Use only one entropy/ctr_drbg context for all altcp_tls_config structure allocated.
(Small adjustments before committing: fix coding style, adapt to changes in master)
(cherry picked from commit b298afabdc)
The ssl context is not used on listening pcbs. This includes freeing
input/output buffers, so saves ~32KByte by default.
(cherry picked from commit 282389a332)
This is the default way for mbedTLS. Add entropy sources via defines (see
mbedtls_entropy_init).
This removes the use of ALTCP_MBEDTLS_RNG_FN
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
(cherry picked from commit 153c295b6f)
The only difference should be:
- LWIP_DEBUG enabled -> print a diag message
- LWIP_DEBUG disabled -> NO diag message is printed
(cherry picked from commit e479bd56df)
This adds support for RFC4075 SNTP server configuration via DHCPv6.
The DHCPv6 options transmitted are now conditional on how LwIP is
configured.
A new SNTP application option SNTP_GET_SERVERS_FROM_DHCPV6 is used
to enable. For simplicity this is configured to use the global
LWIP_DHCP6_GET_NTP_SRV configuration setting.
Tests:
- Check the global options now control the DHCPv6 request sent
in Wireshark
- Check against 0, 1 and 3 SNTP servers configured on an odhcpd
server configured to support RFC 4075 SNTP server lists.
Verify that the SNTP server list is updated on connection
establishment on an ESP8266 WeMOS D1.
- Verify that SNTP packets are sent and recieved from a
configured server and that system time is updated.
Signed-off-by: David J. Fiddes <D.J@fiddes.net>
(cherry picked from commit 8f2f43f093)
- client->msg_idx can be > MQTT_VAR_HEADER_BUFFER_LEN in long message splitted in multiple pbufs
- renamed fixed_hdr_idx to fixed_hdr_len because it is length of fixed header in rx_buffer, not an index to it
- removed the cpy_start as data always copied right after the fixed header
(cherry picked from commit 2cc420e434)
by replacing strnlen with strlen. It's a user-supplied string, so we can assume it is correctly \0 terminated (as done several times elsewhere in the code)
(cherry picked from commit aa83bdf490)
This reverts commit ebb0dc14a7.
It changes the behaviour to assert for applications running good so far.
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
pppos_input() is safe to call from outside tcpip_thread when
PPP_INPROC_IRQ_SAFE == 1, so only check if PPP_INPROC_IRQ_SAFE == 0
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
This reverts commit 1570dd8ad1.
Buffering pcb->local_port is needed because TCP_PCB_REMOVE_ACTIVE()
sets it to 0 via tcp_pcb_remove() (comment: "reset the local port
to prevent the pcb from being 'bound'").
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
Reverts a regression introduced in
3a8af612b3:
Use hardware address fetched from neighbor cache *not* the hardware
address of the interface as destination address.
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
See bug #54655:
"MQTT brokers such as Google Cloud IoT Core requires MQTT clients
to send JSON Web Token (JWT) as password field of the MQTT Connect
packet. JWT can be more than 255 bytes.
Currently, the MQTT library restricts password to be less than 256
bytes, thus it prevents connectivity to Google Cloud IoT Core."
Fix that by just converting the local variables for these from u8_t
to u16_t.
Suggested-by: Richmond Umagat <richmond.umagat@brtchip.com>
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
TLS clients that need 2-way authentication (e.g. Amazon AWS IoT cloud mqtt)
need to pass a certificate and private key when creating the tls altcp_pcb.
Added a new function altcp_tls_create_config_client_2wayauth() for this that
replaces altcp_tls_create_config_client() for such clients.
See bug #54601.
not needed any more since commit b0344518e8
"sockets.c: Don't rely on #defines in socket.h to be in sync with ip.h
Map SO_* to SOF_* #defines"
Reported by Joan Lledó on mailinglist 6.Sep.2018
magic_init() is first time called from ppp_init(), which is called from
lwip_init(). If system has no RTC, sys_jiffies() returns same value in
this moment after every power-up or system reset. This value used in LCP
magic number generation after ppp_connect(), which leads to same magic
number after every restart. Subsequent magic_randomize() calls takes
place in ppp_input(), after magic number generation.
Call magic_randomize() somewhere near start of ppp_connect() (and
ppp_listen()) as it might be called later at a random time.
Signed-off-by: Sylvain Rochet <gradator@gradator.net>
When the network is changed, dhcp is rebooted.
It will send a dhcp request again to verify it's lease.
DHCP requests are send out in selecting state, rebinding, renewing
and rebooting. But in the rebooting state the hostname option is
not included. This means that after reboot, the hostname will be
unknown to the DNS.
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
This fixes an issue seen on MacOS with Clang 9.0.0:
../../../../lwip/src/core/ipv4/etharp.c:1069:142: error: format specifies type 'unsigned short' but the argument has type 'netif_addr_idx_t'
(aka 'unsigned char') [-Werror,-Wformat]
LWIP_DEBUGF(ETHARP_DEBUG | LWIP_DBG_TRACE, ("etharp_query: dropped previously queued packet %p for ARP entry %"U16_F"\n", (void *)q, i));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
../../../../lwip/src/core/ipv4/etharp.c:1074:120: error: format specifies type 'unsigned short' but the argument has type 'netif_addr_idx_t'
(aka 'unsigned char') [-Werror,-Wformat]
LWIP_DEBUGF(ETHARP_DEBUG | LWIP_DBG_TRACE, ("etharp_query: queued packet %p on ARP entry %"U16_F"\n", (void *)q, i));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
By default, netif_addr_idx_t is u8_t, so cast up to u16_t to match the format type
