The following methods are modified to allow for future development:
Interface org.bluez.mesh.Management1:
Old: void UnprovisionedScan(uint16 seconds)
New: void UnprovisionedScan(dict options)
The options parameter is a dictionary with the following keys defined:
uint16 Seconds
Specifies number of seconds for scanning to be active.
If set to 0 or if this key is not present, then the
scanning will continue until UnprovisionedScanCancel()
or AddNode() methods are called.
other keys TBD
Old: void AddNode(array{byte}[16] uuid)
New: void AddNode(array{byte}[16] uuid, dict options)
The options parameter is currently an empty dictionary
Interface org.bluez.mesh.Provisioner1
Old: void ScanResult(int16 rssi, array{byte} data)
New: void ScanResult(int16 rssi, array{byte} data, dict options)
The options parameter is currently an empty dictionary
This patch fixes usage of send_pub_status() when handling publication
set message - mod_id was swapped with pub_addr, resulting in malformed
message being sent back to the Config Client.
Provision complete callback is handled in provision failure case.
If link closed received abruptly with reason success, triggered
provision complete callback. Removed session timeout and session
free as they are handled in pb_adv_unreg.
4.4.1.2.9 of Mesh Profile Bluetooth specification:
When an element receives a Config NetKey Delete message that
identifies a NetKey that is not in the NetKey List, it
responds with Success, because the result of deleting the
key that does not exist in the NetKey List will be the same
as if the key was deleted from the NetKey List.
For added reliability, it is legal to send short messages as "single
segment" segmented messages, which require transport layer
acknowledgement. This feature is intended for heavy usage in the future
so I am adding it now.
Further, to support this functionality, an additional queue has been
added to allow multiple SAR messages to the same DST to be queued and
sent serially.
This fixes a condition when a node continues processing messages
after it has been reset by a remote configuration client.
Upon receiving Config Node Reset message, node removal happens after
a grace interval to allow sending of Config Node Reset Status reply.
This removes unused ttl parameter from mesh_model_rx(). The TTL value
is not processed at the access layer, so there is no need to pass it
to a model.
Also, remove "uint32_t dst" parameter from the typedef of
mesh_model_recv_cb: providing a just destination address is sufficient
for internally implemented models (currently, it's only Config Server)
Future versions of Mesh will introduce new advertising packets, which
do not fit in the limited and rigid filtering currently used. This minor
rewrite allows registering and receiving of *any* AD types, including
the filtering on multiple octets of the incoming AD parts.
This fixes a bug when a virtual label and its size hasn't been passed
to a decryption function: instead of always using NULL pointer for
label and 0 for lable size, use actual virtual label info if decrypting
a payload addressed to a virtual destination.
This fixes how app key files are accessed when finalizing
Key Refresh procedure. Instead of using open(entry->d_name, ...)
to get file descriptor, use openat(dir_fd, entry->d_name, ...)
since entry->d_name contains a relative app key filename, not an
absolute path.
This handles a case when a Key Refresh procedure is in place with
no application keys stored in the keyring. When KR procedure is
finalized, the check for the presence of AppKeys storage directory
does not return failure if the directory does not exist.
Also, remove duplicate include.
Re-arranged for efficiency. Replay Protection was set up as an atomic
check-and-add operation. Now we check the message early so we can
discard it without taking further action, and only add it to the RPL
once fully verified that it was authorized and addressed to us.
Mesh specification requires that Replay Protection be preserved
across node restarts. This adds that storage in
<node_uuid>/rpl/<iv_index>/<src>
Realtime access remains in an l_queue structure, and stored as
messages are processed.
Replay Protection was only being applied against Application Keys,
but messages with Device Keys are just as vulnerable, and need to be
checked as well.
Scrub of Sequence Number handling of OB messages to account for in-node
delivery of segmented messages, so that each discrete message has a
unique sequence number for the RPL.
The specification calls for a flatter Replay Protection List that
applies to all processed messages, regardless of which credentials
were used to secure them. So storage and checking is now centralized
in mesh/net.c
In Public Key OOB case, when provisioner receives public key via
OOB, provisioner has to send it's public key to remote node and
and then proceed for authentication.
Handle invalid keys case.
Provisioning agent interface methods PublicKey, PrivateKey and
Cancel do not accept any parameters. So, while invoking them
explicitly set the parameters to "".
Any packet that may be handled internally by the daemon must be sent in
it's own idle_oneshot context, to prevent multiple nodes from handling
and responding in the same context, eventually corrupting memory.
This addresses the following crash:
Program terminated with signal SIGSEGV, Segmentation fault.
0 tcache_get (tc_idx=0) at malloc.c:2951
2951 tcache->entries[tc_idx] = e->next;
(gdb) bt
0 tcache_get (tc_idx=0) at malloc.c:2951
1 __GI___libc_malloc (bytes=bytes@entry=16) at malloc.c:3058
2 0x0000564cff9bc1de in l_malloc (size=size@entry=16) at ell/util.c:62
3 0x0000564cff9bd46b in l_queue_push_tail (queue=0x564d000c9710, data=data@entry=0x564d000d0d60) at ell/queue.c:136
4 0x0000564cff9beabd in idle_add (callback=callback@entry=0x564cff9be4e0 <oneshot_callback>, user_data=user_data@entry=0x564d000d4700,
flags=flags@entry=268435456, destroy=destroy@entry=0x564cff9be4c0 <idle_destroy>) at ell/main.c:292
5 0x0000564cff9be5f7 in l_idle_oneshot (callback=callback@entry=0x564cff998bc0 <tx_worker>, user_data=user_data@entry=0x564d000d83f0,
destroy=destroy@entry=0x0) at ell/idle.c:144
6 0x0000564cff998326 in send_tx (io=<optimized out>, info=0x7ffd035503f4, data=<optimized out>, len=<optimized out>)
at mesh/mesh-io-generic.c:637
7 0x0000564cff99675a in send_network_beacon (key=0x564d000cfee0) at mesh/net-keys.c:355
8 snb_timeout (timeout=0x564d000dd730, user_data=0x564d000cfee0) at mesh/net-keys.c:364
9 0x0000564cff9bdca2 in timeout_callback (fd=<optimized out>, events=<optimized out>, user_data=0x564d000dd730) at ell/timeout.c:81
10 timeout_callback (fd=<optimized out>, events=<optimized out>, user_data=0x564d000dd730) at ell/timeout.c:70
11 0x0000564cff9bedcd in l_main_iterate (timeout=<optimized out>) at ell/main.c:473
12 0x0000564cff9bee7c in l_main_run () at ell/main.c:520
13 l_main_run () at ell/main.c:502
14 0x0000564cff9bf08c in l_main_run_with_signal (callback=<optimized out>, user_data=0x0) at ell/main.c:642
15 0x0000564cff994b64 in main (argc=<optimized out>, argv=0x7ffd03550668) at mesh/main.c:268
This allows specifying io type and options when invoking the daemon.
When no "-i" is passed, meshd still runs with MESH_IO_TYPE_GENERIC and
tries to attach to the first available HCI interface.
Options "-i <n>" and "-i hci<n>" are just shortcuts for
"--io=generic:<n>" and "--io=generic:hci<n>", respectively.
When responding with NetKey List Status, packed NetKey indices into
3 octets per pair. If number of NetKeys is odd, append the last key
index as a 2-octet value.
First valid SNB received from the network should cause the node to
switch into IV_UPD_NORMAL state.
Otherwise, it will never try to enter IV Update procedure when sequence
number approaches the IV_UPDATE_SEQ_TRIGGER, because that's only allowed
in IV_UPD_NORMAL.
After introducing "remote" flag for DevKeyMessageReceived in
c8cd5b04cc, we can now allow applications
to received DevKey messages from external addresses as well as from
local ones.
This enables applications to properly implement models using DevKey
security, by accepting only requests with "remote" flag set to false.
When a netkey is deleted all the appkeys bound to this key has
to be deleted as well. This fixes app_key queue manipulation to
avoid issues caused by modifying the queue while iterating over it:
instead of iteration over all the entries, find a first bound key,
delete it, find next... and so on, until there are no bound keys
left in the app_keys queue.
When deleting an AppKey from a node, call mesh_config_app_key_del()
only from appkey level (i.e., keep it contained in appkey.c and
remove the duplicate call in node.c)
Also, simplify the node_app_key_delete() argument list.
This patch fixes saving IV received in SNB to storage.
Previously after creating new node with IV 0 (or loading node with
IV > 0 but after long inactivity) first received SNB should update IV
(and reset sequence number to 0 if necessary).
The bug would prevent new IV being saved in storage which resulted in
sequence number being set to 0 on first SNB received after every daemon
reset but IV never being updated.
5.3.2 of Mesh Profile Bluetooth specification:
To open a link, the provisioner shall start the link establishment
timer, set to 60 seconds, and then shall start sending Link Open
messages.
On timeout, close indication will be sent. Provisioner cancels the
Link Establishment timer, when the link is open i.e. in pb_adv_tx().
This removes a roundabout logic that was required to delete
a json entry from a json array using libjsonc utilities.
A new API function, json_object_array_del_idx(), implemented in
json-c version 0.13 simplifies array entry removal to one call.
Also, add requirement to configure.ac for json-c version >= 0.13
D-Bus spec mandates that GetManagedObjects method of
org.freedesktop.DBus.ObjectManager interface returns *children* only:
https://dbus.freedesktop.org/doc/dbus-specification.html
> All returned object paths are children of the object path implementing
> this interface, i.e. their object paths start with the ObjectManager's
> object path plus '/'
Both test scripts and ELL abuse this by returning application interfaces
via ObjectManager attached to the same path, but other D-Bus
implementations do not, making Attach() fail because mandatory
interfaces cannot be found.
This patch fixes the issue by scanning hierarchy returned by
GetManagedObjects for object implementing org.bluez.mesh.Application1
interface and keeping that as node's app_path.
This adds key file with default settings for the mesh daemon.
The following settings are included:
Beacon: Default setting for to indicate whether
secure network beaconing is enabled for a
node whose Beacon state hasn't been configured
by a configuration client, i.e., this setting
apllies to a newly provisioned, created or
imported node.
Relay: Default setting for supporting relay
Friendship: Default setting for supporting Friendship
CRPL: Default depth of replay protection list.
FriendQueueSize: Default size of friend queue: the number
of messages that each Friend node can store
for the Low Power node.
ProvTimeout: Provisioning timeout in seconds.