TLS_CREDENTIAL_SERVER_CERTIFICATE credential type is misleading, as in
fact it just represents a public certificate, it does not matter if the
certificate belongs to a server or a client. And actually, it was
already used in-tree for clients as well, for example in LwM2M.
Therefore rename the credential type to a more generic
TLS_CREDENTIAL_PUBLIC_CERTIFICATE and deprecate the old one.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The connectivity monitoring subfeature of conn_mgr is currently also
named conn_mgr, which is confusing.
This commit renames it to conn_mgr_monitor, or conn_mgr_mon for short,
for clarity.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
All application level TLS operations should be guarded with
"#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)" and not mbed TLS configs
only. Otherwise, in case mbed TLS is enabled, but the sample is not
configured to use TLS (hence TLS credential library is not available
for example), the build may fail or produce spurious warnings.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
conn_mgr now allows applications to request that ifaces be ignored.
This commit changes the echo_server sample to use this feature to
filter out the tunnel iface, instead of manually filtering events
generated by it.
This will allow the echo_server sample to remain compatible with
planned changes to conn_mgr, namely a switch from events being
fired for every individual iface that goes up or down, to only
being fired when connectivity is gained or completely lost.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Since conn_mgr is a subsystem rather than a library, relocate it
directly into subsys/net rather than subsys/net/lib/
Rename header files to better match their function.
Remove net_ prefix from conn_mgr types, API, and files, since it is
unnecessary.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
MISRA Rule 5.7 requires uniqueness of tag identifiers. Shell is
frequently problematic because many code uses `const struct shell
*shell`. This causes CI noise every time one of these shell files is
edited, so let's update all of them with `const struct shell *sh`
instead.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
As both C and C++ standards require applications running under an OS to
return 'int', adapt that for Zephyr to align with those standard. This also
eliminates errors when building with clang when not using -ffreestanding,
and reduces the need for compiler flags to silence warnings for both clang
and gcc.
Most of these changes were automated using coccinelle with the following
script:
@@
@@
- void
+ int
main(...) {
...
- return;
+ return 0;
...
}
Approximately 40 files had to be edited by hand as coccinelle was unable to
fix them.
Signed-off-by: Keith Packard <keithp@keithp.com>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
In order to bring consistency in-tree, migrate all samples to the use
the new prefix <zephyr/...>. Note that the conversion has been scripted:
```python
from pathlib import Path
import re
EXTENSIONS = ("c", "h", "cpp", "rst")
for p in Path(".").glob("samples/**/*"):
if not p.is_file() or p.suffix and p.suffix[1:] not in EXTENSIONS:
continue
content = ""
with open(p) as f:
for line in f:
m = re.match(r"^(.*)#include <(.*)>(.*)$", line)
if (m and
not m.group(2).startswith("zephyr/") and
(Path(".") / "include" / "zephyr" / m.group(2)).exists()):
content += (
m.group(1) +
"#include <zephyr/" + m.group(2) +">" +
m.group(3) + "\n"
)
else:
content += line
with open(p, "w") as f:
f.write(content)
```
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
This changes k_mem_domain_init() to return error values
instead of asserting when errors are encountered.
This gives applications a chance to recover if needed.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This commit allows let build echo_server sample with
overlay-netusb.conf.
USB subsystem must be enabled by the application.
Signed-off-by: Stephan Linz <linz@li-pro.net>
Currently there is no way to distinguish between a caller
explicitly asking for a semaphore with a limit that
happens to be `UINT_MAX` and a semaphore that just
has a limit "as large as possible".
Add `K_SEM_MAX_LIMIT`, currently defined to `UINT_MAX`, and akin
to `K_FOREVER` versus just passing some very large wait time.
In addition, the `k_sem_*` APIs were type-confused, where
the internal data structure was `uint32_t`, but the APIs took
and returned `unsigned int`. This changes the underlying data
structure to also use `unsigned int`, as changing the APIs
would be a (potentially) breaking change.
These changes are backwards-compatible, but it is strongly suggested
to take a quick scan for `k_sem_init` and `K_SEM_DEFINE` calls with
`UINT_MAX` (or `UINT32_MAX`) and replace them with `K_SEM_MAX_LIMIT`
where appropriate.
Signed-off-by: James Harris <james.harris@intel.com>
No use starting the application if the network interface is down.
So start to listen connection management events and start the
TCP and UDP handlers only after network is up and ready.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Current sample certs and keys are not signed. Adding
signed certificates and keys. CA file also added.
This helps users to test with different kind of
configurations.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Add "sample quit" shell command which can be used to stop the
sample application and allows the generation of coverage report.
Fixes#21099
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
PSK support is added to echo-client.c and echo-server.c.
If enabled, a header is included which contains the PSK.
If the default dummy PSK header is used, a warning is issued.
The header can be changed via Kconfig.
Signed-off-by: Torstein Grindvik <torstein.grindvik@nordicsemi.no>
Use generic logging macros LOG_*() instead of NET_*() as the
latter are mostly meant for internal networking stack use.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Remove network specific default and max log level setting
and start to use the zephyr logging values for those.
Remove LOG_MODULE_REGISTER() from net_core.h and place the
calls into .c files. This is done in order to avoid weird
compiler errors in some cases and to make the code look similar
as other subsystems.
Fixes#11343Fixes#11659
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If user enables VLAN support, then the sample application will
create two extra VLAN network interfaces for testing purposes.
The application can be compiled like this for VLAN support:
cmake -DBOARD=qemu_x86 -DOVERLAY_CONFIG=overlay-vlan.conf ..
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit adds TLS support to socket echo_client/echo_server samples.
Credentials used are the same as in the non-socket versions of these
samples, therefore they can be easily tested with net-tools utils.
Maximum payload size for the client was sligtly reduced to fit the
encrypted data within 1280 bytes.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
