diff --git a/src/cli/README.md b/src/cli/README.md index 6cfabb9e9..b5d3a1e3d 100644 --- a/src/cli/README.md +++ b/src/cli/README.md @@ -94,6 +94,7 @@ Done - [state](#state) - [thread](#thread-start) - [txpower](#txpower) +- [unsecureport](#unsecureport-add-port) - [version](#version) ## OpenThread Command Details @@ -1701,6 +1702,43 @@ Set the transmit power. Done ``` +### unsecureport add \ + +Add a port to the allowed unsecured port list. + +```bash +> unsecureport add 1234 +Done +``` + +### unsecureport remove \ + +Remove a port from the allowed unsecured port list. + +```bash +> unsecureport remove 1234 +Done +``` + +### unsecureport remove all + +Remove all ports from the allowed unsecured port list. + +```bash +> unsecureport remove all +Done +``` + +### unsecureport get + +Print all ports from the allowed unsecured port list. + +```bash +> unsecureport get +1234 +Done +``` + ### version Print the build version information. diff --git a/src/cli/README_UDP.md b/src/cli/README_UDP.md index b62fdb7d2..08ca4fc33 100644 --- a/src/cli/README_UDP.md +++ b/src/cli/README_UDP.md @@ -42,6 +42,7 @@ On node 1, you should see a print out similar to below: - [bind](#bind-ip-port) - [close](#close) - [connect](#connect-ip-port) +- [linksecurity](#linksecurity) - [open](#open) - [send](#send-ip-port-message) @@ -95,6 +96,34 @@ Specifies the peer with which the socket is to be associated. Done ``` +### linksecurity + +Indicates whether the link security is enabled or disabled. + +```bash +> udp linksecurity +Enabled +Done +``` + +### linksecurity enable + +Enable link security. + +```bash +> udp linksecurity enable +Done +``` + +### linksecurity disable + +Disable link security. + +```bash +> udp linksecurity disable +Done +``` + ### open Opens the example socket. diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index a4ed75d90..7b865cdba 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -247,6 +247,7 @@ const struct Command Interpreter::sCommands[] = { {"thread", &Interpreter::ProcessThread}, {"txpower", &Interpreter::ProcessTxPower}, {"udp", &Interpreter::ProcessUdp}, + {"unsecureport", &Interpreter::ProcessUnsecurePort}, {"version", &Interpreter::ProcessVersion}, }; @@ -3687,6 +3688,64 @@ void Interpreter::ProcessUdp(uint8_t aArgsLength, char *aArgs[]) AppendResult(error); } +void Interpreter::ProcessUnsecurePort(uint8_t aArgsLength, char *aArgs[]) +{ + otError error = OT_ERROR_NONE; + + VerifyOrExit(aArgsLength >= 1, error = OT_ERROR_INVALID_ARGS); + + if (strcmp(aArgs[0], "add") == 0) + { + unsigned long value; + + VerifyOrExit(aArgsLength == 2, error = OT_ERROR_INVALID_ARGS); + SuccessOrExit(error = ParseUnsignedLong(aArgs[1], value)); + VerifyOrExit(value <= 0xffff, error = OT_ERROR_INVALID_ARGS); + SuccessOrExit(error = otIp6AddUnsecurePort(mInstance, static_cast(value))); + } + else if (strcmp(aArgs[0], "remove") == 0) + { + VerifyOrExit(aArgsLength == 2, error = OT_ERROR_INVALID_ARGS); + + if (strcmp(aArgs[1], "all") == 0) + { + otIp6RemoveAllUnsecurePorts(mInstance); + } + else + { + unsigned long value; + + SuccessOrExit(error = ParseUnsignedLong(aArgs[1], value)); + VerifyOrExit(value <= 0xffff, error = OT_ERROR_INVALID_ARGS); + SuccessOrExit(error = otIp6RemoveUnsecurePort(mInstance, static_cast(value))); + } + } + else if (strcmp(aArgs[0], "get") == 0) + { + const uint16_t *ports; + uint8_t numPorts; + + ports = otIp6GetUnsecurePorts(mInstance, &numPorts); + + if (ports != NULL) + { + for (uint8_t i = 0; i < numPorts; i++) + { + mServer->OutputFormat("%d ", ports[i]); + } + } + + mServer->OutputFormat("\r\n"); + } + else + { + ExitNow(error = OT_ERROR_INVALID_COMMAND); + } + +exit: + AppendResult(error); +} + void Interpreter::ProcessVersion(uint8_t aArgsLength, char *aArgs[]) { OT_UNUSED_VARIABLE(aArgsLength); diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index 52cbf81f1..236e21a8f 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -371,6 +371,7 @@ private: void ProcessDataset(uint8_t aArgsLength, char *aArgs[]); void ProcessTxPower(uint8_t aArgsLength, char *aArgs[]); void ProcessUdp(uint8_t aArgsLength, char *aArgs[]); + void ProcessUnsecurePort(uint8_t aArgsLength, char *aArgs[]); void ProcessVersion(uint8_t aArgsLength, char *aArgs[]); #if OPENTHREAD_CONFIG_MAC_FILTER_ENABLE void ProcessMacFilter(uint8_t aArgsLength, char *aArgs[]); diff --git a/src/cli/cli_udp.cpp b/src/cli/cli_udp.cpp index 977e14fe6..b82db157e 100644 --- a/src/cli/cli_udp.cpp +++ b/src/cli/cli_udp.cpp @@ -45,12 +45,17 @@ using ot::Encoding::BigEndian::HostSwap16; namespace ot { namespace Cli { -const struct UdpExample::Command UdpExample::sCommands[] = { - {"help", &UdpExample::ProcessHelp}, {"bind", &UdpExample::ProcessBind}, {"close", &UdpExample::ProcessClose}, - {"connect", &UdpExample::ProcessConnect}, {"open", &UdpExample::ProcessOpen}, {"send", &UdpExample::ProcessSend}}; +const struct UdpExample::Command UdpExample::sCommands[] = {{"help", &UdpExample::ProcessHelp}, + {"bind", &UdpExample::ProcessBind}, + {"close", &UdpExample::ProcessClose}, + {"connect", &UdpExample::ProcessConnect}, + {"linksecurity", &UdpExample::ProcessLinkSecurity}, + {"open", &UdpExample::ProcessOpen}, + {"send", &UdpExample::ProcessSend}}; UdpExample::UdpExample(Interpreter &aInterpreter) : mInterpreter(aInterpreter) + , mLinkSecurityEnabled(true) { memset(&mSocket, 0, sizeof(mSocket)); } @@ -134,12 +139,13 @@ otError UdpExample::ProcessOpen(uint8_t aArgsLength, char *aArgs[]) otError UdpExample::ProcessSend(uint8_t aArgsLength, char *aArgs[]) { - otError error = OT_ERROR_NONE; - otMessageInfo messageInfo; - otMessage * message = nullptr; - uint8_t curArg = 0; - uint16_t payloadLength = 0; - PayloadType payloadType = kTypeText; + otError error = OT_ERROR_NONE; + otMessageInfo messageInfo; + otMessage * message = nullptr; + uint8_t curArg = 0; + uint16_t payloadLength = 0; + PayloadType payloadType = kTypeText; + otMessageSettings messageSettings = {mLinkSecurityEnabled, OT_MESSAGE_PRIORITY_NORMAL}; memset(&messageInfo, 0, sizeof(messageInfo)); @@ -179,7 +185,7 @@ otError UdpExample::ProcessSend(uint8_t aArgsLength, char *aArgs[]) } } - message = otUdpNewMessage(mInterpreter.mInstance, nullptr); + message = otUdpNewMessage(mInterpreter.mInstance, &messageSettings); VerifyOrExit(message != nullptr, error = OT_ERROR_NO_BUFS); switch (payloadType) @@ -230,6 +236,30 @@ exit: return error; } +otError UdpExample::ProcessLinkSecurity(uint8_t aArgsLength, char *aArgs[]) +{ + otError error = OT_ERROR_NONE; + + if (aArgsLength == 0) + { + mInterpreter.mServer->OutputFormat("%s\r\n", mLinkSecurityEnabled ? "Enabled" : "Disabled"); + } + else if (strcmp(aArgs[0], "enable") == 0) + { + mLinkSecurityEnabled = true; + } + else if (strcmp(aArgs[0], "disable") == 0) + { + mLinkSecurityEnabled = false; + } + else + { + error = OT_ERROR_INVALID_COMMAND; + } + + return error; +} + otError UdpExample::WriteCharToBuffer(otMessage *aMessage, uint16_t aMessageSize) { otError error = OT_ERROR_NONE; diff --git a/src/cli/cli_udp.hpp b/src/cli/cli_udp.hpp index 201b10cee..bc49c4d3e 100644 --- a/src/cli/cli_udp.hpp +++ b/src/cli/cli_udp.hpp @@ -87,6 +87,7 @@ private: otError ProcessConnect(uint8_t aArgsLength, char *aArgs[]); otError ProcessOpen(uint8_t aArgsLength, char *aArgs[]); otError ProcessSend(uint8_t aArgsLength, char *aArgs[]); + otError ProcessLinkSecurity(uint8_t aArgsLength, char *aArgs[]); otError WriteCharToBuffer(otMessage *aMessage, uint16_t aSize); static void HandleUdpReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo); @@ -95,6 +96,7 @@ private: static const Command sCommands[]; Interpreter & mInterpreter; + bool mLinkSecurityEnabled; otUdpSocket mSocket; }; diff --git a/tests/scripts/expect/cli-udp.exp b/tests/scripts/expect/cli-udp.exp index 66607c980..fa5dac2d0 100755 --- a/tests/scripts/expect/cli-udp.exp +++ b/tests/scripts/expect/cli-udp.exp @@ -76,4 +76,21 @@ expect "Error 7: InvalidArgs" send "udp\n" expect "Error 7: InvalidArgs" +send "udp linksecurity\n" +expect "Enabled" +expect "Done" +send "udp linksecurity disable\n" +expect "Done" +send "udp linksecurity\n" +expect "Disabled" +expect "Done" +send "udp linksecurity enable\n" +expect "Done" +send "udp linksecurity\n" +expect "Enabled" +expect "Done" + +send "udp linksecurity something_invalid\n" +expect "Error 35: InvalidCommand" + dispose_nodes diff --git a/tests/scripts/expect/cli-unsecure-port.exp b/tests/scripts/expect/cli-unsecure-port.exp new file mode 100755 index 000000000..b43cc9240 --- /dev/null +++ b/tests/scripts/expect/cli-unsecure-port.exp @@ -0,0 +1,66 @@ +#!/usr/bin/expect -f +# +# Copyright (c) 2020, The OpenThread Authors. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. Neither the name of the copyright holder nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +source "tests/scripts/expect/_common.exp" + +set spawn_id [spawn_node 1] + +send "unsecureport remove all\n" +expect "Done" + +send "unsecureport get\n" +expect "Done" + +send "unsecureport add 123\n" +expect "Done" + +send "unsecureport add 456\n" +expect "Done" + +send "unsecureport get\n" +expect "123 456" +expect "Done" + +send "unsecureport remove 123\n" +expect "Done" + +send "unsecureport get\n" +expect "456" +expect "Done" + +send "unsecureport remove all\n" +expect "Done" + +send "unsecureport get\n" +expect "Done" + +send "unsecureport invalid_command\n" +expect "Error 35: InvalidCommand" + +dispose