From 5d741b9d41224bc739878a5aa5c9e628879113e6 Mon Sep 17 00:00:00 2001 From: chrysn Date: Thu, 2 Mar 2023 09:15:51 +0100 Subject: [PATCH 1/3] pkg/tinydtls: Set buffer size as required for gcoap --- pkg/tinydtls/Makefile | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/pkg/tinydtls/Makefile b/pkg/tinydtls/Makefile index 973f44dbc199..79cb15cfcc29 100644 --- a/pkg/tinydtls/Makefile +++ b/pkg/tinydtls/Makefile @@ -18,3 +18,18 @@ all: ifeq (llvm,$(TOOLCHAIN)) CFLAGS += -Wno-format-nonliteral endif + +ifneq (,$(filter gcoap,$(USEMODULE))) + # Configuring the buffer large enough that a full Gcoap packet can be + # encrypted or decrypted. + + # This is the default in gcoap.h, which we don't have access to, so it is copied over. + CONFIG_GCOAP_PDU_BUF_SIZE := $(or $(CONFIG_GCOAP_PDU_BUF_SIZE),128) + + # If there were another way to set up DTLS_MAX_BUF, we'd need to set the + # maximum of these here. + # + # 29 bytes are the overhead measured with Wireshark on packets exchanged in + # default configuration; adding some to be safe against variable size fields. + CFLAGS += "-DDTLS_MAX_BUF=($(CONFIG_GCOAP_PDU_BUF_SIZE) + 36)" +endif From f7a83a7edcf4bcbd317dc338ff143aefb51691a5 Mon Sep 17 00:00:00 2001 From: chrysn Date: Thu, 2 Mar 2023 09:16:09 +0100 Subject: [PATCH 2/3] tinydtls: Reduce default verbosity --- pkg/tinydtls/Makefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkg/tinydtls/Makefile b/pkg/tinydtls/Makefile index 79cb15cfcc29..4d6bdd100266 100644 --- a/pkg/tinydtls/Makefile +++ b/pkg/tinydtls/Makefile @@ -33,3 +33,8 @@ ifneq (,$(filter gcoap,$(USEMODULE))) # default configuration; adding some to be safe against variable size fields. CFLAGS += "-DDTLS_MAX_BUF=($(CONFIG_GCOAP_PDU_BUF_SIZE) + 36)" endif + +# TinyDTLS emits several messages during connection establishment at the info +# level; this is way more verbose than common in RIOT. +TINYDTLS_LOG_LEVEL ?= LOG_WARNING +CFLAGS += -DLOG_LEVEL=$(TINYDTLS_LOG_LEVEL) From f2d5928ee5b01c28d0e0aca719e5e1336f6c07fb Mon Sep 17 00:00:00 2001 From: chrysn Date: Tue, 28 Feb 2023 16:06:39 +0100 Subject: [PATCH 3/3] dtls, tinydtls: Raise default number of connections --- pkg/tinydtls/Kconfig | 1 + pkg/tinydtls/Makefile.include | 6 ++++++ sys/include/net/dtls.h | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/pkg/tinydtls/Kconfig b/pkg/tinydtls/Kconfig index 14ef675737e4..daf62b0fb186 100644 --- a/pkg/tinydtls/Kconfig +++ b/pkg/tinydtls/Kconfig @@ -38,6 +38,7 @@ config DTLS_CONTEXT_MAX config DTLS_PEER_MAX int "Max number of peers" + default 2 if KCONFIG_USEMODULE_GCOAP_DTLS default 1 help The maximum number of DTLS peers. diff --git a/pkg/tinydtls/Makefile.include b/pkg/tinydtls/Makefile.include index fda2825bd6ef..79245a2b986a 100644 --- a/pkg/tinydtls/Makefile.include +++ b/pkg/tinydtls/Makefile.include @@ -63,6 +63,12 @@ endif PEER_MAX := $(or $(CONFIG_DTLS_PEER_MAX),$(patsubst -DCONFIG_DTLS_PEER_MAX=%,%,$(filter -DCONFIG_DTLS_PEER_MAX=%,$(CFLAGS)))) ifneq (,$(PEER_MAX)) CFLAGS += -DDTLS_PEER_MAX=$(PEER_MAX) +else ifneq (,$(filter gcoap_dtls,$(USEMODULE))) + # The default value in sys/include/net/dtls.h for CONFIG_DTLS_PEER_MAX is 2 + # when gcoap_dtls is active, otherwise 1. As the default in tinydtls is 1, + # we need to set it explicitly if the dtls.h default value deviates from + # the tinydtls default. + CFLAGS += -DDTLS_PEER_MAX=2 endif HANDSHAKE_MAX := $(or $(CONFIG_DTLS_HANDSHAKE_MAX),$(patsubst -DCONFIG_DTLS_HANDSHAKE_MAX=%,%,$(filter -DCONFIG_DTLS_HANDSHAKE_MAX=%,$(CFLAGS)))) diff --git a/sys/include/net/dtls.h b/sys/include/net/dtls.h index bfc9dada4e8a..1e5571dacebc 100644 --- a/sys/include/net/dtls.h +++ b/sys/include/net/dtls.h @@ -36,6 +36,8 @@ #ifndef NET_DTLS_H #define NET_DTLS_H +#include "modules.h" + #ifdef __cplusplus extern "C" { #endif @@ -44,8 +46,12 @@ extern "C" { * @brief The maximum number DTLS peers (i.e. sessions) */ #ifndef CONFIG_DTLS_PEER_MAX +#if IS_USED(MODULE_GCOAP_DTLS) +#define CONFIG_DTLS_PEER_MAX (2) +#else #define CONFIG_DTLS_PEER_MAX (1) #endif +#endif #ifdef __cplusplus }