2023-01-23 20:51:43 +08:00
|
|
|
CONFIG_THRIFT_SSL_SOCKET=y
|
|
|
|
|
|
2023-07-30 07:46:32 +08:00
|
|
|
# Currenty, in Zephyr's MBedTLS IPPROTO_TLS_1_0 implementation, 2 sockets are
|
|
|
|
|
# needed for every connection.
|
|
|
|
|
#
|
|
|
|
|
# Additionally, upstream Apache Thrift uses socketpair for cancellation rather
|
|
|
|
|
# than eventfd, since the latter is not portable to some operating systems.
|
|
|
|
|
#
|
|
|
|
|
# File Descriptor Usage
|
|
|
|
|
# ---------------------
|
|
|
|
|
# stdin, stdout, stderr: 3
|
|
|
|
|
# tcp socket (accept): 1
|
|
|
|
|
# tls socket (accept): 1
|
|
|
|
|
# tcp sockets (client, server): 2
|
|
|
|
|
# tls sockets (client, server): 2
|
|
|
|
|
# socketpairs for cancellation (accept, client, server): 6
|
posix: deprecate POSIX_MAX_FDS and add POSIX_DEVICE_IO
The POSIX_MAX_FDS option does not correspond to any standard
POSIX option. It was used to define the size of the file
descriptor table, which is by no means exclusively used by
POSIX (also net, fs, ...).
POSIX_MAX_FDS is being deprecated in order to ensure that
Zephyr's POSIX Kconfig variables correspond to those defined in
the specification, as of IEEE 1003.1-2017. Namely,
POSIX_OPEN_MAX. CONFIG_POSIX_MAX_OPEN_FILES is being deprecated
for the same reason.
To mitigate any possible layering violations, that option is
not user selectable. It tracks the newly added
CONFIG_ZVFS_OPEN_MAX option, which is native to Zephyr.
With this deprecation, we introduce the following Kconfig
options that map directly to standard POSIX Option Groups by
simply removing "CONFIG_":
* CONFIG_POSIX_DEVICE_IO
Similarly, with this deprecation, we introduce the following
Kconfig options that map directly to standard POSIX Options by
simply removing "CONFIG":
* CONFIG_POSIX_OPEN_MAX
In order to maintain parity with the current feature set, we
introduce the following Kconfig options.
* CONFIG_POSIX_DEVICE_IO_ALIAS_CLOSE
* CONFIG_POSIX_DEVICE_IO_ALIAS_OPEN
* CONFIG_POSIX_DEVICE_IO_ALIAS_READ
* CONFIG_POSIX_DEVICE_IO_ALIAS_WRITE
Gate open(), close(), read(), and write() via the
CONFIG_POSIX_DEVICE_IO Kconfig option and move
implementations into device_io.c, to be conformant with the
spec.
Lastly, stage function names for upcoming ZVFS work, to be
completed as part of the LTSv3 Roadmap (e.g. zvfs_open(), ..).
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
2024-05-22 10:45:15 +08:00
|
|
|
CONFIG_ZVFS_OPEN_MAX=15
|
2023-07-30 07:46:32 +08:00
|
|
|
|
2023-01-23 20:51:43 +08:00
|
|
|
# TLS configuration
|
|
|
|
|
CONFIG_MBEDTLS=y
|
|
|
|
|
CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=y
|
|
|
|
|
CONFIG_MBEDTLS_ENABLE_HEAP=y
|
|
|
|
|
CONFIG_MBEDTLS_HEAP_SIZE=48000
|
|
|
|
|
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=2048
|
|
|
|
|
CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=6
|
|
|
|
|
CONFIG_NET_SOCKETS_SOCKOPT_TLS=y
|