Use only one entropy/ctr_drbg context for all altcp_tls_config structure allocated.
(Small adjustments before committing: fix coding style, adapt to changes in master)
(cherry picked from commit b298afabdc)
The ssl context is not used on listening pcbs. This includes freeing
input/output buffers, so saves ~32KByte by default.
(cherry picked from commit 282389a332)
This is the default way for mbedTLS. Add entropy sources via defines (see
mbedtls_entropy_init).
This removes the use of ALTCP_MBEDTLS_RNG_FN
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
(cherry picked from commit 153c295b6f)
This adds support for RFC4075 SNTP server configuration via DHCPv6.
The DHCPv6 options transmitted are now conditional on how LwIP is
configured.
A new SNTP application option SNTP_GET_SERVERS_FROM_DHCPV6 is used
to enable. For simplicity this is configured to use the global
LWIP_DHCP6_GET_NTP_SRV configuration setting.
Tests:
- Check the global options now control the DHCPv6 request sent
in Wireshark
- Check against 0, 1 and 3 SNTP servers configured on an odhcpd
server configured to support RFC 4075 SNTP server lists.
Verify that the SNTP server list is updated on connection
establishment on an ESP8266 WeMOS D1.
- Verify that SNTP packets are sent and recieved from a
configured server and that system time is updated.
Signed-off-by: David J. Fiddes <D.J@fiddes.net>
(cherry picked from commit 8f2f43f093)
- client->msg_idx can be > MQTT_VAR_HEADER_BUFFER_LEN in long message splitted in multiple pbufs
- renamed fixed_hdr_idx to fixed_hdr_len because it is length of fixed header in rx_buffer, not an index to it
- removed the cpy_start as data always copied right after the fixed header
(cherry picked from commit 2cc420e434)
by replacing strnlen with strlen. It's a user-supplied string, so we can assume it is correctly \0 terminated (as done several times elsewhere in the code)
(cherry picked from commit aa83bdf490)
See bug #54655:
"MQTT brokers such as Google Cloud IoT Core requires MQTT clients
to send JSON Web Token (JWT) as password field of the MQTT Connect
packet. JWT can be more than 255 bytes.
Currently, the MQTT library restricts password to be less than 256
bytes, thus it prevents connectivity to Google Cloud IoT Core."
Fix that by just converting the local variables for these from u8_t
to u16_t.
Suggested-by: Richmond Umagat <richmond.umagat@brtchip.com>
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
TLS clients that need 2-way authentication (e.g. Amazon AWS IoT cloud mqtt)
need to pass a certificate and private key when creating the tls altcp_pcb.
Added a new function altcp_tls_create_config_client_2wayauth() for this that
replaces altcp_tls_create_config_client() for such clients.
See bug #54601.
e.g. if the calling stack should not invoke the mdns functions due
to high stack usage, disable the option and trigger it yourself.
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
Also remove additonal (cname == '\0' || cname == '.') check because
it's covered by !lwip_isupper(cname) test.
Signed-off-by: Axel Lin <axel.lin@ingics.com>