struct tcpports
{
uint16_t u4; /**< unicast IPv4 socket port */
+ uint16_t u4s; /**< unicast IPv6 socket secure port */
uint16_t u6; /**< unicast IPv6 socket port */
+ uint16_t u6s; /**< unicast IPv6 socket secure port */
} tcp;
#endif
} CAPorts_t;
{
void *threadpool; /**< threadpool between Initialize and Start */
CASocket_t ipv4; /**< IPv4 accept socket */
+ CASocket_t ipv4s; /**< IPv4 accept socket secure */
CASocket_t ipv6; /**< IPv6 accept socket */
+ CASocket_t ipv6s; /**< IPv6 accept socket secure */
void *svrlist; /**< unicast IPv4 TCP server information*/
int selectTimeout; /**< in seconds */
int listenBacklog; /**< backlog counts*/
static void CAInitializeTCPGlobals()
{
caglobals.tcp.ipv4.fd = -1;
+ caglobals.tcp.ipv4s.fd = -1;
caglobals.tcp.ipv6.fd = -1;
+ caglobals.tcp.ipv6s.fd = -1;
+
+ // Set the port number received from application.
+ caglobals.tcp.ipv4.port = caglobals.ports.tcp.u4;
+ caglobals.tcp.ipv4s.port = caglobals.ports.tcp.u4s;
+ caglobals.tcp.ipv6.port = caglobals.ports.tcp.u6;
+ caglobals.tcp.ipv6s.port = caglobals.ports.tcp.u6s;
+
caglobals.tcp.selectTimeout = CA_TCP_SELECT_TIMEOUT;
caglobals.tcp.listenBacklog = CA_TCP_LISTEN_BACKLOG;
caglobals.tcp.svrlist = NULL;
// Start network monitoring to receive adapter status changes.
CAIPStartNetworkMonitor(CATCPAdapterHandler, CA_ADAPTER_TCP);
- // Set the port number received from application.
- caglobals.tcp.ipv4.port = caglobals.ports.tcp.u4;
- caglobals.tcp.ipv6.port = caglobals.ports.tcp.u6;
-
#ifndef SINGLE_THREAD
if (CA_STATUS_OK != CATCPInitializeQueueHandles())
{
FD_ZERO(&readFds);
CA_FD_SET(ipv4, &readFds);
+ CA_FD_SET(ipv4s, &readFds);
CA_FD_SET(ipv6, &readFds);
+ CA_FD_SET(ipv6s, &readFds);
if (OC_INVALID_SOCKET != caglobals.tcp.shutdownFds[0])
{
CAAcceptConnection(CA_IPV4, &caglobals.tcp.ipv4);
return;
}
+ else if (caglobals.tcp.ipv4s.fd != -1 && FD_ISSET(caglobals.tcp.ipv4s.fd, readFds))
+ {
+ CAAcceptConnection(CA_IPV4 | CA_SECURE, &caglobals.tcp.ipv4s);
+ return;
+ }
else if (caglobals.tcp.ipv6.fd != -1 && FD_ISSET(caglobals.tcp.ipv6.fd, readFds))
{
CAAcceptConnection(CA_IPV6, &caglobals.tcp.ipv6);
return;
}
+ else if (caglobals.tcp.ipv6s.fd != -1 && FD_ISSET(caglobals.tcp.ipv6s.fd, readFds))
+ {
+ CAAcceptConnection(CA_IPV6 | CA_SECURE, &caglobals.tcp.ipv6s);
+ return;
+ }
else if (-1 != caglobals.tcp.connectionFds[0] &&
FD_ISSET(caglobals.tcp.connectionFds[0], readFds))
{
if (caglobals.server)
{
NEWSOCKET(AF_INET, ipv4);
+ NEWSOCKET(AF_INET, ipv4s);
NEWSOCKET(AF_INET6, ipv6);
+ NEWSOCKET(AF_INET6, ipv6s);
OIC_LOG_V(DEBUG, TAG, "IPv4 socket fd=%d, port=%d",
caglobals.tcp.ipv4.fd, caglobals.tcp.ipv4.port);
+ OIC_LOG_V(DEBUG, TAG, "IPv4 secure socket fd=%d, port=%d",
+ caglobals.tcp.ipv4s.fd, caglobals.tcp.ipv4s.port);
OIC_LOG_V(DEBUG, TAG, "IPv6 socket fd=%d, port=%d",
caglobals.tcp.ipv6.fd, caglobals.tcp.ipv6.port);
+ OIC_LOG_V(DEBUG, TAG, "IPv6 secure socket fd=%d, port=%d",
+ caglobals.tcp.ipv6s.fd, caglobals.tcp.ipv6s.port);
}
// create pipe for fast shutdown
// close accept socket.
CLOSE_SOCKET(ipv4);
+ CLOSE_SOCKET(ipv4s);
CLOSE_SOCKET(ipv6);
+ CLOSE_SOCKET(ipv6s);
if (caglobals.tcp.started)
{
/** TCP Port. */
#define OC_RSRVD_TCP_PORT "x.org.iotivity.tcp"
+/** TLS Port. */
+#define OC_RSRVD_TLS_PORT "tls"
+
/** For Server instance ID.*/
#define OC_RSRVD_SERVER_INSTANCE_ID "sid"
}
#ifdef TCP_ADAPTER
- err |= cbor_encode_text_string(&policyMap, OC_RSRVD_TCP_PORT,
- sizeof(OC_RSRVD_TCP_PORT) - 1);
- VERIFY_CBOR_SUCCESS(TAG, err, "Failed adding tcp port tag");
- err |= cbor_encode_uint(&policyMap, resource->tcpPort);
- VERIFY_CBOR_SUCCESS(TAG, err, "Failed adding tcp port value");
+#ifdef __WITH_TLS__
+ // tls
+ if (resource->secure)
+ {
+ err |= cbor_encode_text_string(&policyMap, OC_RSRVD_TLS_PORT,
+ sizeof(OC_RSRVD_TLS_PORT) - 1);
+ VERIFY_CBOR_SUCCESS(TAG, err, "Failed adding tcp secure port tag");
+ err |= cbor_encode_uint(&policyMap, resource->tcpPort);
+ VERIFY_CBOR_SUCCESS(TAG, err, "Failed adding tcp secure port value");
+ }
+
+ // tcp
+ else
+#endif
+ {
+ err |= cbor_encode_text_string(&policyMap, OC_RSRVD_TCP_PORT,
+ sizeof(OC_RSRVD_TCP_PORT) - 1);
+ VERIFY_CBOR_SUCCESS(TAG, err, "Failed adding tcp port tag");
+ err |= cbor_encode_uint(&policyMap, resource->tcpPort);
+ VERIFY_CBOR_SUCCESS(TAG, err, "Failed adding tcp port value");
+ }
#endif
err |= cbor_encoder_close_container(&linkMap, &policyMap);
VERIFY_CBOR_SUCCESS(TAG, err, "Failed closing policy map");
VERIFY_CBOR_SUCCESS(TAG, err, "to find tcp port value");
resource->tcpPort = (uint16_t)tcpPort;
}
+
+#ifdef __WITH_TLS__
+ // TLS Port
+ err = cbor_value_map_find_value(&policyMap, OC_RSRVD_TLS_PORT, &curVal);
+ if (cbor_value_is_valid(&curVal))
+ {
+ int tlsPort;
+
+ err = cbor_value_get_int(&curVal, &tlsPort);
+ VERIFY_CBOR_SUCCESS(TAG, err, "to find tcp tls port value");
+ resource->tcpPort = (uint16_t)tlsPort;
+ }
+#endif
#endif
// Endpoints
CborValue epsMap;
#ifdef TCP_ADAPTER
/* This method will retrieve the tcp port */
-static OCStackResult GetTCPPortInfo(OCDevAddr *endpoint, uint16_t *port)
+static OCStackResult GetTCPPortInfo(OCDevAddr *endpoint, uint16_t *port, bool secured)
{
uint16_t p = 0;
{
if (endpoint->flags & OC_IP_USE_V4)
{
- p = caglobals.tcp.ipv4.port;
+ p = secured ? caglobals.tcp.ipv4s.port : caglobals.tcp.ipv4.port;
}
else if (endpoint->flags & OC_IP_USE_V6)
{
- p = caglobals.tcp.ipv6.port;
+ p = secured ? caglobals.tcp.ipv6s.port : caglobals.tcp.ipv6.port;
}
}
}
#ifdef TCP_ADAPTER
uint16_t tcpPort = 0;
- if (GetTCPPortInfo(devAddr, &tcpPort) != OC_STACK_OK)
- {
- tcpPort = 0;
- }
+ GetTCPPortInfo(devAddr, &tcpPort, (resourcePtr->resourceProperties & OC_SECURE));
+
OCDiscoveryPayloadAddResourceWithEps(payload, resourcePtr, securePort,
isVirtual, networkInfo, infoSize, devAddr, tcpPort);
#else