Implements setsockopt() for the socket offload driver
to process the TLS tags sent in via the Zephyr setsockopt() API,
when CONFIG_NET_SOCKETS_SOCKOPT_TLS is chosen.
For each tag, the credential filenames are retrieved and
set via SimpleLink's sl_SetSockOpt() API.
Also, creates a new KConfig option for TLS_CREDENTIAL_FILENAMES.
This new option is used by apps/protocols to add TLS credentials
via filenames referring to the actual content stored on a secure
file system or flash.
Handles the IPPROTO_TLS_* socket protocol families in the
socket() offloaded API.
This was validated on the cc3220sf_launchxl with the http_get sockets
sample, with the globalsign_r2.der file loaded to secure flash via
the TI Uniflash tool, and using the TI Catalog of known good
root CA's.
Signed-off-by: Gil Pitney <gil.pitney@linaro.org>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
- Remove redundant 'n' defaults. 'n' is the default value for bool
symbols.
This makes the auto-generated documentation clearer as well: You get
"implicitly defaults to n" instead of
"- n if <propagated dependencies>".
- Shorten
<type>
prompt "foo"
to
<type> "foo"
This works for all types, not just bool.
- Various formatting nits.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Add TLS credential management subsystem that enables to register TLS
credentials in the system. Once specific credentials are registered in
the system, they will be available for TLS secure sockets to use.
To use a TLS credential with a socket, the following steps have to be
taken:
1. TLS credential has to be registered in a system-wide pool, using the
API provided in "net/tls_credentials.h" header file.
2. TLS credential (and other TLS parameters) should be set on a socket
using setsockopt().
Note, that there is no need to repeat step 1 for different sockets using
the same credentials. Once TLS credential is registered in the system,
it can be used with mulitple sockets, as long as it's not deleted.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Gil Pitney