Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
iotivity-lite
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
41
Issues
41
List
Boards
Labels
Service Desk
Milestones
Merge Requests
12
Merge Requests
12
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
IoTivity
iotivity-lite
Commits
bd0b43f6
Commit
bd0b43f6
authored
Jan 21, 2020
by
Kishen Maloor
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'origin/master' into fargo
Signed-off-by:
Kishen Maloor
<
kishen.maloor@intel.com
>
parents
f2d1d940
6d195d34
Pipeline
#157
passed with stage
in 46 seconds
Changes
14
Pipelines
2
Hide whitespace changes
Inline
Side-by-side
Showing
14 changed files
with
320 additions
and
59 deletions
+320
-59
api/oc_buffer.c
api/oc_buffer.c
+8
-1
api/oc_collection.c
api/oc_collection.c
+2
-1
include/oc_api.h
include/oc_api.h
+90
-7
include/oc_buffer.h
include/oc_buffer.h
+2
-1
include/oc_clock_util.h
include/oc_clock_util.h
+3
-1
include/oc_cloud.h
include/oc_cloud.h
+3
-0
include/oc_pki.h
include/oc_pki.h
+155
-4
include/oc_swupdate.h
include/oc_swupdate.h
+3
-1
messaging/coap/coap.c
messaging/coap/coap.c
+12
-14
messaging/coap/engine.c
messaging/coap/engine.c
+15
-9
port/linux/ipadapter.c
port/linux/ipadapter.c
+1
-0
security/oc_pstat.c
security/oc_pstat.c
+1
-1
security/oc_tls.c
security/oc_tls.c
+24
-18
security/oc_tls.h
security/oc_tls.h
+1
-1
No files found.
api/oc_buffer.c
View file @
bd0b43f6
...
...
@@ -144,11 +144,18 @@ oc_send_message(oc_message_t *message)
#ifdef OC_SECURITY
void
oc_close_all_tls_sessions
(
size_t
device
)
oc_close_all_tls_sessions
_for_device
(
size_t
device
)
{
oc_process_post
(
&
message_buffer_handler
,
oc_events
[
TLS_CLOSE_ALL_SESSIONS
],
(
oc_process_data_t
)
device
);
}
void
oc_close_all_tls_sessions
(
void
)
{
oc_process_poll
(
&
(
oc_tls_handler
));
_oc_signal_event_loop
();
}
#endif
/* OC_SECURITY */
OC_PROCESS_THREAD
(
message_buffer_handler
,
ev
,
data
)
...
...
api/oc_collection.c
View file @
bd0b43f6
...
...
@@ -932,7 +932,8 @@ oc_handle_collection_request(oc_method_t method, oc_request_t *request,
}
}
break
;
default:
break
;
ecode
=
oc_status_code
(
OC_STATUS_BAD_REQUEST
);
goto
processed_request
;
}
rep
=
rep
->
next
;
}
...
...
include/oc_api.h
View file @
bd0b43f6
...
...
@@ -149,7 +149,43 @@ typedef struct
#endif
/* OC_CLIENT */
}
oc_handler_t
;
/**
* Callback invoked during oc_init_platform(). The purpose is to add any
* additional platform properties that are not supplied to oc_init_platform()
* function call.
*
* Example:
* ```
* static void set_additional_platform_properties(void *data)
* {
* (void)data;
* // Manufactures Details Link
* oc_set_custom_platform_property(mnml,
* "http://www.example.com/manufacture");
* // Model Number
* oc_set_custom_platform_property(mnmo, "Model No1");
* // Date of Manufacture
* oc_set_custom_platform_property(mndt,"2020/01/17");
* //Serial Number
* oc_set_custom_platform_property(mnsel, "1234567890");
* }
*
* static int app_init(void)
* {
* int ret = oc_init_platform("My Platform",
* set_additional_platform_properties, NULL); ret |= oc_add_device("/oic/d",
* "oic.d.light", "My light", "ocf.1.0.0", "ocf.res.1.0.0", NULL, NULL); return
* ret;
* }
* ```
*
* @param data context pointer that comes from the oc_add_device() function
*
* @see oc_add_device
* @see oc_set_custom_device_property
*/
typedef
void
(
*
oc_init_platform_cb_t
)(
void
*
data
);
/**
* Callback invoked during oc_add_device(). The purpose is to add any additional
* device properties that are not supplied to oc_add_device() function call.
...
...
@@ -171,7 +207,8 @@ typedef void (*oc_init_platform_cb_t)(void *data);
* }
* ```
*
* @param data context pointer that comes from the oc_add_device() function
* @param[in] data context pointer that comes from the oc_init_platform()
* function
*
* @see oc_add_device
* @see oc_set_custom_device_property
...
...
@@ -195,8 +232,8 @@ typedef void (*oc_add_device_cb_t)(void *data);
*
* Not all of the listed functions must be called before calling oc_main_init.
*
* @param handler struct containing pointers callback handler functions
* responsible for controlling the IoTivity-lite application
* @param
[in]
handler struct containing pointers callback handler functions
*
responsible for controlling the IoTivity-lite application
* @return
* - `0` if stack has been initialized successfully
* - a negative number if there is an error in stack initialization
...
...
@@ -221,8 +258,8 @@ void oc_set_factory_presets_cb(oc_factory_presets_cb_t cb, void *data);
/**
* Add an ocf device to the the stack.
*
* This function is typically called
from
as part of the stack initialization
* process inside the `init` callback handler.
* This function is typically called as part of the stack initialization
* process
from
inside the `init` callback handler.
*
* The `oc_add_device` function may be called as many times as needed.
* Each call will add a new device to the stack with its own port address.
...
...
@@ -255,8 +292,9 @@ void oc_set_factory_presets_cb(oc_factory_presets_cb_t cb, void *data);
* @param data_model_version Spec version of the resource and device
* specifications to which this device data model is implemtned. This is the
* "dmv" device property
* @param add_device_cb callback function that will be invoked once device has
* been added
* @param add_device_cb callback function invoked during oc_add_device(). The
* purpose is to add additional device properties that are
* not supplied to oc_add_device() function call.
* @param data context pointer that is passed to the oc_add_device_cb_t
*
* @return
...
...
@@ -269,12 +307,57 @@ int oc_add_device(const char *uri, const char *rt, const char *name,
const
char
*
spec_version
,
const
char
*
data_model_version
,
oc_add_device_cb_t
add_device_cb
,
void
*
data
);
/**
* Set custom device property
*
* The purpose is to add additional device properties that are not supplied to
* oc_add_device() function call. This function will likely only be used inside
* the oc_add_device_cb_t().
*
* @param[in] prop the name of the custom property being added to the device
* @param[in] value the value of the custom property being added to the device
*
* @see oc_add_device_cb_t for example code using this function
* @see oc_add_device
*/
#define oc_set_custom_device_property(prop, value) \
oc_rep_set_text_string(root, prop, value)
/**
* Initialize the platform.
*
* This function is typically called as part of the stack initialization
* process from inside the `init` callback handler.
*
* @param[in] mfg_name the name of the platform manufacture
* @param[in] init_platform_cb callback function invoked during
* oc_init_platform(). The purpose is to add additional device properties that
* are not supplied to oc_init_platform() function call.
* @param data context pointer that is passed to the oc_init_platform_cb_t
*
* @return
* - `0` on success
* - `-1` on failure
*
* @see init
* @see oc_init_platform_cb_t
*/
int
oc_init_platform
(
const
char
*
mfg_name
,
oc_init_platform_cb_t
init_platform_cb
,
void
*
data
);
/**
* Set custom platform property.
*
* The purpose is to add additional platfrom properties that are not supplied to
* oc_init_platform() function call. This function will likely only be used
* inside the oc_init_platform_cb_t().
*
* @param[in] prop the name of the custom property being added to the platform
* @param[in] value the value of the custom property being added to the platform
*
* @see oc_init_platform_cb_t for example code using this function
* @see oc_init_platform
*/
#define oc_set_custom_platform_property(prop, value) \
oc_rep_set_text_string(root, prop, value)
...
...
include/oc_buffer.h
View file @
bd0b43f6
...
...
@@ -42,7 +42,8 @@ void oc_message_unref(oc_message_t *message);
void
oc_recv_message
(
oc_message_t
*
message
);
void
oc_send_message
(
oc_message_t
*
message
);
void
oc_close_all_tls_sessions
(
size_t
device
);
void
oc_close_all_tls_sessions_for_device
(
size_t
device
);
void
oc_close_all_tls_sessions
(
void
);
#ifdef __cplusplus
}
...
...
include/oc_clock_util.h
View file @
bd0b43f6
...
...
@@ -13,7 +13,9 @@
// See the License for the specific language governing permissions and
// limitations under the License.
*/
/**
* @file
*/
#ifndef OC_CLOCK_UTIL_H
#define OC_CLOCK_UTIL_H
...
...
include/oc_cloud.h
View file @
bd0b43f6
...
...
@@ -17,6 +17,9 @@
* language governing permissions and limitations under the License.
*
****************************************************************************/
/**
* @file
*/
#ifndef OC_CLOUD_H
#define OC_CLOUD_H
...
...
include/oc_pki.h
View file @
bd0b43f6
...
...
@@ -14,6 +14,14 @@
// limitations under the License.
*/
/**
* @file
*
* OCF public key infrastructure (PKI) functions
*
* Collection of functions used to add public key infrastructure (PKI)
* support to devices.
*/
#ifndef OC_PKI_H
#define OC_PKI_H
...
...
@@ -21,27 +29,170 @@
extern
"C"
{
#endif
/**
* OCF defined security profiles
*
* Security Profiles differentiate devices based on requirements from different
* verticals such as industrial, health care, or smart home.
*
* See oc_pki_set_security_profile() for a description of the each of the
* security profiles or reference the security profiles section of the OCF
* Security Specification.
*/
typedef
enum
{
OC_SP_BASELINE
=
1
<<
1
,
OC_SP_BLACK
=
1
<<
2
,
OC_SP_BLUE
=
1
<<
3
,
OC_SP_PURPLE
=
1
<<
4
OC_SP_BASELINE
=
1
<<
1
,
///< The OCF Baseline Security Profile
OC_SP_BLACK
=
1
<<
2
,
///< The OCF Black Security Profile
OC_SP_BLUE
=
1
<<
3
,
///< The OCF Blue Security Profile
OC_SP_PURPLE
=
1
<<
4
///< The OCF Purple Security Profile
}
oc_sp_types_t
;
/**
* Add the manufactures PKI identity certificate.
*
* @param[in] device index of the logical device the identity certificate
* belongs to
* @param[in] cert pointer to a string containing a PEM encoded identity
* certificate
* @param[in] cert_size the size of the `cert` string
* @param[in] key the PEM encoded private key associated with this certificate
* @param[in] key_size the size of the `key` string
*
* @return
* - the credential ID of the /oic/sec/cred entry containing the certificate
* chain
* - `-1` on failure
*/
int
oc_pki_add_mfg_cert
(
size_t
device
,
const
unsigned
char
*
cert
,
size_t
cert_size
,
const
unsigned
char
*
key
,
size_t
key_size
);
/**
* Add an intermediate manufacture CA certificate.
*
* @param[in] device index of the logical device the certificate chain belongs
* to
* @param[in] credid the credential ID of the /oic/sec/cred entry containing the
* end-entity certificate
* @param[in] cert pointer to a string containing a PEM encoded certificate
* @param[in] cert_size the size of the `cert` string
*
* @return
* - the credential ID of the /oic/sec/cred entry containing the certificate
* chain
* - `-1` on failure
*/
int
oc_pki_add_mfg_intermediate_cert
(
size_t
device
,
int
credid
,
const
unsigned
char
*
cert
,
size_t
cert_size
);
/**
* Add manufacture trust anchor CA
*
* @param[in] device index of the logical device the trust anchor CA belongs to
* @param[in] cert pointer to a string containing a PEM encoded certificate
* @param[in] cert_size the size of the `cert` string
*
* @return
* - the credential ID of the /oic/sec/cred entry containing the certificate
* chain
* - `-1` on failure
*/
int
oc_pki_add_mfg_trust_anchor
(
size_t
device
,
const
unsigned
char
*
cert
,
size_t
cert_size
);
/**
* Add trust anchor CA
*
* @param[in] device index of the logical device the trust anchor CA belongs to
* @param[in] cert pointer to a string containing a PEM encoded certificate
* @param[in] cert_size the size of the `cert` strung
*
* @return
* - the credential ID of the /oic/sec/cred entry containing the certificate
* chain
* - `-1` on failure
*/
int
oc_pki_add_trust_anchor
(
size_t
device
,
const
unsigned
char
*
cert
,
size_t
cert_size
);
/**
* Set the OCF Security Profile
*
* The OCF Security Specification defines several Security Profiles that can be
* selected based on the security requirements of different verticals such as
* such as industrial, health care, or smart home.
*
* There are currently five types of Security Profiles specified by OCF.
*
* Following, is a non-exhaustive summary of each Security Profile type. For
* more details see OCF Security Specification section regarding Security
* Profiles.
*
* 1. Unspecified or `0`
* - reserved for future use.
* 2. OC_SP_BASELINE Baseline: indicates the OCF device satisfies normative
* security requirements as specified by the OCF Security Specification.
* Baseline Security Profile is the default security profile if no other
* profile is provided.
* 3. OC_SP_BLACK Black: healthcare and industrial devices with additional
* security requirements are the initial target for the Black Security
* Profile. Black Security Profile is for edge devices with exceptional
* profiles of trust bestowed upon them. Black Security Profile must support
* the following
* - The device satisfies all normative security requirements
* - Onboarding via OCF Rooted Certificate Chain, including PKI chain
* validation
* - Support for AES 128 encryption for data at rest and in transit
* - Manufacturer assertion of secure credential storage
* - Resource should contain credential(s) if required by the selected OTM
* - The OCF Device shall include an X.509v3 certificate and the
* extension's 'securityProfile' field shall specify it is an OCF Black
* Security Profile
* 4. OC_SP_BLUE Blue: indicates the OCF device has been issued a certificate
* authority from OCF. The Blue Security Profile is for an ecosystem where
* platform vendors may be using devices from a different vendor. The Blue
* profile gives a way to assure quality devices on a different vendors
* platform. Blue Security Profile must support the following
* - The device satisfies all normative security requirements
* - Vender attestation that the device satisfies platform security and
* privacy functionality requirements.
* - The device is registered with OCF.
* - The Security Profile may be digitally signed by an OCF owner signing
* key.
* - The OCF Device shall include an X.509v3 certificate and the
* extension's 'securityProfile' field shall specify it is an OCF Blue Security
* Profile
* - The OCF Device shall include an X.509v3 OCF CPL Attributes Extension
* in its certificate.
* - The device shall perform a check on the certification status of the
* device and platform.
* - The device shall be hosted on a secure platform.
* - The device shall use AES128 equivalent or better protection for
* transmitted and stored data.
* 5. OC_SP_PURPLE Purple: indicates the device shall be able to update its
* firmware in a secure manner. Purple Security Profile must support the
* following:
* - Secure credential storage
* - Software integrity validation
* - Secure update
* - If a certificate is used the OCF Device shall include an X.509v3
* certificate and the extension's 'securityProfile' field shall specify
* it is an OCF Purple Security Profile.
* - If a certificate is used the OCF Device shall include an X.509v3
* OCFCPLAttributes Extension in its End-Entity Certificate when
* manufacturer certificate is used.
*
* @param[in] device index of the logical device the security profile is be set
* on
* @param[in] supported_profiles a bitwise OR list of oc_sp_types_t that are
* supported by the device. The current_profile
* value may be changed to one of the other
* supported_profiles during the onboarding
* process.
* @param[in] current_profile the currently selected security profile
* @param[in] mfg_credid the credential ID of the /oic/sec/cred entry containing
* the manufactures end-entity certificate
*/
void
oc_pki_set_security_profile
(
size_t
device
,
oc_sp_types_t
supported_profiles
,
oc_sp_types_t
current_profile
,
int
mfg_credid
);
...
...
include/oc_swupdate.h
View file @
bd0b43f6
...
...
@@ -13,7 +13,9 @@
// See the License for the specific language governing permissions and
// limitations under the License.
*/
/**
@file
*/
#ifndef OC_SWUPDATE_H
#define OC_SWUPDATE_H
...
...
messaging/coap/coap.c
View file @
bd0b43f6
...
...
@@ -641,7 +641,7 @@ coap_parse_token_option(void *packet, uint8_t *data, uint32_t data_len,
#ifdef OC_SPEC_VER_OIC
&&
coap_pkt
->
content_format
!=
APPLICATION_CBOR
#endif
/* OC_SPEC_VER_OIC */
)
)
return
UNSUPPORTED_MEDIA_TYPE_4_15
;
break
;
case
COAP_OPTION_MAX_AGE
:
...
...
@@ -665,7 +665,7 @@ coap_parse_token_option(void *packet, uint8_t *data, uint32_t data_len,
#ifdef OC_SPEC_VER_OIC
&&
coap_pkt
->
accept
!=
APPLICATION_CBOR
#endif
/* OC_SPEC_VER_OIC */
)
)
return
NOT_ACCEPTABLE_4_06
;
break
;
#if 0
...
...
@@ -796,7 +796,7 @@ coap_parse_token_option(void *packet, uint8_t *data, uint32_t data_len,
#ifdef OC_SPEC_VER_OIC
&&
version
!=
OIC_VER_1_1_0
#endif
/* OC_SPEC_VER_OIC */
)
{
)
{
OC_WRN
(
"Unsupported version %d %u"
,
option_number
,
version
);
return
UNSUPPORTED_MEDIA_TYPE_4_15
;
}
...
...
@@ -826,9 +826,9 @@ coap_tcp_set_header_fields(void *packet, uint8_t *num_extended_length_bytes,
coap_pkt
->
buffer
[
0
]
=
0x00
;
coap_pkt
->
buffer
[
0
]
|=
COAP_TCP_HEADER_LEN_MASK
&
(
*
len
)
<<
COAP_TCP_HEADER_LEN_POSITION
;
coap_pkt
->
buffer
[
0
]
|=
COAP_HEADER_TOKEN_LEN_MASK
&
(
coap_pkt
->
token_len
)
<<
COAP_HEADER_TOKEN_LEN_POSITION
;
coap_pkt
->
buffer
[
0
]
|=
COAP_HEADER_TOKEN_LEN_MASK
&
(
coap_pkt
->
token_len
)
<<
COAP_HEADER_TOKEN_LEN_POSITION
;
int
i
=
0
;
for
(
i
=
1
;
i
<=
*
num_extended_length_bytes
;
i
++
)
{
...
...
@@ -977,11 +977,11 @@ coap_udp_set_header_fields(void *packet)
coap_pkt
->
buffer
[
0
]
=
0x00
;
coap_pkt
->
buffer
[
0
]
|=
COAP_HEADER_VERSION_MASK
&
(
coap_pkt
->
version
)
<<
COAP_HEADER_VERSION_POSITION
;
coap_pkt
->
buffer
[
0
]
|=
COAP_HEADER_TYPE_MASK
&
(
coap_pkt
->
type
)
<<
COAP_HEADER_TYPE_POSITION
;
coap_pkt
->
buffer
[
0
]
|=
COAP_HEADER_TYPE_MASK
&
(
coap_pkt
->
type
)
<<
COAP_HEADER_TYPE_POSITION
;
coap_pkt
->
buffer
[
0
]
|=
COAP_HEADER_TOKEN_LEN_MASK
&
(
coap_pkt
->
token_len
)
<<
COAP_HEADER_TOKEN_LEN_POSITION
;
COAP_HEADER_TOKEN_LEN_MASK
&
(
coap_pkt
->
token_len
)
<<
COAP_HEADER_TOKEN_LEN_POSITION
;
coap_pkt
->
buffer
[
1
]
=
coap_pkt
->
code
;
coap_pkt
->
buffer
[
2
]
=
(
uint8_t
)((
coap_pkt
->
mid
)
>>
8
);
coap_pkt
->
buffer
[
3
]
=
(
uint8_t
)(
coap_pkt
->
mid
);
...
...
@@ -1268,7 +1268,7 @@ coap_set_token(void *packet, const uint8_t *token, size_t token_len)
return
coap_pkt
->
token_len
;
}
#ifdef OC_CLIENT
int
coap_get_header_content_format
(
void
*
packet
,
unsigned
int
*
format
)
{
...
...
@@ -1280,7 +1280,7 @@ coap_get_header_content_format(void *packet, unsigned int *format)
*
format
=
coap_pkt
->
content_format
;
return
1
;
}
#endif
int
coap_set_header_content_format
(
void
*
packet
,
unsigned
int
format
)
{
...
...
@@ -1302,7 +1302,6 @@ coap_get_header_accept(void *packet, unsigned int *accept)
*
accept
=
coap_pkt
->
accept
;
return
1
;
}
#ifdef OC_CLIENT
int
coap_set_header_accept
(
void
*
packet
,
unsigned
int
accept
)
{
...
...
@@ -1312,7 +1311,6 @@ coap_set_header_accept(void *packet, unsigned int accept)
SET_OPTION
(
coap_pkt
,
COAP_OPTION_ACCEPT
);
return
1
;
}
#endif
/*---------------------------------------------------------------------------*/
#if 0
int coap_get_header_max_age(void *packet, uint32_t *age)
...
...
messaging/coap/engine.c
View file @
bd0b43f6
...
...
@@ -316,10 +316,15 @@ coap_receive(oc_message_t *msg)
goto
send_message
;
}
else
{
OC_DBG
(
"received all blocks for payload"
);
if
(
message
->
type
==
COAP_TYPE_CON
)
{
coap_send_empty_ack
(
message
->
mid
,
&
msg
->
endpoint
);
}
coap_udp_init_message
(
response
,
COAP_TYPE_CON
,
CONTENT_2_05
,
response
->
mid
);
coap_get_mid
());
transaction
->
mid
=
response
->
mid
;
coap_set_header_block1
(
response
,
block1_num
,
block1_more
,
block1_size
);
coap_set_header_accept
(
response
,
APPLICATION_VND_OCF_CBOR
);
request_buffer
->
payload_size
=
request_buffer
->
next_block_offset
;
request_buffer
->
ref_count
=
0
;
...
...
@@ -331,12 +336,6 @@ coap_receive(oc_message_t *msg)
goto
init_reset_message
;
}
else
if
(
block2
)
{
OC_DBG
(
"processing block2 option"
);
unsigned
int
accept
=
0
;
if
(
coap_get_header_accept
(
message
,
&
accept
)
==
1
)
{
coap_set_header_content_format
(
response
,
accept
);
}
else
{
coap_set_header_content_format
(
response
,
APPLICATION_VND_OCF_CBOR
);
}
response_buffer
=
oc_blockwise_find_response_buffer
(
href
,
href_len
,
&
msg
->
endpoint
,
message
->
code
,
message
->
uri_query
,
message
->
uri_query_len
,
OC_BLOCKWISE_SERVER
);
...
...
@@ -359,9 +358,16 @@ coap_receive(oc_message_t *msg)
?
1
:
0
;
if
(
more
==
0
)
{
if
(
message
->
type
==
COAP_TYPE_CON
)
{
coap_send_empty_ack
(
message
->
mid
,
&
msg
->
endpoint
);
}
coap_udp_init_message
(
response
,
COAP_TYPE_CON
,
CONTENT_2_05
,
response
->
mid
);
coap_get_mid
());
transaction
->
mid
=
response
->
mid
;
coap_set_header_accept
(
response
,
APPLICATION_VND_OCF_CBOR
);
}
coap_set_header_content_format
(
response
,
APPLICATION_VND_OCF_CBOR
);
coap_set_payload
(
response
,
payload
,
payload_size
);
coap_set_header_block2
(
response
,
block2_num
,
more
,
block2_size
);
oc_blockwise_response_state_t
*
response_state
=
...
...
@@ -772,7 +778,7 @@ send_message:
#ifdef OC_SECURITY
if
(
coap_status_code
==
CLOSE_ALL_TLS_SESSIONS
)
{
oc_close_all_tls_sessions
(
msg
->
endpoint
.
device
);
oc_close_all_tls_sessions
_for_device
(
msg
->
endpoint
.
device
);
}
#endif
/* OC_SECURITY */
...
...
port/linux/ipadapter.c
View file @
bd0b43f6
...
...
@@ -645,6 +645,7 @@ process_interface_change_event(void)
}
if
(
if_state_changed
)
{
oc_close_all_tls_sessions
();
for
(
i
=
0
;
i
<
num_devices
;
i
++
)
{
ip_context_t
*
dev
=
get_ip_context_for_device
(
i
);
oc_network_event_handler_mutex_lock
();
...
...
security/oc_pstat.c
View file @
bd0b43f6
...
...
@@ -192,7 +192,7 @@ oc_pstat_handle_state(oc_sec_pstat_t *ps, size_t device, bool from_storage,
oc_factory_presets_t
*
fp
=
oc_get_factory_presets_cb
();
if
(
fp
->
cb
!=
NULL
)
{
if
(
self_reset
)
{
oc_
tls_close_all_connections
(
device
);
oc_
close_all_tls_sessions_for_device
(
device
);
}
memcpy
(
&
pstat
[
device
],
ps
,
sizeof
(
oc_sec_pstat_t
));
OC_DBG
(
"oc_pstat: invoking the factory presets callback"
);
...
...
security/oc_tls.c
View file @
bd0b43f6
...
...
@@ -1247,20 +1247,6 @@ oc_tls_add_peer(oc_endpoint_t *endpoint, int role)
return
peer
;
}
void
oc_tls_close_all_connections
(
size_t
device
)
{
OC_DBG
(
"oc_tls: closing all open (D)TLS sessions on device %zd"
,
device
);
oc_tls_peer_t
*
p
=
oc_list_head
(
tls_peers
),
*
next
;
while
(
p
!=
NULL
)
{
next
=
p
->
next
;
if
(
p
->
endpoint
.
device
==
device
)
{
oc_tls_close_connection
(
&
p
->
endpoint
);
}
p
=
next
;
}
}
void
oc_tls_shutdown
(
void
)
{
...
...
@@ -1778,15 +1764,35 @@ oc_tls_recv_message(oc_message_t *message)
}
static
void
close_all_active_tls_sessions
(
size_t
device
)
close_all_tls_sessions_for_device
(
size_t
device
)
{
OC_DBG
(
"oc_tls: closing all open (D)TLS sessions on device %zd"
,
device
);
oc_tls_peer_t
*
p
=
oc_list_head
(
tls_peers
),
*
next
;
while
(
p
!=
NULL
)
{
next
=
p
->
next
;
if
(
p
->
endpoint
.
device
==
device
)
{
oc_tls_close_connection
(
&
p
->
endpoint
);
}
p
=
next
;
}
}
static
void
close_all_tls_sessions
(
void
)
{
oc_tls_close_all_connections
(
device
);
OC_DBG
(
"oc_tls: closing all open (D)TLS sessions on all devices"
);
oc_tls_peer_t
*
p
=
oc_list_head
(
tls_peers
),
*
next
;
while
(
p
!=
NULL
)
{
next
=
p
->
next
;
oc_tls_close_connection
(
&
p
->
endpoint
);
p
=
next
;
}
}
OC_PROCESS_THREAD
(
oc_tls_handler
,
ev
,
data
)
{
OC_PROCESS_POLLHANDLER
(
close_all_tls_sessions
());
OC_PROCESS_BEGIN
();
while
(
1
)
{
OC_PROCESS_YIELD
();
...
...
@@ -1812,7 +1818,7 @@ OC_PROCESS_THREAD(oc_tls_handler, ev, data)
#endif
/* OC_CLIENT */
else
if
(
ev
==
oc_events
[
TLS_CLOSE_ALL_SESSIONS
])
{
size_t
device
=
(
size_t
)
data
;
close_all_
active_tls_sessions
(
device
);
close_all_
tls_sessions_for_device
(
device
);
}
}
...
...
security/oc_tls.h
View file @
bd0b43f6
...
...
@@ -63,7 +63,7 @@ int oc_tls_init_context(void);
void
oc_tls_shutdown
(
void
);
void
oc_tls_close_connection
(
oc_endpoint_t
*
endpoint
);
void
oc_tls_close_all_connections
(
size_t
device
);
bool
oc_sec_derive_owner_psk
(
oc_endpoint_t
*
endpoint
,
const
uint8_t
*
oxm
,
const
size_t
oxm_len
,
const
uint8_t
*
server_uuid
,
const
size_t
server_uuid_len
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment