Anjay 3.1.1

Improvements: - Added CHANGELOG.md Bugfixes: - Added the missing return in anjay_dm_handlers.c that could cause undefined behavior when ANJAY_WITH_THREAD_SAFETY was disabled - Removed the unused option in the factory provisioning script - Removed usage of Python 3.6 syntax in tests that caused Github Actions tests to fail - Added missing notes about the change to (D)TLS version in all migration guides in the documentation - (commercial feature only) Fixed proper handling of changing the disable_legacy_server_initiated_bootstrap across core persistence cycles
AVSystem · Jul 22, 2022 · eb19dca · eb19dca
1 parent e36d21a
commit eb19dca
Show file tree

Hide file tree

Showing 19 changed files with 1,840 additions and 34 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -8,7 +8,7 @@
 cmake_minimum_required(VERSION 3.6.0)
 
 project(anjay C)
-set(ANJAY_VERSION "3.1.0" CACHE STRING "Anjay library version")
+set(ANJAY_VERSION "3.1.1" CACHE STRING "Anjay library version")
 set(ANJAY_BINARY_VERSION 1.0.0)
 
 set(ANJAY_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}")

diff --git a/README.md b/README.md
@@ -18,6 +18,7 @@ The project has been created and is actively maintained by [AVSystem](https://ww
 - [Full documentation](https://AVSystem.github.io/Anjay-doc/)
 - [Tutorials](https://AVSystem.github.io/Anjay-doc/BasicClient.html)
 - [API docs](https://AVSystem.github.io/Anjay-doc/api/)
+- [Changelog](CHANGELOG.md)
 
 <!-- toc -->
 

diff --git a/deps/avs_commons b/deps/avs_commons
diff --git a/doc/sphinx/snippet_sources.md5 b/doc/sphinx/snippet_sources.md5
@@ -88,6 +88,6 @@ ebd07be4f2a99e4f88435330b36fc617  include_public/anjay/fw_update.h
 e4153f643dad6a333675748eaabf7852  include_public/anjay/io.h
 b99edd4bfed8952b8125cec0da767b66  include_public/anjay/ipso_objects.h
 9769d3edf9ed026a4314a550bf64faa5  include_public/anjay/security.h
-291ffce4abb46f67151496fb3139158e  tests/integration/framework/test_utils.py
+d19627a56220f65d957404d82d1fe0fd  tests/integration/framework/test_utils.py
 9c2ac86951e278b0077c30c33b5b4e82  tools/provisioning-tool/factory_prov/factory_prov.py
-3ce455cd71eda34d09230c5df0249fa2  tools/provisioning-tool/ptool.py
+9143bcdc2f751bd5d02cac72c0ba82a8  tools/provisioning-tool/ptool.py
diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay214.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay214.rst
@@ -90,6 +90,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 Conditional compilation for structured security credential support
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay215.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay215.rst
@@ -85,6 +85,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 Conditional compilation for structured security credential support
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay225.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay225.rst
@@ -136,6 +136,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 
 Other changes
 ^^^^^^^^^^^^^

diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay24.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay24.rst
@@ -132,6 +132,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 
 Changes in avs_commons
 ----------------------

diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay26.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay26.rst
@@ -132,6 +132,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 
 Changes in avs_commons
 ----------------------

diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay27.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay27.rst
@@ -113,6 +113,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 Conditional compilation for structured security credential support
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

diff --git a/doc/sphinx/source/Migrating/MigratingFromAnjay28.rst b/doc/sphinx/source/Migrating/MigratingFromAnjay28.rst
@@ -108,6 +108,28 @@ recommended to initialize such structures with ``ANJAY_DM_OI_ATTRIBUTES_EMPTY``
 or ``ANJAY_DM_R_ATTRIBUTES_EMPTY`` constants, and then fill in the attributes
 you actually intend to set.
 
+Default (D)TLS version
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the `anjay_configuration_t::dtls_version
+<../api/structanjay__configuration.html#ab32477e7370a36e02db5b7e7ccbdd89d>`_
+field is set to ``AVS_NET_SSL_VERSION_DEFAULT`` (which includes the case of
+zero-initialization), Anjay 3.0 and earlier automatically mapped this setting to
+``AVS_NET_SSL_VERSION_TLSv1_2`` to ensure that (D)TLS 1.2 is used as mandated by
+the LwM2M specification.
+
+This mapping has been removed in Anjay 3.1, which means that the default version
+configuration of the underlying (D)TLS library will be used. This has been done
+to automatically allow the use of newer protocols and deprecate old versions
+when the backend library is updated, without the need to update Anjay code.
+However, depending on the (D)TLS backend library used, this may lead to (D)TLS
+1.1 or earlier being used if the server does not properly negotiate a higher
+version. Please explicitly set ``dtls_version`` to
+``AVS_NET_SSL_VERSION_TLSv1_2`` if you want to disallow this.
+
+Please note that Mbed TLS 3.0 has dropped support for TLS 1.1 and earlier, so
+this change will not affect behavior with that library.
+
 Conditional compilation for structured security credential support
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

diff --git a/src/core/anjay_core.c b/src/core/anjay_core.c
@@ -47,7 +47,7 @@
 VISIBILITY_SOURCE_BEGIN
 
 #ifndef ANJAY_VERSION
-#    define ANJAY_VERSION "3.1.0"
+#    define ANJAY_VERSION "3.1.1"
 #endif // ANJAY_VERSION
 
 #ifdef ANJAY_WITH_LWM2M11

diff --git a/src/core/dm/anjay_dm_handlers.c b/src/core/dm/anjay_dm_handlers.c
@@ -636,6 +636,7 @@ get_handler(const anjay_dm_installed_object_t *obj_ptr,
     if (has_handler_unlocked(&(**obj_ptr)->handlers, handler_type)) {
         return &(**obj_ptr)->handlers;
     }
+    return NULL;
 #endif // ANJAY_WITH_THREAD_SAFETY
 }
 

diff --git a/src/core/servers/anjay_register.c b/src/core/servers/anjay_register.c
@@ -59,30 +59,6 @@ static void send_update_sched_job(avs_sched_t *sched, const void *ssid_ptr) {
     ANJAY_MUTEX_UNLOCK(anjay_locked);
 }
 
-/**
- * Returns the duration that we should reserve before expiration of lifetime for
- * performing the Update operation.
- */
-static avs_time_duration_t
-get_server_update_interval_margin(anjay_server_info_t *server) {
-    avs_time_duration_t half_lifetime = avs_time_duration_div(
-            avs_time_duration_from_scalar(
-                    server->registration_info.last_update_params.lifetime_s,
-                    AVS_TIME_S),
-            ANJAY_UPDATE_INTERVAL_MARGIN_FACTOR);
-    anjay_server_connection_t *connection =
-            _anjay_connection_get(&server->connections,
-                                  ANJAY_CONNECTION_PRIMARY);
-    avs_time_duration_t max_transmit_wait =
-            _anjay_max_transmit_wait_for_transport(server->anjay,
-                                                   connection->transport);
-    if (avs_time_duration_less(half_lifetime, max_transmit_wait)) {
-        return half_lifetime;
-    } else {
-        return max_transmit_wait;
-    }
-}
-
 static int schedule_update(anjay_server_info_t *server,
                            avs_time_duration_t delay) {
     anjay_log(DEBUG, _("scheduling update for SSID ") "%u" _(" after ") "%s",
@@ -98,8 +74,22 @@ static avs_time_real_t time_of_next_update(anjay_server_info_t *server) {
     if (!avs_time_real_valid(expire_time)) {
         return AVS_TIME_REAL_INVALID;
     }
+    avs_time_duration_t lifetime = avs_time_duration_from_scalar(
+            server->registration_info.last_update_params.lifetime_s,
+            AVS_TIME_S);
+    avs_time_duration_t half_lifetime =
+            avs_time_duration_div(lifetime,
+                                  ANJAY_UPDATE_INTERVAL_MARGIN_FACTOR);
+    anjay_server_connection_t *connection =
+            _anjay_connection_get(&server->connections,
+                                  ANJAY_CONNECTION_PRIMARY);
+    avs_time_duration_t max_transmit_wait =
+            _anjay_max_transmit_wait_for_transport(server->anjay,
+                                                   connection->transport);
     avs_time_duration_t interval_margin =
-            get_server_update_interval_margin(server);
+            avs_time_duration_less(half_lifetime, max_transmit_wait)
+                    ? half_lifetime
+                    : max_transmit_wait;
     return avs_time_real_add(expire_time,
                              avs_time_duration_mul(interval_margin, -1));
 }

diff --git a/tests/integration/framework/test_suite.py b/tests/integration/framework/test_suite.py
@@ -687,6 +687,7 @@ def setup_demo_with_servers(self,
             demo_args += ['--lifetime', str(lifetime)]
 
         try:
+            self.demo_process = None
             self._start_dumpcap(server.get_listen_port()
                                 for server in all_servers)
 

diff --git a/tests/integration/framework/test_utils.py b/tests/integration/framework/test_utils.py
@@ -34,7 +34,7 @@ def __init__(self, ObjID, ObjInstID):
         self.ObjInstID = ObjInstID
 
     def __str__(self):
-        return f'{self.ObjID}:{self.ObjInstID}'
+        return '%d:%d' % (self.ObjID, self.ObjInstID)
 
 
 class SequentialMsgIdGenerator:

diff --git a/tools/license_headers.py b/tools/license_headers.py
@@ -38,6 +38,7 @@
     '\.png$',
     '\.svg$',
     '^README\.Windows\.md$',
+    '^CHANGELOG\.md$',
     '^\.clang-format$',
     '^doc/sphinx/snippet_sources\.md5$',
     'example_configs/',

diff --git a/tools/provisioning-tool/ptool.py b/tools/provisioning-tool/ptool.py
@@ -19,9 +19,6 @@
     parser.add_argument('-c', '--endpoint_cfg', type=str,
                         help='Configuration file containing device information to be loaded on the device',
                         required=True)
-    parser.add_argument('-d', '--device', type=str,
-                        help='Endpoint device info',
-                        required=True)
     parser.add_argument('-e', '--URN', type=str,
                         help='Endpoint name to use during registration',
                         required=False)