Changing remaining users of fcntl.h to use the include from our own
POSIX file so that the values in there are consistent in all parts
of the sources.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Use only Zephyr specific POSIX header files so that the whole
system is getting values from the same files. There was an issue with
native_sim run of tests/net/socket/af_packet which had O_BLOCKING set
to 0x4000 from include/zephyr/posix/fcntl.h, but then the file
subsys/net/lib/socket/sockets.c was having O_BLOCKING set to 0x0800
because different header files were used.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Have special wrappers for zsock_fcntl and zsock_ioctl functions
so that gcc warning can be avoided.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The CONFIG_NET_SOCKETS_POSIX_NAMES option is marked as deprecated in
favor of using normal POSIX socket API includes found under the
include/zephyr/posix directory. If you want to use BSD socket API calls,
you need to select POSIX_API and use the socket headers found in the
POSIX subsystem. If you do not want to or cannot enable POSIX_API,
then you must use zsock_ prefix when working with BSD socket calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add an error log if there's a failure when attempting to load
certificates during socket connect.
Signed-off-by: Noah Pendleton <noah.pendleton@gmail.com>
With recently introduced DNS retransmission mechanism, a certain bug
could occur when calculating query timeout.
If the time until the final DNS timeout (as indicated by
CONFIG_NET_SOCKETS_DNS_TIMEOUT) was less than 1 millisecond, the actual
millisecond timeout value was rounded down, resulting in 0 ms timeout.
This in order was interpreted as invalid argument by dns_get_addr_info()
function, so in result, instead of reporting query timeout, the function
reported invalid argument error.
Fix this by rounding the millisecond timeout up, instead of down, so
that in any case, if the final timeout is not due, we always provide
non-zero timeout to dns_get_addr_info().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Rework TELNET shell backend to use socket API for communication and
socket service library for socket monitoring.
Additionally, rework the TX part so that non-blocking TX is used when
sending from the system work queue. In case transfer is not possible at
the moment, the TX work is rescheduled instead of blocking the system
work queue.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Socket service pollfd count should not exceed the configured
NET_SOCKETS_POLL_MAX limit, as poll() will not be able to monitor
sockets beyond that limit anyway. Adding +1 there prevented the library
from catching the configuration error.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case the LL address is not set on a packet for any reason, don't try
to access address structure to determine packet type.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If getaddrinfo() is called with a long DNS timeout, then split
the timeout to smaller pieces with exponential backoff. Reason
for this is that if a DNS query is lost, then we do not need
to wait for a long time to find it out.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
DTLS socket should be able to combine more than one message into a
single datagram when calling sendmsg().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It was an overlook to return 0 on TLS send() call, after detecting that
TLS session has been closed by peer, such a behavior is only valid for
recv(). Instead, an error should be returned.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The net_mgmt socket does not support poll() or fcntl(), so
return EOPNOTSUPP error if user tries to use those functions
for AF_NET_MGMT type socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add CONFIG_NET_SOCKETS_DTLS_MAX_FRAGMENT_LENGTH for limiting
the Maximum Fragment Length (MFL) for DTLS with Mbed TLS.
This is needed when MBEDTLS_SSL_OUT_CONTENT_LEN and
MBEDTLS_SSL_IN_CONTENT_LEN are set to larger values than the MTU
of the network and IP fragmentation is not supported.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
Make sure that socket service is started earlier than
config library. This is enforced in config libs init.c
but set the default value here too.
The reason for this is that the config library might need
to start dhcpv4 server which needs socket service to work,
so the ordering is important here.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the CONFIG_NET_SOCKETS_POLL_MAX is smaller than what is needed
for the socket service API to work properly, then we should not
start the service thread as the service API cannot work and might
cause memory overwrite in ctx.events[] array.
Fixes#69233
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Changed poll to perform incoming data check with connected
DTLS connections. This allows the CONFIG_NET_SOCKETS_DTLS_TIMEOUT
to timeout the connections to server socket if there is no
incoming data.
Previously, if the remote client closed the DTLS connection without
close notify, the timeout of the ongoing connection only happened
when next connection was taken to the server socket. Depending on
the timeouts, this could prevent the next connection from succeeding.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
If recvmsg() does not update control data, then it must
set msg_controllen length to 0 so that the caller can
understand this.
Fixes#68352
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add sockaddr member in struct net_pkt to store peer address if offloaded
network inteface is used. This enables recvfrom() to fill in src_addr if
socket type is UDP and offloaded interface driver supports it.
Signed-off-by: John Johnson <john.filip.johnson@gmail.com>
We cannot always start the service monitor thread statically
because the static threads are started after the application
level. This means that when config library wants to start
dhcpv4 server which uses socket services, there would be a
deadlock. Simplest solution is to start the service thread
directly from socket service init function.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Increase socket services thread default stack size when DHCPv4 server is
enabled, as it uses synchronous processing.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Get TLS_DTLS_CID_STATUS and TLS_DTLS_PEER_CID_VALUE utilize
mbedtls_ssl_get_peer_cid, which expects that mbedtls_ssl_setup
has been done.
Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
User is able to tweak the socket service dispatcher thread
priority in order to get better performance from the system
if needed. By default the dispatcher thread runs in lowest
application thread priority (K_LOWEST_APPLICATION_THREAD_PRIO).
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If user has not supplied address pointer when calling accept(),
then we would not be able to figure out the used socket domain
properly. But as there is now SO_DOMAIN option supported, use
that to get the correct socket domain.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The getsockopt() will return the address domain of the given
socket like AF_INET or AF_INET6.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The socket service provides a similar functionality as what
initd provides in Linux. It listens user registered sockets
for any activity and then launches a k_work for it. This way
each application does not need to create a thread to listen
a blocking socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
According to the POSIX specification, null pointer
is a valid value for the `address` argument
of the `accept` function.
This commit adds a check to prevent a null pointer
dereference inside `z_impl_zsock_accept`.
Signed-off-by: Mirko Covizzi <mirko.covizzi@nordicsemi.no>
DTLS socket is not really connection-less as UDP, as it required the
DTLS handshake to take place before the socket is usable. Therefore,
align the DTLS connect() behavior with regular TLS.
The change is backward compatible. connect() call is still optional for
DTLS socket (the handshake can still take place from send()/recv()) and
a socket option was provided to disable DTLS handshake on connect().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When using DTLS socket, the application may choose to monitor socket
with poll() before handshake has been complete. This could lead to
potential crash (as the TLS context may have been left uninitialized)
and unexpected POLLIN reports (while handshake was still not complete).
This commit fixes the above - POLLIN will only be reported once
handshake is complete and data is available
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case a socket error was caused by TLS layer, it was not reported with
POLLERR. This commit fixes this.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case TLS session is closed at the TLS level (and thus recv() reports
0 to the application) a certain race occurs between consecutive recv()
call, and TCP session teardown. As mbedtls_ssl_read() only reports
session close upon receiving CLOSE alert, consecutive non-blocking
recv() calls would report EAGAIN instead of connection closed, if called
before underlying TCP connection was closed.
Fix this, by storing the information that TLS session has ended at TLS
socket level. The new flag will be checked before attempting further
mbed TLS actions, so that connection status is reported correctly.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Make sure iovec is initialized to a value so that there
is no possibility that it is accessed uninitialized.
Fixes: #66838
Coverity-CID: 334911
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In case a waiting TLS socket reports an error in the underlying poll
call, try to read the actual error from the socket, instead of blindly
returning -EIO in all cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
When a TCP connection is established, if there is no data exchange
between the two parties within the set time, the side that enables
TCP Keep-alive will send a TCP probe packet with the same sequence
number as the previous TCP packet. This TCP probe packet is an empty
ACK packet (the specification recommends that it should not contain
any data, but can also contain 1 nonsense byte, such as 0x00.). If
there is no response from the other side after several consecutive
probe packets are sent, it is determined that the tcp connection has
failed, and the connection is closed.
The keep-alive default parameters are aligned with Linux defaults.
Signed-off-by: Horse Ma <mawei@coltsmart.com>
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Zephyr has its own multicast join/leave API but for
interoperability, it is possible to use the multicast
socket API and IPV6_ADD_MEMBERSHIP and IPV6_DROP_MEMBERSHIP
socket options.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Zephyr has its own multicast join/leave API but for
interoperability, it is possible to use the multicast
socket API and IP_ADD_MEMBERSHIP and IP_DROP_MEMBERSHIP
socket options.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The IPv4 TTL could only manipulated via net_context interface.
It makes sense to allow the same from socket interface via
the setsockopt/getsockopt calls.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add extra checks that make sure that msg_iov is set
as we cannot receive anything if receive buffers are
not set.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we for some reason are supplied unsupported socket type in
recvfrom(), then return ENOTSUP error to the caller instead of
silently accept it by returning 0.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If user has set either IP_PKTINFO (for IPv4) or
IPV6_RECVPKTINFO (for IPv6) socket options, then the system
will return relevant information in recvmsg() ancillary data.
Fixes#36415
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add IP_PKTINFO or IPV6_RECVPKTINFO BSD socket options that
can be used to get extra information of received data in
the ancillary data in recvmsg() call.
For IPV6_RECVPKTINFO see RFC 3542 for details.
For IP_PKTINFO see Linux ip(7) manual page for details.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
