(struct net_app_ctx *ctx, int client_or_server); int _net_app_entropy_source(void *data, unsigned char *output, size_t len, size_t *olen); int _net_app_ssl_tx(void *context, const unsigned char *buf, size_t size); -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ #if defined(CONFIG_NET_APP_DTLS) #include "../../ip/connection.h" diff --git a/subsys/net/lib/app/server.c b/subsys/net/lib/app/server.c index 547a9f8b606..c495593aaaf 100644 --- a/subsys/net/lib/app/server.c +++ b/subsys/net/lib/app/server.c @@ -260,7 +260,7 @@ fail: return ret; } -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) static inline void new_server(struct net_app_ctx *ctx, const char *server_banner) { @@ -426,7 +426,7 @@ int net_app_server_tls(struct net_app_ctx *ctx, /* Then mbedtls specific initialization */ return 0; } -#endif /* CONFIG_NET_APP_TLS */ +#endif /* CONFIG_NET_APP_TLS || CONFIG_NET_APP_DTLS */ bool net_app_server_enable(struct net_app_ctx *ctx) { @@ -438,7 +438,7 @@ bool net_app_server_enable(struct net_app_ctx *ctx) ctx->is_enabled = true; -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) if (ctx->is_tls) { _net_app_server_tls_enable(ctx); } @@ -456,7 +456,7 @@ bool net_app_server_disable(struct net_app_ctx *ctx) ctx->is_enabled = false; -#if defined(CONFIG_NET_APP_TLS) +#if defined(CONFIG_NET_APP_TLS) || defined(CONFIG_NET_APP_DTLS) if (ctx->is_tls) { _net_app_server_tls_disable(ctx); }