Secure socket options descriptions were not doxygen comments,
therefore did not show up in the documentation.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
So that client apps can refer to them, and then can be implemented on
Zephyr side as needed.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Adds getaddrinfo and freeaddrinfo to the offloaded API.
Signed-off-by: Joakim Andre Tønnesen <joakim.tonnesen@nordicsemi.no>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Any word started with underscore followed by and uppercase letter or a
second underscore is a reserved word according with C99.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This patch enables BSD socket offload to a dedicated
TCP/IP offload engine.
This provides a simpler, more direct mechanism than going
through NET_OFFLOAD (zsock -> net_context -> socket conversions)
for those devices which provide complete TCP/IP offload at the
BSD socket level, and whose use cases do not require
IP routing between multiple network interfaces.
To use, configure CONFIG_NET_SOCKETS_OFFLOAD=y, and register
socket_offload_ops with this module.
Fixes#3706
Signed-off-by: Gil Pitney <gil.pitney@linaro.org>
This commit contains several fixes for DTLS implementation, proposed in
a post-merge review of #9338.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add system calls for the zsock implementations of socket,
close, bind, connect, listen, accept, sendto, recvfrom,
fcntl, poll, inet_pton, and getaddrinfo.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Make TLS poll function verify if decrypted data is available after
socket has notified activity with POLLIN flag. This prevents from giving
false notifications in case data was received on socket but was consumed
by mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only socket option to set role for DTLS connection. This
option is irrelevant for TLS connections.
This options accepts and integer with a TLS role, compatible with
mbedTLS values:
0 - client,
1 - server.
By default, DTLS will assume client role.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write only TLS secure option to set peer verification level for
TLS connection.
This option accepts an integer with a peer verification
level, compatible with mbedtls values (0 - none, 1 - optional, 2 -
required.
By default, socket mimics mebdTLS behavior - (none for server, required
for client).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to read a ciphersuite chosen during TLS
handshake. Might be useful during development.
This is a read-only option that returns an integer containing an
IANA assigned ciphersuite identifier of chosen ciphersuite.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option that enables to narrow list of ciphersuites
available for TLS connection.
This option accepts an array of integers with IANA assigned ciphersuite
identifiers and returns such.
By default, every statically configured ciphersuite is available for a
socket and getsockopt returns an array of these.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add write-only TLS secure socket option to set hostname.
This option accepts a string containing the hostname. May be NULL, to
disable hostname verification.
By default, an empty string is set as a hostname for TLS clients,
to enforce hostname verification in mbedTLS.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add TLS secure socket option to select TLS credentials to use.
This option accepts and returns an array of sec_tag_t that indicate
which TLS credentials should be used with specific socket.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add switch to a socket layer that will enable switching socket API to
TLS secure sockets. At this point there is no secure sockets
implementation, so secure socket calls redirect to regular socket calls.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Add freeaddrinfo() to complement getaddrinfo().
Existing applications using getaddrinfo() will usually free
allocated memory using freeaddrinfo(). Even if nothing is allocated
the function should exist to avoid having to change the application
when porting.
Signed-off-by: Stig Bjørlykke <stig.bjorlykke@nordicsemi.no>
Add support for MSG_PEEK flag in recv and recvfrom.
This flag is needed when using non-zephyr embedded applications with
Zephyr's socket API.
Signed-off-by: Stig Bjørlykke <stig.bjorlykke@nordicsemi.no>
Add support for MSG_DONTWAIT flag in recv and recvfrom.
This flag is needed when using non-zephyr embedded applications with
Zephyr's socket API.
Signed-off-by: Stig Bjørlykke <stig.bjorlykke@nordicsemi.no>
Previously, POSIX function names were aliased to zsock_ function
names using, for example:
#define connect zsock_connect
This caused the C preprocessor to replace any symbol named 'connect',
whether a function or not, in all source code which included socket.h,
with 'zsock_connect'. This generated unintended code where the symbol
'connect' was used as the name of a structure field (as in mqtt.h).
This new inline definition is applied to all the POSIX function symbols,
with the exception of fcntl, a redefinition of which would conflict
with the definiton in the toolchain's fcntl.h.
Fixes#5817
Signed-off-by: Gil Pitney <gil.pitney@linaro.org>
sendto() and recvfrom() are often used with datagram socket.
sendto() is based on net_context_sendto() and recvfrom() is based on
zsock_recv() with parsing source address from the packet header.
Signed-off-by: Aska Wu <aska.wu@linaro.org>
Includes updates to Zephyr networking API feature list (also minor
tweaks to it not dorectly related to sockets), overview of BSD
Sockets compatible API, and basic API reference section.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
poll() allows to (efficiently) wait for available data on sockets,
and is essential operation for working with non-blocking sockets.
This is initial, very basic implementation, effectively supporting
just POLLIN operation. (POLLOUT implementation is dummy - it's
assumed that socket is always writable, as there's currently no
reasonable way to test that.)
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
With CONFIG_NET_SOCKETS_POSIX_NAMES=y, "raw" POSIX names like
socket(), recv(), close() will be exposed (using macro defines).
The close() is the biggest culprit here, because in POSIX it
applies to any file descriptor, but in this implementation -
only to sockets.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This adds Kconfig and build infrastructure and implements
zsock_socket() and zsock_close() functions.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
