Merge pull request #11524 from ARMmbed/release-candidate

Release candidate 3 for Mbed OS 5.14

features/cellular/framework/device/CellularStateMachine.cpp

@@ -165,6 +165,12 @@ bool CellularStateMachine::open_sim()
     bool sim_ready = state == CellularDevice::SimStateReady;
 
     if (sim_ready) {
+#ifdef MBED_CONF_CELLULAR_CLEAR_ON_CONNECT
+        if (_cellularDevice.clear() != NSAPI_ERROR_OK) {
+            tr_warning("CellularDevice clear failed");
+            return false;
+        }
+#endif
         _cb_data.error = _network.set_registration(_plmn);
         tr_debug("STM: set_registration: %d, plmn: %s", _cb_data.error, _plmn ? _plmn : "NULL");
         if (_cb_data.error) {
@@ -395,7 +401,6 @@ void CellularStateMachine::state_sim_pin()
             retry_state_or_fail();
             return;
         }
-
         if (_network.is_active_context()) { // check if context was already activated
             tr_debug("Active context found.");
             _status |= ACTIVE_PDP_CONTEXT;

features/cellular/framework/targets/UBLOX/AT/UBLOX_AT.cpp

@@ -117,7 +117,7 @@ nsapi_error_t UBLOX_AT::init()
     }
 #endif
 
-    return err;
+    return _at->unlock_return_error();
 }
 
 nsapi_error_t UBLOX_AT::config_authentication_parameters()

features/frameworks/mbed-coap/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Change Log
 
+## [v5.1.1](https://github.com/ARMmbed/mbed-coap/releases/tag/v5.1.1)
+
+- Delay the random initialization of message id to a later phase and not during init() so there is enough time
+  for system to complete the rest of the initialization.
+
+-[Full Changelog](https://github.com/ARMmbed/mbed-coap/compare/v5.1.0...v5.1.1)
+
+
 ## [v5.1.0](https://github.com/ARMmbed/mbed-coap/releases/tag/v5.1.0)
 
 - Introduce SN_COAP_REDUCE_BLOCKWISE_HEAP_FOOTPRINT configuration flag. 

features/frameworks/mbed-coap/source/sn_coap_protocol.c

@@ -179,13 +179,7 @@ struct coap_s *sn_coap_protocol_init(void *(*used_malloc_func_ptr)(uint16_t), vo
 
 #endif /* ENABLE_RESENDINGS */
 
-    /* Randomize global message ID */
-    randLIB_seed_random();
-    message_id = randLIB_get_16bit();
-    if (message_id == 0) {
-        message_id = 1;
-    }
-
+    message_id = 0;
     return handle;
 }
 
@@ -2523,6 +2517,11 @@ static bool compare_address_and_port(const sn_nsdl_addr_s* left, const sn_nsdl_a
 
 static uint16_t get_new_message_id(void)
 {
+    if (message_id == 0) {
+        /* Randomize global message ID */
+        randLIB_seed_random();
+        message_id = randLIB_get_16bit();
+    }
     message_id++;
     if (message_id == 0) {
         message_id = 1;

features/mbedtls/VERSION.txt

@@ -1 +1 @@
-mbedtls-2.19.0
+mbedtls-2.19.1

features/mbedtls/importer/Makefile

@@ -27,7 +27,7 @@
 #
 
 # Set the mbed TLS release to import (this can/should be edited before import)
-MBED_TLS_RELEASE ?= mbedtls-2.19.0
+MBED_TLS_RELEASE ?= mbedtls-2.19.1
 MBED_TLS_REPO_URL ?= git@github.com:ARMmbed/mbedtls-restricted.git
 
 # Translate between mbed TLS namespace and mbed namespace

features/mbedtls/inc/mbedtls/check_config.h

@@ -305,6 +305,14 @@
 #error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites"
+#endif
+
+#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites"
+#endif
+
 #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
 #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
 #endif

features/mbedtls/inc/mbedtls/ssl.h

@@ -970,7 +970,8 @@ struct mbedtls_ssl_config
      *  tls_prf and random bytes. Should replace f_export_keys    */
     int (*f_export_keys_ext)( void *, const unsigned char *,
                 const unsigned char *, size_t, size_t, size_t,
-                unsigned char[32], unsigned char[32], mbedtls_tls_prf_types );
+                const unsigned char[32], const unsigned char[32],
+                mbedtls_tls_prf_types );
     void *p_export_keys;            /*!< context for key export callback    */
 #endif
 
@@ -1925,8 +1926,8 @@ typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey,
                                            size_t maclen,
                                            size_t keylen,
                                            size_t ivlen,
-                                           unsigned char client_random[32],
-                                           unsigned char server_random[32],
+                                           const unsigned char client_random[32],
+                                           const unsigned char server_random[32],
                                            mbedtls_tls_prf_types tls_prf_type );
 #endif /* MBEDTLS_SSL_EXPORT_KEYS */
 

features/mbedtls/src/ssl_tls.c

@@ -1427,9 +1427,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
                                       master, keyblk,
                                       mac_key_len, keylen,
                                       iv_copy_len,
-                                      /* work around bug in exporter type */
-                                      (unsigned char *) randbytes + 32,
-                                      (unsigned char *) randbytes,
+                                      randbytes + 32,
+                                      randbytes,
                                       tls_prf_get_type( tls_prf ) );
     }
 #endif

features/nanostack/sal-stack-nanostack/Makefile

@@ -37,7 +37,7 @@ override CFLAGS += -I$(EVENTLOOP_DIR)/nanostack-event-loop
 override CFLAGS += -I$(NSDL_DIR)/nsdl-c
 override CFLAGS += -I$(COAP_DIR)
 override CFLAGS += -I$(COAP_SERVICE_LIB)/coap-service
-override CFLAGS += -I$(MBEDTLS_DIR)/include
+override CFLAGS += -I$(MBEDTLS_DIR)/include -I$(MBEDTLS_DIR)/crypto/include
 override CFLAGS += $(addprefix -I,$(INCLUDE_DIRS))
 override CFLAGS += $(addprefix -D,$(FLAGS))
 
@@ -153,7 +153,7 @@ mbed-release-build-$(1): $(1)-$(2)-$(3)-build
 .PHONY: $(1)-$(2)-build
 $(1)-$(2)-$(3)-build: export-headers
 	@echo Build $(2) on $(1) for $(3)
-	make CC=$(CC_$(1)) CONFIG=$(2) CPU=$(3) APPEND_LIB_NAME=1 CFLAGS="-DNS_USE_EXTERNAL_MBED_TLS -I../mbedtls/include/"
+	make CC=$(CC_$(1)) CONFIG=$(2) CPU=$(3) APPEND_LIB_NAME=1 CFLAGS="-DNS_USE_EXTERNAL_MBED_TLS -I../mbedtls/include/ -I../crypto/include/"
 
 # Generate target directory name
 # Like: FEATURE_NANOSTACK/FEATURE_LOWPAN_ROUTER/TOOLCHAIN_ARM/TARGET_CORTEX_M0P

features/nanostack/sal-stack-nanostack/nanostack/ws_bbr_api.h

@@ -120,4 +120,24 @@ int ws_bbr_node_keys_remove(int8_t interface_id, uint8_t *eui64);
  */
 int ws_bbr_node_access_revoke_start(int8_t interface_id);
 
+/**
+ * Set EAPOL node limit
+ *
+ * Border router stores EAPOL key information for each authenticated node.
+ * Sets the maximum number of EAPOL nodes stored by border router. If count
+ * of node's exceed the limit, border router deletes the node information
+ * starting from oldest node (node that has authenticated longest time
+ * ago), to make room for new nodes. When network keys are updated, nodes
+ * which have been removed from storage, must make full authentication again.
+ * Value for this parameter should be set to be more than maximum amount of
+ * nodes that are expected to be connected to border router.
+ *
+ * \param interface_id Network interface ID.
+ * \param limit Limit for nodes
+ *
+ * \return 0, Node limit set
+ * \return <0 Node limit set failed.
+ */
+int ws_bbr_eapol_node_limit_set(int8_t interface_id, uint16_t limit);
+
 #endif /* WS_BBR_API_H_ */

features/nanostack/sal-stack-nanostack/source/6LoWPAN/Bootstraps/Generic/protocol_6lowpan_bootstrap.c

@@ -1787,7 +1787,7 @@ int8_t arm_6lowpan_bootstarp_bootstrap_set(int8_t interface_id, net_6lowpan_mode
          */
         if (cur->lowpan_info & INTERFACE_NWK_ROUTER_DEVICE) {
             //rpl_control_set_domain_on_interface(cur, protocol_6lowpan_rpl_domain, true);
-            //rpl_control_set_callback(protocol_6lowpan_rpl_domain, protocol_6lowpan_bootstrap_rpl_callback, NULL, cur);
+            //rpl_control_set_callback(protocol_6lowpan_rpl_domain, protocol_6lowpan_bootstrap_rpl_callback, NULL, NULL, cur);
         }
 #endif
         cur->configure_flags |= INTERFACE_BOOTSTRAP_DEFINED;
@@ -2182,7 +2182,7 @@ void nwk_6lowpan_nd_address_registartion_ready(protocol_interface_info_entry_t *
             // arm_nwk_6lowpan_rpl_dodag_poison from a previous connection may have left force_leaf set
             rpl_control_force_leaf(protocol_6lowpan_rpl_domain, false);
             rpl_control_set_domain_on_interface(cur, protocol_6lowpan_rpl_domain, true);
-            rpl_control_set_callback(protocol_6lowpan_rpl_domain, protocol_6lowpan_bootstrap_rpl_callback, NULL, cur);
+            rpl_control_set_callback(protocol_6lowpan_rpl_domain, protocol_6lowpan_bootstrap_rpl_callback, NULL, NULL, cur);
         }
         // Send unicast DIS to coordinator
         nwk_bootstrap_icmp_rpl_dis_coord_msg_tx(cur);

features/nanostack/sal-stack-nanostack/source/6LoWPAN/ws/ws_bbr_api.c

@@ -609,7 +609,6 @@ int ws_bbr_node_keys_remove(int8_t interface_id, uint8_t *eui64)
 {
     (void) interface_id;
     (void) eui64;
-
 #ifdef HAVE_WS_BORDER_ROUTER
     return ws_pae_controller_node_keys_remove(interface_id, eui64);
 #else
@@ -620,11 +619,20 @@ int ws_bbr_node_keys_remove(int8_t interface_id, uint8_t *eui64)
 int ws_bbr_node_access_revoke_start(int8_t interface_id)
 {
     (void) interface_id;
-
 #ifdef HAVE_WS_BORDER_ROUTER
     return ws_pae_controller_node_access_revoke_start(interface_id);
 #else
     return -1;
 #endif
 }
 
+int ws_bbr_eapol_node_limit_set(int8_t interface_id, uint16_t limit)
+{
+    (void) interface_id;
+#ifdef HAVE_WS_BORDER_ROUTER
+    return ws_pae_controller_node_limit_set(interface_id, limit);
+#else
+    (void) limit;
+    return -1;
+#endif
+}