The #91219 miss some entries when doing the clean-up. This removes
some of remaining SUBALIGN entries in the iterable sections. It do
not consider SECTION_PROLOGUE and zephyr_linker_section entries.
Fixes#92349
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com>
Refactored the code to use the standard struct in_addr for
representing IPv4 addresses instead of a uint32_t combined
with the custom IP_ADDR macro.
Signed-off-by: Tim Pambor <tim.pambor@codewrights.de>
Add custom interoperability tests verifying that numerical observe
attributes work as expected.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Remember which DNS server was added by a source like DHCPv4 or v6
message. This will allow system to remove DNS servers that were added by
that source. Then when stopping for example DHCP, we can remove those
specific DNS servers and not leaving DNS servers hanging in the system.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the default max. answer length of 512 bytes is not enough,
user can specify it by setting CONFIG_DNS_RESOLVER_MAX_ANSWER_SIZE
to suitable value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using 32 bit enum values for event numbers, convert
the code to use 64 bit long bit fields. This means that the
user API is changed to use 64 bit event values instead of 32
bit event values.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Ensure encoding of options with large deltas works as expected by using
an "experimental" option 65100.
Signed-off-by: Benjamin Cabé <benjamin@zephyrproject.org>
Make sure we cleanup only those DNS servers that belong to
certain network interface when the interface goes down.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
SUBALIGN forces alignment to the specified value, even if the object
requires stricter alignment. This causes mis-aligned access when accessing
the resulting value.
Signed-off-by: Keith Packard <keithp@keithp.com>
Fix issues reported by string validation which was added to strings
used in zassert macros.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Test case `test_set_bulk` and `test_get_set` test the LwM2m getter and
setter function by
- init a buffer with some value
- calling lwm2m_set_... with buffer as parameter
- calling lwm2_get_... by letting `get` write-back into the same
buffer(!)
- compare the buffer with the init value
That implementation can't recognize a no-operation getter function.
This change adds some C macro magic for both test cases where
an `out` buffer for setter and an `in` buffer for getter functions
exists. The buffers are checked before use for inequality to avoid
any unexpected pass.
Signed-off-by: Stefan Schwendeler <Stefan.Schwendeler@husqvarnagroup.com>
Turn the MBEDTLS_RSA_FULL selects into depends on.
This is how the other MBEDTLS_KEY_EXCHANGE_* Kconfig options are defined.
This is done to avoid circular dependencies.
At the same time update uses of the affected MBEDTLS_KEY_EXCHANGE_*
Kconfig options to enable/disable the dependencies which used to be
automatically handled.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add netif dependency for the test suite, as in other networking tests
and adjust minimal RAM and FLASH values.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add checks that we will be able to catch invalid compression bit in
response CNAME handling.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add checks that we will be able to catch recursive name pointers and
abandon the response for CNAME handling.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Building with clang, it warns:
tests/net/lib/http_server/core/src/main.c:1400:19: error: variable
'http1_header_capture_common_response' is not needed and will not be
emitted [-Werror,-Wunneeded-internal-declaration]
static const char http1_header_capture_common_response[]
^ = "HTTP/1.1 200\r\n"
Add a check to make sure the response actually matches the expected
response.
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Add support for DICONNECT message specified in MQTT 5.0.
As with MQTT 5.0, the disconnect can now also be initiated by the
broker, it was needed to add decoder support for the message.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add support for PUBACK, PUBREC, PUBREL and PUBCOMP specified in MQTT
5.0. As all of these acknowledgment packets have similar format,
introduced a common encoder/decoder to handle ACK packets.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add support for PUBLISH message specified in MQTT 5.0. The message
encoder and decoder were updated to support MQTT properties.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add test variant which enables MQTT 5.0 support. MQTT 3.1.1 should still
work just fine in such case, so it needs to be verified that's the case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Kconfig value LWM2M_ENGINE_MESSAGE_HEADER_SIZE added
an extra headroom for CoAP packet sizes so that
if CoAP Block-Wise transfer block-size is configured
to be same as LWM2M_COAP_MAX_MSG_SIZE, the full
payload block would usually fit to the datagram.
This causes too much confusion to be usable.
CoAP headers and options vary on sizes, and there is
no runtime limitations that we should check the
header size against.
Only real limitation is the CoAP packet size, which
must fit into the UDP datagram with typical DTLS headers.
Only limitation for CoAP block-size then is that
it must fit into the CoAP message with all the headers
and options. But as the option sizes, like path, vary,
it must be checked runtime.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
Make sure we install packages with no issues, some of the issues being
reporting on packages we might install using pip:
Warn: Project is vulnerable to: PYSEC-2019-41 / GHSA-qfc5-mcwq-26q8
Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc
Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56
Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h
Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg
Warn: Project is vulnerable to: PYSEC-2017-74
Warn: Project is vulnerable to: GHSA-55x5-fj6c-h6m8
Warn: Project is vulnerable to: PYSEC-2014-9 / GHSA-57qw-cc2g-pv5p
Warn: Project is vulnerable to: PYSEC-2021-19 / GHSA-jq4v-f5q6-mjqq
Warn: Project is vulnerable to: GHSA-pgww-xf46-h92r
Warn: Project is vulnerable to: PYSEC-2022-230 / GHSA-wrxv-2j5q-m38w
Warn: Project is vulnerable to: PYSEC-2018-12 / GHSA-xp26-p53h-6h2p
Warn: Project is vulnerable to: PYSEC-2024-4 / GHSA-2mqj-m65w-jghx
Warn: Project is vulnerable to: PYSEC-2023-165 / GHSA-cwvm-v4w8-q58c
Warn: Project is vulnerable to: PYSEC-2022-42992 / GHSA-hcpj-qp55-gfph
Warn: Project is vulnerable to: PYSEC-2023-137 / GHSA-pr76-5cm5-w9cj
Warn: Project is vulnerable to: PYSEC-2023-161 / GHSA-wfm5-v35h-vwf4
Warn: Project is vulnerable to: GHSA-3f63-hfp8-52jq
Warn: Project is vulnerable to: GHSA-44wm-f244-xhp3
Warn: Project is vulnerable to: GHSA-56pw-mpj4-fxww
Warn: Project is vulnerable to: GHSA-j7hp-h8jx-5ppr
Warn: Project is vulnerable to: PYSEC-2023-175
Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h
Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6
Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf
Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc
Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f
Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm
Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52
Warn: Project is vulnerable to: GHSA-c6fm-rgw4-8q73
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
TLS_CREDENTIAL_SERVER_CERTIFICATE credential type is misleading, as in
fact it just represents a public certificate, it does not matter if the
certificate belongs to a server or a client. And actually, it was
already used in-tree for clients as well, for example in LwM2M.
Therefore rename the credential type to a more generic
TLS_CREDENTIAL_PUBLIC_CERTIFICATE and deprecate the old one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Previously the net_linkaddr struct had pointers to the link address.
This is error prone and difficult to handle if cloning the packet as
those pointers can point to wrong place. Mitigate this issue by
allocating the space for link address in net_linkaddr struct. This will
increase the size of the net_pkt by 4 octets for IEEE 802.15.4 where the
link address length is 8, but there no increase in size if link address
is 6 bytes like in Ethernet/Wi-Fi.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
To add the functionality conform rfc6762 chapter 6.7 the interface for
setup_dst_addr(...) has changed. This patch fixes the interface mismatch
Signed-off-by: Vincent van der Locht <vincent@synchronicit.nl>
Rename the driver from uart_native_posix to uart_native_pty.
Including renaming the DTS compatible, and kconfig options, deprecating
the old ones.
And refactor the driver, generalizing it, so we can have any number of
instances.
Note that, unfortunately generalizing to N instances cannot be done
without a degree of backwards compatibility breakage: This driver was
born with all its configuration and selection of the instances based on
kconfig.
When the driver was made to use DT, it was done in a way that required
both DT and kconfig needing to manually coherently enable the 2nd UART.
This has now been fixed, which it means only DT is used to decide how
many instances are avaliable, and UART_NATIVE_POSIX_PORT_1_ENABLE is
just ignored.
Including:
* Deprecate UART_NATIVE_WAIT_PTS_READY_ENABLE: the options is always on
now as it has no practical drawbacks.
* Deprecate UART_NATIVE_POSIX_PORT_1_ENABLE: DTS intanciation defines it
being available now.
* Rename a few functions and in general shorten pseudo-tty/pseudo-
terminal to PTY instead of PTTY.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
As native_posix has been removed, these tests do not need to support
anymore both native_sim and _posix targets, so we can stop using
the transitional headers, and APIs.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Make sure that if mDNS resolver is enabled, we join the mDNS
multicast group so that query responses can be received.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add tests verifying the functionality of the newly added
accept-encoding based compression support.
Signed-off-by: Carlo Kirchmeier <carlo.kirchmeier@zuehlke.com>
native_posix is being removed as it has reached its end of life in 4.2,
after being deprecated since 4.0.
Remove the twister support for native_posix[//64] and therefore all
references to them from the testcases and samples yamls, so twister
does not error out.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Both files are released by Nordic under the Apache v2.0 license, correct
the SPDX tags accordingly.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
We need to make sure that within Zephyr different users of the PSA APIs
don't interfere with each other because of using the same numerical IDs
for persistent assets.
This takes care of the PSA key IDs when using persistent keys through
the PSA Crypto API.
See the comments in `<zephyr/psa/key_ids.h>` for more information.
This removes the recently-introduced Kconfig options that allowed changing
the base IDs subsystems were using for their persistent keys.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
From the MQTT-SN spec:
6.5 Topic Name Registration Procedure
...
At any point in time a client may have only one
REGISTER message outstanding, i.e. it has to wait
for a REGACK message before it can register another
topic name.
...
6.9 Client’s Topic Subscribe/Un-subscribe Procedure
...
As for the REGISTER procedure, a client may have only
one SUBSCRIBE or one UNSUBCRIBE transaction open at a time.
...
Until now, the library did not comply with these requirements.
An additional "waiting" state for topics was introduced:
REGISTER, SUBSCRIBE and UNSUBSCRIBE as an extra step before
switching to REGISTERING, SUBSCRIBING and UNSUBSCRIBING. The
library now makes sure that only one topic can be REGISTERING
and only one topic can be in either SUBSCRIBING or UNSUBSCRIBING.
Additionally, requesting to UNSUBSCRIBE is now denied if the topic
is not yet SUBSCRIBED, to avoid weird race conditions.
Also, added two tests that verify this behavior.
This fixes#84644
Signed-off-by: Rene Beckmann <rene.bckmnn@gmail.com>
The current DNS caching logic is not aware of the IP address version.
If there is a cached address for a query, the caller of
dns_get_addr_info() will receive that address, even if it is not the
same version as the caller requested. For example:
- dns_get_addr_info() is called to resolve an IPv4 address
- the DNS client caches the IPv4 address that was received
- dns_get_addr_info() is called to resolve an IPv6 address
- the DNS client sees that there is a cached IPv4 address for the
given query
- the DNS client does not check that the cached address is of the
requested version (IPv6)
- the cached IPv4 address is returned from dns_get_addr_info()
This changes the DNS client to check IP address version when searching
cached addresses.
Signed-off-by: Noah Olson <noah@wavelynx.com>
After recent kernel changes there's some thread scheduling race when
running tests, therefore add k_yield() at the end of each test to make
sure the server thread has a chance to run and do the cleanup.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
A _res_fallback parameter to HTTP_SERVICE_DEFINE is added to optionally
specify a fallback resource detail, which will be served if no other
resource matches the URL.
Signed-off-by: Matt Rodgers <mrodgers@witekio.com>
