Refactor the IP tunneling support as the input callback was removed
in previous commit. The data will flow through the recv callback now
as expected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The input callback was an unfortunate idea which just complicated
how the packet flows through virtual interfaces so removing it.
The data is passed normally through the recv callback from now on.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The function needs to loop through the virtual interfaces
tied to this physical interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Channel is mandatory for AP mode. It is processed only
if its less than or equal to three characters. Otherwise
we need to throw error for channel in AP mode.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
This functionality is useful on the following scenario:
1) The first buffer in a net_pkt contains user data which is relevant
for the (whole) net_pkt.
2) When inserting a new buffer in front of the net_pkt, the (previously)
first buffer (and its user data) are no longer accessible via
net_pkt->buffer.
3) net_buf_user_data_copy() allows to simply copy the user data from the
old to the new first buffer.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
If the network interface does not enable IPv4, then it is pointless
to print DHCPv4 information when invoking "iface" shell command.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The final ACK check during passive close was wrong - we should not
compare its SEQ number with the ACK number we've sent last, but rather
compare the ACK number it acknowledges matches our current SEQ number on
the connection. This ensures, that the ACK received is really
acknowledging the FIN packet we've sent from our side, and is not just
some earlier retransmission. Currently the latter could be the case, and
we've closed the connection prematurely. In result, when the real "final
ACK" arrived, the TCP stack replied with RST.
Subsequently, we should increment the SEQ number on the connection after
sending FIN packet, so that we are able to identify final ACK correctly,
just as it's done in active close cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Dwell time Active or Passive is optional in wifi scan.
If user don't set the Dwell time value, it will be set
as 0. We are adding a range check in scan extensions
for dwell time. So need to set default values.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
Add an error log if there's a failure when attempting to load
certificates during socket connect.
Signed-off-by: Noah Pendleton <noah.pendleton@gmail.com>
Current implementation of mDNS responder does makes it mandatory to have
all the records set at compile time. It is not suited well for applications
that have to publish/unpublish or change records in runtime, e.g. data
received from the network.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
Zephyr's DHCPv4 server does not implement persistent storage of address
leases. In result, all leases are lost on reboot, which can cause
delays with clients starting in INIT-REBOOT state and thus sending
(potentially several) Requests before attempting full Discover-Request
procedure.
Add option to override RFC defined behavior, which states that if we
don't recognize the client sending the Request, the server shall remain
silent. Enabling that option allows the server to send NAK reply in case
client is not recognized, informing the client it should proceed with
full procedure.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
RFC6842 updated RFC2131 in terms of including client ID option in
responses sent from the server. According to that RFC, the server MUST
include the client ID option in Offer/Ack/Nak replies, if it was
provided by the client.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case ACK from the server was lost, we'd not reply Request
retransmissions, as the lease state is already in allocated state on the
server side. Therefore we also need to allow to reply with ACK in such
case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
5 seconds turned out to be too short timeout in case retransmissions
kicked in at DHCP level, hence increase the timeout.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Debugging IPv6 Neighbor Discovery issues requires to enable full IPv6
logs, which can get bloated given it provides logs for every single
packet. We should be able to focus on IPv6 ND logs only, hence introduce
a separate log module for IPv6 ND.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The function inteval_timeout() was missing "r", the function
should be called interval_timeout()
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
IGMP queries sent out by a proxy querier can have
a source IP address 0.0.0.0
Allow these incoming packets.
Fixes#69917
Signed-off-by: Savin Weeraratne <savin.weeraratne@audinate.com>
When we receive Router Advertisement with life time,
we will add this as default router, like typing command "net iface"
and has show below
IPv6 default router :
fe80:xxxx::xxxx
When this default router is backend A and
we ping backend B with link local address,
we will use default router A and send echo request
to backend A instead of B, which will receive Redirect and no reply.
Fix it by link local address does not check route.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
Debug logs in helper functions like tcp_unsent_len() or
tcp_window_full() are not very helpful and generate a heavy, unnecessary
log output. Therefore, tcp_unsent_len() will no longer generate log, and
tcp_window_full() will print out a log only when the window is actually
full, which could be an useful information.
Also, reduce the log load during TX, as currently redundant logs were
printed in tcp_out_ext(), tcp_send_process_no_lock() and finally in
tcp_send().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If send the igmp packet when lower interface is down, the packet will be
freed twice and show error log. Remove the net_pkt_unref in igmp_send(),
and let the caller free it.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Zperf upload multicast always use default interface.
Zperf download multicast cannot receive packets from other than
224.0.0.1 which is default multicast group.
Add zperf upload/download option -I <interface name> for multicast.
So that user can select interface for multicast.
Add join multicast group for zperf download.
Use the "device list" command to get the interface name as
follows:
"- ua (READY)" #uAP interface name
"- ml (READY)" #STA interface name
Multicast traffic commands:
zperf udp upload -a -I ua 224.0.0.2 5001 10 1470 1M
zperf udp download -I ua 5001 224.0.0.3
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
In order to reduce dns resolve requests when using the dns
resolver an optional cache was introduced. This cache
retains query requests for the TTL duration and therefore
prevents premature refetching of DNS RRs.
Signed-off-by: Carlo Kirchmeier <carlo.kirchmeier@zuehlke.com>
Implement the ALPN Support for Mqtt Library allow mqtt to have
ability to utilize ALPN for connect to server that support ALPN, such
as AWS IoT Core
Signed-off-by: sukrit buddeewong <sukrit.omu@gmail.com>
This commit applies the issues detected in UDP to recv_raw() as
well. Please refer to the previous commit log for details.
Signed-off-by: Takuya Sasaki <takuya.sasaki@spacecubics.com>
When receiving a UDP packet, net_conn_input() searches for a
matching connection within `conn_used`.
However, when receiving UDP packets simultaneously from multiple
clients, we may encounter a situation where the connection that was
supposed to be bound cannot be found within `conn_used`, and raise
the ICMP error.
This is because, within recv_udp(), to avoid the failure of
bind_default(), we temporarily remove it from `conn_used` using
net_conn_unregister().
If the context already has a connection handler, it means it's
already registered. In that case, all we have to do is 1) update
the callback registered in the net_context and 2) update the
user_data and remote address and port using net_conn_update().
Fixes#70020
Signed-off-by: Takuya Sasaki <takuya.sasaki@spacecubics.com>
This commit adds the new internal function for update the callback,
user data, remote address, and port for a registered connection
handle.
Signed-off-by: Takuya Sasaki <takuya.sasaki@spacecubics.com>
This commit adds the new static function for change the remote
address and port to connection, and replaces the changing process
for remote address and port in net_conn_register().
Signed-off-by: Takuya Sasaki <takuya.sasaki@spacecubics.com>
The net_conn_change_callback() is not currently being called by
anyone, so this commit moves to static function, and replaces
the change callback parameter process in net_conn_register().
Signed-off-by: Takuya Sasaki <takuya.sasaki@spacecubics.com>
The mutex was removed in tcp_recv() where it doesn't seem
to be needed anymore as tcp_conn_search() got
tcp_mutex. In the other areas the tcp_mutex was
narrowed down to protect only the list.
Signed-off-by: Daniel Nejezchleb <dnejezchleb@hwg.cz>
During stress test with WiFi connect, disconnect, ping and throughput
traffic, ARP table updating failed issue may occur.
In arp_prepare(), if packet allocate failed, should add the arp
entry back to arp_free_entries, to avoid this entry is leak forever.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
For command zperf udp download 5001 192.168.10.1,
zperf will bind both ipv4 and ipv6 sockets on ipv4 address.
But bind ipv6 socket will fail, thus command return fail.
Fix it by check ip address when zperf download.
For ipv4 address only bind ipv4 socket.
For ipv6 address only bind ipv6 socket.
For unspecific address bind both ipv4 and ipv6 sockets.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
On some content-types, it might be impossible to
send strings with size of zero.
Therefore empty URI should also allow cases
where strlen() is zero.
Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
With recently introduced DNS retransmission mechanism, a certain bug
could occur when calculating query timeout.
If the time until the final DNS timeout (as indicated by
CONFIG_NET_SOCKETS_DNS_TIMEOUT) was less than 1 millisecond, the actual
millisecond timeout value was rounded down, resulting in 0 ms timeout.
This in order was interpreted as invalid argument by dns_get_addr_info()
function, so in result, instead of reporting query timeout, the function
reported invalid argument error.
Fix this by rounding the millisecond timeout up, instead of down, so
that in any case, if the final timeout is not due, we always provide
non-zero timeout to dns_get_addr_info().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Rework TELNET shell backend to use socket API for communication and
socket service library for socket monitoring.
Additionally, rework the TX part so that non-blocking TX is used when
sending from the system work queue. In case transfer is not possible at
the moment, the TX work is rescheduled instead of blocking the system
work queue.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Socket service pollfd count should not exceed the configured
NET_SOCKETS_POLL_MAX limit, as poll() will not be able to monitor
sockets beyond that limit anyway. Adding +1 there prevented the library
from catching the configuration error.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When we receive the subnet mask option from the server, we
cannot yet set the netmask to the network interface as the
mask is tied to the IP address we received from the server.
We need to delay the setting of netmask until we have added
the requested IP address to the interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In case the LL address is not set on a packet for any reason, don't try
to access address structure to determine packet type.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case the same callback handler is added to the list twice, this can
result in a loop.
Fixes: #69825.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
In iperf2, for multicast data, if it is a client, it will not wait for
the server's AckFIN packet. Because the iperf2 server will not send an
AckFIN packet.
So in zperf_upload_fin(), an error will occur when the zperf client
waits for the server's AckFIN packet.
Multicast only send the negative sequence number packet and doesn't
wait for a server ack can fix this issue.
Signed-off-by: Gang Li <gang.li_1@nxp.com>
The count stack variable is also used when CONFIG_NET_L2_ETHERNET_MGMT is
enabled. Make sure it is available.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
If getaddrinfo() is called with a long DNS timeout, then split
the timeout to smaller pieces with exponential backoff. Reason
for this is that if a DNS query is lost, then we do not need
to wait for a long time to find it out.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
DTLS socket should be able to combine more than one message into a
single datagram when calling sendmsg().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The original packet's link-layer destination and source address can be
stored in separately allocated memory. This allocated memory can be
placed just after pkt data buffers.
In case when `net_pkt_find_offset()` uses condition:
`if (buf->data <= ptr && ptr <= (buf->data + buf->len)) {`
the offset is set outside the packet's buffer and the function returns
incorrect offset instead of error code.
Finally the offset is used to set ll address in cloned packet, and
this can have unexpected behavior (e.g. crash when cursor will be set
to empty memory).
Signed-off-by: Marcin Gasiorek <marcin.gasiorek@nordicsemi.no>
In certain scenarios, it may be necessary to get values of additional
options from the application layer. With this patch, this can be
accomplished by registering a callback with the DHCP client.
This change has been tested using the posix build in qemu.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
Nearly all other code places for k_thread_entry_t also keep
unused params in place to stay compatible with k_thread_entry_t.
Signed-off-by: Florian La Roche <Florian.LaRoche@gmail.com>
Fixes two bugs:
* When a notify is executed before any observers are added, the age is
incremented from 0 to 1. When an observer is registered, the age is not 0
as expected, causing the age to be 1 instead of the expected 2
* The check if a message is newer than the last received one is described
in RFC7641, section 3.4. Simply incrementing age will not comply to what
the RFC describes once the value wraps around. This is now fixed
Signed-off-by: Sibert Declercq <sibert.declercq@basalte.be>
Convert various networking subsystem files to use ARRAY_FOR_EACH
macro to make the looping more robust.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Convert various array loops in the net_if.c to use the
ARRAY_FOR_EACH() macro. This makes the code more robust
as we do not need to keep track of the separate define
that tells the array size.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This commit deprecates these legacy netmask get/set routines
net_if_ipv4_set_netmask()
net_if_ipv4_set_netmask_by_index()
net_if_ipv4_get_netmask()
as they do not work well if there are multiple IPv4 address
assigned to the network interface.
User should use these functions instead
net_if_ipv4_set_netmask_by_addr()
net_if_ipv4_set_netmask_by_addr_by_index()
net_if_ipv4_get_netmask_by_addr()
as they make sure the netmask it bound to correct IPv4 address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The netmask should be tied to the IPv4 address instead of being
global for the network interface.
If there is only one IPv4 address specified to the network interface,
nothing changes from user point of view. But if there are more than
one IPv4 address / network interface, the netmask must be specified
to each address separately.
This means that net_if_ipv4_get_netmask() and net_if_ipv4_set_netmask()
functions should not be used as they only work reliably if there is
only one IPv4 address in the network interface.
The new net_if_ipv4_get_netmask_by_addr() and
net_if_ipv4_set_netmask_by_addr() functions should be used as they make
sure that the netmask is tied to correct IPv4 address in the network
interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Set a thread name for net conn_mgr, so that e.g. thread listings
within the shell are easier to look at.
Signed-off-by: Florian La Roche <Florian.LaRoche@gmail.com>
This is not used by anyone, and is unlikely to be useful actually.
Helps to save 4 bytes for each instance of struct net_nbr also (removing
a 2 bytes attributes, which was anyway generating a 4bytes loss due to
structure misalignment).
Removing relevant useless functions related to it as well.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As noted in net_if.c:net_if_ipv6_addr_add() IPv6 ND needs MLD.
It is not selected during test, as the combination of ND without DAD/MLD
breaks (something to study/fix further it seems).
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Net MGMT uses layer identifiers that are meaningful only for itself, but
for users it requires a trivial operation to show the real layer value.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Net MGMT mask should be fully configured first, prior to be used to
initialize and add the callback.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As for adding an ipv6 address, removing one should return the same error
code when the network interface is not found.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
It's an optional support, and it should not select it by default.
Improving information message in case such support is disabled.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
The zperf received or sent bytes length and duration are in 32bits,
if running long-duration zperf test more than 20min, the value will
overflow, and the test result is wrong. Change it to 64bits can fix
this issue.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
When the zperf command is called with '-S' option which means IP_TOS
for IPv4 and IPV6_TCLASS for IPv6, an error is printed and the
setting does not work. The socket option handling was changed by
commit 77e522a5a243('net: context: Refactor option setters'), but the
callers of option setters were not changed. This causes the IP_TOS
or IPV6_TCLASS option failed to set. The fix is to use uint8_t to
store the value of the -S option.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Allow the use of the NTP server address, set by
dhcpv4 option, by the net_init_clock_via_sntp function.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
It was an overlook to return 0 on TLS send() call, after detecting that
TLS session has been closed by peer, such a behavior is only valid for
recv(). Instead, an error should be returned.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Return error to the caller if no data was received or there
was some other error. Earlier we did not check the error
condition properly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This makes it possible to set the minimum IPv6 packet size that
can be sent without fragmentation. The default value is 1280 bytes.
This commit allows user to set the IPv6 MTU value within reasonable
limits [1280, 1500].
Fixes#61587
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We select sockets service API in Kconfig but should select also
sockets API so that user does not need to set the sockets API separately.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "net sockets" command did not print network management
socket information properly but claimed that the socket
was IPv4 one which it is not.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The net_mgmt socket does not support poll() or fcntl(), so
return EOPNOTSUPP error if user tries to use those functions
for AF_NET_MGMT type socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Check the value of net_dhcpv4_add_option_callback()
and net_dhcpv4_remove_option_callback() explicitly.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
This ensures that the configured link address is
at least as big as the part of it that is used.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
This commit extends Zephyr's networking API to allow higher layers to
report on neighbor reachability.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
Apply ranges to DHCPv4 server timeout Kconfig options, so that it cannot
be set to a negative value by mistake.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case conflict is detected (either due to receiving Decline message or
due to ICMP probe getting reply), the conflicting address becomes
blocked for further use.
Although the RFC is not specific about how long should the address be
blocked, it make sense to implement some fallback mechanisms to reuse
blocked addresses in the server, otherwise, after longer period of
operation, it may run out of usable address.
This commit adds a timeout for declined addresses, so that by default
the address is marked back as "free" after 24 hrs (default lease time).
It also implements a mechanism, which allows to re-use the oldest
declined entry in case the server runs out of fresh addresses to assign.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Since PR, PR_SHELL, PR_ERROR, PR_INFO, and PR_WARNING already have
an embedded `sh` NULL check, we can remove the change from PR #68809.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
It is possible that the `sh` was not set before use.
This change adds a NULL check for `sh` in the following macros:
PR, PR_SHELL, PR_ERROR, PR_INFO, and PR_WARNING.
In case `sh` is NULL, the above macros will call `printk` instead.
Fixes#68793
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Add traffic class priority custom option to customize traffic class
priority base for throughput performace.
Wi-Fi traffic performance depends on cooperation between net threads
and Wi-Fi driver threads. So we want traffic class threads priority
to be more flexible to fit more vendors.
Eg: when traffic class tx thread priority is higher than driver tx
thread, it will consume much more cpu time and send packets until driver
queue full.
When traffic class tx thread priority is lower than driver tx thread,
it will become serial transmition, also affecting throughput.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
This change reduces the memory footprint by changing the data type of
`valid_5g_chans_20mhz` from `uint16_t` to `uint8_t`.
Additionally, since the maximum channel number for 5GHz Wi-Fi is 177,
it can fit within the `uint8_t` range.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Add a command `net ipv4 gateway` that allows
setting IPv4 gateway for an interface from net shell.
Signed-off-by: Mateusz Karlic <mkarlic@antmicro.com>
Add CONFIG_NET_SOCKETS_DTLS_MAX_FRAGMENT_LENGTH for limiting
the Maximum Fragment Length (MFL) for DTLS with Mbed TLS.
This is needed when MBEDTLS_SSL_OUT_CONTENT_LEN and
MBEDTLS_SSL_IN_CONTENT_LEN are set to larger values than the MTU
of the network and IP fragmentation is not supported.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
This flag indicates that only passive transmissions are allowed in that
channel for that regulatory domain.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
