LWIP random library and TCP sequence number improvements #4284
Conversation
|
cc @kjbracey-arm @geky |
| #endif | ||
|
|
||
| #if FEATURE_COMMON_PAL | ||
| void lwip_seed_random(void); |
There was a problem hiding this comment.
please provide documentation for this new API
There was a problem hiding this comment.
Added function descriptions.
| void lwip_seed_random(void); | ||
| void lwip_add_ramdom_seed(uint64_t seed); | ||
| #else | ||
| #define lwip_seed_random() |
There was a problem hiding this comment.
why are these defined? I would rather provide an empty implementation ?
will it work fro the random_seed ?
There was a problem hiding this comment.
If you want them defined as nothing, they need to at least be expressions - make them (void)0.
There was a problem hiding this comment.
Made empty functions for non-common pal case.
| randLIB_seed_random(); | ||
| } | ||
|
|
||
| void lwip_add_ramdom_seed(uint64_t seed) |
| @@ -24,12 +24,35 @@ EthernetInterface::EthernetInterface() | |||
| { | |||
| } | |||
|
|
|||
| bool validate_str(const char *str, const int len) | |||
There was a problem hiding this comment.
This all seems a bit clunky. This whole routine could just be
return str != NULL && strlen(str) < len;
You could also have replaced strncpy with snprintf, which doesn't have the no-zero-termination-if-truncating quirk.
There was a problem hiding this comment.
Does lwip already verify that the addresses are syntactically correct?
snprintf does come with a code-size cost, though you can just always force a null terminator:
strncpy(_ip_address, ip_address ? ip_address : "", sizeof(_ip_address));
_ip_address[sizeof(_ip_address)-1] = '\0';There was a problem hiding this comment.
Yes, lwip validates the addresses. Added enforcing of null terminator and removed validate_str functions.
There was a problem hiding this comment.
@geky You reckon nobody else is using snprintf?? Seems more likely to me that no-one is using strncpy.
| randLIB_add_seed(seed); | ||
| } | ||
|
|
||
| inline uint32_t lwip_get_random(void) |
There was a problem hiding this comment.
Only having inline in the C file doesn't achieve anything.
If you really want inlining, the only easily C99/C++ portable form is a "static inline" definition in the header file.
|
|
||
| /* Generate the hash, using MD5. */ | ||
| lwip_md5_starts(&ctx); | ||
| lwip_md5_update(&ctx, input, sizeof(input)); |
There was a problem hiding this comment.
This seems oddly pointless - trying to a copy of all the data bits into a static 64-byte buffer to pass it in one go, when you could freely pass the existing data pointers in multiple calls to update - the MD5 has its own 64-byte buffer.
I guess this is unmodified reference code though?
There was a problem hiding this comment.
Yes, reference code has that so leaving as it is.
There was a problem hiding this comment.
Is a bit bloaty though - 64 entire bytes of static RAM usage. Oh well. I guess it always needs 16 for the secret.
| #include "lwip_tcp_isn.h" | ||
| #define LWIP_HOOK_TCP_ISN lwip_hook_tcp_isn | ||
| #if MBEDTLS_MD5_C | ||
| #define LWIP_USE_EXTERNAL_MBEDTLS 1 |
There was a problem hiding this comment.
Can't this be set unconditionally? Not that it probably makes a difference.
There was a problem hiding this comment.
mbed tls c-functions are flagged with MBEDTLS_MD5_C so they do not exists in build without the flag.
There was a problem hiding this comment.
Ah, was being dense. Thought that was a LWIP flag.
| void lwip_seed_random(void); | ||
| void lwip_add_ramdom_seed(uint64_t seed); | ||
| #else | ||
| #define lwip_seed_random() |
There was a problem hiding this comment.
If you want them defined as nothing, they need to at least be expressions - make them (void)0.
|
|
||
| #include "lwip_random.h" | ||
|
|
||
| #if FEATURE_COMMON_PAL |
lwip now uses mbed client random library under common pal when available. Ported lwip reference TCP initial sequence number handling to mbed-os lwip stack. Handling is based on RFC 6528.
Coverity ids: 1373147 and 1374442.
|
Corrected review defects. |
|
/morph test-nightly |
Result: FAILUREYour command has finished executing! Here's what you wrote!
OutputTest failed! |
|
@bridadan, @studavekar, it's the arch pro issue again A believe a workaround is in progress |
|
It should be fixed now, restarting /morph test-nightly |
Result: SUCCESSYour command has finished executing! Here's what you wrote!
OutputAll builds and test passed! |
0xc0170
added
ready for merge
release-version: 5.5.0-rc1
and removed
needs: CI
ready for merge
labels
Description
Added support for common pal random library to LWIP. This corrects issue: #3891
Integrated LWIP TCP sequence number initialization reference code to mbed LWIP stack.
Corrected LWIP adaptation Coverity and compiler warnings.
Status
READY
Migrations
NO
Related PRs
None
Todos
Deploy notes
None
Steps to test or reproduce
None