1. 10 Jun, 2019 16 commits
    • George Nash's avatar
      Fixed build warnings · 822ab4a2
      George Nash authored
      Fixed multiple build warnings for using %d for values
      that are larger than an int.
      
      All the warnings were related to print statments or
      logging.
      
      Change-Id: I5d09d220d85a5cd526061ad6f2f8f72afda21368
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      822ab4a2
    • George Nash's avatar
      Add tcpadapter to Android/update Makefile · 8edc9d03
      George Nash authored
      This updates the Android makefile so it is able to build again.
      Notable changes:
       - add x509x source files to DTLS code
       - changed default value for ANDROID_API from 19 to 23
       - added default values for DYNAMIC, SECURE, and PKI build options
       - updated starting CFLAGS value
         - -fPIE -pie changed to -fPIC
         - -fno-reorder-functions and -fno-defer-pop were removed
           due to warnings about them being unknown tags
       - add misc. security files to the build.
      
      The tcpadapter code is a straight copy/paste of the tcpadapter.c/.h
      from the Linux port. No modifications were made to tcpadapter.
      Only changes made were:
       - added the adapter_receive_state_t to ipcontext.h needed by
         tcpadapter.
      
      Most Makefile changes were obtained by referencing the Makefile
      found in the `swig` branch.
      
      Change-Id: Ifddcac31ad60a42c363206e397760a57466a551a
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      8edc9d03
    • Kishen Maloor's avatar
      Complete OCF Cloud Support and sample test apps · 28ae13db
      Kishen Maloor authored
      This change massively overhauls OCF Cloud code and fully
      integrates it into the stack as a core feature. It has
      been tested for compliance with the current OCF Specification
      via the OCF conformance tool.
      
      Below is a high level summary of the changes:
      
      -Introduced new Cloud APIs to register, login, logout,
      deregister, perform token refresh, and publish resources.
      This enables application logic to drive their interactions with
      the OCF Cloud.
      
      Support for the Cloud Manager is being maintained per earlier
      contributions and serve as an alternative method for
      applications to connect with the Cloud. The cloud_manager_start/_stop
      APIs may be invoked by applications with a callback to
      provide an indication of connection state. The state machine has
      been updated to not switch to a "reconnecting" state upon
      receiving a redirect, but rather to just close the current
      connection and attempt a "login" with the REGISTERED bit staying
      set (more on this below wrt to the handling of oc_cloud_status_t).
      
      The full set of public APIs for Cloud support is now declared
      in include/oc_cloud.h.
      
      Response callbacks for all Cloud APIs has been kept consistent
      and only include the current Cloud Status and user parameter.
      
      -The CoAPCloudConf resource is now instantiated internally as an
      OCF "core resource" and is treated as a Device Configuration
      Resource (DCR) for access-control behaviors.
      
      -Initialization and shutdown of the internal constructs for Cloud
      support is now handled internally. Applications only ever need to
      invoke the aforementioned APIs for working with the Cloud feature
      anytime after oc_main_init().
      
      -Device Ownership State (dos) is checked internally in all Cloud
      API implementations to ensure that requests are not issued unless
      the dos is RFNOP.
      
      -Following a hard reset via /oic/sec/pstat or /oic/mnt, the Device
      is made to deregister from the Cloud, the connection is closed,
      and CoAPCloudConf is fully cleared, as required by the specification.
      
      -Internal response handlers for all Cloud requests have been updated
      to correctly handle the distinction between an "error response" and
      "error connect" in setting the last error code.
      
      -As Cloud support requires full support of Client and Server
      functions, it is incorporated into the Client_Server configuration.
      Accordingly, applications must link in the lib..client-server..
      library.
      
      Cloud support code is guarded by #ifdef OC_CLOUD (to make it
      optional), and all references to the Cloud feature in the rest of
      the stack require both OC_CLIENT and OC_SERVER to be defined.
      
      -oc_cloud_status_t has been updated to act as a bit mask (not
      exclusive) and hence all Cloud API callbacks must query the
      status for all relevant bits and take appropriate actions.
      For e.g., after successfully logging into the Cloud, the cloud
      status has both the REGISTERED and LOGGED_IN bits set. The
      sample applications illustrate the use of this pattern.
      
      -The status flags in oc_cloud_status_t have been renamed to match
      their names from the Cloud specification for sake of consistency.
      Further, new flags have been added to capture the LOGGED_OUT and
      DEREGISTERED statuses. When a response from the Cloud includes the
      expires_in property, the new status bit TOKEN_EXPIRY is set.
      Applications are expected to query this bit, and if set must
      retrieve the "expires_in" value using the new
      oc_cloud_get_token_expiry() API.
      
      -All of the Cloud code has been moved under api/cloud.
      
      -Preexisting unit tests have been updated but may need to be
      reworked,and possibly new tests added for better coverage. They
      are currently excluded from the Linux build pending their
      completion.
      
      -A new sample cloud_certification_tests has been added to
      illustrate the use of all Cloud APs with a command-line interface
      and serves as the means to perform all certification tests
      pertaining to the Cloud using OCF's Conformance Test Tool.
      The cloud_linux sample has been updated to reflect the recent
      API updates.
      
      -Misc. cleanup and code style fixes.
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I6f65551dfd0f02cf37186ecf3ccc0320c16ad251
      28ae13db
    • Kishen Maloor's avatar
      linux/Makefile:add -fsanitize=address with ASAN=1 · b3625819
      Kishen Maloor authored
      This change adds the address sanitizer to the Linux build
      using the ASAN=1 command-line switch while running make.
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: If2dac8ce6a4bbc10e16b8d66ecfcd61be807b472
      b3625819
    • Kishen Maloor's avatar
      Add new APIs for realm/site-local IPv6 discovery · 6c9d33aa
      Kishen Maloor authored
      This change adds new Client APIs for performing resource discovery
      over the realm-local and site-local IPV6 scopes. The Linux IP adapter
      has been updated to set a hop limit of 255 for discovery over the
      wider IPv6 scopes.
      
      This change also adds similar APIs for issuing generalized mutlicast
      requests to any resource over the realm and site-local scopes.
      
      Lastly, oc_obt has been updated with new discovery APIs for owned
      and unowned devices over these wider scopes. The sample OBT has
      been updated with the new discovery options.
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: Ib5c0adfb2f2c033a0a2dc2dc24796d3669acf1ec
      6c9d33aa
    • Kishen Maloor's avatar
      oc_session_events: clear deadlock · 2c7be5bc
      Kishen Maloor authored
      This change clears a deadlock arising in free_session_state_delayed()
      from the invocation of oc_session_end_event() while freeing
      TCP session state. The problem was fixed by synchronizing access
      only to the session list and excluding the rest of the code block
      in free_session_state_delayed() which is where a call to
      oc_session_end_event() is made.
      
      Further, oc_tls was updated to call oc_handle_session() directly
      rather than using the session_events process as routines in
      oc_tls always execute on the main (background) thread.
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I7bdbec84acae463dee9bed9bbe4868a022430fde
      2c7be5bc
    • Kishen Maloor's avatar
      Move oc_tls_select_psk_ciphersuite outside OC_PKI · 6a1f4ee8
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I113767542168a5072185f479e3d2323ef40df9fe
      6a1f4ee8
    • Kishen Maloor's avatar
      oc_tls:disable anon ciphersuite when dos!=RFOTM · 6d44ef95
      Kishen Maloor authored
      This change excludes the anon_ECDH ciphersuite from the list of
      supported ciphersuites on Servers while their current dos is not
      RFOTM. In other words, as a consequence of this change, Servers can
      only ever establish a TLS session with Clients when fully authenticated
      with a credential.
      
      While in RFOTM, Servers are allowed to advertise the anon_ECDH
      ciphersuite in addition to other ciphersuites so an OBT can establish
      an anon_ECDH session for onboarding.
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I98984866f0726aa72906271ee9744f4391d68cb9
      6d44ef95
    • Kishen Maloor's avatar
      oc_certs: verify role certs using a trustca cred · 07de91d0
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: Ifac84bfd66838c24cacb93c6e11b7da47f1aecb9
      07de91d0
    • Kishen Maloor's avatar
      oc_rep: Ignore CBOR Tags, encode empty values · 952d87bc
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I20ef092b22ef7ef8b055e81f5b6e6f1c6faf369f
      952d87bc
    • Kishen Maloor's avatar
      oc_acl:Fix wildcard resource bitmask · 8d628400
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I43ce53077acf50dc23c6cbdb77a0d181da2b82c1
      8d628400
    • Kishen Maloor's avatar
      Fix oc_core_is_DCR() · 8eaf3593
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: Id83b8cca51d8c84b520ccb01dd4d2ca2c6d64f4a
      8eaf3593
    • Kishen Maloor's avatar
      Use vendor-defined "rt" for introspection IDD res · e26df4fb
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I2fa1f5c98d9a824003447b21bdf6b36bf2ce4db9
      e26df4fb
    • Kishen Maloor's avatar
      oc_clock: Fix overflow · 7ac248a5
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: If0e6c0ff29305c7e8ddfc6197b1368e2d61f7199
      7ac248a5
    • Kishen Maloor's avatar
      Fix peer authorization logic in cert handshakes · 4b74dc0d
      Kishen Maloor authored
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: Id54dc566414fb5009c12a81ee56f7a708446153b
      4b74dc0d
    • Kishen Maloor's avatar
      Propagate TLS errors to the app layer in Clients · 39b106c2
      Kishen Maloor authored
      This change adds a mechanism to free active Client callbacks
      associated with an endpoint on encountering an error at the TLS layer.
      Before freeing the callback, it is once invoked internally with no
      payload and supplying it the 5.03 (Service_Unavailable) status code
      in order to notify Client application logic of the failure.
      
      Previously, Client applications received no such notification
      in their request handlers.
      They could only set a separate session_events callback to track session
      state per endpoint, requiring multiple such callbacks and more logic to
      discern the states of requests. This change obviates the need for those
      callbacks and vastly simplifies application logic.
      
      In other scenarios involving long sequences of requests, this change
      makes it possible to immediately terminate the sequence following a
      TLS error instead of requiring to waiting for a timeout at the
      CoAP layer to expire.
      Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
      Change-Id: I4501360cb6de7c04dbb90bd5310b60b67fcef4ed
      39b106c2
  2. 23 May, 2019 6 commits
    • Jozef Kralik's avatar
      [LITE-43] Implement Cloud service · 04471e61
      Jozef Kralik authored
      Provides API for connect a device to the Cloud Interface.
      
      Cloud Sample apps/cloud_linux.c
      Cloud API: service/cloud/include/cloud.h
      
      Limitations:
       * Cloud always try to connect to the Cloud Interface
       * Delays are not configurable (ping, publish resources, ...)
       * Sid isn't verified
      
      Change-Id: I3faf440f0fd00648cf0e01f50763d80c785cd734
      Signed-off-by: Jozef Kralik's avatarJozef Kralik <jojo.lwin@gmail.com>
      04471e61
    • George Nash's avatar
      Fix DEBUG output for Windows · 9ebd8821
      George Nash authored
      Currently on windows the mbedtls_debug output prints large
      blocks of unreadable text. Eeading the debug log is quite
      difficult.
      
      By seting the snprintf function for mbedtls the debug output
      prints properly.
      
      Change-Id: I9fdf2a6754b49f136cc07d2f52ced6905a701dda
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      9ebd8821
    • George Nash's avatar
      Rework of oc_introspection.h · 55de9c39
      George Nash authored
      The oc_set_introspection_file is no long avalible. Now
      it will default to the file IDD_<device_index> from oc_storage.
      
      This adds the oc_set_introspection_data function to
      the oc_introspection.h header. This enables setting
      the introspection data by passing in an array of bytes via
      the oc_set_introspection_data function.
      
      The compiler define OC_IDD_FILE was change to OC_IDD_API since
      we no longer specify file names.
      
      As a side in the windows  build OC_IDD_API is set as the
      default.
      
      Users can get the same behavior as building the code without
      OC_IDD_API by including server_introspection.dat.h in their
      server program and calling
      oc_set_interspection_data(0,
                                introspection_Data,
                                introspection_data_size);
      
      The function oc_create_introspection_resourcewas moved
      to a new internal header file oc_introspection_internal.h.
      The function is only expected to be called by the framework
      and there is no need to expose it to end users as public APIs.
      
      Change-Id: I9ec452afbf96510c82557eeb1b8b79a8949eeb25
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      55de9c39
    • George Nash's avatar
      Ran clang-formater on 5 files · 1d7cd051
      George Nash authored
      Change-Id: Ie0fa5d9da90a4c357895bd95040f44bf78008693
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      1d7cd051
    • George Nash's avatar
      Removed possible loss of data warnings · 87d1a731
      George Nash authored
      For `timestamp_parse.c` the compiler complained that the
      `nsec` variable was larger than the `offset` variable.
      Since the code in question was just variable initialization
      the line was broke into two lines.
      
      For `timestamp_tm.c` there is no need to use uint16_t for the
      intermediate result of the calculations. The final result is
      place into an `int` type. No need to force the data into a smaller
      data type.
      
      The conversion from seconds to days (i.e. sec / 86400) could
      be larger than the uint32_t.  If we are counting number of
      seconds since epoch the date that the calculation will be larger
      than uint32_t is January 20, 11761191. Yes that is 11.7 million
      years! We should be safe casting the number to an uint32_t.
      
      Change-Id: I2b4d6ea729a1a0bec3581db26335cb72331bd70f
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      87d1a731
    • George Nash's avatar
      Ran clang-format on base64test · 4530ced4
      George Nash authored
      Change-Id: I73b73113074a822f352fed444f30566516a3cf11
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      4530ced4
  3. 18 May, 2019 1 commit
  4. 10 May, 2019 1 commit
    • George Nash's avatar
      Changed StringToEnpoint test if OC_TCP not defined · 67ac82a7
      George Nash authored
      If the code were built with out OC_TCP build predefine
      the unit test would fail because it tested against enpoints
      that would only work if OC_TCP were defined.
      
      This commit spilts the test into two parts. The part that
      only works with OC_TCP defined and the part that works
      regaurdless of the value of OC_TCP.
      
      Change-Id: I56598db9e6dbb6401e8adde0e3f7393dfd9b93a1
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      67ac82a7
  5. 03 May, 2019 2 commits
    • George Nash's avatar
      Change cast for intpool to int64_t · 31093be8
      George Nash authored
      The internal int type was changed to int64_t this
      cast to int was missed.  Error found using the
      Android compiler.
      
      Change-Id: I01e203e67a785e265ee658c183d43da673f45b0a
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      31093be8
    • George Nash's avatar
      Removed possible loss of data warnings · 312ce5ec
      George Nash authored
      When assigning from a larger data type to a smaller data type
      the Visual Studio compiler will throw a warning C4244 indicating
      that there is a possible loss of data.
      
      All timestamp calculations are expected to fit in the smaller
      data type. To help verify this assumption the calculation is
      not placed into the smaller data type till after doing an
      assert against the max data type.
      
      Change-Id: I58fdae980af2b63ae3113d43c5913a9b77a67880
      Signed-off-by: George Nash's avatarGeorge Nash <george.nash@intel.com>
      312ce5ec
  6. 30 Apr, 2019 1 commit
  7. 29 Apr, 2019 1 commit
  8. 17 Apr, 2019 2 commits
  9. 16 Apr, 2019 1 commit
  10. 12 Apr, 2019 1 commit
  11. 11 Apr, 2019 2 commits
  12. 08 Apr, 2019 6 commits