Skip to content
Permalink
Browse files

net: socket: Add switch to enable TLS socket option support

Add switch to a socket layer that will enable switching socket API to
TLS secure sockets. At this point there is no secure sockets
implementation, so secure socket calls redirect to regular socket calls.

Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
  • Loading branch information...
rlubos authored and nashif committed Jul 2, 2018
1 parent 2516aa0 commit 00a69bf9bb5865eb215920f59631c305ae48a22e
@@ -76,67 +76,134 @@ int zsock_getaddrinfo(const char *host, const char *service,
const struct zsock_addrinfo *hints,
struct zsock_addrinfo **res);

#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)

int ztls_socket(int family, int type, int proto);
int ztls_close(int sock);
int ztls_bind(int sock, const struct sockaddr *addr, socklen_t addrlen);
int ztls_connect(int sock, const struct sockaddr *addr, socklen_t addrlen);
int ztls_listen(int sock, int backlog);
int ztls_accept(int sock, struct sockaddr *addr, socklen_t *addrlen);
ssize_t ztls_send(int sock, const void *buf, size_t len, int flags);
ssize_t ztls_recv(int sock, void *buf, size_t max_len, int flags);
ssize_t ztls_sendto(int sock, const void *buf, size_t len, int flags,
const struct sockaddr *dest_addr, socklen_t addrlen);
ssize_t ztls_recvfrom(int sock, void *buf, size_t max_len, int flags,
struct sockaddr *src_addr, socklen_t *addrlen);
int ztls_fcntl(int sock, int cmd, int flags);
int ztls_poll(struct zsock_pollfd *fds, int nfds, int timeout);

#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */

#if defined(CONFIG_NET_SOCKETS_POSIX_NAMES)
static inline int socket(int family, int type, int proto)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_socket(family, type, proto);
#else
return zsock_socket(family, type, proto);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline int close(int sock)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_close(sock);
#else
return zsock_close(sock);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline int bind(int sock, const struct sockaddr *addr, socklen_t addrlen)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_bind(sock, addr, addrlen);
#else
return zsock_bind(sock, addr, addrlen);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline int connect(int sock, const struct sockaddr *addr,
socklen_t addrlen)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_connect(sock, addr, addrlen);
#else
return zsock_connect(sock, addr, addrlen);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline int listen(int sock, int backlog)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_listen(sock, backlog);
#else
return zsock_listen(sock, backlog);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline int accept(int sock, struct sockaddr *addr, socklen_t *addrlen)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_accept(sock, addr, addrlen);
#else
return zsock_accept(sock, addr, addrlen);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline ssize_t send(int sock, const void *buf, size_t len, int flags)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_send(sock, buf, len, flags);
#else
return zsock_send(sock, buf, len, flags);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline ssize_t recv(int sock, void *buf, size_t max_len, int flags)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_recv(sock, buf, max_len, flags);
#else
return zsock_recv(sock, buf, max_len, flags);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

/* This conflicts with fcntl.h, so code must include fcntl.h before socket.h: */
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
#define fcntl ztls_fcntl
#else
#define fcntl zsock_fcntl
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */

static inline ssize_t sendto(int sock, const void *buf, size_t len, int flags,
const struct sockaddr *dest_addr,
socklen_t addrlen)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_sendto(sock, buf, len, flags, dest_addr, addrlen);
#else
return zsock_sendto(sock, buf, len, flags, dest_addr, addrlen);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline ssize_t recvfrom(int sock, void *buf, size_t max_len, int flags,
struct sockaddr *src_addr, socklen_t *addrlen)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_recvfrom(sock, buf, max_len, flags, src_addr, addrlen);
#else
return zsock_recvfrom(sock, buf, max_len, flags, src_addr, addrlen);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

static inline int poll(struct zsock_pollfd *fds, int nfds, int timeout)
{
#if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS)
return ztls_poll(fds, nfds, timeout);
#else
return zsock_poll(fds, nfds, timeout);
#endif /* defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) */
}

#define pollfd zsock_pollfd
@@ -3,3 +3,5 @@ zephyr_sources(
getaddrinfo.c
sockets.c
)

zephyr_sources_ifdef(CONFIG_NET_SOCKETS_SOCKOPT_TLS sockets_tls.c)
@@ -30,6 +30,13 @@ config NET_SOCKETS_POLL_MAX
help
Maximum number of entries supported for poll() call.

config NET_SOCKETS_SOCKOPT_TLS
bool "Enable TCP TLS socket option support [EXPERIMENTAL]"
default n
help
Enable TLS socket option support which automatically establishes
a TLS connection to the remote host.

config NET_DEBUG_SOCKETS
bool "Debug BSD Sockets compatible API calls"
default y if NET_LOG_GLOBAL
@@ -0,0 +1,71 @@
/*
* Copyright (c) 2018 Intel Corporation
* Copyright (c) 2018 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: Apache-2.0
*/

#include <net/net_context.h>
#include <net/socket.h>

int ztls_socket(int family, int type, int proto)
{
return zsock_socket(family, type, proto);
}

int ztls_close(int sock)
{
return zsock_close(sock);
}

int ztls_bind(int sock, const struct sockaddr *addr, socklen_t addrlen)
{
return zsock_bind(sock, addr, addrlen);
}

int ztls_connect(int sock, const struct sockaddr *addr, socklen_t addrlen)
{
return zsock_connect(sock, addr, addrlen);
}

int ztls_listen(int sock, int backlog)
{
return zsock_listen(sock, backlog);
}

int ztls_accept(int sock, struct sockaddr *addr, socklen_t *addrlen)
{
return zsock_accept(sock, addr, addrlen);
}

ssize_t ztls_send(int sock, const void *buf, size_t len, int flags)
{
return zsock_send(sock, buf, len, flags);
}

ssize_t ztls_recv(int sock, void *buf, size_t max_len, int flags)
{
return zsock_recv(sock, buf, max_len, flags);
}

ssize_t ztls_sendto(int sock, const void *buf, size_t len, int flags,
const struct sockaddr *dest_addr, socklen_t addrlen)
{
return zsock_sendto(sock, buf, len, flags, dest_addr, addrlen);
}

ssize_t ztls_recvfrom(int sock, void *buf, size_t max_len, int flags,
struct sockaddr *src_addr, socklen_t *addrlen)
{
return zsock_recvfrom(sock, buf, max_len, flags, src_addr, addrlen);
}

int ztls_fcntl(int sock, int cmd, int flags)
{
return zsock_fcntl(sock, cmd, flags);
}

int ztls_poll(struct zsock_pollfd *fds, int nfds, int timeout)
{
return zsock_poll(fds, nfds, timeout);
}

0 comments on commit 00a69bf

Please sign in to comment.
You can’t perform that action at this time.