This commit extracts the common lease tracking variables (`mLease`,
`mKeyLease`, `mTtl`, and `mUpdateTime`) and their associated methods
from the `Srp::Server::Host` and `Srp::Server::Service` classes into a
new shared base class, `LeaseTracker`.
By having both `Host` and `Service` inherit from `LeaseTracker`, we
eliminate duplicated logic for calculating expiration times, handling
lease info, and processing TTL updates. This refactoring simplifies
the SRP server codebase and ensures consistent lease management
behavior across both entities.
This commit removes the redundant `Clone()` methods from `Coap::Message`.
These methods previously served to retain the `HeaderOffset` across the
cloned message, which was internally tracked by modifying `MeshDest`.
Since `ot::Message::Clone()` natively preserves the `MeshDest` property,
the specialized `Coap::Message::Clone()` wrappers are unnecessary.
Callers now directly use `ot::Message::Clone()` and type-cast the result
using `AsCoapMessagePtr()`.
Starting from Mbed TLS 4.0 legacy crypto support (which now it's moved
into TF-PSA-Crypto) has been made internal so it shoudn't be referenced
anymore. This commit add guards for this change.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Starting from Mbed TLS 4.0, TLS functions will use psa_generate_random()
inernally, so there is no need to specify it as parameter or through
mbedtls_ssl_conf_rng().
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The size.yml workflow used pull_request_target with git checkout
FETCH_HEAD, which replaced the entire working directory (including
scripts) with untrusted fork code. Since pull_request_target grants
a read/write GITHUB_TOKEN even from public forks, and the workflow
had no top-level permissions restriction, this allowed arbitrary
code execution with write access to the repository.
Fix by:
1. Adding top-level permissions: contents: read (consistent with
all other workflows in this repository).
2. Replacing `git checkout FETCH_HEAD` with a fetch-only approach
that passes the PR merge commit SHA via the OT_SHA_NEW environment
variable. The check-size script uses git-archive to extract code
by SHA, so it does not need the working directory to be switched.
This ensures ./script/check-size always runs from the base branch.
3. Updating check-size to accept OT_SHA_NEW from the environment,
falling back to git rev-parse HEAD when not set (preserving
existing behavior for push-triggered and local runs).
This commit stabilizes Nexus test 1.2.LP.5.3.8 by addressing timing
issues related to SSED polling during network transitions.
Key changes:
- In test_1_2_LP_5_3_8.cpp, added StopPolling() calls after MLE and
MeshCoP exchanges to suppress immediate Data Requests triggered by
these protocols. This ensures the SSED satisfies strict 'no Data
Request' pass criteria.
- In verify_1_2_LP_5_3_8.py, updated criteria 13.2 to allow Data
Requests on the Ternary Channel that occur during the initial
network transition (re-attachment). The script now only strictly
disallows Data Requests in the 1-second window immediately
preceding the Echo Request.
These changes make the test robust against standard OpenThread
re-synchronization behavior while still verifying that Echo Requests
are received via CSL synchronization.
- Fix pktverify index synchronization issues in Nexus tests.
Previously, some verification scripts used (pkt.number, 0) as indices
in pkts.range() calls. In Nexus tests where WPAN and ETH indices are
synchronized, this could cause the advanced index to exceed the stop
index of 0, resulting in a flaky AssertionError. Updated scripts to
use (pkt.number, pkt.number) consistently.
- Reduce kAttachAsSsedTime from 20s to 5s in test_1_2_LP_5_3_2.cpp.
The 20s wait was exactly matching the CSL Synchronized Timeout,
causing SSED_1 to trigger an auto-synchronization Data Request
immediately after the wait ended, violating test constraints.
Providing more margin ensures stable test execution.
This commit implements and verifies Nexus test case 1.2.LP.5.3.8, which
validates that a Router (DUT) correctly supports a Synchronized Sleepy
End Device (SSED) that modifies its CSL Channel TLV.
Key changes:
- Created tests/nexus/test_1_2_LP_5_3_8.cpp to simulate the test
topology (Leader, DUT, SSED_1) and execution steps.
- Implemented tests/nexus/verify_1_2_LP_5_3_8.py to perform automated
packet verification of the test criteria.
- Integrated the new test into CMakeLists.txt and run_nexus_tests.sh.
- Used descriptive constants for CSL parameters and wait times to avoid
magic numbers and ensure spec compliance (e.g., CSL timeout of 20s).
- Verified connectivity using ICMPv6 Echo exchanges across Primary,
Secondary, and Ternary channels, ensuring the SSED only polls when
expected.
This commit addresses issues where child entries could remain in the
kStateChildIdRequest indefinitely in the sequence of events during
attachment. Previously there was a timeout defined and saved for the
kStateChildIdRequest state, but will no longer be excluded from timing
out. This change additionally clears previous parents upon becoming a
router, as it could previously cause unnecessary messages to inform
previous parents. Finally, this moves the transition to the valid
state to occur after success in queuing the Child ID Response.
This commit removes the standalone `AnnounceBeginClient`,
`EnergyScanClient`, and `PanIdQueryClient` classes, integrating their
methods and TMF message handlers directly into the
`MeshCoP::Commissioner` class.
Since these client classes contained minimal state and primarily
served as simple wrappers for sending specific requests and handling
callbacks, merging them into the main `Commissioner` class simplifies
the architecture, removes unnecessary auxiliary classes, and shrinks
the overall codebase size.
This commit updates the `Dso::Connection::ProcessKeepAliveMessage()`
method to use the `OffsetRange` class for parsing TLVs. This approach
robustly validates the size of each parsed TLV against the remaining
length of the received message. Utilizing `OffsetRange::Contains()`
ensures that the reported TLV size via `GetSize()` does not exceed the
available bytes in the message, preventing potential out-of-bounds
reads or infinite loops when iterating over subsequent TLVs.
This commit implements Link Metrics support in the nexus platform,
similar to the simulation platform implementation.
Key changes include:
- Added 'LinkMetricsInfo' struct and management methods to 'Radio' in
'nexus_radio'.
- Implemented 'otPlatRadioConfigureEnhAckProbing()' and Enhanced ACK IE
generation in 'nexus_core' and 'nexus_radio'.
- Enabled Link Metrics initiator and subject configuration flags in
'openthread-core-nexus-config.h'.
- Fixed spelling of 'kRadioSensitivity' in 'nexus_radio'.
- Added 'fflush(stdout)' to the logging utility in 'nexus_misc' to
improve real-time log capture during tests.
This commit adds a new Nexus test case 1.2.LP.5.3.7 to validate that a
Router (DUT) correctly supports a Synchronized Sleepy End Device
(SSED) modifying the CSL Synchronized Timeout TLV.
Specifically, this test verifies:
- Initial CSL synchronization with a 10s timeout.
- SSED successfully updating the timeout to 20s via MLE Child Update.
- DUT maintaining connectivity beyond the original 10s timeout.
- DUT correctly buffering frames when CSL synchronization expires
after the timeout is reverted to 10s.
- Successful resynchronization and buffered frame delivery.
Detailed changes:
- tests/nexus/test_1_2_LP_5_3_7.cpp: Implemented the C++ test logic
using the Nexus simulation framework.
- tests/nexus/verify_1_2_LP_5_3_7.py: Added a Python script to
validate the packet traces and ensure protocol compliance.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
- tests/nexus/run_nexus_tests.sh: Included the test in the default
Nexus test suite.
This commit adds Nexus test case 1.2.LP.5.3.6, which validates that a
Router can support a child transitioning from a Synchronized Sleepy
End Device (SSED) to a Minimal End Device (MED) and back.
The test procedure involves:
- Forming a network with a Leader, DUT (Router), and SSED child.
- Verifying SSED attachment and initial CSL-based connectivity.
- Transitioning the child to MED mode and verifying the corresponding
MLE Child Update exchange and connectivity.
- Transitioning the child back to SSED mode and verifying that CSL
synchronization is resumed.
Changes:
- Implement tests/nexus/test_1_2_LP_5_3_6.cpp for test execution.
- Implement tests/nexus/verify_1_2_LP_5_3_6.py for pcap verification,
with logic to distinguish between synchronization and polling Data
Requests.
- Update tests/nexus/CMakeLists.txt to include the new test.
- Update tests/nexus/run_nexus_tests.sh to add the test to the default
test list.
This commit adds Nexus test 1.2.LP.5.3.5 to verify that a Router (DUT)
can reliably support a minimum of 6 Synchronized Sleepy End Device
(SSED) children simultaneously, with each child operating on a
distinct CSL channel.
The test implementation in test_1_2_LP_5_3_5.cpp (aligned with SPEC
Section 3.2.6.3.2) performs the following:
- Establishes a topology with a Leader, the DUT Router, and six SSED
children.
- Configures SSEDs with varied CSL Synchronized Timeouts (10s, 20s,
and 30s) and different radio channels, including primary (11),
secondary (26), and random channels (12-15).
- Triggers CSL synchronization through MLE Child ID and Child Update
exchanges.
- Validates bi-directional connectivity by sending ICMPv6 Echo
Requests from the Leader to each SSED, ensuring they are correctly
forwarded by the DUT.
The verification script verify_1_2_LP_5_3_5.py automates packet-level
checks, ensuring:
- Successful delivery of MLE Child ID and Child Update Response
messages from the DUT.
- Correct radio channel selection for forwarded Echo Requests to
SSED_1 and SSED_6.
- Absence of MAC Data Requests from SSED_1 prior to the arrival of
the CSL-probed Echo Request, confirming active synchronization.
- Inclusion of CSL Period and Phase IEs in the 802.15.4 frame headers
of Echo Replies from SSED_1 and SSED_6.
- Reliable forwarding of Echo Replies from all six SSEDs back to
the Leader.
Changes also include registering the new test in CMakeLists.txt and
run_nexus_tests.sh.
This commit adds the .gemini/config.yaml file to configure the Gemini
code review tool. The configuration includes settings for review
severity, comment limits, and automated review triggers for pull
requests.
The packet verification script for Nexus test 1.1.7.1.4 failed
sporadically because Step 5 (ROUTER_1 multicast MLE Data Response)
was being searched starting from the cursor position after Step 4
(Leader's MLE Data Response and CoAP ACK).
Depending on the timing/non-determinism from entropy, ROUTER_1's
response could arrive before the Leader's packets, causing it to
be skipped when searching from the Step 4 cursor.
This change saves the cursor position after Step 3 and uses it as
the starting point for the Step 5 search, ensuring the packet is
found regardless of its order relative to the Step 4 packets.
This commit fixes an occasional failure in Nexus test 1.1.6.1.4
by introducing a controlled delay during the DUT attachment
process.
The test ensures the DUT picks a REED with better connectivity
as its parent. The failure was caused by a race condition where
the intended parent (router3) could upgrade from REED to active
router before the DUT completed its parent selection. This
resulted in the DUT attaching during the first Parent Request
(active routers only), rather than the second request (including
REEDs), which is required for specification compliance.
Changes:
- Added kParentSelectionTime constant (2000ms) to define the
expected parent selection window.
- Updated test_1_1_6_1_4.cpp to use AdvanceTime() with this
constant before allowing router3 to upgrade. This ensures
router3 remains a REED long enough for the DUT to send the
multicast Parent Request with the REED scan mask.
This commit adds Nexus test case 1.2.LP.5.3.4, which validates that a
Router (DUT) maintains a robust CSL connection with a Synchronized
Sleepy End Device (SSED) even when the SSED modifies its CSL Period.
The test verifies synchronization over multiple CSL period changes:
500ms -> 3300ms -> 400ms.
Changes:
- Added CSL period constants (500ms, 3300ms, 400ms) to shared utility
modules: tests/nexus/verify_utils.py (Python) and
tests/nexus/platform/nexus_utils.hpp (C++).
- Implemented tests/nexus/test_1_2_LP_5_3_4.cpp to execute the test
procedure, including topology formation, SSED attachment, and
triggering CSL period updates.
- Implemented tests/nexus/verify_1_2_LP_5_3_4.py to validate pcap
output, ensuring the DUT correctly buffers and relays ICMPv6 Echo
Requests and that SSED_1 does not send MAC Data Requests.
- Updated tests/nexus/CMakeLists.txt and tests/nexus/run_nexus_tests.sh
to integrate the new test into the build system and test runner.
This commit implements Nexus test 1.2.LP.5.3.3, which validates the
behavior when a Synchronized Sleepy End Device (SSED) becomes
unsynchronized.
The test verifies that:
- When a SSED is CSL synchronized, the parent (DUT) relays frames
using CSL transmission.
- When the SSED stops sending synchronization data polls and the CSL
connection times out, the parent falls back to indirect
transmission (buffering and waiting for a Data Request).
- Once the SSED resumes synchronization, the parent returns to using
CSL transmission.
Changes:
- Add test_1_2_LP_5_3_3.cpp to implement the test logic using the
Nexus simulation platform.
- Add verify_1_2_LP_5_3_3.py for automated packet verification,
ensuring frames are sent via CSL or indirect transmission as
appropriate.
- Register the new test in tests/nexus/CMakeLists.txt.
- Add the test to the default test list in
tests/nexus/run_nexus_tests.sh.
This commit updates the names of several message allocation methods in
`CoapBase` to `AllocateAndInit*()`. This change helps to clearly
differentiate these methods from the `NewPriorityMessage()` and
`NetMessage()` overloads, which only allocate a new `Message`.
In contrast, the `AllocateAndInit` methods allocate the message and
fully prepare it by initializing the CoAP header, appending the URI
path option, the payload marker, leaving it ready for the payload.
This change clarifies the design by explicitly indicating that these
methods perform extra setup work.
All calls to these methods throughout the codebase have been updated
to reflect the new names.
This commit introduces `DetermineRemainingDurationFrom(Time aNow)` to
the `Time` class. This method calculates the duration from a given
current time (`aNow`) to the `Time` instance, handling edge cases
where the target time is in the past by returning zero.
Several instances across the codebase (e.g., `Timer::Scheduler`,
`TcatAgent`, `Translator::Mapping`, `Srp::Server`) previously
duplicated this logic using manual checks and subtraction. They have
been updated to use this new centralized helper, improving
readability and reducing the likelihood of wrap-around or negative
duration bugs.
This commit adds Nexus test 1.2.LP.5.3.2 to validate that a Router
(DUT) can maintain a CSL connection with a Synchronized Sleepy End
Device (SSED) using various message types to trigger synchronization.
Changes:
- Implemented test_1_2_LP_5_3_2.cpp to simulate the topology of
Leader, Router (DUT), and SSED.
- Added descriptive constants (kMsPerSecond, kUsPerMs, kEchoId,
kCslWaitMultiplier) to test_1_2_LP_5_3_2.cpp to replace magic
numbers.
- Implemented verify_1_2_LP_5_3_2.py for pcap-based verification of
IEEE 802.15.4-2015 frames, CSL Information Elements, and timers.
- Updated test_1_2_LP_5_3_1.cpp to set CSL period and timeout
explicitly using stack APIs instead of the removed kAsSsed mode.
- Removed kAsSsed JoinMode from Nexus::Node in favor of explicit
CSL parameter configuration within test files.
- Added wpan.header_ie.csl.phase to verify_utils.py field mappings.
- Included the new test in CMakeLists.txt and run_nexus_tests.sh.
This commit refactors Nexus test 1.2.LP.5.3.1 to better align with
the specification and improves the robustness of the test logic and
verification script. It also removes the kAsSsed join mode to favor
explicit CSL configuration in tests.
Changes:
- Removed kAsSsed from Nexus::Node::JoinMode and Node::Join() to
encourage tests to manage CSL parameters explicitly.
- Updated test_1_2_LP_5_3_1.cpp to join as a regular SED first and
enable CSL after attachment. This matches the specification's
requirement to establish synchronization via Child Update Request.
- Introduced constants in test_1_2_LP_5_3_1.cpp for CSL period,
synchronization time, and other parameters to avoid magic numbers.
- Enhanced verify_1_2_LP_5_3_1.py with comprehensive checks for:
- MLE Child Update Request/Response exchange.
- IEEE 802.15.4-2015 frame versions.
- ICMPv6 Echo Request/Response forwarding through the Leader.
- Absence of MAC Data Requests after CSL synchronization.
- Fixed an issue in verify_1_2_LP_5_3_1.py where packet numbers
were not correctly handled in pkts.range().
This commit updates the object pool implementation to support dynamically
configured pool sizes without penalizing the memory footprint of
existing static usages.
A new `PoolBase` class is introduced to encapsulate the core linked-list
management logic (`Allocate()` and `Free()`), relying on a shared
`mFreeList`.
The existing `Pool` class is updated to inherit from `PoolBase`. It
retains its statically allocated `mPool` array, ensuring zero code-size
or RAM penalty for current users of fixed-size pools.
A new `ConfigPool` class is added, also inheriting from `PoolBase`.
This class allows a pool to be initialized at run-time with an
externally provided memory buffer (`mEntryArray`) and size
(`mNumEntries`). This enables future use cases where memory allocation
for pools can be provided dynamically by the system integrator.
This commit also includes unit tests for `ConfigPool` to verify its
allocation, deallocation, and initialization behavior.
This commit adds a new Nexus test case 1.2.LP.5.3.1 which validates
SSED attachment and CSL synchronization.
Changes:
- Added kAsSsed JoinMode to Nexus::Node platform to support joining
as a Synchronized Sleepy End Device with default CSL parameters.
- Implemented test_1_2_LP_5_3_1.cpp following the test specification
for SSED attachment.
- Implemented verify_1_2_LP_5_3_1.py to verify pcap output, ensuring
correct use of 802.15.4-2015 frames and CSL synchronization.
- Updated CMakeLists.txt and run_nexus_tests.sh to include the new
test in the Nexus test suite.
This commit implements CSL transmitter and receiver functionality in
the Nexus simulation platform. It enables the necessary OpenThread
configurations and provides the platform-level support for CSL.
It also implements the otPlatRadioGetNow platform API to provide a
high-resolution 64-bit microsecond time base, which is required for
accurate CSL timing and synchronization.
Changes:
- Added GetNowMicro64() to Nexus::Core to expose the raw 64-bit
microsecond timer.
- Implemented otPlatRadioGetNow() in nexus_radio.cpp.
- Enabled OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE and
OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE in Nexus config.
- Added otRadioContext to Nexus::Radio to track CSL parameters and
manage security material for radio operations.
- Implemented otPlatRadioEnableCsl, otPlatRadioResetCsl,
otPlatRadioUpdateCslSampleTime, and otPlatRadioGetCslAccuracy.
- Implemented otPlatRadioSetMacKey, otPlatRadioSetMacFrameCounter,
and otPlatRadioSetAlternateShortAddress to keep radio context
synchronized with OpenThread stack.
- Updated otPlatRadioSetExtendedAddress and otPlatRadioEnableCsl to
use AsCoreType for better readability and project conventions.
- Moved Radio member initializations to the initializer list in its
constructor.
- Refactored radio SFD processing: moved otMacFrameProcessTxSfd and
UpdateFcs from otPlatRadioTransmit (radio platform) to
Core::ProcessRadio (simulation engine), ensuring CSL IEs and
security headers are updated exactly when transmission starts.
- Enhanced Nexus::Core::ProcessRadio to support generating Enhanced
ACKs with CSL IEs for 802.15.4-2015 frames.
- Updated Nexus and fuzz build systems to include necessary Nexus
platform and utils headers/utilities.
This commit addresses a timeout issue reported by a fuzzer when
processing MAC frames with malformed Header IEs.
Specifically:
- In `FindPayloadIndex()`, added validation to ensure the returned
index does not exceed `kMaxPsduSize` (254). If the index exceeds
this value, it now returns `kInvalidIndex` (255). This prevents
callers from experiencing wrap-around issues when they cast the
result to `uint8_t`.
- In `GetHeaderIe()` and `GetThreadIe()`, changed the `index` and
`payloadIndex` variables from `uint8_t` to `uint16_t`. This
ensures that any increment during the loop does not wrap around,
which was a primary cause of the infinite loop.
- Updated the loop condition from `index <= payloadIndex` to
`index < payloadIndex`. Since `payloadIndex` points to the start
of the payload (the byte after the last Header IE), a strict
less-than comparison is correct and prevents the loop from
attempting to parse the payload itself as a Header IE.
These changes ensure robust parsing of IEEE 802.15.4 frames, even
when they contain unexpected or malformed Information Elements.
This commit adds lease and remaining lease information to the output
of `srp server host` and `srp server service` CLI commands.
The information includes:
- `lease`: The total lease time in seconds.
- `key-lease`: The total key lease time in seconds.
- `remaining lease`: The remaining lease time in seconds (with
millisecond precision).
- `remaining key-lease`: The remaining key lease time in seconds
(with millisecond precision).
A new utility method `OutputMsecDurationInSec()` is added to `Utils`
class to format durations in milliseconds as seconds with a
fractional part.
The SRP server host and service output parsers in
`tests/scripts/thread-cert/node.py`, `tests/toranj/cli/cli.py`, and
`tools/otci/otci/otci.py` are updated to correctly handle the new
fields for both active and deleted entries.
This commit addresses occasional failures in Nexus Test 1.1.9.2.9 by:
1. Increasing the wait time in Step 10 from 60s to 200s
(kAttachToRouterTime). This ensures Router 1 has enough time to
upgrade from a child to a router role after attaching to the new
partition formed by Router 2. The upgrade jitter can be up to 120s,
so the previous 60s wait was insufficient. An explicit check for the
Router role is also added.
2. Refactoring the verification script to handle out-of-order MLE
packets. Some steps involve a multicast response and a triggered
unicast request/response. The relative order of these packets is not
guaranteed in the simulation. Using save_index() and a new helper
function _verify_packet_in_group() allows searching for all required
packets from the same base index within a group while reducing code
duplication.
3. Improving the logic to advance the packet index after verifying a
group of out-of-order packets. The script now tracks the maximum
index found among all verified packets in a group to ensure no
packets are skipped in subsequent searches.
These changes make the test robust against timing variations and
jitter in the simulated environment.
This commit adds a new Nexus test `test_srp_lease` to verify the
behavior of the SRP server and client regarding lease expirations and
state updates. The test creates a network with an SRP server and
multiple client nodes that randomly perform various SRP operations
including registering, updating, unregistering, and removing services,
as well as abruptly disconnecting. The test then validates that the
SRP server correctly updates the host and service states, such as
marking them as deleted or fully removing them when their leases
expire or when explicitly requested by the clients.
This commit introduces an `Init()` method to the `Mac` class and
moves the invocation of `KeyManager::UpdateKeyMaterial()` from the
`Mac` constructor into this new method. `Mac::Init()` is then called
from `Instance::AfterInit()`, immediately after `KeyManager` is
initialized.
This ensures that `KeyManager` and other OpenThread core components
are fully constructed and properly initialized before attempting to
update the key material. The key material update interacts with
`SubMac` to configure the MAC keys. Performing this operation during
the `Mac` constructor phase can be problematic because the `KeyManager`
(under `OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE`) may not be
fully initialized and ready yet.
This updates the TCAT CLI to use the configured 'vendor app URL' by default as the
TCAT Provisioning URL, instead of a dummy value. It also updates the max length of
this URL to the configured vendor app URL max length as agreed by JIRA BHC-769.
Also 2 related minor validation fixes in TCAT agent code.
Furthermore, the Get Provisioning URL TLV TCAT command is fixed to return status 'Unsupported'
in case the URL is not configured (null or zero-length), to comply to the spec.
This commit fixes a potential memory leak of the allocated `aHost`
object in `Server::CommitSrpUpdate()`.
Previously, when the granted key lease was zero (indicating a request
to remove the host), the code used `VerifyOrExit(existingHost != nullptr)`
before calling `aHost.Free()`. If `existingHost` was null (e.g., when
receiving a request to remove a non-existent host), the function
would exit early and skip freeing `aHost`, causing a memory leak.
This is updated to always call `aHost.Free()` when `grantedKeyLease`
is zero, ensuring the memory is freed regardless of whether
`existingHost` is null or not.
This commit updates `BorderAgent` to parse the provided extra vendor
TXT data (`otBorderAgentSetVendorTxtData()`) to check if the vendor
name (`vn`) and model (`mn`) keys are already present. If they are
absent, it would use and encode the values from `VendorInfo` into the
advertised TXT data. This harmonizes the use of `VendorInfo` values
across various modules, network diagnostics, and the `BorderAgent`
TXT data.
Note that this change only impacts the system when
`OPENTHREAD_CONFIG_BORDER_AGENT_MESHCOP_SERVICE_ENABLE` is enabled,
meaning the Border Agent itself directly manages the registration and
updating of the mDNS MeshCoP service.
The generated TXT data from `otBorderAgentGetMeshCoPServiceTxtData()`
remains unchanged. This API is intended for use cases where the
next-layer code manages the publishing of the mDNS MeshCoP service,
and as documented, the TXT data from this API does not include any
vendor-specific information.
This commit updates `test_border_agent` to validate the newly
added behavior.
This commit simplifies multicast address management within `Netif` by
merging the `ExternalMulticastAddress` class directly into the base
`MulticastAddress` class. The `otNetifMulticastAddress` structure is
updated to include `mAddressOrigin` and an opaque `mData` field.
The `mData` field is utilized to track the Multicast Listener
Registration (MLR) state when the `OPENTHREAD_CONFIG_MLR_ENABLE`
feature is enabled.
By consolidating these types, we eliminate the need for separate
internal and external multicast address iteration logic in
`MlrManager`, streamlining MLR subscription checks and updates.
Additionally, this provides a more unified way to track the origin of
multicast addresses natively.
This commit implements the otPlatAlarmMicro* platform APIs in the
Nexus simulation environment. It also transitions the simulation's
internal time base from millisecond to microsecond granularity to
ensure that both millisecond and microsecond alarms operate on a
consistent and shared time reference.
Changes include:
- Enabled OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE in Nexus config.
- Updated Nexus::Core to use a 64-bit microsecond time base (mNow).
- Implemented otPlatAlarmMicroGetNow, otPlatAlarmMicroStartAt, and
otPlatAlarmMicroStop.
- Refactored Nexus::Node to support separate millisecond and
microsecond alarm instances (mAlarmMilli and mAlarmMicro).
- Updated radio timestamps and PCAP logging to use the new high-
resolution microsecond time base.
- Adjusted simulation time advancement and alarm triggering logic to
handle both alarm types correctly.
This commit enables channel-based filtering in Nexus simulation tests
by exporting node channel information and enhancing the pktverify
library to extract and use it.
Simulation Core:
- Export each node's PAN channel to the test JSON metadata in
nexus_core.cpp.
Pktverify Library:
- Update packet.py to extract channel information from 'wpan-tap' or
'wpan_tap' layers and normalize it into 'wpan.channel'.
- Update consts.py and layer_fields.py to support the new TAP layers
and their channel fields.
- Enhance NullField to be callable and iterable, and update Bytes
comparison to handle NullField, preventing script crashes when
accessing missing layers or fields.
Verification Utilities:
- Automatically load channel information from test JSON into
verification variables (e.g., {NODE_NAME}_CHANNEL).
Test Updates:
- Stabilize 1.1.9.2.14 by using channel-based filtering instead of
relying solely on RLOC16s.
- Update 1.1.9.2.17 and 1.1.9.2.8 to use the normalized
'wpan.channel' field instead of direct 'wpan_tap' access.
The MeshCoP::Timestamp class does not have a default constructor that
clears its members. When a Timestamp object is declared on the stack,
its members (seconds, ticks, and authoritative bit) contain garbage.
The SetSeconds() and SetTicks() methods only update their respective
fields and do not touch the authoritative bit. If the authoritative
bit happens to be set from stack garbage, the timestamp may be
incorrectly considered greater than another valid timestamp.
This caused intermittent failures in Nexus test 1.1.9.2.4 and others,
where a MGMT_ACTIVE_SET.req with an old timestamp was incorrectly
accepted by the Leader instead of being rejected.
This commit adds explicit Clear() calls to all MeshCoP::Timestamp
declarations in the affected Nexus tests to ensure they are properly
initialized.
This commit adds `MatchesKey()` method to `Dns::TxtEntry` class to
check if the entry's key matches a given key string using a
case-insensitive string comparison.
The new method properly handles the case where the entry's key is
`nullptr` (which can happen when the key is longer than the
recommended max length). It simplifies the TXT entry parsing logic in
`BorderAgent` and `Trel::PeerDiscoverer`.
The unit tests for `Dns::TxtEntry` are also updated to verify the new
method.
This commit updates the DNS name compression setting to be a
per-instance property rather than a global static variable.
The `otDnsSetNameCompressionEnabled()` and
`otDnsIsNameCompressionEnabled()` C APIs are updated to take an
`otInstance` pointer. Internally, the `Instance` class now uses the
`mDnsNameCompressionEnabled` member variable instead of the static
`sDnsNameCompressionEnabled`.
Additionally, this commit enforces that DNS name compression cannot
be disabled when the OpenThread mDNS module is active. The
`otDnsSetNameCompressionEnabled()` function now returns an `otError`
and will return `OT_ERROR_NOT_CAPABLE` if a user attempts to disable
compression while mDNS is enabled. When the mDNS module is enabled,
it automatically sets name compression to true.
The CLI command and related documentation are updated to reflect
these changes.
This commit moves all methods belonging to the `CoapBase::PendingRequests`
class into a dedicated section in `coap.cpp`. Recent PRs #12421 and #12527
introduced this class and shifted many methods into it, but kept them in
their original file locations to maintain reviewable `git` diffs. This
update completes the reorganization for better code structure without
any functional changes.
This commit renames all nexus test files and updates corresponding
configuration and source files to include a '1_1_' prefix.
The '1_1' prefix represents the Thread 1.1 test plan. This change
prepares the nexus test suite for the addition of tests from the
Thread 1.2, 1.3, and 1.4 test plans, ensuring a clear and organized
structure for multi-version specification testing.
Changes include:
- Renaming test_<num>.cpp to test_1_1_<num>.cpp.
- Renaming verify_<num>.py to verify_1_1_<num>.py.
- Updating CMakeLists.txt to reflect new test names.
- Updating run_nexus_tests.sh for default tests and variants.
- Updating hardcoded JSON output filenames in C++ test sources.
- Updating testcase name identification in Python verification
scripts.
This fixes the issue that the CLI CoAP server application was not
sending a Block1 option in its final 2.04 response for PUT/POST
methods. The CoAP CLI code is restructured to be more generic,
i.e. allow for NON-confirmable blockwise transfers as well as prepare
for a (future) update that supports the use of Block1/Block2
simultaneously in a POST transaction. Current code is updated to send
5.01 Not Implemented in case an (external) CoAP client would attempt
POST with both Block options together.
The number of returned blocks for this (demo) CLI is also raised to 3,
the minimum to see a start block, middle block and final block; which
is more useful for testing.
Closes#12559
This commit addresses several issues in the Nexus verification scripts
to improve test reliability and prevent runtime errors.
- Fixed a TypeError caused by NullField in MLE command checks. When
p.mle.cmd returns a NullField, it is unhashable and fails when checked
against a set or list (e.g., 'p.mle.cmd in { ... }'). A truthiness
check for p.mle.cmd was added to verify_5_6_4.py, verify_5_6_5.py,
verify_6_2_2.py, and verify_7_1_5.py.
- Improved verify_6_2_2.py robustness:
- Wrapped must_not_next() checks within 'with pkts.save_index()' to
ensure the packet iterator remains at the correct position after
verifying the absence of specific messages.
- Refactored MLE command filtering into a helper function for better
readability and consistency.
- Updated connectivity checks to allow filtering by ROUTER_1_RLOC16
and specifically look for WPAN Data Requests.
- Cleaned up verify_5_6_4.py by replacing the explicit 'nullField'
comparison with a more idiomatic truthiness check.
This commit addresses an intermittent failure in Nexus test 9.2.6
where Step 18 (MGMT_PENDING_SET.req) was occasionally not found.
The failure occurred because the verification script started
searching for the MGMT_PENDING_SET.req packet from index12. In the
simulated Nexus environment, packet capture order from different
nodes can occasionally vary slightly when events occur at nearly
the same simulation time.
The fix expands the search range by starting from index9 (the
Leader's initial update), ensuring that the MGMT_PENDING_SET.req
packet is correctly identified regardless of minor capture order
variations. Since the URI is unique to this part of the test, this
remains a precise filter.
Additionally, this change ensures the global packet index moves
forward correctly by taking the maximum of all relevant child
filter indices.
This commit introduces new helper methods in the `Tmf::Agent` class
(`SendMessageTo()`, `SendMessageToRloc()`, `SendMessageToLeaderAloc()`,
and `SendMessageAllowMulticastLoop()`) to simplify the transmission of
TMF messages.
Previously, callers of `Tmf::Agent::SendMessage()` were required to
manually configure a `Tmf::MessageInfo` object with the appropriate
socket and peer address information before sending a message. This led
to repetitive code across the various modules utilizing TMF.
By incorporating these address resolution and message info preparation
steps directly into `Tmf::Agent`, this change significantly reduces
boilerplate code. All existing calls to `SendMessage()` have been
updated to use the new flavors.
This commit increases the kMergeWaitTime from 300 to 350 seconds in
Nexus test 5.5.4.1.
Detailed analysis of debug logs during intermittent failures showed
that the MLE partition merge process could take up to 250 seconds in
some scenarios, leaving very little margin with the previous 300-second
timeout. Increasing the timeout to 350 seconds provides a more robust
buffer for the network to stabilize and for partitions to merge before
the final connectivity verification.
The fix was verified by running 200 consecutive iterations of the test
without any failures.
This commit fixes an intermittent failure in Nexus test 5.6.6 by ensuring
that the OnMeshPrefixConfig object is properly initialized before use.
The OnMeshPrefixConfig object is declared on the stack and, if not
explicitly cleared, may contain garbage values in its bit-fields (such
as mDhcp or mPreference). This can cause the subsequent call to
AddOnMeshPrefix() to fail its IsValid() check, resulting in a
kErrorInvalidArgs error and a test failure.
Changes:
- Call config.Clear() after declaring the OnMeshPrefixConfig object
in tests/nexus/test_5_6_6.cpp to ensure all fields are initialized
to zero.
This aligns the test implementation with other Nexus tests and improves
the robustness of the test suite in simulation environments.
Verified to pass in the Nexus simulation environment.
This commit removes the certification test scripts in
tests/scripts/thread-cert/ that have been successfully migrated to
the Nexus test framework.
The following tests were migrated and are now available as Nexus
tests under tests/nexus/:
- 5.8.2, 5.8.3, 5.8.4
- 9.2.1 through 9.2.19
Migrating these tests to Nexus provides faster execution, better
reliability, and easier debugging compared to the old
simulation-based scripts.
This commit fixes an intermittent failure in Nexus test 9.2.14 caused by RLOC16 conflicts between independent partitions in the simulation.
When two independent partitions occasionally share the same RLOC16, the packet verification script could incorrectly match a MGMT_PANID_CONFLICT response from the wrong network, leading to out-of-order matching and PacketNotFound errors.
The fix adds a filter to the MGMT_PANID_CONFLICT verification steps to ensure the Channel Mask TLV matches the specific conflict being reported (Channel 20). This uniquely identifies the correct packet even if RLOC16s overlap.
Implementation details:
- tests/nexus/verify_9_2_14.py: Added filtering for the exact Channel Mask TLV value using a defined `CONFLICTING_CHANNEL_MASK` bytes constant in Step 3 and 5.
- Fixed a type mismatch by converting the constant to a `bytes` object and added documentation for the big-endian channel bitmask mapping.
The fix has been verified with 200 successful test runs in the Nexus simulation environment.
Update `Publisher::Entry::UpdateState()` to support quickly removing
a published entry when the desired number of entries is explicitly
set to zero. In this case, we bypass the random removal delay and
remove the entry immediately. This situation helps with SRP/DNS
unicast entries, where if any service data unicast or anycast entry
is seen, we set the desired number to zero and want to quickly
remove any previously added server data unicast entry.
This commit adds Nexus test case 9.2.12 which verifies that networks
on different channels and having different PAN IDs can merge using
the MLE Announce command.
Implementation details:
- tests/nexus/test_9_2_12.cpp: C++ test execution logic. Implements
the 9.2.12 spec using direct core calls. Configures two distinct
partitions with different PAN IDs and channels, then triggers
an MLE Announce process via the Commissioner to merge them.
- tests/nexus/verify_9_2_12.py: PCAP verification script. Verifies
MGMT_ANNOUNCE_BEGIN.ntf, multi-channel MLE Announces, and MLE
Child ID Requests during re-attachment. Includes verification of
MLE layer security and Key Identifier Mode for Announce messages.
- tests/nexus/verify_utils.py: Added support for MLE auxiliary
security header fields in pktverify.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_12 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_12 to default test list.
This commit adds Nexus test case 9.2.19 which verifies that the DUT
can properly get Pending Operational Dataset parameters using the
MGMT_PENDING_GET.req command.
It also addresses review comments and improves the robustness of IPv6
address verification across several Nexus tests.
Implementation details:
- tests/nexus/test_9_2_19.cpp: Implemented the test procedure. Fixed
incorrectly escaped newline characters.
- tests/nexus/test_9_2_3.cpp: Fixed incorrectly escaped newline
characters.
- tests/nexus/verify_utils.py: Added a robust helper function
'is_leader_aloc_or_rloc' using the 'ipaddress' module to identify
Leader ALOC and RLOC addresses by their IID.
- tests/nexus/verify_9_2_19.py, tests/nexus/verify_9_2_3.py,
tests/nexus/verify_9_2_5.py: Replaced fragile string-slicing and
duplicated code with the shared helper in 'verify_utils.py'.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_19 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_19 to the test list.
The tests have been verified to pass in the Nexus simulation
environment.
This commit adds Nexus test 9.2.9 which verifies synchronization of
Pending Operational Datasets when two network partitions merge.
The implementation covers:
- Formation of a single partition with Commissioner, Leader, and two
Routers in a LINE topology.
- Initial Pending Operational Dataset configuration via Commissioner.
- Partition split using RF isolation and subsequent dataset updates
in both partitions.
- Verification of dataset synchronization (Active and Pending) during
partition merge per Thread specification 8.4.3.5.
- Validation of network connectivity (ICMPv6 Echo) after synchronization.
Implementation details:
- tests/nexus/test_9_2_9.cpp: C++ test execution logic. Implements the
36-step test specification using direct core calls. Uses a LINE
topology and adjusted timing parameters for partition stability.
- tests/nexus/verify_9_2_9.py: Python pcap verification script. Uses
non-linear searching to handle interleaved post-merge updates and
detailed TLV-level verification for MLE and CoAP messages.
- tests/nexus/verify_utils.py: Updated meshcop timestamp parsing to
support multiple occurrences in a single packet.
- tests/nexus/verify_9_2_11.py: Updated to match timestamp parsing
changes in verify_utils.py.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_9 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_9 to default test list.
This commit adds a new Nexus test case 9.2.18 that verifies the
rollback of the Active Timestamp via the Pending Operational Dataset
when a new Network Master Key is included.
Changes include:
- Implementation of test 9.2.18 in C++ using direct method calls.
- Implementation of verification script for 9.2.18 in Python.
- Extension of Nexus Core to support exporting multiple network keys.
- Update to verification utilities to handle multiple network keys.
- Addition of test 9.2.18 to the default Nexus test list.
- Fixes to Commissioner and Leader initialization in the Nexus test.
- Addition of AddNetworkKey() to Core to register keys for export.
- Update to SaveTestInfo() to export 'network_keys' list in JSON.
- Robust handling of multiple decryption keys in verify_utils.py.
This commit fixes improper argument usage for SPINEL_DATATYPE_DATA_WLEN_S,
SPINEL_DATATYPE_DATA_S, SPINEL_DATATYPE_EUI64_S, and SPINEL_DATATYPE_UTF8_S
in Logger::LogSpinelFrame.
Key changes:
- Use pointer-to-pointer for data and unsigned int pointer for length
when using spinel_datatype_unpack with data types.
- Switch to spinel_datatype_unpack_in_place() when unpacking into local
buffers or structures (e.g., for EUI-64 addresses and MAC keys).
- Remove redundant length arguments for SPINEL_DATATYPE_UTF8_S.
- Refactor SPINEL_PROP_RCP_MAC_KEY to use otMacKey and in-place unpacking.
These fixes prevent potential crashes, stack corruption, and incorrect
data parsing in the Spinel logging utility.
This commit adds Nexus test case 9.2.17 which verifies the behavior of
an orphaned end device as it searches for a new parent using MLE
Announce messages.
Implementation details:
- tests/nexus/test_9_2_17.cpp: C++ test execution logic. Implements the
3-node topology (Leader_1, Leader_2, ED_1) using direct method calls.
Manages RF isolation by manipulating the Mac Filter AllowList. Sets
log level to note. Uses MED mode for the DUT to enable MLE Announce
behavior. Also explicitly sets the channel mask for Leader_2 for
robustness.
- tests/nexus/verify_9_2_17.py: PCAP verification script. Verifies
initial MLE Advertisements on separate channels, DUT sending MLE
Parent Requests on the primary channel, followed by MLE Announce
on the secondary channel. Verifies Leader_2 sending MLE Announce on
the primary channel and DUT successfully attaching to Leader_2.
- tests/nexus/run_nexus_tests.sh: Added 9_2_17 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_17 target.
- Included full test specification as inline comments in both C++ and
Python code.
This commit fixes the problem where OpenThread mDNS responder always
sends responses to port 5353, ignoring the source port of the query.
According to RFC 6762, a mDNS responder should support one-shot
multicast DNS queries by sending the response to the source address
and source port of the query.
Changes:
- Captured the actual source port from incoming queries in Simulation
and POSIX platforms.
- Updated otPlatMdnsSendUnicast in Simulation platform to use the
provided destination port.
- Verified that legacy unicast responses correctly cap TTL to 10
seconds as required by RFC 6762 section 6.7.
This commit adds Nexus test 9.2.16 which verifies synchronization of
Active and Pending Operational Datasets between nodes during attach.
The test case implementation covers:
- Formation of a network with Commissioner, Leader, and Router_1.
- Initial attachment of Router_2 (DUT) to synchronization datasets.
- Dataset updates (Pending and Active) via Commissioner while DUT is
powered down, including PAN ID and Mesh-Local Prefix changes.
- Verification that DUT synchronizes both datasets correctly upon
reattaching to the network with a new PAN ID.
- Validation of network connectivity (ICMPv6 Echo) after the dataset
migration and reattachment.
Implementation details:
- tests/nexus/test_9_2_16.cpp: C++ test execution using direct method
calls. Sets log level to note. Uses AllowList for topology control.
- tests/nexus/verify_9_2_16.py: Python pcap verification script.
Implements robust filtering for CoAP and MLE messages.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_16 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_16 to default test list.
This commit adds Nexus test case 9.2.13 which verifies that the Thread
device properly accepts and processes Energy Scan Requests and sends
the corresponding Energy Scan Reports.
Implementation details:
- tests/nexus/test_9_2_13.cpp: C++ test execution logic. Implements
the 9.2.13 spec using direct core calls. Manages two separate
networks (Network 1 on channel 11 and Network 2 on channel 12).
Configures a topology with Leader, Commissioner, Router, and FED
nodes in Network 1, and Leader and SED nodes in Network 2.
- tests/nexus/verify_9_2_13.py: PCAP verification script. Verifies
unicast and multicast MGMT_ED_SCAN.qry messages and the resulting
MGMT_ED_REPORT.ans responses. Uses strict CoAP URI path and ICMPv6
type filtering.
- tests/nexus/platform/nexus_core.hpp/cpp: Added an optional leader
node parameter to SaveTestInfo() to allow specifying which network
partition information (like Network Key and Mesh-Local Prefix)
should be exported to the JSON file for verification. This ensures
correct packet dissection in multi-partition test scenarios.
- tests/nexus/run_nexus_tests.sh: Added 9_2_13 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_13 target.
This commit fixes and stabilizes Nexus test case 9.2.7. It ensures full
compliance with the test specification and improves resilience against
timing variations in the simulated environment.
Changes:
- tests/nexus/test_9_2_7.cpp: Corrected the node sending the pending
dataset update in Step 11 to the Router, matching the spec. Ensured the
full Pending Operational Dataset is included in the request. Fixed
misleading comments regarding timestamp values and ensured Step 11 uses
a strictly higher active timestamp than Step 5.
- tests/nexus/verify_9_2_7.py: Relaxed delay timer verification slack to
improve test stability. Added explicit checks for Active and Pending
Timestamps in multicast MLE Data Responses. Corrected expected timestamp
values and comments.
This commit fixes flakiness in Nexus test 7.1.4 by addressing a race
condition in the packet verification script.
The verification logic previously advanced the global packet index
after identifying the Border Router's multicast MLE Data Response.
However, if a child (MED_1) sent its Child Update Request slightly
before the multicast response was processed or captured in that
specific order, the verification script would miss it because the
index had already moved forward.
The fix refactors 'verify_7_1_4.py' to use 'pkts.copy()' for major
verification blocks (Steps 5 through 8). This ensures that each step
searches from a consistent base index, making the verification robust
against variations in packet delivery and capture order.
Additionally, this commit:
- Extracts the duplicated Child Update Request/Response exchange
logic into a helper function '_verify_child_update_exchange' to
improve code reuse and maintainability.
- Adds a destination filter to Step 7 to improve verification
specificity for SED_1 notifications.
This commit adds Nexus test case 9.2.15 which verifies the
synchronization of a Pending Operational Dataset between an attaching
Router and an existing Router.
Implementation details:
- tests/nexus/test_9_2_15.cpp: Implemented the test procedure using
direct core method calls. Sets node connectivity via AllowList and
log level to note. Implements power-down simulation by stopping MLE
and bringing down the network interface. Extracted MGMT_PENDING_SET
logic into a SendPendingSet helper function for better maintainability.
- tests/nexus/verify_9_2_15.py: Implemented robust verification logic
to validate end-to-end CoAP MGMT_PENDING_SET and MGMT_ACTIVE_GET
messages, along with MLE Parent Request/Response and Child ID
Request/Response exchanges.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_15 target to the build
configuration.
- tests/nexus/run_nexus_tests.sh: Added 9_2_15 to the default test list.
This commit adds Nexus test case 9.2.14 which verifies that the DUT
properly accepts and processes PAN ID Query requests and responds
when a conflict is found.
Implementation details:
- tests/nexus/test_9_2_14.cpp: C++ test execution logic. Implements
a 4-node topology (Leader_1, Router_1, Commissioner, Leader_2).
Leader_2 forms a separate network on a secondary channel with the
same PAN ID. Test uses direct core method calls and sets log level
to note.
- tests/nexus/verify_9_2_14.py: Python pcap verification script.
Verifies MGMT_PANID_QUERY requests (unicast and multicast) from
the Commissioner and MGMT_PANID_CONFLICT responses from Router_1.
Ensures correct TLVs are present in CoAP payloads.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_14 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_14 to default test list.
The test has been verified to pass in the Nexus simulation environment.
This commit removes calls to `SetSockPortToTmf()` from the Border
Agent prior to sending messages via `Tmf::Agent`. Setting the
local socket port is unnecessary because the `Tmf::Agent` is already
bound to the TMF port number when sending CoAP messages.
Additionally, since these removals eliminate the last uses of the
`SetSockPortToTmf()` method within the codebase, the method itself
has been completely removed from `Tmf::MessageInfo` class to clean up
dead code.
This commit adds Nexus test 9.2.11 which verifies the Leader's
management of the Delay Timer during Pending Dataset updates.
The test case implementation covers:
- Formation of a network with Leader (DUT), Commissioner, Router,
MED, and SED.
- Simulation of MGMT_PENDING_SET.req via otDatasetSetPending on the
Leader node.
- Verification of multicast MLE Data Responses triggered by dataset
updates.
- Propagation of Pending Operational Dataset information across the
network.
- Validation of network stability and connectivity (ICMPv6 Echo)
across long wait periods defined by the Delay Timer.
Stable network timing and polling parameters were adjusted to ensure
reliable execution in the Nexus simulation environment.
Files modified:
- tests/nexus/test_9_2_11.cpp: C++ test execution logic.
- tests/nexus/verify_9_2_11.py: Python pcap verification script.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_11 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_11 to the test list.
This commit adds Nexus test case 5.8.4 which verifies the Security Policy
TLV bits (O, N, R, B) being disabled and the resulting network behavior.
Implementation details:
- tests/nexus/test_5_8_4.cpp: Implemented the test procedure using
direct core method calls. The test procedure implements all 20 steps
from the specification with cumulative Security Policy bit updates.
Removed unused constant kExternalCommissioningMask to fix build error.
- tests/nexus/verify_5_8_4.py: Implemented robust Python verification
logic that handles out-of-order packets and verifies individual
Security Policy and Discovery Response bits.
- tests/nexus/verify_utils.py: Enhanced the parser to support granular
Security Policy bits and Discovery Response Native Commissioning bit.
Replaced magic numbers with constants and registered additional
Security Policy flags (C, e, p) for completeness.
- tests/nexus/platform/nexus_core.cpp: Refactored SaveTestInfo to
use the Leader node as the authoritative source for network keys
and prefixes, ensuring correct decryption in verification scripts.
- Included full test specification as inline comments in both C++ and
Python code.
This commit adds Nexus test case 9.2.10 which verifies that the Thread
device maintains a delay timer after partitioning.
Implementation details:
- tests/nexus/test_9_2_10.cpp: C++ test execution logic. Implements the
5-node topology (Commissioner, Leader, Router_1, MED_1, SED_1) using
direct method calls. Manages RF isolation by manipulating the Mac Filter
AllowList. Sets log level to note.
- tests/nexus/verify_9_2_10.py: PCAP verification script. Verifies
MGMT_PENDING_SET.req/rsp, MLE Data Response dissemination, and
network-wide channel/PAN ID migration across partitions.
- tests/nexus/run_nexus_tests.sh: Added 9_2_10 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_10 target.
This commit fixes occasional failures in Nexus test 7.1.8 by making
the verification script more robust against interleaved packets.
The implementation details:
- tests/nexus/verify_7_1_8.py: Refactored Step 3 to use separate
filter copies to find the Leader's MLE Data Response and CoAP ACK
independently of their order.
- Correctly updated the main packet filter index to ensure that
subsequent verification steps proceed from the point after both
packets have been identified.
This commit adds Nexus test case 9.2.8 which verifies that the Leader
correctly manages and persists both Active and Pending Operational
Datasets, including behavior across node re-attachments.
Implementation details:
- tests/nexus/test_9_2_8.cpp: C++ test execution logic. Implements
the 9.2.8 spec using direct core calls. Simulates power down using
Node::Reset() to verify parameter persistence across a full stack
re-initialization. Standardized node initialization by removing
explicit extended address and network key configuration, relying on
platform defaults and GenerateRandom(). Aligned leader startup to use
Up() and Start() for consistency with other tests.
- tests/nexus/verify_9_2_8.py: PCAP verification script. Verifies
MGMT_PENDING_SET.req/rsp, MGMT_ACTIVE_SET.req/rsp, and MLE
dissemination. Uses relaxed address filtering to handle short
address usage in Child ID Requests. Updated to use constants from
pktverify.consts. Improved verification robustness by checking
each DUT individually for re-attachment and connectivity.
- tests/nexus/verify_utils.py: Added support for parsing Pending
Timestamp and Delay Timer TLVs in CoAP payloads. Patched pktverify
to support wpan_tap layer for channel verification.
- tests/nexus/run_nexus_tests.sh: Added 9_2_8 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_8 target.
This commit updates GEMINI.md to include instructions for building and
running Nexus tests. Nexus is a test framework that enables faster and
more scalable network simulations within a single process.
The updated documentation provides:
- A brief overview of the Nexus test framework.
- The command to build Nexus tests using 'tests/nexus/build.sh'.
- Commands to run all Nexus tests or a specific test using
'tests/nexus/run_nexus_tests.sh'.
- A reference to 'tests/nexus/README.md' for further details.
This commit updates `Manager::SendBackboneAnswer()` to use
`Coap::Message::InitAsPost()`, which automatically determines the
CoAP message type (Confirmable vs. Non-Confirmable) based on whether
the destination address is multicast. This simplifies the code and
removes the need for the local `proactive` boolean variable.
This commit updates `AddressResolver::SendAddressError()` to accept the
destination address as a `const Ip6::Address &` instead of a pointer.
This allows the implementation to be simplified by using
`Coap::Message::InitAsPost()`, which automatically determines the
CoAP message type (confirmable vs. non-confirmable) based on whether
the destination address is multicast.
All callers of `SendAddressError()` are updated accordingly. When
sending to all routers, `GetRealmLocalAllRoutersMulticast()` is now
explicitly passed.
This commit introduces a new set of logging macros, `LogCritOnError`,
`LogWarnOnError`, `LogNoteOnError`, `LogInfoOnError`, and
`LogDebgOnError`, to provide a consistent and streamlined way to log
errors across the codebase.
The new macros automatically prepend "Failed to " and append the error
string (using `ErrorToString()`) to the log message, reducing
boilerplate code and ensuring a uniform log format. These macros only
emit a log if the provided `Error` is not `kErrorNone`.
This change improves code readability and maintainability by
consolidating error logging logic into the logging framework.
This commit enhances the `batracker agents` command to display parsed,
human-readable information from the Border Agent TXT data by default.
This allows users to easily inspect the Border Agent State Bitmap
(Connection Mode, Thread Interface Status, Availability, Role, etc.)
and other fields like Thread Version, Network Name, Vendor Name,
or Vendor Model without manually decoding the raw bytes.
The `rawtxt` argument is introduced to optionally display the TXT data
in the raw key/value pair format.
To support this, new public APIs are added to convert Border Agent
State Bitmap enum values to their string representations.
This commit adds Nexus test 9.2.7 and improves the pktverify framework
to correctly handle Thread timestamp parsing.
The implementation includes:
- tests/nexus/test_9_2_7.cpp:
- C++ execution logic using direct core method calls.
- Implements a real Commissioner session to correctly authorize
Dataset updates.
- Documents a deviation in Step 5 where the Active Timestamp is set
to 15s (instead of 20s) to satisfy strictly increasing timestamp
requirements for subsequent steps.
- tests/nexus/verify_9_2_7.py:
- Python verification with strict field checks for timestamps and
timers.
- Handles interleaved traffic using save_index().
- Updates verification logic to accommodate timer decrements.
- Integration:
- tests/nexus/CMakeLists.txt: Added nexus_9_2_7 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_7 to default test list.
The pktverify fixes include:
- tests/scripts/thread-cert/pktverify/layer_fields.py:
- Added _thread_timestamp parser to handle raw 8-byte Thread timestamps,
avoiding fragility and timezone issues associated with date string
parsing.
- Fixed _auto parser to use calendar.timegm() for UTC date strings
instead of time.mktime(), ensuring correct epoch values regardless
of the local system timezone.
- Mapped active and pending timestamp fields to use the new
_thread_timestamp parser.
This commit updates 'tests/nexus/README.md' to provide detailed
instructions on how to build and run the Nexus tests, including
the recently added automated testing and packet verification
scripts.
Changes:
- Added instructions for building TREL tests using 'build.sh trel'.
- Added a section on automated testing and packet verification
using the 'run_nexus_tests.sh' script.
- Explained how to run individual C++ tests and Python verification
scripts manually.
- Clarified the usage of topology names and JSON output filenames
as arguments for Nexus C++ tests.
This commit fixes intermittent failures in Nexus test 7.1.7 by
improving test stability and making the verification script more
robust.
Implementation details:
- tests/nexus/test_7_1_7.cpp: Added a 500ms external poll period for
SED_1 to ensure it remains active and reachable during the test.
Replaced the magic number with a named constant `kSedPollPeriod`.
Added a stabilization delay after Step 17 to ensure network data
updates are fully propagated.
- tests/nexus/verify_7_1_7.py: Added source filtering for the Leader
(DUT) in network data update checks to avoid matching packets from
other nodes. Used Border Router sub-TLV count checks to reliably
distinguish between initial prefix additions and subsequent
removals. Improved CoAP ACK verification to handle interleaved
packets and ensure correct destination filtering. Refactored
verification chains to follow project-specific formatting standards.
This commit adds Nexus test case 9.2.6 which verifies that the Leader
properly collects and disseminates Active and Pending Operational
Datasets through the Thread network.
Implementation details:
- tests/nexus/test_9_2_6.cpp: C++ test execution logic. Includes both
MED_1 and SED_1 in the topology to simultaneously verify
dissemination to different child types in a single run. Uses direct
core calls and sets a 500ms external poll period for SED_1.
- tests/nexus/verify_9_2_6.py: PCAP verification script. Implements
robust MLE and CoAP filtering to handle short address usage and out-
of-order packet delivery. Includes monkey-patching for MeshCoP TLV
parsing in CoAP. Improved MGMT_PENDING_SET filter robustness and
removed full range reset in Step 18.
- tests/nexus/verify_9_2_4.py: Fixed regressions in MGMT_ACTIVE_SET
verification logic introduced during refactoring.
- tests/nexus/verify_utils.py: Added support for parsing
mesh_local_prefix and NM_FUTURE_TLV in CoAP payloads.
- tests/scripts/thread-cert/pktverify/consts.py: Added NM_FUTURE_TLV.
- tests/nexus/run_nexus_tests.sh: Added 9_2_6 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_6 target.
This commit updates `PendingRequests::HandleTimer()` and
`PendingRequests::AbortAllMatching()` to perform request finalization
(which invokes user callbacks) outside of the main loop iterating over
the `mRequestMessages` queue.
Iterating over `mRequestMessages` while invoking user callbacks is
unsafe because the callback may modify the request queue (e.g., abort
other transactions), potentially invalidating the iterator. This change
protects against this by moving requests to be finalized into a separate
local `MessageQueue`. The requests in the local queue are then
finalized and freed after the main loop finishes.
This commit fixes intermittent failures in Nexus test 9.2.5 and aligns
its implementation and documentation with the authoritative test
specification.
Intermittent failures were caused by disruptive network identity
changes (Extended PAN ID and Network Name) that resulted in
inconsistent node detachment and re-attachment in the simulation.
Wait times and timeouts were adjusted to improve stability.
Changes:
- Updated operational dataset values in 'test_9_2_5.cpp' to match
'Cert_9_2_05_ActiveDataset.py'.
- Adjusted 'kResponseTime' and 'kEchoTimeout' for better reliability.
- Enhanced 'verify_9_2_5.py' to strictly verify all mandated TLV
types in 'MGMT_ACTIVE_SET.req' payloads.
- Aligned inline comments and print statements in both C++ and Python
files with the authoritative spec in 'test-9-2-5.txt'.
- Corrected a typo note in the Step 5 description as per the spec.
Test 9.2.4 could occasionally fail due to the random selection of
the initial channel by the Leader. If the randomly selected channel
matched the 'Secondary' channel (12) used in MGMT_ACTIVE_SET.req in
step 6, the request would be accepted instead of rejected, causing
a verification failure.
This commit fixes the issue by explicitly configuring the Leader's
initial Operational Dataset with a fixed set of parameters (Channel
11, PAN ID 0xABCD, etc.) that are guaranteed to be different from
the parameters tested in the MGMT_ACTIVE_SET.req steps.
The fix was verified by running the test 20 times in a loop without
any failures.
This commit replaces instances of IgnoreError with SuccessOrQuit in
several Nexus test files to ensure that errors from core methods are
properly handled and cause test failure if they occur.
Modified files:
- tests/nexus/test_5_1_5.cpp
- tests/nexus/test_5_1_9.cpp
- tests/nexus/test_5_1_10.cpp
- tests/nexus/test_5_6_4.cpp
- tests/nexus/test_6_1_5.cpp
- tests/nexus/test_7_1_2.cpp
- tests/nexus/test_7_1_8.cpp
This commit adds a new Nexus test case 9.2.5 which verifies the DUT's
behavior when receiving MGMT_ACTIVE_SET.req from an active Thread node.
The test ensures that the Leader (DUT) correctly processes updates to
Active Operational Dataset parameters and disseminates them via MLE.
The test implementation includes:
- tests/nexus/test_9_2_5.cpp:
- C++ execution logic using direct core method calls.
- tests/nexus/verify_9_2_5.py:
- Python script to verify pcap output against the test specification.
- Implements strict validation of CoAP payload TLVs and response states.
- Infrastructure improvements:
- tests/nexus/verify_utils.py: Added parsing for MeshCoP TLVs in CoAP.
- tests/scripts/thread-cert/pktverify/layer_fields.py: Fixed ISO timestamp
parsing for compatibility with newer tshark versions.
Currently, `KeyManager` generates and stores a random `NetworkKey` in its
constructor when `OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE` is
enabled. This invokes `StoreNetworkKey()`, which interacts with
`KeyRefManager`. Accessing other components during construction can be
unsafe if they are not yet fully initialized.
This commit introduces a `KeyManager::Init()` method to handle this
initialization. This method is called from `Instance::AfterInit()`,
ensuring that the `Instance` and all dependencies, such as
`KeyRefManager`, are fully constructed before the `KeyManager` attempts
to access them.
This commit adds Nexus test 9.2.4 which verifies that the Active
Operational Dataset can be updated via the Commissioner using
MGMT_ACTIVE_SET.req.
The test implementation includes:
- test_9_2_4.cpp: C++ test execution for both Topology A (DUT as
Leader) and Topology B (DUT as Commissioner). It performs 22
steps, including various validation cases for MGMT_ACTIVE_SET.req
(invalid TLVs, old timestamps, invalid session ID, steering data,
and future TLVs).
- verify_9_2_4.py: Python script to verify the pcap output from the
test against the specification. It includes a custom CoAP TLV
parser to handle MeshCoP TLVs.
Key implementation details:
- Use direct method calls instead of OpenThread public APIs.
- Configure node connectivity using AllowList between Leader and
Commissioner.
- Set log level to 'note' for detailed output.
- Include full test specification as inline comments in both C++
and Python code.
- Added 9_2_4 to CMakeLists.txt and the default test list in
run_nexus_tests.sh.
This commit adds a new Nexus test case 7.1.7 which verifies that
network data is properly updated when a server (Border Router)
leaves and rejoins the network with modified information.
The test verifies that:
- The Leader (DUT) correctly processes CoAP Server Data
Notifications from two Border Routers.
- The Leader multicasts updated network data to neighbors and MEDs.
- The Leader sends unicast updates (Child Update Request or Data
Response) to SEDs.
- When a Border Router (Router 2) leaves and starts its own
partition, then rejoins with a new prefix (Prefix 2), the Leader
correctly updates the network data and disseminates it.
- Connectivity is maintained via ICMPv6 Echo Requests to addresses
based on the new prefixes.
- When a prefix is removed, the network data is correctly updated.
Summary of changes:
- Created tests/nexus/test_7_1_7.cpp:
- Implements test logic using direct core method calls.
- Sets log level to note.
- Configures AllowList for specified links (Leader-Router1,
Leader-Router2, Leader-MED1, Leader-SED1).
- Includes 1-line log outputs for each test step.
- Adheres to block comment formatting and 120-char line limits.
- Created tests/nexus/verify_7_1_7.py:
- Implements pcap-based verification of PASS criteria.
- Validates prefix updates and disseminations.
- Follows Python filter formatting style and 120-char limits.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 7_1_7 to the
default test list.
This commit adds a new Nexus test case for 'Getting the Active
Operational Dataset' (9.2.3) as specified in the Thread test
specification.
The test verifies that the active Commissioner can read Active
Operational Dataset parameters direct from the Leader using the
MGMT_ACTIVE_GET.req command, and that the Leader responds correctly
with the requested TLVs.
Summary of changes:
- Implemented Nexus test 9.2.3:
- Added tests/nexus/test_9_2_3.cpp: Implements the test execution
for both Topology A (DUT as Leader) and Topology B (DUT as
Commissioner). Uses direct core method calls and sets log level
to note. Configures the link between Leader and Commissioner
using AllowList.
- Added tests/nexus/verify_9_2_3.py: PCAP verification script
validating the MGMT_ACTIVE_GET request/response handshake for
various payload configurations (empty, specific TLVs, and mixed
allowed/not-allowed TLVs).
- Enhanced MeshCoP TLV support in nexus test framework:
- Updated verify_9_2_3.py with a monkey-patch for CoapTlvParser
to support MeshCoP TLV Request (Get) TLVs.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 9_2_3 in the
default test list and expanded tests loop.
This commit fixes an intermittent failure in Nexus test 5.5.5. The
failure occurred when Router_1 performed a late upgrade from child to
router after re-attaching to the DUT. This caused a mismatch between
the RLOC16 in the captured ping packets and the RLOC16 saved in the
test info JSON at the end of the test.
Changes:
- Disabled router eligibility for Router_1 in test_5_5_5.cpp after it
becomes isolated. This ensures it remains a child of the DUT and
maintains a consistent RLOC16 for the duration of the test.
This commit enhances the `PendingRequest` class by moving more functionality
regarding the management of pending CoAP requests into this nested class
within `CoapBase`.
Specifically, this change moves the handling of the retransmission timer,
retransmission of requests, finalizing a request, and aborting all or a
subset of requests. This helps organize the code and simplifies the
`CoapBase` class implementation.
Updates `SetOffset()` to ensure the offset is always clamped to the
current message length. This guarantees that the offset remains valid
and does not exceed the message size.
Updates `MoveOffset()` to accept `int16_t` as the delta and ensures
the calculated new offset is clamped within `0` and
`NumericLimits<uint16_t>::kMax` before setting it.
Updates `SetLength()` to rely on the new `SetOffset()` behavior to
automatically adjust the offset when the message length is reduced.
This commit adds `DetermineLengthAfterOffset()` helper method to
`Message` which returns the number of bytes in the message from the
current offset to the end of the message. This pattern is commonly used
in many places to determine the remaining length of the payload.
This commit updates various core modules including MeshCoP, 6LoWPAN,
IPv6, TCP, and MeshForwarder to use this new helper.
This commit enhances the `Message::Clone()` method to support a custom
configuration. This allows callers to specify a different length and
reserved header size for the cloned message via the new overload
`Clone(uint16_t aLength, uint16_t aReserveHeader)`.
The existing `Clone()` overloads have been updated to utilize this new
configuration mechanism. Additionally, `Coap::Message::Clone()`
methods are updated to align with these changes.
A new unit test `TestCloning()` is added to `test_message.cpp` to
verify the behavior of `Clone()` with various configurations.
This commit adds a new Nexus test case 7.1.8 which verifies that
when global prefix information is set on a Full End Device (FED),
the DUT (Router) properly disseminates the associated network data.
It also verifies that the DUT sends revised server data information
to the Leader when the FED is removed.
The test setup uses:
- Leader: Forms the network.
- Router 1 (DUT): Attached to the Leader.
- FED 1: Attached to the DUT.
The test verifies that:
- FED 1 sends a CoAP Server Data Notification to the Leader after
prefixes (2001::/64 stable and 2002::/64 non-stable) are added.
- The Leader and DUT multicast MLE Data Responses containing the
new network data.
- When FED 1 is removed, the DUT unicasts a CoAP Server Data
Notification to the Leader containing only the removed server's
RLOC16.
Summary of changes:
- Created tests/nexus/test_7_1_8.cpp:
- Implements test logic using direct core method calls.
- Sets log level to note.
- Configures AllowList for specified links (Leader-Router1,
Router1-FED1).
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting and line length.
- Created tests/nexus/verify_7_1_8.py:
- Implements pcap-based verification of PASS criteria.
- Validates CoAP and MLE message exchanges.
- Follows requested Python filter and line length formatting.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 7_1_8 to the
default test list.
This commit adds Nexus test 5.6.9 which verifies that a router
properly forwards data packets to a Border Router based on
Network Data information.
The test implementation includes:
- test_5_6_9.cpp: C++ test execution that sets up the topology
using Leader, two Routers (one as DUT), a MED, and a SED. It
configures external routes and triggers ICMPv6 Echo Requests.
- verify_5_6_9.py: Python script to verify the pcap output
against the test specification.
Key implementation details:
- Use direct method calls instead of OpenThread APIs where
applicable.
- Configure node connectivity using AllowList.
- Set log level to 'note'.
- Follow specific comment and logging formats as required by the
nexus test framework.
- Avoid magic numbers by using constants for time and identifiers.
- Added 5_6_9 to CMakeLists.txt and run_nexus_tests.sh default list.
This commit adds a new Nexus test case for 'On Mesh Commissioner -
MGMT_COMMISSIONER_SET.req & rsp' (9.2.2) as specified in the Thread
test specification.
Summary of changes:
- Implemented Nexus test 9.2.2:
- Added tests/nexus/test_9_2_2.cpp: Implements the test execution
for Topology A (Leader DUT). The test verifies Leader's behavior
when receiving MGMT_COMMISSIONER_SET.req directly from the active
Commissioner, including validation of missing or invalid TLVs.
Uses MeshCoP::SteeringData and Tmf::MessageInfo for more idiomatic
implementation as per review feedback.
- Added tests/nexus/verify_9_2_2.py: PCAP verification script
validating the MGMT_COMMISSIONER_SET request/response handshake
and subsequent MLE Data Response.
- Enhanced MeshCoP TLV support in nexus test framework:
- Updated tests/nexus/verify_utils.py to robustly parse MeshCoP TLVs
(Commissioner Session ID, State, Steering Data, etc.) and handle
type overlaps with existing Diagnostic TLVs.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 9_2_2 in the
default test list.
This commit adds a new Nexus test case 7.1.6 which verifies network
data propagation when a Border Router leaves the network, rejoins,
and updates its server data.
The test verifies that when the DUT (Border Router) leaves, its
registered prefixes are removed from the network data after a timeout.
Upon rejoining and updating its server data, the test ensures that
the new prefixes are correctly propagated to other routers and
their children (MED and SED).
Summary of changes:
- Created tests/nexus/test_7_1_6.cpp:
- Implements the 17-step test specification.
- Handles DUT reset and rejoin as a Router (FED).
- Uses direct OpenThread core method calls.
- Configures AllowList for controlled topology.
- Addressed review comments by using more idiomatic `FromString()`
and removing redundant constants.
- Created tests/nexus/verify_7_1_6.py:
- Implements PCAP-based verification of the test steps.
- Validates prefix removal and subsequent propagation of updated
data.
- Uses non-sequential packet search for robust verification.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 7_1_6 in the
default test list.
This commit adds a new Nexus test case 5.6.7 which verifies that a
REED device (DUT) correctly identifies an outdated version of the
Network Data and automatically requests an update from its parent
after hearing an incremented Data Version in MLE Advertisements.
The test setup uses:
- Leader: Configured as a Border Router.
- Routers 1-15: Attached to the Leader to form a network with 16
active routers.
- REED 1 (DUT): Attached to Router 1.
The test verifies that:
- The DUT correctly handles RF isolation during Network Data updates.
- The DUT identifies the incremented Data Version in its parent's
(Router 1) MLE Advertisements.
- The DUT sends an MLE Data Request to its parent with a TLV Request
TLV for the Network Data TLV.
- The DUT receives the updated Network Data and subsequently
broadcasts its own MLE Advertisement with an incremented Data
Version in the Leader Data TLV.
Summary of changes:
- Created tests/nexus/test_5_6_7.cpp:
- Implements test logic using direct core method calls.
- Sets log level to note.
- Configures AllowList for specified links to create the
required topology.
- Includes 1-line log outputs for each test step.
- Created tests/nexus/verify_5_6_7.py:
- Implements pcap-based verification of PASS criteria.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 5_6_7 to the
default test list.
This commit implements a more robust mechanism to differentiate between
overlapping TLV types in CoAP payloads, specifically for TLV type 8,
which is used for both NM_STEERING_DATA_TLV (MeshCoP) and
DG_IPV6_ADDRESS_LIST_TLV (Diagnostic).
The logic previously relied solely on TLV length, which was fragile
and caused 16-byte Steering Data TLVs to be misinterpreted.
Key changes:
- Enhanced CoapTlvParser.parse() and CoapLayer to accept and pass the
CoapLayer instance as context during parsing.
- Added a 'uri_path' property to CoapLayer for easier access to the
CoAP URI path (recon).
- Updated thread_coap_tlv_parse in verify_utils.py to use the URI path
to correctly identify Diagnostic TLVs (if URI starts with '/d/') vs.
MeshCoP or other Thread TLVs.
- Updated verify_9_2_1.py monkey-patches to match the new parser
signature.
This commit adds a new Nexus test case for 'Network data expiration'
(5.6.6) as specified in the test specification.
The test verifies that network data is properly updated when deleting
a prefix or removing a server from the network.
Summary of changes:
- Implemented Nexus test 5.6.6:
- Added tests/nexus/test_5_6_6.cpp: Implements the test execution
including topology formation, on-mesh prefix configuration, and
silent power-off of a border router. The test uses direct method
calls, sets log level to note, and uses AllowList for
connectivity.
- Added tests/nexus/verify_5_6_6.py: PCAP verification script.
Validates CoAP Server Data notifications, MLE Data Responses,
and Child Update exchanges, ensuring correct network data
propagation and expiration.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 5_6_6 in the
default test list.
This commit adds a new Nexus test case 7.1.5 which verifies that the
DUT (Router) correctly sends a Server Data Notification CoAP frame when
a third global prefix is configured. It also verifies that the DUT
properly propagates the updated Network Data to its children (MED and
SED) and handles their address registration.
The test setup uses:
- Leader: Forms the network.
- Router 1 (DUT): Attached to the Leader. Acts as a Border Router with
three prefixes:
- Prefix 1 (stable)
- Prefix 2 (non-stable)
- Prefix 3 (stable)
- MED 1: Attached to the DUT, configured to require complete data.
- SED 1: Attached to the DUT, configured to request only stable data.
Summary of changes:
- Created tests/nexus/test_7_1_5.cpp:
- Implements test logic using direct core method calls.
- Sets log level to note.
- Configures AllowList for Router1-Leader, Router1-MED1, and
Router1-SED1 links.
- Sets poll period for SED 1 to ensure timely communication.
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting and line length.
- Created tests/nexus/verify_7_1_5.py:
- Implements pcap-based verification of PASS criteria.
- Validates selective prefix propagation based on child mode (MED
receives all prefixes, SED receives only stable prefixes 1 and 3).
- Verifies Server Data Notification and subsequent Child Update
exchanges.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 7_1_5 to the default
test list.
This commit adds a new Nexus test case 7.1.4 which verifies that
global prefix information can be set on the DUT (Router) after the
network is formed, and that the DUT correctly notifies the Leader
via CoAP and propagates the updated Network Data (stable/non-stable)
to its attached children (MED and SED).
The test setup uses:
- Leader: Already formed network.
- Router 1 (DUT): Attached to the Leader.
- MED 1: Attached to the DUT, requires complete network data.
- SED 1: Attached to the DUT, requests only stable network data.
The test verifies that:
- The DUT unicasts a CoAP Server Data Notification to the Leader
after prefixes (2001::/64 stable and 2002::/64 non-stable) are
added.
- The Leader multicasts the new network data.
- The DUT propagates the updated data to its children.
- MED 1 receives both prefixes and registers its addresses.
- SED 1 receives only the stable prefix (Prefix 1) and registers
its addresses.
Summary of changes:
- Created tests/nexus/test_7_1_4.cpp:
- Implements test logic using direct core method calls.
- Sets log level to note.
- Configures AllowList for specified links (Router1-Leader,
Router1-MED1, Router1-SED1).
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting.
- Created tests/nexus/verify_7_1_4.py:
- Implements pcap-based verification of PASS criteria.
- Validates selective prefix propagation based on child mode.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 7_1_4 to the
default test list.
This commit adds a new Nexus test case for 'Network data updates –
Router as BR' (5.6.5) as specified in the test specification.
The test verifies that the DUT, as Leader, properly updates and
disseminates network data after receiving new information from a
Router acting as a Border Router with three prefix configurations.
Summary of changes:
- Implemented Nexus test 5.6.5:
- Added tests/nexus/test_5_6_5.cpp: Implements test execution.
The test forms a network with a Leader (DUT), Router 1 (BR),
MED 1, and SED 1. It configures Router 1 as a BR with three
on-mesh prefixes and verifies the Leader disseminates this
information. The test uses direct method calls, sets log
level to note, and uses AllowList for connectivity.
- Added tests/nexus/verify_5_6_5.py: PCAP verification script.
Validates CoAP Server Data Notification, CoAP Response, MLE
Data Responses (multicast and unicast), and MLE Child Update
exchanges, ensuring all required TLVs and prefix information
are present.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 5_6_5 in
the default test list.
Renames LINK_LOCAL_All_THREAD_NODES_MULTICAST_ADDRESS to
LINK_LOCAL_ALL_THREAD_NODES_MULTICAST_ADDRESS and
REALM_LOCAL_All_THREAD_NODES_MULTICAST_ADDRESS to
REALM_LOCAL_ALL_THREAD_NODES_MULTICAST_ADDRESS across the test
scripts to ensure consistent ALL_CAPS_WITH_UNDERSCORES casing
for constants, adhering to PEP 8 and project conventions.
This commit adds a new Nexus test case for 'Commissioner -
MGMT_COMMISSIONER_GET.req & rsp' (9.2.1) as specified in the Thread
test specification.
Summary of changes:
- Implemented Nexus test 9.2.1:
- Added tests/nexus/test_9_2_1.cpp: Implements the test execution
for both Topology A (DUT as Leader) and Topology B (DUT as
Commissioner). The test verifies that MGMT_COMMISSIONER_GET
requests can retrieve the entire Commissioner Dataset or specific
TLVs.
- Added tests/nexus/verify_9_2_1.py: PCAP verification script.
Uses custom monkey-patching to correctly parse and verify MeshCoP
TLVs within CoAP payloads.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 9_2_1 in the
default list and handle its A/B topologies.
This commit implements otPlatDnssdStartSrvResolver and
otPlatDnssdStopSrvResolver to support service discovery on NCP.
This commit contains these changes:
* Add new spinel property for starting / stopping service resolver
* Implement encoding/decoding of the new property
* Add unit test for encoding/decoding
* Implement ncp version of dnssd platform API
otPlatDnssdStartSrvResolver and otPlatDnssdStopSrvResolver
* Add property handler to get resolver result on NCP side
* Add unit test to verify that the resolver callback is correctly
invoked after getting resolver result.
This commit adds `ReadAtAndAdvanceOffset()` to the `Message` class to
simplify reading data from the message at the current message offset
and then advancing the message offset. This pattern is commonly used
when processing message headers sequentially. The new method helps
reduce code verbosity and ensures the offset is always advanced by
the correct size.
The new helper is adopted in various core modules including DHCPv6,
IPv6, 6LoWPAN, MLE, and UDP processing.
This commit simplifies `IsPortInUse()` by using `LinkedList` helper
`ContainsMatching()` instead of manually iterating over the
list of sockets. A `SocketHandle::Matches(uint16_t aSockPort)`
is added to support this.
This commit adds a new Nexus test case for 'Network data propagation –
Router as Border Router' (5.6.4) as specified in the test
specification.
Summary of changes:
- Implemented Nexus test 5.6.4:
- Added tests/nexus/test_5_6_4.cpp: Implements the test execution
for the DUT acting as a Border Router. The test verifies that
prefixes added by the DUT are properly propagated to Router 1
and its children (MED and SED). The test uses direct method
calls, sets log level to note, and uses AllowList for
connectivity.
- Added tests/nexus/verify_5_6_4.py: PCAP verification script.
Validates the propagation of stable and non-stable prefixes
via MLE Data Response messages from Router 1 to its children,
and verifies subsequent Child Update Request/Response
exchanges for address registration.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 5_6_4 in the
default test list.
This commit adds a new Nexus test case 7.1.3 which verifies that global
prefix information can be set on the DUT (Leader) and that the DUT
correctly sets and propagates the Network Data (stable/non-stable) to
neighbors and children in an already formed network.
The test setup uses a Leader (DUT) configured as a Border Router with
both stable (2001::/64) and non-stable (2002::/64) prefixes. It
verifies that neighbors and MED_1 (requesting complete data) receive
both prefixes via MLE Data Response, while SED_1 (requesting only
stable data) receives only the stable prefix via MLE Child Update
Request.
Summary of changes:
- Created tests/nexus/test_7_1_3.cpp:
- Implements test logic using direct core method calls.
- Sets log level to note.
- Configures AllowList for Leader-Router1, Leader-MED1, and
Leader-SED1 links.
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting.
- Created tests/nexus/verify_7_1_3.py:
- Implements pcap-based verification of PASS criteria.
- Validates selective prefix propagation based on child mode.
- Verifies MLE Child ID and Child Update exchanges.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 7_1_3 to the
default test list.
This commit adds a new Nexus test case 5.6.3 which verifies that
the DUT, as a Router, correctly collects network data information
(stable/non-stable) from the Leader (acting as Border Router) and
propagates it properly to its children (MED and SED).
The test setup uses:
- Leader: Configured as a Border Router with both stable
(2001::/64) and non-stable (2002::/64) prefixes.
- Router 1 (DUT): Attached to the Leader.
- MED 1: Attached to the DUT, requests complete network data.
- SED 1: Attached to the DUT, requests only stable network data.
The test verifies that:
- The DUT multicasts both prefixes received from the Leader.
- MED 1 receives and registers both prefixes.
- SED 1 receives and registers only the stable prefix (Prefix 1).
- The selective propagation follows either MLE Child Update Request
or MLE Data Response paths.
Summary of changes:
- Created tests/nexus/test_5_6_3.cpp:
- Implements test logic using direct C++ method calls.
- Configures AllowList for specified links.
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting.
- Created tests/nexus/verify_5_6_3.py:
- Implements pcap-based verification of PASS criteria.
- Validates selective prefix propagation based on child mode.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 5_6_3 to the
default test list.
This commit fixes an issue in the Nexus simulation core where alarms
could fire multiple times at the same simulation timestamp. This occurred
because the `mScheduled` flag was not cleared upon firing, and if the
simulation time remained static (e.g., due to pending tasklets), the
`ShouldTrigger` condition would remain true across multiple iterations
of the simulation loop.
By clearing the `mScheduled` flag before invoking the fired callback,
we ensure that each scheduled alarm triggers exactly once unless it is
explicitly rescheduled by the stack. This improvement stabilizes Nexus
tests (such as 6.2.2) that were previously flaky due to this
non-deterministic behavior.
This commit adds a new Nexus test case for 'Child Synchronization
after Reset - MLE Child Update Request' (6.5.3) as specified in the
Thread test specification.
It also corrects and improves the verification of Sleepy End Device
(SED) polling behavior across Nexus tests.
Summary of changes:
- Implemented Nexus test 6.5.3:
- Added tests/nexus/test_6_5_3.cpp: Implements the test
execution for Topology B (SED_1). The test simulates a DUT
reset for a time shorter than its Child Timeout and verifies
correct synchronization with its parent.
- Added tests/nexus/verify_6_5_3.py: PCAP verification script
validating the MLE Child Update Request and SED polling.
- Fixed SED polling verification:
- Updated verify_6_5_3.py and verify_6_5_1.py to correctly
check for MAC Data Request frames (WPAN_DATA_REQUEST) instead
of MLE Data Requests.
- Switched to RLOC16-based filtering for MAC Data Requests to
reliably match packets even when 64-bit addresses are not
available due to encryption or short addressing.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_5_3.
This commit adds a new Nexus test case for 'Child Synchronization
after Reset - No Parent Response' (6.5.2) as specified in the test
specification.
Summary of changes:
- Implemented Nexus test 6.5.2:
- Added tests/nexus/test_6_5_2.cpp: Implements the test execution
for both Topology A (End Device 'ED_1') and Topology B (Sleepy
End Device 'SED_1'). The test simulates a DUT reset and a
subsequent parent failure (Router 1), verifying that the DUT
correctly reattaches to a different parent (Leader). The test
uses direct method calls, sets log level to note, and uses
AllowList for connectivity.
- Added tests/nexus/verify_6_5_2.py: PCAP verification script.
Validates the MLE Child Update Request TLVs, confirms the DUT
resumes polling if it is a SED, and verifies the subsequent
reattachment handshake with the Leader and ICMPv6 connectivity.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_5_2 in the
default test list and added expansion logic for A/B topologies.
This commit updates run_nexus_tests.sh to improve the readability
and utility of test execution:
- Capture test execution output in a log file.
- Only print the captured logs if the test fails.
- Provide a concise one-line status (PASSED/FAILED) for each test.
- Automatically clean up temporary work directories for passing tests.
- Preserve artifacts (PCAP, JSON, logs) for failed tests and print
the path to the preserved artifacts.
This commit ensures that the NetworkData::OnMeshPrefixConfig structure
is cleared using config.Clear() before it is used in Nexus tests.
Since OnMeshPrefixConfig is a local variable on the stack, its fields
can contain garbage values if not explicitly initialized. The core
validity check OnMeshPrefixConfig::IsValid() fails if both mDhcp and
mSlaac are set to true, which can happen with uninitialized memory.
Updated tests:
- tests/nexus/test_6_3_2.cpp: Fixed RunTest6_3_2.
- tests/nexus/test_5_6_1.cpp: Fixed RunTest5_6_1.
This commit adds a new Nexus test case 7.1.2 which verifies that when
global prefix information is set on the DUT (Router), it properly
unicasts information to the Leader using CoAP (Server Data Notification)
and that the DUT correctly propagates the aggregated Network Data to its
children during the attach procedure.
The test setup uses Router_1 (DUT) configured as a Border Router with
both stable (2001::/64) and non-stable (2002::/64) prefixes. It
verifies that MED_1 (requesting complete data) receives both prefixes,
while SED_1 (requesting only stable data) receives only the stable
prefix.
Summary of changes:
- Created tests/nexus/test_7_1_2.cpp:
- Implements test logic using direct C++ method calls.
- Sets log level to note.
- Configures AllowList for Router1-Leader, Router1-MED1, and
Router1-SED1 links.
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting.
- Created tests/nexus/verify_7_1_2.py:
- Implements pcap-based verification of PASS criteria.
- Validates selective prefix propagation based on child mode.
- Verifies MLE Child ID and Child Update exchanges.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 7_1_2 to the
default test list.
This commit adds a new Nexus test case for 'Attaching to a REED with
Better Link Quality' (6.1.6) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 6.1.6:
- Added tests/nexus/test_6_1_6.cpp: Implements the test execution
for both Topology A (End Device 'ED_1') and Topology B (Sleepy
End Device 'SED_1'). The test configures a topology where the
DUT has a bad link (LQ=1) to an active Router and a good link
(LQ=3) to a REED. It verifies that the DUT correctly sends a
second Parent Request including REEDs when the initial attempt
yields a poor quality parent. The test uses direct method calls,
sets log level to note, and uses AllowList for connectivity.
- Added tests/nexus/verify_6_1_6.py: PCAP verification script.
Validates that the DUT sends the first Parent Request with Scan
Mask set for Routers only, followed by a second Parent Request
with Scan Mask set for both Routers and REEDs. It then confirms
the DUT attaches to the REED via a Child ID Request.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_1_6 in the
default test list and added expansion logic for A/B topologies.
This commit adds a new Nexus test case for 'Key Increment of 1 with
Roll-over' (6.6.2) as specified in the test specification.
The test verifies that the DUT properly decrypts MAC and MLE packets
secured with a Key Index incremented by 1 (causing a rollover) and
switches to the new key.
Summary of changes:
- Implemented Nexus test 6.6.2:
- Added tests/nexus/test_6_6_2.cpp: Implements the test execution
for both Topology A (End Device 'ED_1') and Topology B (Sleepy
End Device 'SED_1'). The test initializes the network with
KeySequenceCounter = 127, then increments it to 128 to force
a key switch and rollover. The test uses direct method calls,
sets log level to note, and uses AllowList for connectivity.
- Added tests/nexus/verify_6_6_2.py: PCAP verification script.
Validates MLE Child ID Request and ICMPv6 Echo packets use the
expected Key Index (128 then 1), Key Source (127), and
Key ID Mode.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_6_2 in the
default test list and added expansion logic for A/B topologies.
This commit adds a new Nexus test case for 'End Device Synchronization'
(6.1.7) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 6.1.7:
- Added tests/nexus/test_6_1_7.cpp: Implements the test execution
for DUT as a Full End Device (FED). The test verifies that the DUT
automatically sends Link Requests to neighboring routers after
attaching to the Leader. The test uses direct method calls, sets
log level to note, and uses AllowList for connectivity.
- Added tests/nexus/verify_6_1_7.py: PCAP verification script.
Validates the MLE Child ID Request to the Leader and subsequent
unicast Link Requests to Router 1, 2, and 3, ensuring they contain
all required TLVs. Also verifies receipt of Link Accepts from the
routers.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_1_7 in the
default test list.
This commit adds a new Nexus test case for 'Key Increment of 1,
Single Hop' (6.6.1) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 6.6.1:
- Added tests/nexus/test_6_6_1.cpp: Implements the test execution
for both Topology A (End Device 'ED_1') and Topology B (Sleepy
End Device 'SED_1'). The test verifies that the DUT properly
decrypts MAC and MLE packets secured with a Key Index
incremented by 1 and switches to the new key. The test uses
direct method calls to KeyManager, sets log level to note,
and uses AllowList for connectivity.
- Added tests/nexus/verify_6_6_1.py: PCAP verification script.
Validates MLE Child ID Request and ICMPv6 Echo packets use the
expected Key Index (1 then 2) and Key ID Mode.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_6_1 in the
default test list and added expansion logic for A/B topologies.
This commit adds a new Nexus test case for 'Realm-Local Addressing'
(6.4.2) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 6.4.2:
- Added tests/nexus/test_6_4_2.cpp: Implements the test execution
for both Topology A (End Device 'ED_1') and Topology B (Sleepy End
Device 'SED_1'). The test verifies ICMPv6 Echo Request/Reply
using Realm-Local addresses (ML-EID, All-Nodes, and All Thread
Nodes). Fragmented (1200 bytes) and non-fragmented packets are
tested. The test uses direct method calls, sets log level to
note, and uses AllowList for connectivity (Leader <-> Router 1
<-> DUT).
- Added tests/nexus/verify_6_4_2.py: PCAP verification script.
Validates the exchange of ICMPv6 Echo packets for ML-EID,
Realm-Local All-Nodes (FF03::1), and Realm-Local All Thread
Nodes addresses. Correctly derives the Realm-Local All Thread
Nodes address from the mesh-local prefix.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_4_2 in the
default test list and added expansion logic for A/B topologies.
This commit adds a new Nexus test case 5.6.2 which verifies that
the DUT, as Leader, collects network data information (stable/
non-stable) from the network and propagates it properly during
the attach procedure.
The test setup uses Router_1 configured as a Border Router with
both stable (2001::/64) and non-stable (2002::/64) prefixes. It
verifies that SED_1 (requesting stable data) and MED_1 (requesting
complete data) receive the correct subset of network data during
the attach procedure to the Leader (DUT).
Summary of changes:
- Created tests/nexus/test_5_6_2.cpp:
- Implements test logic using direct C++ method calls.
- Configures AllowList for Leader-Router1, Leader-MED1, and
Leader-SED1 links.
- Includes 1-line log outputs for each test step.
- Adheres to requested block comment formatting.
- Created tests/nexus/verify_5_6_2.py:
- Implements pcap-based verification of PASS criteria.
- Validates selective prefix propagation based on child mode.
- Verifies MLE Child ID and Child Update exchanges.
- Follows requested Python filter formatting style.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 5_6_2 to the
default test list.
This commit adds a new Nexus test case for 'Child Synchronization after
Reset - Reattach' (6.5.1) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 6.5.1:
- Added tests/nexus/test_6_5_1.cpp: Implements the test execution
for both Topology A (Minimal End Device 'MED_1') and Topology B
(Sleepy End Device 'SED_1'). The test simulates a DUT reset for
a time longer than its Child Timeout and verifies that it
correctly reattaches to its parent (Leader). The test uses direct
method calls, sets log level to note, and uses AllowList for
connectivity.
- Added tests/nexus/verify_6_5_1.py: PCAP verification script.
Validates the MLE Child Update Request TLVs, handles the 'Error'
status response from the Leader, and confirms the subsequent
reattachment handshake and ICMPv6 connectivity. Patches
pktverify to support the mle.tlv.status field.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_5_1 in the
default test list and added expansion logic for A/B topologies.
This commit adds a default implementation of the OpenThread crypto
platform API for the PSA Crypto API.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This commit adds a new Nexus test case for 'Network data propagation'
(7.1.1) as specified in the Thread Test Specification.
The test verifies that the DUT, acting as a Border Router and Leader,
correctly sets Network Data (stable and non-stable) and successfully
propagates it to various child types (Router, MED, and SED) during the
attach and child update processes.
Summary of changes:
- tests/nexus/test_7_1_1.cpp: Implements the test logic.
- Configures a network with a Leader (DUT), Router_1, MED_1, and
SED_1.
- Sets up On-Mesh Prefixes on the Leader (one stable, one non-stable)
and registers them.
- Sequentially attaches Router_1, SED_1, and MED_1.
- Advances time to allow for MLE Child ID and Child Update
exchanges.
- Uses direct core method calls and sets log level to note.
- tests/nexus/verify_7_1_1.py: Python PCAP verification script.
- Verifies MLE Advertisements from the Leader.
- Validates MLE Child ID Responses to Router_1 and MED_1 contain
both prefixes.
- Validates MLE Child ID Response to SED_1 contains only the stable
prefix and ensures P_border_router_16 is 0xFFFE.
- Verifies the Child Update exchange with required TLVs for MED_1
and SED_1.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
- tests/nexus/run_nexus_tests.sh: Added 7_1_1 to the default test list.
This commit adds a new nexus test that implements the test
specification for 6.3.2 Network Data Update.
The test covers both Topology A (Minimal End Device - MED) and
Topology B (Sleepy End Device - SED). It validates that the child
device correctly identifies updated network data and requests the
full network data if necessary.
Changes:
- Added tests/nexus/test_6_3_2.cpp to execute the test.
- Added tests/nexus/verify_6_3_2.py to verify packet captures.
- Updated tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_3_2.
The C++ code uses direct core method calls and handles RF isolation
between node pairs using AllowList/UnallowList. The Python script
performs rigorous verification of MLE Data Response, Child Update
Request/Response, and Data Request packets, including Address
Registration TLV content verification.
This commit adds a new Nexus test case for 'Attaching to a Router with
Better Link Quality' (6.1.5) as specified in the test specification.
Summary of changes:
- Added tests/nexus/test_6_1_5.cpp:
- Implements test 6.1.5 using direct method calls from the core.
- Sets up a topology with a Leader, one Router, and one REED.
- Uses AllowList to configure connectivity as specified.
- Adjusts RSSI between DUT and REED to ensure lower link quality.
- Sets log level to note and includes 1-line log output for each
test step.
- Avoids magic numbers by using descriptive constants.
- Added tests/nexus/verify_6_1_5.py:
- PCAP verification script for test 6.1.5.
- Validates MLE Parent Request and Child ID Request TLVs.
- Verifies that the DUT selects Router 1 (better link quality) as
its parent.
- Confirms ICMPv6 Echo connectivity between Router 1 and the DUT.
- Follows one-condition-per-line style for verification logic.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to include nexus_6_1_5.
- Updated tests/nexus/run_nexus_tests.sh to add 6_1_5 to the
default test list.
Increase kAttachToChildTime to 100s to ensure neighbor discovery
completes for REEDs. Also set kReedThreshold to 0 to prevent
premature router upgrades during the discovery phase.
This commit updates `tests/unit/test_seeker.cpp` to use `ot::Array`
instead of C-style arrays with initializer lists for passing expected
selection orders in `CheckSelection()`.
The previous approach of passing initializer lists to a function
expecting a reference to a constant array caused compilation issues
on certain toolchains due to template deduction rules or temporary
object handling. By explicitly populating an `ot::Array` and passing
it, the test code becomes more portable and robust across different
compilers.
This commit adds a new Nexus test case for 'Orphan Reattach' (6.3.1)
as specified in the Thread Test Specification.
The test validates that the DUT (ED or SED) will correctly detach
and re-attach to the Leader after its parent (Router_1) is silently
removed from the network.
Summary of changes:
- tests/nexus/test_6_3_1.cpp: Implements the test logic.
- Sets up a network with Leader, Router_1, and DUT.
- Initially attaches DUT to Router_1.
- Silently stops Router_1 to simulate parent loss.
- Advances time to allow the DUT to detect the loss and re-attach
to the Leader.
- Verifies connectivity via ICMPv6 Echo between Leader and DUT.
- tests/nexus/verify_6_3_1.py: Python PCAP verification script.
- Validates optional Child Update Request or Data Request
messages sent during the detachment phase.
- Exhaustively verifies the MLE attach sequence (Parent Request,
Parent Response, Child ID Request, Child ID Response) with the
new parent (Leader).
- Verifies the final ICMPv6 Echo Request/Reply exchange.
- tests/nexus/CMakeLists.txt: Integrated the new test into the build
system.
- tests/nexus/run_nexus_tests.sh: Added 6_3_1_A and 6_3_1_B to the
default test list.
This commit adds a new Nexus test case for 'Link-Local Addressing'
(6.4.1) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 6.4.1:
- Added tests/nexus/test_6_4_1.cpp: Implements the test execution
for both Topology A (End Device 'ED_1') and Topology B (Sleepy End
Device 'SED_1'). The test verifies unicast and multicast ICMPv6 Echo
Request/Reply using Link-Local addresses. Fragmented and
non-fragmented packets are tested. The test uses direct method
calls, sets log level to note, and uses AllowList for
connectivity.
- Added tests/nexus/verify_6_4_1.py: PCAP verification script.
Validates the exchange of ICMPv6 Echo packets for unicast
(Extended Address-based LLA) and multicast (All Thread Nodes and
All Nodes) addresses.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_4_1 in the
default test list and added expansion logic for A/B topologies.
This commit adds a new Nexus test case for 'Attaching to a REED with
Better Connectivity' (6.1.4) as specified in the test specification.
Summary of changes:
- Added tests/nexus/test_6_1_4.cpp:
- Implements test 6.1.4 using direct method calls from Mle class.
- Sets up a topology with a Leader, one Router, and two REEDs.
- Uses AllowList to configure connectivity so REED_1 (Router 3)
has better connectivity than REED_2 (Router 2).
- Sets log level to note and includes 1-line log output for each
test step.
- Avoids magic numbers by using constants for router upgrade
thresholds.
- Added tests/nexus/verify_6_1_4.py:
- PCAP verification script for test 6.1.4.
- Validates MLE Parent Request TLVs (Scan Mask) in steps 2 and 4.
- Verifies that the DUT selects REED_1 as its parent and sends a
unicast Child ID Request with required TLVs.
- Confirms ICMPv6 Echo exchange between REED_1 and the DUT.
- Follows requested style for line continuation and logging.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to include nexus_6_1_4.
- Updated tests/nexus/run_nexus_tests.sh to add 6_1_4 to the
default test list.
This commit adds a new Nexus test case 5.6.1 which verifies that
the DUT correctly sets the Network Data (stable/non-stable) received
during the attaching procedure and propagates it properly to
devices that attach to it.
The test setup uses a Leader configured as a Border Router with
both stable and non-stable prefixes. It verifies that children
attaching to the DUT (Router_1) receive the appropriate network
data based on their requested mode (full vs. stable-only).
Summary of changes:
- Created tests/nexus/test_5_6_1.cpp:
- Implements test execution using direct C++ method calls.
- Uses AllowList to define specific node links.
- Includes 1-line log outputs for each test specification step.
- Created tests/nexus/verify_5_6_1.py:
- Implements pcap-based verification of PASS criteria.
- Checks for stable/non-stable Network Data propagation.
- Validates 6LoWPAN fragmentation and MAC security.
- Verifies address registration and ICMPv6 connectivity.
- Updated tests/nexus/CMakeLists.txt to include the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 5_6_1 to the default
test list.
This commit updates the Nexus workflow to install TShark version 4.6.2
or later by adding the 'wireshark-dev/stable' PPA. This is required
to support modern Wireshark features in Nexus tests.
This commit adds a new Nexus test case for 'Connectivity when Parent
Joins Partition' (6.2.2) as specified in the Thread Test
Specification.
The test verifies that a Child (End Device or Sleepy End Device)
maintains connectivity when the current Leader is removed and its
parent Router joins a new partition created by another Router.
Summary of changes:
- tests/nexus/test_6_2_2.cpp: C++ test execution script.
- Implements support for Topology A (MED) and Topology B (SED).
- Sets up a network with a Leader, Router_1, Router_2, and the
DUT attached to Router_1.
- Configures Router_2 with a shorter NETWORK_ID_TIMEOUT and a
maximum Partition ID preference.
- Simulates Leader removal and verifies that Router_2 creates a
new partition and Router_1 joins it.
- Verifies that the DUT maintains connectivity via MLE Child
Update (MED) or periodic data requests (SED).
- Verifies bidirectional connectivity using ICMPv6 Echo Request.
- tests/nexus/verify_6_2_2.py: Python PCAP verification script.
- Validates that Router_2 creates a new partition with the
expected maximum Partition ID.
- Validates that Router_1 joins the new partition.
- For MED, verifies the MLE Child Update Request contains correct
TLVs (Source Address, Leader Data, Mode) and Partition ID.
- For SED, verifies periodic connectivity to the parent.
- Validates the ICMPv6 Echo Request and Reply exchange.
- tests/nexus/run_nexus_tests.sh: Updated test runner.
- Added 6_2_2 to the default test list.
- Added expansion logic to run both A and B topologies.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
This commit updates `Node::Join()` to allow specifying whether a node
joining as an SED should request the full network data or only the
stable subset via the `JoinMode` parameter.
Previously, `kAsSed` implicitly requested full network data. This
change updates `kAsSed` to request only the stable subset (the
default behavior for an SED). A new `kAsSedWithFullNetData` mode is
introduced to explicitly request full network data when joining as
an SED.
This change provides more flexibility in test scenarios, allowing
validation of SEDs with different network data requirements.
This commit adds a new Nexus test case for 'CoAP Diagnostic Query and
Answer Commands – Router, FED' (5.7.3) as specified in the test
specification.
Summary of changes:
- Implemented Nexus test 5.7.3:
- Added tests/nexus/test_5_7_3.cpp: Sets up a network topology
with a Leader, Router 1, and three children (FED 1, MED 1,
SED 1) attached to Router 1. Implemented internal callback
to validate that diagnostic responses contain essential TLVs
(MAC Address, RLOC16, Mode) and verified that at least two
nodes (Router and FED) respond.
- Added tests/nexus/verify_5_7_3.py: PCAP verification script.
Validates the multicast query and the subsequent answers from
the Router and FED DUTs. Performed deep validation of returned
TLVs (MAC Address, RLOC16, Mode, Leader Router ID, IPv6 Address
List, Child Table).
- Enhanced packet verification utilities:
- Updated tests/nexus/verify_utils.py to support parsing and
registering more Thread Diagnostic TLVs (MAC Address, IPv6
Address List, Child Table, Channel Pages).
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt and run_nexus_tests.sh to
include the new test.
Review fixes:
- tests/nexus/test_5_7_3.cpp: Use Tlv::Find() for more concise and
idiomatic parsing of Network Diagnostic TLVs.
- tests/nexus/verify_5_7_3.py: Include MED_1 in Router 1's child table
verification.
This commit adds a new Nexus test case for 'Attaching to a Router
with better connectivity' (6.1.3) as specified in the test
specification.
Summary of changes:
- Implemented Nexus test 6.1.3:
- Added tests/nexus/test_6_1_3.cpp: Sets up a topology with a
Leader, three Routers (Router 1, 2, 3), and a DUT (ED/SED).
Configures the AllowList so that Router 3 has better
connectivity than Router 2. Executes the test sequence for
both Topology A (End Device) and Topology B (Sleepy End
Device). Sets log level to note. Refactored 'main' to reduce
code duplication.
- Added tests/nexus/verify_6_1_3.py: PCAP verification script.
Validates that the DUT sends a MLE Parent Request to the
All-Routers multicast address with required TLVs, and
subsequently sends a unicast MLE Child ID Request to Router 3
due to better connectivity. Also verifies ICMPv6 Echo
Request/Reply between Router 3 and the DUT.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 6_1_3 in the
default test list and added expansion logic for A/B topologies.
- Code cleanup and review fixes:
- Refactored 'main' in test_6_1_3.cpp to improve topology and
JSON filename handling.
- Removed redundant include of 'mac/data_poll_sender.hpp'.
- Fixed code style issues identified by 'make-pretty'.
Updates various Nexus test cases to utilize the `kAsFed` `JoinMode`
when calling `Node::Join`. Previously, these tests manually called
`Mle::SetRouterEligible(false)` before joining to configure the device
as a Full End Device (FED). Using the `kAsFed` parameter simplifies
the test code and leverages the existing logic within `Node::Join` to
handle the configuration.
This commit adds a new Nexus test case for 'Connectivity when Parent
Creates Partition' (6.2.1) as specified in the Thread Test
Specification.
The test verifies that a Child (End Device or Sleepy End Device)
maintains connectivity or reattaches to its parent when the current
Leader is removed and the parent Router creates a new partition.
Summary of changes:
- tests/nexus/test_6_2_1.cpp: C++ test execution script.
- Implements support for Topology A (ED) and Topology B (SED).
- Sets up a network with a Leader, Router_1, and the DUT.
- Simulates Leader power-down and verifies that Router_1 becomes
the new Leader.
- Confirms the DUT remains attached or reattaches to Router_1.
- Verifies bidirectional connectivity using ICMPv6 Echo Request.
- tests/nexus/verify_6_2_1.py: Python PCAP verification script.
- Validates the network formation and DUT attachment.
- Verifies that Router_1 creates a new partition with a new ID
after the Leader is removed.
- Validates the ICMPv6 Echo Request and Reply exchange between
Router_1 and the DUT.
- tests/nexus/run_nexus_tests.sh: Updated test runner.
- Added 6_2_1_A and 6_2_1_B to the default test list.
- Added expansion logic to run both topologies for 6_2_1.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
This commit adds a new Nexus test case for 'CoAP Diagnostic Get
Query and Answer Commands – REED' (5.7.2) as specified in the
test specification.
Summary of changes:
- Implemented Nexus test 5.7.2:
- Added tests/nexus/test_5_7_2.cpp: Sets up a topology with a
Leader, 15 Routers, and 1 REED (DUT) attached to Router 1.
Executes the test sequence by sending CoAP Diagnostic Get,
Reset, and Query commands using direct method calls to the
Network Diagnostic Client. Uses AllowList for topology
management and sets log level to note.
- Added tests/nexus/verify_5_7_2.py: PCAP verification script.
Validates that the REED DUT correctly handles diagnostic
requests, ensuring the Timeout TLV is absent in responses
and verifying MAC counter reset functionality. Also validates
multicast query and unicast answer flows.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 5.7.2 in
the default test list.
This commit introduces the `ScanResult` class, which inherits from
`otActiveScanResult`. This new class provides C++ idiomatic getter
methods that return core OpenThread types (e.g., `ExtAddress`,
`ExtendedPanId`, `NetworkName`) instead of raw C structures.
The logic for parsing a received Beacon frame and populating the
result fields is moved into `ScanResult::PopulateFromBeacon()`.
This centralizes the parsing logic and allows it to be reused
across different modules.
Consequently, `Mac`, `DiscoverScanner`, `Seeker`, and
`PanIdQueryServer` are updated to utilize `ScanResult`. The `Mac`
class is also updated to use the `Callback` template for the active
scan handler, replacing the previous raw function pointer and context.
Step 6 of test 5.8.3 requires the DUT to send an MLE Advertisement
reflecting the updated Key Sequence Counter. The previous 10-second
simulation time in this step was occasionally insufficient, as the
default MLE advertisement interval can be up to 32 seconds.
This commit increases the simulation time in Step 6 to 35 seconds
(kMaxAdvertisementTime) to ensure that at least one periodic MLE
Advertisement is captured in the pcap for verification.
This commit introduces a new nested class `Request` within `CoapBase`
to represent a pending CoAP request. The `Request` class encapsulates
the `Message` pointer and its associated `Metadata`, providing helper
methods to manage the metadata stored in the message footer.
It also introduces the `PendingRequests` helper class to manage the
queue of pending requests. This class wraps the underlying
`MessageQueue` and provides typed access to `Request` objects, along
with methods to add, remove, and search for requests.
`CoapBase` is updated to utilize these new classes for tracking
pending requests. This streamlines the logic in
`HandleRetransmissionTimer`, `ProcessReceivedResponse`, and other
methods by abstracting the low-level message and metadata manipulations.
`FinalizeCoapTransaction` is renamed to `FinalizeRequest`.
This commit fixes an intermittent failure in Nexus test 6.1.2 by
setting the REED's router upgrade threshold to 0.
By default, a REED may attempt to upgrade to a Router if the number of
active routers in the network is below a certain threshold. In this
test scenario, we want to ensure the REED remains a child until the
appropriate point in the test sequence. Setting the threshold to 0
prevents premature promotion due to low router count, ensuring more
deterministic test behavior.
This commit fixes an intermittent failure in Nexus Test 5.5.5 where
the verification script failed to find the Address Solicit Request.
The failure was caused by two main factors:
1. Re-attachment timing: The original 120s re-attachment window in
the C++ test was occasionally too short for Router 1 to detect
isolation, perform a new parent search, and complete attachment,
especially when combined with protocol jitter and router timeout.
2. Packet ordering: The Python verification script searched for the
Address Solicit Request only after the Child ID Request. However,
due to randomized router selection jitter, the DUT (REED 1) could
occasionally send the Address Solicit Request before Router 1 had
finished its attachment process.
To fix this:
- Increased kReattachTime from 120s to 140s in the C++ test to
provide a safer margin for re-attachment.
- Updated the verification script to search for the Address Solicit
Request and Link Request starting from the beginning of the
re-attachment process (Step 4), using cascade=False to maintain
the sequential search index for other mandatory packets.
Verified by running multiple repeated iterations of the test.
Previously, `PdPrefixManager::Stop()` was implemented as a call to
`Evaluate()`. The `Evaluate()` method calls `UpdateState()`, which
checks `RoutingManager::IsRunning()` to determine if the state should
be switched to `kDhcp6PdStateStopped`.
However, `RoutingManager::Stop()` calls `PdPrefixManager::Stop()`
before updating its own running state (setting `mIsRunning` to
`false`). As a result, `PdPrefixManager` would incorrectly remain in
`Running` or `Idle` state instead of stopping.
This commit updates `PdPrefixManager::Stop()` to explicitly set the
state to `kDhcp6PdStateStopped`.
This commit adds a new Nexus test case for 'Attaching to a REED'
(6.1.2) as specified in the Thread Test Specification.
The test verifies that both an End Device (ED) and a Sleepy End Device
(SED) can successfully attach to a network through a Router Eligible
End Device (REED). The test ensures that the REED correctly upgrades
to a Router to serve as the device's parent.
Summary of changes:
- tests/nexus/test_6_1_2.cpp: C++ test execution script.
- Refactored to support topology selection via command-line arguments.
- Saves topology-specific JSON metadata (e.g., test_6_1_2_A.json).
- tests/nexus/verify_6_1_2.py: Python PCAP verification script.
- Topology-aware verification supporting both ED and SED keep-alives.
- tests/nexus/run_nexus_tests.sh: Updated test runner.
- Added support for sub-tests with topology suffixes (e.g., 6_1_2_A).
- Automatically expands '6_1_2' into both '6_1_2_A' and '6_1_2_B' runs.
- Isolates artifacts (JSON/PCAP) for each topology run.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
This commit adds a new Nexus test case for 'Key Increment of 1 With
Roll-over' (5.8.3) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.8.3:
- Added test_5_8_3.cpp: Sets up a network with a Leader and a
Router_1 (DUT). Initializes the network with
KeySequenceCounter = 127. Verifies initial MLE and MAC security
parameters. Increments KeySequenceCounter by 1 to trigger a key
rollover and verifies that the DUT correctly switches to the new
key (Key Index = 1).
- Added verify_5_8_3.py: PCAP verification script for test 5.8.3.
Validates MLE Auxiliary Security Header (Key ID Mode, Key
Source, Key Index) and MAC Auxiliary Security Header in Echo
Replies.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.8.3 test executable.
- Updated run_nexus_tests.sh to include 5.8.3 in the default test
list.
This commit adds a new Nexus test case for 'CoAP Diagnostic Get
Request, Response and Reset Commands' (5.7.1) as specified in the
test specification.
Summary of changes:
- Implemented Nexus test 5.7.1:
- Added test_5_7_1.cpp: Sets up a network topology with a Leader,
Router 1 (DUT), and various child nodes (FED, MED, SED, REED).
Executes the 8-step test sequence by sending CoAP Diagnostic
Get and Reset commands from the Leader to the DUT using direct
method calls. Uses AllowList for topology management and sets
log level to note.
- Added verify_5_7_1.py: PCAP verification script for test 5.7.1.
Validates the presence and values of requested Network
Diagnostic TLVs in CoAP requests and responses. Ensures the
DUT correctly handles requests for MAC Counters, Timeout
(omitted), and Child Table, and verifies the reset functionality.
- Enhanced verification utilities:
- Updated verify_utils.py: Added length checks during Thread TLV
parsing in CoAP payloads to handle overlapping TLV types
correctly and prevent verification failures.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.7.1 test executable.
- Updated run_nexus_tests.sh to include 5.7.1 in the default test
list.
This commit adds a new Nexus test case for 'Attaching to a Router'
(6.1.1) as specified in the Thread Test Specification.
The test verifies that both an End Device (ED) and a Sleepy End Device
(SED) can successfully attach to a network.
Summary of changes:
- tests/nexus/test_6_1_1.cpp: C++ test execution script.
- Refactored to support topology selection via command-line arguments.
- Saves topology-specific JSON metadata (e.g., test_6_1_1_A.json).
- tests/nexus/verify_6_1_1.py: Python PCAP verification script.
- Topology-aware verification supporting both ED and SED.
- tests/nexus/run_nexus_tests.sh: Updated test runner.
- Added support for sub-tests with topology suffixes (e.g., 6_1_1_A).
- Automatically expands '6_1_1' into both '6_1_1_A' and '6_1_1_B' runs.
- Isolates artifacts (JSON/PCAP) for each topology run.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
This commit adds a new Nexus test case for 'Key Increment Of 1' (5.8.2)
as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.8.2:
- Added tests/nexus/test_5_8_2.cpp: Sets up a network topology
with a Leader and Router_1 (DUT). Verifies proper decryption
of MAC and MLE packets secured with an incremented key index.
- Added tests/nexus/verify_5_8_2.py: PCAP verification script for
test 5.8.2. Validates key index transitions in MLE Parent Request,
Child ID Request, ICMPv6 Echo, and MLE Advertisements.
- Enhanced pktverify framework:
- Added 'number' property to Packet class and 'frame' object to filter
evaluation context, enabling 'frame.number' checks in verification scripts.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new test.
- Updated tests/nexus/run_nexus_tests.sh to include 5.8.2 in the
default test list.
This commit implements Nexus test case 5.5.7 which verifies the
behavior of a Thread network when three routers are separated from
the leader and eventually merge back into a single partition.
Test details:
- Topology: Leader and three Routers (Router 1, Router 2, Router 3).
- Description: The Leader acts as the sole link between each router.
When the Leader is removed for longer than the leader timeout,
each router forms its own partition. When the Leader returns, it
reattaches to any available router, and eventually all routers
merge back.
Implementation:
- Added tests/nexus/test_5_5_7.cpp for C++ test logic.
- Updated Step 12 to include exhaustive bidirectional connectivity
verification between the leader and all router nodes.
- Added tests/nexus/verify_5_5_7.py for pcap-based verification.
- Updated rejoin steps to correctly handle non-deterministic parent
selection by the leader.
- Improved pcap verification robustness by using pkts.copy() and
handling potential NullFields.
- Added _verify_ping helper to refactor ping verification logic.
- Updated Step 12 to verify full bidirectional connectivity.
- Updated CMakeLists.txt and run_nexus_tests.sh to include the test.
This commit fixes a flakiness issue in Nexus Test 5.5.1 where valid
MLE Advertisements from the Leader were occasionally caught by the
"must not send advertisements" check during reset.
The issue was caused by using the ICMPv6 Echo Request as the start
boundary for the "no advertisement" check. Since there is a small
delay between the Echo Request and the actual Leader reset, the
Leader might send a perfectly valid advertisement during this window.
To fix this, the verification script now:
1. Captures the Echo Reply to ensure the network is responsive
before the reset.
2. Uses the Echo Reply timestamp plus a 2.0-second buffer as the
actual start time for the "no advertisement" check.
3. Filters advertisements in the reset range to only trigger if
they occur after this buffered reset time.
This approach robustly distinguishes between pre-reset and
post-reset packet flows, even with timing jitter or pcap delivery
delays.
This commit adds a new Nexus test case for 'Split and Merge with REED'
(5.5.5) as specified in the Thread Test Specification.
The test demonstrates that a REED will upgrade to a Router when it
becomes a necessary parent for an isolated Router after its previous
neighbor (Router 3) is removed from the network.
Summary of changes:
- tests/nexus/test_5_5_5.cpp: C++ test execution script.
- Sets up a topology with 16 active routers total.
- Uses AllowList to specify exact links between nodes.
- Powerdowns Router 3 to isolate Router 1.
- Verifies REED 1 (DUT) upgrades to router and Router 1 reattaches.
- Includes 1-line log outputs for each test step.
- Uses mesh-local EID for ICMP Echo connectivity verification.
- tests/nexus/verify_5_5_5.py: Python PCAP verification script.
- Verifies all MLE messages and CoAP Address Solicit Request.
- Ensures proper TLVs are present in MLE and CoAP messages.
- Tracks ICMPv6 Echo Request/Reply hop-by-hop through the DUT.
- Follows "one condition per line" style for better readability.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
- tests/nexus/run_nexus_tests.sh: Added 5_5_5 to the default test list.
Adds a new Nexus test case for 'Split and Merge with Routers' (5.5.4.2)
as specified in the test specification. This test verifies that the
DUT (Router_1) correctly joins a new higher-priority partition when
the Leader is removed and later merges back when the Leader returns.
Summary of changes:
- Implemented Nexus test 5.5.4.2:
- Added test_5_5_4_2.cpp: Sets up a topology with a Leader,
DUT (Router_1), Router_2, Router_3, and Router_4. Verifies
partitioning behavior, ensuring the DUT joins the higher-priority
partition formed by Router_3 and later merges with the original
Leader. Uses direct method calls, sets log level to note, and
defines links via AllowList.
- Added verify_5_5_4_2.py: PCAP verification script for test
5.5.4.2. Ensures properly formatted MLE Advertisements, verifies
the DUT does not join a lower-priority singleton partition
prematurely, and validates the reattachment and merge process.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.5.4.2 test executable.
- Updated run_nexus_tests.sh to include 5_5_4_2 in the default test
list.
This commit addresses the occasional failure of Nexus test 5.5.4.1 by
increasing the merge wait time and improving the robustness of the
packet verification script.
Summary of changes:
- In test_5_5_4_1.cpp, increased kMergeWaitTime from 200s to 300s.
This provides sufficient time for all nodes to synchronize their
Mesh-Local Prefix and update their routing tables after the network
partitions merge.
- In verify_5_5_4_1.py, updated Step 6 verification to filter ICMPv6
Echo Request and Reply packets by their specific identifier (0xabcd).
This ensures that the verifier correctly identifies the packets from
the intended test step and avoids matching stale or transient
packets from earlier parts of the test.
This commit updates the Nexus::Node::SetName(prefix, index) method
to use an underscore ('_') instead of a space between the prefix
and the index when generating the node name.
Corresponding verification scripts verify_5_2_3.py and
verify_5_2_4.py are also updated to match the new naming convention
when looking up nodes in the test environment.
All Nexus tests have been verified to pass with this change.
This commit adds a new Nexus test case for 'Split and Merge with
Routers' (5.5.4.1) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.5.4.1:
- Added test_5_5_4_1.cpp: Sets up a network topology with a Leader
(DUT), Router_1, Router_2, Router_3, and Router_4. Verifies
MLE Advertisements from the DUT. Resets the DUT to trigger
network partitions and then merges them back. Uses direct method
calls, AllowList for topology management, and ping markers for
accurate verification.
- Added verify_5_5_4_1.py: PCAP verification script for test
5.5.4.1. Verifies DUT advertisements and ensures they stop during
the reset period. Validates successful communication after the
network merges.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.5.4.1 test executable.
- Updated run_nexus_tests.sh to include 5.5.4.1 in the default test
list.
This commit adds the `Node::FindMatchingAddress()` helper method to the
`Nexus::Node` class. This method simplifies the process of finding a
unicast address on a node that matches a given IPv6 prefix.
This commit adds a new Nexus test case for 'Split and Merge: Branch
with Child' (5.5.3) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.5.3:
- Added tests/nexus/test_5_5_3.cpp: Sets up a network topology
with a Leader, two Routers, and two MEDs. Simulates a network
split by stopping the Leader and allows Routers to form new
partitions. Reintroduces the Leader and verifies that partitions
successfully merge back together. Uses direct method calls,
sets log level to note, and uses AllowList for topology.
- Added tests/nexus/verify_5_5_3.py: PCAP verification script for
test 5.5.3. Ensures correct MLE Advertisement, Parent Request,
Child ID Request, and Address Solicit exchanges during split
and merge. Validates end-to-end ICMPv6 Echo connectivity after
the merge.
- Updated build and execution scripts:
- Modified tests/nexus/CMakeLists.txt to build the new 5.5.3 test.
- Updated tests/nexus/run_nexus_tests.sh to include 5.5.3 in the
default test list.
This commit implements Nexus test case 5.5.2 which verifies the
behavior of a Thread network when the Leader reboots and remains
offline longer than the leader timeout.
Test details:
- Topology: Leader, Router_1, and MED (attached to Router_1).
- Description: When the Leader is restarted and stays rebooted
longer than the leader timeout, Router_1 becomes the new Leader.
When the original Leader returns, it reattaches to the network as
a Router.
Implementation:
- Added tests/nexus/test_5_5_2.cpp for C++ test logic.
- Added tests/nexus/verify_5_5_2.py for pcap-based verification.
- Updated CMakeLists.txt and run_nexus_tests.sh to include the test.
This commit adds a new Nexus test case for 'Leader Reboot < timeout'
(5.5.1) as specified in the Thread Test Specification.
The test demonstrates that when a Leader reboots for a period shorter
than the leader timeout, it successfully reattaches to the network
and remains the Leader without causing partition changes.
Summary of changes:
- tests/nexus/test_5_5_1.cpp: C++ test execution script.
- Sets up a topology with a Leader and a Router.
- Reboots the Leader for 80 seconds (less than the 120s timeout).
- Uses direct method calls and block comments.
- Includes 1-line log outputs for each test step.
- tests/nexus/verify_5_5_1.py: Python PCAP verification script.
- Verifies MLE Advertisements and correct TLVs.
- Ensures Leader stops advertisements during reboot.
- Validates multicast Link Request formatting after reboot.
- Confirms no Parent Request is sent by the Leader.
- Verifies ICMPv6 connectivity after reattachment.
- tests/nexus/CMakeLists.txt: Added the new test to the build system.
- tests/nexus/run_nexus_tests.sh: Added 5_5_1 to the default test list.
This commit removes redundant `p.coap.code == consts.COAP_CODE_ACK`
checks in several Nexus test verification scripts.
The `filter_coap_ack()` function in the `pktverify` framework already
filters for CoAP ACK messages, which involves checking the message
type and the CoAP code. Therefore, adding a manual filter for the same
CoAP code is redundant and can be removed for conciseness.
Summary of changes:
- tests/nexus/verify_5_1_1.py: Remove redundant CoAP ACK code check.
- tests/nexus/verify_5_1_5.py: Remove redundant CoAP ACK code checks.
- tests/nexus/verify_5_1_6.py: Remove redundant CoAP ACK code check.
- tests/nexus/verify_5_2_3.py: Remove redundant CoAP ACK code checks.
- tests/nexus/verify_5_2_6.py: Remove redundant CoAP ACK code check.
This commit adds the filter_ipv6_src() method to the PacketFilter
class in the pktverify framework. This method improves the symmetry
of the filtering API, complementing the existing filter_ipv6_dst().
The new method is used to update several verification scripts in
tests/nexus, replacing manual lambda filters for IPv6 source
addresses with a cleaner and more readable API call.
Updated scripts:
- tests/nexus/verify_5_3_3.py
- tests/nexus/verify_5_3_7.py
- tests/nexus/verify_5_3_8.py
- tests/nexus/verify_5_3_10.py
This commit removes the Python-based thread-cert tests for sections 5.1,
5.2, and 5.3. These tests have been replaced by C++ Nexus tests in
tests/nexus/, which offer better performance, reliability, and
integration with the core OpenThread codebase.
The following Python scripts have been removed from
tests/scripts/thread-cert/:
- Cert_5_1_01 through Cert_5_1_13
- Cert_5_2_01, Cert_5_2_03 through Cert_5_2_07
- Cert_5_3_01 through Cert_5_3_11
The corresponding Nexus tests are available in tests/nexus/ along with
their respective PCAP verification scripts.
Adds a new Nexus test case 5.3.11 to validate 'AQ_TIMEOUT' and
'AQ_RETRY_TIMEOUT' intervals in the Address Query transmission
algorithm.
The test verifies that the DUT:
- Correctly generates Address Query Requests on behalf of its MED
child when sending Echo Requests to a non-existent mesh-local
address.
- Correctly implements the retry delay by NOT initiating a new Address
Query frame if a subsequent Echo Request is sent before the
'ADDRESS_QUERY_INITIAL_RETRY_DELAY' expires.
- Initiates a new Address Query Request if an Echo Request is sent
after the 'ADDRESS_QUERY_INITIAL_RETRY_DELAY' has expired.
Summary of changes:
- tests/nexus/test_5_3_11.cpp: Implemented test logic using direct
method calls and 'AllowList' for topology control.
- tests/nexus/verify_5_3_11.py: Added PCAP verification ensuring correct
Address Query generation and retry interval logic.
- tests/nexus/CMakeLists.txt: Included the new test in the build system.
- tests/nexus/run_nexus_tests.sh: Added 5_3_11 to the default nexus
test list.
Adds a new Nexus test case 5.3.10 to validate that the DUT (Router_2)
correctly generates Address Query messages and responds with Address
Notification messages for SLAAC Global Unicast Addresses (GUAs).
The test verifies that:
- The DUT correctly generates Address Query Requests on behalf of its
child (MED_1) to find Router_1's GUA.
- The DUT properly responds to Address Query Requests from the Border
Router for MED_1's GUA with a CON POST Address Notification.
- The DUT correctly caches mappings and avoids redundant Address Queries
for subsequent requests.
- The DUT removes cached entries when the target's Router ID expires.
- The DUT does not respond with Address Notification after its child
(MED_1) has timed out.
Summary of changes:
- tests/nexus/test_5_3_10.cpp: Implemented test logic using direct
method calls and kLogLevelNote.
- tests/nexus/verify_5_3_10.py: Added PCAP verification script with
robust RLOC16 and IID-based packet identification.
- tests/nexus/CMakeLists.txt: Included the new test in the build system.
- tests/nexus/run_nexus_tests.sh: Added 5_3_10 to the default list.
This commit adds a new Nexus test case for 'Address Query - DHCP GUA'
(5.3.9) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.3.9:
- test_5_3_9.cpp: Sets up a topology with Leader (DHCPv6 Border
Router), Router_1, DUT (Router_2), Router_3, and SED_1
(attached to DUT). Configures DHCPv6 prefixes 2001:: and 2002::
as on-mesh prefixes. Implements test logic using direct method
calls and sets log level to NOTE. Verifies Address Query
generation on behalf of child, Address Notification responding,
caching, and cache eviction.
- verify_5_3_9.py: PCAP verification script for test 5.3.9.
Ensures correct formatting of Address Query (NON POST /a/aq) and
Address Notification (CON POST /a/an) messages. Verifies that
DUT correctly caches addresses and evicts them when Router ID
is expired by the Leader. Also verifies that DUT does not respond
to Address Query for a child that has timed out.
- Updated supporting files:
- CMakeLists.txt: Added building of the 5_3_9 test executable.
- run_nexus_tests.sh: Added 5_3_9 to the default test list.
The test verifies that the DUT is able to generate Address Query
messages on behalf of its children and properly respond with Address
Notification messages to other routers, while correctly managing its
address cache for DHCPv6 GUA addresses.
This commit updates `Seeker` to use `MessageBackedArray` for storing
discovered candidates. This moves candidate storage from statically
allocated RAM in the `Seeker` instance to a `Message` buffer,
reducing the resident memory footprint.
The connection logic is enhanced to prioritize network diversity. The
`Seeker` now attempts to connect to the most favored candidate of
each unique network (Extended PAN ID) first. After exhausting unique
networks, it proceeds to remaining backup candidates. This improves
the likelihood of finding the correct network quickly in multi-network
environments.
The candidate storage policy is updated to limit entries per network
(defined by `kMaxCandidatesPerNetwork`). When storage is full, the
`Seeker` evicts a redundant entry from a well-represented network to
accommodate new network discoveries.
A detailed unit test `test_seeker` is included to validate candidate
tracking and selection order under various scenarios.
Updated the code style in all tests/nexus/verify_5_*.py files to use one
condition per line with the dot operator at the end of the line.
This aligns the scripts with the established pattern in verify_5_1_1.py
and improves readability.
This commit introduces a new helper method `Utils::ToYesNo()` in the
CLI module to convert boolean values into "yes" or "no" strings.
Previously, this conversion was performed using inline ternary
operators (e.g., `val ? "yes" : "no"`) scattered throughout the CLI
implementation. This change replaces these instances with the new
helper method, improving code readability and consistency.
This commit adds CLI support for the Border Agent Admitter feature.
The new commands allow users to enable/disable the admitter, check
its state, configure the joiner UDP port, and list active enrollers
and their accepted joiners.
This change also includes the corresponding documentation in
`src/cli/cli_ba.cpp` and `src/cli/README.md`.
This commit adds a new Nexus test implementing test specification 5.3.8
(MTD Child Address Set).
The test validates that the DUT MTD Child Address Set can hold at least
4 IPv6 non-link-local addresses and that the DUT does not send Address
Query requests for target addresses that should be in its child address
set.
Changes:
- Add tests/nexus/test_5_3_8.cpp to implement the test logic.
- Add tests/nexus/verify_5_3_8.py to verify pcap output.
- Update tests/nexus/CMakeLists.txt to include the new test.
- Update tests/nexus/run_nexus_tests.sh to include 5.3.8 in the default
test list.
This commit adds a new Nexus test case for 'Duplicate Address Detection'
(5.3.7) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.3.7:
- Added test_5_3_7.cpp: Sets up a network topology with a Leader
(DUT), two Routers, two MEDs, and one SED. Configures an on-mesh
prefix and assigns the same IPv6 address to two different nodes
(MED_1 and SED_1). Instructs MED_2 to send an Echo Request to
the duplicate address and verifies the resulting Address Query
and Address Error Notification exchanges. Uses direct method calls
and sets log level to note.
- Added verify_5_3_7.py: PCAP verification script for test 5.3.7.
Ensures that the Leader sends MLE Advertisements, multicasts an
Address Query (/aq) to FF03::2, receives Address Notifications
(/an) from Routers, and finally multicasts an Address Error
Notification (/ae) to FF03::2.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.3_7 test executable.
- Updated run_nexus_tests.sh to include 5_3_7 in the default test
list.
Adds a new Nexus test case for 'Router ID Mask' (5.3.6) as specified
in the test specification. This test verifies that the router ID mask
is managed correctly as connectivity to routers is lost and regained.
Summary of changes:
- Implemented Nexus test 5.3.6:
- Added test_5_3_6.cpp: Sets up a Leader (DUT) and two Routers.
Verifies that the Leader correctly removes Router IDs from its
routing table after connectivity is lost for a prolonged period
and updates them when routers reattach. Uses direct method calls
and AllowList for topology management.
- Added verify_5_3_6.py: PCAP verification script for test 5.3.6.
Ensures MLE Advertisements correctly reflect the addition and
removal of Router IDs from the ID mask.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.3.6 test executable.
- Updated run_nexus_tests.sh to include 5.3.6 in the default test
list.
This commit updates `Ip6::Address` to expose `static` getter methods for
common multicast addresses (e.g., `GetLinkLocalAllNodesMulticast()`)
as public API.
Consequentially, the wrapper `SetTo...` and `Is...` methods for these
multicast addresses are removed. Callers are updated to use the
`static` getters directly. This change simplifies usage by allowing
direct access to the constant address instances, often eliminating
the need for local `Ip6::Address` variables.
This commit adds a new Nexus test case for 'Routing - Link Quality'
(5.3.5) as specified in the Thread Test Specification.
The test validates that the DUT properly routes traffic when link
qualities between nodes are adjusted. It ensures that the shortest
path is chosen based on link costs and that direct neighbors are
prioritized for equal-cost paths.
Summary of changes:
- Implemented Nexus test 5.3.5:
- Added test_5_3_5.cpp: Sets up a multi-hop topology using
AllowList (Leader, DUT, Router 2, Router 3). Adjusts RSSI
to simulate Link Quality levels 3, 2, 1, and 0 between the
Leader and DUT. Initiates pings from Router 3 to Leader.
- Added verify_5_3_5.py: PCAP verification script that validates
multi-hop paths and ensures the 'hopsLft' field in the 6LoWPAN
Mesh Header is correctly maintained.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.3.5 test executable.
- Updated run_nexus_tests.sh to include 5.3.5 in the default list.
Adds a new Nexus test case 5.3.4 to validate that an MTD (Router_1
acting as DUT) correctly maintains an EID-to-RLOC Map Cache for its
Sleepy End Device (SED) child.
The test verifies that the DUT:
- Correctly generates Address Query Requests on behalf of its SED
child when the child sends Echo Requests to multiple MED nodes.
- Properly caches the EID-to-RLOC mappings after receiving Address
Notifications from the Leader.
- Reuses the cached mappings for subsequent Echo Requests from the
SED, without sending additional Address Queries.
Summary of changes:
- tests/nexus/test_5_3_4.cpp: Implemented test logic, refactored with
loops for maintainability.
- tests/nexus/verify_5_3_4.py: Added order-independent verification
for Address Queries and Notifications.
- tests/nexus/CMakeLists.txt: Included the new test in the build
system.
- tests/nexus/run_nexus_tests.sh: Added 5_3_4 to the default nexus
test list.
This commit updates `tests/nexus/CMakeLists.txt` to include
`${OT_CFLAGS}` in `target_compile_options` for `ot-nexus-platform`
and test executables. This enables stricter compiler warnings and
errors during the build process.
It also addresses issues exposed by the new flags, including unused
variables and constants, shadow variable declarations, and member
variable initialization order in constructors.
Adds a new Nexus test case for 'Address Query - ML-EID' (5.3.3) as
specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.3.3:
- test_5_3_3.cpp: Sets up a topology with Leader, Router_1, DUT
(Router_2), Router_3, and MED_1 (attached to DUT). Implements
the test logic using direct method calls and sets log level to
NOTE. Verifies Address Query generation, Address Notification
responding, caching, and cache eviction.
Note: Step 6 is modified to use ML-EID instead of GUA 2001::
as 2001:: is not configured as an on-mesh prefix in the test.
- verify_5_3_3.py: PCAP verification script for test 5.3.3.
Ensures correct formatting of Address Query (NON POST /a/aq) and
Address Notification (CON POST /a/an) messages. Verifies that
DUT correctly caches addresses and evicts them when Router ID
is expired by the Leader.
- Updated supporting files:
- verify_utils.py: Added support for parsing 'NL_ML_EID_TLV' in
CoAP payloads.
- CMakeLists.txt: Added building of the 5_3_3 test executable.
- run_nexus_tests.sh: Added 5_3_3 to the default test list.
The test verifies that the DUT is able to generate Address Query
messages on behalf of its children and properly respond with Address
Notification messages to other routers, while correctly managing its
address cache.
This commit fixes a flakiness in Nexus test 5.2.3 'Leader rejects CoAP
Address Solicit (2-hops from Leader)'.
The test builds a topology with 32 routers (the maximum allowed).
Occasionally, some routers would spontaneously downgrade to REEDs
during the setup phase because the default Router Downgrade Threshold
is 23. This led to failures when the test verified that all 31 joining
nodes had become routers.
The fix sets both 'RouterUpgradeThreshold' and 'RouterDowngradeThreshold'
to 'kMaxRouters' (32) for the leader and all routers, ensuring they
remain in the router role throughout the test.
Additionally, this commit wraps the 'BecomeRouter' call with
'SuccessOrQuit' to resolve a compiler warning and ensure the
operation's success is verified.
Summary of changes:
- Modified tests/nexus/test_5_2_3.cpp to set appropriate router
thresholds and use SuccessOrQuit for role transition.
Adds a new Nexus test case for 'Realm-Local Addressing' (5.3.2) as
specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.3.2:
- Added test_5_3_2.cpp: Sets up a topology with a Leader,
Router 1, Router 2 (DUT), and SED 1. Verifies that the DUT
correctly handles and responds to ICMPv6 Echo Requests sent to
its ML-EID and various Realm-Local multicast addresses
(FF03::1, FF03::2, and Realm-Local All Thread Nodes).
- Added verify_5_3_2.py: PCAP verification script for test 5.3.2.
Ensures that the DUT MUST NOT forward multicast Echo Requests
(FF03::1, FF03::2) to the SED, and that it MUST use IEEE
802.15.4 indirect transmissions to forward the Realm-Local All
Thread Nodes multicast packet to the SED.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.3.2 test executable.
- Updated run_nexus_tests.sh to include 5.3.2 in the default
test list.
This commit fixes a flakiness in Nexus test 5.2.1 'REED Attach'.
The test occasionally failed due to the non-deterministic timing of the
REED_1 upgrade process. In some runs, REED_1 would upgrade to a router
(Step 7) before MED_1 sent its initial Parent Request (Step 6),
causing a mismatch in the strict chronological packet sequence
expected by the verification script.
The verification script is updated to handle Step 6 and Steps 7/8
independently. It now uses separate packet filter copies to find both
sets of events regardless of their relative order. The main packet
index is then advanced to the end of all confirmed activities.
Summary of changes:
- Modified tests/nexus/verify_5_2_1.py to implement flexible order
verification for MED_1 join and REED_1 upgrade events.
Adds a new Nexus test case for 'Link-Local Addressing' (5.3.1) as
specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.3.1:
- Added test_5_3_1.cpp: Sets up a Leader and a Router (DUT)
topology. Leader sends various ICMPv6 Echo Requests (standard and
fragmented, unicast and multicast) to the DUT. Verifies that the
DUT responds with ICMPv6 Echo Replies. Uses direct method calls to
access the core stack.
- Added verify_5_3_1.py: PCAP verification script for test 5.3.1.
Ensures that all Echo Request/Reply exchanges are present in the
pcap and use the correct source and destination addresses.
Follows the one-condition-per-line style for packet filters.
- Updated verify_utils.py to dynamically update the All Thread Nodes
multicast address based on the mesh-local prefix.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.3.1 test executable.
- Updated run_nexus_tests.sh to include 5.3.1 in the default test
list.
- Cleaned up unused constants kEchoResponseTime and kEchoIdentifier in
test_5_3_1.cpp.
This commit fixes a logic error in `test_border_admitter` where the
assignment operator `=` was used instead of the equality operator
`==` inside `VerifyOrQuit()` checks.
Adds a new Nexus test case for 'REED Synchronization' (5.2.7) as
specified in the test specification.
The test validates the REED's Synchronization procedure after
attaching to a network with multiple Routers. A REED must process
incoming Advertisements and perform a one-way frame-counter
synchronization with at least 3 neighboring Routers.
Summary of changes:
- Implemented Nexus test 5.2.7:
- Added test_5_2_7.cpp: Sets up a topology with 16 active
routers (Leader + 15 Routers) and adds a REED last.
Verifies the REED joins and remains a child.
- Added verify_5_2_7.py: PCAP verification script for test
5.2.7, ensuring the REED sends Link Requests and receives
Link Accepts from at least three distinct neighbors with
mandatory TLVs.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.2.7 test
executable.
- Updated run_nexus_tests.sh to include 5.2.7 in the default
test list.
This commit adds a new Nexus test case 5_2_6 which implements the
"Router Downgrade Threshold - REED" test specification.
The test verifies that a router (DUT) will downgrade to a REED when
the network becomes too dense (exceeding the Router Downgrade
Threshold).
Summary of changes:
- Added tests/nexus/test_5_2_6.cpp to execute the test.
- Added tests/nexus/verify_5_2_6.py to verify the pcap output.
- Updated tests/nexus/CMakeLists.txt to include the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 5_2_6 to default tests.
The test builds a topology with 23 initial routers and then adds a 24th
router to trigger the downgrade condition on the DUT, which uses
default thresholds (16/23).
This commit adds a new Nexus test case 5.2.5 which validates that
a Router Eligible End Device (REED) correctly generates Address
Notification messages in response to Address Query messages.
The test implementation includes:
- test_5_2_5.cpp: Sets up a 16-router topology using AllowList
constraints and executes the test procedure.
- verify_5_2_5.py: Verifies the resulting pcap to ensure correct
Address Notification format (Target EID, RLOC16, and ML-EID TLVs)
and Echo Reply sequence.
Summary of changes:
- Added tests/nexus/test_5_2_5.cpp and tests/nexus/verify_5_2_5.py.
- Updated tests/nexus/CMakeLists.txt to include the new test.
- Updated tests/nexus/run_nexus_tests.sh to add 5_2_5 to default tests.
- Enabled OPENTHREAD_CONFIG_DHCP6_CLIENT_ENABLE and
OPENTHREAD_CONFIG_DHCP6_SERVER_ENABLE in
tests/nexus/openthread-core-nexus-config.h to support DHCPv6
prefixes used in the test.
This commit adds helper methods in Nexus to simplify ICMPv6 echo
exchanges:
- `Node::SendEchoRequest()`: sends an ICMPv6 Echo Request with
configurable parameters such as payload size and hop limit.
- `Core::SendAndVerifyEchoRequest()`: sends an Echo Request and
validates the matching Echo Reply within a timeout.
This commit also update various certification tests to use these
helpers, removing duplicate local utility functions.
This commit updates Test5_1_11 in tests/nexus/test_5_1_11.cpp to
properly check the return value of AddRssIn() calls using the
SuccessOrQuit() macro. This ensures that any failure in configuring
the RSSI filters during the test setup is immediately caught.
Adds a new Nexus test case for 'Router Upgrade Threshold - REED' (5.2.4)
as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.2.4:
- test_5_2_4.cpp: Sets up a topology with 16 routers (including Leader)
and verifies that a REED DUT does not upgrade to a router until a
minimal end device (MED) attempts to attach to it.
- verify_5_2_4.py: PCAP verification script for test 5.2.4, ensuring
correct MLE advertisements, Parent/Child ID exchange, Address Solicit
Request formatting, and ICMPv6 Echo connectivity.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5_2_4 test executable.
- Updated run_nexus_tests.sh to include 5_2_4 in the default test list.
The test verifies that the DUT correctly manages the router upgrade
threshold and transitions to the router role when required to support a
child.
Changes 'IsChild()' check to 'IsAttached()' for REED_1 in test 5.2.1.
REED_1 may quickly transition beyond the child state (e.g., to router)
after attaching, causing 'IsChild()' to occasionally fail depending
on the timing of the check. Using 'IsAttached()' ensures the node is
successfully connected to the network regardless of its specific role.
Adds a new Nexus test case for 'Leader rejects CoAP Address Solicit
(2-hops from Leader)' (5.2.3) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.2.3:
- Added test_5_2_3.cpp: Sets up a topology with a Leader, 31 routers
(fully connected to Leader), and a 32nd router (Router 32) that is
2-hops away from the Leader via Router 1. Verifies that the Leader
rejects the Address Solicit Request from the 33rd router with a
'No Address Available' status (1).
- Added verify_5_2_3.py: PCAP verification script for test 5.2.3.
Ensures the Address Solicit Request is sent by Router 32 to the
Leader, and that the Leader responds with a CoAP ACK containing
a Status TLV with value 1 (NL_NO_ADDRESS_AVAILABLE).
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.2.3 test executable.
- Updated run_nexus_tests.sh to include 5.2.3 in the default test
list.
This commit introduces the Border Agent Admitter feature , which
enhances Thread MeshCoP.
A Border Admitter is an enhanced Border Agent that functions as a
traditional BA while enabling new behaviors. It acts as a proxy and
dispatcher, allowing multiple external Enrollers to connect to it. It
then petitions to become the single Active Commissioner on the Thread
mesh, forwards new joiner requests to connected Enrollers, and
manages the session between joiners and multiple Enrollers
The implementation includes three main components:
- `Admitter`: The main class that orchestrates the feature, managing
enroller sessions and aggregating steering data.
- `Arbitrator`: A distributed election mechanism that runs among
Border Admitters on the mesh to select a single "Prime Admitter" by
publishing a new Border Admitter service in the Thread Network
Data.
- `CommissionerPetitioner`: A sub-component responsible for
petitioning the Leader to be granted the commissioner role. It
handles conflicts if another commissioner is already active.
New public APIs are added in `openthread/border_agent_admitter.h`.
This commit also introduces a suite of comprehensive tests for the
Border Admitter functionality under the `nexus` test framework. It
covers various scenarios including:
- Prime Admitter election and role management
- Enroller registration, keep-alive, and timeout interactions
- Handling of commissioner conflicts and petitioner retry mechanisms
- Support for multiple enroller sessions and combined steering data
- Forwarding of Joiner `RelayRx` and `UdpProxy` messages
- Joiner acceptance, release, and expiration tracking
Adds a new Nexus test case for 'REED Attach' (5.2.1) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.2.1:
- Added test_5_2_1.cpp: Sets up a Leader, REED_1, and MED_1 (DUT) topology.
Ensures REED_1 upgrades to a Router when the DUT attaches. Verifies
connectivity from the Leader to the DUT via REED_1 using ICMP Echo.
- Added verify_5_2_1.py: PCAP verification script for test 5.2.1,
ensuring MLE Parent Requests, Address Solicit/Responses, and ICMP
Echo Request/Replies are correctly exchanged and forwarded.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.2.1 test executable.
- Updated run_nexus_tests.sh to include 5.2.1 in the default test list.
Currently, the `run_cert()` function in `run_cert_suite.py` invokes
test scripts using `subprocess.check_call()` without a timeout. This
can cause the test suite to hang indefinitely if a test script fails
to terminate.
This commit updates `run_cert_suite.py` to support a configurable
`--timeout` argument. It passes this timeout to `check_call()` and
handles `subprocess.TimeoutExpired` to log failure and print output
upon timeout.
Additionally, this commit updates `script/test` to pass the
`TEST_TIMEOUT` environment variable to the test runner and updates
GitHub workflow configurations to define specific timeout values for
various test jobs.
Updates the `ot_nexus_test` macro to accept a list of labels for each
test case. This allows for categorizing tests and executing specific
subsets using `ctest -L`.
The tests are now assigned labels such as `core`, `cert`, and `trel`.
The `core` label is used for tests that verify OpenThread core logic
and behavior, distinguishing them from `cert` tests which cover
certification scenarios.
The GitHub workflow is updated to utilize `ctest -L` for running the
tests, replacing the previous `ninja test` command.
This commit adds `MessageBackedArray`, which implements a dynamic
array backed by a `Message` for data storage.
The new array class supports:
- Pushing new elements to the end.
- Reading and writing elements at specific indices.
- Searching in the array to find matching entries.
- Iterating over array elements.
- Clearing the array and freeing the underlying message.
Unit tests are added in `tests/unit/test_msg_backed_array.cpp` to
verify its functionality.
This commit updates `Joiner::Start()` to explicitly call
`SetIdFromIeeeEui64()` when `mDiscerner` is empty. This ensures that
the Joiner ID is freshly derived from the current IEEE EUI-64 address,
guaranteeing correctness even if the address was not ready during
initialization or has changed since the instance was created.
This commit optimizes the CoAP retransmission timer logic by removing
the `ScheduleRetransmissionTimer()` method, which iterated over all
pending requests to determine the next fire time.
The logic is updated as follows:
- `HandleRetransmissionTimer()` now determines the next fire time
while iterating over the `mPendingRequests` list to process
retransmissions. This avoids a redundant second pass over the list.
- `NextFireTime` is used to track the earliest fire time.
- `CopyAndEnqueueMessage()` uses `Timer::FireAtIfEarlier()` to
update the timer only if the new message's fire time is earlier
than the current schedule.
- `DequeueMessage()` no longer triggers a schedule update. If the
dequeued message was the next to expire, the timer will fire,
perform no actions, and then reschedule itself.
This commit removes a debug print statement in the Bytes.__eq__
method that was causing excessive output to stderr during packet
verification. The print statement was logging every byte comparison,
leading to cluttered logs and potentially impacting performance or
causing issues with log analysis.
- Removed print statement from Bytes.__eq__ in
tests/scripts/thread-cert/pktverify/bytes.py.
This commit updates `FreeJoinerFinalizeMessage()` to remove the state
check, allowing the message to be freed regardless of the current
state. It also removes the redundant cleanup in
`PrepareJoinerFinalizeMessage()` since `Joiner::Start()` handles the
cleanup upon error.
The `Joiner::Start()` method allocates the Joiner Finalize message and
then transitions the state to `kStateDiscover` before starting the
Seeker. If starting the Seeker fails, the exit label performs
cleanup, including calling `FreeJoinerFinalizeMessage()`. Previously,
`FreeJoinerFinalizeMessage()` checked that the state was `kStateIdle`
before freeing the message. Since the state had already been updated
to `kStateDiscover`, the message would not be freed, leading to a
message leak on failure.
Adds SuccessOrQuit() around SetRouterEligible() calls in Nexus tests to
properly handle potential errors and ensure test robustness.
Summary of changes:
- Modified tests/nexus/test_5_1_8.cpp, test_5_1_9.cpp, test_5_1_10.cpp,
and test_5_1_11.cpp to wrap SetRouterEligible(false) calls in SuccessOrQuit().
- Verified that tests build and pass correctly with these changes.
Adds a new Nexus test case for 'Router Synchronization after Reset' (5.1.13)
as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.13:
- test_5_1_13.cpp: Sets up a Leader and Router_1 topology,
simulates a router reset, and verifies successful re-synchronization.
- verify_5_1_13.py: PCAP verification script for test 5.1.13, ensuring
correct MLE advertisements, Link Request/Accept exchange, and
proper response timing and TLV validation.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.13 test executable.
- Updated run_nexus_tests.sh to include 5.1.13 in the default test list.
Adds a new Nexus test case for 'New Router Neighbor Synchronization' (5.1.12)
as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.12:
- Added test_5_1_12.cpp: Sets up a topology with a Leader, Router_2,
and DUT. DUT and Router_2 first attach to the Leader, then the
harness enables a direct link between them to trigger the
New Router Neighbor Synchronization procedure.
- Added verify_5_1_12.py: PCAP verification script for test 5.1.12,
ensuring that the DUT sends properly formatted MLE Advertisements
and exchanges Link Request/Accept messages with Router_2 as
required by the specification.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.12 test executable,
inserting it after 5.1.6.
- Updated run_nexus_tests.sh to include 5.1.12 in the default test list.
Adds a new Nexus test case for 'Attaching to a REED with better link
quality' (5.1.11) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.11:
- Added test_5_1_11.cpp: Sets up a topology with Leader, REED_1,
Router_2, and Router_1 (DUT). Configures RSSI to ensure REED_1
has a higher link quality than Router_2. Verifies that the DUT
attaches to REED_1 as its parent.
- Added verify_5_1_11.py: PCAP verification script for test 5.1.11,
validating the MLE Parent Request sequence (Routers then REEDs)
and the final attachment to REED_1.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.11 test executable.
- Updated run_nexus_tests.sh to include 5.1.11 in the default test list.
Adds a new Nexus test case for 'Parent Selection - Superior Link Quality'
(5.1.10) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.10:
- Added test_5_1_10.cpp: Sets up a Leader, Router_1, Router_2, and
Router_3 (DUT) topology. Uses AddRssIn to configure Router_1 with
superior link quality (LQ3) and Router_2/Leader with LQ2 relative
to the DUT. Verifies that the DUT selects Router_1 as its parent
during attachment.
- Added verify_5_1_10.py: PCAP verification script for test 5.1.10,
ensuring that the MLE Parent Request contains the mandatory TLVs
and that the Child ID Request is correctly sent to the superior
link-quality router (Router_1).
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.10 test executable.
- Updated run_nexus_tests.sh to include 5.1.10 in the default test
list.
Adds a new Nexus test case for 'Attaching to a REED with better
connectivity' (5.1.9) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.9:
- Added test_5_1_9.cpp: Sets up a Leader, Router_1, REED_1, REED_2, and
Router_2 (DUT). Configures REED_1 with better connectivity (links to
both Leader and Router_1) than REED_2 (link only to Leader). Verifies
that the DUT selects REED_1 as its parent.
- Added verify_5_1_9.py: PCAP verification script for test 5.1.9,
verifying MLE Parent Requests (Scan Masks 0x80 and 0xC0), Key ID Mode
0x02 in Step 5, ensuring REEDs do not respond to the first Parent
Request, comparing Connectivity TLV contents in Parent Responses to
ensure REED_1 is correctly selected, and ensuring Address Registration
TLV is absent in the Child ID Request.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.9 test executable.
- Updated run_nexus_tests.sh to include 5.1.9 in the default test list.
This commit fixes and enhances `test_coap_block.py`. Previously, the
test masked failures by using multiple trials and suppressing
exceptions. It appeared to pass even though an incorrect regex match
in `coap_wait_request()` caused it to consistently fail.
The regex in `coap_wait_request()` is updated to correctly match CLI
output and capture the CoAP method (GET, PUT, POST, DELETE).
The test script is enhanced by:
- Removing trial/retry logic and exception suppression that masked
previous failures.
- Verifying both request and response messages for GET, PUT, and
POST.
- Validating source IPv6 addresses in requests and responses.
- Ensuring the payload presence matches the expected behavior for each
CoAP method.
Adds a new Nexus test case for 'Attaching to a Router with better
connectivity' (5.1.8) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.8:
- Added test_5_1_8.cpp: Sets up a multi-router topology (Leader <-> R3 <->
R1 <-> R2). Uses AllowList to enforce path costs, verifying that the
DUT (Router_4) selects R3 as its parent since it has the best
connectivity (1 hop to Leader).
- Added verify_5_1_8.py: PCAP verification script for test 5.1.8,
ensuring MLE Parent Request, Parent Responses, and Child ID Request
follow the specification. Validates mandatory TLVs and the absence
of the Address Registration TLV in the Child ID Request.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.8 test executable.
- Updated run_nexus_tests.sh to include 5.1.8 in the default test list.
This commit updates `Coap::BlockwiseTransmitHook` to calculate the
current block count based on the block position (`aPosition`) and
block length (`*aBlockLength`), rather than relying on a `static`
variable.
The previous implementation used a `static uint32_t blockCount` to
track the progress of the block-wise transfer. This approach caused
issues when multiple transfers occurred concurrently or when the
process persisted across test retries (as in the simulation
environment). In such cases, the static variable could become out of
sync, leading to incorrect transfer termination or infinite loops.
By deriving `blockCount` from `aPosition`, the hook becomes stateless
and correctly handles retransmissions and concurrent transfers.
Adds a new Nexus test case for 'Minimum Supported Children – IPv6 Datagram
Buffering' (5.1.7) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.7:
- Added test_5_1_7.cpp: Sets up a Leader, Router_1 (DUT), 4 MEDs, and 6
SEDs. Verifies the DUT can handle the minimum required number of
children and buffers multiple concurrent IPv6 datagrams (including
a 1280-octet MTU packet) destined for SEDs.
- Added verify_5_1_7.py: PCAP verification script for test 5.1.7,
ensuring proper MLE attachment, correct forwarding of ICMPv6 Echo
Requests/Replies, and verification of buffered traffic to SEDs.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.7 test executable.
- Updated run_nexus_tests.sh to include 5.1.7 in the default test list.
This commit updates `CoapBase::ProcessBlockwiseSend()` to ensure a
Payload Marker is appended before adding the first block of data.
`SendMessage()` always calls `ParseHeaderAndOptions()` with
`kRemovePayloadMarkerIfNoPayload`, which removes any existing payload
marker if the message body is empty. However, for block-wise transfers,
the payload is added later via the block-wise transmit hook in
`ProcessBlockwiseSend()`. If the marker was removed, the first
block would be appended directly after the options without a
separator, resulting in a malformed CoAP message.
This change ensures that `ProcessBlockwiseSend()` explicitly restores
or adds the payload marker before appending the block data. The
documentation for `Message::AppendPayloadMarker()` is also updated to
clarify that the method is idempotent, making no changes if a marker
is already present.
Adds a new Nexus test case for 'Leader removes Router ID' (5.1.6) as
specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.6:
- Added test_5_1_6.cpp: Sets up a Leader and Router_1 (DUT) topology.
Verifies that when the Leader de-allocates a Router ID, the DUT
automatically re-attaches.
- Added verify_5_1_6.py: PCAP verification script for test 5.1.6,
ensuring that MLE Parent Request, MLE Child ID Request, and
Address Solicit Request messages follow the specification.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.6 test executable.
- Updated run_nexus_tests.sh to include 5.1.6 in the default test list.
Adds a new Nexus test case for 'Router Address Timeout' (5.1.5) as
specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.5:
- Added test_5_1_5.cpp: Sets up a Leader (DUT) and Router_1 topology.
Verifies that after deallocating a Router ID, the Leader does not
reassign that same Router ID for at least ID_REUSE_DELAY seconds.
Uses direct core method calls and nexus.AdvanceTime() for precise
timing control.
- Added verify_5_1_5.py: PCAP verification script for test 5.1.5,
ensuring that the Address Solicit Response contains a different
Router ID when requested before ID_REUSE_DELAY, and the requested
Router ID when requested after ID_REUSE_DELAY.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.5 test executable.
- Updated run_nexus_tests.sh to include 5.1.5 in the default test list.
Adds a new Nexus test case for 'Router Address Reallocation – DUT creates
new partition' (5.1.4) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.4:
- Added test_5_1_4.cpp: Sets up a Leader, Router_1 (DUT), and Router_2
topology. Uses AllowList to dynamically control connectivity,
verifying that Router_1 creates a new partition when the original
Leader is removed and Router_1 fails to reattach.
- Added verify_5_1_4.py: PCAP verification script for test 5.1.4,
verifying MLE Parent Requests (reattach attempts), new partition
creation, and Address Solicit Response.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.4 test executable.
- Updated run_nexus_tests.sh to include 5.1.4 in the default test list.
This commit introduces Seeker APIs in OpenThread. An earlier commit
extracted the discovery and candidate selection logic from the `Joiner`
role into a new, standalone `Seeker` module.
The `Seeker` is responsible for performing MLE Discover Scans to find
nearby Joiner Router candidates. It prioritizes these candidates based
on RSSI and steering data (indicating whether the Joiner is preferred)
and manages the list of candidates for connection attempts.
This separation allows the `Seeker` functionality to be utilized
independently of the full `Joiner` role, enabling the development of
custom joining mechanisms over Thread.
A new configuration option `OPENTHREAD_CONFIG_SEEKER_ENABLE` has been
added to control the presence of `otSeeker` APIs.
Adds a new Nexus test case for 'Router Address Reallocation – DUT attaches
to new partition' (5.1.3) as specified in the test specification.
Summary of changes:
- Implemented Nexus test 5.1.3:
- Added test_5_1_3.cpp: Sets up a Leader, Router_1 (DUT), and Router_2
topology. Uses AllowList to dynamically control connectivity,
verifying that Router_1 reattaches to a new partition formed by
Router_2 after the original Leader is removed. Uses direct core
method calls and avoids magic numbers.
- Added verify_5_1_3.py: PCAP verification script for test 5.1.3,
ensuring MLE Parent Requests, Child ID Requests, and Address Solicit
messages follow the specification.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.3 test executable.
- Updated run_nexus_tests.sh to include 5.1.3 in the default test list.
This commit adds methods to `CoapBase::Metadata` to encapsulate logic
related to initialization, retransmission checks, and updating
retransmission counters. It also renames member variables for brevity
(e.g., `mRetransmissionsRemaining` to `mRetxRemaining`) and moves
`IsObserveSubscription()` to be a method of `Metadata`.
These changes simplify implementation by delegating metadata-specific
operations to the `Metadata` struct itself.
This commit enhances the DHCPv6 PD prefix conflict detection logic
to check against Route Information Options (RIOs) present in received
Router Advertisements, in addition to the existing check against
on-link prefixes (PIOs).
The conflict detection behavior is event-driven to correctly handle
network propagation delays and valid advertisements:
1. On new prefix assignment (`kPdPrefixChanged`): A strict check is
performed. If the prefix matches any existing RIO from another
router, it is flagged as a conflict.
2. On RA table updates (`kRxRaPrefixTableChanged`): The check focuses
on conflict resolution. Crucially, it ignores new RIO matches
appearing after the prefix has been adopted. This is necessary
because once the BR publishes the PD prefix in Thread Network
Data as the OMR prefix, other BRs will naturally start
advertising it as a RIO to announce reachability.
The unit test `TestDhcp6PdConflict` is updated to verify both the
detection of conflict, its resolution, and that the subsequent RIO
advertisements do not cause a conflict after PD prefix is published
as OMR.
This change introduces a new `Seeker` class to encapsulate the logic
for discovering and prioritizing Joiner Router candidates.
The `Joiner` class is updated to use the `Seeker` to perform the
discovery scan. The `Joiner` provides a callback `EvaluateScanResult`
to the `Seeker` to filter and evaluate scan results based on
Steering Data, preserving the existing behavior.
This change separates the discovery mechanism from the `Joiner` state
machine. This simplifies the `Joiner` implementation and facilitates
future enhancements to the joining process.
This commit makes to changes to how the Joiner Router candidates are
tracked or prioritized.
Adds a new Nexus test case for 'Child Address Timeout' (5.1.2) and
performs several refactorings to improve the nexus test framework.
Summary of changes:
- Implemented Nexus test 5.1.2 (Child Address Timeout):
- Added test_5_1_2.cpp: Sets up a Leader, Router (DUT), MED, and SED
topology with restricted connectivity using AllowList. Verifies
that the parent stops responding to Address Queries for children
after their timeout interval expires.
- Added verify_5_1_2.py: PCAP verification script for test 5.1.2.
- Refactored Nexus verification infrastructure:
- Created verify_utils.py: Shared module for common verification
logic, including monkey-patches for CoapTlvParser and
which_tshark, and a generic 'run_main' test runner function.
- Updated verify_5_1_1.py and verify_5_1_2.py to use verify_utils.py,
significantly reducing boilerplate code.
- Cleaned up imports in verify_utils.py by removing unused logging.
- Updated build and execution scripts:
- Modified CMakeLists.txt to build the new 5.1.2 test executable.
- Updated run_nexus_tests.sh to include 5.1.2 in the default test list.
Automates the execution of Nexus tests on CI using Ubuntu 24.04.
The workflow installs necessary dependencies including ninja-build,
tshark, and pyshark to support both simulation and packet-level
verification.
This script provides a unified entry point for executing Nexus C++
simulations and their corresponding Python packet verification scripts.
It supports running individual test cases or a default suite, handles
PCAP logging, and ensures proper error propagation.
The fix moves the necessary includes outside the FTD/MTD conditional block:
- Added explicit include: #include "common/uptime.hpp" is now included
when OPENTHREAD_CONFIG_UPTIME_ENABLE is defined, regardless of
FTD/MTD mode.
- Extended namespace usage: The using namespace ot; directive now
applies when either FTD/MTD is enabled OR uptime is enabled,
ensuring the namespace is available for the uptime functions.
This ensures that when OPENTHREAD_CONFIG_UPTIME_ENABLE is enabled, the
required headers are included even in RADIO mode, allowing the uptime
functionality to work correctly across all device types.
This commit updates `tests/nexus/test_discover_scan.cpp` to use
`MeshCoP::NetworkIdentity` instead of `MeshCoP::ExtendedPanIdManager`.
The latter was renamed in the core codebase, leading to a build
failure in the nexus discovery scan test.
Introduces `OPENTHREAD_CONFIG_MLE_DISCOVERY_SCAN_REQUEST_CALLBACK_ENABLE`
to conditionally compile the MLE Discovery Request callback feature.
Disabling this feature allows for code size reduction on builds where
it is not needed.
A new Nexus test (`test_discover_scan.cpp`) is added to directly
validate the `otThreadSetDiscoveryRequestCallback()` API behavior.
This new test replaces a now-removed CLI-based test which used
(`discover reqcallback`). This CLI command was originally added for
testing purposes. The CLI command is not helpful as an async event
would produce unsolicited output in the CLI. The new direct C++ test
is a cleaner approach.
This commit adds a Python script to perform automated packet verification
for the Nexus test case 5.1.1 (Attaching), following the Thread
certification specification.
Changes:
- Added tests/nexus/verify_5_1_1.py:
- Implements all steps (1-11) of the 5.1.1 test specification.
- Includes a custom CoAP TLV parser to extract Thread-specific fields
(Status, RLOC16, Router Mask) from CoAP payloads.
- Automatically configures Wireshark preferences for decryption
based on the test's JSON output.
- Includes the full test specification as inline comments.
- Updated tests/scripts/thread-cert/pktverify/layer_fields.py:
- Enhanced the _auto parser to handle boolean strings ('True', 'False')
returned by newer versions of tshark, preventing parsing errors
during verification.
This commit updates `RoutingManager` to detect if a delegated DHCPv6
PD prefix conflicts with any on-link prefix advertised on the
infrastructure link.
This protects against potential DHCPv6 server misbehavior and bugs
where the same prefix might be assigned to multiple requesters.
If a conflict is detected, the delegated PD prefix is marked as
conflicted and is no longer used as the OMR prefix. Instead, we
revert to using the locally generated OMR prefix. If the conflict
is resolved, the delegated PD prefix is used again.
A new unit test `TestDhcp6PdConflict()` is added to verify this
behavior.
This commit adds support for writing test_info.json in the Nexus platform.
The test_info.json file contains information about the test topology,
including node names, roles, and addresses. This information is used by
the packet verification framework to verify the behavior of the network.
Changes:
- Added `Core::SaveTestInfo` to `nexus_core.cpp` to write node information to JSON.
- Added `SetName` and `GetName` to `Node` class in `nexus_node.hpp`.
- Updated `test_5_1_1.cpp` to set node names and call `SaveTestInfo`.
This commit adds a new Nexus test case to verify the "5.1.1 Attaching"
scenario from the Thread certification specification.
The test case verifies that:
1. A node can form a network and become a Leader.
2. A second node can join the network and become a Router.
3. Connectivity between the Leader and Router is functional using ICMPv6 Echo
to Link-Local addresses, verifying both roles as DUT.
The test ensures basic network formation and attachment functionality
within the Nexus simulation environment.
This commit enables PCAP output in the Nexus platform by adding a
Nexus::Pcap utility class and integrating it into the Nexus::Core.
PCAP logging can be enabled by setting the OT_NEXUS_PCAP_FILE
environment variable.
This marks a simulation node as 'awake' whenever an event is sent to
it. This is required because the event will induce processing on the
node followed by an alarm-event sent back to the simulator. The
simulator needs to wait to properly catch this final alarm-event;
otherwise, this alarm-event may be mistakenly processed as
confirmation of a newer event that follows later, in case the OT node
process is lagging in processing as may happen typically in CI
environments.
Also the case of unknown event type is now raised as an exception, to
avoid undetected errors in the simulation. This could cause an event
to be not sent to the node at all while the node's time is updated by
the simulator (using `self.devices[port]['time'] = event_time`) as if
the node is up to date on the latest virtual time, which it isn't,
because an event is not sent to the node.
Also fixes a potential undefined local variable 'data' flagged by the
IDE.
This commit introduces `NetworkIdentity` class to track the network
identity parameters, specifically Extended PAN ID, Network Name and
Domain Name.
The new class replaces the `ExtendedPanIdManager` and
`NetworkNameManager` which are removed by this commit.
This change simplifies `extended_panid.hpp` and `network_name.hpp`.
They now contain only basic type definitions (`ExtendedPanId` and
`NetworkName`). This allows these headers to be included in other
modules without pulling in unnecessary header dependencies.
The IEEE 802.15.4 standard specifies that the FCS is a 16-bit ITU-T
CRC calculated over the bits in the order they are transmitted (LSB
first). The previous implementation used the CrcCalculator with the
CCITT polynomial but processed bytes in an MSB-first manner, which is
incorrect for 802.15.4.
This commit updates Radio::Frame::UpdateFcs() to implement the
reflected CRC-16-CCITT algorithm correctly by processing bits LSB-first
using the reflected polynomial 0x8408.
This commit adds IEEE 802.15.4 FCS (Frame Check Sequence) computation
to the Nexus radio driver. Each frame to be transmitted is updated
with the proper CRC16-CCITT before being passed to the simulation.
Motivation for this change is to ensure that frames captured from
the Nexus simulation have a valid FCS, enabling proper decoding and
display in Wireshark when using pcap output.
This commit updates `Coap::ResponseHandler` to use a single
`Coap::Msg` pointer instead of separate `Message` and `MessageInfo`
pointers. The `Msg` class encapsulates both the CoAP message and its
associated IP message info, simplifying the handler signature and
usage.
It retains support for the legacy `otCoapResponseHandler` signature
(which uses separate parameters) for the public API by introducing
`SendMessageWithResponseHandlerSeparateParams`. This ensures that
public APIs like `otCoapSendRequest` continue to work without
breaking changes while allowing internal modules to benefit from the
simplified interface.
It introduces `CoapBase::SendCallbacks` to consolidate the storage and
invocation logic for different callback types, including the new
`ResponseHandler`, the legacy `ResponseHandlerSeparateParams`, and
block-wise transfer hooks.
All internal modules (MLE, MeshCoP, Network Data, etc.) are updated to
define their response handlers using the new `ResponseHandler`
signature with `Msg` input.
This commit adds a `GenerateRandom()` method to the `ExtendedPanId`
class, enabling the generation of a cryptographically secure random
Extended PAN Identifier.
The `ExtAddress` class inherits from `Equatable<ExtAddress>`, which
already provides an `operator==` implementation that compares
the object's memory content.
This commit adds a `@note` to the documentation of
`otPlatInfraIfDiscoverNat64Prefix` functions to make it clear that any
prefix it supplies will have a lower priority than one discovered via
RA PREF64 option (RFC 8781).
This enables the TCAT Commissioner to receive data such as TLS Alerts,
or asynchronously sent 'event' TLVs, over TLS. Processing TLS Alert
is required to detect the sending of Alert by the TCAT Device, which
is a requirement to be verified in cert tests. An async background
process is started to receive and log the received events.
Also some minor improvements in connection state management: when
certain commands are given after the TCAT link is disconnected, or
when a TCAT link could not be established, a message will be printed
to clearly say it's disconnected, instead of a cryptic error. Error
messages are now clearly prefixed with 'Error:'.
The CA certificate store for CommCert3 is extended with an additional
CA certificate, so that it can be verified in cert tests that a TCAT
Device rejects a wrong Commissioner with a TLS Alert (previously this
couldn't be tested).
Also includes a fix of the pyproject.toml such that Poetry does not
display the long warning on installation.
Also includes an improvement of TLV displaying to the user with a
STRING field, if the value is a string.
Also includes some syntax fixes that were flagged by the IDE, such as
missing return types for methods, or member variables that were not
initialized in the __init__().
This commit introduces a new `otMessageClone()` API to create a
full clone/copy of a message.
Additionally, the documentation for the `otUdpReceive` and
`otUdpHandler` callbacks is polished to improve clarity on message
ownership and lifetime.
This updates the Joiner CLI to use the correct VendorInfo data which
is configured in the build or set at runtime. Benefit is that this
data is also length-checked. Previously, the command could fail when
PACKAGE_VERSION was length > 16.
This commit updates `ApplyDirectTxQueueLimit()` to improve how the
direct tx queue handles frame limits.
Previously, when the direct tx queue reached its configured frame
count threshold, the code attempted to remove aged messages. If this
was insufficient, the new incoming message was dropped.
With this change, after attempting to remove aged messages, the code
now attempts to evict an existing lower-priority message (and all its
frames) from the direct tx queue to make room for a new higher
priority message. If no existing message can be evicted (i.e., all
messages are of higher or equal priority), the new message is
dropped.
This commit updates the `CoapBase::Interceptor` function pointer type
to accept `const Msg &` instead of separate `const Message &` and
`const Ip6::MessageInfo &` arguments. It also reorders the `void *`
to match other CoAP callbacks.
Implementations in `BackboneTmfAgent::Filter` and `Agent::Filter`
have been updated to match the new signature.
This commit introduces a new `VendorInfo` class to encapsulate
vendor-related information such as vendor name, model, and software
version.
Previously, these parameters were managed within the `NetworkDiagnostic`
module. Moving them to a dedicated class facilitates sharing and
utilization by other modules across the OT core (e.g., Border Agent,
TCAT, Joiner).
This change simplifies the `Coap::Message` implementation and removes
the fragile `HelpData` struct which was used to cache header
information within reserved portion of message.
The `Coap::Msg` class is updated to hold the parsed CoAP header
information (type, code, message ID, token). It now inherits from a
new `HeaderInfo` class which contains the parsed fields. This change
helps to simplify many of the call sites which previously had to parse
the header information themselves.
The key changes are:
- The `HelpData` struct is removed from `Coap::Message`.
- `Coap::Msg` is updated to track parsed header info in `HeaderInfo`.
- `otCoapMessageInit()` and `otCoapMessageInitResponse()` now return an
`otError`.
- Methods are renamed to harmonize their names.
- A new unit test `test_coap_message.cpp` is added to verify the
`Coap::Message` implementation.
This commit updates `Mpl::ProcessOption()` to skip MPL processing on
Sleepy End Devices (SEDs) as an optimization. Along with this it
introduces a check to prevent SEDs from processing their own
multicast messages.
Since MPL is now skipped on SEDs, they no longer have a mechanism
for multicast duplicate detection. This can cause an issue when an
SED sends a multicast message to a group it is subscribed to, as its
parent can forward the message back to the SED.
To handle this, `Ip6::DetermineAction()` is updated. For SEDs, it now
checks if the source address of a subscribed multicast message
belongs to the device itself. If it does, the message is not
received, preventing the SED from processing its own looped-back
messages.
The behavior for non-sleepy devices remains unchanged. They continue
to rely on MPL for duplicate suppression.
A default OTNS platform API function otPlatOtnsStatus() is now
provided that writes the status push to the log always (regardless of
configured log level). This is useful as a default handling for apps
built with -DOT_OTNS=ON, avoiding linker errors while not mandating
each platform to implement the API by itself.
Specifically it enables the Posix CLI app ot-cli to be built with OTNS
support, which is required to run Posix nodes in OTNS and receive the
status-push events via stdout logging.
The logging is emitted from the module named "Otns" so that a
simulator or other tool can easily detect the OTNS format status push
events in the log output.
This change moves the TLV value reading logic from static methods in
the `Tlv` class to member methods of the nested `Tlv::Info` class.
The new methods `Tlv::Info::ReadValue()`, `Tlv::Info::ReadStringValue()`,
`Tlv::Info::ReadUintValue()`, and the templated `Tlv::Info::Read<T>()`
operate on an existing `Tlv::Info` object that has already parsed a
TLV from a message.
This improves the API design by having the read operations use the
pre-parsed and validated state within a `Tlv::Info` instance. It
avoids the need to pass the TLV offset to read functions and
eliminates redundant re-parsing of the TLV header on each read,
making the code cleaner and more efficient.
The previous static methods `Tlv::Read<T>()`, `Tlv::ReadStringTlv()`,
and `Tlv::ReadUintTlv()` are removed, and all call sites are updated
to the new pattern.
Refactors the example CLI app and the CLI module code to provide a
default implementation of the 'APP' log output option for any CLI
apps. This default is used when log output is configured to 'APP'
output and the CLI application itself does not provide its own
implementation of `otPlatLog()`.
This extends the current logging option (syslog) for the Posix app
ot-cli with the option to direct the log output to the CLI app, which
then prints it in stdout. This logging option can be enabled using the
existing -DOT_LOG_OUTPUT=APP. Previously, this gave a build error for
the Posix platform. This logging method is useful/required for running
NCPs in OTNS, such that the simulator can capture all log output and
at the same time syslog is not overly burdened on the host machine.
This change renames `Tlv::ParsedInfo` to `Tlv::Info` to make it more
concise and to better reflect its purpose as a metadata holder for a
TLV in a message.
The member variables of `Tlv::Info` are made private and public
accessor methods are introduced to interact with the object's
contenet. This helps ensure that the internal representation of the
parsed TLV information is not modified directly by external modules.
All existing caller are updated to use the new name and the public
helper getter methods.
The Doxygen comments of `Tlv::Info` are also improved for better
clarity. Unit test `test_tlv` is also updated to validate all the
new methods.
When `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` is active, this
change mandates that the vendor name string MUST begin with the "RD:"
prefix. This ensures that reference devices are clearly and
consistently identifiable through network diagnostic queries.
The enforcement is applied at two levels:
- A compile-time `static_assert` is added to validate the default
`OPENTHREAD_CONFIG_NET_DIAG_VENDOR_NAME` at build time. This uses a
new `constexpr` helper utility `CheckConstStringPrefix()`.
- A runtime check is added to `otThreadSetVendorName()`, which will
now return `OT_ERROR_INVALID_ARGS` if an invalid name is provided
on a reference device build.
All related test configurations (`scan-build`, `toranj`, `nexus`) and
CLI tests are updated to reflect this new requirement and validate
it.
Radio recovery that does not fully reset the firmware leads to tables
filling up with duplicate entries. After a few resets, future resets no
longer work. Clearing the tables before inserting entries allows for
their state to be consistent during recovery.
Group mbedTLS configuration macros into logical sections and improve
formatting.
This commit helps prepare for PSA API backend introduction.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This change separates the Connectivity TLV value format from its
logical structure by introducing `ConnectivityTlvValue` (raw format)
and `Connectivity` (parsed info). This replaces the `ConnectivityTlv`
class and enables value format sharing between MLE and Network
Diagnostics (without improper TLV inheritance).
It also updates `ParentCandidate` to use the new `Connectivity` class
for better field encapsulation. It also updates `ConnectivityTlvValue`
parsing to handle optional fields and enforce spec-defined minimums
for these fields.
Replace the include of `<openthread/platform/memory.h>` with
`<openthread/platform/crypto.h>` in the mbedTLS config header file.
Recent PR #12290 introduced `otPlatCryptoCAlloc()` and
`otPlatCryptoFree()` platform APIs and updated the mbedTLS config to
use them. This commit ensures the correct header is included to
prevent build errors regarding use of undeclared functions
(e.g. "error: use of undeclared identifier 'otPlatCryptoCAlloc'").
The router processes its child table every second. After a child
gracefully detaches, wait some time to ensure that the router has
processed the child table entry.
This change simplifies the TLV parsing logic within the
`Client::GetNextDiagTlv()` method.
The manual parsing of basic and extended TLVs is replaced by using the
`Tlv::ParsedInfo` helper method. This encapsulates the parsing
logic, making the `GetNextDiagTlv()` method cleaner and easier to
follow.
Additionally, the `TlvInfo` typedef is renamed to `DiagTlv` to
prevent any confusion with the new `Tlv::ParsedInfo tlvInfo` variable
and to better reflect its purpose.
This commit enhances the parsing of discovery response messages in
`DiscoverScanner::HandleDiscoveryResponse()`.
The parsing logic is updated to first restrict the message to the
content of the `Discovery` TLV. This allows for a simpler and more
robust processing of the nested MeshCoP sub-TLVs. Instead of looping
through all sub-TLVs, the new approach directly looks for each expected
sub-TLV.
This change provides a clearer distinction between required TLVs
(`DiscoveryResponseTlv`, `ExtendedPanIdTlv`, `NetworkNameTlv`) and
optional ones. The handling of optional TLVs like `JoinerUdpPortTlv`
and `SteeringDataTlv` is improved to explicitly manage the case where
they are not found.
Additionally, this commit includes minor cleanups to `SteeringDataTlv`
to simplify its implementation.
This commit introduces `Coap::Msg`, a class that encapsulates
`Coap::Message` and its associated `Ip6::MessageInfo`.
`Coap` methods and TMF resource handlers are updated to use
`Coap::Msg` when handling received messages. This change simplifies
method signatures by reducing the number of parameters and enables
future extensibility for tracking additional information related to
received CoAP messages.
This commit introduces two new platform functions:
- otPlatCryptoCAlloc()
- otPlatCryptoFree()
It also provides a default implementation using the OpenThread Heap.
This API is necessary for the upcoming work related to PSA API
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This commit introduces `LeaderDataTlvValue` as a distinct type to
represent the content of a Leader Data TLV. This allows the same value
format to be shared between the MLE and Network Diagnostic modules.
Previously, `NetworkDiagnostic::LeaderDataTlv` inherited from
`Mle::LeaderDataTlv` to reuse the implementation of the value format.
This inheritance was semantically incorrect, as a Network Diagnostic
TLV is not a specialization of an MLE TLV. The new approach of using
a shared `LeaderDataTlvValue` type provides a cleaner and more
accurate design.
With this change, `LeaderDataTlv` in both modules is now defined as a
`SimpleTlvInfo` type. This enables replacing manual TLV manipulation
with the generic `Tlv::Append<T>()` and `Tlv::Find<T>()` helpers,
making the code at the call sites cleaner and less error-prone.
This change simplifies `DiscoveryRequestTlv` and `DiscoveryResponseTlv`
generation and processing.
New types `DiscoveryRequestTlvValue` and `DiscoveryResponseTlvValue` are
introduced to represent the value (payload) of these TLVs. This s
simplifies the call sites by using the generic `Tlv::Append<T>()` and
`Tlv::Read<T>()`.
This change introduces a new build-time configuration flag,
`OPENTHREAD_CONFIG_JOINER_ADV_EXPERIMENTAL_ENABLE`, to control the
inclusion of the experimental Joiner Advertisement feature.
This behavior was first added in PR #5299. It allows optional
inclusion of a newly proposed Joiner Adv TLV in an MLE Discovery Scan
Request message.
This is an experimental feature and is not part of the Thread
specification. OpenThread's implementation is limited and partial: it
only provides the mechanism for a Joiner to include a new Joiner Adv
TLV in its emitted Discovery Scan Request messages, but does not
include the corresponding logic for the receiver of Scan Request to
read or parse this TLV.
The new flag conditionally compiles this behavior. It allows for the
entire feature to be compiled out, reducing code size and memory
usage for devices that do not require this experimental
functionality. Additionally, this change clarifies the experimental
status of the feature in the documentation.
By default, this is now disabled. It is enabled under posix build for
`toranj` tests so that it is covered in GitHub CI.
This change updates the netlink message handling for the infra link on
the POSIX platform to be more robust and efficient for `RTM_NEWLINK`
and `RTM_DELLINK` messages.
The logic for handling infra index changes is:
1. On `RTM_DELLINK`, the code verifies `ifinfo->ifi_index` is for the
currently infra index `mInfraIfIndex`.
2. On `RTM_NEWLINK`, it identifies the infra by its name
`if_indextoname(ifinfo->ifi_index)` and updates `mInfraIfIndex`.
There was a mistake with the ot_option macro usage. It shall not
contain `,` between arguments.
Signed-off-by: Arkadiusz Balys <arkadiusz.balys@nordicsemi.no>
This change introduces two new CLI commands to the Border Agent module
for managing Thread Administration One-Time Passcodes (TAPs).
The new commands are:
- `ba ephemeralkey generate-tap`: This command generates and outputs a
cryptographically secure random TAP string. Note that it does not
start ephemeral key use with this TAP string.
- `ba ephemeralkey validate-tap <keystring>`: This command validates a
given TAP string by checking its length, character set, and the
Verhoeff checksum.
The change also includes documentation updates and a new test case to
verify the functionality.
The `SteeringData` class and its related methods are moved from
`meshcop.hpp` and `meshcop.cpp` to new dedicated files
`steering_data.hpp` and `steering_data.cpp`.
This change addresses a circular include dependency issue, allowing
`SteeringData` to be included more easily in other parts of the
codebase, such as `meshcop_tlvs.hpp`, without requiring forward
declarations or pulling in unnecessary dependencies from the larger
`meshcop.hpp` header.
This commit introduces a new `otCoapToken` struct and a corresponding
`Coap::Token` class to provide a clear and type-safe representation
of a CoAP message token.
The CoAP APIs are updated to use these new types, replacing the use
of raw `uint8_t` pointers and separate length parameters. This
encapsulation enhances robustness and reduces the potential for
errors in token handling.
The following new APIs are added:
- `otCoapMessageReadToken()`
- `otCoapMessageWriteToken()`
- `otCoapMessageAreTokensEqual()`
Importantly, several older APIs are now marked as deprecated (some
returned pointers directly into `otMessage` data which is unsafe).
While these APIs remain supported for now, their use is discouraged,
and applications should migrate to the new APIs. Deprecated APIs:
- `otCoapMessageGetTokenLength()`
- `otCoapMessageGetToken()`
- `otCoapMessageSetToken()`
The internal implementation is updated to utilize the new `Token`
class, and the CLI implementation is updated to use the new public
APIs. Additionally, Doxygen documentations are updated for the new
and updated APIs.
This commit fixes incorrect return type in doxygen generated doc by
telling doxygen `OT_TOOL_PRINTF_STYLE_FORMAT_ARG_CHECK` should be
expanded. Doxygen got confused with macros following function
declarations.
This commit adds the nullptr check in `SettingsFile::SetSettingsPath`.
If the nullptr is passed to `SettingsFile::SetSettingsPath`, it will
set the settings path to a default path
(OPENTHREAD_CONFIG_POSIX_SETTINGS_PATH).
This commit improves the structure and readability of the CoAP public
API header(`coap.h`) and its implementation (`coap_api.cpp`).
- Reorganizes function and type declarations in `coap.h` and their
corresponding definitions in `coap_api.cpp` into logical groups to
improve clarity. For example, group all block-wise transfer APIs
together. There is no change to the API documentation.
- Moves the definitions of several `static inline` functions
(e.g., `otCoapSendRequest`, `otCoapSendResponse`, and block-wise
transfer variants) from `coap.h` to `coap_api.cpp`.
- Updates `otCoapOptionContentFormat` enum comments to use the `///<`
style for better consistency and alignment.
This commit enables the format-nonliteral check for code missed in
`#12236`. This commit also enables the format-nonliteral warnings in
CMake to catch such warnings in future in CMake build.
This change enhances the CoAP message implementation by enhancing
the nested `Message::Header` class.
This class encapsulates the logic for parsing and managing CoAP
header fields, including version, type, token, code, and message ID.
The main `Message` class methods are updated to delegate header
manipulation to the `Header` class.
The direct bitwise operations for header fields are replaced with the
`ReadBits<>()` and `WriteBits<>()` utility functions for better
clarity and maintainability.
This commit adjusts how the `MAC Mode2 key` is cleared to avoid
invalidating it in certain runtime flows.
In the previous behavior, when the OpenThread instance is initialized,
Mac is constructed and sets the Mode2 key. If
otInstanceErasePersistentInfo is called afterwards, the call chain
reaches KeyManager::DestroyTemporaryKeys(), where the Mode2 key is
cleared. However, there is no subsequent point where the Mode2 key is
re-set. If Thread is then enabled and a frame using Key ID Mode 2 is
received, the Mode2 key remains invalid, which can lead to incorrect
behavior.
To fix this, this commit removes the Mode2 key clearing from
`KeyManager::DestroyTemporaryKeys()` and clears the Mode2 key in the
Mac destructor. This ensures that the Mode2 key stays valid for the
lifetime of the Mac (and thus the OpenThread instance) after
initialization, and is only cleared when Mac is destroyed.
This commit introduces a new `DefineEnumStringArray` macro to simplify
the conversion of enums to their string representations. This
utility uses the X-Macro pattern to generate a `constexpr` lookup
array and validates the enum-to-string mapping at compile time using
`static_assert` checks.
This approach replaces a more verbose and error-prone pattern that
required manual definition of a string array and a separate code for
validation.
This commit enhances the CoAP block-wise transfer implementation by
removing the `BlockWiseData` struct within `Message::HelpData` and its
associated getter/setter methods (e.g., `GetBlockWiseBlockNumber()`,
`SetBlockWiseBlockNumber()`). The `Message` object is no longer
responsible for carrying temporary state related to block-wise transfers,
addressing the fragility of the previous design which used the reserved
header portion of the `Message` to store these properties.
A new `BlockInfo` struct has been introduced to cleanly encapsulate the
three pieces of information from a Block option: `mBlockNumber`,
`mBlockSzx` (size exponent), and `mMoreBlocks` flag. It also includes
utility methods like `GetBlockSize()` and `GetBlockOffsetPosition()` to
simplify calculations.
All methods involved in block-wise transfers in `coap.cpp` (e.g.,
`ProcessBlockwiseSend`, `SendNextBlock1Request`) have been updated to
use the new `BlockInfo` struct. They now create local `BlockInfo`
variables and call `ReadBlockOptionValues()` to populate them.
This commit also includes minor cleanups and improvements:
- "Block size" is now used consistently instead of block length (e.g.,
`kMaxBlockLength` is renamed to `kMaxBlockSize`).
- `OffsetRange` is now used to read the payload in
`SendNextBlock2Request` and `ProcessBlock1Request`, simplifying the
code.
This commit extracts observe-related logic from several methods into
new dedicated helper functions `ProcessObserveSend()` and
`IsObserveSubscription()`.
This change improves the clarity and maintainability of the main CoAP
methods:
- `SendMessage()` now delegates observe cancellation logic to
`ProcessObserveSend()`.
- `ScheduleRetransmissionTimer()` and `HandleRetransmissionTimer()`
use the new `IsObserveSubscription()` helper to determine if a
pending request is an active subscription that should not time
out.
- `ProcessReceivedResponse()` is simplified by separating the control
flow for observe notifications from multicast responses.
This commit allows users to pass the settings path through a command
line flag (`--data-path`) when starting the daemon / cli.
- It introduces `ot::Posix::PlatformSettingsGetPath()` and
`ot::Posix::PlatformSettingsSetPath` to unify the method of getting
/ setting the settings file path.
- If users doesn't not set this flag, the settings path will be
default to OPENTHREAD_CONFIG_POSIX_SETTINGS_PATH.
Introduces a new helper `Tlv::AppendEmptyTlv()` and a templated
version `Tlv::AppendEmpty<TlvType>()` to simplify appending empty TLVs
to a message.
This avoids repetitive manual construction of empty TLVs in different
parts of the codebase.
This commit introduces a new set of static methods to simplify
writing TLVs with variable lengths to a `Message`.
The new mechanism consists of three methods:
- `Tlv::StartTlv()`: Appends a placeholder TLV header and returns a
`Bookmark`.
- `Tlv::AdjustTlv()`: Optionally promotes the TLV to an extended TLV
if the length grows beyond the standard TLV limit. This is an
optimization to avoid large copies within a message.
- `Tlv::EndTlv()`: Calculates the final length and updates the TLV
header, promoting to an extended TLV if necessary.
This new set replaces the common but cumbersome pattern of manually
saving the start offset, appending data, and then back-patching the
length field.
The existing code is updated to use this new, simpler, and more
robust mechanism.
This commit also adds unit tests to validate the new functionality.
Increase the simulation wait time from 2 to 5 seconds in the
`test_mle_msg_key_seq_jump` after child restart.
This larger time window accounts for randomness in the timing of the
Child Update transmission. This makes the test more robust by ensuring
the child has sufficient time to send its "Child Update Request".
This change reorganizes the CoAP blockwise transfer implementation to
improve code structure and readability.
The logic for handling blockwise transfers is extracted from
`ProcessReceivedRequest()` and `ProcessReceivedResponse()` into two new
private helper methods: `ProcessBlockwiseRequest()` and
`ProcessBlockwiseResponse()`.
This separation makes the main request and response processing methods
simpler and more focused on their primary role, delegating the
complexities of blockwise transfers to dedicated functions.
Additionally, this change introduces `Message::UriPathStringBuffer` as a
`typedef` to provide a clear and consistent type for handling URI path
string buffers.
This commit introduces a new generic method `Tlv::ValidateStringValue()`
to provide a unified way of validating string values intended for use
in string-valued TLVs.
This new method checks that a given C string is a valid UTF-8 string
and that its length does not exceed the maximum length defined by the
`StringTlvType`.
The `Joiner::Start()` method is updated to use this new validation
method, which simplifies the code by replacing several explicit and
repetitive checks. This improves code clarity and maintainability by
centralizing the string validation logic.
This commit also adds missing validation for `aVendorModel` in
`Joiner::Start()`
This commit contain style fixes for the `Joiner` for improved
clarity and consistency. Changes include:
- Rename `mCallback` to `mCompletionCallback` and introduce a new
`CompletionCallback` typedef for `otJoinerCallback` to more clearly
indicate its purpose.
- Improve Doxygen comments for the `State` enum to make them more
descriptive.
- Replace the use of `OPENTHREAD_CONFIG_JOINER_MAX_CANDIDATES` macro
with a new private constant `kMaxJoinerRouterCandidates`.
- Reorder private method and member variable declarations in
`joiner.hpp` to follow a more consistent style.
This commit simplifies the block-wise transfer implementation within
`CoapBase::SendMessage()`.
It extract the logic for handling the initial block of an outgoing
block-wise transfer from `CoapBase::SendMessage()` into a new private
method, `ProcessBlockwiseSend()`. This improves readability and
maintainability while removing code duplication when processing
block-wise sends for different message types.
It also cleans up `coap.hpp` by consolidating several declarations
related to block-wise transfers under a single
`OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` block.
This change improves the internal implementation of CoAP block-wise
transfers.
Introduces an internal `Coap::BlockSzx` enum to mirror the public
`otCoapBlockSzx` enum, improving the separation between the API and
the implementation. All internal functions are updated to use the new
`BlockSzx` enum.
The logic from `otCoapBlockSizeFromExponent()` is moved into a new
core `Coap::BlockSizeFromExponent()` function. The public function
becomes a simple wrapper.
A new helper function, `CoapBase::DetermineBlockSzxFromSize()`, is
added to replace a `switch` statement, simplifying the logic for
determining block size from a given buffer length.
`ResourceBlockWise` is updated to inherit from `LinkedListEntry`,
aligning it with the common pattern used for managing resource lists.
This commit introduces enhanced format string checking. It activates a
new compiler warning to identify potential issues with non-literal
format strings and systematically applies format attribute macros to
functions that handle variable arguments.
This commit simplifies the validation of `Coap::TxParameters`.
The primary `SendMessage()` method is updated to accept `TxParameters`
as a pointer, where `nullptr` is mapped to the default `TxParameters`.
The user-provided `TxParameters` are now validated in the primary
`SendMessage()` method by calling `TxParameters::ValidateFor()` replacing
checks previously performed in `coap_api.cpp` source file.
This commit also adds a set of `static_assert()` checks to validate the
default `TxParameters` at compile-time, ensuring all its properties are
within valid ranges and that duration calculations will not cause
an overflow.
This approach simplifies the API by removing the `TxParameters::From()`
helper and centralizes `TxParameters` selection and validation logic
within the core `CoapBase` class.
This commit improves the accuracy of CSL timer fire time by taking
into account the accuracy drift introduced between the current CSL
window and next CSL window.
Original implementation:
- calculate CSL window edges based on current elapsed time
- CSL window edges used to obtain next CSL timer fireAt time
- does not account for additional drift due to accuracy from now until
next CSL window
- undesired outcome: if CSL period is large (e.g. 10s) and accuracy is
poor (e.g. 200ppm), then the additional accuracy drift could be
significant (e.g. 2ms) and the SSED may wake up too late
Suggested implementation:
- calculate the additional expected drift between now and next CSL
window (i.e. periodUs) and account for this difference by setting
CSL timer to fireAt earlier
This commit introduces a new script `update-header-guards.py` which
checks for the presence of header guards in `.h` and `.hpp` files and
automatically updates them, standardizing the header guard name format
across the codebase.
The new format for header guards is derived from the full path of the
file. For example, `src/core/common/notifier.hpp` will use
`OT_CORE_COMMON_NOTIFIER_HPP_`. The guard name includes additional
prefixes such as `OT_` or `OPENTHREAD_` to ensure uniqueness.
This new naming format handles cases where the same filename may be used
in different folders, such as the two `heap.hpp` files located in
`src/core/common` and `src/core/utils`.
It also ensures that public and platform OpenThread headers under
`include/openthread` have uniquely distinct header guard names to avoid
conflicts when these headers are included in other projects.
The new script helped identify issues with existing header files that
lacked header guards (e.g., `posix/system.hpp`) or had improper guards
(e.g., `openthread/link_metrics.h`).
This commit also introduces a new check script `check-header-guards` to
validate that all header guards are correctly formatted. This check is
added to the GitHub CI actions to ensure consistency moving forward.
All existing header files have been updated (using the new script)
to apply the new guard name format.
This commit reorders block-wise related methods in both header and
source files to group them within the same `#if` block. This is a
purely stylistic change to improve code organization and readability
and do not alter any functionality.
This commit updates `Server::PrepareAndSendAnswers()` to utilize
`Tlv::ParsedInfo` for more robust TLV parsing and validation. This
ensures correct validation and size calculation for both standard and
extended TLVs when iterating over TLVs through the received message.
This change also adds an explicit check to skip over extended TLVs,
ensuring the implementation correctly handles cases where extended
TLVs may be present.
This change improves the design and implementation of the CoAP response
caching mechanism.
The main changes are:
- `ResponsesQueue` is renamed to `ResponseCache` to better reflect its
purpose.
- `ResponseCache` is moved to be a private nested class within
`CoapBase` to improve encapsulation.
- The responsibility of sending a cached response is moved into the
`ResponseCache` class. A new `SendCachedResponse()` method handles
finding, cloning, and sending the cached response, which simplifies
the `ProcessReceivedRequest()` method in `CoapBase`.
- Method names within `ResponseCache` are updated for better clarity
(e.g., `DequeueAllResponses()` to `RemoveAll()`).
- Comments are updated to align with the new design.
This change results in a cleaner design with better-defined
responsibilities for the `ResponseCache` and `CoapBase` classes.
This change introduces new overloads for `Coap::SendMessage()` that
accept an `OwnedPtr<Message>`, transferring ownership of the message
to the CoAP layer upon being called.
The modules `BorderAgent` and `Commissioner` are updated to use this
new method. The use of `OwnedPtr<Message>` simplifies the message
allocation and cleanup. This removes the need for manual clean up
calls(e.g., `FreeMessageOnError()`) and makes the code safer.
This commit introduces a new public NAT66 related API function,
`otNat64StateToString()`, to convert an `otNat64State` enum value
into a human-readable string.
The `nat64 state` CLI command is updated to use this new function,
removing its local and duplicated enum-to-string logic.
This commit adds a compile-time check to ensure that
the Linux kernel version is 4.18 or newer for prefix
route metric as `IFA_RT_PRIORITY` attribute for netlink
messages was introduced in v4.18.
`OPENTHREAD_POSIX_CONFIG_INSTALL_OMR_ROUTES_ENABLE` can
be an alternative for prioritizing Off-Mesh-Routable (OMR)
prefixes for older kernels.
This commit enhances the `TestMessage()` unit test by parameterizing
it to run with various reserved length values. The test is now
executed in a loop with a set of different headroom reservation
values.
This change improves test coverage for the `Message` class by
verifying that all its core operations function correctly when
messages are allocated with various initial reserved header lengths.
This commit moves the implementation of `InvokeResponseFallback()` to
the `cpp` file. It also ensures that the implementation follows the
style guide requirement of single `return` from any method/function.
This commit introduces `SafeMultiply()` in `num_utils.hpp` as a
centralized and safe way to multiply two unsigned integers while
checking for overflow.
It updates `Coap::TxParameters::IsValid()` to use this new helper for
validating `TxParameters`, replacing a less robust local `Multiply`
implementation.
It also updates `Heap::CAlloc()` to use this function for safely
calculating the total allocation size.
Unit tests are updated to verify `SafeMultiply()` implementation.
This change moves all public APIs related to the Border Agent's
ephemeral key feature out of `border_agent.h` and into a new,
dedicated header file `border_agent_ephemeral_key.h`.
The corresponding C API implementations are also moved from
`border_agent_api.cpp` into a new dedicated
`border_agent_ephemeral_key_api.cpp` file.
This improves the organization and modularity of the public API,
making the codebase easier to navigate and understand.
This change moves the CLI implementation for the Border Agent from
the main `cli.cpp` into a new dedicated `Ba` class within
`cli_ba.cpp` and `cli_ba.hpp`.
The new `Ba` module is integrated into the main `Interpreter` class,
following the same pattern used by other CLI modules such as `Bbr`
and `Br`. This improves code organization and modularity, making the
CLI codebase easier to navigate and maintain.
The functionality of the `ba` commands remains unchanged.
This commit enhances the build process by introducing a mechanism to
automatically clean intermediate build artifacts. Specifically, it
configures the build script to remove object and archive files, a
process that is conditionally activated, primarily within GitHub
Actions workflows, to optimize build environments and manage disk
space more efficiently.
This commit clarifies the expected platform behavior for handling a
DNS upstream query cancellation.
The previous documentation was inconsistent. The documentation of
`otPlatDnsStartUpstreamQuery()` incorrectly stated that the platform
must not call `otPlatDnsUpstreamQueryDone()` on a cancelled
transaction, while the opposite was mentioned in
`otPlatDnsCancelUpstreamQuery()`.
This is now corrected to state that the platform MUST always invoke
the `otPlatDnsUpstreamQueryDone()` callback for every
`otPlatDnsStartUpstreamQuery()`, even if the query is cancelled using
`otPlatDnsCancelUpstreamQuery()`.
This commit enhances the robustness of interface management with two
improvements:
1. The `SendIcmp6Nd` function now explicitly handles `EADDRNOTAVAIL`
and `ENODEV` errors from the `sendmsg()` system call. These errors
often indicate that the interface is down or has lost its
addresses. Upon that, we trigger an immediate re-evaluation of the
interface's state by calling `otPlatInfraIfStateChanged()`.
2. The `GetFlags` function has been updated to also verify mInfraIndex
and mInfraName not changed.
This commit introduces new APIs to handle Thread Administration
One-Time Passcodes (TAP).
The new `otBorderAgentEphemeralKeyGenerateTap()` API generates a
cryptographically secure 9-character TAP string. This consists of
eight random numeric digits and a final check digit calculated using
the Verhoeff algorithm for error detection.
The corresponding `otBorderAgentEphemeralKeyValidateTap()` API
validates a given TAP string by checking its length, ensuring it
contains only digits, and verifying the Verhoeff checksum.
A new test is added to ensure the correctness of both the generation
and validation logic, covering success and failure scenarios.
This commit introduces a client/server mechanism to the History
Tracker module. This allows a device to query history information
from another device over the Thread network using TMF messages.
The new functionality is composed of three main parts:
- Server (`HistoryTracker::Server`): This component is responsible for
handling incoming TMF query requests (`h/qy`). It collects the
requested local history entries (e.g., Network Info), formats them
into TLVs, and sends them back to the requester in one or more TMF
answer messages (`h/an`). It can fragment large responses into
multiple messages.
- Client (`HistoryTracker::Client`): This provides a new public API
(`otHistoryTrackerQueryNetInfo`) to send a query to a remote
device. It handles sending the request and processing the received
answer(s), passing the retrieved history entries to the user via a
callback. A function to cancel an ongoing query
(`otHistoryTrackerCancelQuery`) is also added.
- TLVs (`history_tracker_tlvs`): New TLVs are defined for the
query/answer protocol, including `RequestTlv` to specify the query
parameters, `AnswerTlv` to manage multi-message responses,
`NetworkInfoTlv` to carry the data, and `QueryIdTlv` to correlate
requests and responses.
A new CLI command, `history query netinfo`, is added to use the new
client API. The existing `history netinfo` output logic is refactored
into helper methods to be shared by both the local and remote history
commands.
The new feature can be enabled/disabled using two new configuration
flags:
- `OPENTHREAD_CONFIG_HISTORY_TRACKER_SERVER_ENABLE`
- `OPENTHREAD_CONFIG_HISTORY_TRACKER_CLIENT_ENABLE`
This commit disables Discovery Proxy in otbr Backbone CI.
Because in this item, `BORDER_ROUTING` is explicitly disabled and it
is required by OT discovery proxy.
This commit removes `"-DOTBR_DNS_UPSTREAM_QUERY=ON"` in build script
because this option will automatically handled in the cmake options
file and it also depends on BORDER_ROUTING. Force it to be ON will
cause a conflict when BORDER_ROUTING is OFF.
This commit updates `RxMessage::Init()` to handle failures when
reserving capacity for the questions array. Previously, an allocation
failure would trigger an assertion.
By switching to `SuccessOrExit`, the method can now gracefully handle
the allocation failure by returning an error and dropping the
message. This aligns with the general error handling strategy for
received messages and makes the implementation more robust against
out-of-memory conditions.
This commit fixes an issue with `Utils::Heap::CAlloc()` method. This
method performs a multiplication of `aCount` and `aSize` input and
then casts the result to `uint16_t`. This commit adds a check to
ensure that this conversion does not result in an integer overflow,
which would cause the size to warp to an unexpected smaller value.
This change adds `EvictActiveCommissioner()` to the Border Agent,
which sends a `LeaderKeepAlive` TMF message with a `StateTlv` of
`kReject` to the Leader, causing the current active commissioner
to be evicted.
The feature is exposed through:
- A new public C API `otBorderAgentEvictActiveCommissioner()`.
- A new CLI command `ba evictcommissioner`.
The entire feature is guarded by a new configuration flag,
`OPENTHREAD_CONFIG_BORDER_AGENT_COMMISSIONER_EVICTION_API_ENABLE`,
which is disabled by default.
This provides an administrator-level tool to remove a stale or
misbehaving commissioner, which is particularly useful when the
commissioner is connected through a different border agent and cannot be
managed locally.
A new test is also added to verify the eviction behavior.
This commit introduces validation for names provided to mDNS browser,
resolver, and querier start and stop functions.
New `ValidateNamesIn()` overloads are added to check the validity of
service types, instance names, and host names passed to APIs like
`otMdnsStartBrowser()`, `otMdnsStartSrvResolver()`, etc.
This commit introduces a set of public APIs to allow manipulation
of `otSteeringData`. The new APIs are provided when the configuration
`OPENTHREAD_CONFIG_MESHCOP_STEERING_DATA_API_ENABLE` is enabled.
The internal `SteeringData` is also improved to enhance robustness.
Methods such as `Init()`, `UpdateBloomFilter()` now return an `Error`
to signal failures on invalid arguments (e.g., invalid length)
instead of asserting.
This commit allows users to pass the POSIX TUN device path
through a command line flag when starting the daemon / cli
when `OT_PLATFORM_NETIF` is enabled.
This commit introduces two new macros, `DeclareTmfResponseHandlerIn`
and `DeclareTmfResponseHandlerFullParamIn`, to simplify the
definition of TMF/CoAP response handlers.
These macros generate the boilerplate code for the `static` callback
method within a class and delegate the call to a non-static member
method with the same name. This removes the repetitive pattern of
manually defining the `static` wrapper in each class.
The existing response handlers across various core components are
updated to use the new helper macros.
This commit removes the build-time check for the order of the `Uri`
enum values. This check is now redundant as the `static_assert` calls
added in #12017 use `AreConstStringsEqual()` to validate the
correctness of the `kEntries` array, ensuring that each URI path is
correctly associated with its corresponding enum value.
This change introduces the Multi-AIL (Adjacent Infrastructure Link) detection state into the Border Agent's state bitmap, which is advertised in the MeshCoP service TXT data.
The new state is encoded in the `sb` (state bitmap) key and has the following values:
0: Multi-AIL detection is disabled.
1: Multi-AIL detection is enabled, but not detected.
2: Multi-AIL detection is enabled, and is detected.
Updates in error handling to ensure that recoverable BLE errors are
logged, failures don't lead to partial TLVs being generated or
processed, and internal allocation failures lead to a GeneralError
status response back to the TCAT Commissioner. In case of likely
unrecoverable TLV damage, or cases where the GeneralError status
response even couldn't be generated, the secure TLS connection is
closed (Disconnect).
BLE ATT MTU handling is updated to use default MTU 23 if fetching the
MTU fails; and more clear check on min MTU. If the platform reports a
very high MTU (above max) this is not seen as an error, but BleSecure
will simply uses the highest usable MTU that it has configured,
whether the platform's report is correct or not.
Close#11536
This change improves type safety and code clarity when handling uptime
values. It introduces two new named types in the `ot` namespace:
- `UptimeMsec`: representing uptime in milliseconds (`uint64_t`)
- `UptimeSec`: representing uptime in seconds (`uint32_t`).
To complement this, the `Uptime` class is renamed to `UptimeTracker` to
clarify its role as the entity that tracks uptime.
The methods within `UptimeTracker` and member variables and parameters
throughout the codebase are updated to use these new, more descriptive
types instead of generic integer types.
Additionally, `UptimeToString()` is now a free function within the `ot`
namespace.
This commit adds a new method, `MergeBloomFilterWith()`, to
`SteeringData` to allow combining two Bloom filters.
The method performs a bitwise OR operation between the current
Steering Data Bloom filter and a given one. It handles cases where
the given filter to merge has a shorter length than the target Bloom
filter. It requires the target filter's length to be a multiple of
the source's length.
A new unit test, `TestSteeringDataBloomFilterMerge()`, is included to
validate the merge logic with various filter length combinations.
This commit introduces a session index tracked by each session
(`CoapDtlsSession`) to uniquely identify sessions in log messages.
The `Manager` now maintains a counter to assign a new index to each
session upon allocation.
Logs are added to track the lifecycle of a session (allocation,
connection, disconnection, deletion, and timeout), with each event
including the session's unique index.
A new templated helper, `Log<kUri>()`, is added to standardize logging
for TMF messages, including response handling. The session index is
included in such logs to provide clearer insight into the processing
of specific TMF commands by Border Agent sessions.
When the CSL feature is first enabled on a child device, the
OpenThread stack starts CSL sampling before sending the Child Update
Request packet. The last CSL sync sample time, initialized as `0`, is
updated only when the Child Update Request is sent. However, since CSL
sampling begins earlier, the first CSL receive operation calculates
the elapsed time in `GetCslWindowEdges` using `0` as the last sync
time.
Similarly, when CSL parameters are re-initialized, the stack should
update `mCslLastSync`. Continuing to use an outdated sync time results
in inaccurate calculations and is not reasonable behavior.
This commit fixed this issue.
This change relocates the `mDelayTimerMinimal` member and its
associated accessor methods, `GetDelayTimerMinimal()` and
`SetDelayTimerMinimal()`, from the `MeshCoP::Leader` class to the
`PendingDatasetManager` class.
This functionality is specific to the handling of the pending
operational dataset. Placing it within `PendingDatasetManager`
improves code structure and cohesion by grouping related parameters
together.
This change renames the `mInfraIfPrefix` in Nat64PrefixManager to
`mPlatformPrefix`.
The original name was ambiguous because both the RA-discovered prefix
`mRaTrackerPrefix` and this prefix are sourced from the infrastructure
link. The new name `mPlatformPrefix` clarifies that this prefix is
discovered through a platform-specific mechanism (e.g., DNS-based
discovery per RFC 7050), distinguishing it from prefixes discovered
directly via RA.
This commit introduces a new API
`otBorderRoutingGetNextNat64PrefixEntry`, which allows iterating
through the table of RA-discovered NAT64 prefixes on the
infrastructure link.
The `br nat64prefixtable command` is added to the CLI to display the
contents of the RA-discovered NAT64 prefix table.
This change moves the state and logic for managing the active
commissioner from `CoapDtlsSession` to the `BorderAgent::Manager`
class.
Previously, each `CoapDtlsSession` instance tracked whether it was the
active commissioner using its own `mIsActiveCommissioner` flag, and
managed its own `mCommissionerAloc` and `mUdpReceiver`.
This commit introduces a single `mCommissionerSession` pointer in the
`Manager` to act as the sole source of truth for the currently active
commissioner. The responsibility for managing the commissioner ALOC and
the associated UDP receiver is also moved to the `Manager`.
This approach reinforces the Thread mesh rule of a single active
commissioner at a time and simplifies the code by centralizing ALOC and
UDP receiver management in one place.
This commit adds select API so that simulation and be integrated with
other mainloops.
This commit also adds a flag to disable UART on simulation platform.
This commit contains some improvements and fixes to the CoAP-observe
(RFC 7641) messaging model implementation.
It also adds an 'expect' test for using the CoAP-observe related CLI
commands.
Specific items:
- ensure that a NON observe request is not acknowledged with an Ack.
- enable a NON observe request to never time out, unless cancelled
explicitly, or unless 0 observe responses are received within the
NON request's timeout period. This fixes an issue that responses
were not recognized anymore by the client after some time.
- allow an observe request to be silently cancelled by the client,
which is the suggested way per RFC 7641, in case a new observe
request is started and the CLI user did not explicitly cancel the
previous observe. This leaves the choice to the CLI user whether to
explicitly cancel or just forget the request.
- ensure that the client accepts CON notifications which are
interspersed with NON notifications per RFC 7641. Previously, this
caused the client to send RST instead of ACK.
- avoids the error 28 ResponseTimeout popping up in various cases by
keeping the observe request active.
- implements the mandatory interspersing of CON notifications when a
NON observe relation is ongoing, per RFC 7641. This is done by
sending a CON notification after every 5 NON notifications, same as
done by libcoap. When such CON notification times out
(i.e. undelivered/unack'ed) then the observe subscription is
automatically cleared after all its retries have been made. During
this effort of trying to deliver the notification, the NON
notifications (in case these follow) are still being sent in
fire-and-forget mode as usual.
- if already one subscription is ongoing, the server will ignore
further subscription requests (Observe Option) per RFC 7641 Section
4.1 and treat the request normally.
- log message at server side when a subscriber is cancelled.
Fixes#11971
This commit introduces a new mDNS OpenThread configuration,
`OPENTHREAD_CONFIG_MULTICAST_DNS_PERSIST_STATE_ON_POST_PROBE_CONFLICT`,
to control behavior when a late conflict is detected for an already
registered mDNS entry.
When this option is enabled (the default), the mDNS entry remains in
the `kRegistered` state, and the device continues to advertise and
answer for the name. This prioritizes advertisement stability, which
is desirable in use cases like the SRP Advertising Proxy where
post-probe conflicts can be transient. If the option is disabled,
the entry's state transitions to `kConflict`, and the device stops
advertising the name.
Regardless of this configuration, the conflict callback is still
invoked, informing other modules (such as the module that requested
the registration) so they can decide on a higher-level resolution
action.
This commit updates `BorderAgent` to correctly handle the `StateTlv`
in a forwarded response from the leader specifically for the response
to a forwarded `kUriLeaderKeepAlive` message.
The leader can reject a previously accepted active commissioner in the
Keep-Alive response by including the `StateTlv` with a `kReject`
status.
This commit ensures that if the `StateTlv` indicates the commissioner
is rejected, the session is properly cleaned up. This cleanup
involves removing the previously added commissioner ALOC and marking
the session as no longer the active commissioner.
This commit replaces `kTimeoutLeaderPetition` (in seconds) with
`kLeaderPetitionTimeout` (in milliseconds). This change avoids
repeated calls to `Time::SecToMsec()` when starting the commissioner
session timer.
Moves `EphemeralKeyManager` class and its implementation from
`border_agent.hpp` and `border_agent.cpp` to their own separate files
`border_agent_ephemeral_key.hpp/cpp`.
This is a structural change to improve code organization and does not
introduce any functional changes.
This commit updates the mDNS initial query logic to allow queries to
continue indefinitely (for shared resource records), instead of
stopping after a fixed number of initial attempts. This is applicable
while there are active browsers/resolvers associated with the query.
The previous implementation already used an exponential backoff but
was limited by `kNumberOfInitialQueries = 3`
This change removes that limit. The exponential backoff strategy is
retained, doubling the query retry interval from 1 second up to a
max of 1 hour, after which queries continue at the max interval. A
random jitter of `1/32` of the interval is also applied to each
retry interval.
This commit forces mLinks.SetRxOnWhenIdle to true when performing an
active scan.
Previously, when we have an SED which is connected to a thread network
(i.e. state == child), it is unable to perform scan command because rx
is turned off.
This commit updates the gn BUILD file so that it's guaranteed to build
according to gn args instead of ignoring them based on default value
assumptions. This ensures setting a gn argument would take effect when
building OpenThread.
This commit also sorts the source file lists.
This commit adds checks in `BorderAgent::HandleTmfProxyTx()` and
`BorderAgent::HandleTmfRelayTx()` to verify that the session belongs
to the current active commissioner rather than a candidate.
Specifically, `HandleTmfProxyTx()` uses the commissioner ALOC as
the sender address, which is available only when commissioner
petition is accepted.
This commit updates the Multi-AIL Detection feature to operate
independently of the Border Routing Manager. This fundamental change
allows the detector to be enabled/disabled on its own, rather than
being tied to the Border Routing Manager's state.
This change also moves the Multi-AIL detection API into a separate
`openthread/multi_ail_detection.h` header and introduces new APIs to
control the detector independently. Corresponding CLI commands are
also added.
The `test-505-multi-ail-detection.py` is also updated to validate
this new independent behavior. In particular that a device that is
not enabled to act as a BR can independently run multi-AIL detection
and determine whether, if it becomes a BR, it will cause multi-AIL
issues.
Add `SuccessOrQuit()` to check the return `Error` value of
`RoutingManager::SetEnabled()` in `fuzz_*.cpp` source files. This
addresses warnings about ignoring the return value.
This commit validates that the Channel Mask TLVs in a TMF Energy
Scan request are non-zero.
Additionally, this commit clamps the Count TLV value to the valid
range (1, 2, and 3) as required by the Thread specification.
The `test_otci` is updated to use count 3 (previously 4).
An Energy Scan request with a zero `Channel Mask` is invalid and
can cause the device to start a scan that takes a long time or
never completes. This change rejects such requests, preventing the
device from getting stuck. This was discovered by
fuzzer test.
This commit changes the mbedtls repo in openthread from source code to
git submodule.
This makes it easier for mbedtls version upgrade. This PR doesn't
upgrade the mbedtls version. v.3.6.0 is stil used to ensure nothing is
broken. The original OT specific build files (BUILD.gn, CMakeLists.txt
and config) are kept and unchanged. I've verified that the headers and
sources in the list of BUILD.gn are correct.
Small change to surface any internal errors in the hash calculations
to the TCAT Commissioner as general error. If not done, such errors
are silently ignored and hard to diagnose in products.
This commit enhances mDNS to allow reprobing for registrations
currently in a conflict state. Upon an explicit `Register()` call,
the mDNS module will now restart the probing process. This allows the
device to attempt to claim the name again if the conflict has been
resolved on the network.
Unit tests are updated to verify this behavior.
This commit suppresses the undefined warnings in mbedtls. To detect
such warnings in OpenThread, this commit also enables warnings check
for gn BUILD and fixes issues found.
`ValidateName()` did not correctly handle names that were exactly the
maximum allowed length (`kMaxNameLength`). A name of this length is
only valid if it ends with a trailing dot. Otherwise, when encoded,
the added root label causes the encoded name to exceed the
`kMaxEncodedLength` of 255 bytes.
This commit updates `ValidateName()` to enforce that any name with
length equal to `kMaxNameLength` must end with a dot character.
It also updates the `TestDnsName` unit test to verify this corrected
behavior, ensuring `ValidateName()` and `AppendName()` handle such
names consistently.
Rename all fuzzer source files in `tests/fuzz` from `{name}.cpp` to
`fuzz_{name}.cpp`.
Update the `ot_nexus_test` macro in `tests/fuzz/CMakeLists.txt` to
reflect this change, using `fuzz_{name}.cpp` as the source file while
naming the test `{name}-fuzzer`.
This change improves consistency and makes it easier to distinguish
fuzzer source files from other similarly named files during searches.
This commit introduces a new configuration option
`OPENTHREAD_CONFIG_DNS_CLIENT_BIND_UDP_TO_THREAD_NETIF` to control
which network interface the DNS client's UDP socket binds to.
When this config is set to 1, the socket is bound to the Thread
network interface (`Ip6::kNetifThreadInternal`).
When the config is set to 0, the socket is bound to the unspecified
network interface (`Ip6::kNetifUnspecified`), allowing DNS messages
to be sent and received over any available network interface. By
default this new config is disabled.
A new CMake option `OT_DNS_CLIENT_BIND_UDP_THREAD_NETIF` is also added
to allow easy configuration of this feature.
The test configurations are updated to ensure both behaviors are
covered.
Remove the `CoapDtlsSession::ForwardContext::ToHeader()` helper method
and move its logic directly into the `HandleCoapResponse()` method.
This simplifies the implementation by removing an unnecessary function
call for a single-use case.
Additionally, convert `ForwardContext` from a `class` to a `struct`.
This change makes the constructor public, removing the need for a
`friend` declaration for `Heap::Allocatable`, and better reflects its
role as a simple data structure.
Moves the management of MeshCoP service TXT data from the
`BorderAgent::Manager` class into the `TxtData` class.
This change improves separation of concerns by isolating all TXT
data-related logic, including vendor TXT data, change callbacks, and
notifier event handling, within the `TxtData` class. The
`BorderAgent::Manager` is simplified and its responsibilities are
more focused.
A new public method, `Refresh()`, is introduced on `TxtData` to
provide a clear API for other modules to signal that the MeshCoP
service TXT data needs to be re-evaluated and updated.
The `HandleCoapResponse` callback in `CoapDtlsSession` is renamed to
`HandleLeaderResponseToFwdTmf`.
The new name more clearly indicates that this callback is used to
handle the response from the leader for a forwarded TMF message.
This improves code readability and makes the role of the callback
more explicit.
When using some special configurations, the ot-cli-ftd will crash. The
crash path is `MessageFramer::PrepareMacHeaders()` ->
`Get<NeighborTable>().FindNeighbor()` ->
`Get<ChildTable>().Contains()`. The crash happens in the
`ChildTable::Contains()`. Here is the system crash message: `kernel:
traps: ot-cli-ftd[122376] trap invalid opcode ip:5640b7713b8e
sp:7ffd6425c5f0 error:0 in ot-cli-ftd[313b8e,5640b7400000+426000]`.
The root cause of the crash is that the CandidateParent is a 4 bytes
aligned class and the Child is a 8 bytes aligned class. When
converting the CandidateParent to Neighbor and then converting the
Neighbor to Child, the program will crash due to the alignment issues.
This commit replace the static_cast with the reinterpret_cast in
ChildTable::Contains() to convert a Neighbor to a Child.
Consolidates the two overloaded `SendErrorMessage()` methods in the
`CoapDtlsSession` class into a single implementation.
The new `SendErrorMessage()` method now accepts the token information
directly, rather than a `Coap::Message` or a `ForwardContext` object.
This simplifies the call sites and removes the now-unused
`CoapCodeFromError()` helper function (the conversion is now done
in the consolidated `SendErrorMessage()`).
This commit adds the adb interface support to expect scripts, so that
we can easily run all expect scripts on Android devices.
Example usages: `spawn_node ${node_id} "adb" "${adb_serial_num}"`.
This commit enhances the `TestNat64PrefixSelection` unit test by
adding more detailed verification of the RA-discovered NAT64 prefix
table managed by `RxRaTracker`.
This commit simplifies the CoAP message forwarding logic within the
`CoapDtlsSession` by removing the `mPetition` and `mSeparate` boolean
flags from the `ForwardContext`.
The `Uri` of the request is now stored directly in `ForwardContext`
and used to determine the logic flow, making the code more explicit
and easier to understand.
The `ForwardToLeader()` is only used with `kUriLeaderPetition` and
`kUriLeaderKeepAlive`, both of which requires a separate
non-confirmable response in addition to an immediate CoAP Ack
(i.e., as if `mSeperate` is `true`).
This change removes the need for intermediate flags and simplifies the
implementation of `ForwardToLeader()`, `SendErrorMessage()`, and the
`ForwardContext` constructor and `ToHeader()` method. The CoAP
message initialization is now more direct, always using
`kTypeNonConfirmable` for forwarded responses and error messages.
This commit updates the `BorderAgent` implementation to consistently
use `OwnedPtr` for managing the lifecycle of `Coap::Message` and
`Message` objects.
This change improves memory safety and simplify the code. Message
objects are now automatically deallocated when the `OwnedPtr` goes
out of scope, which eliminates all manual calls to `FreeMessage()`
and `FreeMessageOnError()`, preventing potential memory leaks and
making the code more robust.
This commit enhances `RxRaTracker` by introducing a new `Events`
struct for handling callbacks. This change replaces the previous
`HandleRxRaTrackerDecisionFactorChanged()` method with a more
versatile `HandleRxRaTrackerEvents()` that accepts the `Events`
struct as an argument.
The new `Events` struct includes boolean flags for:
- `mInitialDiscoveryFinished`
- `mDecisionFactorChanged`
- `mLocalRaHeaderChanged`
This allows `RxRaTracker` to communicate more specific events to
`RoutingManager` and `MultiAilDetector`, enabling them to take
the proper action based on the events. The `SignalTask` has been
renamed to `EventTask` to better reflect its new role in handling
these events.
This commit involves a small enhancement for CSL to optimize for power
consumption after receiving a frame.
Original implementation:
- schedule next CSL window during current CSL timer handle
- even if a frame is received, the scheduled CSL timer is not reset
- SSED wakes up much earlier than required if elapsed time is large
Suggested implementation:
- recalculate CSL timer during `UpdateCslLastSyncTimestamp` if it is
currently running
- SSED can use updated mCslLastSync so that it does not wake up much
earlier after receiving a frame
This commit updates the default TTL values used for mDNS records to
better align with the recommendations.
Previously, a single `kDefaultTtl` of 120 seconds was used for all
records when the registered entry did not explicitly specify the TTL
to use. This commit introduces separate default TTLs:
- `kDefaultAddrTtl` for address records (`AAAA`, `A`) is kept at
120 seconds.
- `kDefaultServiceTtl` for all service records (`PTR`, `SRV`, `TXT`)
is set to 4500 seconds.
- `kDefaultKeyTtl` is also updated to 4500 seconds for `KEY` records.
The code is updated to use the appropriate default TTL based on the
record type.
This commit implements `otPlatDnssdStartBrowser` and
`otPlatDnssdStopBrowser` to support service discovery on NCP.
The platform APIs are intended to be used by
`ServiceDiscovery::Server::DiscoveryProxy` for discovery
functionality. This commit only supports browser for now and will
suppport Srv/Txt/Address resolver in other commits to avoid this
commit from being too large.
This commit contains these changes:
* Add new spinel property for starting / stopping service browser
* Implement encoding/decoding of the new property
* Add unit test for encoding/decoding
* Implement ncp version of dnssd platform API
`otPlatDnssdStartBrowser` and `otPlatDnssdStopBrowser`
* Add property handler to get browser result on NCP side
* Add unit test to verify that the browser callback is correctly
invoked after getting browser result.
This commit introduces support for discovering NAT64 prefixes as
specified in RFC 8781.
The key changes include:
- New `Nat64PrefixInfoOption`: A new `Nat64PrefixInfoOption` class is
added to represent the PREF64 option in ND messages. This handles
parsing the prefix and its lifetime from incoming RAs.
- `RxRaTracker` Enhancement: The `RxRaTracker` is updated to process
`Nat64PrefixInfoOption` from RAs. It now maintains a list of
discovered NAT64 prefixes from routers on the infrastructure link
and determines a "favored" prefix among them.
- `RoutingManager` Update: The `Nat64PrefixManager` is enhanced to
utilize the RA-discovered prefix.
- `test_routing_manager` Update: The `TestNat64PrefixSelection` is
updated to include cases with RA-discovered prefixes.
Adds a new state, `mInitialDiscoveryFinished`, to `RxRaTracker` to
track the completion of the initial router discovery (RS transmission)
process. A new method, `IsInitialRouterDiscoveryFinished()`, exposes
this state.
This new method replaces `IsRsTxInProgress()`, which previously
checked if any RS transmission was ongoing. The new model ensures
the initial discovery is tracked only once after `RxRaTracker`
starts, rather than every time RS messages are sent (e.g., due to
stale timer expiration).
Additionally, the `RoutingManager` now checks this state and ignores
incoming RS messages until the initial router discovery is complete.
This prevents the BR from replying to its own RS messages or sending
an RA prematurely with incomplete information before all routers
are discovered and decision factors are determined.
Multicast addresses with scope larger than `RealmLocal` are no longer
subject to the standard receive filter. They are passed directly to
the host callback, allowing delivery and forwarding by the host.
This fixes a scenario where a `Thread Border Router` receives a
larger-scope multicast from a `Thread Device`. Previously, if the
Border Router was listening on the same multicast address and port,
the receive filter could drop the packet, preventing it from being
forwarded to other interfaces.
This adds support for the TMF command to enable TCAT remotely. A test
is added that uses the 'UDP send' mechanism to send the new TMF
command to a target node.
Some fixes/additions to the test framework are made to support the new
test, including a new argument for udp_send() to send a specific byte
array and udp_rx() to receive data by a UDP client on a node.
This commit introduces a direct callback mechanism from `RxRaTracker`
to `MultiAilDetector` to signal changes in decision factors. This is
in preparation of future changes allowing `MultiAilDetector` to run
independently of `RoutingManager`.
Previously, `RxRaTracker` would signal `RoutingManager`, which in turn
would call `MultiAilDetector::Evaluate()`. This commit refactors this
interaction by adding a new `HandleRxRaTrackerDecisionFactorChanged()`
method to `MultiAilDetector`.
`RxRaTracker` can run independently of `RoutingManager`. Its stale timer
callback should check its own running state (`mIsRunning`) instead of
`RoutingManager`'s state.
This commit corrects the logic in `HandleStaleTimer()` to use the local
`mIsRunning` flag.
This commit introduces the `ChildUpdateResponseInfo` struct to
encapsulate parameters for sending "Child Update Response" messages.
The new struct holds the list of TLVs to include, the received
challenge, and the destination address.
Related methods such as `SendChildUpdateResponse()` are updated to use
the new struct. This simplifies the method signatures by reducing the
number of arguments and improves code clarity by grouping related
data.
Verifies that the peer and socket addresses in `Mle::HandleUdpReceive`
are link-local. This ensures that MLE messages are only processed
from link-local addresses, which is a requirement of the Thread
specification.
The P2P peer can be woken up using the wake-up identifier. The wake-up identifier
is included in the Connection IE. This commit implements methods to the Connection IE
and Frame to process wake-up identifier.
Adds two important notes to the main API documentation header to clarify
critical usage rules for all OpenThread APIs.
- The first note states that all API calls and callbacks must be
invoked from the same OS context (e.g., the same thread).
- The second note clarifies the behavior of output parameters when an
API call returns an error.
This change modifies the handling of incoming ICMPv6 ND messages on the
infrastructure interface. `InfraIf::HandledReceived()` now inspects the
message type and calls the appropriate handler directly.
- Router Advertisement (RA) and Neighbor Advertisement (NA) messages are
now passed directly to `RxRaTracker::HandleRouterAdvertisement()` and
`RxRaTracker::HandleNeighborAdvertisement()` respectively.
- The generic `RoutingManager::HandleReceived()` method is removed.
`RoutingManager` now only handles Router Solicit (RS) messages via
`RoutingManager::HandleRouterSolicit()`.
This simplifies code and gives `RxRaTracker` direct ownership of RA
and NA processing, which aligns better with its role of tracking
information from received RAs and allowing it to run independently of
the `RoutingManager`.
This change moves the `MultiAilDetector` class from being a nested
class within `RoutingManager` to its own dedicated `.hpp` and `.cpp`
files.
An instance of `MultiAilDetector` is now owned by the top-level
`Instance` class, making it a sibling component to `RoutingManager`
and other core components.
This is purely a code organization change and introduces no functional
or logic changes. This prepares for future changes where
`MultiAilDetector` may operate independently of `RoutingManager`.
This change introduces a mechanism to control the `RxRaTracker` from
multiple sources.
A new method `RxRaTracker::SetEnabled()` is added, which accepts a
`Requester` enum. The tracker now maintains separate enable flags for
each requester (e.g., `RoutingManager`).
The `RxRaTracker` will start only when at least one requester has
enabled it AND the infrastructure interface is initialized and running.
It stops when all requesters have disabled it or when the interface
goes down.
The `Start()` and `Stop()` methods are now private, managed by a new
`UpdateState()` method to centralize the state logic. `InfraIf` is
updated to notify `RxRaTracker` of state changes.
This commit adds fake implementations for OT dnssd platform APIs.
The background is that I'm trying to enable the OT Dnssd Server
functions (Discovery Proxy) in ot-br-posix by default. Once it's
enabled, `openthread-ftd` needs implemenation of dnssd platform
APIs. To make some unit tests (in ot-br-posix) build successfully,
these fake implementations are required.
Introduces a new private method `Mle::SendChildUpdateRejectResponse()`
to consolidate the logic for sending a reject response to a
"Child Update Request".
This new method creates a response containing the Source Address TLV,
Status TLV, and (if applicable) Response TLV.
The new method is now used in `Mle::HandleChildUpdateRequestOnChild()`
when the device is not a parent of the sender, and in
`Mle::HandleChildUpdateRequestOnParent()` when a request from an
unknown child is received. This change removes duplicated code from
both locations.
The macro MBEDTLS_SSL_EXPORT_KEYS is added to OT in PR #7025, it is used to
ensure mbedtls_ssl_key_export_type is defined. However, the macro
MBEDTLS_SSL_EXPORT_KEYS has been removed from the mbedtls since mbedtls-3.1.0.
If developers use external mbedtls repo with version 3.1.0 or higher
versions, and missed to define MBEDTLS_SSL_EXPORT_KEYS, it will cause
the KEK won't be set to the KeyManager.
This commit checks whether the mbedtls version is equal to or higher than
3.1.0 to ensure mbedtls_ssl_key_export_type is defined.
Ensure the same challenge is used for all "Child Update Request"
messages sent to the parent while trying to restore the previous
child role.
The challenge is now generated once when the child role restoration
process starts in `PrevRoleRestorer::Start`. This prevents a
situation where a new challenge from a retry could invalidate a
delayed but valid response from the parent that contained the
previous challenge.
Add `OT_BORDER_ROUTING_DHCP6_PD_MIN_LIFETIME ` cmake build option, to
allow customizing the dhcpv6 pd client's minimum lifetime requirement
for different network environments or testing scenarios.
The application of the P2P module may only record the P2P peer's
link-local address for communication. This commit adds an API to
convert the peer's link-local unicast address to the peer's extended
address for tearing down the P2P link.
Adds CLI related configs within the Nexus test build
(`openthread-core-nexus-config.h`) to support fuzz testing of
the CLI module.
The following configurations are added:
- `OPENTHREAD_CONFIG_CLI_MAX_LINE_LENGTH` is increased to 800 to
handle potentially long input strings generated by the fuzzer
without truncation.
- `OPENTHREAD_CONFIG_CLI_LOG_INPUT_OUTPUT_ENABLE` is enabled to log all
input and output through the CLI. This is helpful for debugging
and analyzing fuzzer-generated logs.
This change moves the management of the infrastructure interface state
out of the `RoutingManager` and centralizes it within the `InfraIf`
class. This makes `InfraIf` a more self-contained component and
simplifies the logic in `RoutingManager`.
The `RoutingManager` now depends on an initialized `InfraIf`. Its
`Init()` method is simplified and is now called from
`InfraIf::Init()`.
The public API `otBorderRoutingInit()` now directly initializes the
`InfraIf`. The `InfraIf::Init()` method is updated to support
re-initialization, allowing to switch to a new interface. When
switching, it ensures that components on the previous interface are
stopped before restarting on the new one.
After the P2P link is established, the P2P peer's extended address is
returned as the P2P handle. This commit adds an API to convert the
peer's extended address to the peer's link-local unicast address.
This commit introduces a new feature to parse the MeshCoP service TXT
data from a Border Agent.
The new API `otBorderAgentTxtDataParse()` allows parsing the raw TXT
data into a structured `otBorderAgentTxtDataInfo` object. This can be
used by applications to inspect the capabilities and status of a
discovered Border Agent.
Config `OPENTHREAD_CONFIG_BORDER_AGENT_TXT_DATA_PARSER_ENABLE` controls
this new feature.
The existing test for the Border Agent is updated to validate the new
parser and its output.
This change refines the content of the `ChildUpdateResponse` message
to avoid sending additional TLVs when rejecting a request.
The `ChildUpdateResponse` message is now tailored based on the
triggering `ChildUpdateRequest`. Specifically:
- When rejecting a `ChildUpdateRequest` (and including a Status TLV),
the response will only include a Source Address TLV, a Status TLV,
and, if sent in response to a `ChildUpdateRequest` that contained a
Challenge TLV, a Response TLV.
- The reject response will no longer include the Leader Data, MLE
Frame Counter, and Link Frame Counter TLVs.
- Any requested TLVs (from the `TLV Request TLV` in the
`ChildUpdateRequest`) are now only included in the response when
the request is accepted.
This change updates the jitter calculation for the SRP client's retry
mechanism.
Previously, a fixed jitter value was used. This could lead to
synchronized retries from multiple clients, especially as the retry
interval grows.
The new implementation calculates the jitter as a fraction of the
current retry interval (1/5th), ensuring that the jitter scales with
the wait time. This helps to better decorrelate retries from different
clients.
A new constant `kRetryJitterDivisor` is introduced for this
calculation. The jitter is clamped to a minimum value given by
`kRetryIntervalJitter`.
This commit adds `Dns::Name::ValidateName()` and `ValidateLabel()`
helper methods to validate a DNS name or label.
These methods are used at the entry of the mDNS `Register*()` and
`Unregister*()` public APIs to validate the provided host, service,
and key names. This prevents issues with malformed names and improves
the robustness of the mDNS module.
Includes unit tests for the new validation methods.
This commit adds CMake Presets. The features used in this CMake Presets
requires CMake 3.25. This allows good integration with IDEs including VS
Code.
These presets also works in command line:
```bash
cmake --preset simulation
cmake --build --preset simulation
ctest --preset simulation -R ot-test-message
```
Introduces a new method `ValidateTlvs()` on `NetworkData` to perform
structural validation of all TLVs within the network data.
This new validation is invoked from `Leader::SetNetworkData()` when
receiving new network data. If the new data fails validation, it is
rejected, and the previous network data is restored. This prevents a
device from accepting and propagating malformed network data, which
could lead to parsing errors or undefined behavior on devices.
The validation checks include:
- All TLVs and sub-TLVs are within the network data buffer bounds.
- Known TLV types like `PrefixTlv` and `ServiceTlv` are well-formed
by calling their respective `IsValid()` methods.
- Container TLVs like `BorderRouterTlv` and `HasRouteTlv` have a
length that is an exact multiple of their entry size.
This commit removes a misleading TODO comment in the NAT64 prefix
manager.
The TODO suggested changing the NAT64 prefix publisher check to use
the RLOC16 of the entry in the Network Data. However, this approach is
flawed in scenarios with multiple Border Routers.
When multiple BRs publish the same NAT64 prefix with the same
preference, `FindPreferredNat64Prefix()` may return an entry published
by a different BR. An RLOC16 check would then incorrectly cause the
current BR to believe it did not publish the prefix, potentially
leading it to withdraw its entry and cause network instability.
This commit renames NAT64 prefix discovery handler functions in
`RoutingManager` and `Nat64PrefixManager` to be more specific. This is
a non-functional refactoring that improves code clarity and
maintainability.
The new names, `HandleInfraIfDiscoverNat64PrefixDone` and
`HandleInfraIfDiscoverDone`, clarify that these handlers are for NAT64
prefixes discovered on the infrastructure interface.
This change makes the code easier to understand and prepares it for
potential future enhancements, such as discovering NAT64 prefixes from
Router Advertisements.
This commit makes the callback handlers in `InfraIf` private and
declares the C-style platform functions as friends.
This change improves encapsulation by restricting the visibility of
these internal handler methods. The public API of `InfraIf` is made
cleaner, and only the intended callers (the platform callbacks) are
granted access.
This change modifies `HandleChildUpdateRequest()` to allow a detached
child that is restoring its previous role to process a "Child Update
Request" from its former parent.
When in this state, the device will respond to the request but will
not save any of the content (TLVs) from the message, as the child has
not yet established trust with any device (including its former
parent) and therefore cannot authenticate the freshness of the
received request.
This change handles the scenario where a child and its parent may be
reset simultaneously. It allows the parent to first restore its link
with the child through a "Child Update" exchange, which can then be
followed by the child sending its own "Child Update Request" to
re-establish the link. Without this change, a communication impasse
could occur where the parent rejects the child's request (as the
child is not yet valid), and the child ignores the parent's request
(as it is not yet attached). This change prevents devices from
resorting to a full re-attachment, thereby improving network
resilience and recovery time.
A new test is added to emulate this scenario and verify that the child
restores its role correctly without performing a full attach.
Adds a destructor to the `Dns::Client` class to ensure that `Stop()`
is called when a `Client` object is destroyed (freeing all allocated
queries).
This change prevents false memory leak reports from fuzzer tests when
an `ot::Instance` is destroyed during ongoing DNS queries (retries).
This commit moves the `InfraIf` member from `RoutingManager` to be
owned directly by the `Instance`.
This change aligns the ownership of `InfraIf` with other core
components and simplifies dependencies. Decoupling `InfraIf` from
`RoutingManager` allows it to be accessed separately.
This change makes the NAT64-related method in `InfraIf`
conditionally compiled based on the configuration
`OPENTHREAD_CONFIG_NAT64_BORDER_ROUTING_ENABLE`.
The methods `DiscoverNat64Prefix()`, `DiscoverNat64PrefixDone()`,
and are now entirely excluded from the build when NAT64 border
routing is disabled.
This change introduces compile-time validation for the `kEntries`
array in `uri_paths.cpp` to ensure the array's order matches the
`Uri` enum definitions.
A new `constexpr` function, `AreConstStringsEqual()`, is added to allow
for string comparisons at compile time, which is necessary for use
within `static_assert` in C++11.
A series of `static_assert()` checks are added to `uri_paths.cpp`.
These assertions verify that each URI path string in the `kEntries`
lookup table is correctly placed at the index corresponding to its
`UriPath` enum value.
This prevents potential bugs caused by accidental reordering of either
the enum or the array, ensuring the mapping between them remains
correct. If the order is changed incorrectly, the build will now fail,
immediately alerting the developer.
`cli_coap.cpp` and `cli_coap_secure.cpp` both try to print `uint32_t`
values with `%i`, which causes build errors on some systems.
This commit uses `%lu` together with `ToUlong` to fix this and make
the code more portable.
Additionally, `%u` was used to print unsigned values instead of `%i`
This commit introduces a new `MeshCoP::BorderAgent::TxtData` class to
encapsulate the logic for preparing the Border Agent's MeshCoP
service TXT data.
The TXT data generation logic is moved from the `BorderAgent::Manager`
into the new `TxtData` class. This refactoring improves modularity
and maintainability and prepares for the future addition of a MeshCoP
TXT data parser.
This change moves the `RsSender` class from `RoutingManager` to
`RxRaTracker`.
The `RxRaTracker` is responsible for tracking received Router
Advertisements (RAs). Since sending Router Solicitations (RS) is the
mechanism to discover routers and solicit RAs, it is more appropriate
for `RxRaTracker` to own the `RsSender`.
This improves the separation of concerns by centralizing the logic for
both sending RS messages and processing the resulting RAs within the
`RxRaTracker` class. The `RoutingManager` is now decoupled from the
details of the RS transmission process.
The `IsRsTxInProgress()` method is also moved to `RxRaTracker` and its
Doxygen documentation is improved to provide more detail on the RS
transmission process.
Renames the callback used by `RxRaTracker` to inform `RoutingManager`
to `HandleRxRaTrackerDecisionFactorChanged()`.
This name more accurately reflects the triggering condition, as the
callback is invoked whenever any of the "decision factors" change,
not just when the on-link prefix table is updated.
For consistency, the related method in `OnLinkPrefixManager` is also
renamed to `HandleRxRaTrackerChanged()`.
This change replaces all instances of the null character literal
'\0' with the `kNullChar` constant throughout the `src/core/` files.
This improves code readability and consistency, making the intent
of the code more explicit.
This change makes the `RxRaTracker` a direct listener of network data
change events from the `Notifier`.
Previously, the `RoutingManager` would receive the network data change
event and then call `RxRaTracker::HandleNetDataChange()`. This
created an unnecessary dependency between the two components.
By making `RxRaTracker` a direct listener, we decouple it from
`RoutingManager`. The `HandleNetDataChange()` method in `RxRaTracker`
is also made private as it is now only called from within the class.
This commit introduces new Network Diagnostic TLVs to report Border
Router information. It implements the server and client side logic to
support these new TLVs:
- BR state (38) - `uint8` value as `otBorderRoutingState`.
- BR Infra Interface Addresses (39) - list of IPv6 addresses
- BR Local OMR Prefix (40) - local (ULA) OMR prefix
- BR DHCPv6-PD OMR prefix (41) - DHCPv6-PD prefix (if any)
- BR Local On-link Prefix (42) - local on-link prefix
- BR Favored On-link Prefix (43) -favored discovered on-link on AIL
The various BR prefix TLV values are encoded as a fixed 8 bytes value
corresponding to the IPv6 prefix bytes (`/64`) in big-endian order.
This commit updates the `networkdiagnostic get` CLI command to display
the information from these new TLVs.
It also includes a test (added in `test-503-peer-tbr-discovery.py`) to
verify the new TLVs and the CLI commands.
This change reorganizes the `BorderAgent` related classes into a new
`MeshCoP::BorderAgent` namespace to improve code structure and clarity.
The following changes are included:
- `MeshCoP::BorderAgent` class is renamed to `Manager` and placed
within the new `MeshCoP::BorderAgent` namespace.
- `MeshCoP::BorderAgentTracker` is renamed to `Tracker` under the
new namespace.
- `EphemeralKeyManager` is moved from being a nested class in
`BorderAgent` to `MeshCoP::BorderAgent::EphemeralKeyManager`.
- `EphemeralKeyManager` is now a direct member of the `Instance` class,
simplifying accessing it.
All related calls and test files are updated to reflect these
changes.
This commit separates the `RxRaTracker` logic from `RoutingManager`
into its own class and source files.
Previously, `RxRaTracker` was a nested class within `RoutingManager`.
This change moves it to `src/core/border_router/rx_ra_tracker.hpp`
and `src/core/border_router/rx_ra_tracker.cpp`, making it a
standalone class within the `ot::BorderRouter` namespace.
This separation improves modularity and prepares for future changes
where `RxRaTracker` may operate independently of `RoutingManager`.
This change adds a check at the beginning of `RegisterService()`
to ensure that the border agent is enabled before attempting to
register a service.
Previously, methods like `SetServiceBaseName()` would call
`RegisterService()` regardless of whether the agent was enabled,
leading to unintended service registration attempts on a disabled
agent.
This commit also adds a new test case to verify that changing the
service base name on a disabled border agent does not result in a
service being registered.
This fixes the issue that some required Python modules were missing in
pyproject.toml. To avoid Python version conflicts with the
cryptography module, the minimum Python version is raised to
3.10. Also, the name, version and description of the project are
updated. Module versions are updated to recent (2025) versions.
For Windows, a platform-specific import of pyreadline3 is added. Due
to this conditional dependency, the poetry.lock file is removed from
the repository: it is now necessarily specific to each platform and
has to be locally generated.
host-RCP time sync interval is in configuration file.
Added in cmake to use user defined RCP time sync internval during build.
Signed-off-by: ashish <ashish.vara@nxp.com>
Introduces a new `BorderAgentTracker` module to discover and track
Border Agents on the infrastructure link.
The tracker browses for the `_meshcop._udp` mDNS service and maintains
a list of discovered Border Agents. For each discovered service, it
resolves the port, host name, TXT record, and host addresses.
This change also adds new public otBorderAgentTracker APIs,
corresponding `batracker` CLI commands, and a new Nexus test case to
validate the behavior.
Increases the `nexus.AdvanceTime()` in the CLI fuzzer test from 10 to
60 seconds to make the test more robust.
For example, the previous 10-second wait was not sufficient for
`Dns::Client` operations to complete, especially considering retries.
This could cause false fuzzer memory leak reports.
This change introduces new files `br_log.cpp` and `br_log.hpp` to
house common logging helper functions for the border router modules.
Helper functions for logging Router Advertisement (RA) headers, Prefix
Information Options (PIO), Route Information Options (RIO), and other
related options are moved into this new module.
The log module name is also updated from `RoutingManager` to a more
general `BorderRouting`.
This change improves code structure by decoupling logging
functionalities from the `RoutingManager`.
Introduces a new `br_types.hpp` header and `br_types.cpp` source
file to centralize common data structures and type definitions used
across border router modules.
This change moves several classes from `routing_manager.hpp` to the
new `br_types.hpp` header. The moved classes include
`LifetimedPrefix`, `OnLinkPrefix`, `RoutePrefix`, `RdnssAddress`,
`IfAddress`, `OmrPrefix`, and `FavoredOmrPrefix`.
Additionally, common `typedef`s (e.g., `RoutePreference`,
`PrefixTableEntry`) and helper functions like `IsValidOmrPrefix()` are
relocated to the new files.
This improves the code structure by decoupling these shared types from
the main `RoutingManager` class, making them more reusable and easier
to maintain.
When handling a parent request, a response is not sent if the device
is not attached, or if it is attaching. However if the device starts
the attachment process between queuing the parent response and
actually sending it, the parent response will be sent from an invalid
state.
This commit causes all queued parent response messages to be removed
when the device begins the attachment process, to avoid stale messages
from being sent on the link.
This change enhances the `DelayedSender::Match()` method to support a
wildcard destination address. When the unspecified address (`::`) is
provided, the address check is skipped, allowing a match against any
destination.
A new private helper method, `LogRemove()`, is introduced to ensure
accurate logging when removing a delayed message schedule. Previously,
`RemoveMatchingSchedules()` would log the address passed to it, which
could be the wildcard `::` address. The new `LogRemove()` method
logs the actual destination from the scheduled message header
before it is removed.
This adds a BLE 'non-advertising' state in which BLE is enabled for connections, but not advertising.
- If the TCAT agent is not started and BLE is started, BLE advertising will be enabled by default.
- If the TCAT agent is started, then BLE advertising is under control of the TCAT agent - depending on its state.
The TCAT agent, while started, can be now in standby mode or in active mode. In standby, it doesn't
advertise and doesn't allow incoming TCAT connections. In active mode, it allows both advertising and incoming
connections. Timed activation of the active mode is also possible. CLI commands are added to test the new modes and
timed activation.
Existing architecture is not changed (BLE-Secure is in control and has all APIs to access TCAT agent).
It also fixes some (API) documentation and clarifies this where needed. Also, an error-value bugfix is done.
The TcatAgent is now added to instance.hpp/cpp, because that is required to use a timer from within
TcatAgent.
Log messages of TcatAgent are shortened and more often try to use an identical constant string value.
This saves memory in the binary, due to string re-use.
The "join callback" is clarified and extended to support callback to the application when the TCAT Commissioner
instructs the TCAT Device to try join a Thread network, or leave a Thread network.
This commit provides more structured logging for ssl.py errors, and
displays the OpenSSL verify error code. This is used for certification
to validate reasons of handshake failure.
This commit allows compiling the OpenThread RCP in OTNS mode.
This allows OTBR to attach seamlessly to OTNS.
* Add the mOtns attribute to Instance::Instance when compiled
with OPENTHREAD_RADIO=1
* Add src/core/utils/otns.cpp to the RCP build.
Only the necessary functions are compiled in RCP mode.
Other functions such as EmitPingRequest and EmitPingReply
that require IPv6 stack support are not compiled in RCP
and are therefore moved into adequate
`#if OPENTHREAD_MTD || OPENTHREAD_FTD` guards.
* Ensure the RCP emits the needed events in src/core/radio/radio.cpp
when compiled with OTNS support.
This change updates `BorderAgent::PrepareServiceTxtData()` to read the
Network Name (`nn` key) and Extended PAN ID (`xp` key) from the
Active Dataset, after verifying that the dataset is valid and has an
active timestamp.
Previously, these values were read directly from `NetworkNameManager`
and `ExtendedPanIdManager`, which could provide default or initial
values (during stack initialization). Reading from the Active Dataset
ensures that the advertised service TXT data is consistent with the
dataset currently in use by the device.
The `ValidateMeshCoPTxtData()` test is updated to reflect this
behavior.
This commit adds public getter functions to acquire a pointer for
the single OpenThread instance or one associated with a provided index.
An index to instance reference getter function was previously implemented
in the core instance interface, but this capability was not publicly accessible.
The accessor function introduced in this commit will now allow for platforms
or application code to perform this mapping. Corresponding changes for the
single instance case are also included.
This commit adds a field UDP port in the property
SPINEL_PROP_BORDER_AGENT_EPHEMERAL_KEY_STATE.
Similar as `SPINEL_PROP_BORDER_AGENT_MESHCOP_SERVICE_STATE`, NCP needs
to sync the UDP port number to the host as well so that the UDP proxy
on the host can correctly map the port and forward the UDP packet to
the NCP.
I missed the field in the previous commit. But since the spinel
property was just added recently and it hasn't been put into usage, I
think it's fine to change the existing spinel protocol.
This prevents the leader from allowing FTD devices' address solicit to
succeed while it is in the attaching state.
Upon processing an advertisement from a different partition, the
leader may evaluate it's own partition to be a singleton vs another
partition with routers and choose to start attaching. If a router is
upgraded during that time, the leader is committed to leaving already
and the other devices on that partition may get stranded if the router
is upgraded.
i.e. The router and other devices may now see the partition as
non-singleton, and if it has a higher partition ID than other
partitions, they will be stuck for the duration of the network ID
timeout.
Introduces a new template helper function `SetToUintMax()` in
`common/num_utils.hpp`. This function sets a given unsigned integer
variable to its maximum possible value.
The `SetToUintMax()` function infers the type of the variable,
ensuring that the correct `NumericLimits<...>::kMax` is used. This
prevents potential bugs where a variable could be assigned the max
value of a wrong `uint` type.
Existing code across different modules is updated to use this new
helper function, improving code safety and robustness.
Make `RoutingManager::GetNextRdnssAddrEntry()` and
`RoutingManager::GetNextIfAddrEntry()` const.
These methods are simple getters that do not modify the state of
`RoutingManager` and call const methods on `mRxRaTracker`. This change
makes them consistent with other similar getter methods in
RoutingManager like `GetNextPrefixTableEntry()` and
`GetNextRouterEntry()`.
The description of the method `otPlatRadioEnableCsl()` requires the platform
to include the CSL IE in the enhanced ACK when the received data frame's source
address matches the CSL receiver's peer address. This commit implements this
requirement in the simulation radio.
Note that `otPlatInfraIfDiscoverNat64Prefix` has an empty
implementation now and it always returns UNIMPLEMENTED error. So now
we constantly see the warn log on devices, which is confusing.
Expands and reorganizes the `cli debug` commands list to provide a
more comprehensive diagnostic snapshot of a device's state.
Key enhancements include:
- Expanded State Information: Adds commands for general device state
(uptime, netstat), detailed neighbor connection times, and mesh
topology diagnostics.
- Comprehensive Border Router Data: Includes detailed information for
multi-AIL status, discovered peer BRs, infrastructure routers, and
DNS-SD tables.
- Detailed Counters & History: Adds specific counters for IP, MAC,
MLE, and BR modules, along with network history for prefixes,
routes, and neighbors.
Consolidates the two overloaded `Peer::Matches()` methods for service
and host name matching into a single method.
This change introduces a new `NameMatchType` enum, which is used to
specify whether to match against a service name or a host name. This
removes the need for the now-unnecessary `ServiceNameMatcher` and
`HostNameMatcher` structs, simplifying the calling code and the `Peer`
class.
This change enhances `NetDataBrTracker` to support filtering of Border
Routers.
The `NetDataPeerBrTracker` is renamed to `NetDataBrTracker` to reflect
that it can now track all Border Routers, not just peers.
A new `Filter` enum is introduced with `kAllBorderRouters` and
`kExcludeThisDevice` options. This allows callers to specify whether
to include the current device in the list of Border Routers.
The `CountPeerBrs()` and `GetNext()` methods are updated to
`CountBrs()` and `GetNext()` respectively, and now accept a `Filter`
parameter.
This change provides more flexibility to the `NetDataBrTracker` and
makes the code more reusable. The unit tests are also updated to
clean up resources to avoid heap allocation leaks at the end of
tests.
This change enhances the move semantics for heap-allocated container
classes (`Array`, `Data`, and `String`) by introducing a consistent
pattern.
A new `Move()` method is added to `Heap::Array`, `Heap::Data`, and
`Heap::String`. This method returns an rvalue reference to the object,
making the intent to transfer ownership explicit at the call site.
The existing `TakeFrom()` methods are updated to accept an rvalue
reference and now include a check to prevent self-assignment, which
improves robustness.
For consistency, `Heap::Data::SetFrom(Data&&)` and
`Heap::String::Set(String&&)` are renamed to `TakeFrom()`.
All call sites are updated to use the new `foo.TakeFrom(bar.Move())`
pattern, replacing the more verbose and less clear
`static_cast<...&&>(bar)`.
Unit tests are updated to validate the new `TakeFrom()` and `Move()`
semantics, including tests for self-assignment and moving from a
null (empty) container
In `NetDataPeerBrTracker::CountPeerBrs()` method, the `aMinAge`
output parameter is a `uint32_t` but it was incorrectly
initialized to `NumericLimits<uint16_t>::kMax`.
This change corrects the initialization to use the
`NumericLimits<uint32_t>::kMax` to ensure the minimum age
calculation functions correctly over the full 32-bit range.
This change moves the logic for iterating over the `NetDataPeerBrTracker`
entries from `RoutingManager::RxRaTracker::Iterator` directly into the
`NetDataPeerBrTracker::GetNext()` method.
This decouples the `NetDataPeerBrTracker` from the `RoutingManager`'s
iterator implementation, allowing the removal of `RoutingManager` as a
friend class of `NetDataPeerBrTracker`.
This commit also includes smaller enhancements and changes to the
`RoutingManager::RxRaTracker::Iterator`:
- `Iterator::EntryType` is renamed to `PrefixType` for clarity.
- `Iterator::AdvanceToNextEntry()` is renamed to
`AdvanceToNextPrefixEntry()`.
Moves the nested `RoutingManager::NetDataPeerBrTracker` class into its
own standalone class `BorderRouter::NetDataPeerBrTracker` in new
files `br_tracker.cpp` and `br_tracker.hpp`.
`NetDataPeerBrTracker` is now instantiated as a member of `Instance`
and is no longer owned by `RoutingManager`.
There is no logical/behavioral change in the `NetDataPeerBrTracker`
functionality.
Public C APIs `otBorderRoutingGetNextPeerBrEntry()` and
`otBorderRoutingCountPeerBrs()` are updated to get and use the
`NetDataPeerBrTracker` component.
This commit moves the `SlaacAddress` module from `src/core/utils`
to `src/core/net`.
This change also updates the namespace from `ot::Utils` to
`ot::Ip6` and updates all includes and usages throughout the
codebase.
The `SlaacAddress` module was originally placed in `core/utils`
as SLAAC management was historically handled by the platform.
Now that the OpenThread stack manages SLAAC directly, this logic
is better placed under `core/net`.
This allows a node to asses its LinkQuality In to its neighbors.
Similar to what is already available via router info.
Useful when not all its neighbors are routers.
Previously, when the translator ran out of IPv4 addresses or mapping
pool entries, any new NAT64 translation attempt would fail until
earlier entries reached their expiration time. The default expiration
time is long (7200 seconds / 2 hours).
This commit introduces a mechanism to evict existing "stale" mappings
(old but not yet expired) to make room for new ones.
This is handled by the new `EvictStaleMapping()` method, which is
called from `AllocateIp4Address()` and `AllocateMapping()` when
resources are full. A mapping is only eligible for eviction after a
minimum idle period (`kMinEvictTimeout`) which is set to 2 minutes
(matching `UDP_MIN` in RFC 6146).
The eviction logic prioritizes mappings based on protocol usage and
last use time. The preference for eviction, from most to least
preferred, is:
1. ICMP-only mappings
2. UDP (and possibly ICMP) mappings
3. TCP (and possibly other) mappings
If two mappings are in the same category, the one that has been
idle for the longest time is evicted.
This commit also adds a detailed `TestNat64Evict` test case to
validate the eviction logic and priority.
This commit makes NCP send notification to the host when the netif
state changes.
At the beginning we use ThreadHost API to start the thread network on
OTBR NCP which explicitly sends spinel property set command to the NCP
and get response. So the host side can get the latest state of netif
in the response. However if we use the cli command (`ifconfig up`) to
start the thread network, we need the NCP to send a notification to
the host that netif state changes.
I have verified that with the change, the host can receive the update
if we issue `ifconfig up` command.
The noexcept placement new is standard in c++11. This commit adds a
config OPENTHREAD_CONFIG_USE_STD_NEW to allow using <new>. The default
behavior is still using OpenThread's own placement new implementation.
Removes the `IsValidOnLinkPrefix()` helper functions which required a PIO
to have both the on-link (`L`) flag and either the autonomous address
configuration (`A`) or DHCPv6-PD preferred (`P`) flag to be considered
valid.
The `RxRaTracker` is updated to track any received valid PIO as long as
the on-link (`L`) flag is set, regardless of the `A` or `P` flags.
The `OnLinkPrefix` class is updated to store the state of the `A` and
`P` flags from the PIO. These flags are now checked within
`OnLinkPrefix::IsFavoredOver()` to determine if a prefix is eligible
to be a "favored" on-link prefix, but their absence no longer prevents
the prefix from being tracked.
This change ensures that the routing manager is aware of all non-ULA
on-link prefixes (even those with only the L flag set), which correctly
informs the decision to publish a default route.
This commit also:
- Updates `PrefixInfoOption` in `nd6.hpp` to use a `Flags` typedef and
named constants instead of bitmasks.
- Updates `LogPrefixInfoOption` to log the state of L, A, and P flags.
- Adds a new unit test, `TestNonUlaPioWithOnlyOnLinkFlag`, to verify
the new behavior.
This change updates the TREL interface enable logic to depend on two
requesters: the user (via `otTrelSetEnabled` API or CLI) and the
stack (internal, e.g., when the Thread protocol is running).
The TREL interface is now considered enabled only when both the user
and the stack have requested to enable it. By default, the user
preference is 'enabled', allowing the stack to control the state.
A key behavior change is that a user's request to disable TREL is now
persistent. If the user explicitly disables TREL, it will remain
disabled even if the stack stops and restarts (e.g., `ifconfig down`
then `ifconfig up`). The user must explicitly re-enable the TREL
(calling `otTrelSetEnabled(true)`) to allow TREL to operate again.
This is implemented by `Trel::Interface::SetEnabled()` method now
taking a `Requester` enum (`kRequesterUser` or `kRequesterStack`) as
input and tracking `mUserEnabled` and `mStackEnabled` flags
separately.
This commit also updates API/CLI documentation and adds a new test
(`TestTrelUserDisableRenable`) to verify this new behavior.
The current history tracker only records direct transmissions, but
indirect transmissions are also required for debugging. This commit
adds support for tracking indirect transmissions.
This change updates `Radio::Init()` to avoid passing
zero-initialized temporary objects of `Mac::ExtAddress` and
`Mac::KeyMaterial` types.
Instead, it declares local variables and passes them to the setter
methods. This improves code readability and makes the intent more
explicit.
This commit updates the logic in MLE `HandleAnnounce()` for processing
a received Announce message with an older (stale) timestamp.
Previously, only an Announce with a newer timestamp would be
considered for processing and announce attach (trying to attach using
the channel and/or PANID from the received announce). Also, any
device receiving a stale Announce with an older timestamp would send
its own Announce back to inform the sender.
This change updates the behavior regarding the processing of stale
Announce messages:
- A router-eligible FTD still sends an Announce back to help inform
the other device.
- A detached MTD will now process the Announce (wait for a short delay
before trying to attach to the older Dataset). This is useful when
an MTD child device has a newer Dataset but the routers it can hear
are still on a previous, older Dataset.
- An attached MTD now ignores the stale Announce. Since an MTD cannot
become a router to help the device with the older Dataset join the
new Dataset, sending an Announce back from the MTD would be
pointless.
This commit also introduces a test to verify this exact scenario.
A Minimal End Device (MED) is defined by the spec as an MTD whose
receiver is enabled all the time.
This commit fixes the implementation of `IsMinimalEndDevice()` to
match this definition. The previous implementation of this method
would incorrectly accept any MTD config (including SED or MED).
Within the core modules, `IsMinimalEndDevice()` is only used in
`MeshForwarder::UpdateIp6Route()`. This commit updates the logic
in this method to differentiate between an FTD (calling
`UpdateIp6RouteFtd`()) and an MTD (forwarding to parent) by
checking `IsFullThreadDevice()` instead of the previous check
against `IsMinimalEndDevice()` (which was effectively checking
MTD).
This commit also adds a new unit test, `TestDeviceMode()`, to
validate all configurations of `DeviceMode` (SED, MED, FTD) and
verify the behavior of `IsMinimalEndDevice()`.
This change modifies the NAT64 translator to dynamically allocate IPv4
addresses by tracking a range of host IDs within the configured CIDR.
This approach replaces the pre-allocated `mIp4AddressPool`, making it
more memory-efficient by avoiding the storage of an entire address
array.
The translator now maintains `mMinHostId` and `mMaxHostId` derived
from the configured CIDR. When allocating an IPv4 address for a new
mapping:
- If `PORT_TRANSLATION_ENABLE` is enabled, addresses are assigned
sequentially by cycling through the host ID range. Mappings can
share an IPv4 address as they are distinguished by translated port
numbers.
- If `PORT_TRANSLATION_ENABLE` is disabled, a 1-to-1 address mapping
is used. The translator cycles through host IDs to find an unused
IPv4 address. If all addresses are allocated, it attempts to free
expired mappings before failing.
A new test case, `TestNat64CidrAddressReuse`, is added to validate the
address allocation and reuse logic. The test ensures that all
available addresses from a CIDR are used, new requests fail when the
pool is exhausted, and addresses are correctly reused after mappings
expire. It is run against multiple CIDR sizes (`/32`, `/31`, `/30`,
and `/27`) to verify behavior across various configurations.
The definition of the function `HandleMbedtlsExportKeys()` is wrapped
by the macro `MBEDTLS_SSL_EXPORT_KEYS`, but the implementation of the
function `HandleMbedtlsExportKeys()` is not wrapped by the macro
`MBEDTLS_SSL_EXPORT_KEYS`. Which causes `out-of-line definition` compiling errors.
This commit wraps the implementation of the function `HandleMbedtlsExportKeys()`
and the code that calls it with the macro `MBEDTLS_SSL_EXPORT_KEYS`.
The commit adds new spinel properties for ephemeral key feature:
* SPINEL_PROP_BORDER_AGENT_EPHEMERAL_KEY_STATE, for the NCP to update
the ePSKc state to the host
* SPINEL_PROP_BORDER_AGENT_EPHEMERAL_KEY_ENABLE, for the host to
enable/disable the ePSKc feature
* SPINEL_PROP_BORDER_AGENT_EPHEMERAL_KEY_ACTIVATE, for the host to
start the ePSKc mode
* SPINEL_PROP_BORDER_AGENT_EPHEMERAL_KEY_DEACTIVATE, for the host to
stop the ePSKc mode
The commit adds the NCP properties handler in NCP and also adds some
unit tests for the handlers.
This change simplifies the state management logic in the NAT64
translator by removing the `mEnabled` boolean flag. The `mState` enum
is now the single source of truth for the translator's operational
status.
A new `SetState()` method centralizes the actions performed when
transitioning to a new state, such as logging, signaling notifiers,
and clearing active mappings. The `IsEnabled()` helper is introduced
to check if the current state is not `kStateDisabled`.
Consequently, functions like `SetEnabled()` and `UpdateState()` are
updated to use the new `SetState()` function, making state
transitions more explicit and maintainable.
Clang warns that mMetricsValue is less aligned that its
union type. Make the union packed to fix this.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
This commit allows binding to multicast address, which means the socket
would only accept frames targeting to a particular multicast address.
This prevents other datagrams destined to the same port being delivered
to this socket.
Note that binding to a multicast address doesn't automatically subscribe
to the multicast group.
This improves debuggability of TCAT client and server, by using one
unified format (hex + ASCII) to show transmitted and received TCAT
data within the TLS session, as well as showing size of the encrypted
(TLS) data. For encrypted data, only size is now shown to avoid
clutter. Showing the hex + ASCII dump allows devs/testers to visually
read TCAT TLVs from screen and identify how all TCAT commands are
processed by the Thread device.
This change replaces the `Translator::Result` enum with the standard
`Error` type to report the outcome of a translation attempt. This
simplifies the implementation and aligns it with the rest of the
codebase.
The mapping from the old `Result` to the new `Error` is as follows:
- `kForward` is replaced by `kErrorNone`
- `kDrop` is replaced by `kErrorDrop`
- `kNotTranslated` is replaced by `kErrorAbort`
The `kErrorAbort` return value signals to the caller that no
translation was performed, and it can proceed with normal processing
of the message.
Additionally, the translation methods are renamed for better clarity.
This commit introduces new types `otNetworkDiagData`,
`otNetworkDiagIp6AddrList`, and `otNetworkDiagChildTable` to
represent common data structures within Network Diagnostic TLVs.
These new types replace the previous anonymous structs within the
`otNetworkDiagTlv` union, improving code structure and readability.
The `mNetworkData`, `mIp6AddrList`, `mChildTable`, and
`mChannelPages` fields now use these named types.
This change adds an explicit check for `mState == kStateActive` at the
beginning of the translation functions.
This single check replaces individual validations for a valid IPv4
CIDR and NAT64 prefix. This simplifies the entry logic and fixes a
bug where the `Translator` could continue performing translations
even after it was explicitly disabled via `SetEnabled(false)`.
Additionally, this change fixes a bug in `TranslateToIp6()` where an
IPv4 message would be incorrectly marked as `kForward` when no IPv4
CIDR was configured (`mIp4Cidr.mLength == 0`). The correct behavior
is to drop the packet, so the result is now set to `kDrop`.
This change renames `GetIp6Prefix()` to `GetNat64Prefix()` to more
accurately reflect its purpose and to harmonize its name with the
existing `SetNat64Prefix()` and `ClearNat64Prefix()` methods.
The related getter methods in the header and implementation files are
also reordered for better organization.
This change introduces a new utility function `CountMatchingBits()` to
calculate the number of matching leading bits between two byte
arrays.
This new fn replaces the now-removed `Ip6::Prefix::MatchLength()`.
The previous implementation was specific to the `Ip6::Prefix`
class. The new generic function is placed in `common/bit_utils` and
is used to update `Ip6::Prefix`, `Ip6::Address`, `Ip4::Cidr`, and
`PrefixTlv`.
A new unit test `test_bit_utils` is added with comprehensive tests for
the new function. The existing tests for `CountBitsInMask` are also
moved into this new test file.
This change moves the `kBitsPerByte` constant and the `BitSizeOf()`
and `BytesForBitSize()` macros from `numeric_limits.hpp` to the
more specialized `bit_utils.hpp` header.
This consolidation places common bit-utility definitions into a more
appropriate, dedicated header, improving code organization and
logical grouping. Headers that relied on these definitions are
updated accordingly.
This commit introduces a mechanism within the `RoutingManager` to
track the IPv6 addresses used by the Border Router itself on the
infrastructure interface, particularly when sending Router
Advertisements. This provides visibility for debugging and
monitoring purposes.
A new data structure, `otBorderRoutingIfAddrEntry`, is added to
represent an address and the time elapsed since it was last used as
the source of an RA.
The tracked addresses can be retrieved using the new public API
`otBorderRoutingGetNextIfAddrEntry` or CLI command `br ifaddrs`.
When `OPENTHREAD_CONFIG_NAT64_PORT_TRANSLATION_ENABLE` is enabled,
multiple `Mapping` entries can exist for the same IPv6 and IPv4
addresses, differing only by their protocol ports.
To distinguish between these entries in logs and diagnostics, this
change updates `Mapping::ToString()` to include the source and
translated port numbers in the generated string output.
This commit introduces a new header file, `common/bit_utils.hpp`, to
consolidate bit manipulation utility functions.
These functions were previously located in `common/num_utils.hpp`.
Moving them to a dedicated file improves code organization and
clarity by separating them from general numerical utilities. All
files that used these functions have been updated to include the new
header.
This commit introduces a new Nexus test to validate the functionality
of the NAT64 translator.
The test is divided into two main parts:
- `TestNat64StateChanges`: Verifies the state management of the
translator. It checks that the translator transitions correctly
between `kStateDisabled`, `kStateNotRunning`, and `kStateActive`
when the feature is enabled/disabled or when the IPv4 CIDR and
NAT64 prefix are configured or cleared. This test also confirms
that state change notifications are properly signaled.
- `TestNat64Mapping`: Validates the address mapping and translation
logic. It ensures that address mappings are correctly created for
new IPv6-to-IPv4 traffic, reused for subsequent packets from the
same IPv6 source, and eventually expire and are removed after a
period of inactivity. It also verifies that the mapping table is
cleared when the configured IPv4 CIDR is changed.
This commit moves two global constants, `kBufferSize` and
`kNumBuffers`, into their respective class scopes to improve
encapsulation and avoid potential name conflicts.
The `kBufferSize` constant is moved into the `Buffer` class as
`Buffer::kSize`. As `kBufferSize` is a generic and commonly used
name, this change prevents potential symbol collisions.
Similarly, the `kNumBuffers` constant is moved into the `MessagePool`
class, as it is exclusively used within that class.
All usages of these constants have been updated throughout the
codebase to reflect their new names.
This commit introduces a new common helper class `ExpirationChecker`.
This class is designed to be used as a "matcher" for finding expired
entries in collections like `LinkedList` or `Array`. It encapsulates
a "now" time and provides an `IsExpired()` method to check if a given
time has passed.
This change consolidates duplicated private similar structs that
previously existed in `RoutingManager`, `Mdns`, and
`SrpAdvertisingProxy`, updating all users to the new common
implementation. This simplifies the code by removing redundancy.
This change updates the management of active NAT64 mappings to use an
`OwningList`.
To support this, the `Mapping` struct now inherits from
`InstanceLocatorInit` and includes a new `Free()` method. This method
encapsulates the logic for releasing the associated IPv4 address and
the `Mapping` entry back to their corresponding pools.
This new design simplifies the `Translator` class by removing the
redundant `ReleaseMapping()`, `ReleaseMappings()`, and
`ReleaseExpiredMappings()` methods. All mapping cleanup operations
are now handled by the `OwningList` class (which invokes
`Mapping::Free()` on entries as they are removed).
Adding two extensions:
1. Add an api function to configure a response fallback callback with
`otCoapSetResponseFallback`.
2. Enable fire and forget for NON requests, supporting requests which
do not expect a response.
The mix-in helper classes like `Clearable<T>`, `Equatable<T>`, and
`Unequatable<T>` are intended for CRTP style inheritance, where `T`
is the derived class itself. A mistaken inheritance, such as `class
Foo : public Clearable<Bar>`, can compile successfully but lead to
subtle bugs.
This change enforces the correct CRTP usage at compile time. By making
the constructors of these helper classes `private` and declaring the
derived template class `T` as a `friend`, any incorrect inheritance
will now result in a build failure. This approach correctly detects
such a mistake, even if `Foo` and `Bar` happen to be `friend`s of
each other.
Additionally, `Equatable<T>` is updated to provide both `operator==`
and `operator!=`, removing its dependency on `Unequatable<T>`. This
change allows us to apply the `private` constructor enforcement to
`Equatable<T>` as well.
This commit simplifies the implementation of `SendMessage()` by
changing its parameter from a `Message` reference to an `OwnedPtr`.
The `OwnedPtr` now manages the lifetime of the message, ensuring it is
always freed, whether the translation and send operation succeed or
fail. This change removes the need for a manual tracking flag and an
explicit `Free()` call in the error path, resulting in cleaner and
more robust code.
This change enhances the unit tests for the NAT64 `Translator` to
improve readability. The key improvements include:
- Replaced raw hex dumps of packets with new helper functions that
parse and log IPv4/IPv6 headers in a human-readable format.
- Simplified the counter tests and validation of the
`ProtocolCounters`.
- Reworked the main test case functions, `Verify6To4()` and
`Verify4To6()`, to leverage the new logging and verification
helpers for better output.
The `Cidr` class was incorrectly inheriting from `Clearable<Address>`
instead of `Clearable<Cidr>`. This oversight meant that calling
`Clear()` on a `Cidr` object would not clear its `mLength` member,
only the `mAddress` field. This change corrects the template
parameter for the `Clearable` base class to `Cidr`, ensuring the
entire object is properly zeroed out.
This bug could cause issues in the NAT64 translator. When a user calls
`otNat64ClearIp4Cidr()` to disable translation, the underlying
`mIp4Cidr.Clear()` method would fail to clear the CIDR length. The
`Nat64::Translator` would check `mIp4Cidr.mLength > 0` in its
`UpdateState()` method to determine if a valid CIDR is configured.
Because `mLength` was not cleared, this check would pass incorrectly,
causing NAT64 translation to continue with an invalid,
partially-cleared CIDR instead of stopping as expected.
This change updates multiple modules to consistently use
`Get<Mle::Mle>()` for accessing the MLE component, removing the need
for local `Mle::Mle &mle` references.
This approach aligns with the common `Get<Module>()` access pattern
used across the codebase, improving consistency.
Previously, a NAT64 mapping's lifetime was only extended upon its
initial allocation. This meant that if an existing mapping was found
and reused, its expiration timer would not be refreshed, potentially
leading to its premature removal.
This change moves the `mapping->Touch()` call from `AllocateMapping()` to
`TranslateFromIp6()`. This ensures that a mapping's lifetime is
extended every time it is used for translation, whether it is newly
allocated or an existing one being reused.
This change introduces `ShouldRegisterMulticastAddrsWithParent()` to
consolidate the logic for determining when a child should register
its multicast addresses with its parent, thereby avoiding repeated
code.
The criteria for registration remain the same: a child registers its
multicast addresses if it is a Sleepy End Device (SED), or if it is a
Minimal End Device (MED) and its parent is running Thread 1.2 or a
later version.
The logic for sharing an IPv4 address, intended for scenarios with a
small address pool (CIDR prefix > /28), was incorrectly being applied
even when port translation was disabled.
When `OPENTHREAD_CONFIG_NAT64_PORT_TRANSLATION_ENABLE` is disabled,
each mapping requires a unique IPv4 address. The previous
implementation would incorrectly reuse the same address from the
pool.
This commit makes the address sharing logic conditional on the
`OPENTHREAD_CONFIG_NAT64_PORT_TRANSLATION_ENABLE` configuration. When
disabled, the translator now correctly allocates a unique IPv4
address for each mapping and returns it to the pool upon release.
This commit improves the NAT64 address mapping iterator to ensure the
remaining lifetime for all mapping entries is reported consistently.
The iterator now internally stores a timestamp upon initialization.
This timestamp is then used as a common reference to calculate the
remaining lifetime for each `otNat64AddressMapping` entry, ensuring
consistent values throughout a single iteration.
The public C APIs remain unchanged, while the underlying implementation
and the `otNat64AddressMappingIterator` struct are updated.
This change introduces `RouterUpgradeReasonToString()` to provide
human-readable strings for router upgrade reasons, which is used to
enhance logging in `BecomeRouter()` and `ProcessAddressSolicit()`.
These additions provide clearer insight into why a device is
attempting to become a router, aiding in debugging and network
analysis.
This commit places the `mSrcPortOrId` and `mTranslatedPortOrId`
members of the `Translator::Mapping` struct under the
`OPENTHREAD_CONFIG_NAT64_PORT_TRANSLATION_ENABLE` build-time flag.
This optimization reduces the memory footprint of each `Mapping` entry
and the `mMappingPool` when the NAT64 port translation feature is
disabled.
This change streamlines NAT64 mapping management by removing the
`FindMapping()` and `FindOrAllocateMapping()` helper methods.
Following recent simplifications, such as adding new `Matches()`
flavors, the logic within these `Find` methods became much
simpler. Their functionality is now incorporated directly into
`TranslateToIp6()` and `TranslateFromIp6()`, respectively.
Additionally, the `Mapping::Touch()` method is simplified to no longer
require the current time as an argument. It now retrieves the time
internally.
This commit introduces several cleanups and smaller improvements to
the IPv4 types.
- Optimizes `Cidr::ToString(StringWriter&)` by writing the address
directly to the provided writer, avoiding the allocation of a
temporary `String` object.
- Moves the IPv4 header field offset constants from the public
`ip4_types.hpp` header into the unit test file, as this was their
only place of use. This cleans up the `Ip4::Header` public API.
- Replaces hardcoded values for address and string sizes with the
corresponding `OT_IP4_*` definitions for consistency.
- Corrects the format specifier in `Address::ToString()` from `%d` to
`%u` to properly print unsigned octet values.
This change introduces a new history list to record the DHCPv6 Prefix
Delegation (PD) state and the delegated prefix.
The recorded history can be iterated using the new API
`otHistoryTrackerIterateDhcp6PdHistory()` and viewed from the CLI
using the new `history dhcp6pd` command.
This commit adds a test case to `TestMultiPacket` to validate the
correct eviction of pending truncated queries.
The test scenario sends the same truncated query multiple times,
followed by a query containing a matching known answer. It then
verifies that no response is sent, confirming that the initial
pending queries were successfully evicted from the message queue.
This validates the fix from #11854.
This change updates the `Mapping::Matches` methods to accept
`Ip4::Headers` and `Ip6::Headers` objects instead of separate IP
address and port arguments.
This simplifies the callers `FindOrAllocateMapping` and `FindMapping`
by encapsulating the conditional logic for port translation within
the `Mapping::Matches` methods. This allows for a single, unified
`FindMatching` method on the active mappings list.
This commit changes the `RxMsgEntry` allocation check from `OT_ASSERT`
to `VerifyOrExit`. This ensures that a heap allocation failure for a
multi-packet RX message results in the message being gracefully
dropped, allowing network operation to continue instead of
asserting.
Additionally, `AddNew()` now removes any existing multi-packet message
entries from the same sender before attempting to allocate a new
`RxMsgEntry`. This helps to reclaim resources and prevent stale
entries.
This change also fixes a use-after-release bug by ensuring
that the `aRxMessagePtr` (an `OwnedPtr`) is not accessed after its
ownership is transferred by the `newEntry->Add(aRxMessagePtr)`
call.
This commit simplifies and enhances the NAT64 translator's counter
implementation.
- The `mProtocolCounters` and `mErrorCounters` are explicitly cleared
in the `Translator` constructor, ensuring they are properly
zero-initialized.
- The `ErrorCounters` C++ wrapper class is removed, and the counters
are now updated directly based on `DropReason`.
- The `ProtocolCounters::Count*Packet()` methods are updated to accept
`Ip6::Headers` and `Ip4::Headers` inputs directly, which simplifies
the call sites.
- Private helper methods, `Update6To4()` and `Update4To6()`, are
introduced in `ProtocolCounters` to reduce code duplication when
incrementing packet and byte counts.
This commit introduces two new `static` helper methods,
`GetSourcePortOrIcmp6Id()` and `GetDestinationPortOrIcmp4Id()`, to
the `Translator` class. This eliminates repeated similar code and
improves overall readability.
This commit enhances the `HistoryTracker` to record information about
routers discovered on the Adjacent Infrastructure Link (AIL).
This feature is applicable when the device operates as a Border
Router, providing a mechanism to monitor the history of changes to
the discovered AIL routers for debugging and network analysis.
The history tracker records events when an AIL router is added,
removed, or when its tracked information changes. The recorded
information includes:
- The IPv6 address of the router
- Default router status and its preference
- RA flags: 'M' (Managed Addr), 'O' (Other), 'S' (SNAC Router)
- Operational information:
- Whether the router is a local entity (on same device)
- Reachability status
- Whether it is a peer Border Router on the same Thread mesh
- The favored advertised on-link prefix by this router (if any)
A new public API, `otHistoryTrackerIterateAilRoutersHistory()`, is
added to iterate over the recorded AIL router history. A
corresponding CLI command, `history ailrouters`, is also included to
display this information.
This commit updates the `Translator` class to improve code style,
readability, and consistency with the OpenThread coding conventions.
This is a pure refactoring commit with no intended logic changes. Key
changes include:
- Renamed types and variables for brevity (e.g., `AddressMapping` to
`Mapping`).
- Renamed members within the `Mapping` struct for clarity(e.g., `mIp4`
to `mIp4Address`).
- Standardized local variable names (e.g., `err` to `error`).
- Added `const` to methods that do not modify the class state.
- Improved and reformatted Doxygen and inline comments.
This commit improves the organization of `mle.cpp` by grouping all
`Attacher` method definitions together.
When the `Attacher` class was introduced in #11835, its method
definitions were intentionally kept in their previous order to
minimize the `git diff` for easier review. This resulted in the
`Attacher` methods being interleaved with other `Mle` methods.
This commit acts as a follow-up to rearrange the file and group all
`Attacher` methods into a dedicated section for better readability
and organization.
No logic changes are included in this commit.
This change introduces a `--log-level` option to the `build.sh`
script, allowing the `OPENTHREAD_CONFIG_LOG_LEVEL` to be specified at
build time.
The supported log levels are `NONE`, `CRIT`, `WARN`, `NOTE`, `INFO`,
and `DEBG`. The default level is set to `INFO`.
The CI workflow is updated to test builds with all the supported log
levels.
This commit enhances the `FindContext()` methods and converts the
`Lowpan::Context` struct into a class.
The `FindContext()` methods are updated as follows:
- Renamed to `FindContextForAddress()` and `FindContextForId()` to
more accurately reflect their function.
- The return type is changed from `Error` to `void`. Success is now
indicated by checking the `IsValid()` state of the output `Context`
object (matching how `Lowpan` class uses the `Context`). This
change simplifies the callers and harmonizes the context check
across different modules.
The `Lowpan::Context` struct is converted into a class, encapsulating
its members by making them private and introducing public getters.
This commit makes several updates to enable and fix NAT64 unit test
- Enables the NAT64 translator in `toranj` test configs, ensuring
that the `test_nat64` unit test is now covered by the GitHub
Actions CI (under the `toranj` workflow).
- Enable `OPENTHREAD_CONFIG_NAT64_PORT_TRANSLATION_ENABLE` for the POSIX
`toranj` build while disabling it for the simulation build, ensuring
both configurations are built and covered by CI.
- Fixes the `test_nat64` unit test by removing an incorrect
"mapping pool exhausted" step. This step is now invalid as the pool
size is configured to a much larger value (254) via
`OPENTHREAD_CONFIG_NAT64_MAX_MAPPINGS`.
This commit resolves compiler warnings/errors related to potential
integer overflows and unsafe narrowing conversions.
- The type of `mTxRequestAheadTimeUs` is changed from `uint16_t` to
`uint32_t` to avoid potential overflow when calculating the TX
time.
- A `ClampToUint16()` utility is now used before setting the
rendezvous time. This safely converts the calculated
`rendezvousTimeUs` to a 16-bit integer, preventing a narrowing
conversion warning.
This commit introduces `Publish()` and `Unpublish()` private helper
methods in `Nat64PrefixManager` to encapsulate and centralize the
logic for managing the published NAT64 prefix in the Network Data.
- `Publish(aPrefix, aPreference)` adds the given prefix to the Network
Data. It handles removing any previously published prefix if the
new prefix or preference differs.
- `Unpublish()` removes the currently published NAT64 prefix from the
Network Data, if one exists.
These new helpers simplify the logic within the `Evaluate()` and
`Stop()` methods, reduce code duplication, and improve overall
clarity.
This commit fixes a build failure that occurs when the log level is
set to `NOTE`.
A previous change (#11507) updated some `MeshForwarder` logging
methods from the `NOTE` to `INFO` level (e.g., `LogFrame()`).
However, these methods remained grouped with `NOTE`-level methods
under a single `OT_SHOULD_LOG_AT(OT_LOG_LEVEL_NOTE)` preprocessor
guard.
This mismatch caused a build failure when `OT_LOG_LEVEL_NOTE` was
enabled (unused parameter warnings).
To resolve this, this commit separates the logging methods into their
respective `OT_SHOULD_LOG_AT()` guards based on their actual log
level (`INFO` or `NOTE`).
This commit renames `GetPreferredNat64Prefix()` to
`FindPreferredNat64Prefix()`.
The new name better aligns with the method's behavior, as it searches
for a preferred NAT64 prefix in the Network Data and can return
`kErrorNotFound`. This change also harmonizes the method name with
other similar `Find...()` methods in the `NetworkData` class.
This commit introduces a new `Mle::Attacher` class to encapsulate all
logic and state related to the device attach process.
This change moves the attach state machine, parent candidate
management, attach timer, and message handling for Parent Request,
Parent Response, Child ID Request, and Child ID Response from `Mle`
into the new nested `Attacher` class.
This refactoring improves code organization and modularity by
separating the attach logic from the main `Mle` class.
This commit adds checks to prevent potential integer overflow issues
within the `Message` class.
Previously, calculations involving message offset and length, such as
`offset + length`, assumed the caller would provide values within a
safe range. However, in some edge cases where larger values are
given, this addition could wrap around. This could lead to incorrect
behavior, potential memory corruption, or assertion failures.
To address this, this change introduces a new generic utility
function, `CanAddSafely()`, to detect unsigned integer addition
overflows. This check is now applied in the following `Message`
methods to validate lengths and offsets before performing
arithmetic:
- `AppendBytes()`: Returns an error if `offset + length` overflows.
- `AppendBytesFromMessage()`: Returns an error on overflow.
- `GetFirstChunk()`: Safely clamps the read length to the available
message length.
- `WriteBytes()`: Asserts if `offset + length` overflows.
Unit tests for the new `CanAddSafely()` utility are included, covering
`uint8_t` and `uint16_t` cases.
This commit adds checks to prevent potential integer overflow issues
within the `Message` class.
Previously, calculations involving message offset and length, such as
`offset + length`, assumed the caller would provide values within a
safe range. However, in some edge cases where larger values are
given, this addition could wrap around. This could lead to incorrect
behavior, potential memory corruption, or assertion failures.
To address this, this change introduces a new generic utility
function, `CanAddSafely()`, to detect unsigned integer addition
overflows. This check is now applied in the following `Message`
methods to validate lengths and offsets before performing
arithmetic:
- `AppendBytes()`: Returns an error if `offset + length` overflows.
- `AppendBytesFromMessage()`: Returns an error on overflow.
- `GetFirstChunk()`: Safely clamps the read length to the available
message length.
- `WriteBytes()`: Asserts if `offset + length` overflows.
Unit tests for the new `CanAddSafely()` utility are included, covering
`uint8_t` and `uint16_t` cases.
Introduces macros to suppress a known false-positive GCC warning
"-Wstringop-overflow=0" which can be triggered when manipulating
network data.
The `AddHasRoute()`, `AddBorderRouter()`, and `AddServer()` methods
shift and update the network data bytes, which may involve inserting
or updating a sub-TLV within an existing TLV. This can trigger a
"writing x byte into a region of size 0" error on some GCC
toolchains.
This change adds the `OT_SUPPRESS_GCC_STRING_OP_BEGIN` and
`OT_SUPPRESS_GCC_STRING_OP_END` macros to silence this specific
warning within these code blocks.
This change updates the `NetworkDataTlv` class to use common bit
manipulation helper functions (`ReadBits`, `WriteBits`, `SetBit`,
`GetBit`, `ClearBit`).
This change replaces the manual bit masking and shifting for accessing
the `Type` value and the `Stable` flag with calls to the new helpers.
The member variable `mType` is also renamed to `mTypeAndStableFlag` to
more accurately reflect its contents.
This commit ensures that the Network Diagnostic server correctly
handles duplicate TLV types within a "Diagnostic Get" request.
Previously, if the `TypeList` TLV in a request contained duplicate
type entries, the server would process each one, leading to redundant
diagnostic TLVs being appended to the response message.
This is now fixed by using a `BitSet` to track the TLV types that have
already been processed from the request. If a duplicate type is
encountered, it is skipped, ensuring that each requested diagnostic
TLV is added to the response only once. This logic is applied to both
the standard and TCAT-specific request handling paths.
This commit introduces a new `AddrSolicitInfo` struct to encapsulate
all parameters related to an Address Solicit request and its
processing outcome.
The processing of a TMF Address Solicit is broken down into two new
methods:
- `AddrSolicitInfo::ParseFrom()`: Handles parsing the incoming CoAP
message.
- `ProcessAddressSolicit()`: Contains the logic for deciding whether
to grant a router ID based on the parsed request.
This change separates parsing from processing logic, improving code
structure and readability without any functional changes.
This commit introduces the `Mle::Aloc16` helper class to encapsulate
constants and helper methods related to Anycast Locators (ALOC16).
The new class provides static helpers for:
- Checking if a given ALOC16 has a specific purpose (e.g., Service,
DHCPv6 Agent, Commissioner, Primary BBR).
- Converting between an ALOC16 and its related service, context, or
session ID.
All existing code is updated to use the new helper methods. This
improves code readability and centralizes ALOC16 management.
This commit extracts the logic for selecting a leader ID and a
partition ID out of the `BecomeLeader()` method into two new private
helper methods: `SelectLeaderId()` and `SelectPartitionId()`.
This is a pure refactoring that does not alter behavior. It improves
the readability and maintainability of the `BecomeLeader()` method by
simplifying its implementation.
This change introduces a new `MessageFramer` class to encapsulate the
logic for preparing MAC data frames.
This change improves code modularity and separation of concerns by
isolating the frame preparation logic (MAC headers, mesh headers,
6LoWPAN compression, and fragmentation) from the message forwarding
responsibilities of `MeshForwarder`.
Classes such as `MeshForwarder`, `IndirectSender`, and
`DataPollSender` are updated to use the new `MessageFramer` class.
This commit enhances MPL option processing and validation.
Previously, the MPL option was processed immediately upon being found,
and multiple MPL options in the same message were accepted. This
could allow a malformed IPv6 message to be buffered for MPL
re-transmission multiple times with different seed IDs.
This change ensures the code first iterates through and validates all
included options within a Hop-by-Hop extension header, enforcing that
at most one MPL option is present before processing.
This is implemented by splitting `Mpl::ProcessOption()` into
`ReadAndValidateOption()` and a new version of `ProcessOption()` that
acts on a pre-validated `MplOption`.
This commit adds support to `HistoryTracker` to record the history of
favored on-link prefixes on the AIL.
It introduces the `otHistoryTrackerFavoredOnLinkPrefix` structure and
a new API, `otHistoryTrackerIterateFavoredOnLinkPrefixHistory()`, to
access the recorded data. The new CLI command `history onlinkprefix`
is added to display the tracked history, showing the prefix, its age,
and whether it is local to the Border Router.
This change moves the service ALOC management logic from the `Mle`
module to `NetworkData::Service::Manager`.
This change simplifies the code by consolidating responsibilities.
Since the `NetworkData::Service` module manages service entries in
the Network Data, it is the logical owner for managing the associated
service ALOCs.
This commit reorders method implementations in the source file
`network_data_service.cpp` to group them within their respective
`Iterator` and `Manager` class sections.
In PR #11680, the `Iterator` class was enhanced to be a separate class
from `Manager`. The method definitions in the `.cpp` file were kept
in their original order at that time to simplify the review by
keeping the `git diff` smaller.
Separator comments are also added to both the `.cpp` and `.hpp` files
to improve code structure and readability.
No functional changes are introduced.
This commit replaces hardcoded magic numbers for RLOC addresses with
their corresponding named constants from the `Mle` namespace.
- The DHCP Agent RLOC is now set using `Mle::kAloc16DhcpAgentStart`.
- The invalid RLOC address `0xfffe` is replaced by `Mle::kInvalidRloc16`.
This change improves code readability and maintainability. Redundant
comments were also removed.
This change updates the `NetworkData` iteration methods to reduce
redundant code and simplify their use.
Previously, separate methods were defined to iterate over different
types of network data entries (e.g., `GetNextOnMeshPrefix()`,
`GetNextExternalRoute()`). This change unifies these into a single
template method, `NetworkData::GetNext<EntryType>()`. A similar
change is applied to unify the corresponding `Contains...()`
methods into a single template.
This commit replaces the boolean `aIsLast` parameter in the
`AnswerTlv::Init()` method with an `enum IsLastFlag`.
This change improves the readability and type-safety of the code when
specifying whether an answer is the last one in a network diagnostic
query.
This change ensures that a parent device in the process of detaching
from the network ignores incoming "Parent Request" and "Child Update
Request" messages.
A new `Detacher::IsDetaching()` method is added to check for this
state. This prevents potential inefficiencies that could arise if
these requests were responded during the detachment procedure.
Since llvm-19, if we use package manager to install it, the minor
versions could be different. This commit standardizes the version on
linux to 19.1.7. This version is the same as the one installed by
homebrew.
fix parsing of
* dns_resolve4 returns a synthesized ipv6 address, but parsing expected an ipv4 address
fix csl methods
* add support for getting csl uncertainty/accuracy
* add support for setting the csl channel
* remove the non existing get_csl_period
renames variables/arguments that had a python builtin name
This commit introduces a verbose logging feature in the mDNS module to
aid in development and debugging by providing detailed logs of mDNS
traffic.
The feature is enabled at build-time via the config option
`OPENTHREAD_CONFIG_MULTICAST_DNS_VERBOSE_LOGGING_ENABLE`
(mapping to the `OT_MDNS_VERBOSE` CMake option). When enabled,
logging can be controlled at run-time using the new
`otMdnsSetVerboseLoggingEnabled()` API and the corresponding
`mdns verboselogging` CLI command.
The initial state on startup can be configured using
`OPENTHREAD_CONFIG_MULTICAST_DNS_DEFAULT_VERBOSE_LOGGING_STATE`
(mapping to the `OT_MDNS_VERBOSE_STATE` CMake option).
When active, this feature logs the content of every sent and received
mDNS message, including the header, questions, and all resource
records. The logs are emitted at the `OT_LOG_LEVEL_NONE` level to
ensure they are always captured, regardless of the active log level
configuration.
Adds a new `README_MDNS.md` file to provide a comprehensive guide for
the `mdns` CLI command.
The guide includes:
- A quick start section with examples.
- A full list of all available sub-commands.
- Detailed explanation and usage examples for each sub-command.
This commit updates the challenge/response mechanism used when a
detached device sends a "Child Update Request" to restore its role as
a child.
Previously, this process shared the `mParentRequestChallenge` with the
parent search mechanism. This logic is now consolidated within the
`PrevRoleRestorer` class, which now manages the generation and
tracking of the `TxChallenge` used in "Child Update Request".
This change simplifies the `Mle` class design and makes the child role
restoration logic separate from the parent search and attach process.
This separation allows for future enhancements where a device may run
both mechanisms in parallel.
This commit adds support for tracking the history of the favored OMR
prefix on a border router. A new public API and the corresponding
`history omrprefix` CLI command are added to retrieve the recorded
history.
A new `otHistoryTrackerFavoredOmrPrefix` type is introduced to
represent an entry in the history. Each entry includes the OMR
prefix, its preference, and a boolean flag `mIsLocal` indicating
whether the prefix is the same as the one maintained locally by the
border router. The local OMR prefix can be based on either a randomly
generated ULA or a prefix delegated via DHCPv6-PD.
This commit updates `AesCcm::Payload()` to support a `nullptr` for the
output buffer. When decrypting, the `aPlainText` can be null, and
when encrypting, `aCipherText` can be null.
This change is useful when the caller only needs the authentication
tag and does not require the actual decrypted or encrypted payload,
thus avoiding the need to provide a temporary output buffer.
This is leveraged to simplify the MAC frame processing under fuzzing
build (`OPENTHREAD_FUZZ_FUZZER_BUILD`), removing a large
stack-allocated buffer (`kFuzzMaxFrameSize`).
This change enhances the favored on-link prefix selection logic within
the `RoutingManager::OnLinkPrefixManager`.
It introduces two new prefix state variables:
- `mAilPrefix`: Tracks the on-link prefix discovered from Router
Advertisements received on the Adjacent Infrastructure Link
(AIL). This renames the previous `mFavoredDiscoveredPrefix`.
- `mFavoredPrefix`: Tracks the final selected favored prefix, which
can be either the local prefix or the `mAilPrefix`.
The setters `SetAilPrefix()` and `SetFavoredPrefix()` are added to
manage these state changes and provide additional logging.
The temporary buffer used in `RxFrame::ProcessReceiveAesCcm` under
fuzzing build is increased to 1280 bytes. This change allows for
fuzzing of larger TREL frames. A new constant `kFuzzMaxFrameSize` is
introduced for this purpose.
When using OPENTHREAD_CONFIG_TREL_MANAGE_DNSSD_ENABLE the TREL peer
discovery platform code is not needed anymore.
Added otPlatTrelNotifyPeerSocketAddressDifference under the same
logic as the rest of the TREL platform API that is not used
when OPENTHREAD_CONFIG_TREL_MANAGE_DNSSD_ENABLE is true.
Signed-off-by: Marius Preda <marius.preda@nxp.com>
The treatment of the Command ID field in a MAC command frame is
dependent on the IEEE 802.15.4 version. In the 2015 specification,
it is part of the encrypted payload, while in earlier versions, it
is part of the unencrypted MAC header. The `FindPayloadIndex()`
method correctly accounts for both cases.
This commit enhances the frame parsing and validation logic to account
for this difference.
- `ValidatePsdu()` is updated to ensure the frame is long enough to
contain the Command ID when validating a 2015-version frame.
- `GetCommandId()` is updated to validate the presence of the Command
ID field before access, fixing a potential out-of-bounds read.
- A new `IsMacCommand()` helper method is introduced to improve code
clarity and replace direct frame type checks.
The Status TLV is used in several TMF messages (Address Solicit, DUA
Registration, MLR), and the meaning of its value is
context-dependent.
This commit refactors the TLV definitions by moving the status enums
from the generic `ThreadStatusTlv` class into the modules where they
are used.
The main changes are:
- The Address Solicit status is split into two more specific enums:
- `RouterUpgradeReason` for Address Solicit requests.
- `AddrSolicitResponse` for Address Solicit responses.
- `MlrStatus` and `DuaStatus` enums are moved to `mlr` and `dua`
modules respectively.
- `ThreadStatusTlv` is simplified to a `typedef`.
This change improves code clarity, modularity, and type safety by
ensuring that status codes are defined and used within their proper
context.
We just updated the version from 14 to 16. But very unfortunately
clang-format-16 was just deprecated recently. So this time we update
the version to the latest available one. There are newer releases than
19 (like 20) but as I tested, sudo apt-get install -y clang-format-19
can work while 20 doesn't work.
misc-include-cleaner in clang-tidy-19 exerts a very strict check which
requires to directly include all headers for every symbols in the
source file. However in our current code we intentionally use some
indirect include. So this commit disables misc-include-cleaner.
This change fixes a potential use-after-free issue in the
`PeerDiscoverer::HandleTxtResult()` method.
When processing a TXT record, the corresponding `Peer` object could be
removed if it was identified as the device itself. However, a
subsequent call to `UpdatePeerState()` would still use the dangling
reference to the removed `Peer` object.
The fix merges the logic from the now-removed `ProcessPeerTxtData()`
method directly into `HandleTxtResult()`. After a `Peer` is removed,
the local `peer` pointer is set to `nullptr`, and the call to
`UpdatePeerState()` is guarded by a null check to prevent using
the invalid pointer.
This commit renames `IsExpectedToBecomeRouterSoon()` to
`WillBecomeRouterSoon()` to better reflect its behavior.
The implementation is simplified by using the `VerifyOrExit` pattern
instead of a single complex boolean expression, which improves code
readability.
This change introduces new APIs to allow configuration of the response
timeout for mesh diagnostic queries. A corresponding CLI command
`meshdiag responsetimeout` is also added to get or set the timeout
value.
When set, the new response timeout is used for subsequent queries and
does not affect any that are ongoing. The timeout value is clamped
between 50 milliseconds and 10 minutes to ensure it stays within a
reasonable range.
This commit refactors `Utils::HistoryTracker` by moving it into its
own dedicated `ot::HistoryTracker` namespace for better code
organization.
The main implementation class is renamed from `HistoryTracker` to
`Local`, making the new class `ot::HistoryTracker::Local`. This
allows additional components (like server and client) to be defined
within the `HistoryTracker` namespace.
Nested types, such as `Iterator`, are now direct members of the new
`HistoryTracker` namespace.
Commit adds check if commissioning is possible and if the tcat device is already commissioned.
Adds advertisement update on disconnected and role change.
Fixes key handling for key references.
Fixes the authorization processing.
Implements recent changes of the application TLVs.
This commit moves the child ID allocation logic from `Mle` to
`ChildTable`.
A new `AllocateNewChildRloc16()` method is added to `ChildTable` to
contain the allocation logic, and the `mNextChildId` counter is moved
to `ChildTable`. `Mle` is updated to use this new method.
This refactoring improves code encapsulation by making the
`ChildTable` responsible for managing all aspects of the children it
contains, including ID allocation.
The `kIndexMask` within `AnswerTlv` was incorrectly defined as `0x7f`,
which only covers the lower 7 bits of the `mFlagsIndex` field. This
would improperly truncate the message index value.
This change corrects the mask to `0x7fff`, which properly utilizes the
lower 15 bits for the index, while the most significant bit remains
reserved for the `kIsLastFlag`.
This commit introduces `Mle::PrevRoleRestorer` to consolidate the
logic for restoring a device's previous role (child or router/leader)
after an MLE restart.
This new class replaces and encapsulates the functionality from the
now-removed `RouterRoleRestorer` class and `RestorePrevRole()` method.
`PrevRoleRestorer` manages its own timer and retransmission logic. It
handles sending Child Update Requests to restore a child role, or
multicast Link Requests to restore a router/leader role. It also adds
a small random delay before the first transmission attempt to avoid
synchronized transmissions when multiple devices restart at once.
This change simplifies the `Mle` class by centralizing all role
restoration logic into a single component, making future enhancements
to this process easier.
This commit introduces a new feature in `HistoryTracker` to track
Network Data DNS/SRP unicast/anycast address entries. This new
functionality records when different Border Routers add or remove
these entries in the Network Data. This change also introduces new
public APIs and CLI command `history dnssrpaddr` to expose this
information.
This commit simplifies the `Settings` API by modifying all "Save"
and "Delete" methods to return `void` instead of `Error`.
Settings operations are required for a Thread device to function, so a
failure to save or delete from non-volatile storage should be treated
as a critical error. Previously, the code effectively ignored these
errors using `IgnoreError()`. This change instead treats any such
failure as a critical error, triggering an assert within the
`Settings` module.
The key changes include:
- `Settings::Save<T>()`, `Delete<T>()`, `DeleteAllChildInfo()`, and
similar methods now return `void`.
- Internal `Settings` methods use `SuccessOrAssert()` to assert on
errors.
- The responsibility for asserting on `kErrorNotImplemented` is moved
to the `SettingsDriver` layer.
This update simplifies the caller logic by removing the need for
`IgnoreError()` at many call sites. Consequently, several methods
that primarily wrapped `Settings` calls, such as `Mle::Store()` and
`BorderAgent::SetId()`, have also been updated to return `void`.
This commit increases the default DNS response timeout config,
`OPENTHREAD_CONFIG_DNS_CLIENT_DEFAULT_RESPONSE_TIMEOUT`, to 7000
milliseconds.
The default value of 7000 is selected to be longer than the
six-second wait time for queries resolved by the Discovery Proxy
(per RFC 8766, Section 5.6, first bullet).
This commit updates the handling of discovery request transmission
completion by using a `TxCallback`.
Previously, `MeshForwarder` contained special-case logic to identify a
discovery request message and would then explicitly call into
`DiscoverScanner::HandleDiscoveryRequestFrameTxDone()`.
This is changed so that `DiscoverScanner` now registers a `TxCallback`
directly on the discovery request message itself.
This commit moves the `Detacher::Detach()` method implementation to
group it with other `Detacher` method definitions.
When the `Detacher` class was added in PR #11723, its methods were
intentionally kept in their original locations to keep the `git diff`
smaller and easier to review.
This is a pure code-move refactoring to improve code organization and
has no functional changes.
This commit introduces `GenerateRandomDelay()`, to simplify the
logic for generating a random delay up to a given max delay.
This is then used through `Mle` class.
This commit implements `ot::Posix::Dhcp6PdSocket`, which provides the
`otPlatInfraIfDhcp6PdClient*` socket-like APIs for use by the core
`Dhcp6PdClient` module.
The `Posix::Dhcp6PdSocket` is a sub-component of `Posix::InfraNetif`.
This commit modifies TREL to disregard mDNS (DNS-SD) service removal
events when updating the peer table. Since mDNS peer removal signals
can be unreliable, this change prevents such signals from causing a
peer's removal. Instead, a peer entry is retained as long as TREL
packets and acks are successfully exchanged, moving towards the goal
of eliminating TREL's dependency on mDNS for peer discovery and
tracking.
This commit also introduces a new mechanism to track the last
interaction time with each peer. This information is used to evict
the least recently used entry when the peer table gets full and to
remove inactive peers after a long expiration period (7.5 min)
passes.
The `test_trel` Nexus test is updated to validate these new
behaviors.
This commit updates `RestorePrevRole()` to directly start the
`RouterRoleRestorer` instead of calling `BecomeRouter()`.
Consequently, `BecomeRouter()` is simplified by removing the logic for
handling the `kRoleDetached` state. The method now focuses on the
child-to-router transition by sending an Address Solicit message, and
its initial role validation is made more explicit.
This change ensures the logic for restoring a previous router/leader
role is separate from the child-to-router transition logic.
This commit introduces a new `Mle::Detacher` class to encapsulate all
state and logic for the graceful detach process. By managing its own
internal state, timer, and completion callback, the `Detacher` class
centralizes the detach logic, improving code clarity and
maintainability.
This commit updates the mechanism for notifying the transmit
completion of a Child ID Request message.
Instead of `MeshForwarder` checking the message type and calling into
`Mle` upon transmit completion, `Mle::SendChildIdRequest()` now
registers a `TxCallback` directly on the message.
This change simplifies `MeshForwarder` by removing the need for it to
be aware of specific `Mle` message types.
This commit resolves a potential unsafe integer conversion warning by
explicitly casting the size of the status sub-TLV to `uint8_t` before
setting the length of the main TLV in
`SendLinkMetricsManagementResponse`.
Additionally, this change enables MLE_LINK_METRICS_SUBJECT_ENABLE`
feature in the `toranj` test configuration, allowing this feature to
be covered under its builds.
This commit adds a check in `RetxTracker::ScheduleTimer()` to ensure
the timer is not scheduled if MLE operations are disabled.
This change improves safety by handling an edge case during the
graceful detach process. In this scenario, a child sends a "Child
Update Request" with a zero timeout and, upon receiving a response,
immediately stops MLE. The added check prevents the retransmission
timer from being incorrectly scheduled after MLE has been stopped.
This commit refactors the IPv6 filter by renaming `Filter::Accept()`
to `Filter::Apply()` and changing its return type from `bool` to
`Error`.
The new method now returns `kErrorNone` for an accepted message and
`kErrorDrop` for a message that should be dropped. This change
improves clarity and aligns the filter's logic with the common
`SuccessOrExit` error handling pattern used throughout the codebase.
This commit changes the workflow trigger event from `pull_request` to
`pull_request_target` so to match the event type that triggers the
`check-size` workflow.
This commit enables the `-Wimplicit-int-conversion` compiler flag for
`ftd`, `mtd`, and `radio` to improve code quality by detecting
potential data loss from implicit type conversions. This is enabled
when clang toolchain is used.
All resulting warnings have been addressed by either:
- Changing variable, parameter, or return types to ensure consistency
and prevent overflows.
- Adding explicit `static_cast` where the type conversion is intended
and safe.
This commit simplifies the `HandleParentRequest()`.
- The logic for detecting duplicate Parent Requests is made more
readable by introducing the `kParentRequestDuplicateTimeout`
constant.
- To reduce unnecessary log noise, checks like `IsRouterEligible()`
or `!IsDetached()` no longer set and return an error. This
prevents logging failure messages for conditions that are not
actual errors.
- Verbose comments are removed in favor of self-documenting code.
This commit changes the `aDelay` parameter type in
`Mle::DelayedSender` methods from `uint16_t` to `uint32_t`.
This update supports specifying message transmission delays longer
than the previous 65-second limit and avoids potential implicit
integer downcasting.
The `test_publish_meshcop_service` is updated to explicitly disable
the border agent before factory resetting `br`. This makes the
test more reliable by ensuring the MeshCoP service is unpublished.
The `test_publish_meshcop_service` is updated to explicitly disable
the border agent before stopping the `otbr-service`. This makes the
test more reliable by ensuring the MeshCoP service is unpublished
before stopping `otbr-service`.
This commit removes the explicit call to disable the `BorderAgent`
during instance finalization. This change prevents issues where the
call may trigger platform interactions that can fail due to the
platform layer being deinitialized before the `Finalize` is called.
This commit enhances the instance shutdown sequence by explicitly
disabling the Border Agent in `Instance::Finalize()`.
Additionally, direct calls to the OpenThread C API, such as
`otThreadSetEnabled()`, are replaced with their corresponding C++
method calls, like `Get<Mle::Mle>().Stop()`.
This commit refactors the `Mle::BecomeLeader()` method to use a new
`LeaderWeightCheck` enum instead of a boolean parameter for checking
the leader weight.
The new enum, with values `kCheckLeaderWeight` and
`kIgnoreLeaderWeight`, makes the intent at the call sites more
explicit and improves code readability by avoiding the ambiguity of a
`true`/`false` flag. The functional behavior remains unchanged.
This commit moves the `Message::Ownership` enum definition to the
`Ip6` class. This enum is exclusively used by the `Ip6` class to
determine whether to clone a message or take direct custody. This
model is not intended for use by other components. `OwnerPtr<>` is
the recommended approach for conveying ownership transfers.
This commit simplifies the `Reattach()` method to improve readability.
The nested `if-else` statements are replaced with a `switch()` to
check `mReattachState`, and specific situations are handled with `if
(condition) { action; ExitNow(); }`.
This commit relaxes the `border_router` test scripts that check mDNS
query results. The test will no longer fail if an expected record
does not appear in the additional section.
This change aligns with RFC 6763 section 12, which specifies that
additional records are recommended but not required. Particularly, a
TXT record is not recommended for an SRV query (section 12.2), and a
TXT query has no recommended additional records (section 12.3).
The test will now validate the additional record if it is present but
will not fail if it is absent.
This commit changes the `SetEnabled()` API to return `kErrorNone` when
the component is already in the requested state (enabled or
disabled). Previously, the method would return `kErrorAlready` in
this scenario. Making this API idempotent simplifies caller logic, as
they no longer need to handle the `kErrorAlready` case.
The radio platform API otPlatDiagRadioTransmitDone() and
otPlatDiagRadioReceiveDone() are the same with the API
otPlatRadioTxDone() and otPlatRadioReceiveDone(). This commit removes
the API otPlatDiagRadioTransmitDone() and otPlatDiagRadioReceiveDone()
to let the MAC layer and the diag module to use the same radio API to
send and receive 154 frames. So that the diag module could process the
ACK frame in the future.
This commit refactors `Mle::Start()` by moving the logic for restoring
the previous role into a new method, `RestorePrevRole()`.
This change simplifies the startup process and improves robustness by
adding more validation checks within `RestorePrevRole()`. The new
method ensures that the previously saved state information is
consistent before it is applied. For example, it verifies that
`mLastSavedRole` matches the saved RLOC16 and that parent information
is valid if the saved role was Child. These checks protect against
loading invalid settings and allow the device to start more quickly
by ignoring inconsistent state.
This commit introduces "auto-enable mode" in mDNS module. When this
mode is enabled, the mDNS module uses the same infrastructure network
interface as the Border Routing manager. The mDNS module is then
automatically enabled or disabled based on the operational state of
that interface. It is recommended to use the auto-enable mode on
Border Routers. New APIs and CLI commands are added to manage this
mode.
This commit also makes the if-index argument optional in `mdns enable`
CLI command. If an index is not provided, the command defaults to
using the Border Router's infrastructure interface. This help
simplify controlling the mDNS state in test scripts.
This commit enhances the `NetworkData::Service::Iterator` class.
The `Iterator` is now a separate class from `Service::Manager`. It
provides `GetNextDnsSrpAnycastInfo()` & `GetNextDnsSrpUnicastInfo()`
methods, simplifying the code for iterating over these service
entries. The `Iterator` is also generalized to track a given
`NetworkData` instance, allowing it to iterate over service entries
on any `NetworkData` object, not just the Leader's.
This commit updates the `EnergyScanServer` to use an `OwnedPtr<>` for
its `mReportMessage` member.
This change ensures that the allocated report message is correctly
freed when the `otInstance` is destroyed, preventing a potential
memory leak.
This commit adds a new mechanism to emulate a node reset on
`Nexus::Node`. This is realized by resetting all platform components
while ensuring the non-volatile `mSettings` remains unchanged, then
reinitializing the `ot::Instance` by invoking its constructor.
This is used to add a new `test_full_network_reset` test, which
emulates a full simultaneous reset of all nodes in a large network,
tracking how long it takes for the network to stabilize after the
reset event.
This commit introduces `otBorderRoutingGetInfraIfInfo()` to get the
interface index and running state of the configured infrastructure
interface. A corresponding CLI command is also added to retrieve this
information.
This commit introduces `Mle::RetxTracker`, a new nested class that
encapsulates the state and logic for managing MLE message
retransmissions. It specifically handles retx of Child Update and
Data Request messages sent from a child to its parent, as well as the
periodic keep-alive Child Update tx from an rx-on-when-idle child.
This change centralizes all retransmission logic within
`RetxTracker`, replacing direct state manipulation and leading to a
cleaner, more modular design.
This change also includes the following improvements and fixes:
- The retransmission timeout (`kUnicastRetxDelay`) now includes a
small random jitter.
- Fixes the logic for tracking the number of transmission attempts,
ensuring the child detaches after `kMaxAttempts` (4) are reached.
The previous code would incorrectly try one additional time
(5 attempts).
- Tracks the transmission time of Data Requests and Child Updates
separately. This ensures that periodic keep-alive Child Updates are
sent at the correct time, even after a recent Data Request
transmission.
- The `RetxTracker` is designed to be extensible for managing
retransmissions of other message types in the future.
This commit updates the `Nexus::Node` to initialize platform-specific
components first. This is achieved by defining them in a `Platform`
struct, which is inherited before `ot::Instance`.
This change ensures all platform components are ready and can be
safely used from the `Instance` constructor and any of its
sub-components.
This commit updates the wait time in the `test_mdns` unit test to
handle a rare timing failure.
When a truncated message is sent, mDNS is expected to wait for a
random delay of at least 400ms. The test previously waited exactly
400ms before checking for emitted messages, leading to rare failures
if the random delay was precisely 400ms.
This change reduces the test's wait time to 399ms, ensuring it
correctly verifies that no message is emitted during the initial
delay period and making the test more robust.
Previously we were relying on the platform to call
`otPlatInfraIfDiscoverNat64PrefixDone` to trigger the evaluation of
NAT64 prefix. Since
https://github.com/openthread/openthread/pull/11481, we're no longer
doing proactive DNS-based prefix discoveries and it never calls the
callback `otPlatInfraIfDiscoverNat64PrefixDone`.
That means NAT64 evaluation can only happen when
`RoutingManager::EvaluateRoutingPolicy` is triggered, which can cause
a at most 3-minute delay (`kRaBeaconInterval`), between enabling NAT64
feature and the feature starts to work.
This commit triggers the evaluation of routing policy when
`Nat64PrefixManager::Discover()` fails to ensure the feature starts to
work on time.
The definition of sMicroTimer and sRealTimeSignal are wrapped by the
__linux__, OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE and
!OPENTHREAD_POSIX_VIRTUAL_TIME. But the code using these two
variables is not completely wrapped by these three macros. It causes
the compile errors in some conditions.
This commit wraps all the code that uses these two variables with
these three macros.
This commit updates `Mle` to ensure that a device ignores a
received "Child Update Request" message if it is currently detached.
This prevents the device from sending a "Child Update Response" in
this state. This behavior is particularly important when a device is
trying to restore its previous role as a router or leader.
This commit introduces new `Mainloop` helper functions. These helpers
can be used to update or check the read, write, and error file
descriptor sets (`fd_set`) or the timeout value within a
`Mainloop::Context`.
This commit refines the logging of local host address events in the
`Mdns` module.
Address update events signaled from the platform layer are now logged
at the `Debug` level instead of `Info`. This avoids excessive logging
from platform implementations that use periodic polling for address
monitoring.
Instead, after the events are processed, an `Info` level log is now
generated only if the address list has changed. This new log
specifies which addresses were added or removed. Additionally, the
format for IPv4 addresses (tracked as IPv4-mapped IPv6 addresses) is
updated to use the standard dotted-decimal notation, making the logs
easier to read.
This commit adds a netlink-based address monitoring strategy,
`OT_POSIX_MDNS_ADDR_MONITOR_NETLINK`, to `Posix::MdnsSocket`. This is
provided as an alternative to the periodic poll-based approach
introduced in PR #11641.
With this model, `MdnsSocket` reports the initial list of IPv4/IPv6
addresses on the infrastructure network interface. It then uses a
`NETLINK_ROUTE` socket to listen for `RTM_NEWADDR` and `RTM_DELADDR`
events, signaling any subsequent address changes to the mDNS module.
This commit contains various enhancements to the `Otns` class:
- Makes `Otns` methods non-static. This aligns their use with the
clang-tidy `readability-static-accessed-through-instance` check,
which disallows accessing static methods through an instance.
- Updates the `make-pretty` script to enable OTNS and include it in
`clang-tidy` checks.
- Adds a stub implementation of `otPlatOtnsStatus()` in the simulation
and fake platforms. This allows the OTNS feature to be enabled in
`make-pretty` builds and covered by GitHub Action CI checks.
- Simplifies the `EmitStatus` methods to use the `String` class for
constructing the status string.
- Adds a new helper method to construct the CoAP status string,
removing duplicated code.
This commit introduces an initial implementation in `Posix::MdnsSocket`
to monitor and report all IPv4 and IPv6 addresses assigned to the
infrastructure network interface. This mechanism is used by OpenThread's
native mDNS module and was added in PRs #11353 and #11394.
A new configuration, `OPENTHREAD_POSIX_CONFIG_MDNS_ADDR_MONITOR`, is
added to select the monitoring strategy. This commit implements the
`OT_POSIX_MDNS_ADDR_MONITOR_PERIODIC` approach, where `getifaddrs()`
is used to enumerate addresses periodically. The polling interval
is configured by `OPENTHREAD_POSIX_CONFIG_MDNS_ADDR_MONITOR_PERIOD`.
Note that the OpenThread mDNS module itself tracks the list of
reported addresses and will only take action when there is a change
from what was previously announced. This allows the platform to
simply report the full list of current addresses at each interval.
This commit fixes formatting issues in the netdata CLI README files to
improve clarity and correctness of the documentation.
The changes include:
- Adding the '>' prompt character to CLI command examples where it was
missing.
- Specifying 'bash' as the language for code blocks to enable proper
syntax highlighting.
- Remove an extra colon
This commit rearranges the method and member variable declarations in
the `Posix::MdnsSocket` class to follow the recommended order, i.e.,
methods before member variables.
This commit enhances the `Srp::Client` "single service mode". This
mode is enabled when a prepared SRP update message exceeds the IPv6
MTU size. In this mode, the client registers its services one by one,
with each SRP update containing only a single service.
The implementation is simplified by changing the `mSingleServiceMode`
flag from a persistent member variable of the `Client` class to a
field within the `MsgInfo` struct, making its scope
message-specific.
State transitions are now correctly applied to host and service
entries when operating in single service mode. This, in turn, helps
ensure that SRP message transaction IDs are managed correctly: the
same ID is used for retries of an unchanged service, while a new ID
is used if the service information has changed.
Finally, a new test case, `TestSrpClientSingleServiceMode`, is added
to `test_srp_server` to cover this behavior and its associated retry
logic in detail.
This commit updates the `MessageQueue` and `PriorityQueue`
implementations to use non-circular doubly linked lists instead of
the previous circular ones. Using a non-circular list requires the
queue to track the head element, but it simplifies common operations
like getting the head and iterating over the messages.
Particularly, `Message::GetNext()` now simply returns the `mNext`
pointer. Previously, `Message` had to store a pointer to its `mQueue`
within its `Metadata` to identify the tail of the queue and stop the
iteration correctly.
This commit also updates the unit tests. In particular,
`test_priority_queue` is significantly enhanced to cover many
scenarios, such as multiple messages with the same priority, and
messages with different priorities being added and removed in various
orders.
This commit updates the SRP client message ID assignment model.
Message IDs are now selected randomly, ensuring they differ from the
last ID used. The same message ID is reused when a message is
retried.
This replaces the earlier design where all messages, including
retries, used sequential message IDs.
The unit test is also updated to validate the new behavior.
This commit introduces new public APIs to register a `TxCallback` on a
message to be notified of its transmission outcome.
The callback is invoked with an error code indicating the transmission
status of the IPv6 message to an immediate neighbor (a one-hop
transmission). It does not indicate that the message was received by
its final, multi-hop destination.
For a unicast IPv6 message, a success (`OT_ERROR_NONE`) indicates that
the message, including all its corresponding fragments if applicable,
was successfully delivered to the immediate neighbor and a MAC layer
acknowledgment was received for all fragments. This is reported
regardless of whether the message is sent using direct or indirect
transmission (e.g., to a sleepy child via CSL or a data poll).
For a multicast message, an `OT_ERROR_NONE` status indicates that the
message and all its fragments were successfully broadcast. Note that
no MAC-level acknowledgment is required for a broadcast frame
transmission.
This commit updates `SendMessage()` to initialize the `msgType`
variable before the `switch` statement.
This change addresses a compiler warning for a possibly uninitialized
variable, flagged by `-Werror=maybe-uninitialized`.
Note that the situation where `mState` would be an undefined value is
not technically possible in the current logic. However, the compiler
cannot guarantee this and therefore generates a warning. Initializing
the variable upfront resolves this issue.
This commit modifies `Message::SetPriority()` to prevent changing a
message's priority after it has been enqueued in a `PriorityQueue`.
Attempting to do so will now return `kErrorInvalidState`.
The functionality for altering the priority of an already-enqueued
message is not currently used or required. Should this behavior
become necessary in the future, the recommended approach is to
explicitly dequeue the message first, then change its priority, and
finally re-add it to the queue. This makes the intended behavior
clearer and more explicit within the code.
This commit also updates the `test_priority_queue` unit test to
reflect this change.
This commit simplifies the code by removing the `kReattachStart` state
from the `ReattachState` enumeration. This enum is used after MLE
`Start()` to track whether to attempt to attach using a persisted
Active or Pending Dataset.
Previously, `kReattachStart` was a transitory state set in `Start()`
and then changed in the `Attach()` method to either `kReattachActive`
or `kReattachStop`, based on whether the device had a saved Active
Dataset.
This change simplifies the code by determining the state directly in
`Mle::Start()`, which allows for the removal of the now unnecessary
`kReattachStart` case.
This commit introduces the `Dhcp6PdClient` class, which implements
DHCPv6 Prefix Delegation (PD) client functionality. It integrates
with `BorderRouter::RoutingManager` and its `PdPrefixManager`
sub-component. The CMake `OT_BORDER_ROUTING_DHCP6_PD_CLIENT` mapped
to `OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_CLIENT_ENABLE` config
enables this feature.
Previously, the platform layer was expected to implement client
functionality, acquiring and providing the delegated prefix(es) to
the OT stack using `otPlatBorderRouter*` callbacks. This approach
continues to be supported. The `Dhcp6PdClient` feature adds native
support for this functionality in the OpenThread core.
The `Dhcp6PdClient` implementation follows RFC 8415, focusing on
prefix delegation and all required behaviors. The client follows the
standard four-message Solicit/Advertise/Request/Reply exchange to
obtain a delegated prefix, followed by a two-message Renew/Reply or
Rebind/Reply exchange to extend the lifetime of the delegated prefix.
When the prefix is no longer needed, a two-message Release/Reply
exchange ends its lease. The current client implementation does not
support the optional "Reconfigure Accept" mechanism.
A set of `otPlatInfraIfDhcp6PdClient*` platform APIs are also
introduced for use by the `Dhcp6PdClient`. These APIs are used to
enable or disable listening for DHCPv6 messages and to handle sending
and receiving them on the standard client and server UDP ports
(546 and 547), effectively acting as a UDP socket.
This commit also includes a comprehensive unit test covering various
aspects of `Dhcp6PdClient`, including common behaviors and many
specific edge cases.
This commit simplifies the `Message::Metadata` so that it no longer
tracks the `MessagePool`. Instead the `Message` now tracks the
`ot::Instance` it is associated with and acts as a `GetProvider`,
allowing access to any component within `Instance`, including
the `MessagePool`.
This commit enhances how changes in the number of reachable peer
Border Routers (BRs) are tracked and signaled. This tracking is
handled by `RxRaTracker` and utilized by the `MultiAilDetector` to
determine if BRs are connected to different AILs.
The `RxRaTracker::DecisionFactors` class now includes and tracks
`mReachablePeerBrCount`. This value is updated in the `Evaluate()`
method, which is invoked upon any change to the internal state
tracked by `RxRaTracker` (e.g., changes in discovered prefixes or
routers). This ensures that any change in the number of peer BRs is
promptly detected and signaled to other sub-components, allowing them
to update their state or take necessary actions.
This commit updates how `MdnsSocket::SendQueuedMessages()` iterates
over the message queue. The iteration is changed to get the next
message before processing the current one. This is necessary because
the current message may be dequeued and freed within the loop, which
would invalidate the pointer to the next message.
This commit moves the `Mle::AnnounceHandler` methods to be located
together in the same section.
The `AnnounceHandler` sub-component was added in a previous commit,
but its methods were intentionally left in their original locations
to keep the `git diff` small and easy to review. This change simply
relocates the methods to their proper place and includes no logical
modifications.
This commit addresses an issue where the fractional part of the ping
average round-trip time (RTT) was not consistently formatted.
Previously, it used ".%u" with `(avgRoundTripTime % 1000)` which
could omit leading zeros for fractional values. It now uses ".%03u"
to ensure three digits are always displayed, padding with leading
zeros when necessary.
Fix the initialization order in ProcessRadioUrl() to ensure that
configuration files are loaded before region settings are applied.
Previously, the region code was set before configuration files
(product-config-file and factory-config-file) were processed. This
caused region-specific settings such as target power to be applied
from stale configuration data rather than the newly loaded
configuration file.
The fix reorders the parameter processing sequence:
1. Basic radio parameters (fem-lnagain, cca-threshold)
2. Configuration file loading (product-config-file, factory-config-file)
3. Region setting (region)
4. Other parameters (bus-latency, max-power-table, coex settings)
This ensures that when a region is set, it will use the correct
configuration data from the newly loaded files, allowing region-specific
power settings and other parameters to be properly refreshed.
Change-Id: Idcf16d194eea65d3efe3ae380d6fa90e71bd5499
It would be easier to use OpenThread public headers if they are
self-contained and follows the IWYU style guide. This commit fixes some
style issues to make the public headers self-contained and IWYU. The
existing pretty check is also extended to verify the OpenThread public
headers are self-contained and follows IWYU.
With the router restoration, longer delay is expected. This commit
defines the router restoration delay and apply it on the unstable test
case Cert_5_1_05_RouterAddressTimeout.
This commit renames DHCPv6-PD related types and methods in
`RoutingManager` to consistently use the `Dhcp6Pd` term.
This commit also updates the related unit test in
`test_routing_manager`. The test is renamed to `TestDhcp6Pd()`, and
the code style is updated to align with other test cases in the same
file. No changes are made to the actual test steps or what is covered
by the test itself. The method for reporting PD prefixes to the
OpenThread stack is modified within the unit test. Instead of using
`otPlat` APIs, `RoutingManager` methods are now directly invoked.
This helps make the unit tests independent of the configuration,
allowing for more flexible models where platform-provided APIs may
not be provided (e.g., DHCPv6 client as part of OpenThread code).
This commit adds the `Option::Iterator` class for searching for and
iterating over DHCPv6 options with a specific code within a message.
The iteration can cover the entire message or be constrained to a
given `OffsetRange`.
The `Option::Iterator` is used to simplify the `Dhcp6::Client` and
`Dhcp6.Server` implementations, particularly when iterating over
`IaAddressOption`s within an `IaNaOption`.
This commit adds a destructor for `SecureTransport` that closes the
socket, and disconnects and removes any tracked sessions.
Removing the sessions ensures that the `SecureSession` instances and
any data allocated within them are properly freed. This handles the
case where the `otInstance` itself is destroyed, ensuring that all
heap-allocated items are cleaned up correctly to prevent memory
leaks.
This commit introduces the `AnnounceHandler` class within `Mle` to
encapsulate logic for handling Announce messages. This change
simplifies the `Mle` module and makes the code easier to read and
follow.
The `AnnounceHandler` class handles received Announce messages with a
newer timestamp and different channel and/or PAN ID. It can delay
processing to collect and handle subsequent Announce messages.
It also manages starting the "announce attach" process, where the device
attempts to attach using the parameters from a processed Announce
message.
- If the attach is successful, this class sends an Announce on the old
channel to inform other devices. This is done immediately after
attaching as a MTD child or after a router transition attempt
completes (on FTD).
- If the attach fails, the class ensures the channel and PAN ID are
restored to their original values.
In particular, the new `AnnounceHandler` uses its own `Timer` to delay
the start of an announce attach. Previously, the `AttachTimer` was
repurposed for this, in addition to its use for attach state
management.
This commit updates and enhances the parsing and generation of the
DHCPv6 DUID in Client/Server Identifier Options.
DHCPv6 DUIDs can be specified in a variety of ways, and clients and
servers must treat them as opaque values that are compared for
equality. This change adds an `Eui64Duid` type to represent a DHCPv6
DUID based on the EUI-64 Link-Layer address format (DUID-LL).
A set of common helper methods are added to parse, match, and append
the DUID in a Client or Server Identifier option:
- `ReadDuid()`: Reads the raw DUID as a blob of data.
- `ReadAsEui64Duid()`: Reads a DUID, validating that it follows the
DUID-LL format, and parses the EUI-64 address.
- `MatchesEui64Duid()`: Reads a DUID and checks that it matches a
given EUI-64 address.
- `AppendWithEui64Duid()`: Appends a Client/Server ID option with a
DUI using the DUID-LL format.
This commit also introduces `Option::AppendOption()` which appends a
DHCPv6 Option with a given code and data to a message.
These methods are then used to simplify the `Dhcp6::Server` and
`Dhcp6::Client` code.
This will avoid the problem that scope id or ifindex remains 0 for a
link-local transmission. If 0, the OS cannot decide which network
interface to use based on address alone.
This aims to fix some instances in core/tcp6 and posix/udp where the
complete struct was not initialized. In otPlatUdpJoinMulticastGroup
and otPlatUdpLeaveMulticastGroup an explicit redundant setting to '0'
is added just for clarity for people reading the code.
This commit adds some new statistics for ePSKc to show the time
duration of various sub process during the credential sharing.
A Nexus unit test is added to verify the stats are counted correctly.
A few small points to be noted:
* The `StopReason` which was used internally in `EphemeralKeyManager`
is renamed as `DeactivationReason`, defined as public and is mapped
to the public enum `otHistoryTrackerEpskcDeactivationReason`.
* The original reason `Timeout` is renamed to `SessionTimeout` to
indicate this is a timeout of the secure session. This is to
differentiate with the epskc mode timeout.
* A new reason `EpskcTimeout` to indicate the timeout is due to epskc
mode timeout.
The log message "No domain name servers found in %s, default to
127.0.0.1" is misleading because the code does not actually default to
127.0.0.1 if no nameservers are found.
This commit updates the log message to accurately reflect the
behavior.
This commit simplifies the processing of PD prefixes provided by the
platform to `PdPrefixManager`. The platform can report DHCPv6 PD
prefixes in two ways: through a Router Advertisement (RA) message
containing Prefix Information Options (PIOs) or by providing a PD
prefix directly.
Previously, these two paths were processed in a single method, which
made the code harder to read and follow. This commit refactors the
logic to separate these two paths while using common helper methods.
This change introduces `EvaluateCandidatePrefix()`, which evaluates a
single candidate prefix and tracks the most favored one. After all
candidates are evaluated, `ApplyFavoredPrefix()` is called to apply
the most favored prefix and update the current PD prefix if
necessary.
This commit introduces new helper methods for DHCPv6 Option parsing
and generation.
- It adds `Option::FindOption()` to search and parse the first DHCPv6
option with a given code within a specified range of a `Message`.
- It also adds `Option::UpdateOptionLengthInMessage()`, which updates
the Option length in a message based on the number of bytes
appended, simplifying the appending of variable-length options
(e.g., `IaNaOption`, which can contain multiple sub-options).
- Additionally, `StatusCodeOption::ReadStatusFrom()` is added to read
the status code from a Status Code Option in a specified range
within a `Message`. The absence of a Status Code option implies
success.
- Helper methods to search for and append `RapidCommitOption` are also
included.
These new helper methods are then used by `Dhcp6::Server` and
`Dhcp6::Client`, simplifying the code, particularly for processing
options in received DHCPv6 messages.
This commit also adds a new `test-036-dhcp-prefix-netdata.py` test to
validate the publishing of prefixes with the DHCP flag in Network
Data and the behavior of the DHCPv6 client and server.
This commit enhances the TREL module to manage mDNS/DNSSD service
registration and peer discovery (browse and resolving for TREL
services). This feature can be controlled through
`OPENTHREAD_CONFIG_TREL_MANAGE_DNSSD_ENABLE` (and/or the CMake option
`OT_TREL_MANAGE_DNSSD`).
When enabled, TREL will utilize the `Dnssd` module, which provides
mDNS-related APIs. This can be tied to OpenThread's native mDNS
implementation or to `otPlatDnssd` (i.e., provided by the platform
layer).
This commit also adds support for the TREL platform in the `Nexus`
test framework and uses this to add a detailed `test_trel` case. This
test covers basic TREL peer discovery and operation, along with
specific scenarios such as peer removal delay, delayed mDNS start,
TREL service name conflict resolution, host address changes, and
supporting multiple services on the same host (while unlikely in
actual deployments, this can be useful for testing and simulation
where a single machine may act as multiple Thread nodes, thus
advertising multiple TREL services from the same hostname. This is
explicitly supported by the implementation and covered in the
tests).
This commit adds a destructor for `SecureSession` which ensures the
freeing of any mbedTls allocated items. This addresses memory leaks
detected by fuzzer tests when `otInstance` is destroyed, though this
situation is unlikely in typical OpenThread stack integrations.
This commit adds destructors for `MessageQueue` and `PriorityQueue`.
This ensures that allocated `Message` instances in different queues
are freed when the `ot::Instance` is destroyed.
This commit updates the `Notifier` to directly signal events to
`BackboneRouter::Leader`, `Dhcp6::Server`, `Dhcp6::Client`, and
`NeighborDiscovery::Agent`. These classes were previously notified
indirectly through `Mle::HandleNotifierEvent()`.
This commit enhances the POSIX platform configuration system to support
dynamic configuration file paths at runtime instead of only build-time paths.
ConfigFile class:
- Replace const char* mFilePath with char mFilePath[kFilePathMaxSize] to allow
dynamic path updates after construction
- Add SetFilePath() and GetFilePath() methods
- Update constructor to use SetFilePath() with proper bounds checking
Configuration class:
- Add SetFactoryConfigFile() and SetProductConfigFile() methods to update
factory and product config file paths
Radio URL parameter support:
- Add support for 'product-config-file' parameter in radio URL
- Add support for 'factory-config-file' parameter in radio URL
This commit contains style fixes and smaller enhancements in
DHCP6-related definitions and types. Mainly, the DHCP6 `Option`
sub-classes are renamed to include the `Option` suffix
(e.g., `IaAddressOption`), harmonizing the naming style with `Tlv`
and other `Option` classes (e.g., `Nd6` or `Dns` options).
This commit modifies the TREL module to explicitly request TREL acknowledgements
for broadcast transmissions directed to known neighbors. This ensures quicker
discovery of when a TREL peer is no longer available.
This commit updates `Nexus` simulation platform to implement and
emulate `otPlatMdns` APIs. This allows Nexus test cases to be
written which require and use the OpenThread's native mDNS.
This commit also enhances `test_border_agent` to validate that the
Border Agent's registered `_meshcop._udp` can be queried and
resolved (using mDNS) from other devices.
Added comprehensive Python virtual environment setup guide to the
cp-caps README.md file.
This includes detailed sections for creation, activation, dependency
installation, and deactivation of virtual environments to help users
properly set up their testing environment and avoid package conflicts.
This commit adds `TypeTraits::IsUint<Type>` and `IsInt<Type>` to
determine (at compile time) whether a given `Type` is an unsigned or
signed integer type (8, 16, 32, or 64 bit length). These help
simplify `static_assert()` checks in template methods that work
with integer types.
This commit updates `test_publish_meshcop_service` to relax the checks
when verifying mDNS browse response. Specifically, after `br1` is factory
reset, the Border Agent and other functions are not given the chance
to stop properly and remove previously registered mDNS entries. This
can result in stale entries remaining in the mDNS cache, leading to
more service entries appearing in `browse` results. This commit
relaxes the check from `assertEqual` to `assertGreaterEqual`,
allowing the test to pass when additional entries are observed.
This commit updates the DNS-SD server to support responding to SOA and
NS record queries (including `ANY` record type queries) for the
default service domain. The recommended values for SOA record data
from RFC-8766 section 6.1 are used. The server name included in
SOA/NS answers is derived from the Extended Address of the device,
ensuring it remains fixed and consistent over reboots as long as the
device's Extended Address stays the same.
A new detailed test case is added in the `test_dns_client` unit test
to cover all the newly added behavior.
Currently, if the platform has no upstream DNS server configured,
upstream DNS query will eventually time out. This can lead to delays
in responding to the DNS client.
The new otPlatDnsIsUpstreamQueryAvailable API provides a mechanism for
the platform to proactively signal the unavailability of upstream DNS.
This commit updates `Trel::Peer` and `PeerTable` to allow scheduling a
`Peer` for removal from the table after a given delay. This enables
smoother peer removal, especially for transient issues, by avoiding
abrupt disconnections.
To implement this, a `State` has been added to the `Peer` class,
tracking whether a peer is in `kStateValid` or `kStateRemoving`. If a
peer scheduled for removal is discovered again, it will be re-added
and marked as valid. Logging is also updated to show these new state
transitions. Additionally, `EvictPeer()` is updated to prioritize
evicting peers already scheduled for removal.
To ensure consistent API behavior, peers that are scheduled for
removal are skipped when iterating over the peer table using
`otTrelGetNextPeer()` or `otTrelGetNumberOfPeers()`.
This adds comments to DNS types, to ensure that official names from
the IANA DNS parameters registry can be found in the OT source code
when starting to search from that starting point. This will make
development and code analysis easier for those not familiar with OT,
or coming from the DNS world. The IANA names (which may deviate from
RFC names) are from: https://www.iana.org/assignments/dns-parameters
This commit updates the DNSSD server/resolver to ensure it includes
the questions in the response message when the returned RCODE is
`NameError` (NXDOMAIN). It also clears the question count and any
partially appended content if there is a failure to append all
questions (when `kResponseServerFailure` (SERVFAIL) is returned).
It also adds a test case in `test_dns_client` to resolve a
non-existent name and validate the included questions.
Previously, the `VerifyOrExit()` macro's condition caused clang-tidy to
issue issue false positives regarding "boolean readability," suggesting
simplifications via De Morgan's Theorem. This occurred because the macro
wrapped the entire condition and then checked its negative.
This commit refactors the macro to evaluate the condition directly, which:
1. Eliminates the erroneous clang-tidy warnings.
2. Potentially enhances CPU branch prediction performance, as the
condition is more likely to evaluate to true.
This commit updates `BorderAgent::PrepareServiceTxtData()` to include
the "rv" key. This key represents the version of the TXT record
format. Per the Thread specification, it must be set to "1". Values
other than "1" are reserved for the future and MUST NOT be used.
This commit also updates `test_border_agent` to validate this key.
This commit addresses a defect in the Resolver::Query function where
it would error out if the attempt to send a DNS query to any single
configured server failed. This could lead to query failures even if
other DNS servers were available and operational.
This commit introduces `TxtData` and `TxtDataEncoder` as nested types
in `Trel::PeerDiscoverer`. These classes handle the decoding and
encoding of TXT data for the TREL service, separating this TXT
data-related logic from the rest of the code. This helps simplify the
code and enables future extensions, allowing the TXT data logic to be
used irrespective of how services are registered or discovered.
This commit introduces `PeerDiscoverer` as a class responsible for
TREL peer discovery, separating this logic from `Trel::Interface`.
The new class currently handles the preparation of TXT data, calling
the platform API to register the TREL service, and handling callbacks
from the platform layer with newly discovered or updated peer
information.
This separation helps with TREL module organization and enables future
extensions, such as performing discovery using the native OpenThread
mDNS module or the platform-specific DNS-SD (`otPlatDnssd`) module,
in addition to the existing approach where discovery is delegated to
the platform layer.
This commit introduces a new API to allow setting vendor-specific
extra TXT data to be included when the Border Agent advertises its
mDNS `_meshcop._udp` service.
The provided vendor TXT data is appended as given to the TXT data
generated by the Border Agent and included in the `_meshcop._udp`
mDNS service advertisement.
This vendor TXT data can be set at any time, regardless of the Border
Agent's state. Any change from a previously set value will trigger an
update of the registered mDNS service to advertise the new TXT data.
This commit also updates `test_border_agent` by generalizing and
simplifying the validation of the Border Agent's `_meshcop._udp`
service TXT data. The tests are also expanded to validate the
complete registered service TXT data, including the newly added
support for vendor-specific extra TXT data.
This commit allows to configure the link-local route's metric via
macro on Linux. By using a larger metric, we can prevent host
processes from accidentally sending traffic to Thread network
interface.
For example, when the mDNS daemon on the BR wants to respond to a `QU`
mDNS question, it will send the mDNS response to a link-local
address. In a multi-network environment, it could wrongly go to the
Thread network interface if the socket is not explicitly bound to the
desired interface.
This commit introduces `PeerTable` as a separate class to track TREL
peers, separating this logic from `Trel::Interface`. The peer table
uses `OwningList`, ensuring that `Peer` entries are properly freed
upon removal.
The logic for allocating a new peer is simplified, including the
mechanism to evict a peer to make room for a new one.
This commit also adds a new configuration option to allow TREL to use
heap-allocated `Peer` entries instead of a `Pool<Peer>` with a fixed
size. The `Peer` class now has a `Free()` method to ensure `Peer`
instances are properly freed, regardless of whether they are heap or
pool allocated. This, combined with the use of `OwningList`,
simplifies memory management.
To cover all configurations, `toranj` build configurations for the
POSIX platform are configured to disallow TREL heap usage, while
`toranj` configurations for the simulation platform enable it.
This commit updates `BorderAgent` modules to directly manage the
registration of mDNS MeshCoP services. Previously, this was the
responsibility of the platform or higher-level code. This behavior is
enabled using `OPENTHREAD_CONFIG_BORDER_AGENT_MESHCOP_SERVICE_ENABLE`
configuration option.
When enabled, the `BorderAgent` module itself will register the
`_meshcop._udp` service name with properly formatted TXT data. As the
state changes, the service registration is updated accordingly.
If the ephemeral key feature is enabled and used, the `BorderAgent`
will also manage the registration of the `_meshcop-e._udp` service.
The implementation allows the service instance name to be configured
in different ways. The Thread specification recommends using a
user-friendly name, such as "<VendorName> <ProductName>". The
name can be set using a newly added configuration option, or
alternatively, using a newly added public API for projects where the
name needs to be set at run-time after device initialization.
This commit also updates `test_border_agent`, validating all the
newly added behaviors related to MeshCoP service registrations.
In `PerformNextRegistration()`, there are many reasons why no
registration message will be sent. For example, device is not attached
or there are no DUAs to register.
This commit suppresses warn-level log messages when no registration
message is expected and normal behavior.
This commit contains smaller changes related to the TREL `Peer` class
and the parsing of TXT data within the `PeerInfo` class.
The `Peer` class definition is now moved into its own `trel_peer.hpp`
and `trel_peer.cpp` header and source files, separating it from the
`Trel::Interface` class. Additionally, the `Log()` method within the
`Peer` class has been enhanced (now using an `Action` enum).
The `PeerInfo` class remains a nested class of `Interface` and now
provides a `ParseTxtData()` method to parse the included TXT data
entries.
This commit updates the internal data structure used for tracking TREL
peers. Peer tracking now uses a `LinkedList` of `Peer` objects
allocated from a pre-allocated `Pool<Peer>`, instead of using a
fixed-size `Array<Peer>`.
This change allows for future enhancements, such as using
heap-allocated `Peer` entries and/or extending the `Peer` object to
track additional (dynamically allocated) information.
This commit relaxes the parsing of TREL TXT data entries to allow
extra bytes to be present at the end of a value.
Currently, these extra bytes are simply ignored. This change provides
safer forward compatibility, allowing for future additions to the
format of the TXT data entries.
This commit moves and enhances the `TxtDataEncoder` class, relocating
it to the common `dns_types.hpp` header file.
The new `TxtDataEncoder` provides helper methods to append TXT entries
with a variety of value types, including `NameData`, C-strings, or an
unsigned integer (in big-endian format). This enhanced encoder is
then used by the `BorderAgent` when preparing MeshCoP TXT data and
also by the TREL module.
This commit relaxes the `SocketHandle::Matches()` method to allow a
socket associated with `kNetifUnspecified` to match when
`IsHostInterface()` is set. This is in addition to the existing
behavior of matching a backbone socket under the same condition.
This commit simplifies the preparation of the State Bitmap, which is
included in the Border Agent's TXT data using the `sb` key.
Specifically, constants for field values are now directly used to
construct the `uint32_t` bitmap, making the process more
straightforward.
Additionally, relevant constants are converted to use `static
constexpr`, avoiding the use of unnamed `enum` definitions.
This commit updates how the "ConnectionMode" field is set in the
Border Agent State Bitmap, which is advertised as the value of the
`sb` TXT key. In particular, when the Border Agent service is stopped
and therefore not accepting any connections, the value of this field
is now set to `kConnectionModeDisabled` to indicate this.
This commit also updates and enhances `test_border_agent` to validate
the State Bitmap entry in the TXT data, covering cases where the
device role changes or ePSKc support is enabled/disabled.
This commit adds a new API to allow the Border Agent service to be
enabled or disabled. By default, the Border Agent service is enabled
when the `OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE` feature is used.
This new API allows the user to explicitly control its state. This
can be useful in scenarios such as:
- The user code wishes to delay the start of the Border Agent service
(and its mDNS advertisement of the `_meshcop._udp` service on the
infrastructure link). This allows time to prepare or determine
vendor-specific TXT data entries for inclusion.
- Unit tests or test scripts might disable the Border Agent service to
prevent it from interfering with specific test steps. For example,
tests validating mDNS or DNS-SD functionality may disable the
Border Agent to prevent its registration of the MeshCoP service.
This commit also adds a corresponding CLI command for the new API and
updates `test_border_agent` to validate this functionality.
This commit updates the mDNS service registration to allow services
for the local host. The `mHostName` field in an `otMdnsService`
structure can now be set to `NULL` to indicate that the service
if for the local host.
The `test_mdns` unit test is also updated to verify this new
functionality.
This commit updates the `BorderAgent` to ensure that if its `Id` is
changed using the `SetId()` method, any consequent changes to the
generated TXT data for the MeshCoP service are correctly signaled.
This signaling is performed using the "Service TXT Data changed
callback". This commit also updates `test_border_agent` to validate
this.
This commit updates `BorderAgent` method and variable names to use
shorter forms where possible. Specifically, the term `MeshCoP` is
removed from many variable and method names, as the `BorderAgent`
class itself is already defined within the `MeshCoP` namespace.
This commit is purely a style and naming change and contains no
modification to the code logic.
This commit updates the DNS-SD `Server` implementation to support
queries for the `ANY` record type. This is supported whether a query
is resolved using the SRP server or the OpenThread native Discovery
Proxy.
When a query is resolved using the SRP server database, all known
records that match the query name and type are included in the
response (e.g., AAAA and KEY records for a hostname; SRV, TXT and
KEY records for a service instance name; and PTR records for service
type or sub-type query names).
Note that unlike mDNS, where an `ANY` query is expected to elicit all
known matching records, in the case of a unicast DNS query for `ANY`,
the response is only required to contain at least one matching
record, not necessarily all of them. This will be the behavior when
the Discovery Proxy is used to resolve a unicast DNS `ANY` query
(i.e., once the first answer is received from the Discovery Proxy
(mDNS), a response is prepared and sent to the client).
The unit tests `test_dns_client` and `test_dnssd_discovery_proxy` are
updated to validate the new `ANY` query behavior.
This commit adds a safeguard check in `Mle::HandleTimeTick()` to
protect against cases where scheduling or sending a Link Request
message to a new neighboring router fails. This can happen, for
example, if the device is temporarily out of message buffers.
This scenario is determined by checking if `router.IsStateLinkRequest()`
is true, there is no Link Request message scheduled to be sent to
this router, and the device is not waiting for a Link Accept
(`!router.IsWaitingForLinkAccept()`). In such a case, the neighbor is
removed using `RemoveNeighbor()`.
This commit adds implementation for RDATA translation in the
OpenThread native discovery proxy. Specifically, for certain record
types (like CNAME) where the record data includes one or more
embedded DNS names, this translation applies. If the embedded DNS
name in RDATA uses the local mDNS domain (`local.`), it is replaced
with the corresponding domain name for the Thread mesh network
(`default.service.arpa.`). Otherwise, the name is included unchanged
in the record data.
A new method, `AppendTranslatedRecordDataTo()`, is added to perform
this translation. It utilizes the `DataRecipe` table, similar to
`DecompressRecordData()`, to parse the record data and update the
embedded DNS names as needed.
The `test_dnssd_discovery_proxy` unit test is updated to cover the new
record data translation behavior.
This commit refactors the `ThreadLinkInfo` definition by moving it
into its own dedicated header (`thread_link_info.hpp`) and source
(`.cpp`) files. Previously, this definition was part of
`mesh_forwarder.hpp`.
This change simplifies the overall code structure. It also allows the
new `thread_link_info.hpp` header to be included by other modules,
such as `message.hpp`, thereby avoiding the need for forward
declarations.
This commit introduces a template helper `AppendServiceRecords()`
designed to append service-related records (SRV, TXT, and host
AAAA addresses) to the appropriate sections within a DNS `Response`
message.
This helper simplifies the codebase by removing repeated patterns.
These patterns occur when resolving queries using either SRP service
data or `ServiceInstanceInfo` retrieved from the platform (when the
platform implements discovery proxy function).
This commit contains a few smaller enhancements in the DNS-SD server
implementation:
- `ShouldForwardToUpstream()` now checks the `mEnableUpstreamQuery`.
- The `ResolveByUpstream()` method now handles its own error logging.
- Comments are added/updated to improve code readability.
This commit updates the DNS client to use `DecompressRecordData()`
helper method when processing `QueryRecord()` responses for
arbitrary record types.
This enables decompression of embedded DNS names within the received
record data for a wider range of record types. In particular, name
decompression is now supported for PTR, CNAME, DNAME, NS, SRV, SOA,
MX, RP, AFSDB, RT, PX, KX, and NSEC records.
This commit updates the DNS callbacks `HandleDnsBrowseResponse()`,
`HandleDnsServiceResponse()`, `HandleDnsRecordResponse()`, etc.,
to output an error if the query name is invalid or too long.
This change replaces previous `IgnoreError()` calls with specific
error handling code for these cases. This should help address CLI
Fuzzer test failures where long or invalid names might be generated
as CLI input.
This commit enhances the OpenThread DNSSD name server/resolver and its
native Discovery Proxy to support queries for arbitrary record
types.
To enable this, a new set of `otPlatDnssd` APIs are introduced for
generic `RecordQuerier`. These APIs mirror the existing APIs in the
OpenThread native mDNS module, allowing direct use of the native mDNS
implementation.
The discovery proxy implementation is updated to start and stop the
mDNS `RecordQuerier` when receiving a query for an arbitrary record
type, passing the first response record back to the client.
The unit tests `test_dnssd_discovery_proxy` and `test_dns_client`
are updated to cover all the newly added behaviors in discovery proxy.
This commit corrects the timing of Transmission Control Block (TCB)
re-initialization to ensure proper RST packet sending during TCP
connection aborts and to prevent potential issues due to incomplete
TCB cleanup.
This commit introduces the `MultiAilDetector` feature within the
`RoutingManager`. This feature detects whether Border Routers(BRs) on
the Thread mesh might be connected to different Adjacent
Infrastructure Links (AILs).
The feature can be enabled using the configuration option
`OPENTHREAD_CONFIG_BORDER_ROUTING_MULTI_AIL_DETECTION_ENABLE`.
The detection mechanism operates as follows: The Routing Manager
monitors the number of peer BRs listed in the Thread Network Data and
compares this with the number of peer BRs discovered by processing
received Router Advertisements (RAs) on its local AIL.
If the count derived from Network Data consistently exceeds the count
derived from RAs for a detection period of 5 minutes, the detector
concludes that BRs are likely connected to different AILs. This
triggers a detection state change, and a registered callback is
invoked. To clear this state, a shorter window of 1 minute is used.
Public APIs and corresponding CLI commands have been added to allow
checking the current detection state and registering a callback for
state change notifications.
This commit also includes test coverage for the newly added feature.
With Thread 1.4 the cli application not can also (dns) resolve
IPv4 addresses. This commit adds the same support in otci
* dns_resolve4
Implements support for vendor operations in otci get/set
* vendor_name
* vendor_model
* vendor_sw_version
Implements network diagnostic commands
* get
* reset
* non_preferred_channels
Various other (small changes)"
* allow setting read timeout on serial connections
* allow replacing read routine filter
* expose latest thread versions in the public module api
* expand the definition of dns_get_config
* replaces mgmtget/mgmtset with the correct mgmtgetcommand and mgmtsetcommand
* replaces addressmode with the correct addrmode
* adds an `ignore_result` option to `execute_command`
* adds a missing `diag` command
* removes some unexisting getters
This commit updates the mDNS `RecordQuerier` to handle record types
where the RDATA contains one or more potentially compressed DNS
names. For these types, the reported record data is now decompressed
to include the full DNS names. This enhancement applies to the
following record types: NS, CNAME, SOA, PTR, MX, RP, AFSDB, RT, PX,
SRV, KX, DNAME, and NSEC.
To achieve this, a helper `ResourceRecord::DecompressRecordData()`
method is introduced. This method uses a "recipe" formula specific
to each supported record type. The recipe defines the number of
prefix bytes before the first embedded name, the number of DNS
names, and the minimum number of suffix bytes after the names. A
common implementation then uses this recipe to parse and decompress
the RDATA. This approach makes the implementation flexible and allows
for easier addition of new record types and formats in the future.
Unit test `test_dns` is updated to validate the newly added method.
This commit enhances the `openthread-posix-config.h` header by:
- Moving configurations defined in other headers
(`platform-posix.h`) into this common header.
- Making sure the section containing guard checks for removed or
renamed POSIX configurations is at the end of the header file.
This commit refactors the `Mle` modules and combines the `MleRouter`
and `Mle` classes into a single `Mle` class which now handles both
FTD and MTD functionalities.
The `MleRouter` and `Mle` classes were originally intended as
sub-classes, where the base class `Mle` would provide MTD and common
behaviors, and `MleRouter` would implement FTD-specific behaviors.
However, over the years and as new features were implemented, these
two classes became more intertwined, and the `Mle` class began to
include many FTD-related functions and interactions with `MleRouter`
private variables and methods.
This commit simplifies the code by combining the two into a single
class. The previous `mle_router.cpp` file is also renamed to
`mle_ftd.cpp` to indicate that it implements FTD-specific MLE
behaviors.
This commit introduces an API to iterate over the local host IPv6 and
IPv4 addresses known to the OpenThread mDNS module.
The platform layer is responsible for monitoring and reporting all
host IPv4 and IPv6 addresses to the OpenThread mDNS module, which
then tracks the full address list
(see `otPlatMdnsHandleHostAddressEvent()`). The newly added function
allows iteration through this tracked list, primarily intended for
information and debugging purposes.
This commit also adds a CLI command to utilize the new API.
Additionally, the `test_mdns` unit test has been updated to validate
the functionality of the newly added API.
This commit enhances the posix `otPlatAlarm` implementation by:
- Avoiding casting from unsigned int to signed int. While this usually
works, it's technically undefined behavior.
- Adding new `IsExpired()` and `CalculateDuration()` methods to avoid
unsigned to signed casting and simplify the code.
- Ensuring `static_cast<>` is used instead of C-style casts.
This commit adds the `-Wundef` compiler flag to the OpenThread core,
CLI, and NCP builds when configured for MTD, FTD, or Radio types.
This flag helps ensure that no undefined macros are used within the
source code, protecting against potential typos in conditional
compilation checks (`#if` checks).
Due to CVE-2025-27809, on newer versions of mbedtls, handshake
will fail unless hostname is set earlier.
TLS clients are not affected if they operate in a closed ecosystem
where the trusted certificate authority only issues certificates
to trusted hosts.
In this case, `mbedtls_ssl_set_hostname` with nullptr should
be called to avoid failures.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit adds `ResourceRecord::UpdateRecordLengthInMessage()`
helper method in `dns_types.hpp`.
This common helper is then used in the SRP client, DNSSD server, and
mDNS modules, replacing similar methods previously implemented within
these modules.
This commit introduces an alternate mechanism for the platform layer
to signal local host address changes to the OpenThread mDNS module.
The existing approach, where the platform invokes
`otPlatMdnsHandleHostAddressEvent()` for each added or removed
address, remains supported.
The new approach allows the platform to call the newly added
`otPlatMdnsHandleHostAddressRemoveAll()` callback once, immediately
followed by invoking `otPlatMdnsHandleHostAddressEvent` for every
currently assigned IPv4 and IPv6 address on the interface.
These two approaches offer flexibility for platforms with varying
capabilities accommodating different operating systems and network
stacks. Some network stacks may provide mechanisms to identify the
added or removed addresses, while others may only provide the new
list upon a change.
The `test_mdns` unit test is updated to validate this newly added
mechanism.
This commit introduces a new feature in `Dns::Client` to support
sending DNS queries for arbitrary record types. Callers are notified
of received response via a callback. New methods are provided to
parse and read all records in the response. Public APIs and related
CLI commands for this new feature are also added.
The `OPENTHREAD_CONFIG_DNS_CLIENT_ARBITRARY_RECORD_QUERY_ENABLE` build
configuration is added to control this feature. This allows projects
that do not require arbitrary DNS query functionality to disable it,
avoiding its associated firmware code size overhead.
Importantly, if a retrieved record type is PTR, CNAME, DNAME, NS, or
SRV, the record data in the received response contains a DNS name
which may use DNS name compression. For these specific record types,
the record data is first decompressed such that it contains the
uncompressed DNS name. For all other record types, the record data is
read and provided as it appears in the received response message.
This commit simplifies how information about the message queue, such
as the number of messages, data buffers, or total bytes in the queue,
is retrieved. The `MessageQueue::GetInfo()` method is changed to
clear the passed-in `Info` structure (instead of adding the counts to
the existing fields and expecting the caller to clear it).
A new helper method, `MessageQueue::AddQueueInfos()`, is added to
aggregate queue information when needed.
Various modules, such as `MeshForwarder`, `Ip6`, and `Mle`, are
updated to provide methods to retrieve their queue information
instead of exposing a reference to their internal queues.
In particular, `Coap` is updated to provide combined information for
all its queues, including request and cached response queues. This
simplifies the `Instance::GetBufferInfo()` method, which retrieves
information about all queues across all components.
This commit renames methods related to reachability checks and the
sending of ICMP unreachable errors for better clarity and
consistency. The primary method for determining reachability is
renamed to `IsReachable()`. Methods that perform a reachability check
and, upon failure, send an ICMP unreachable error are renamed as
`CheckReachabilityToSendIcmpError()`, clearly indicating their
additional action of sending an ICMP error.
This commit simplifies the `Ip6::DetermineAction()` method, which
determines the appropriate actions (`forwardThread`, `forwardHost`,
`receive`) for an IPv6 message based on its destination address and
origin.
- The code now uses `ExitNow()` to exit the method as soon as a
specific action is determined. This avoids deeply nested `if/else`
blocks and makes the control flow easier to understand.
- Some negative conditional checks have been refactored into positive
checks with early exits. For example, a condition like `if
(!cond1 || !cond2)` that guarded further processing is now
expressed as `if (cond1 && cond2) { ExitNow(); }`, making the logic
more direct.
- New comments have been added to clarify more complex checks and
conditions within the method.
- The `RouteLookup()` method has been removed and its logic inlined
directly into `DetermineAction()`. This improves code readability
and allows for clearer distinction between forwarding to a host due
to Border Router functionality versus forwarding as a last resort
when no specific route exists.
This commit introduces the `DetermineAction()` method to refactor the
code within `HandleDatagram()`. This new method centralizes the logic
for determining the appropriate action (e.g., `forwardThread`,
`forwardHost`, `receive`) for an IPv6 message based on its
destination address and origin.
This commit only focuses on code refactoring and does not introduce
any changes to the existing message processing logic.
This method inspects a received message to perform two key actions:
- Updating the EID-to-RLOC cache (for snoop optimization) and
- Detecting whether a former child device has moved to a new parent.
The renaming clarifies the specific responsibilities of this method.
This commit simplifies the process of determining the destination MAC
address. Specifically, when the destination is a link-local unicast
address, the MAC address is derived directly from its Interface
Identifier (IID). This commit replaces and removes the
`GetMacDestinationAddress()` method, with the calling code now
directly determining the destination MAC address.
This commit adds support for the "non-preferred channels" TLV in
Network Diagnostics. New APIs and their related CLI commands are
added to allow users to get/set this value, which is then used to
respond to Diagnostic Get/Query messages requesting this TLV. This
commit also introduces a mechanism to monitor and notify the caller
when a Network Diagnostic Reset command is received for this TLV.
The `test-020-net-diag` test is updated to validate the new TLV and
its API.
This commit updates the template method `Instance::Get<Type>()` to
support retrieving the `ApplicationCoap` and `ApplicationCoapSecure`
sub-components within the `Instance` hierarchy. This change replaces
the previous direct methods used to access these CoAP components,
providing a more consistent approach to accessing sub-components.
This commit introduces a new method, `Uptime::GetUptimeInSeconds
()`, which returns the device's uptime in seconds. This new method
simplifies existing code that performed manual conversion of the
uptime from milliseconds to seconds.
This commit adds a check in `instance.cpp` to ensure that exactly one
of the `OPENTHREAD_CONFIG_FTD`, `OPENTHREAD_CONFIG_MTD`, or
`OPENTHREAD_CONFIG_RADIO` configuration options is enabled. This
enforces a clear definition of the build type and prevents potential
conflicts or unexpected behavior arising from ambiguous or incorrect
configurations.
This commit introduces a new mechanism in `RoutingManager` to
configure OMR prefix handling on a Border Router. This provides
manual administration options to explicitly set a custom OMR prefix
or disable it, in addition to the existing default behavior where the
BR automatically selects and manages the OMR prefix. These new
administrative configurations can also be used during testing,
particularly for certification tests.
This commit adds new public OpenThread APIs and a CLI command,
`br omrconfig`, for this functionality. Notably, the new APIs allow
updating the OMR configuration while the BR is enabled and running,
and the implementation correctly adjusts to the new requested
behavior.
A new detailed test case is added to the `test_routing_manager` unit
test, covering the new behavior.
This commit add new helper methods `Mac::ExtAddress::SetFromIid()`
and `Mac::Address::SetExtendedFromIid()` which set the Extended
MAC Address from a given IPv6 Interface Identifier (IID). These
methods replace similar ones on `Ip6::InterfaceIdentifier` class
(`ConvertToExtAddress()` and `ConvertToMacAddress()`) to improve code
readability. It is more intuitive to call a `Set` method on the
object being modified rather than passing it as input to a `Convert`
method.
Resolves:
CMake Error at third_party/googletest/repo/CMakeLists.txt:4 (cmake_minimum_required):
Compatibility with CMake < 3.5 has been removed from CMake.
Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
to tell CMake that the project requires at least <min> but has been updated
to work with policies introduced by <max> or earlier.
Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
This commit adds the `srp server port` CLI command, which maps to the
`otSrpServerGetPort()` API. This new command is now used in
`thread-cert/node.py` to implement `get_srp_server_port()`, allowing
direct retrieval of the SRP server port instead of indirectly parsing
the network data entry.
This commit enhances the native OpenThread mDNS implementation to
streamline the registration of the local host and its IPv6/IPv4
addresses.
Previously, registering the local host required tracking host
addresses and using `otMdnsRegisterHost()`, similar to registering
any other host. This commit introduces a simpler alternative that
handles both IPv6 and IPv4 addresses.
The changes in this PR include:
- The local host name can be explicitly set by the caller using new
API `otMdnsSetLocalHostName`. However, if not provided, the mDNS
module automatically generates a name derived from the device's
Extended MAC address.
- A new platform API callback, `otPlatMdnsHandleHostAddressEvent`, is
introduced to notify the OpenThread mDNS module of host address
changes.
- The OpenThread mDNS maintains an internal list of host addresses,
automatically updating it based on platform callbacks. A short
guard time is used to group multiple changes before announcing
them. Transient changes (e.g., address removal and re-addition) are
handled to prevent unnecessary announcements.
- Host IPv4 addresses (A records) are now supported. The `HostEntry`
class is updated to optionally include IPv4 addresses, in addition
to the required IPv6 addresses.
- A detailed test case in `test_mdns` covers all new local
host-related behaviors.
This commit adds support for the Network Diagnostics Enhanced Route
TLV (TLV number 37). This TLV provides information about established
links between routers, including the next hop and associated cost for
routes to all routers. This commit also adds CLI support and test
coverage for the new TLV.
This commit enhances the documentation of certain `otPlatRadio` APIs
for improved clarity.
Most importantly, regarding the `otExtAddress` input parameters,
earlier APIs such as `otPlatRadioSetExtendedAddress()`, `otPlatRadio
{Add/Clear}SrcMatchExtEntry()` assume little-endian byte order. This
is already noted in their documentation. However, some more recent
APIs, namely `otPlatRadioConfigureEnhAckProbing()` and
`otPlatRadioEnableCsl()` do not explicitly specify the byte order.
Common radio platform implementations (and how the APIs are used)
assume big-endian byte order. While this discrepancy is unfortunate,
changing it would create backward compatibility with existing
platform implementations. This commit updates the documentation of
these APIs to mention the byte order and highlight their difference
from other APIs.
This commit also clarifies `otPlatGetRssi()` expected behavior.
This commit fixes `get_srp_server_port()` in `thread-cert/node.py`.
This function parses Network Data service entries, searching for an
SRP/DNS unicast (non-preferred) entry, and then attempts to parse the
published port number of the SRP server by examining the last bytes
of the "server data".
The SRP/DNS unicast entry was previously updated to optionally include
a "version" field at the end of the "server data". This update caused
the port number parsing to fail, as the code did not account for the
extra byte corresponding to the version field.
This commit resolves this issue by ensuring that the two bytes are
correctly read and interpreted as the port number, regardless of the
presence of the version field.
The WED listener only supports calling the `Radio::ReceiveAt()` for
periodic sampling.
This commit adds support for the WED to perform periodic sampling by calling
`Radio::Sleep()` and `Radio::Receive()`.
This commit updates `otLowpanContextInfo` to include the `mStable`
flag, indicating whether the 6LoWPAN Context TLV is marked as stable
or not. The `netdata show` CLI command is also updated to display the
stable flag when outputting the list of contexts. Additionally, this
commit updates the `test-019-netdata-context-id` test to adjust how
it checks and validates the "compress" flag.
This commit makes `OPENTHREAD_CONFIG_UPTIME_ENABLE` mandatory for FTD
and MTD builds. This requirement is now explicitly enforced in the
`uptime.hpp` header file. Consequently, this configuration is only
applicable for RADIO/RCP builds.
This commit also removes unnecessary `#if` checks for this
configuration within core modules used in MTD or FTD builds. The
OpenThread API and CLI command documentation are updated
accordingly.
This commit enhances `RecordQuerier` to support queries for the ANY
record type. When querying for ANY, the response may contain various
record types. The implementation ensures that these different types
are cached separately and correctly handles responses containing
multiple record types (with or without "cache-flush" flag).
The `test_mdns` unit test is updated to validate this new behavior in
detail.
This commit introduces new Spinel properties to support CLI service in
NCP.
* Added `SPINEL_PROP_STREAM_CLI` property: This streaming property
provides a bidirectional channel for interacting with the NCP's
command-line interface (CLI). The host can send CLI commands to the
NCP by setting this property. The NCP will then execute the
commands. The NCP will send the output of the executed command (if
any) back to the host via unsolicited notifications of this same
property.
This commit changes the mesh forwarder to avoid adding CSL IE when the
message is not destined to a known neighbor. This change also eliminates
the check to exclude the MLE Discovery Request for adding CSL IE.
Key Changes:
* Server Prioritization: RDNSS-discovered servers are prioritized
based on their advertised lifetime. Servers with longer lifetimes
are preferred.
* Recursive DNS Server List: The resolver maintains a list of
recursive DNS servers, which now includes servers learned via RDNSS.
* DNS Query Integration: The resolver uses the RDNSS-learned servers
when forwarding DNS queries upstream.
* Border Routing Integration: The RDNSS callback is registered to the
border routing module.
Minor Changes:
* The unused function `Transaction *GetTransaction(int aFd)` is
removed.
Previously, the code relied on the return code of the `service radvd
status` command to determine if `radvd` was running. This was
unreliable because the command could succeed even if the service was
not actually active.
The `is_radvd_running` function now parses the output of `service
radvd status` and specifically checks for the line "running" to
confirm that the service is truly running.
This commit introduces `CoapBase::ScheduleRetransmissionTimer()`, a
new method that calculates the next retransmission timer fire time
based on all queued messages in `mPendingRequests` and then
schedules (starts or stops) the timer.
This method is now used whenever `mPendingRequests` is updated (a new
message is added or an existing message is removed). It is also used
in `HandleRetransmissionTimer()`, the timer's callback. This change
centralizes timer scheduling, simplifying the logic.
This also addresses an issue in the existing code where
`HandleRetransmissionTimer()` iterated over `mPendingRequests` to
determine expired messages and calculate the next fire time. However,
finalizing an expired message could trigger its `ResponseHandler`
callback, from which the caller may start or abort CoAP message tx
and modify `mPendingRequests` and reschedule the timer, leading to
incorrect fire time calculations (`NextFireTime` can be incorrect
which would then improperly re-schedules the timer, stop it or
schedule it to a later time).
With this change, `HandleRetransmissionTimer()` first finalizes
expired messages (potentially invoking callbacks) and then calls
`ScheduleRetransmissionTimer()` to calculate the next fire time
based on the updated `mPendingRequests`, ensuring accurate timer
scheduling.
On Android we didn't have a chance to disable reading from
`resolv.conf` at initialization of `Resolver`. This caused a logging
line at critical level which could be confusing.
This commit enhances the native mDNS implementation by adding
`RecordQuerier`, which enables continuous queries for arbitrary
record types and query names. The `RecordQuerier` follows a pattern
similar to service/address browsers and resolvers, allowing multiple
queriers to be started for the same record type and name (provided
they use different callbacks).
Record results are cached, and the cache correctly handles and reports
when new records are added or removed (either explicitly or due to
timeouts), including when the "cache-flush" flag is used in a
response.
Public OpenThread APIs and corresponding CLI commands are added for
`RecordQuerier` functionality.
The `test_mdns` unit test is updated with a detailed test case
covering the newly added `RecordQuerier` functions.
This commit enhances the DNS resolver (`resolver.cpp`) to support IPv6
addresses in upstream DNS server configurations, allowing for greater
flexibility and compatibility in IPv6-enabled environments.
This commit aims to add the possibility to specify a netif identifier for
SecureTransport::Open method. This method has now a default parameter,
kNetifUnspecified, if no argument is explicitly passed by the user.
Signed-off-by: Cristian Bulacu <cristian.bulacu@nxp.com>
The current MLE and MAC layers will trigger a call to "SubMac::UpdateCsl()"
when the CSL state or CSL parameters change. This will bring a lot of
unnecessary interface call overhead when we make RCP support CSL receiver
in the future.
This PR refactors the code so that the MLE and MAC layers only trigger a
call to `UpdateCsl` when a valid state or parameter change occurs.
This commit introduces a mechanism in `RoutingManager` to parse and
process Recursive DNS Server (RDNSS) options within received Router
Advertisement (RA) messages. The list of discovered RDNSS addresses
is tracked (per router) by `RoutingManager`, applying the advertised
lifetime to properly age the discovered entries.
This commit adds a new public API to retrieve the list of tracked
RDNSS addresses, along with a callback mechanism where OpenThread
users can register to be notified of changes to the RDNSS list. This
callback is invoked when any of the following changes occur:
- A new RDNSS address is advertised by a router.
- A previously discovered address is removed due to the router
advertising it with a zero lifetime.
- A previously discovered address has aged out (its lifetime expired
without being re-advertised).
- `RoutingManager` determines that the router advertising the address
is now unreachable, resulting in the removal of all its associated
entries.
This commit also adds corresponding CLI commands for the new API.
Furthermore, `test_routing_manager` is updated to include a test case
covering all the newly added behaviors in detail.
This commit updates the CSL channel selection logic. When a CSL
channel is not explicitly set, the code now uses the tracked
`mPanChannel` (the current Thread PAN channel) instead of
`mRadioChannel` (the current channel the radio is listening on). This
ensures that the CSL channel aligns with the Thread PAN channel, even
when the radio temporarily switches to other channels, such as during
an MLE discover scan.
This commit modifies `UpdateIp6RouteFtd()` to handle errors returned
by `NetworkData::Leader::RouteLookup()`, ensuring that messages are
dropped appropriately when a route lookup fails. It also initializes
`mMeshDest` to an invalid RLOC16 at the beginning of the method.
This commit fixes the issue that the joiner starts joining process
immediately when an invalid Joiner UDP Port is encountered. This issue
was introduced by #9445 which attempts to ignore joiner routers having
an invalid Joiner UDP Port.
This commit updates how the CSL sample time is tracked in `SubMac`,
ensuring that it is tracked using both radio time based on
`otPlatRadioGetNow()` and the local time (`TimeMicro::GetNow()`).
These two time sources may not necessarily be the same.
This change addresses the issue where the same time value was used for
both scheduling `mCslTimer` (which should be based on local time) and
for calls to the radio APIs (which should use radio time).
When in fast-start mode, the SRP server will be disabled and then
immediately enabled again if the device transfers from Child to Router.
This commit fixes this issue by also matching the MLE-ID with the SRP
server address in the Network Data.
This commit updates the `Srp::Server` so that Fast Start Mode can be
disabled by a call to `otSrpServerSetAutoEnableMode()`, in addition
to the existing method of calling `otSrpServerSetEnabled()`.
The `test_srp_server` unit test is updated to validate this new
behavior.
This commit fixes an issue in BorderAgent when handling Notifier
events.
If the events contain 'Epskc' and BA is not running, then the meshcop
service update will be skipped.
This commit refactors the `sub_mac_csl_receiver.cpp` to handle
`ReceiveAt()` and `Sleep() or Receive()` operations in different
functions to simplify the code logic.
This commit enables CCA for CSL transmission. CCA is expected for CSL
transmissions. The platform layer may skip CCA if mCsmaCaEnabled is not
set. This commit ensures mCsmaCaEnabled is correctly delivered to the
platform layer.
This commit posts a MeshCoP service changed task after Epskc feature
is enabled/disabled.
After Epskc feature is enabled/disabled, the `EpskcSupported` bit in
the statebitmap in MeshCoP Txt value should change accordingly.
This commit adds spinel properties for border agent MeshCoP service to
work under NCP.
* `SPINEL_PROP_BORDER_AGENT_MESHCOP_SERIVCE_STATE`: this simply
conveys the MeshCoP service state, including `IsActive`, udp port
and the encoded Txt values.
* `SPINEL_PROP_BORDER_AGENT_MESHCOP_SERIVCE_STATE_SUBSCRIPTION`: this
notifies the NCP side to register the state change callback. Because
we hope that the host side can have initial values. But if we
register the state change callback in NCP's initialization, the
callback will be invoked at a very early stage and send the values
while the host isn't ready to receive the MeshCoP service values. So
this property enables the host to decide when to receive the initial
values.
This commit adds "Fast Start Mode" feature for SRP server. This
feature is designed for scenarios where a device, often a mobile
device, needs to act as a provisional SRP server (e.g., functioning
as a temporary Border Router). The SRP server function is enabled
only if no other Border Routers are already providing the SRP
service within the Thread network. A common use case is a mobile
device joining a Thread network where it may be the first, or only,
BR. Importantly, Fast Start Mode allows the device to quickly start
its SRP server functionality upon joining the network, allowing other
Thread devices to quickly connect and register their services without
the typical delays associated with standard Border Router
initialization and SRP server startup (using NetData Publisher).
This commit updates `SubMac::UpdateCsl()` and related methods to use
the core types `Mac::ExtAddress` and `Mac::ShortAddress` instead of
C-style public/platform types. The extended address input is also
changed from a pointer to a reference.
This commit adds a new option in `otSrpServerAddressMode` as
`OT_SRP_SERVER_ADDRESS_MODE_UNICAST_FORCE_ADD`. This allows faster
SRP server start up by bypassing the Network Data publisher and
adding the "SRP/DNS unicast" entry directly to Network Data upon enabling
of the SRP server, regardless of how many other similar entries are
present.
This option is intended for testing and specific situations. A warning
is added to indicate that using this option will make the device
non-compliant with the Thread specification.
The unit test `test_srp_server` is updated with a new test case to
validate the new `AddressMode` and its related behavior.
This commit modifies the process exit behavior to introduce a new exit code
`OT_EXIT_RCP_RESET_REQUIRED`. This code signals that a hardware reset is required
by the POSIX platform, rather than being initiated directly by OpenThread itself.
This change is necessary to accommodate scenarios where the platform or a
separate stack (e.g., Wifi/BT) is responsible for managing hardware resets
of integrated chips (like Wifi/BT/Thread trinity chips). Previously, OpenThread
might have attempted to handle resets directly, which is not always appropriate
in these integrated environments.
This commit includes the following changes:
- Adds a new exit code: `OT_EXIT_RCP_RESET_REQUIRED` is now defined to indicate a
platform-requested hardware reset.
- Makes reset parameters optional: The `gpio-reset-device` and `gpio-reset-line`
parameters for reset functionality are now optional.
- process dies if gpio-reset-device is not given when TriggerReset().
The RCP should assert the interrupt pin to notify the SPI interface of
an impending data frame transfer to the host. This commit removes the
polling mode from the spi interface.
This commit adds a new OT API `otBorderAgentGetMeshCoPServiceTxtData`
to get MeshCoP Service TXT data from OT core.
The intention is to facilitate the NCP property update for MeshCoP
Service TXT data. With the get API, NCP property update can use the
`ChangedPropsSet` way which is more robust.
This commit updates `kAloc16ServiceEnd` to `0xfc1f`, aligning it with
recent changes in the Thread specification. The range `0xfc10-0xfc1f`
is now used for service ALOC16 corresponding to the 16 service IDs,
and the range `0xfc20-0xfc2f` is reserved for future use.
It also updates the `NetworkData::Leader::AnycastLookup()` to
explicitly check a given `aAloc16` against the defined ALOC16 ranges.
This replaces the previous model, which assumed that ALOC16 ranges
followed each other sequentially. While this assumption held true
previously, the introduction of the reserved range disrupts this
pattern. The explicit range check ensures correct behavior regardless
of future changes, making it a safer and more robust approach.
This commit changes the installation of socat from using 'apt' to
manual installation.
We found the latest socat version 1.8.0.3 has an issue when running
with OTBR docker. To avoid the error caused by version and facilitate
local development, the commit provides a script to install socat of
version 1.7.4.4 and replaces the installation in CI and scripts..
We add the install script in openthread and ot-br-posix will use the
script in openthread to install socat.
This commit enhances `NetworkData` modules to skip invalid TLVs during
iteration or search operations. Specifically, `NetworkDataTlv::Find
()` and `NetworkData::Iterate()` are updated. These two methods are
the primary methods used by all other methods for parsing or
searching for TLVs.
Generally, the leader validates TLVs before registration using
`NetworkData::Leader::Validate()`. However, this change improves
robustness by allowing receivers to also handle possible malformed
Network Data.
This commit also updates the `test_network_data` unit test to cover
the new behavior of skipping invalid TLVs.
This commit updates `SetTimeout()` to ensure the child timeout remains
within the minimum and maximum allowed values (per the specification,
the maximum value of 8 hours is used).
These limits are also enforced when the parent requests a different
timeout value in an MLE Child Update Response to the child's
request.
If the EphemeralKey Manager is enabled, when no active CoAP DTLS
session is found in the Border Agent's mDtlsTransport, it should
attempt to retrieve one managed by the EphemeralKey Manager.
This issue was discovered when using Thread devices, a Border Router ,
and `ot-commissioner` for commissioning with an ephemeral key. The
process is as follows:
Using `ot-commissioner` commit: `8fffd186b28809257bad73eab2459c97240fe535`
Using `openthread` commit: `36a8f71d0693bfb1407fc48444c4da6e7f2d32d6`
1. Using the ephemeral key, the BR and `ot-commissioner` established a
DTLS connection over the Wi-Fi link. This process worked as expected,
and the Border Agent successfully created `mCoapDtlsSession` in the
EphemeralKey Manager.
2. The `ot-commissioner` executed the command `joiner enableall
meshcop J01NU5` to allow joiners to connect.
3. When a Thread node attempted to join the network using `joiner
start J01NU5`, it failed.
The root cause was that when the `BorderAgent` received a CoAP message
from the Thread device and attempted to forward it to
`ot-commissioner` via `HandleTmf<kUriRelayRx>`, it could not find an
active CoAP DTLS session through
`FindActiveCommissionerSession`. Because the `mCoapDtlsSession` in the
EphemeralKey Manager was not managed by the Border Agent’s
`mDtlsTransport`.
This VerifyOrExit will prevent the RCP recovery process from resetting
the RCP. The comment highlights that given a multipan architecture, it
is not viable to reset the RCP once it is declared ready. In
non-multipan architectures, it is still viable and desirable to reset
the RCP as part of recovering it.
See https://github.com/orgs/openthread/discussions/11273
This commit adds tests to cover the handling of Src Match entries,
including adding, removing and clearing of short addr entries and
extended addr entries.
This commit adds a new OT API to set callback for border agent state
change: `otBorderAgentSetMeshCoPServiceChangedCallback`
`otBorderAgentStateChangedCallback` is invoked when the 'IsActive'
state of BorderAgent changes or the MeshCoP TXT data from Thread stack
changes. For example, the network name, the EXT PAN ID. This is used
to update the MeshCoP TXT data that will be published on the host and
notify the platform to start/stop the UDP Proxy.
After applying the UdpProxy design, the UDP port of published MeshCoP
service will be provided by the UdpProxy on the host (in ot-br-posix)
instead of OT core.
This commit simplifies state tracking and updates within
`PdPrefixManager`. Previously, three boolean flags (`mEnabled`,
`mStarted`, and `mPaused`) and a `GetState()` method were used to
represent the state as a `Dhcp6PdState`.
This commit replaces the boolean flags with a single `mState`
variable of type `Dhcp6PdState`. New `UpdateState()` and `SetState()`
methods handle all state transitions, ensuring PD prefix withdrawal
(OMR prefix removal from Network Data) and state change signaling.
This commit refactors the cp-caps test as follows:
1. uses the unittest framework to refactor the cp-caps.
2. all tests are sorted alphabetically
3. all test names are changed to long names.
This commit relaxes the tests that assume mDNS resolve would provide a
single IPv6 answer and explicitly check and require one address. This
behavior of the mDNS API is improved/changed in the `ot-br-posix`
implementation, allowing multiple addresses to be collected and
passed in the "resolved" callback.
This commit updates the `_assert_dig_result_matches()` function to
have an additional parameter, `allow_extra_answer`, which is then
used in specific test steps.
This commit addresses an issue introduced in #10892 where the Extended
Address byte order was not properly handled when calling
`otPlatRadio` APIs. OpenThread core uses big-endian encoding for
Extended Addresses, while the `otPlatRadio` APIs expect
little-endian, as per documented behavior.
PR #10892 refactored the byte-order reversal code from
`SourceMatchController` and `LinkRaw` into the `Radio` class. While
`Radio::AddSrcMatchExtEntry()` was updated properly to reverse the
byte order, `Radio::ClearSrcMatchExtEntry()` was not. This leads to
Extended MAC addresses not being properly removed from the source
match table, potentially causing issues with indirect transmission.
This commit resolves the issue.
It is strongly recommended to cherry-pick this fix into builds that
include #10892.
This commit clarifies the documentation for `otPlatRadioReceiveAt()`
regarding its behavior when called multiple times after successfully
scheduling a reception window. If a subsequent call occurs before
the start of the previous window, it MUST cancel the previous window
and effectively replace it. If the call occurs after the start of
the previously scheduled window, even if still within it, it MUST
NOT impact the ongoing reception.
This commit simplifies the `PdPrefixManager` class by removing the
`currentPrefixUpdated` flag. The flag was used to track PD prefix
changes during prefix processing, solely to determine if a prefix was
deprecated. This deprecation check can be performed independently,
eliminating the need for the flag and simplifying the code.
This commit updates the `BorderAgent` implementation to support
multiple parallel sessions using PSKc. It adds new public OT APIs to
iterate over all sessions, along with related CLI commands. The nexus
`test_border_agent` is updated to cover multi-session behavior and
the new session iteration APIs.
This commit simplifies `PdPrefixManager::HasPrefix()` by simply
checking if `mPrefix` is empty (rather than `IsValidOmrPrefix()`).
A favored PD prefix is always validated before it is assigned to
`mPrefix`, and when the prefix is removed, `mPrefix` is cleared.
This commit updates `otBorderRoutingDhcp6PdState` to be properly
mapped using `DefineMapEnum()` to its related core-internal `enum`
definition. This avoids the use of `static_cast` for conversion and
ensures only associated `enum` types can be mapped to each other.
This commit updates `PdPrefixManager::Evaluate()` to directly use the
helper method `FavoredOmrPrefix::IsInfrastructureDerived()` when
deciding to pause and change to `kDhcp6PdStateIdle`. This helps
improve code readability.
This commit updates `otBorderRoutingDhcp6PdState` to be properly
mapped using `DefineMapEnum()` to its related core-internal `enum`
definition. This avoids the use of `static_cast` for conversion and
ensures only associated `enum` types can be mapped to each other.
This commit updates `PdPrefixManager::Evaluate()` to directly use the
helper method `FavoredOmrPrefix::IsInfrastructureDerived()` when
deciding to pause and change to `kDhcp6PdStateIdle`. This helps
improve code readability.
This commit enhances the `OmrPrefixManager` to track and log changes
to the favored OMR prefix. The new log includes the old favored
prefix (if any) along with the new one, and provides additional
information such as its preference, whether it is a domain prefix, or
whether it matches the local OMR prefix. This replaces and enhances
the previous logs.
This new mechanism can also be used to signal (to other modules) when
the favored OMR prefix changes.
The simulation platform radio driver doesn't set the 'mInfo.mTxInfo.mIeInfo'
field of the ACK frame. And the function 'otMacFrameUpdateTimeIe()' directly
use the 'mInfo.mTxInfo.mIeInfo' field, this may cause the program crash.
This commit checks whether 'mInfo.mTxInfo.mIeInfo' is null before using it
and sets the 'mInfo.mTxInfo.mIeInfo' field of the ACK frame to null in
simulation platform.
When running the command `diag receive 1 rlp`, the DUT may fail to
receive the frame, then the otci will try the command again and
again. These retries are useless, and they will take lots of time
before timeout.
This commit sets the number of retry to 0 before executing the
command, and restore the number of retry after the command is
executed. This commit also captures the timeout exception from the
adb_shell.
The radio driver will set the `mInfo.mTxInfo.mIsSecurityProcessed` field
to True after the radio driver encrypts the frame. Which causes subsequent
frames to be sent will not be encrypted.
This commit sets the `mInfo.mTxInfo.mIsSecurityProcessed` field before
sending each frame.
This commit enables transmitting wake up frames with CCA enabled. A
build time configuration is added in case the coprocessor doesn't
support the newly added feature skipping CSMA/CA backoff only.
Previously there's a delay for every router (10 seconds) and child (3
seconds) for it to start. The serialized waiting times are
unnecessary. This commit removes such waitings to speed up the test
case. This is especially useful in the BR test
`test_srp_register_500_services_br.py` which uses non-virtual time.
This adds the `-x` flag to the `tcp send` command so send specific
data defined by a hexadecimal string. The purpose is to use this in
testing, for example to emulate HTTP GET requests.
This commit updates the Border Agent so that the `CoapDtlsSession`
tracks the forwarded CoAP request and the allocated `ForwardContext`
to the leader using `Tmf::Agent` in a list.
If the CoAP session disconnects before the forwarded request finishes,
the pending transaction is explicitly aborted in the session's
`Cleanup()` method using `Tmf::Agent::AbortTransaction()`. This
ensures that the response handler, `HandleCoapResponse()`, is invoked
while the session remains valid.
The current diag module allows users running the 'diag send' and 'diag
repeat' concurrently. The command run later will change the settings
of the command run earlier, which will cause unexpected test results.
This commit does not allow running 'diag send' and 'diag repeat'
concurrently.
This commit updates `TxMessageHistory` to track the message length
along with calculated CRC-16 and CRC-32 values of the message
content. This replaces the use of SHA256 hash, simplifying the code
and removing the dependency of the mDNS core module on the crypto
platform layer (and mbedtls).
This commit introduces the `BorderAgent::EphemeralKeyManager` class,
which manages the use of the ephemeral key by the Border Agent.
The `EphemeralKeyManager` uses its own DTLS transport and CoAP secure
sessions. This allows the `EphemeralKeyManager` and the `BorderAgent`
service (which uses PSKc) to be enabled and used in parallel.
Previously, a single transport and session was shared between these
functions, requiring the normal BA service (with PSKc) to be stopped
before the ephemeral key could be used.
This is a fundamental change and improvement to the ephemeral key and
Border Agent functionality. Therefore some existing `otBorderAgent`
APIs need to be modified. For example, `otBorderAgentGetState()`,
which returned the Border Agent state to indicate whether there were
any active sessions, is no longer meaningful, as different
sessions/transports are now used for PSKc and ephemeral key, and
there can be multiple sessions. This commit intentionally renames and
changes the `otBorderAgent` public APIs, specifically all those
related to ephemeral key use, to highlight the fundamental change in
behavior. While this can cause backward incompatibility, it requires
app layer code that used the previous APIs to be updated to take into
account the new behavior.
This commit also updates `nexus/test_border_agent`, adding new tests
to validate the new behavior (e.g., BA service and ephemeral key
parallel sessions). It also includes and validates the Border Agent
counter updates under different scenarios (this enhances and replaces
`test_ephemeral_key_counters.py`).
This commit introduces `TxMessage::AppendAddressRegistrationEntry()`
which appends an address entry in an MLE Address Registration TLV.
The new helper method determines whether a given address can be
appended as a compressed (using a lowpan context ID) or as an
uncompressed entry. This simplifies the code by moving all checks
into a common method. It also adds an explicit check to ensure the
associated Context TLV has the "compress" flag set before using
the compressed format.
This commit clarifies the intended behavior of the radio platform API
`otPlatRadioSetMacKey()` by recommending that implementations also
clear the MAC frame counter value (tracked by the radio).
It also adds a safeguard for this in `KeyManager` by changing the
order of operations. The MAC frame counter is now reset before
updating the key sequence and MAC keys. A comment explains the
rationale behind this ordering. This is to avoid potential issue
where a large counter value may be used with the new MAC key which
could then hinder frame transmission for a long duration.
The otJoinerStart enables a mechanism for Thread
commissioning. The traditional Thread commissioning process uses
factory assigned EUI-64 of the device to derive the Joiner ID and
identify/filter a joiner (through steering data bloom filter).
But otJoinerStart does not allows users to have a new EUI-64 set
at run time.
On joiner side, when a new EUI-64 value is provided, the
Joiner code uses this new value to derive the Joiner ID and
identify/filter a joiner (through steering data bloom filter).
On commissioner side, users can use this new EUI-64 value.
MTDs built out of the OpenThread stack fail 1.4 network diagnostics
test cases that track connection time and role time in MLE counter
TLVs. We can workaround manually defining UPTIME for MTDs, but it's
better to make it the default behavior.
This commit updates and enhances the CRC module.
It updates the implementation to allow both CRC16 and CRC32
calculation with different polynomials. It adds new `Feed()` methods
to add bytes from a buffer or from a message into CRC computation. It
also adds a unit test to cover CRC calculation (both CRC16 and
CRC32).
This commit updates the default CLI bind interface to be consistent with
the description. The default behavior should apply to all Thread nodes,
not just devices that define UDP platform layer. For Thread nodes that
only use the Open Thread Stack, netif type OT_NETIF_THREAD_HOST has no
meaning.
Support for OT_NETIF_THREAD_HOST has been kept using the -h option.
Updated the CLI bind command readme to make it clear when the netif
options are valid and what is the default behavior.
Signed-off-by: Marius Preda <marius.preda@nxp.com>
This commit replaces the `#if !OPENTHREAD_RADIO` checks with explicit
`#if OPENTHREAD_FTD || OPENTHREAD_MTD` checks.
The existing check relied on the assumption that exactly one of the
three options `FTD`, `MTD`, or `RADIO` will be set, and therefore
`#if !RADIO` was used indirectly as a check for `FTD` or `MTD`. This
change improves clarity and allows for future addition of new
configurations (where this assumption may no longer hold true).
This commit updates neighbor aging and recovery on FTD children. An
FTD child establishes links with neighboring routers to receive
multicast MPL (re)transmissions.
If the device is an FTD child and has more than `mChildRouterLinks`
neighbors, it uses a longer neighbor age (`kMaxNeighborAgeOnChild =
150s`) and removes the neighboring router upon expiration without
attempting to re-establish the link.
This differs from the existing behavior (which is still used when the
device is a router or an FTD child with `mChildRouterLinks` or fewer
neighbors), where a 100-second age is used, and the device attempts
to re-establish links upon expiration by sending Link Requests.
Link Requests from FTD children are suppressed when a neighboring
router becomes unavailable, and the child already has more than
`mChildRouterLinks` neighbors. This helps reduce unnecessary network
traffic on denser networks, especially when a router device is
powered off.
When "diag radio sleep" is followed by "diag send" or "diag
repeat", the radio switches to and stays in the receive mode
after a transmission. Normally, the MAC layer is responsible
for putting the radio back to sleep but the MAC layer is
bypassed when using the diag commands.
Make sure that the radio goes back to sleep after
a transmission when the sleep mode is on. This helps command
like "diag repeat" work more reliably as the transmission
is less likely to be interferred with the accidental frame
reception.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
This commit adds support for port translation in NAT64. Currently the
translator only supports a direct mapping between an IPv4 and an IPv6
address requiring a large IPv4 pool to work effectively. This implies
the need for an additional NAT 4 to 4 translator as the border router
will only have one private IPv4 in the LAN.
This commit enhances the current functionality according to NAT64 RFC
and dynamic PAT mechanism. This is used by any home router to share a
public IPv4 address with a range of devices using private
addresses. The port translation ensures the source port or the ICMP
identifier is always unique in the mapping table allowing a reply
packet to be matched with the request using the destination port and
address. This functionality can be disabled at compile time.
Signed-off-by: Marius Preda <marius.preda@nxp.com>
This commit redefines tcplp symbols that conflict with LWIP's TCP implementation:
- tcp_input has been renamed tcplp_input
- tcp_output has be renamed tcplp_output
- tcp_close has been renamed tcp_close_tcb
- tcp_init was already removed but the prototype was still present and was deleted
- TCP_MSS and TCP6_MSS have been renamed to TCP_MAXSS and TCP6_MAXSS
Signed-off-by: Marius Preda <marius.preda@nxp.com>
Commit adds implementation of:
- 0x40 Tcat tlv extraction of active dataset,
- 0x25 Tcat tlv extraction of commissioner certificate.
Includes also refactoring of `BleCommand` adds new method `process_response`.
This simplifies:
- `GetPskdHash`
- `GetRandomNumberChallenge`
The example for the "diag frame" command uses an invalid
802.15.4 frame while not bypassing the header and security
processing with "-s" flag.
In such a case, it cannot be guaranteed that the underlying
platform will send such a frame if it can't parse the frame
IEs to check if any dynamic data is to be injected.
Switch to using a correct ACK frame.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
This commit updates `Router` to track the number of remaining Link
Request attempts during link re-establishment (when no Advertisement
is received from a router, and the router is aged out). This helps
simplify the code managing link re-establishment.
The original code counts the number of received frames to check
whether the specified frame format is supported. It doesn't check
whether the sent and the received frames are the same. The test
results may have some deviation.
This commit compares the sent and received frame to check whether the
specified frame format is supported. This commit also add a case to
test the wake-up frame format.
This commit removes unnecessary Border Agent state checks in
`CoapDtlsSession` methods. When the Border Agent is stopped, the DTLS
transport is closed, and all associated sessions are cleared and
removed.
This commit adds OT APIs to enable/disable the ephemeral key feature
and get IsEnabled state of it.
Currently a dbus method is provided to enable/disable the Ephemeral
Key feature and it is implemented with the module `BorderAgent` in
ot-br-posix. After we move the MeshCoP Service Publisher into OT core,
we won't use the `BorderAgent` module anymore. So we put the get/set
methods into OT core first. In addition, the MeshCoP service published
has a state bitmap which has a bit to indicate if Ephemeral Key
feature is supported. So we have to put this data into OT core.
This commit updates `LinkQualityInfo` to track the "link quality out,"
which is the link quality from the neighbor's perspective. This value
is currently tracked by the `Router` class. The existing methods in
`LinkQualityInfo` that return the "link quality in" are renamed to
use `LinkQualityIn` to clarify and distinguish them.
This change uses existing bits in `LinkQualityInfo`, freeing up bit
fields in the `Router` class to be used for other information.
This commit improves the organization of `border_agent.cpp` by
grouping the method definitions for `CoapDtlsSession` into a separate
section.
In PR #11131, many methods were moved into this class. To keep the
`git diff` smaller and easier to review, the methods were left in the
same order as previously defined. This resulted in the methods of
`CoapDtlsSession` and `BorderAgent` being mixed and interleaved.
This PR rearranges the methods and defines separate sections for each
class. This commit does not contain any code logic changes.
The otRadioSpinelMetrics includes metrics that record the count of the
RCP timeout and the count of RCP reboot and so on. After these events
happen, the Thread stack will exits and the system will re-start the
Thread stack again. In this case, metrics of the otRadioSpinelMetrics
will be cleared and metrics values are awalys 0.
This commit adds a temporary settings to store the radio spinel metrics.
The temporary settings will clear all settings after the system reboots.
This commit updates the `CoapDtlsSession` class in `BorderAgent` to
move all session-related functionality into this class. It now
handles its own state and uses its own `Timer`, ALOC, UDP receiver,
etc.
Many methods previously defined in `BorderAgent` are now defined in
`CoapDtlsSession`, ensuring each session can be processed
individually. The `ForwardContext`, which tracks forwarded TMF
commands, is also moved into `CoapDtlsSession` and updated to track
its associated session.
This change prepares `BorderAgent` to support multiple concurrent
sessions in future PRs.
This commit adds a new class, Ip4::Headers that offers support for
managing an IPv4 header along with UDP/TCP/ICMP4 headers from a received
message/frame. This functionality is equivalent to the one already
present for IPv6.
Added GetId() and SetId() methods to ICMP4 class.
Improved the Ip6::Headers functionality:
- added SetSourcePort() method to allow easier translation of ports in NAT64.
- added GetIpLength() and GetIpHopLimit() methods.
Added SetSourcePort() and SetDestinationPort() methods for TCP.
Signed-off-by: Marius Preda <marius.preda@nxp.com>
When running the sync command, such as `diag radio receive 10000`, the cli
doesn't allow running other commands before the sync command returns. Which
causes that the sync command may be blocked for a very long time and users
can't do anything to terminate the sync command. This will also cause the
test script to fail to run the second case after running first case fails.
This commit allows the cli to execute the `factoryreset` command when running
the sync command.
`TransmitPacket()` should return an error from platform Radio
implementation, as for example Radio can be in incorrect state.
If error occurs, increase `mSentErrorInvalidStatePackets` stat.
Add wrong state case to tests and fix `diag repeat stop` called
too lata.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit adds a mechanism to expedite recovery from temporary
router link quality mismatches. If a received `RouteTlv` (from a
received Advertisement) indicates that the neighboring router claims
no link to us by setting its `GetLinkQualityOut()` towards us as `0`,
and our two-way link quality to this router is at least Link Quality
2, we schedule a unicast MLE Advertisement to be sent to this
neighbor. This advertisement is sent after a randomly selected delay
within a one-second window using `Mle::DelayedSender`.
This helps with link recovery on the neighboring router, which
otherwise may take longer due to reliance on the next trickle
timer-triggered Advertisement transmission, which can be up to 32
seconds later and, being multicast, may be missed.
This commit introduces a "gradual router link establishment" mechanism
for FTD children. An FTD child device communicates through its parent
but can establish links with other neighboring routers to receive
multicast messages (forwarded MPL) from them, improving multicast
reliability.
An FTD child tries to establish links with the first
`ChildRouterLinks` routers quickly (sending an MLE Link Request to
initiate the link upon receiving advertisements from a neighboring
router). The `ChildRouterLinks` is configurable through an OT
configuration option (specifying the default value) and at run-time
using the `otThreadSetChildRouterLinks()` API.
After the first `ChildRouterLinks`, the "gradual router link
establishment" mechanism allows `kExtraChildRouterLinks` additional
router links to be established slowly over a longer time. Gradual
router link establishment uses the following conditions:
- The link quality to the router must be 2 or better.
- It is always skipped in the first 5 minutes
(`kWaitDurationAfterAttach`) after the device attaches.
- The child randomly decides whether to perform/skip this (with a 5%
probability).
- If the child decides to send a Link Request, a longer random delay
window is used ([1.5-10] seconds).
Even in a dense network, if 500 FTD children receive the
advertisement, with a 5% selection probability, on average, 25 nodes
will try to send a Link Request randomly spread over a 1.5-10 second
window.
With a 5% probability, on average, it takes 20 trials (20 advertisement
receptions) for an FTD child to send a Link Request. Advertisements
are, on average, ~32 seconds apart, so a child will try to establish
a link in approximately 10 minutes (20 * 32 = 640 seconds).
This commit fixes the release of expired mappings by ensuring that
`ReleaseExpiredMappings()` is always called from the timer callback
`HandleMappingExpirerTimer()`, regardless of the logging level.
Previously, `ReleaseExpiredMappings()` was called as an input to
`LogInfo()`, which could become an empty macro (ignoring its input)
if info-level logs were disabled.
This commit updates `SecureTransport` to support multiple
`SecureSession`s on the same transport. The transport tracks a list
of sessions that it owns and manages. Two new callbacks are
introduced:
- `AcceptCallback`: Used to accept a new connection request, providing
the `SecureSession` instance to use (passing ownership of the
session to the transport).
- `RemoveSessionCallback`: Signals that a session is removed,
releasing ownership of the session.
`BorderAgent`, `Tmf::SecureAgent`, and `ApplicationCoapSecure` are
updated to adopt the new model.
This commit also updates the Nexus `test_dtls`, adding
`TestDtlsMultiSession` to validate multiple session support
behavior.
The original `diag send` command is an asynchronous command. Users
must wait for a certain period of time and then run the `diag stats`
command to query how many packets have been sent to know whether all
packets have been sent. This is very inefficient, and it is not
convenient for scripts to process this command.
This commit changes the command `diag send` from an asynchronous
command to a synchronous command, and add the asynchronous command
`diag send async`.
This commit adds 'tlv' command tree to the BBTC CLI.
The 'tlv' command has two subcommands: 'list' and 'send'.
The 'tlv list' prints available TLVs types that can be used in the 'send' subcommand.
The 'tlv send <TLV_TYPE> <TLV_PAYLOAD>' allows sending specific TLV with arbitrary payloads.
Example:
`tlv send a 1234`
Send ping TLV(0x0a) with payload '1234'
The 'tlv' command tree is to gain the ability to send the TLV with any payload at any time.
This feature allows to check the behavior of TCAT device against:
- receiving of unexpected TLV
- receiving of TLV with corrupted payload
- receiving of TLVs sent in custom order
Previously, it prints a line `PASS x FAIL y ...` when all the runs of
a test case complete. However, such messages could be hard to find
when multiple test runs fail so the messages are interspersed between
other logs.
This commit moves such messages to the end of the output. This makes
it easier to notice which test cases are failed. Also it will list the
failed iterations, which is useful when MULTIPLY > 1.
This commit adds `Tasklet::Unpost()` to remove a tasklet from the
tasklet scheduler run queue if previously posted.
It also adds a detailed unit test, `test_tasklet`, covering various
uses of `Tasklet`, such as posting single or multiple tasks.,
re-posting a task from its own handler, Un-posting tasks in different
orders.
This commit changes CoAP handlers to use otError in the function or
method definitions. This ensures the definitions are consistent with
the declaration in coap.h.
This commit introduces `Crypto::Storage::KeyRefManager`, which manages
and selects the `KeyRef` values. `ot::Instance` now will have its own
`KeyRefManager`. Under `MULTIPLE_INSTANCE_ENABLE`, this allows
different `ot::Instance`s to use different `KeyRef` ranges by setting
an instance-specific offset. This offset is used when determining the
`KeyRef` numerical value for secure storage access.
This simplifies doing local check by enhancing the script to accept
extra cmake options and specifying the commit to compare.
Example usage:
```bash
OT_SHA_OLD=e4a390f34 ./script/check-size nrf52840 -DOT_FULL_LOGS=ON
```
This commit adds `test_border_agent`, using the nexus framework, to
cover the functionality of `BorderAgent`. The test cases include:
- Border Agent initial state.
- Establishing a secure session to the Border Agent and
disconnecting.
- Handling "Commissioner Petition" to accept a full commissioner.
- Handling "Commissioner Keep Alive" and timeouts.
- Ephemeral key use and its initial state.
- Establishing a connection with an ephemeral key and disconnecting.
- Ephemeral key timeout mechanism (with or without a session).
- Ephemeral key use stopping after the maximum number of failed
connection attempts.
This commit adds a new variable, `mDidConnectWithEphemeralKey`, which
tracks whether a successful secure session is established using the
ephemeral key. This variable is used in `HandleConnected()` to
determine whether to stop using the ephemeral key when the Border
Agent is notified that the secure session is disconnected.
This change ensures that ephemeral key use is not stopped after a
failed connection attempt, while still guaranteeing that an ephemeral
key can only be used once.
Without this fix, a failed connection attempt would immediately stop
the use of the ephemeral key. With this change, the intended
`kMaxEphemeralKeyConnectionAttempts` will be applied.
When configuration file defined in build parameter(command line argument),
ot-fct is wound't take into an account and accessed default path.
This commit fixes to access configuration file from path which is
defined from build command line parameter. Also, it fixes some
compilation issues while building from ot-br-posix.
Signed-off-by: ashish <ashish.vara@nxp.com>
This commit updates the code so that `Tmf::SecureAgent` is not closed
when the Thread network interface is brought down. The `SecureAgent`
is directly controlled and used by either the `BorderAgent` or
`Commissioner` during network operation, which should continue to
function even if the Thread network interface is offline. It may also
be used by the `Joiner`, but in that case, it will be closed by the
`Joiner` itself upon finishing the join attempt.
When using the `diag frame -c xxxx` command to enable the CSMA-CA when
transmitting the frame, the command `diag send` won't output any message
the CCA failure happens. It is difficult for users to know whether
the CSMA-CA is actually effective via diag commands.
This commit counts the number of packets that are sent succeed and failed,
outputs the transmision failure reason and do not re-transmit the frame
after it fails to send.
The MleRouter::BecomeRouter already checks the device role and the API
claims only return OT_ERROR_INVALID_STATE when the role is disabled.
This commit consolidates the device role check in
MleRouter::BecomeRouter.
This commit clarifies the expected behavior with CSMA/CA parameters in
TxInfo.
* non-zero mTxDelay or non-zero mTxDelayBaseTime or falsy
mCsmaCaEnabled disables CSMA backoffs, thus ignores the
mMaxCsmaBackoffs field.
* Zero mMaxCsmaBackoffs disables CSMA backoffs.
* CCA is solely controlled by mCsmaCaEnabled.
This commit updates the interaction between `BorderAgent` and the
native `Commissioner`, removing the unnecessary mechanism to stop and
restart the Border Agent when the commissioner is enabled and
disabled.
This was previously required because both modules shared the same
underlying `Tmf::SecureAgent` and DTLS transport. This has been
changed recently so that `BorderAgent` uses its own DTLS transport
and sessions.
This commit updates `BorderAgent` to utilize its own DTLS `Transport`
and CoAP `SecureSession`, separating it from the shared
`Tmf::SecureAgent` used by `Commissioner` and `Joiner` modules. This
change enables future support for multiple sessions within
`BorderAgent`.
This commit improves the organization of `secure_transport.cpp` by
grouping method definitions for `SecureSession` and `SecureTransport`
into separate sections.
The recent PR #11046 introduced `SecureSession`, separating the
session and transport functionality. To keep the `git diff` smaller
and easier to review, the methods were left in the same order as
previously defined. This resulted in methods of `SecureSession` and
`SecureTransport` being mixed and interleaved. This PR rearranges the
methods and defines separate sections for each class. This commit
does not contain any code logic changes.
This commit updates the `Dataset::IsTlvValid()` method to also
validate the Active/Pending Timestamp and Delay Timer TLVs, ensuring
they have the minimum required length. This ensures that a dataset
with invalid TLVs is correctly rejected when set on a device.
This commit introduces the `Dtls::Transport` and `Dtls::Session`
classes, separating session-related functions from transport-related
behaviors. It also introduces the `Coap::SecureSession` class, which
handles CoAP processing over a DTLS session. This simplifies the code
by allowing `Coap::SecureSession` to inherit many of its methods from
`Dtls::Session`, avoiding repetition. It also separates CoAP-specific
message processing from transport-related functionality.
`Tmf::SecureAgent` and `ApplicationCoapSecure` are updated to act as
both a `Dtls::Transport` and a single `Coap::SecureSession`.
This commit adds a version field (`uint8_t`) to DNS/SRP Anycast and
Unicast Service entries in `NetworkData::Service::Manager`.
For Unicast entries, the version the version field is placed after
the existing fields, specifically after the IPv6 address and port number fields.
For Anycast entries it is added as the in server data as part of the
Server TLV.
When processing Network Data service entries, the version field is
optional and if absent, version number zero is assumed.
The `NetworkData::Publisher` now considers entries with the same or
higher version number when deciding whether to add or remove its own
entry, preferring those with a higher version.
In SRP client, when `AutoStart` mode is used and if there are multiple
Unicast, Service entries, the client prefers the one with larger
version number.
When selecting an anycast entry, the existing rules regarding sequence
numbers are still used. If multiple entries with the same sequence
number exist, the client will assume the minimum version number among
all such entries.
This commit also updates the `test_network_data` unit test, validating
the new format and related methods.
`test_netdata_publisher.py` is also updated to check service entries
with different version numbers.
This commit updates `LinkedList` and `OwningList` to enhance
`FindMatching()`, `RemoveMatching()`, and related methods to use
`Matches()` with a variable number of arguments. The implementation
uses a variadic template function and forwarding references.
This commit simplifies the `BorderAgent::HandleUdpReceive()` method:
- All local variables are defined at the top of the method.
- Tracks whether the UDP message was handled in the new local
`didHandle` variable (avoiding the reuse of a specific error code
to track this).
- Simplifies log messages.
This commit adds guard checks for Border Agent, Commissioner, Joiner,
and CoAP Secure API features that use Secure Transport (DTLS/TLS) to
ensure `OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE` is enabled. It
also moves the deprecation check for the earlier DTLS configuration
to `openthread-core-config-check.h` to be consistent with other
removed/deprecated configurations.
This commit adds `LogCertMessage()` to generate a message dump log for
certification test. This function is used by both `Joiner` and
`Commissioner`, removing duplicate code.
The current diag module will count any packets received. This commit
adds the command `diag radio receive filter` to allow the diag module
receives only frames with the specified destination mac address.
This commit rearranges the method definitions in the `BorderAgent`
class so that related methods are next to each other. This improves
code readability and organization. This commit contains no logic
changes.
This commit introduces a new mechanism for the TREL link to detect and
handle discrepancies between the IPv6 address and port used by a TREL
peer in a received TREL packet, and the information previously
reported by the platform layer (through DNS-SD discovery) for the
same peer.
Ideally, the platform underlying DNS-SD should detect changes to
advertised ports and addresses by peers. However, there are
situations where this is not detected reliably.
As a received frame over the TREL radio link is processed by the MAC
or MLE layers, if the frame passes receive security checks at either
layer (indicating it is a secure and authenticated/fresh frame from a
valid neighbor), the TREL peer socket address is automatically
updated from the received TREL packet info. This ensures the TREL
peer table is updated correctly if there are changes to TREL peer
addresses of valid Thread neighbors upon rx from such neighbor,
increasing the robustness of the TREL link.
This commit also introduces a new `otPlatTrel` platform API,
`otPlatTrelNotifyPeerSocketAddressDifference()`. The TREL
implementation now notifies the platform layer whenever it detects a
discrepancy in a TREL peer's socket address, regardless of whether
the peer table is automatically updated. This allows the platform
layer to take any appropriate action, such as restarting or
confirming DNS-SD service resolution query for the peer service
instance and/or address resolution query for its associated host
name.
This commit also adds a new test that validates the newly added
behavior, including the auto-update of peer table information and
notification of the platform through the new API, triggered by either
MLE or MAC messages over the TREL radio link.
This commit contains the following changes to `LinkedList`:
- Removes the `FindMatching()` version that searches within a given
sub-section of the list, as this method is no longer needed.
- Renames the method that finds a matching entry and also returns the
`prev` entry in the list to `FindMatchingWithPrev()`. This
distinguishes it from other `FindMatching()` overloads and
clarifies its purpose. This method is often used when the caller
wants to find the matching entry and later remove it from the list.
This commit updates and simplifies how `Connect` and `Receive`
callbacks are set on `SecureTransport` and `CoapSecure`. Instead of
using the `Open()` method to set these, they are now directly set
using the corresponding `SecureSession` methods. This commit also
harmonizes the method name for setting the "connect" callback,
ensuring the same name is used by different classes.
All diagnostic commands (instead of `diag start`) should fail if
device is not in diagnostic mode. Previously it was verified by
each command's process method (with a missing check in
`ProcessEcho` and `ProcessGpio`). This commit moves the check
directly to `ProcessCmd` and cleans up redundant code.
Additionally clean the documentation and align the code as for
some commands `status 0x00` was added on success and for some not.
Move `AppendErrorResult()` to `ProcessCmd()` as well.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit introduces the `SecureSession` class to manage
session-related functionality, decoupling it from the
`SecureTransport` class. `SecureSession` provides method such as
`Connect()`, `Send()`, and `IsConnected()`, while `SecureTransport`
focuses on transport-level operations and common configuration
(e.g., setting PSK, cipher keys).
The `Dtls` and `Tls` subclasses now inherit from both
`SecureTransport` and `SecureSession`, effectively providing the same
methods as before and implementing a single DTLS/TLS session over a
socket.
This commit updates `Setup()`, which initializes and sets up
`mbedtls_ssl_config` and `mbedtls_ssl_context`. The call
`mExtension->SetApplicationSecureKeys()` (which updates the
`mbedtls_ssl_config`) is now called before `mbedtls_ssl_setup()`
associates the config with the `mbedtls_ssl_context`. This
follows the recommendation that the config structure is not
modified after `ssl_setup()` and while a session is active.
This commit refactors the settings module to move the settings file
related methods to a seperate file, so that other modules could resue
the same code to save thier settings to another settings file.
The `diag frame` command can set the frame to be sent. But developers
has no command to check if the received frame is the same as the sent
frame. This commit adds the command `diag receive [async] <number>
[lpr]` to show the detailed info of specified number of received
frames.
The current MLE Link Request handler would result in dead lock if two
routers sends Link Request to each other at very close time points, when
either node tracks the other node in LinkRequest state, so rejects the
request until timeout.
This commit changes the handler so that a node will accept the Link
Request even if the peer is in LinkRequest state.
The wakeup frame is sent from the wakeup coordinator rather than the
wakeup end device. Current code processes the key id mode 2 only when
the device is the wakeup end device. This commit corrects this issue.
This commit fixes an issue related to #9554 where a new radio
capability is introduced: RX_ON_WHEN_IDLE.
In this commit, we set `rx_on_when_idle` to be true when calling `diag
start`, and false when calling `diag stop` for devices which support
`rx_on_when_idle`.
This fix ensures that packets can still be received if `diag` is used
after `ifconfig down`.
If the radio driver supports the `OT_RADIO_CAPS_TRANSMIT_SEC`, the
radio driver should process the security of the send frame. But the
current method `otMacFrameProcessTransmitSecurity()` doesn't process
the security of the wakeup frame. Which causes sent wakeup frame is not
encrypted.
This commit enables the method `otMacFrameProcessTransmitSecurity()`
to process the security of the wakeup frame.
There is a standalone CMake version check, no need to use this version
in gcc specific build tests. This change should accelerate gcc build
check, as it takes 8.5 minutes to build cmake.
This commit updates how state is tracked in the `SecureTransport`
class. It directly tracks whether the transport/socket has been
opened or closed in a new member variable `mIsOpen`. The TLS/DTLS
session state is tracked separately in `mSessionState`. This
separation allows for future changes to support multiple sessions
using the same transport/socket.
This commit also simplifies the session states, adding "disconnected"
and "disconnecting" (replacing "close notify") states.
When running the command `diag frame -s
fd874f68f1ca00efbe00adde5d4f4913e953845a154d4cbab10000000001820e390005009bb8ea011c58a065c39fbd`
and `diag send 20` to send the specified diag frame, we found that the
frame is modified by the RadioSpinel module. Which causes the diag
sent frames are not the same.
This commit checks whether the frame header has been updated before
sending, the RadioSpinel module won't update the frame header if the
frame header has been updated before sending. This commit also adds an
option `-u` to the `diag frame` command to specify the
`mInfo.mTxInfo.mIsHeaderUpdated` field of the diag sent frame.
This commit expects echo of diag commands to make sure the command is
received by the node when waiting for the expected output. This helps
make this test less flaky.
If the new router is not in peer's route TLV, the link request would
be ignored, causing the link establishment stuck at the Link Request
stage until timeout when a new attempt could proceed. This commit adds
a check on the initiator to make sure the peer router's Route TLV
contains the initiator's router id before sending the link request,
otherwise it refrains from initiating the link establishment.
This commit simplifies and fixes the `Send()` method by sending the
entire `aMessage` content and removing the extra `aLength` input
parameter. In all calls, the input `aLength` was set to the message's
length. The previous implementation of `Send()` did not correctly
handle cases where the passed-in length was longer than the available
bytes in the given message.
This commit also updates the documentation of `Send()` to clarify the
behavior regarding the transfer of ownership of `aMessage`.
Additionally, this commit simplifies `CoapSecure` and `BleSecure`
where `Send()` is called.
This commit updates the `ba counters` CLI command to use a counter
name lookup array. This follows the same approach used in `Cli` for
other counters, such as MAC, MLE, IP, and BR counters.
This commit adds a new mechanism to track the current attach time
(the time duration since device was last attached to a Thread mesh).
This duration indicates how long the device has been connected,
regardless of its role(child, router, or leader).
A related public OT API and CLI command are also added. This
information can be used for debugging purposes and internally within
the OT core to wait for the device to stabilize before enabling
certain behaviors.
This commit updates `Srp::Server` to associate its UDP socket with
`kNetifThreadInternal`, ensuring that received messages are from the
internal Thread network interface (i.e., from devices within the
Thread mesh).
This commit adds `test_dtls` using the nexus framework, which covers
basic functionality of `Dtls` (`SecureTransport). The test covers:
- Devices acting as DTLS server or client
- Establishing a DTLS session and data transfer
- `ConnectedHandler` events when the peer or local side disconnects
- Failed connection attempts (e.g., using an incorrect PSK)
- Setting max allowed attempts and auto-close behavior
This commit updates how MbedTLS timers are handled, ensuring that both
intermediate and finish times are tracked in their own variables.
This decouples the intervals from the underlying `TimerMilli`
instance, allowing the same timer to be shared to support multiple
sessions later.
This commit updates the `Setup()` method to separate the preparation
of the `mbedtls_ssl_config`, `mbedtls_ssl_cookie_ctx`, and
`mbedtls_ssl_context` components. This allows for decoupling these
components later, for example, to support multiple sessions using the
same configuration.
This commit rearranges the method definitions in the `SecureTransport`
source file to place the `SecureTransport::Extension` class methods
next to each other and after the `SecureTransport` methods.
This commit updates `SecureTransport`. It introduces the `Extension`
class within `SecureTransport`, providing support for additional
cipher suites and related methods to configure the ciphers
(e.g., `SetPreSharedKey()`, `SetCertificate()`).
This class decouples this functionality from the common
`SecureTransport` object, allowing it to be added to any class.
Classes like `ApplicationCoapSecure` or `BleSecure` can inherit from
`Extension` to provide these methods. An `Extension` is then
associated with a `SecureTransport` (or any of its subclasses). This
approach ensures that only instances requiring extended cipher suite
support incur the associated memory cost and avoid repeated code.
This commit also introduces `Dtls`, `DtlsExtended`, and `Tls` as
subclasses of `SecureTransport` for easier use by other modules.
This commit resets (to now) the timestamp of queued messages for a
previously sleepy child when the child mode changes to non-sleepy.
This ensures that delay-aware queue management is correctly applied
to these messages and avoids them being dropped immediately.
This commit introduces `kNetifThreadInternal` as a network interface
option for UDP sockets. Unlike other options, this disallows the use
of platform UDP for the socket, indicating that the socket should use
the OpenThread internal Thread network interface only.
This model replaces the previous approach where `ShouldUsePlatformUdp()`
would check the socket port against a set of port numbers used by
different modules (such as MLE, TMF, Joiner Router, etc) to determine
whether platform UDP APIs should be used. With the new model, each
module decides whether to associate its socket with the
`kNetifThreadInternal`.
This is a more flexible and extensible model, ensuring that sockets
that should not use the platform do not waste resources (they will
not be created or opened/closed on the platform). This also help
avoid edge cases where platform UDP operations may unintentionally
fail when the platform socket is not actually needed.
Avoid SSL context operations in TCP callbacks (for
eg. `HandleTcpDisconnected`) when the context could have already been
de-allocated after de-initialization.
This commit updates how address lists are compared in the unit test
`spinel_prop_codec`, ensuring that the correct size based on the
array length is passed to `memcmp()`.
This commit adds `Mac::CalculateRadioBusTransferTime()`, which
calculates the radio bus transfer time (in microseconds) for a given
frame size based on `Radio::GetBusSpeed()` & `Radio::GetBusLatency()`.
This helper method is used in the `CslTxScheduler` and
`WakeupTxScheduler` classes to update frame request-ahead time.
This commit updates how the handshake completion is checked on MBedTLS
version 3.0 or later. Instead of accessing the private `state`
variable, the `mbedtls_ssl_is_handshake_over()` function is used.
This follows the recommendation of the MbedTLS documentation to avoid
using the deprecated `mSsl->MBEDTLS_PRIVATE(state)` access on newer
versions.
This commit updates how the `NetifId` is set on a `Udp::Socket`. It is
now specified as a parameter in the `Open()` call instead of `Bind()`.
This change makes the socket more flexible by allowing the `NetifId`
to be known earlier (which can be used for future optimizations). It
also allows the desired `NetifId` to be set even when `Bind()` is not
explicitly called, such as when `Connect()` or `SendTo()` are used on
a socket that is not yet bound. Previously, `kNetifThread` was
assumed by default in these situations.
The public `otUdp` APIs are left unchanged to ensure backward
compatibility.
This commit removes the `ShouldUsePlatformUdp()` call in
`Ip6::PassToHost()` and `Udp::HandleMessage()`.
`ShouldUsePlatformUdp(port)` checks whether the port is NOT one of the
port numbers used by the OT stack, such as the MLE port, TMF port,
border agent port, or joiner port. This check is already covered by
`Udp::IsPortInUse()`, which checks if there is a UDP socket bound to
the given port.
Applying such a filter in `Udp::HandleMessage()` seems to have been
added by mistake, as it blocks the use of UDP receivers, which should
be able to receive and process on any port, not just the ports where
we have a socket bound.
This commit introduces `CslNeighbor`, a subclass of `Neighbor` that
also inherits from `IndirectSender::NeighborInfo` and
`CslTxScheduler::NeighborInfo` to manage indirect transmission and
CSL-specific information.
The `Child` class now inherits from `CslNeighbor`, inheriting all CSL
functionalities while adding extra child-specific information. The
newly added `CslNeighbor` allows extending CSL functionality to
devices in other roles, not just `Child` devices.
The `CslTxScheduler` class is updated to use `CslNeighbor` as well
(instead of `Child`), making it more general-purpose.
`IndirectSender`, its sub-components, and `Mac` are updated to enable
CSL on MTD builds when `OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE`
is enabled.
This restructuring provides a more flexible and scalable framework for
implementing enhanced CSL functionality on new device types.
This commit fixes the wrong implementation of the GetProperty handler
of `SPINEL_PROP_SRP_SERVER_ENABLED` and
`SPINEL_PROP_SRP_SERVER_AUTO_ENABLE_MODE`.
In GetProperty handlers only the body should be written. It doesn't
need to and shouldn't call `BeginFrame` and `EndFrame`. If using
`BeginFrame` here, it will get an error of INVALID_STATE.
This commit defines the `Mac::kCslRequestAhead` constant, which
maps to `OPENTHREAD_CONFIG_MAC_CSL_REQUEST_AHEAD_US`. This
constant is used within the core modules.
Commit aligns define guards on `LogAt` macto and `RegisterLogModule` to
match. Previuosly `OT_SHOULD_LOG` was getting default value set as
platform defined and log level was buy default set to none which caused
misalignment.
This commit refactors `Radio::Statistics` to be a nested type within
the `Radio` class. It is declared as a `friend` of `Radio` so that
its interaction with `Radio` can be defined as `private` methods.
When the ot-rcp enters the assert state, the host crashes and exits.
But the ot-rcp still runs in the dead loop and becomes an orphan
process.
This commit enables the platform assert so that the ot-rcp can
automatically exit when entering the assert state.
This commit removes the `Callbacks` class defined for use between
`IndirectSender` and its underlying `DataPollHandler` and
`CslTxScheduler` components. This model was added earlier in #3952 to
make all interactions between these modules asynchronous
(callback-based). The objective was to move the handling of data
polls and indirect transmissions closer to the MAC layer and allow
`DataPollHandler` logic to be moved to RCP in an host and RCP
architecture. With the introduction of CSL, this approach is no
longer viable, but the callback style was still used. This commit
removes this and simplifies the code.
The Sequence Number Suppression field and AR can be both 1 in fuzz test,
in which case, the frame is not valid. And no ack should be expected.
This commit changes the expectation in this case.
This commit fixes an issue in spinel_prop_codec unit test.
We cannot use Spinel::Decoder::ReadUintPacked with a spinel_prop_key_t
type. This will cause build errors on arm platforms.
This commit updates `DelayedSender` to allow scheduling of delayed MLE
Link Request messages. This is used to apply a random delay when
sending a Link Request after receiving an MLE Advertisement from a
neighbor.
Advertisement messages are multicast transmissions and can be received
by multiple nodes, potentially causing synchronized generation of
Link Requests. This change helps distribute the transmission time
over a random window (one second if the requester is a router, or
[1.5-3] seconds window if it is a child).
When a router timeout occurs (i.e., no advertisements are received
from a neighboring router for more than the maximum allowed age), the
device sends Link Requests to restore its link. This commit updates
this process to apply a random delay (over a one-second window) to
each Link Request transmission.
This aligns the implementation with the Thread specification and can
improve network behavior when a new router is added or abruptly
removed.
This commit adds spinel_prop_codec module to lib/spinel to provide
encoding & decoding functions for complex spinel properties.
This commit moves the encoding of `SPINEL_PROP_DNSSD_HOST`,
`SPINEL_PROP_DNSSD_SERVICE` and `SPINEL_PROP_DNSSD_KEY_RECORD` from
NcpBase to the lib and adds the decoding functions. The background is
that I found the encoding & decoding of complex spinel properties are
error-prone. However the encoding and decoding of one property are
usually put in different places. For example, encoding is in
openthread ncp while decoding is in ot-br-posix ncp spinel. It's
difficult to debug the decoding in ot-br-posix and there is no unit
tests for the encoding & decoding.
This commit puts the encoding & decoding together and adds unit tests
to ensure they are correct.
This commit refactors COAPS classes, renaming the `CoapSecure` class
as `CoapSecureBase`, which is the base class of `Tmf::SecureAgent`
and a newly added `ApplicationCoapSecure` class. This change
simplifies the code and class hierarchy and ensures that the
Application COAP secure related functions are only provided by
`ApplicationCoapSecure` and when the corresponding config feature
`OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE` is enabled.
This commit removes the calls to `mbedtls_ssl_close_notify()` in
`SecureTransport::Process()` when, based on `rval`, it is determined
that `Disconnect()` should be called, as the `Disconnect()` method
itself will call `mbedtls_ssl_close_notify()`.
This commit reorders the member variables in `SecureTransport`,
grouping booleans and variables of the same size closer to each other
to avoid alignment gaps and allow for better code optimization.
Sometimes `ot-rcp` will exit without any exit information in the
log. It is hard for developers to know what happens on the `ot-rcp`
side when the `ot-rcp` exits abnormally. This commit calls functions
defined in `lib/platform/exit_code.h` to exit the program and log the
exit information.
This commit simplifies `SecureTransport::Process()`:
- The `mReceiveCallback` is invoked only after a successful `read()`
Afterward, we `continue` back through the loop to check if it can
read again.
- The `rval` checks are now combined into a single `switch()`
statement to determine if the connection should be disconnected,
reset, or if the process should wait, and then takes the proper
action.
This commit contains changes to `SecureTransport`:
- Inlines simple methods (`Disconnect()` and `GetUdpPort()`).
- Removes/refactors simpler methods, such as `Receive()` and
`HandleSecureTransportSend()`, which are now directly moved into
`HandleMbedtlsTransmit()` and `HandleReceive()`.
- Removes unused `SetClientId()` and inlines its implementation.
- Removes extra `LogDebug` line (can be tracked by logging `State`
changes).
- Simplifies `HandleMbedtlsReceive()` and how data is read from
`mReceiveMessage`.
- Uses a consistent style to refer to function pointers.
This commit adds `Ip6::MessageInfo::HasSamePeerAddrAndPort()` which
checks if the peer address and port of two `MessageInfo` objects
match. This method is used in different modules (`Coap`, `Srp::Server`,
`SecureTransport`) to simplify the code.
This commit removes unnecessary documentation of private member
variables in the `Neighbor` class and updates `enum` based constant ,
replacing it with `static constexpr`.
This commit ensures that the `mCslPresent` flag is set on `TxFrame`
when the CSL IE header is appended to the frame. This addresses an
issue introduced in #10692 where this flag can remain unset.
If the Wake-up Coordinator role is enabled:
1. Add an API to attempt to attach a Wake-up End Device. For now,
this new API starts a wake-up frame sequence to the WED, but all
the remaining MLE changes will be provided in the upcoming PRs.
2. Add "wakeup wake" shell command.
Note:
This commit enables testing the wake-up feature without the need to
make any changes in the radio layer by implementing the wake-up frame
scheduling in the core.
In real products with the Wake-up Coordinator capability, this should
likely be offloaded to the radio layer to assure a reliable wake-up
despite of the high rate of the wake-up frames.
This commit implements response aggregation (RFC 6762 section 6.4) in
the mDNS module. If multiple responses are scheduled to be sent, each
delayed by a different interval, earlier responses are further
delayed to allow aggregation with other responses scheduled to go out
a little later.
Before preparing a response, we determine the next multicast
transmission time that is explicitly after the current time. This is
used for response aggregation. As the response is being prepared,
different entries can decide whether to extend their answer delay
duration if allowed (e.g., probe question answer delay cannot be
extended) and possible (not extending the delay beyond the maximum
allowed delay).
To realize this, the way we track the `AnswerTime` of records is
changed. It is now tracked by two variables: `mQueryRxTime`
(the receive time of the question triggering the answer) and
`mAnswerDelay`.
This commit also adds `TestResponseAggregation()` to the `test_mdns`
unit test to validate the response aggregation behavior.
This commit renames and updates `HandleLinkAcceptVariant()` used to
handle an MLE "Link Accept" or "Link Accept And Request". The method
now takes the `MessageType` directly as an input parameter.
This commit adds a new `CipherSuite` enum in `SecureTransport` to
track the selected cipher suite. This helps simplify the code. A
table is used to map the selected `mCipherSuite` to a constant array
of `MBEDTLS_TLS_*` values to configure mbedTLS module.
This commit updates how the Link Accept response timeout is tracked.
It is now directly tracked in a `Router` entry using a new member
variable, `mLinkAcceptTimeout`, which stores the remaining timeout in
seconds. This value is decremented from `HandleTimeTick()` every
second.
This model replaces the previous approach, which indirectly used
`SetLastHeard()` for this purpose. The earlier method had
shortcomings; primarily, `SetLastHeard()` could be called again on
receiving a new advertisement, inadvertently pushing back the Link
Accept timeout. This model also became problematic when a random
delay was introduced before the transmission of Link Requests
(e.g., after receiving an advertisement).
This commit also enhances the process for restoring a link when a
router is aged (i.e., no advertisements are received from it). In the
new model, once the router age expires, Link Requests are sent every
time tick (every second) up to `kMaxTxCount = 3` attempts. The main
change is that after the last attempt, the code waits for the Link
Accept timeout (~3 seconds) before the router is removed.
This commit adds an additional note next to the table from the
specification text regarding valid combinations of flags within an
encoded MAC header and the interpretation of the "PAN ID Compression"
flag.
This commit removes the `CONFIG_MLE_SEND_LINK_REQUEST_ON_ADV_TIMEOUT`
configuration option.
The related behavior is now always enabled, meaning a device will
always send a Link Request when the advertisement timeout is reached
and the neighbor age threshold is met for a neighboring router.
This commit implements "Periodic Parent Search" mechanism for FED/REED
devices (FTD children). This enhances and builds upon
the existing parent search feature, which is mainly intended for
MTD children.
An FTD child receives and processes MLE Advertisements from
neighboring routers. The child uses this information to track the
one-way link quality to each router, which is later used to compare
and select potential new parents.
Every "parent search check interval", the FTD child checks to see if
it can select a better parent by evaluating all neighboring routers
based on their link quality information. A router is considered a
suitable parent candidate only if its average RSS exceeds the current
parent's RSS by a margin (`PARENT_SEARCH_RSS_MARGIN`).
Once a candidate is selected, the FTD child sends unicast MLE Parent
Requests to both the candidate and its current parent. This ensures
updated connectivity information is obtained from both before making
a decision. The same set of criteria used to compare candidates
during initial attach are applied during parent switch.
If the attach attempt to the selected candidate fails (e.g., the
router already has the maximum number of children it can support),
the FTD child ensures not to select the same router again until
a "reselect timeout" expires.
This commit also adds the `test-025-fed-parent-search.py test`, which
validates the newly added FTD parent search behavior, including the
mechanisms to attach to a selected router and the reselect timeout.
This commit refines the Child Update Request mechanism within the MLE
module. The `DelayedSender` class is now used to schedule these
requests, enabling the aggregation of multiple updates into a single
transmission.
The previous implementation, which relied on
`mMessageTransmissionTimer` and a state variable, has been replaced
with the `DelayedSender` mechanism. This change aligns the Child
Update Request process with the scheduling of other MLE messages,
ensuring consistency.
Additionally, the `mMessageTransmissionTimer` is now exclusively
dedicated to retransmission handling, simplifying the logic and
improving code readability. The introduction of two boolean
variables, `mWaitingForChildUpdateResponse` and
`mWaitingForDataResponse`, further streamlines retransmission
handling by clearly tracking the waiting state for specific
responses.
This commit renames the `SendChildUpdateRequest/Response()` methods
to distinguish between those sending (from a child) to its parent and
those sending (from a parent node) to a child. This improves the
readability of the code.
This commit introduces the `EcdheEcdsaInfo` and `PskInfo` structs,
which encapsulate all the tracked properties needed when the
corresponding key-exchange mechanism is used. This helps simplify the
code by keeping all code related to each feature within the same
block.
The parameters of the method dataset_set_buffer() has been updated, but the
method create_dataset() still use previous defination of dataset_set_buffer().
It causes the crash when calling the method create_dataset().
This commit implements ncp version of otPlatDnssdRegisterHost.
1. move the position of `SPINEL_PROP_DNSSD_STATE` in `spinel.h`
because it was by mistake put within the range of
`SPINEL_PROP_SRP_SERVER`. The value is unchanged.
2. A template method `DnssdUpdate` is added because the same process
works also for DNSSD service and key record which will be added in
following PRs.
This commit updates the `CoapSecure`, `Tmf`, and `SecureTransport`
modules to use the `LinkSecurityMode` enum and its defined constants
to indicate whether or not layer two security should be used. This
replaces the use of boolean input parameters with `kWithLinkSecurity`
or `kNoLinkSecurity` constants, improving code readability.
This commit updates how `Mle::DelayedSender` sends MLE messages after
a delay.
Previously, a delayed message was fully prepared and placed in a
queue, waiting for its delay duration to expire. In the new model, a
delayed message is prepared when the requested delay time expires and
the message transmission time is reached. The message is constructed
right before transmission. This ensures that the delayed message
includes the most up-to-date information and simplifies the methods
that prepare and send different types of MLE messages.
`DelayedSender` now keeps track of the message type and the
specific information required to construct the message later. For
example, for a delayed Parent Response to a Parent Request, the
extended address and the `RxChallenge` of the child are saved.
This new model makes it easier to implement the desired behavior when
similar messages are already scheduled to the same destination. For
example:
- For Data Request, if one is already scheduled, a new request can
be skipped, as the earlier Data Request will be valid.
- For Parent Response, Link Accept, and Data Response, a new
schedule request replaces an earlier one.
- For Discovery Response, multiple schedules are allowed.
This commit applies style fixes and renames in the `SecureTransport`
class, including using the `k` prefix for constants and removing
unused member variables.
Started from #10872, platform trel stays un-initialized if no TREL URL is
passed in. `otPlatTrelEnable` asserted for `sInitialized`, and caused
crashes when `otPlatTrelEnable()` is called.
This commit changes the assertions to VerifyOrExit() to allow
otPlatTrelEnable calls when TREL is not initialized.
This commit implements NCP based version of `otPlatDnssdGetState`.
A unit test is added to verify the implementation. This commit also
adjusts the unit test workflow to put the ncp unit tests into a
separate item. The direct reason for this commit is that `otPlatDnssd`
APIs haven't been implemented in `FakePlatform` and when
`OT_PLATFORM_DNSSD` is turned, the build failed. Let's first run NCP
unit tests separately and later try to merge the test items.
This commit updates `otUdpSocket` to track the associated network
interface identifier to which the socket is bound. This simplifies
the code for tracking backbone sockets, particularly how
`Udp::HandlePayload()` finds a matching socket.
Previously, backbone sockets were placed at the end of the `mSockets`
linked-list. The code tracked and updated a pointer to the entry
before the first backbone socket in the list. This commit removes the
need for this additional tracking and simplifies the implementation.
The current TREL implementation uses TREL URL to pass in the TREL
interface at system start. This works for devices that have a fixed
interface for TREL.
There are devices that can dynamically switch infrastructure link, for
those devices it's possible that infra link changes from ethernet to
wifi and TREL should be re-configured on the new interface.
There's a CI failure that the BR sends the query to 8.8.8.8 as the
upstream DNS server and responded to the DNS client. This is undesired
behavior. We want the BR to query our test DNS server instead.
The issue happened because 8.8.8.8 is already an entry in
`/etc/resolv.conf`. To avoid querying it, we should fully overwrite
the `/etc/resolv.conf` to ensure the BR queries the test DNS server.
There's another issue that `bind9` service was also running on the BR
node which taken over all incoming DNS queries. `bind9` should only
run on the upstream DNS server node. I'll try fix this in a more
generic way later.
This commit introduces a mechanism for a device transitioning from
child to router role to keep receiving frames addressed to its
previous short address for a brief period.
A new radio platform API, `otPlatRadioSetAlternateShortAddress()`, is
introduced. This allows the OT stack to configure an alternate short
address. Radio platform support for this function is indicated by the
`OT_RADIO_CAPS_ALT_SHORT_ADDR` capability in `otPlatRadioGetCaps()`
The same function can be used with `OT_RADIO_INVALID_SHORT_ADDR`
(`0xfffe`) to clear a previously set alternate short address. Support
for the new API is implemented in RCP and `RadioSpinel`, ensuring
backward compatibility by dynamically checking supported radio
capabilities.
MLE code is updated to instruct the radio to use the old child RLOC16
as an alternate address upon role transition. The MLE layer will
automatically clear the alternate address after eight seconds, or if
other state/mode changes occur. This eight-second window ensures the
new router can transmit four MLE Advertisement messages.
This commit simplifies the process of preparing response and query
messages in the mDNS module. Instead of passing `TxMessage` and
`aNow` separately, a reference to `EntryContext` or `CacheContext`
is now passed directly to `PrepareResponse()` and other related
methods.
This direct approach streamlines the code and facilitates the
potential inclusion of additional fields in `EntryContext` in the
future.
This commit adds empty implementation for a NCP based version of
otPlatDnssd APIs.
Like NCP version of otPlatInfraIf APIs, this commit adds a control
option to enable/disable the simulation platform version of
otPlatDnssd APIs to avoid conflict. By default, the simulation version
of implementation will still be turned on.
This commit updates the Border Agent to invoke the ephemeral key
callback when a commissioner candidate successfully establishes a
secure session using the ephemeral key. This can be identified by
checking the state `otBorderAgentGetState()` and matching it with
`OT_BORDER_AGENT_STATE_ACTIVE`. This new signal can be used to stop
advertising the mDNS service "_meshcop-e._udp" earlier (since the
ephemeral key is one-time use).
When allocating a new NAT64 mapping table item to a transaction, the
counters might be dirty, causing incorrect counter values in NAT64
mapping protocol counters.
This commit introduces a new API `otNat64ClearIp4Cidr` which is useful
when the in-use NAT64 CIDR is preempted and the platform fails to
allocate a new IPv4 CIDR. In such a (rare) case we'd better notify OT
that there isn't an available CIDR. `otNat64SetIp4Cidr` doesn't
support an 0-length CIDR as the input so we'll have to introduce this
new API.
This commit fixes an issue in DNS recursive resolver that it didn't
bind its socket to the infra network interface. This may cause the DNS
message to be sent on an unexpected network interface, depending on
the routing table of the platform.
This commit also updates the test case `test_upstream_dns.py` to make
the upstream DNS server run on a different node. Previously the
upstream DNS server ran on the same node as the BR which is a
limitation of this test case.
This commit updates the `static_assert` checks for `enum` values within
all core modules to use the recently added compile-time static counter
and its related helper utility macros.
The implementation of `otTaskletsSignalPending` in
`examples/apps/<app>/main.c` is exactly the same as the weak
implementation in `tasklet_api.cpp`. No need to repeat it and blocking
other implementations of that function.
This commit fixes the bug in NCP Get
`SPINEL_PROP_THREAD_ACTIVE_DATASET_TLVS` and
`SPINEL_PROP_THREAD_PENDING_DATASET_TLVS`.
There are cases where dataset doesn't exist and
`otDatasetGetActiveTlvs` returns `OT_ERROR_NOT_FOUND`. This will cause
that the NCP doesn't send any responses to the host. This commit lets
the implementation ignore the NOT_FOUND error and will encode empty
data in this case.
This commit adds a compile time utility to check that enum values are in
order, which eliminates calculating the actual value of conditional enum
values in source code.
This commit adds `OnLinkPrefixManager::AddressMatchesLocalPrefix()`
method, which checks whether a given address matches the current
local on-link prefix only when the prefix is valid (being published,
advertised, or deprecated by the BR). This method is used in
`RxRaTracker::IsAddressOnLink()`, ensuring that the local prefix is
always explicitly checked. This makes the check more robust and
independent of whether `RxRaTracker` receives and tracks
self-generated RAs.
This commit adds some missing platform API implementation for
FakePlatform.
These are added so that FakePlatform can be used to write unit tests
in ot-br-posix.
The commit also guards the microSecondTimer code in `FakePlatform`
with the marcro `OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE` because
`otPlatAlarmMicroFired` is only defined in OT timer.cpp when
`OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE` is true.
This commit also removes some parameter names in the fake
implementation to avoid unused warnings.
This commit updates and fixes how the `mDataRequestState` variable,
which controls retransmissions of MLE Data Request messages, is
updated.
An MLE Data Request message can be sent for different purposes: either
to request updated Network Data or to retrieve a Link Metrics Report
from a neighbor/parent. The `mDataRequestState` retransmission
mechanism is used to handle retx of Data Requests for retrieving
Network Data. This commit ensures that the code that updates these
variables is moved to `SendDataRequestAfterDelay()` and
not in the common version, which can be used for both Network Data
and Link Metric Reports. This ensures these states are not
incorrectly updated when a Link Metrics Report is retrieved.
When the RCP capabilities check fails, a mechanism should be provided
to notify the user of the error instead of causing the program to
crash.
For example, the hardware reboot function provided in the Spinel
driver interface could be invoked. The specific hardware reboot
implementation is left to the user, such as performing an RCP update.
This commit adds a new helper method, `FinalizeAndRemoveMessage()`,
which finalizes all direct and indirect transmissions of a message
before removing it from the send queue. This helper is used by
`EvictMessage()` and `RemoveDataResponseMessages()`, simplifying
the code.
When `OPENTHREAD_CONFIG_WAKEUP_END_DEVICE_ENABLE` is enabled:
- APIs are available to configure and enable wake-up frames sniffing.
- `SubMac::HandleWedTimer` periodically schedules receive slots on
wake-up channel.
- Wake-up frames are processed.
- Upon reception of a wake-up frame, WUL is stopped.
This commit renames the `BitVector<>` class to `BitSet<>` and updates
its methods, introducing simpler methods such as `Add()`, `Remove()`,
and `IsEmpty()`. This aligns better with the intended use of this
class as a bit-set, e.g., as a `ChildMask` to track the set of
sleepy children to which a message is scheduled for indirect
transmission.
The `Message` class now provides the `GetIndirectTxChildMask()`
method, which returns a reference to the `ChildMask` bit-set.
This commit extends the 'dataset hex' command in the bbtc.py script by
allowing dataset TLVs to be set using a hex-encoded format.
Till now the 'dataset hex' command was only printing the
'ThreadDataset' object values in hex-encoded format, there was no
functionality to set the TLVs using hex-encoded format.
The 'dataset hex' command has been modified so the user can pass
dataset TLVs in hex-encoded format as an argument to this
command. This enables the script to set desired dataset TLVs in one
command, instead of calling dataset commands individually.
Example usage: 'dataset hex <hex-encoded TLVs>'
This commit simplifies the filter checks that drop TMF UDP messages
from untrusted origins. The `mTmfOriginFilterEnabled` flag is checked
first, and then the full UDP header is read from the message.
This commit adds the `GetNow()` method to the `Radio` class, which
maps to `otPlatRadioGetNow()`. This method is used within core
modules to avoid calling the `otPlat` API directly, aligning with the
practice for all other `otPlatRadio` APIs, which are called through
the defined `Radio` class methods.
This commit updates the helper method in `Mac::Frame` that determines
the security header's "key source" field size based on the "Key ID
Mode":
- It is renamed to `CalculateKeySourceSize()` to align with other
methods, such as `CalculateSecurityHeaderSize()` and
`CalculateMicSize()`.
- It now takes `uint8_t aSecurityControl` as input to harmonize with
other `Calculate` helpers.
This commit refactors the `InsertMplOption()` method for improved
efficiency and readability. Cascading `if`/`else` blocks have been
eliminated by handling the simpler `IsMulticastLargerThanRealmLocal()`
case first. Redundant checks for multicast destination and scope
have been removed, as these conditions are already covered by
`IsRealmLocalMulticast()` and `IsMulticastLargerThanRealmLocal()`.
This commit updates the `ReplaceWithIp4Query()` method, which
determines whether an unsuccessful IPv6 address query should be
followed up with an IPv4 query.
The logic is changed as follows:
- If the response code to the IPv6 query indicates success but the
answer section is empty (meaning the name exists but has no IPv6
address), or the response code indicates an error other than
`NameError`, the query is replaced with an IPv4 address resolution
query for the same name.
- If the server responds with `NameError` (RCode=3), indicating that
the name doesn't exist, an IPv4 query is not attempted.
This replaces the previous behavior where a follow-up query was
attempted for any error response code.
This commit updates `TxFrame::Info` to include `mCommandId`, used when
the frame type is `kTypeMacCmd`. This allows callers to specify the
Command ID when preparing a MAC Command `TxFrame`. With this change
`Frame::SetCommandId()` is no longer used or needed so it is
removed.
This commit adds a new field, `mMleCommand`, to `Message::Metadata` to
track the MLE command type of the message. Helper methods, such as
`IsMleCommand()`, are added to `Message` to get/set/check the MLE
command type.
This replaces the previous model where `Message::SubType` was used to
track a subset of MLE commands. It helps simplify the code and allow
us to track all MLE commands.
This commit introduces a platform API to get the InfraIf link-layer
address. And add the source link-layer address option to all ND6
messages generated from OpenThread.
Added 'clear' command to the 'dataset' command tree. This allows to
remove all entries in the 'ThreadDataset' object used by the script to
store the dataset values.
The reason behind this feature is that in the current implementation
of the script, the 'ThreadDataset' object entries are always
initialized by 'initial_dataset' when running the script.
No command allows to clear/remove the particular entry, which makes
this script unable to send an active dataset to the target device
without specific dataset values(custom dataset).
To make this possible, the 'clear' command has been added to the
'dataset' command tree, which removes all entries from the
'ThreadDataset' object and, by using existing commands, sets the
desired entries in the 'ThreadDataset' object from scratch.
This enables the script to send custom active dataset values to the
target device.
This commit introduces the `RouterRoleRestorer` class, nested within
`MleRouter`, to manage router/leader role restoration after an MLE
operation restart (e.g., a device reboot) by sending multicast Link
Requests. This class simplifies the code and centralizes role
restoration logic.
Specific changes:
- A new member variable `mLastSavedRole` is added to track the last
attached role (saved in non-volatile memory). This is used by
`RouterRoleRestorer` to determine the number of Link Request
attempts. This variable replaces the previous `mWasLeader`, which
was only updated after a reboot and would not account for role
changes afterward.
- The `AttachTimer` is now used for role restoration instead of the
retransmission timer, as role restoration always occurs while the
device is detached and before any attach attempts.
- The `kLinkRequestTimeout` is used for the last attempt before
considering restoration failure.
- The `mChallengeTimeout` mechanism is now removed (in earlier Thread
specification versions, multicast Link Requests could be used while
the device was attached, but this is no longer used or needed).
- `test-012-reset-recovery.py` is updated to validate the role
restoration behavior. `test_detach` is also updated and fixed.
In some cases, the platform may send the new prefix without
deprecating the existing prefix when renewing the prefix allocated by
PD.
The existing code will stop the timer, causing the prefix to be active
forever.
This commit fixes this issue.
This commit updates `TxFrame::Info` and `PrepareHeadersIn()` to
prepare header IE entries along with MAC and security headers. New
boolean fields in `TxFrame::Info` indicate whether CSL or Time IE
entries should be appended to the frame. This simplifies the code,
particularly `MeshForwarder::PrepareMacHeader()`, which now just sets
these flags on `TxFrame::Info`. It also allows for the removal of
`AppendHeaderIe<>()` and its related methods.
This commit also updates `GenerateWakeupFrame()` to use the new
model for appending `RendezvousTimeIe` and `ConnectionIe` fields.
This commit updates the graceful detach mechanism in `Mle`. A boolean
`mDetachingGracefully` is added to track when the device is
performing a "graceful detach". The `mAttachTimer` is reused for
scheduling the detach delay, as any attach operation can be stopped
during detach, and the timer can be reused. This simplifies the code
and removes the need to use a specific timer for the graceful detach
process.
This commit adds new helper methods in `IndirectSender` to find a
queued message for transmission to a given sleepy child that also
satisfies a certain condition (using a general-purpose predicate
`MessageChecker` function pointer).
These helpers are then used in `IndirectSender` and `MleRouter` to
simplify the code, particularly in `SendChildUpdateRequest()`, where
sending multiple "Child Update Request" messages to a sleepy child
being restored (after a parent restart/reboot) should be avoided.
This commit reorders member variables in the `Buffer::Metadata`
struct, grouping booleans and `uint` bitfields of the same size to
avoid alignment gaps.
This commit passes the TX power from host to coprocessor. This commit
also adds a new fake platform for coprocessor to cover the changes in
RadioSpinel and NCP.
This commit introduces a new test framework named Nexus. The
framework includes the Nexus platform implementation that emulates
platform behavior, allowing multiple nodes running the OpenThread
core stack to be simulated and interact with each other within the
same process.
Unlike the simulation platform, where nodes run in separate processes
and interact via POSIX sockets, Nexus nodes are simulated within a
single process. Nexus tests can interact directly with the C++ or C
OT core APIs, providing more control than the simulation platform's
CLI-based interactions. The flow of time in Nexus tests is directly
controlled by the test itself, allowing for quick time interval
advancement.
This model allows for faster and more scalable simulations, enabling
quick simulation of larger networks for longer durations.
This commit introduces the basic platform implementation, including:
- `nexus_alarm`, `nexus_radio`, and `nexus_settings` modules.
- Logging support, allowing logs to be distinguished per emulated
node.
This commit adds a fake platform for unit/component tests. This platform
uses virtual time so it should be able to run fast.
Note that the fake platforms leverage C++ virtual methods to allow mocking.
This commit verifies setting active dataset triggers the active dataset
change event by the notifier.
This commit updates `SendParentResponse()` to accept `aChild` as a
`Child &` instead of a `Child *`, as it will always expect a valid
child object and won't handle a `nullptr` input.
This commit updates the skip condition in `BecomeDetached()` to use
positive boolean checks for improved readability. This condition
applies when the device is already detached and is about to start an
attach attempt.
This commit updates `RoutingManager::IsValidOnLinkPrefix()`, which
checks whether a received PIO is a suitable on-link prefix. The
updated check requires the `L` (on-link) flag to be set, along with
either the `A` (autonomous address-configuration) flag or the `P`
(DHCPv6-PD preferred) flag. This aligns the implementation with the
latest SNAC router draft.
This commit reorders member variables in the `MleRouter` class,
grouping booleans and `uint`s of the same size to avoid alignment
gaps. It also reorders some of the private method declarations and
adds sections for constants, nested types, methods, and variables.
Added '-a', '--adapter' arguments to the bbtc.py arguments
parser. This allows the selection of the HCI adapter for the scanning
procedure.
According to 'Bleak' documentation of the 'BleakClient'
class(https://bleak.readthedocs.io/en/latest/api/client.html#bleakclient-class),
it's better to use the 'BLEDevice' object in 'BleakClient' during the
object instantiation, therefore it has been changed for the scanning
This commit adds the `DetermineFcfAddrType()` helper function, which
determines the Frame Control Field (FCF) address type for a given
address. The result is bit-shifted based on whether the address is
the source or destination and whether the frame uses the general
format or is a multipurpose frame. This helper simplifies methods
that prepare MAC headers.
Avoids any confusion with `OPENTHREAD_CONFIG_MLE_MAX_CHILDREN`:
* `OPENTHREAD_SPINEL_CONFIG_MAX_SRC_MATCH_ENTRIES` in
`openthread-spinel-config.h` defines size of the local source match
table used by RadioSpinel when
`OPENTHREAD_SPINEL_CONFIG_RCP_RESTORATION_MAX_COUNT` is used.
* For OpenThread, the default value of this config is
`OPENTHREAD_CONFIG_MLE_MAX_CHILDREN`.
* Other protocols (in case of MultiPAN with spinel) can define
whatever value they want for the size of the table using this
config.
Recent changes updated `Mac::Frame` to use `FrameBuilder` for
preparing frame headers. With the adoption of this model, the
previously defined `Set` methods for setting source/destination
address or PAN ID are no longer used or needed. This commit removes
them.
This commit updates `TxFrame::GenerateWakeupFrame()` to utilize the
`FrameBuilder` class for constructing frame header fields.
It also updates the `TestMacWakeupFrameGeneration()` unit test in
`test_mac_frame.cpp`:
- Uses source and destination address constants that are not reversible
to validate that extended addresses are appended in the correct byte
order.
- Includes minor style changes (renames constants and uses lowercase
hexadecimal digits for consistency).
Commit introduces implementation of missing general class commands:
- PresentPskdHash
- PresentPskcHash
- PresentInstallCodeHash
- RequestRandomNumChallenge
- RequestPskdHash
Also include minor fixes in Tcat python client and refactoring of expect
tests for tcat.
This commit explicitly enables the `OPENTHREAD_CONFIG_TLS_ENABLE`
macro in `core-toranj-config.h`. This configuration is used to
generate a custom `openthread-mbedtls-config.h` using the `unifdef`
command in `mbedtls/CMakeLists.txt`. Some versions of `unifdef` do
not expand macros first and expect the macro to be defined as a
simple number. This change ensures the build is successful.
This commit simplifies the preparation of MAC and security frames. It
introduces a `TxFrame::Info` structure that provides information
about the frame, such as its type, version, source and destination
addresses, PAN IDs, security level, and key ID mode. A new method
`PrepareHeadersIn()` is added, which uses the `Info` structure to
construct the MAC address and security headers in a given `TxFrame`.
This approach replaces the earlier `Mac::Frame::InitMacHeader()` where
all the information was passed as a list of input arguments. The
`TxFrame::Info` approach simplifies the code and allows for future
extension to accommodate other parameters (e.g., Header IE entries).
This commit adds the `Message::FooterData<>` template class, which
represents data (typically metadata) associated with a `Message` that
is appended to the end of the message. It can be read later from the
message, updated (re-written) in the message, or fully removed from
it.
The `FooterData` class provides common helper methods such as
`AppendTo()`, `ReadFrom()`, `UpdateIn()`, and `RemoveFrom()` in a
generic way. This helps simplify the various `Metadata` types defined
within the OT core modules, removing repeated definitions of similar
methods for each type.
This commit adds `CONFIG_BORDER_ROUTING_ENABLE` guard checks to
`nd6.hpp` and `nd6.cpp` source files, as the definitions in these
files are only used when the `BORDER_ROUTING` feature is enabled.
This commit updates how Keep Alive messages are handled by the Border
Agent. After establishing a secure session, a device has
`TIMEOUT_COMM_PET` (50 seconds) to take any action, including sending
a petition to become an Active Commissioner. This change ensures that
Keep Alive messages are ignored before a device becomes an Active
Commissioner, preventing candidates from extending their sessions.
Keep Alive messages are now processed only for Active Commissioners
(BA in `kStateAccepted` state), aligning the implementation with the
Thread specification.
This commit updates `test_dns_client` to validate independent address
resolution queries (in addition to the existing service resolution
tests). Specifically, it adds test cases for `ResolveIp4Address()`
and scenarios where the server responds with an error RCODE.
This commit fixes an issue in `Client::ReplaceWithIp4Query()` where an
IPv6 address resolution query failure could lead to an incorrect IPv4
query being sent. The incorrect query type was being checked in this
method, causing `ResolveIp4Address()` to keep sending queries.
This commit adds a new IDLE state to PdPrefixManager.
PdPrefixManager enters idle state when PD is enabled and there is
already a BR requesting PD prefix. When there are multiple BRs
publishing PD prefix at the same time, the one with lexcial smaller
prefix wins.
- Add Wake-up Channel TLV to the dataset.
- Add CLI support to handle the wake-up channel.
- Add MAC support for wake-up channel (to be used for sending
and receiving wake-up frames).
This commit introduces the `DelayedSender` nested class within `Mle`
to handle delayed MLE message transmissions, such as delayed
responses. Existing methods related to delayed message handling have
been refactored into this new class.
This commit improves how MTD children register their IPv6 addresses
with their parent. The `Slaac` class now tracks the Lowpan Context
ID (from Network Data) for each SLAAC address. If the Context ID
associated with an existing SLAAC address changes (due to Network
Data updates), the `Slaac` module notifies the `Mle` to schedule
a "Child Update Request" transmission (if the device is an MTD
child). This ensures that the MTD child re-registers its addresses,
resolving any previous registration failures caused by incorrect or
outdated context ID compression.
This commit also adds `test-035-context-id-change-addr-reg.py`
to validate the newly added behavior.
This commit adds the Thread Domain Name TLV (59) to the MLE Discovery
Response message. The TLV is only included if not equal to
'DefaultDomain', as per Thread 1.4 spec Section 8.4.4.1.1.2. Also,
the TLV is only included for Thread 1.4 or higher builds. This is
because for Thread < 1.4 the inclusion of this TLV was only specified
for CCM devices. Thread 1.4 changed this: the TLV is now included if
the domain name is not equal to the default name "DefaultDomain"
specified in Section 5.22.
The purpose of including the domain name is to allow discovery of
Thread Networks that belong to the same domain that the Joiner is part
of. This is used by any commissioning methods where the Thread device
can roam e.g. CCM/CCM-light or other (future) methods.
The commit extends `SPINEL_PROP_INFRA_IF_SETUP` to
`SPINEL_PROP_INFRA_IF_STATE` so that it can be used to either do infra
if setup (trigger border routing starting on NCP) or synchronize infra
if state to the NCP (ON/OFF state, IP addresses).
The current implementation on NCP will compare the `InfraIfIndex`. If
the index is different the value on NCP, it will be regarded as an
initialization or change of InfraIf. Thus the border routing module
will be re-initialized.
This commit enhances how ephemeral key timeout is used. If the timeout
expires while a commissioner or commissioner candidate is connected,
the session will be terminated. The Border Agent (BA) will then stop
using the ephemeral key and revert to using PSKc.
The ephemeral key timeout timer starts when the ephemeral key is set
on the BA. During this timeout interval, the ephemeral key can be
used only once by an external commissioner to establish a secure
connection.
1. Add OT_WAKEUP_COORDINATOR and OT_WAKEUP_END_DEVICE build
options.
2. Add support for parsing and constructing 802.15.4
Multipurpose frames.
3. Add support for parsing and constructing wake-up
frames.
This commit removes redundant namespace qualifiers from two instances
within core modules, preventing potential build warnings with certain
toolchains.
This commit adds the `extern "C"` specifier to all `OT_TOOL_WEAK`
`otPlat` definitions to ensure correct linkage when compiled with a
C++ compiler. It also explicitly includes `platform/time.h` in
`radio_platform.cpp`.
This commit removes unnecessary `#include` directives in core `cpp`
files that already include `instance.hpp`. The `instance.hpp` header
itself includes all necessary OT core headers and definitions as they
are contained within an `ot::Instance`.
When building and linking with link time optimizations and TCP is
not enabled (OPENTHREAD_CONFIG_TCP_ENABLE = 0) the following error
occurs:
tcp_subr.c:96: undefined reference to tcplp_sys_get_ticks'
To address the problem we are removing the __attribute__((used))
annotation on the initialize_tcb function which will prevent the
function from being retained when no one references it.
This commit renames `Mle::Handle{Command}()` methods where different
overloads are provided (e.g. in `Mle` and `MleRouter`) based on
device role or being an FTD. The method names now explicitly mention
the constraints (e.g. `HandleChildUpdateRequestOnChild()` or
`HandleAdvertisementOnFtd()`). This change aims to improve code
readability, making it easier to determine the purpose of each
method.
This commit updates and clarifies the behavior of `Message::ReadByte()`
and `Message::Read()` overloads regarding partial reads.
- `ReadByte()` will read the available bytes and return the actual
number of bytes read if fewer bytes are available in the message
than the requested read length. This behavior remains unchanged.
The documentation is updated to emphasize this behavior.
- `Read()` methods return `kErrorParse` if the requested length cannot
be read. This is the existing behavior which remains unchanged.
Previously, `Read()` methods would still perform a partial read and
populate the buffer/object with as many bytes that could be read,
even in case of failure and returning `kErrorParse`. This behavior
has been changed in this commit so the method will skip
reading/copying bytes if the full length cannot be read. This
aligns the documentation and behavior with how the `Read()` methods
are used and intended to be used within the OT stack.
This commit simplifies how Border Agent ID is saved in non-volatile
`Settings` by utilizing generic methods designed for single-value
setting entries. As a result, `Settings::BorderAgentId` now only
needs to define the key and the associated entry value type. This
eliminates the need for `otBorderAgentId` to be defined as packed,
thereby simplifying this structure.
This commit updates `Coap::Message::ParseHeader()` to perform two
crucial validations:
- It now checks if the message contains sufficient bytes to read the
minimum 4-byte CoAP header.
- Afterwards, determines the CoAP token length from the read header,
and then validates that the message has enough bytes to read the
token.
These validations prevent the parsing and misinterpretation of a
malformed or incomplete CoAP message as a valid one,
This commit replaces uses of the term "FED" in comments and method
names with "FTD child" where the logic applies to any FTD child
(i.e., both FED and REED). This clarifies the behavior and aligns the
code with Thread specification terminology.
This commit updates and simplifies the tracking of information
(message priority, drop status) for forwarded mesh-header fragmented
frames. This is used for consistent priority assignment to all
fragments of the same message and facilitates delay-aware queue
management, where dropping one fragment leads to dropping all
subsequent fragments of the same message.
The entry type is renamed to `FwdFrameInfo`, and an `Array` is used to
track the entries. Array helper methods such as `RemoveAllMatching()`
and `FindMatching()` help simplify the code. Since `Array` tracks the
current length, iterating over unused entries is avoided.
This commit simplifies logging methods (e.g., `LogIp6Message()`) in
the `MeshForwarder` class:
- Log lines are prepared in a `String`, allowing new fields to be
added conditionally. This simplifies the code and avoids complex
`printf`-style formats for handling optional fields.
- New helper methods are added to prepare common labels in a log line
(e.g., adding MAC address, adding security/error/priority fields).
- Logging IPv6 source/destination addresses is simplified by defining
a new helper to log an address/port.
This commit updates the `RouteingManager` to set the newly
allocated "SNAC Router Flag" (bit 6) in emitted RA messages from
Thread BR. The flag is also parsed and tracked in received RA
messages.
This replaces the previous model where an experimental flag bit
in "Flags Extension Option" indicated a "stub router". This commit
also removes the `STUB_ROUTER_FLAG_IN_EMITTED_RA_ENABLE` confg
(no longer optional/experimental) and renames `mStubRouterFlag` to
`mSnacRouterFlag`.
This commit moves the locator `GetProvider::Get<Type>()` and its
related `Timer` and `Tasklet` methods to `instance.hpp`. With this
change we can remove `locator_getters.hpp` header fully thus
simplifying the code.
The test software for certification currently uses the mDNS packets of
trel service responses to find out the trel port, and then use the port
number to determine which packets in a capture should be decoded as TREL
packets. However this may not be reliable since it depends on when the
capture starts. Added a cli to get trel port, so this can be used by
a THCI function.
This commit updates the default Thread version to 1.4, so that most
latest features will be enabled by default. This commit also explicitly
enable the epskc feature just like other features in the build script.
Currently the OPENTHREAD_CONFIG_STORE_FRAME_COUNTER_AHEAD
is hard-coded in the OT core, yet sometimes it is
desired to modify this value which requires
re-building of the OT libraries and forces
re-certification of the end product.
Implement `otThreadSetStoreFrameCounterAhead`
and `otThreadGetStoreFrameCounterAhead` to allow
API clients to configure the store frame counter
ahead parameter at run-time. This extension offloads
product makers from the need of re-certification
in case the store frame counter ahead must be tuned.
Signed-off-by: Marcin Kajor <marcin.kajor@nordicsemi.no>
This commit moves all `HeaderIe` related definitions from
`mac_frame.hpp/cpp` into newly added `mac_header_ie.hpp/cpp` source
files. This commit does not make any changes to the code.
This commit fixes the pcap callback for TX frames:
* Report the tx frame on each tx started callback, so that
retransmissions can be captured.
* Set the RSSI to be invalid for TX frames.
- Fixes to connection state management and handling of Disconnect
command TLV
- specifically, this now ensures that TCAT remains on (started)
after a commissioner disconnects. Earlier, there was the problem
that the 2nd commissioner couldn't connect anymore.
- specifically, in ble_secure.cpp the check for if
(mTcatAgent.IsEnabled()) is removed, since the err =
mTcatAgent.Connected(mTls) will already check this and raise an
error if not enabled. If not enabled, the Device is in a wrong
state to handle TCAT Commissioner commands so now it closes the
connection right away. That's better than to leave the
Commissioner in limbo on the TLS connection. The Commissioner can
now retry again and all will be well again.
- timeout of at most 10 seconds on UDP write operation in simulation
mode (if longer, the TCAT device isn't reachable and the
Commissioner now shows the error to the user.) Earlier, it got stuck
forever.
- Corrects some copy/paste errors in API definitions in comments; adds
comments where needed to explain.
- adds whitespace at some places to align format with rest of code
- improved some of the --debug output for the UDP simulation mode of
the TCAT Commissioner.
This commit adds 2 system APIs for resolver for integration on Android
platform.
- `otSysUpstreamDnsServerSetResolvConfEnabled` is for
enabling/disabling retrieving the DNS servers from `resolve.conf`.
- `otSysUpstreamDnsSetServerList` for specifying the DNS servers on
the infra link.
This implementation will be used on all platforms for NCP nodes
(simulation, any vendor platforms). However the simulation platform
already has a different implementation. To avoid conflicts, the commit
adds a control flag in simulation config so that we can choose whether
to enable the simulation implementation.
This commit introduces `platformResolver*` APIs so that `system.cpp`
can treat resolver as an independent module.
Reasons for this refactor:
- Simplify the integration on Android platform.
- The functionality of resolver is not related to the functionality of
netif.
This commit applies new pskc into secure transport when it's changed
via active/pending dataset, without impacting existing secure session
if any or ephemeralkey mode if it's activated
This commit makes the default otPlatRadioGetNow implementation fallback
to to otPlatTimeGet so that the default one is a correct implementation
in single chip architecture.
This commit updates the code to include the Supervision Interval TLV
in MLE messages sent from a child only when the child mode indicates
it is sleepy (`!IsRxOnWhenIdle()`). The Network Diagnostic Child TLV
is also updated to use zero for the "Supervision Interval" field
when the child is not sleepy. The `test-023-mesh-diag.py` is updated
to validate this new behavior.
The parent node still tracks the received supervision interval from a
child in the `Child` entry. This parameter indicates the interval
that would be used if the child were to be supervised.
This commit extends the `diag frame` command by adding an argument `-s`
to indicate whether the frame has been encrypted or not, so that the
diag commands can be used to test frames having security processed in
the host.
This commit adds code to include the Link Margin TLV in MLE Child
Update Request or Response messages sent by a parent to a child. This
allows the child to learn and update its "link quality out" to its
parent.
The change is designed to be backward compatible. Child devices
running older firmware will simply disregard this additional TLV.
When processing the message, the presence of the Link Margin TLV is
checked (it is optional).
This commit fixes an issue in `RadioSpinel` related to the tracking of
the MAC frame counter used during RCP restoration. Previously,
`RadioSpinel` tracked the last seen counter on any secured
received/transmitted frame. However, the frame counter should only be
tracked for frames that use Key ID Mode 1 and where the included Key
ID in the frame matches the current Key ID being used. The `SubMac`
module also tracks the current MAC frame counter, and it does perform
Key ID Mode and Key ID checks.
This commit adds a new public API `otLinkGetFrameCounter()` to get the
current frame counter. This is used by `RadioSpinel` to get the frame
counter instead of having `RadioSpinel` track the frame counter
itself.
This commit:
1. update the topology to make 3 BRs running on 2 AILs;
2. specify the test name as `test_multi_backbone_infra`, which is
focusing on verifying the multiple backbone framework works good
3. fix bug that previously pinging throught ethernet does not actually
work.
For 3, previous `br1.ping(br2_infra_link_local, interface=br1_infra_link_local)`
actually send ping command via ot-ctl instead of the docker bash. The
new `br1.ping(br2_onlink_ula, backbone=True)` actually send a docker
bash command to ping another node via ethernet. Here we choose to use
onlink ULA address (9100::) instead of the link local address because
only "ping [link-local-addr]%eth0" (by specifying the zone index) can
work for link-local address, but this is not currently supported by
`LinuxHost.ping_ether()` method.
This commit modifies thread-cert scripts utilizing `pktverify` to
adopt a more flexible approach to TLV type checking. Specifically, it
replaces strict equality (`==`) or strict subset (`<`) checks with a
subset or equal check (`<=`) when verifying the presence of TLVs in a
message. This adjustment ensures that test scripts adhere to the
principle of ignoring extra or unknown TLVs, thereby future-proofing
them against potential protocol updates that might introduce new
TLVs.
This commit replaces the use of `strcmp()` with `StringMatch()`, which
is an OT-specific internal function for comparing strings. This
ensures consistent use of internal helper functions.
* posix: check for nlmsg error tlv attributes
if we couldn't set NETLINK_EXT_ACK, there's no extra nlmsg attributes in
the error. avoid UB and walking uninitialized memory by checking the
flag for those attributes. for us, this avoids segfaults and in one
instance, an infinite loop while walking the non-existant attributes.
Signed-off-by: Nick Owens <nick.owens@eero.com>
* posix: zero initialize sigaction struct before use
this removes a valgrind warning about use of uninitialized memory in a
syscall when backtrace is enabled.
Signed-off-by: Nick Owens <nick.owens@eero.com>
* key_manager: zero initialize otSecurityPolicy
valgrind reports that otSecurityPolicy is used uninitialized, so just
make it zero.
clear all bytes when setting to default
Signed-off-by: Nick Owens <nick.owens@eero.com>
This commit updates `RoutingManager::RioAdvertiser` to advertise
deprecating prefixes with `NetworkData::kkRoutePreferenceLow`.
`test_routing_manager` is updated to validate this new behavior.
This commit updates the `NetworkData::Service::Manager` class to
provide helper methods for adding and removing different service
types (DNS/SRP anycast or unicast services, backbone router
service).
With this change, the definitions of `ServiceData` and `ServerData`
formats for different service types are now `private` to the
`Service::Manager` class. This centralizes the logic for constructing
and parsing the service/server TLVs, making it easier to update and
add new fields to these formats in the future.
This commit updates `Service::Manager::GetNextDnsSrpAnycastInfo()` to
iterate over Server sub-TLVs and include the RLOC16 of each entry in
the returned `Info` structure. The unit test `test_network_data` is
updated accordingly. This change simplifies the `Publisher` method
used for counting existing anycast entries in the Network Data.
This commit introduces a mechanism to check for reachability of
messages forwarded by the BR and send an ICMPv6 Destination
Unreachable error to the sender if needed.
Specifically, if the Border Router (BR) decides to forward an IPv6
message outside the AIL and the message's source address matches a
BR-generated ULA OMR prefix (with low preference), and the
destination is unreachable using this source address, then an ICMPv6
Destination Unreachable message is sent back to the sender.
For example, this situation can occur when a local,
non-infrastructure-derived ULA OMR prefix is published alongside a
`::/0` route (due to discovered PIO/RIO prefixes by the BR). A Thread
mesh device may try to reach addresses beyond the local AIL (e.g.,
the global internet) using the ULA OMR prefix, which would be
unreachable.
This feature is controlled by an OT config flag, enabled by default.
Alternatively, this functionality may be implemented within the
platform layer, in which case the configuration should be disabled.
This commit also adds a test case `test-504-br-icmp-unreach-err.py`
validating the newly added behavior.
The length of the configuration file path may exceed the default
defined max length 255.
This commit changes the name from `kFileNameMaxSize` to
`kFilePathMaxSize` and sets its value to the PATH_MAX.
This commit updates `Service::Manager::GetNextDnsSrpUnicastInfo()` to
accept a `DnsSrpUnicast::Type`, indicating the desired entry type
(either `kFromServiceData` or `kFromServerData`). This simplifies the
code, which previously iterated over all types and performed type
checks. Additionally, this change simplifies the `Publisher` methods
used for counting existing DNS/SRP unicast entries of different
types.
This commit aligns the documentation in `spinel.h` with the
implementation for `SPINEL_PROP_IPV6_ADDRESS_TABLE` regarding the
order of valid/preferred lifetime fields.
This commit adds functions to read peer BRs and routers on infra link by
wrapping the ot-ctl command `br peers` and `br routers`.
`test_multi_ail.py` is also updated to test the new added functions.
This commit targets to support getting infra link-local address of a
OtbrNode in docker test, which is usefully for future test cases.
The test_multi_ail.py is also updated to test the new method added.
This commit introduces a freshness timeout mechanism for address cache
entries which is used to decide when removing stale entries when the
associated RLOC16 is unreachable.
In `AddressResolver`, when resolving an EID from an existing cache
entry, if the target RLOC16 is unreachable, the entry is typically
considered stale and removed to allow a new address query to be sent.
This commit adds a mechanism to skip this removal step if the entry
has been recently updated, i.e., an `AddressNotify` has been received
for it and its `FreshnessTimeout` has not yet expired.
The `FreshnessTimeout` check prevents repeated address query
transmissions when mesh routes are not yet discovered (e.g., after
initial attach) or if there is a temporary link issue.
This commit updates `Dns::Client` to remember servers/resolvers that
are known to have trouble with multiple-question queries. This
information is learned from earlier interactions with the server.
When `ResolveService()` is requested, if the user explicitly
requests "optimize" service mode, the request is honored. Otherwise,
if "optimize" service mode is chosen from the default configuration
and the DNS server is known to have trouble with multiple-question
queries, "separate" service mode is used instead.
This commit also updates the `test_dns_client.cpp` unit test to
validate the newly added behavior.
This commit adds support for responding to "A record" queries in the
DNS-SD server and discovery proxy.
If the query matches a host registered with the SRP server, the host's
IPv6 addresses are returned in the Additional Data section of the
response. If the query is resolved by the proxy, the `otPlatDnssd`
APIs are used to start/stop IPv4 address resolvers for the hostname
on the infrastructure network.
The `test_dnssd_discovery_proxy` unit test is updated to validate the
new functionality.
Changed access of SendCommand to public to allow calling without
variable arguments. This is to address compilation error in
ot-br-posix repo NcpSpinel::ThreadErasePersistentInfo (while building
for OpenWrt v23.05.4 for a mips target)(error: 'args' may be used
uninitialized [-Werror=maybe-uninitialized])
This commit contains minor enhancements in the `Ip6` class:
- Removes unnecessary `static_cast<uint8>()` use
- Combines repeated `case` statements
- Use shorter variable/type names.
- Style fixes.
This commit moves the definition of `OT_THREAD_VERSION_*` constants
from the config header to the `openthread/thread.h` OT public header
file (where `otThreadGetVersion()` is declared). This allows other
projects integrating the OT stack to also see and use these
constants.
### Background
https://github.com/openthread/openthread/pull/10550 introduced a new
way to support multiple backbone nework in otbr docker test. Though it
works good while running a single test, a bug exists when running
cert-suite, which runs a batch of tests in parallel.
cert-suite allocates the name of the backbone interfaces dynamically
by setting env PORT_OFFSET for each test, so there is potentially
conflict exists if we hard code the `backbone_network` name in
TOPOLOGY. This PR is targeting to fix this potential naming conflict.
### Fix
We fix it by assigning a number for `backbone_network_id` in each BR
definition in TOPOLOGY, instead of setting a fixed `backbone network`
name. The final backbone network name is decided by both `PORT_OFFSET`
env and the number of `backbone_network` (in
`backbone{PORT_OFFSET}.{backbone_network}` format)
For example, if `PORT_OFFSET` is 0 and `backbone_network_id` is 1,
then backbone network name will be `backbone0.1`. For the tests that
only use one backbone network and the `backbone_network_id` is not
given, the backbone network name is by default
`backbone{PORT_OFFSET}.0`.
### New test case format
```
class NewTestCase(thread_cert.TestCase):
...
BR = 1
...
TOPOLOGY = {
BR: {
...
'is_otbr': True,
'backbone_network_id': <backbone-id>,
...
}
...
}
...
```
`<backbone-id>` is any integer from 0, for each BR inside a single
test, if `<backbone-id>` is different, the BR use different backbone
interfaces; the same `<backbone-id>` inside a single test case means
the same backbone network interface.
`'backbone_network_id': <backbone-id>` is optional for single backbone
test cases, when it's not given while defining a otbr node, the
backbone is default as `backbone{PORT_OFFSET}.0`.
For developers, if you are defining a new test which has multiple
backbone interfaces, please ensure `backbone_network_id` is explicitly
defined in each BR, otherwize an error is reported.
This commit updates the descrition of the function
`otPlatRadioSetChannelTargetPower()` to make the function descrition
more accurate, and updates the implementation of the function based on
the latest description.
In previous otbr docker tests, when creating docker containers, all the
containers(otbr nodes) are connected to the same docker network bridge `backbone0`
(when the env PORT_OFFSET is not set or set to 0), this means all the
otbr nodes are connected to the same infrastructures.
This commit adds support to enable user to config otbr instance
infrastructures seperately in `TOPOLOGY` when defining test cases, this
provides flexibility to run multi-ail related test cases.
The format to define backbone interface per node is:
```
class NewTestCase(thread_cert.TestCase):
...
BR = 1
...
TOPOLOGY = {
BR: {
...
'is_otbr': True,
'backbone': <backbone-name>,
...
}
...
}
...
```
`'backbone': <backbone-name>` is optional, when it's not given when
defining a otbr node, the backbone is default as
`BACKBONE_DOCKER_NETWORK_NAME`. The `<backbone-name>` is suggested to be
defined as `backbone[0-9]` to make it more easy to read and understand.
This commit also adds test_multi_ail.py as an example test case to use
this new method, this test case checks the two otbr nodes are connected
to the different infra and are in the same Thread mesh network.
In some cases that `_do_packet_verification` is False (e.g. verify() is
not defined), the docker network is not correctly removed.
docker network interface should always be removed at the end of the test
if it was created at the begin of the test
This commit adds a new spinel property
`SPINEL_PROP_THREAD_MGMT_SET_PENDING_DATASET_TLVS` to do network
migration operation on NCP.
The existing property `SPINEL_PROP_THREAD_MGMT_SET_PENDING_DATASET`
cannot be used for two reasons:
1. It uses a structured format instead of raw TLVs format.
2. The set handler of `SPINEL_PROP_THREAD_MGMT_SET_PENDING_DATASET`
doesn't call `otDatasetSendMgmtPendingSet` with a callback. On NCP,
we want to know the result of the MGMT_SET operation. (accepted,
rejected or timeout)
This new property works similarly as
`SPINEL_PROP_NET_LEAVE_GRACEFULLY` added in
https://github.com/openthread/openthread/pull/10337
1. Host sets the property to NCP.
2. NCP will give an immediate response on the result of
`otDatasetSendMgmtPendingSet`.
- If succeeded, NCP will respond an empty property
`SPINEL_PROP_THREAD_MGMT_SET_PENDING_DATASET_TLVS`
- If failed, NCP will respond a LAST_STATUS of the error info.
3. When the callback of `otDatasetSendMgmtPendingSet` is called, NCP
will send a notification of
`SPINEL_PROP_THREAD_MGMT_SET_PENDING_DATASET_TLVS` to the host to
notify the result of the operation.
This commit introduces the `KeyInfo` type, which is a `typedef` to
either `KeyPair` or `KeyPairAsRef` depending on whether the feature
`KEY_REFERENCES_ENABLE` is enabled.
This simplifies the code, removes repeated code, and eliminates extra
`#if` checks when `KeyInfo` is used.
This commit supresses the docker output unless verbose mode is enabled,
which helps preventing unnecessary output from cluttering the console.
docker output is enabled when:
* env VERBOSE is set to a non-zero value
docker output is suppressed (redirecting to /dev/null) when:
* VERBOSE is not explicitly set in env, or
* env VERBOSE is set to 0
This commit updates and renames the `Info` class to `MsgInfo`, which
now includes `mMessage` as an `OwnedPtr` to the message to be prepared.
This simplifies the code by encapsulating the `Message` and all its
associated data needed to prepare an SRP update message into one data
structure. This structure can be passed as a single input to
different methods preparing various SRP update components, instead of
as two separate inputs. The OwnedPtr ensures automatic freeing of the
message upon any error.
This commit moves the macro guard
`OPENTHREAD_POSIX_CONFIG_INFRA_IF_ENABLE` in the code so that it can
allow custom implementation of `otPlatInfraIfDiscoverNat64Prefix` when
`OPENTHREAD_POSIX_CONFIG_INFRA_IF_ENABLE` is disabled.
The use case is on Android platform. We'll not let `ot-daemon`
proactively discover the prefixes by DNS. Instead, System Server will
do the discovery of NAT64 prefix on AIL and it will notify `ot-daemon`
when the AIL NAT64 prefix is discovered/removed.
The radio_spinel periodically send Spinel command
SPINEL_PROP_RCP_TIMESTAMP to RCP to synchronize time between host
and RCP. Even if Thread stack is not running, it will periodically
wake up the Thread host.
This commit stops the time sync when the Thread stack is not running
to save host power.
This commit adds two new spinel properties:
`SPINEL_PROP_THREAD_ACTIVE_DATASET_TLVS` and
`SPINEL_PROP_THREAD_PENDING_DATASET_TLVS`, as well as the get/set
property handler on NCP side.
Currently we can only transport dataset through spinel with fixed
format. Using Tlvs allows us to append TLVs are not defined in the
current Thread Specification.
The cli command `linkmetrics` only provides an asynchronous output
method. It is difficult for scripts to call the `ot-ctl` to capture
the results of asynchronous output.
This commit replaces the command `linkmetrics mgmt` and `linkmetrics
query` with commands `linkmetrics config` and `linkmetrics
request`. Both the commands `linkmetrics config` and `linkmetrics
request` are set to the `sync` mode by default, and an option `async`
is added to these commands to support `async` mode.
This commit applies following enhancements to the
`Translator::UpdateState`:
- Remove the `aAlwaysNotify` parameter to simplify its logic.
- Fix an issue that `mState` may not be updated when setting a CIDR.
This commit updates `PassToHost()`, removing the `aApplyFilter` input
and using `aReceive` to determine whether or not to apply the RX
filter. The filter serves multiple purposes:
- Ensure Thread control UDP traffic (e.g., MLE, TMF, etc.) is filtered
out when delivering IPv6 datagrams to the host.
- Apply ICMPv6 echo requests filtering, based on the configured mode
(whether the OT stack should respond to pings for specific address
types or they should be passed to the next layer).
- Filter TCP traffic when the native OT TCP stack is used.
In all cases, the filter should be applied only if the IPv6 message is
supposed to be received by the device itself (i.e., the destination
matches the device's address), which is indicated by the `aReceive`
input.
The `aApplyFilter` input was previously set to `!forwardHost`,
indirectly assuming that `forwardHost` and `receive` would be
exclusive. While this remains true for unicast destinations, recent
changes updated the code so that all multicast traffic is forwarded
to the host regardless of whether it is also marked for `receive`.
This caused multicast MLE/TMF traffic to be passed to the host even
though it should be filtered. This issue is now addressed by this
change.
This commit also ensures that RX filter rules are consistently applied
to fragmented IPv6 messages. Previously, the filter would not apply
when fragmented IPv6 messages were passed to the host, but with this
change, the filter is applied when the message should be received by
the device.
This commit removes the checks previously performed on messages with
the origin `HostTrusted` that are to be forwarded to the Thread mesh.
This origin is used for messages generated by the OpenThread stack
itself. These checks were unnecessarily restricting such messages
from using Thread Control UDP port numbers (like TMF, MLE, etc.).
The additional check `!IsLoopbackToHostAllowed()` (which is set to
`true` by default on such messages) bypassed the entire block,
preventing any functional impact.
Recent related changes (in #9437) added similar guard checks for
messages with `HostUntrusted` origins.
This commit updates `PassToHost()` to directly use the `Ip6::Header`
and its `GetSource()` and `GetDestination()` methods when applying
filter rules. This replaces the previous model where a `MessageInfo`
was constructed from the received IPv6 header and passed to
`PassToHost()`. The previous model indirectly assumed that the
message was received, with the `MessageInfo` sock/peer addresses
mapped accordingly. However, `HandleDatagram()` can also process
messages originating from the device itself, where the notion of peer
and sock addresses would be reversed. Using `Ip6::Header` directly
makes the rules clearer and simplifies the logic of `PassToHost()`.
Additionally, this change simplifies the code by moving the
construction of `MessageInfo` to the `Receive()` method, where the
message is received.
This commit updates the `BorderAgent` to directly respond to
`MGMT_ACTIVE_GET` and `MGMT_PENDING_GET` requests from a non-active
commissioner. Requests from an active commissioner are still
forwarded to the leader. This aligns the implementation with Thread
1.4 requirements (ephemeral PSKc use case).
To achieve this, the following changes are made:
- New `State` values are added to distinguish between when a
commissioner candidate is connected and when its petition to become
the active commissioner is accepted. This determines whether the
`MGMT_GET` request should be handled directly or forwarded to the
leader.
- This state is tracked locally by `BorderAgent` instead of monitoring
Network Data to determine whether an active commissioner exists.
This ensures correct behavior even when Network Data updates are
delayed.
- The `DatasetManager` is updated to provide `ProcessGetRequest()`
to process an `MGMT_GET` request and prepare the response. This is
then used by `DatasetManager` itself and `BorderAgent`.
This commit adds default paths for expect scripts to make it easier for
running expect scripts. With this change, we can run expect tests as
follows:
```bash
./script/cmake-build simulation
./script/cmake-build posix
./tests/scripts/expect/cli-ping.exp
OT_NODE_TYPE=rcp ./tests/scripts/expect/cli-ping.exp
```
This commit also updates an existing test to cover the change.
The original code uses the absolute time when staring the CSL TX delay
in `SubMac`. The timer is a `MicroTimer` and the absolute time comes
from the `mTxDelayBaseTime`. The `mTxDelayBaseTime` comes from the
radio time `otPlatRadioGetNow ()`, the time of `MicroTimer` should
come from `otPlatAlarmMicroGetNow()`. If the `MicroTimer` and the
radio are using different timer sources, it will cause the unexpected
issue.
This commit use the relative time when starting CSL TX delay to fix
this issue.
Implement `otPlatRadioGetBusLatency` API, add optional
`bus-latency` argument to ot-daemon
and `diag radiospinel buslatency`diagnostic commands.
Add callback to notify that the bus latency has been updated
and update frame request ahead from runtime, by
recalculating the `mCslFrameRequestAheadUs` value.
Changes allow setting a bus latency while starting a new session
between host and RCP device. This way, one host can be connected
to different devices and vice versa, ensuring that the latency
will be added to `mCslFrameRequestAheadUs` calculations and CSL
tx requests will not be sent too late.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
The `SubMac` uses `MilliTimer` or `MicroTimer` based on the
configuration. When the `SubMac` uses the timer, it has to
distinguish the type of the timer. This commit optimizes the code to
provide unified time related functions to `SubMac` to use time. This
commit doesn't change the code logic.
This commit updates the `otThreadBecomeLeader()` API (and its related
core `MleRouter::BecomeLeader()` method) to allow an already attached
device to take over as leader, creating a new partition. For this to
work, the local leader weight (`otThreadGetLocalLeaderWeight()`) must
be greater than the weight of the current leader (which can be
retrieved using `otThreadGetLeaderWeight()`). If it is not, error code
`OT_ERROR_NOT_CAPABLE` is returned to indicate to the caller that they
need to adjust the local weight.
This commit also updates the related CLI command and adds a new test,
`test-032-leader-take-over.py`, to validate the newly added
mechanism.
This commit updates SRP client's `AutoHostAddress` behavior to
defer SRP updates on SLAAC address deprecation events.
Under `AutoHostAddressMode`, all preferred addresses on Thread Netif,
excluding link-local and mesh-local addresses, are registered. If no
eligible address is available, then the ML-EID will be registered.
This commit adds a new mechanism where if a previously registered
address starts being deprecated (e.g., due to an OMR prefix removal
from Network Data), the SRP update is deferred. The client will
re-register after the deprecation time has elapsed and the address is
removed. In the meantime, if any other event triggers the client to
send an SRP update, the updated address list will be included in that
update.
This commit also updates `test_srp_auto_host_address` to validate the
newly added behavior.
This commit makes `CalcRcpTimeOffset` of `RadioSpinel` into a public
method and call it from system `Process` method instead of making it
default behavior of `RadioSpinel`. This is also to avoid `RadioSpinel`
has a fixed behavior which is decided by
`OPENTHREAD_CONFIG_THREAD_VERSION`.
This commit updates `NetworkData::Leader` to enhance route lookup for
ALOC destinations. It contains the following changes:
- Adds `LookupRouteForServiceAloc()` to look up the route for a
service ALOC. This method uses the common `CompareRouteEntries()`,
which applies the same rules as in external route lookup.
- Adds `LookupRouteForAgentAloc()` to look up the route for DHCPv6 or
ND agent ALOC.
- Adds `FindPrefixTlvForContextId()` to find a Prefix TLV matching a
given Context ID (used in `GetContext()` and
`LookupRouteForAgentAloc()`)
- Adds `LookupRouteIn()` to perform route lookup among all entries of
a given `PrefixTlv` that match a given `EntryChecker` function
(used for `DefaultRouteLookup()` or `LookupRouteForAgentAloc()`)
- Adds `test-031-service-aloc-route-lookup.py`.
This commit updates `RemoveMessagesForChild()` to use a predicate
function to determine which messages should be removed. This replaces
the `Message::SubType` filtering and allows messages matching
multiple sub-types to be removed together.
This commit replaces direct calls to `DequeueAndFree()` with
`RemoveMessageIfNoPendingTx()` in `EvictMessage()`, `HandleResolved()`,
and `RemoveDataResponseMessages()`. This promotes consistency in
message removal logic and eliminates the need to check if the removed
message is `mSendMessage`, as this is already handled by
`RemoveMessageIfNoPendingTx()`.
On platform settings deinit, the file descriptor is closed but the
variable is not reset, which can lead to calling close on a stale fd
leading to bad file descriptor error in case the API is invoked
multiple times.
This commit adds a method to get spinel interface Id in
`SpinelDriver`.
This is to enable the user class of `SpinelDriver` can compose the
spinel header itself.
This commit adds a new mechanism in `RoutingManager` to discover and
track peer BRs found in Network Data. The `NetDataPeerBrTracker`
class implements this functionality, tracking a list of peer BR
RLOC16s and their age (time since appearance in the Network Data).
This commit also implements public OT APIs to iterate over the peer BR
list or get the total count, along with corresponding CLI commands
(`br peers`), and a test case validating the behavior.
This commit moves `RadioSpinel::SpinelStatusToOtError` to a seperate
header `spinel_header.hpp` so that this method can be used
externally. (For example, in `ot-br-posix`.
This commit requires `MAC_CSL_RECEIVER_ENABLE` to be enabled when
`CHANNEL_MANAGER_CSL_CHANNEL_SELECT_ENABLE` is also enabled. This is
checked and enforced in the `channel_manager.hpp`, emitting an
`#error` if it fails. This simplifies the `#if` checks related to
this in the `ChannelManager` class and CLI module.
New feature:
Added CoAP URI query processing functionality to CLI.
Solution:
URI string is checked for a '?' character. If found, the URI query
related part is moved to another string. Afterwards, the modified
`coapUri` string will contain only the path-related parts, and a
second string (`coapUriQuery`) will hold only the URI query related
parts. Then `coapUri` is passed to the original
`otCoapMessageAppendUriPathOptions()` method and `coapUriQuery` is
passed to a new method called `otCoapMessageAppendUriQueryOptions()`,
which - similarly to the other - splits the URI query part into more,
smaller pieces by the delimiter '&' and adds them as separate options
to the CoAP message making the request generated by this CLI function
RFC compliant. If '?' is not found, everything is processed the old
way.
This commit moves the definition of the 'RequiredRadioCaps' from
`RadioSpinel` to posix `Radio` class. Because this definition depends
on `OPENTHREAD_CONFIG_THREAD_VERSION`. And we want to remove lib's
dependency on OT core. And lib as a tool should be able to decide what
caps to check at runtime.
This commit updates the public API `otBorderRoutingGetNextRouterEntry`
and `otBorderRoutingRouterEntry` structure to indicate whether a
discovered router on an infrastructure link is likely a peer Thread
Border Router (BR) connected to the same Thread mesh. The related CLI
commands are also updated.
Additionally, this commit adds new tests to validate the discovery and
tracking of peer BRs.
This commit updates `DatasetManager::ApplyConfiguration()` to apply
the rest of the parameters in the Dataset even if setting the channel
fails. The channel error is now logged as `LogCrit()`.
Many USB radio devices (particularly those based on TI CC2652) have
reset and bootloader activation directly connected to DTR/RTS lines.
These devices will fail to start, in the default state where both
DTR/RTS are asserted on connection.
This patch ensures flow control is disabled and both DTR and RTS are
deasserted on startup while configuring the terminal.
This commit refactors the code and methods responsible for looking up
anycast destination, moving them from the `MeshForwarder` class to
the more appropriate `NetworkData::Leader` class. This better aligns
the responsibilities of each module (e.g. `RouteLookup()` is provided
by `NetworkData::Leader). This is a pure refactor with no changes or
enhancements to the existing implementation.
This commit harmonizes header file include style in CLI source files.
Most `#include` statements do not have any `#if` guard checks before
them, but some do. This commit removes the extra `#if` guard checks.
For CLI sub-modules, the `cli_<module>.hpp` header itself will have
the proper `#if` guard checks.
This commit adds a new mechanism in `RoutingManager` to track the
duration since a router is first discovered. This information is now
provided in `otBorderRoutingRouterEntry`, and the CLI `br routers`
command is updated to include this information for each router.
To enable tracking of longer durations, `Uptime` is used, which tracks
milliseconds since the start of `ot::Instance` as a `uint64_t` value.
`TimerMilli::GetNow()` is not suitable for this purpose because it
utilizes `uint32_t` intervals, which would limit the maximum
trackable time to roughly 49 days due to potential overflow.
This commit updates `test_srp_server` to wait longer after the start
of the SRP client before performing the test steps. This makes the
test more robust against random jitter which may be applied by the
client when registering.
This commit adds the `ParseTlvs()` helper method in the `Cli::Dataset`
class, which parses TLVs (as hex strings) from an input argument.
This is used in multiple methods to simplify the code.
The `Process<Cmd("set")>()` method is updated to avoid extra
conversion and use of core-internal types.
This commit adds an `Ip6::Header` field to `RxInfo`, along with the
`ParseIp6Headers()` method to decompress and parse the IPv6 headers
from the received frame. `RxInfo` now tracks whether the headers have
been parsed before.
The IPv6 headers may be parsed from different code paths as the
received frame is processed. For example, `UpdateRoutes()`,
`GetFramePriority()`, and `CheckReachability()` may parse the IPv6
headers. By having `RxInfo` cache the parsed IPv6 headers,
duplicate parsing is avoided.
This commit updates `Srp::Client` to apply a short random jitter
(15 seconds) when calculating the lease renew time. The lease is
renewed close to its expiration, using a guard interval of 120
seconds (renewing 120 seconds before expiration). The jitter is added
to distribute client refreshes, in case many clients registered their
services around the same time.
This commit moves csl receiver related functions to
sub_mac_csl_receiver.cpp to simply the sub_mac.cpp to improve the code
readability.
This commit is a pure refactoring and doesn't contain any logic or
code changes.
This commit makes two changes in `test_advertising_proxy`:
- In the test step where the server is restarted, a longer wait time
is used to account for the longer jitter interval used by SRP
client in such a case.
- Due to the use of short lease time (10 seconds) in this test, the
client will refresh the registered services quickly. Therefore, in
`check_host_and_service()`, any of `Registered`, `ToRefresh`, or
`Refreshing` states are accepted as indicating successful
registration.
This commit updates `PrepareNextDirectTransmission()` to use
`RemoveMessageIfNoPendingTx()` if a message cannot be prepared for
direct transmission. This ensures the message is not dequeued and
freed if it is also queued for indirect transmission.
This commit removes `spinel-config.h` and moves the configs to
`openthread-spinel-config.h` so that the definitions can also be
overridden by definitions in customized lib config file.
This commit adds a new feature to the `RoutingManager` to enable
tracking information about peer Thread Border Routers that are
connected to the same Thread network.
When enabled, the `RoutingManager` will maintain a record of
advertised RIO/PIO prefixes discovered from received Router
Advertisement (RA) messages of peer BRs. When disabled (the existing
behavior), such entries are not tracked.
When tracked, these entries are marked to be disregarded and are not
considered in any decision-making processes, such as selecting
favored on-link prefixes or determining routes to publish in the
Thread Network Data. They are primarily intended for debugging and
telemetry (information gathering) purposes.
This commit updates `Ip6` and `Lowpan` to use `OffsetRange` when
iterating and parsing options in an HBH extension header. It also
simplifies the `RemoveMplOption()` method by adding an `Action` enum,
which determines how to remove the MPL option: whether to shrink the
HBH header, fully remove the HBH header (if it contains no other
options), or replace MPL option with padding.
This commit adds `RxInfo::ToString()`, which generates a common log
string about an `RxInfo` using the "len:%d, src:%s, dst:%s, sec:%s"
format, providing frame length, source and destination addresses, and
whether link security is used. This is then used in different logging
methods, simplifying the code.
This commit updates `Tlv` helper methods to use `OffsetRange` in their
implementation. It also makes the `Tlv::ParsedInfo` type public. This
struct represents information about a parsed TLV in a message,
including the TLV type, the `OffsetRange` for the full TLV, and the
`OffsetRange` where the TLV's value resides in the message. This
replaces and enhances the `ParseAndSkipTlv()` method.
The `ParsedInfo` provides two methods:
- `ParseFrom()`: Parses a TLV at a given offset or offset range.
- `FindIn()`: Searches for a given TLV type in a message.
These methods handle both extended and regular TLV formats, validating
that the parsed TLV is well-formed and fully contained within the
message and the given `OffsetRange`.
Modules that iterate over a sequence of TLVs in a message are updated
to use `ParsedInfo` and its methods, simplifying the code.
This commit improves the `Srp::Client` mechanism for applying random
jitter delays before sending update messages to the server. It now
supports different jitter ranges based on specific triggers. Since
trigger events are often network-wide, potentially causing
simultaneous SRP re-registration from many nodes, longer jitter
intervals are used to distribute the resulting SRP update
transmissions and avoid congestion.
The following triggers are covered:
- Server switch: Client switching to a new server while already
connected to a discovered server. This occurs when a new server
entry appears in Network Data which is preferred over the current
selection.
- Server restart: Client was previously connected to a server that
disappeared from Network Data. Later, the same or a new server is
discovered in Network Data.
- SLAAC address add or remove: This is generally triggered by updates
to SLAAC prefixes in Network Data (e.g., OMR prefix changes).
- First registration after attach:
- If the device is attaching to an established Thread mesh
(e.g., after a reboot or initial pairing), the Network Data it
receives should already include a server entry, leading to a
quick server selection after attach. If server selection occurs
within a short window, a shorter TX jitter is used, allowing the
device to register quickly and become discoverable.
- If server discovery takes longer, a longer TX jitter is used. This
situation can indicate a server/BR starting up or a network-wide
restart of many nodes (e.g., due to a power outage).
This commit introduces `TxJitter` class to manage the requested TX
jitter based on a trigger reason. It tracks the time of the event
that triggered a longer jitter request. If the update message is sent
immediately after the trigger event, the requested maximum jitter is
applied. However, if the update message is sent later, the maximum
jitter is adjusted proportionally to the time elapsed since the
trigger event. If the elapsed time exceeds the requested maximum
jitter interval, the default short jitter is applied to avoid
unnecessary registration delay.
This commit updates `GetForwardFramePriority()` to save the original
`aRxInfo.mFrameData` before parsing the fragment header. The header
parsing may modify `mFrameData` to skip over the parsed portion. The
original `FrameData` is restored before returning, ensuring that
forwarded frames include the fragment header and eliminating the need
to create a copy of `aRxInfo`.
This commit introduces the `OffsetRange` class, which represents a
range of offsets within a `Message` or data buffer (i.e., a starting
offset and a length indicating the number of bytes in the range).
The class provides methods for common operations:
- Getting the start or end offset, or the remaining length.
- Checking if the range is empty or contains a certain number of
bytes.
- Advancing the start offset by a given amount, ensuring it never goes
beyond the end offset.
- Shrinking the range's length.
The new `OffsetRange` class simplifies methods that previously used
separate `aOffset` and `aLength` input parameters, improving code
readability and maintainability. It also facilitates reading and
processing content within a specified range.
For example, `Tlv::FindTlvValueOffsetRange()` now directly returns an
`OffsetRange` indicating the location of the TLV value. The `Message`
class is also updated with new `Read()` and `Append()` method variants
that accept `OffsetRange` arguments. These methods ensure that read
content is contained within the specified `OffsetRange`.
This commit introduces a new private struct `RxInfo` in the
`MeshForwarder` class, encapsulating information related to a
received frame during processing. The `RxInfo` struct contains
`FrameData` to track the received frame data bytes, `ThreadLinkInfo`,
and `Mac::Addresses`. This simplifies the code by allowing the
`RxInfo` to be passed to different methods instead of passing the
same information as separate parameters.
This commit adds the `OnLinkPrefix::IsFavoredOver()` method to
determine if an on-link prefix is eligible to be considered as a
favored prefix, and if so, is favored over another prefix. A
numerically smaller prefix is considered favored.
Additionally, a new test case is added to `test_routing_manager` to
validate the selection of favored on-link prefixes, including the
the requirement of a minimum preferred lifetime of 1800 seconds
for a prefix to be considered eligible.
This commit introduces new helper methods in the `Mle` class:
- `HasRloc16()`: Checks if the device is using a given RLOC16.
- `MatchesRouterId()`: Checks if this device's RLOC16 matches a given
Router ID.
- `HasMatchingRouterIdWith()`: Checks if this device's RLOC16 shares
the same Router ID with a given RLOC16. This implies that the two
devices are either directly related as parent and child or are
children of the same parent within the Thread network.
- `ParentRloc16ForRloc16()` derives the router RLOC16 corresponding to
the parent of a given (child) RLOC16.
These methods act as syntactic sugar, simplifying code and enhancing
readability.
This commit adds the `Tlv::ParseAndSkipTlv()` static method, which
parses a TLV (regular or extended) in a message at a given offset. It
validates that the TLV is fully contained within the message and
updates the offset to skip over the entire parsed TLV.
This helper method is used in various modules where manual iteration
over a sequence of TLVs is performed, specifically to skip over
extended TLVs. The following methods are updated to utilize this new
method and perform additional TLV checks:
- `DiscoverScanner::HandleDiscoveryResponse()`
- `MleRouter::HandleDiscoveryRequest()`
- `LinkMetrics::SubJect::AppendReport()`
- `LinkMetrics::Subject::HandleManagementRequest()`
- `LinkMetrics::Initiator::HandleReport()`
This commit updates `Dns::Client` so that when resolving a service
using `kServiceModeSrvTxtOptimize`, it switches to single-question
query mode and sends separate parallel SRV and TXT queries upon the
first response timeout. This is in addition to the existing behavior
of switching to separate queries upon receiving a response with an
error rcode from the server.
The `test_dns_client` unit test is also updated to validate this
scenario. New `TestMode` configurations are added to server to
control its behavior, allowing it to either reject multi-question
queries (by sending a "FormatError" rcode) or ignore them (sending
no response).
The SPI interface may receive the garbage bytes 0xff or 0x00 at the
start of the received SPI frame. This commit skips the 0x00 bytes
at the start of the received SPI frame.
This commit introduces several changes to the `Child` class for
managing registered IPv6 addresses by MTD children:
- A new method, `Child::GetIp6Addresses()`, is added, returning the
`Array` of registered IPv6 address entries. This array includes all
tracked child IPv6 addresses except for the mesh-local EID, which
can be retrieved using `Child::GetMeshLocalIp6Address()`.
- The simplified model enables easy iteration over the address array
using `Array` range-based `for` loops. With this change, the
complex `AddressIterator` and `AddressIteratorBuilder` nested
classes are removed, streamlining the code.
- MLR state tracking for child IPv6 address entries is simplified with
the introduction of a new class, `Child::Ip6AddrEntry`,
representing a registered IPv6 address entry. This class provides
`GetMlrState()` and `SetMlrState()`, enforcing that the MLR state
can only be set on a child IPv6 address entry.
This commit enhances `RoutingManager::RxRaTracker`:
- A new private `Evaluate()` method centralizes logic for handling
changes in tracked routers and advertised prefixes. It removes
expired entries, determines decision factors used by other
`RoutingManager` components, and schedules timers.
- A new class `DecisionFactors` is added to track factors used by
`RoutingManager`, including the favored on-link prefix, presence of
ULA/non-ULA prefixes, and M/O flags for mirroring in emitted RA
messages.
- `Evaluate()` determines these factors and signals changes using
`HandleRaPrefixTableChanged()` only when necessary, simplifying
signaling and avoiding redundant calculations.
This commit aims to make the use of RLOC16-related constants and
methods consistent across different modules.
- It replaces `Mac::kShortAddrInvalid` with `Mle::kInvalidRloc16` to
refer to an invalid RLOC16 value (note that these constants use the
same value `0xfffe`).
- It uses `Get<Mle::Mle>().GetRloc16()` to retrieve the device's
RLOC16 instead of `Get<Mac::Mac>().GetShortAddress()`.
- It updates `AddressResolver` to consistently use `uint16_t` for
RLOC16 (instead of the `Mac::ShortAddress` typedef).
This commit updates `HandleSetActiveOperationalDataset()` by removing
the extra conversion from `Dataset` to `Dataset::Tlvs` and directly
using the `Dataset` when saving the Active Operational Dataset.
This commit modifies `Child::RemoveIp6Address()` to update the
`mMlrToRegisterMask` and `mMlrToUnregisterMask` when a registered
child IPv6 address entry is removed from the list. These bit-vector
masks track the MLR state associated with the entry using its index
in the array. Since `Array::Remove()` replaces the deleted entry with
the last one in the array, the MLR masks are also updated to reflect
this change.
This commit updates how messages with an ALOC destination are
forwarded. If the chosen ALOC destination is a child, its parent is
used as the mesh destination unless the device itself is the parent.
Additionally, if the selected ALOC destination is a sleepy child of
the device, the parent node ensures to prepare the message for
indirect transmission. These changes ensure correct forwarding to ED
or SED devices when they register a service and want to receive
messages on their service ALOC.
This commit also adds a new test, `test-030-anycast-forwarding.py`,
which validates the forwarding to ALOC addresses on both ED and SED
devices.
This fixes a build error when the pre-processor define
OPENTHREAD_POSIX_CONFIG_NETIF_PREFIX_ROUTE_METRIC is set:
```
/usr/src/ot-br-posix/third_party/openthread/repo/src/posix/platform/netif.cpp:486:26: error: ‘kLinkLocalScope’ does not name a type
486 | static constexpr kLinkLocalScope = 2;
| ^~~~~~~~~~~~~~~
compilation terminated due to -Wfatal-errors.
```
This commit moves the `CheckReachability()` & `ResolveRoutingLoops()`
methods from the `MleRouter` class to the `MeshForwarder` class
now as `private` methods. This consolidates all `CheckReachability()`
overloads within the `MeshForwarder` class.
This commit adds `IsRouterRloc16()` (replacing `IsActiveRouter()`),
which checks whether a given RLOC16 refers to a router and not
a child. The new name clarifies that it is only a check on the RLOC16
value and does not verify if the corresponding router ID is allocated
and active. This commit also adds `IsChildRloc16()`, which is similar
to `IsRouterRloc16()` and checks if the given RLOC16 is for a child.
This simplifies the code and improves readability.
This commit updates the `Child` class to use `Array<Ip6::Address>` to
track the list of IPv6 addresses registered by an MTD child,
simplifying the code.
This commit adds the `HasMinimalChild()` method to the `ChildTable`
class and moves the logic for checking if a device has an MTD child
with a given RLOC16 from the `MleRouter` class to `ChildTable`. This
aligns better with the `ChildTable` class's responsibility of
managing all children and providing methods to search and find child
entries in the table.
This commit removes the `MleRouter::GetNextHop()` method and instead
directly uses `RouterTable::GetNextHop()`. This improves consistency
across all modules.
This commit simplifies `RxRaTracker::HandleRouterTimer()`. When all NS
probes to a router fail and it is marked as unreachable,
`HandleRouterTimer()` now directly removes/deprecates its
route/on-link prefixes, replacing a separate method previously used
for this purpose.
Additionally, a new helper method, `ShouldCheckReachability()`, is
added to check if a reachability check (sending NS probes) is needed.
This check is performed only if the router is not already marked as
unreachable and is not the local device itself.
The length of diag output messages is limited by the diag buffer size.
Developers have to change the diag buffer size to allow diag module to
output long messages. If diag output messages become longer and
longer, developers have to keep changing the diag buffer size.
This commit adds an output callback to diag module to output diag
messages. Then the length of diag output messages won't be limited by
the diag buffer size.
This commit removes the `Mle::GetNextHop()` method, which returned the
parent RLOC16 (when the parent state was valid) irrespective of a
given destination.
The `Mle::GetNextHop()` method was only used on MTD builds and from
`MeshForwarder::UpdateIp6Route()` method, where
`mle.GetNextHop(Mac::kShortAddrBroadcast)` served as an indirect way
to get the parent RLOC16. This is now replaced with a direct
`GetParentRloc16()` call, clarifying the intended purpose.
On FTD builds, the `MleRouter::GetNextHop()` is used instead of
`Mle::GetNextHop()`. The `MleRouter` method remains unchanged. Since
it would also return the parent's RLOC16 when the device is acting as
a child, using `GetParentRloc16()` covers this case as well.
This commit adds `IsLinkLocalUnicastOrMulticast()` to `Ip6::Address`
to indicate whether the address is either a link-local unicast or a
link-local multicast address.
The existing `IsLinkLocal()` is renamed to `IsLinkLocalUnicast()` to
clarify its purpose and align its name with `IsLinkLocalMulticast()`
and the new method.
The otci reports warning `DeprecationWarning: setDaemon() is
deprecated, set the daemon attribute instead`. This commit updates
the otci to fix this warning.
This commit adds a new template `Udp::SocketIn<Owner, RxHandlerPtr>`,
which defines a UDP socket for use within a specified `Owner` class.
It includes a `HandleUdpReceive()` member method callback for
processing received messages. This model, similar to `TimerMilliIn`,
eliminates the need for each socket user to define boilerplate code
for providing a static member function that simply casts and calls
the member method. This is now handled by the template `SocketIn`
class. The `Udp::Socket::Open()` method is also modified to no longer
require the callback and context parameters.
This commit adds `mIsReachable` to the `otBorderRoutingRouterEntry`
structure to indicate whether a router is reachable. A router is
marked unreachable after it fails to respond to multiple Neighbor
Solicitation (NS) probes. Additionally, the `br` CLI commands are
updated to display this information.
This commit enhances the generation of RLOC and ALOC addresses in the
`Mle` class.
Methods retrieving RLOC/ALOC addresses no longer return an `Error` and
are now `void`. The previous check for a valid `GetRloc16()` value,
which returned `kErrorDetach` if unset, is removed because this
scenario only occurred before the device's initial attachment.
Post-attachment, the RLOC16 remains valid even if the device is
detached. This change simplifies the code since RLOC/ALOC address
retrieval happens after the initial attachment.
Additional enhancements include:
- Changing the input parameter order in `GetCommissionerAloc()` to
match `GetServiceAloc()`.
- Using `Ip6::Address::SetToRoutingLocator()` to construct RLOC
addresses, harmonizing address generation and improving code
readability.
Since 74c833b623 was introduced all IPv6
multicast packets are passed to the host. Previously used promiscuous
mode configuration is now unused. This commit removes the dead code and
corresponding elements as there is no use case for them at the moment
(and they can confuse a user).
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commit renames the methods for retrieving mesh local addresses to
`GetMeshLocalRloc()` and `GetMeshLocalEid()` (from `GetMeshLocal16()`
and `GetMeshLocal64()`, respectively) to align with the terminology
used in the Thread specification. Member and local variables are also
renamed accordingly.
This commit updates the code to use `RouterIdMatch()` for comparing
the Router IDs of two given RLOC16 values. Additionally, it
simplifies the `IsMinimalChild()` method.
This commit adds the `Mle::GetLeaderRloc16()` method, which returns
the RLOC16 of the Leader. This simplifies code that previously used
`GetLeaderId()` followed by a conversion to RLOC16.
This commit refactors methods that save or read a specified Dataset
TLV in/from secure storage under `PLATFORM_KEY_REFERENCES`. These
methods are moved from the `Dataset` class to the `DatasetManager`
class, consolidating related functionality and aligning with the
responsibilities of each class. The `Dataset` class is focused on
appending/parsing TLVs, while the `DatasetManager` class is
responsible for managing and saving the Active and Pending Datasets.
This commit modifies `Udp::Open()` to clear all properties of the
passed-in `aSocket` using the `Clear()` method. This replaces the
existing code, which only cleared the socket and peer address and
port numbers. This change ensures that `void *mHandle` member
variable in `otUdpSocket` is also set to `nullptr` before invoking
platform UDP `otPlatUdpSocket()`.
This commit adds the `IsReachable()` helper method to `Router` class,
which checks whether a router is considered reachable. It replaces
the previous comparisons of `mNsProbeCount` in the code, improving
readability. Neighbor Solicitation (NS) messages are used to
determine reachability if the router has not been heard from for some
time.
This commit adds `AppendLinkAndMleFrameCounterTlvs()` to
`Mle::TxMessage` for appending both Link and MLE Frame Counter TLVs.
This mirrors the existing `RxMessage` method for reading these
counters.
This commit adds an extra command `diag frame` to specify the frame
used for `diag send` and `diag repeat`, so that we can use this
command to send arbitrary 802.15.4 frames.
This commit removes the option to set `key_switch_guardtime` when
constructing nodes and network topology in test scripts. The
following tests are updated to reflect this change:
- `Cert_5_8_02_KeyIncrement.py`
- `Cert_5_8_03_KeyIncrementRollOver.py`
- `Cert_6_6_01_KeyIncrement.py`
- `Cert_6_6_02_KeyIncrementRollOver.py`
This commit updates the resetting of the Key Switch Guard Timer. It is
now reset under two conditions:
- The device itself triggers a key rotation and moves to the next key
sequence after the rotation time has passed since the last switch.
- The device receives a MAC or MLE message with an incoming key index
matching the next key index. Regarding MLE messages, this rule is
applied regardless of the message being classified as Authoritative
or Peer.
This commit improves the logging of `posix/platform/netif.cpp` in
following ways:
- Fix the false warning log when OT stack adds a unicast address.
1. When OT adds an address, it will add an address on host netif.
2. Then it causes a netlink `RTM_NEWADDR` event.
3. It assumes the newly added address is added by the host, so tries
to add the unicast address to OT again by
`otIp6AddUnicastAddress`.
4. `otIp6AddUnicastAddress` returns 'invalid arguments' error so it
will log `Failed to process event...`.
- Improve the logging of `AddRoute` and `DeleteRoute`. Previously they
silently sent out the requests so we don't know what the allocated
netlink sequence numbers were used for.
This makes it easier for vendors to tweak scheduling CSL
transmission request depending on minimum time to process it
(which for example might be higher for RCP architecture).
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit adds `ReadAndSetNetworkDataTlv()` to `Mle::RxMessage` to
read the Network Data TLV from a received MLE message and set it in
`NetworkData::Leader`.
This commit updates `Srp::Client` to use sequential message IDs,
replacing the previous model where message IDs were generated
randomly.
When processing responses from the server, older message IDs are
accepted as long as the corresponding older message was identical to
the latest one. This helps in situations where the server's response
may be delayed (e.g., due to network congestion) and the client retry
mechanism is retransmitting the same update message.
This commit also adds a unit test `TestSrpClientDelayedResponse()`
to validate the new behavior.
This commit adds `RxRaTracker::ScheduleAllTimers()`, which is called
whenever there is a change in tracked information about routers and
their advertised on-link or route prefixes. This method determines
the next router expiration time (to initiate NS probes), the next
prefix entry expiration, and the next stale time, then schedules all
the timers. This centralizes all timer calculations and simplifies
the code.
This commit implements a generic discovery proxy in the DNS-SD server.
It uses a set of newly added `otPlatDnssd` platform DNS-SD(mDNS) APIs
to start or stop browsers, SRV/TXT resolvers, and IPv6/IPv4 address
resolvers. These APIs closely match the native OpenThread mDNS
implementation.
OpenThread DNS-SD's existing `QueryCallback` mechanism, enabling
customized discovery proxy implementations, remains supported.
This commit includes a comprehensive unit test. This test validates
the discovery proxy's behavior, covering: standard use cases, request
timeout, s hared resolver/browser usage for multiple queries with the
same name, filtering of invalid addresses, and various edge cases.
This commit adds `ReadAndSave{Active/Pending}Dataset()` helper methods
to `Mle::RxMessage` to read the Active or Pending Dataset from a
received MLE message and save it in the corresponding
`DatasetManager`.
This commit also refactors the code for parsing the MLE TLVs, moving
it from `DatasetManager` to the `Mle` class for better alignment of
responsibilities.
This commit adds a new property SPINEL_PROP_NET_LEAVE_GRACEFULLY. The
host can trigger otThreadDetachGracefully by setting this spinel
property. Hence a SetProperty handler is implemented for this
property. A GetProperty handler is also added for this property for a
property response.
This commit adds a new posix sys API `otSysInitCoprocessor` which only
initializes the platform spinel component. (Reset the co-processor and
get the type)
The intention is to let the app to get the co-processor type without
creating the otInstance. Currently only `otSysInit` can be called
which creates the otInstance. However in some cases, we don't want to
create the instance at the early stage.
This commit adds a RCP capability diag module for verifying the RCP's
capability. This commit is an initial commit that only tested several
Spinel commands.
This commit changes unit test `TestPrefixStaleTime()` so that a route
prefix is advertised with a lifetime of 800 seconds, which is longer
than the `kStaleTime` of 600 seconds. With this change, the entry
will not expire and become stale at the same time. This simultaneous
expiration could cause issues depending on the order of execution of
`mStaleTimer` and `mExpirationTimer`, which would be scheduled for
the same time. With this change, the entry will still be valid (due
to the lifetime of 800 seconds) when the stale timer fires after 600
seconds. This ensures that the test runs consistently and does not
depend on the order in which timer callbacks fire.
This commit adds `AppendActiveAndPendingTimestampTlvs()` helper
method, which appends both Active and Pending Timestamp TLVs to the
message. This helps simplify the code as the two TLVs are almost
always included together in different MLE messages.
This commit refactors the code for preparing and appending MLE TLVs,
moving it from `DatasetManager` to the `Mle` class for better
alignment of responsibilities.
It adds `TxMessage::AppendDatasetTlv()`, which appends an Active
or Pending Dataset (if present) to an MLE message following the
proper MLE TLV format. This includes removing the corresponding
`Timestamp` from the dataset, as MLE messages include timestamps
using their own MLE TLVs rather than within the dataset itself.
This commit removes the `GetSeconds() != 0` check in
`Mle::AppendPendingTimestampTlv()`. This allows `DatasetUpdater` to
use a Pending Timestamp with random ticks and a zero seconds value if
there is no pending Dataset.
This commit enhances the handling of `Timestamp`.
Methods `SetToInvalid()` and `IsValid()` are added to the `Timestamp`
class. The value where all bytes are set to `0xff` is used to
represent an invalid `Timestamp`. This corresponds to max seconds,
max ticks with the authoritative (`U`) flag set.
This helps simplify `DatasetManager`, where we need to track local and
network Active/Pending timestamps, which may not be present. These
are now represented by setting the `Timestamp` to the invalid value
(replacing the earlier model where a `Timestamp` pointer was used
with `nullptr` representing an invalid timestamp).
This allows us to simplify the `Timestamp::Compare()` method, now
getting two `Timestamp &` instead of `Timestamp *`. With this, we can
also define comparison operator overloads to compare two `Timestamp`
objects, which helps make the code simpler and more readable.
This commit introduces new helper methods in the `Dataset` class to
write or remove a Timestamp TLV (Active or Pending) to/from the
Dataset. These are added alongside the existing `ReadTimestamp()`
method.
This commit contains minor enhancements to `HandleParentResponse()`:
- Variable name `linkMarginOut` is used for the Link Margin TLV value
included in the response from the parent candidate. This is used to
`SetLinkQualityOut()`.
- `twoWayLinkMargin` variable name is now used to show the two-way
link margin.
- `IsBetterParent()` is updated to calculate the two-way link quality
for the new parent candidate from the two-way link margin (instead
of getting it as a parameter).
This commit adds APIs to iterate over mDNS browsers and resolvers,
along with related CLI commands. These are intended for testing. It
also introduces a build config `ENTRY_ITERATION_API_ENABLE` to
control whether the mDNS module provides mechanisms and public APIs
for entry iteration.
Currently, sending an IPv6 multicast destined packet encoded in
otMessage with the otIp6Send() function reports an error kErrorNoRoute
if "host loopback allowed" flag is disabled (despite of packet being
properly passed to Mesh Forwarder). This commit changes a flag checking
statement to return kErrorNone instead.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commit renames the entry stale time constant to `kStaleTime` and
sets it to 10 minutes (from 30 minutes). This change aligns the
`RoutingManager` with the recommended value in the latest stub router
RFC draft (`STALE_RA_TIME`).
The unit test `test_routing_manager` is also updated to reflect this
new constant.
This commit updates and fixes how the Pending Dataset delay timer is
started. It is now started only after the timestamps are checked and
the local Pending Dataset is updated and saved to non-volatile
storage from the `LocalSave()` method.
In particular, we no longer start the delay timer from the `Save()`
method, which reads the `Dataset` from a received `Message`. This
is because we may receive a Pending Dataset with a timestamp that is
older than the currently saved local Pending Dataset. In this case,
the local Dataset is correctly not updated but without this change,
we could start the delay timer for the received stale Pending
Dataset.
`openthread-spinel-config.h` is included by many modules like
`spinel_encoder`, `spinel_decoder`. To use these modules in external
projects, we need to remove the including of
`openthread-core-config.h`.
This commit fixes mbedTLS config where MBEDTLS_OID_C is not set
together with MBEDTLS_PK_PARSE_C in some OpenThread configurations.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This commit updates the determination of stale times for discovered
on-link or route prefixes. The stale time is now calculated per
unique prefix. If multiple routers advertise the same on-link or
route prefix, the stale time for the prefix is set to the latest
among all corresponding entries.
This addresses an issue in the previous implementation where, for
on-link prefixes, the stale time was determined as the latest stale
time over all on-link entries, regardless of the actual prefixes. For
route prefixes, the earliest stale time was used, also disregarding
the possibility of multiple routers advertising the same prefix.
This commit also updates the `test_routing_manager` unit test to
validate the corrected stale time calculation.
This commit adds helper methods to `Mle::RxMessage` for reading and
processing specific TLVs:
- `ReadModeTlv()`: Reads the Mode TLV as a bit mask and converts it to
a `DeviceMode`.
- `ReadVersionTlv()`: Reads the Version TLV and verifies that it is at
least 1.1 (the minimum supported version).
- `ReadAndMatchResponseTlvWith(const TxChallenge &)`: Reads the
Response TLV and matches it against a given challenge.
This commit updates the calculation of stale time for a discovered
local RA header (to mirror), incorporating the default route lifetime
specified in the header when it is non-zero, in addition to the RA
stale time constant. This ensures proper behavior even if the RA
header default route lifetime is shorter than the RA stale time.
Additionally, this commit adds `CalculateExpirationTime()` to
determine the expiration time from a given update time and lifetime
duration in seconds. If the given lifetime exceeds the supported
range of `TimeMilli` (~24 days), it clamps the value to ensure time
calculations remain within the valid `TimeMilli` range.
This commit updates constants in `RoutingManager`. Timing constants
are now consistently specified as an interval with an associated
jitter, where the actual interval is randomly selected within the
range `[interval - jitter, interval + jitter]`.
The initial transmission of three RAs with a short interval of 16
seconds (± 2 seconds jitter) remains unchanged. However, subsequent
RA transmissions now use a regular beacon interval of 3 minutes (± 15
seconds jitter), replacing the previous random interval selection
within `[200, 600]` seconds.
The selection of 3 minutes as the regular RA beacon interval aligns
the implementation with the latest stub router RFC draft's
`RA_BEACON_INTERVAL` default value.
This commit simplifies how `ProcessAddressRegistrationTlv()` signals
DUA address changes. Signaling now occurs after all child addresses
are registered, using a new `SignalDuaAddressEvent()` method. This
method checks the old and new DUA addresses to determine the
appropriate event to signal.
Additionally, `Child::GetDomainUnicastAddress()` is updated to return
an `Error` and copy the DUA address into a provided `Ip6::Address`
reference.
This commit updates `PdPrefixManager` to use the newly added
`GetDeprecationTime()` method for managing the lifetime of a DHCPv6
PD prefix. This method calculates the deprecation time using the
prefix preferred lifetime directly, instead of relying on the RA
stale time constant `GetStaleTime()`.
While the PD prefix may be determined by processing RA messages
received on the Thread interface, the RA stale time is not relevant
in this context. The RA stale time is only applicable to RA messages
received over infra-if. It specifies the time that can pass after the
last RA from a particular router on infra-if before assuming the
router might be unavailable and triggering Router Solicitation
(RS) messages.
Enh-ack link metrics required to reset/clear when radio(RCP) is reset to
clear existing data. To support it, added API to reset/clear linked list
of enh-ack link metrics.
Signed-off-by: Ashishkumar Vara <ashish.vara@nxp.com>
This commit updates the mDNS module to use the recently introduced
general-purpose `NextFireTime` class, replacing the module-specific
`TimerContext` class.
This commit simplifies the `DatasetUpdater`:
- Restricts `DatasetUpdater::RequestUpdate()` to be used only when the
device is fully configured and has a valid Active Dataset; otherwise,
it returns `kErrorInvalidState`. This simplification allows for the
removal of the timer (previously used to delay the update if no
Active Dataset was present).
- Adds a check in `RequestUpdate()` to determine if the requested
Dataset changes are already present in the current Active Dataset,
returning `kErrorAlready` if so.
- Enhances `RequestUpdate()` to prepare and set the Pending Dataset
immediately. It stores the requested Dataset as a sequence of TLVs
and retains the Active and Pending Timestamp values for later use
in determining update success or failure.
- Simplifies the code for checking Dataset changes and reporting
update outcomes. A common `HandleDatasetChanged(Dataset::Type)`
method is added, which can be used when the Active or Pending
Dataset changes and performs the necessary checks, eliminating
duplicate code.
This commit adds a CI check for MbedTLS version 2.28.8, instead of
testing version 3, which is now enabled by default.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This commit fixes the typo and enables SRP_ADV_PROXY - also by turning
on the dependent components.
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This commit introduces `NextFireTime`, a helper object for tracking
the next fire time along with the current time. It provides an
`UpdateIfEarlier(Time)` method to update the tracked next fire time
with a new given time only if it is earlier.
The `NextFireTime` class simplifies a common code pattern used across
modules to determine the earliest fire time when scheduling a timer.
It also ensures that the next fire time is never set before the
current time, improving code safety.
This commit fixes the warning, when logs are disabled:
warning: variable "storedCount" set but not used
[-Wunused-but-set-variable]
Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>
This commit adds a method `Dataset::IsSubsetOf()` to check whether one
dataset is a subset of another. A dataset is considered a subset if
all its TLVs, excluding Active/Pending Timestamp and Delay Timer
TLVs, are present in the other dataset with exactly matching values.
This new method simplifies `Dataset::Info::IsSubsetOf()`. The unit
test `test_dataset` is updated to validate the `IsSubsetOf()()`
method.
This commit introduces the following changes:
- Adds a new callback `HandleLocalOnLinkPrefixChanged()` for
`OnLinkPrefixManager` to signal changes to the local on-link
prefix (derived from the extended PAN ID).
- Modifies `RxRaTracker` to always ignore a PIO prefix matching the
local on-link prefix, regardless of the current state of
`OnLinkPrefixManager`. Such a PIO originates from another Thread
border router connected to the same Thread network and is not used
by `OnLinkPrefixManager` to decide whether it needs to advertise
the local on-link prefix.
- Updates `RxRaTracker` to be notified when the local on-link prefix
changes. In its `HandleLocalOnLinkPrefixChanged()`, it removes any
prefixes in the table matching the new prefix.
This commit simplifies the `Restore()` methods:
- A private overload `Restore(const Dataset&)` is added, taking the
read `Dataset` as input to avoid duplicate reads.
- The public `Restore(void)` is updated to use the new private
`Restore(const Dataset&)`.
- The `HandleDetach()` method is removed, and its use in the `Mle`
class is replaced with `Restore()`.
Use the `Route64 TLV` to update the router table after adding a new
neighbor in `HandleLinkAccept`.
With this change, when a router re-joins the network, it will restore
its nexthop table while processing the `link accept`, rather than
having to wait for an `mle advertisement`.
The RcpMinHostApiVersion capability should be parsed from
SPINEL_PROP_CAPS response using SPINEL_CAP_RCP_MIN_HOST_API_VERSION,
rather than using SPINEL_PROP_RCP_MIN_HOST_API_VERSION.
This commit adds a set of helper functions to parse a given digit or
hex digit character to its numeric value, or to check if a given
character is a digit, uppercase, or lowercase letter.
This commit adds `mIsLocalDevice` in the `Router` class to track
whether it represents the local device (e.g., another software entity
on this device). This information is used to skip sending NS probes
to this router. Tracking this information directly in the `Router`
class is safer than checking the address using `mInfra.HasAddress()`,
as the addresses may have changed since the last RA was received.
This commit exposes this information through the public APIs and CLI
command, and updates `test_routing_manager` unit test to validate the
new flag.
- Update `DatasetManager::Clear()` to stop delay timer if it is
Pending Dataset.
- Remove `PendingDatasetManager::ClearNetwork()` (use `Clear()`
instead).
This commit updates how `RxRaTracker` decides whether to process
PIO/RIO from a received RA message:
- The checks are performed directly in related `Process()` methods,
removing the `ShouldProcess()` methods.
- The check `Get<RoutingManager>().IsRunning()` is removed as it is
already checked before processing the RA message.
- The check `IsValidOmrPrefix()` is removed for RIO route prefixes.
Instead, all route prefixes are tracked, regardless of length
(excluding link-local or multicast prefixes). With this change,
there is no longer a need to specifically check and allow the
default route.
This commit moves the implementation of `ApplyConfiguration()` from
the `Dataset` class to `DatasetManager`. This aligns better with the
responsibility of the `DatasetManager` class (managing the active and
pending dataset and being an `InstanceLocator`), keeping the
`Dataset` class focused on providing helper functions related to TLVs
in the Dataset: finding TLVs, reading TLV values, writing/updating
TLVs, etc.
This commit enhances the `DiscoveredPrefixTable::Router` class to
track the last time an ND6 message (RA or NS) was received from each
discovered router. This information is now available through the
`otBorderRoutingRouterEntry` and can be viewed using the `br routers`
CLI command.
This commit moves functionality from `RoutingManager` to
`RxRaTracker`:
- The `ShouldProcessPrefix/RouteInfoOption()` methods, which decide
whether to skip or process a PIO/RIO, are moved to `RxRaTracker`.
- `RxRaTracker` is directly notified on network data change, using its
new `HandleNetDataChange()` method. This replaces
`UpdateRxRaTrackerOnNetDataChange()`.
This commit updates the native mDNS implementation to include
additional records (SRV, TXT, and AAAA for host) when answering
sub-type PTR (browse) queries, the same way it is included for base
PTR queries. The unit test `test_mdns` is also updated to verify and
expect this behavior accordingly.
This commit updates the `DatasetManager` to track information about
the local dataset, such as the local timestamp, update time, and
whether it is saved in non-volatile settings. This change effectively
merges the `DatasetLocal` logic into `DatasetManager`, allowing for
the removal of `DatasetLocal` and simplifying the code.
Issue: Disabling channel monitor feature on ot-daemon by setting
following flag "OT_CHANNEL_MONITOR = 0" a compilation error was
present.
Fix: Some pieces of code in OpenThread shall be under
OPENTHREAD_CONFIG_CHANNEL_MONITOR_ENABLE.
Signed-off-by: Ashishkumar Vara <ashish.vara@nxp.com>
This commit combines the `protected` and `private` sections of
`DatasetManager`, adding `ActiveDatasetManager` and
`PendingDatasetManager` as `friend`s. This simplifies the code and
aligns with the goal of having more functions handled by the
`DatasetManager` base class.
This commit moves the scheduling and handling of the stale timer to
`RxRaTracker`. This aligns with the responsibility of this class
managing all discovered on-link/route prefixes and the locally
generated RA header to mirror.
This commit updates the native mDNS implementation to ensure the
callback is invoked when a host is registered without any address
(effectively unregistering the host and removing any previously
registered addresses for the host-name).
The implementation ensures the callback is invoked after returning
from the `RegisterHost()` call (invoked from a posted tasklet), as
required by the mDNS API definitions.
Additionally, the `test_mdns` unit test is updated to cover
registering a host with no address for the first time or updating a
previous registration.
This commit moves the tracking of the RA header of locally generated
RA messages from `TxRaInfo` to the `RxRaTracker` class. The tracked
RA header is used when `RoutingManager` sends an RA, ensuring
consistent RA headers across all RAs emitted from the device.
This aligns the logic by having `RxRaTracker` track all information
from received RAs and simplifies stale time calculations.
This commit simplifies `DatasetLocal` by moving the different overload
implementations of `Read()` to `DatasetManager`. This aligns the code
so that overloads are provided by `DatasetManager` and `DatasetLocal`
provides one version of `Save()` or `Read()`. Unused/undefined
methods in `DatasetLocal` are also removed.
This commit refactors the logic that determines whether to replace the
current Active Dataset with a Pending Dataset upon its delay timer
expiration.
Instead of performing the check within the more general-purpose
`DatasetManager::Save()` method, the logic is now moved directly
into `PendingDatasetManager::HandleDelayTimer()`. This change makes
the code more specific and prevents unintended checks in other
situations where `Save()` is used (e.g., when Active Dataset is
directly set).
The conditions remain the same: The Pending Dataset's Active
Timestamp must be newer, or the Pending Dataset must contain a
different network key.
This commit also adds `test-029-pending-dataset-key-change.py`
to validate the roll-back of Active Timestamp using Pending
Dataset.
This commit renames the `DiscoveredPrefixTable` to `RxRaTracker`. The
new name is shorter and emphasizes that this class is responsible for
processing received RA messages and tracks useful information about
the RA (routers and their advertised flags and prefixes).
It also renames `RaInfo` to `TxRaInfo` to clarify its role for
tracking information about emitted RAs.
This commit updates `Mle::HandleLeaderData()`:
- Simplify the checks for presence of Active/Pending Dataset TLV.
- Introduce `saveActive/PendingDataset` boolean flags to track whether
we should read and save the included Dataset from the received
message. These replace and consolidate a group of other local
variables.
- Restrict the `IsLeader()` checks to FTD builds
This commit tries to eliminate the dependency of the lib directory on
OT core, especially for headers under lib directory.
Currently the headers and sources under lib directory uses a lot of OT
util functions and template classes. This is not preferred because it
will cause dependency issues if we leverage lib from another
project. For example, if we include headers under lib from
`ot-br-posix`, it won't be able to find the OT common headers. If we
add INCLUDE path of OT core common, that will bring a bigger issue:
There are many conflict headers. `ot-br-posix` also has headers as
'common/code_utils.hpp'.
This commit eliminates the dependency by copying required headers from
core/common to lib/utils directory (with some changes). All the util
functions are under namespace `ot::Lib::Utils`.
`OT_ASSERT` is simply replaced by `assert`. `assert` is already used
across the lib directory.
The commit also adds a config file only for the spinel module to avoid
including `openthread-core-config.h`.
This commit introduces the `ContainsAllTlvs()` method to `Dataset`,
which checks if a dataset contains all the specified TLVs. This new
method simplifies the implementation of `IsCommissioned()` and
`ContainsAllRequiredTlvsFor(Type)`
This commit updates error handling when saving Active/Pending
Operational Datasets in non-volatile settings. Previously,
`kErrorNotImplemented` was permitted as a return value due to legacy
behavior. Since non-volatile storage is now a mandatory requirement
for Thread operation, we enforce successful saves by asserting on any
error encountered during this process. Methods returning error types
are updated, and some now return `void`.
The public APIs `otDatasetSetActive()` and `otDatasetSetPending()` are
affected by this change. They now always return `OT_ERROR_NONE` and
can essentially be treated as having a void return type. The `otError`
return type is maintained solely for backward compatibility.
This commit optimizes `RoutingManager`:
- Replaces `RoutingManager::NetworkDataContainsOmrPrefix()` with
`ContainsOmrPrefix()`.
- Simplifies `OmrPrefixManager::ShouldAdvertiseLocalAsRio()` by
utilizing `ContainsOmrPrefix()`.
- Relocates `ContainsOmrPrefix()` to `network_data_leader.cpp` and
removes its FTD-only restriction.
This commit renames command line argument --local-host to
--local-interface to reduce confusion as discussed in #10194.
This commit also add help message for local interface.
This commit simplifies the `Leader::ContainsOmrPrefix()` method by
eliminating the loop over sub-TLVs based on stable flag status. Since
OMR prefixes must be marked as stable, the search for a given OMR
prefix can be restricted to stable sub-TLV only.
This commit lets posix `otSysInit` return the Co-processor type by
adding a field in `otPlatformConfig`. (This avoids breaking the
existing code that uses `otSysInit`.) Returning the Co-processor type
allows the app layer has the information and can do
initialization. For example, the dbus server.
The commit also allows `otSysInit` and `otSysDeinit` to be completed
when the co-processor type is NCP. This doesn't mean `ot-daemon` can
work with NCP now. But this is required by further developing NCP
support in `otbr-agent` because these two methods are required. The
native posix app (ot-daemon) will still exit when it detects a
co-processor other than RCP.
When the co-processor type is RCP, `otSysInit` and `otSysDeinit` work
as usual. When the type is NCP, only spinel manager will be
initialized and ot::Instance will not be created.
This commit modifies the `CalculateHash()` method to use a zero
checksum value for RA (ICMPv6) header for both received and emitted
RA message. In prepared RA messages, the checksum is always set to
zero, and the platform layer is responsible for calculating and
updating it. For a received RA, while platforms typically zero out
the checksum after validation, this behavior isn't explicitly
required by `otPlatInfraIf` APIs. By ignoring the checksum(setting it
to zero) during hash calculation, this change ensures correct
calculation regardless of platform behavior.
This commit also updates `test_routing_manager` to intentionally
modify the checksum field in an emitted RA message before passing it
back to the OT stack. This validates the updated hash calculation
behavior.
This commit streamlines dataset-related helper methods:
- Renames all methods that save local dataset to `SaveLocal()` for
consistency and to distinguish them from `Save()` methods, which
set the partition's dataset and perform additional checks
(e.g., ensuring the timestamp is ahead).
- Renames `SendSet()` to `SyncLocalWithLeader()` and passes `aDataset`
as an input parameter to avoid redundant dataset reads.
- Removes the now unnecessary `HandleDatasetUpdated()` method, as its
functionality can be inlined within `SaveLocal(const Dataset &)`.
- Consolidates additional dataset type-specific actions(e.g., starting
a delay timer for Pending Dataset changes) into the base class
`DatasetManager` methods `Save()` and `SaveLocal()`, simplifying
the code and reducing redundancy.
- Modifies `DatasetLocal` to provide a single `Save()` method with a
`const Dataset &` input. `DatasetManager` now handles conversions
from various dataset representations (e.g., component-wise
structures or TLV sequences).
This commit adds `RouterAdvOrigin` enumeration to track the origin of
a received RA message, whether it is from another router on the
infrastructure, or self-generated by either the `RoutingManager`
module or another software entity running on the device.
This is used to exclude prefixes from self-generated `RoutingManager`
RAs in the prefix table and simplifies learning and adopting of RA
headers from other software entities on the same device.
The origin is now logged when a new RA is received for improved
debugging.
This commit also updates `test_routing_manager` to pass back any sent
RA messages to the OT stack. This validates the mechanism for
identifying self-generated RA messages.
This commit enhances the readability of the `RoutingManager` class
definition by adding comments to delineate different sections within
the code: Constants, typedefs, enumerations, nested classes and
structs, private methods, and variables.
Homebrew installation of clang-format (satisfying >14.0 requirement)
outputs the following version string:
```
Homebrew clang-format version 14.0.6
```
This change fixes the following error while running make-pretty:
```
*** ERROR: Homebrew clang-format version 14.0.6; clang-format 14.0 required
```
This commit refactors and simplifies `RoutingManager`:
- Introduces `OnLinkPrefix` and `RoutePrefix` classes, both derived
from a common base class `LifetimedPrefix` (representing a prefix
and its valid lifetime).
- Replaces the originally dual-purpose `DiscoveredPrefixTable::Entry`
(used for both route and on-link prefixes) with a new template
`Entry<Type>`, specifically used with `OnLinkPrefix`, `RoutePrefix`,
and also `Router`.
- Updates `Router` to maintain separate lists for on-link and route
prefixes.
- Utilizes `OnLinkPrefix` in `PdPrefixManager` for tracking DHCPv6-PD
prefixes.
This commit adds support to simulate Thread radio over IPv6.
With this commit, a simulation will be simulated over either IPv6 or IPv4.
If it's simulated on IPv6, it communicates with other simulation nodes
in IPv6 group `ff02::116`. And if it's simulated on IPv4, it communicates
with other simulation nodes in IPv4 group `224.0.0.116`.
Note that simulating virtual time is not included in this commit.
Problem: Executing the `udp send` command in CLI without previously
opening the example udp socket results in an unhandled null-pointer
exception.
Solution: Before anything is processed in the
`UdpExample::Process<Cmd("send")>(Arg aArgs[])` method, the UDP socket
is checked whether it's open or not. If not, the method returns with
OT_ERROR_INVALID_STATE error avoiding the null-pointer exception.
During RCP recovery, the Host does not check if the RCP supports
logging a crash dump. This causes RCP recovery to fail when the RCP is
built with `OPENTHREAD_CONFIG_PLATFORM_LOG_CRASH_DUMP_ENABLE =
0`. This bug was introduced in #10061
This commit will make the Host only request crash logs from the RCP if
the RCP supports it.
This change leverages `OwningList<>` to manage discovered routers and
prefix entries within `RoutingManager`. This ensures automatic
deallocation of these items, streamlining memory management. It works
independently of whether the items are heap-allocated or from a
`Pool`.
This commit enhances `Dns::Name` to detect and handle cases where a
compressed DNS name contains a loop spanning multiple labels. The
`test_dns` unit test has been updated to include test cases for these
invalid names.
This commit introduces a new method, `RemoveAndFreeAllMatching()`, to
the `OwningList<Type>` class. This method removes and frees all
entries in the list that match a given indicator. This is used to
simplify the native mDNS implementation. The unit test
`test_linked_list` is also updated to validate the newly added helper
method.
This commit moves the definition of coprocessor_type from posix to
lib/spinel directory. There are two reasons to do so:
1. Allow platforms other than posix to access the definition. For
example, nxp imt-rx.
2. Allow the user (posix/main.c) of OT system API to access the
definition. Currently the posix main depends on OT system API but
doesn't depend on definitions in 'platform-posix.h'. This should be
kept.
This commit adds `CalculateExpirationTime()`, which simplifies the
calculation of expiration times of discovered prefix entry by
clamping a given lifetime to the maximum value (in seconds) first
before converting to milliseconds.
This commit simplifies the code and adheres to the SHOULD
requirement in the Thread specification, which states: "A Thread
Device that is not a Leader MUST NOT process this message. Instead it
SHOULD respond with 'Reject' state value".
This commit updates the `PdPrefixManager` class for improved
readability and efficiency:
- Relocated all Prefix PD methods in the header file for logical
grouping within the same `#if` block.
- Reordered method definitions for better organization (e.g., moved
`SetEnabled()` closer to the constructor, and logging-related
methods to the end).
- Renamed variables and types for conciseness (e.g., `Dhcp6PdState` to
`State`).
- Simplified prefix processing logic, regardless of whether it's from
RA or directly set.
- Moved additional functions into `PdPrefixManager::Process()`,
including checking `mEnabled`, logging failures, and updating
counters.
- Optimized `Process()` to update the timer only when the prefix
changes.
- Introduced a new nested `PrefixEntry` class with helper methods like
`IsFavoredOver()` and `IsEmpty()`, simplifying the code and
improving readability.
- The `IsFavoredOver()` method determines if one PD prefix is favored
over another.
This commit corrects the order of calls to prefix methods `Tidy()` and
`SetLength(kOmrPrefixLength)`. This was unintentionally reversed in
PR #10000.
PD prefixes can be shorter than `kOmrPrefixLength` (as allowed by
`IsValidPdPrefix()`). To use them as OMR prefixes, `Tidy()` is called
first to clear any extra bits before potentially extending the prefix
to `kOmrPrefixLength`.
This commit introduces the `br pd omrprefix` command, which displays
the DHCPv6 Prefix Delegation (PD) On-Mesh Routable (OMR) prefix when
the DHCPv6 PD feature is enabled. Additionally, the `debug` command
is updated to output `br pd state` and this new command when the
feature is enabled
This commit adds `ProcessSetRequest()` to process a received
`MGMT_SET` request message, validate the included `Dataset`, and
determine if it affects connectivity or changes the network key. The
now unused `DatasetTlv` is removed as TLVs are read directly from the
`Message`. This change will also enable future support for
`MGMT_REPLACE` request.
This commit adds a common `SendSetRequest(const Dataset &)` method
that prepares and sends an MGMT_SET message with the given Dataset.
This removes similar duplicate code.
This commit enhances dataset handling:
- Adds `ValidateTlvs()` which parses and validates all known TLVs
within the `Dataset` and checks for any duplicates.
- Introduces a set of `SetFrom()` methods for constructing a `Dataset`
from various types of inputs, e.g., other `Dataset`, TLV sequences,
`DatasetInfo` structures, bytes read from `Message`. Now they
consistently clear the `Dataset` before setting it.
- Adds `WriteTlvsFrom()` to update a `Dataset` replacing/appending a
set of TLVs.
- Adds `AppendTlvsFrom()` to append an already encoded sequence of
TLVs without validating/checking the format.
- Renames `Get/SetSize()` to `Get/SetLength()` for consistency.
- Adds `test_dataset.cpp` unit test for basic `Dataset` validation.
This commit removes the `LogCrit` example lines emitted from
`otPlatLogCrashDump()` in simulation platform. These extra log
lines can cause test failures.
- If we check in between SendReset() and WaitResponse(),
mIsCoprocessorReady may become true before waitResponse() and if
loop becomes false even successfully reset done.
- mIsCoprocessorReady is already checked before sendReset() to avoid
resetting in case of Mulipan architecture. There is no need to check
in between sendReset() and waitResponse().
- Removed mIsCoprocessorReady from if loop check between sendReset()
and waitResponse().
Signed-off-by: Ashishkumar Vara <ashish.vara@nxp.com>
This commit breaks down current posix radio module into `Radio` and
`SpinelManager`. The static instance of `SpinelDriver` is moved from
`Radio` to `SpinelManager`. The `platformRadioXXX` methods are also
broken down into `platformSpinelXXX` and `platformRadioXXX`. The
purpose is to make `platformSpinelXXX` resuable under both NCP and RCP
cases. And to use `platformSpinelInit` to detect to co-processor type
during initialization.
This commit moves a few static util methods from the `Interpreter`
class to the `Cli::Utils` class. Since the `Interpreter` class and
other classes for cli components inherit the `Cli::Utils`, they can
still access these methods. Putting these methods in utils class is
more intuitive. This change also makes other cli classes less
dependent on the `Interpreter` class.
The method `ParseEnableOrDisable` has been moved to the `Utils` class
and these components inherit the `Utils` class so there is no need to
add namespace.
This commit adds a new feature that allows platforms to log crash logs.
### Additions
- `void otPlatLogCrashDump(void)` - API that logs a crash dump using
OpenThread Logging APIs
- `SPINEL_PROP_RCP_LOG_CRASH_DUMP` - spinel prop that calls
`otPlatLogCrashDump()` when `Set`
- `SPINEL_CAP_RCP_LOG_CRASH_DUMP` - spinel capability denoting that a
RCP supports logging crash dumps
### Usage
- For `ot-cli-ftd|mtd`, `otPlatLogCrashDump()` is called at the end of
app initialization, before the main loop. See [main.c]
- For Host/RCP setups, during initialization, the Host gets the RCP
capabilities. If the RCP has the `SPINEL_CAP_RCP_LOG_CRASH_DUMP`
capability, the Host will `Set` the `SPINEL_PROP_RCP_LOG_CRASH_DUMP`
property, triggering the RCP to call `otPlatLogCrashDump()`.
- If RCP Recovery is enabled, the this will also happen once the RCP
has been restored
This commit contains smaller enhancements in `HandleSet()`:
- Remove the redundant `IsLeader()` check since it is checked in
`HandleTmf<kUriActiveSet>` and `HandleTmf<kUriPendingSet>` before
calling `HandleSet()`
- While reading TLVs from message, ensure that entire TLV is contained
in the `Message`.
- Simplify the code that verifies an `MGMT_ACTIVE_SET.req` from a
commissioner does not affect connectivity (change boolean checks to
positive instead of negative).
- Remove `hasNetworkKey` as the condition is tracked by
`doesAffectNetworkKey`.
Reference devices that are part of the Thread test harness construct
CoAP packets sent on TMF port 61631 for certain tests, for example in
the 5.9.x series where they have to force address errors (a/ae) for
duplicate DUA or re-registration tests. These tests started to fail
when reference device firmware was updated recently to a newer
OpenThread stack that included the change in
https://github.com/openthread/openthread/pull/9437.
Example:
```
udp send fd00:db9:0:0:0:ff:fe00:5000 61631 -x 4102d63697b16e02646eff0401010010fd007d037d037d0389c3a350cdcf36e0'
Ip6-----------: Dropping TMF message from untrusted origin
```
For certification purposes, we are adding a cli toggle (for reference
devices) as a test sub-command to disable the filter that drops TMF
messages from unknown origins.
handling
This commit introduces several smaller changes to the `Dataset`
class:
- Provides template methods `Read<Tlv>()` for flexible reading of any
TLV from dataset, mirroring the existing `Write<Tlv>()` methods.
- Replaces `SetTimestamp()` method with the `Write<Tlv>()` with
specific timestamp TLVs
- Renames `GetTimestamp()` to `ReadTimestamp()`, aligning the naming
convention with other methods.
The RCP Restoration feature missed restoring the source address match
feature configuration. It causes the source match table to be disabled
by default after the RCP restarts. This commit restores the source
address match feature configuration.
When the DHCPv6 PD state changed, we need to throw out a signal to
notify another process running on the OS, then the process will decide
if it need to withdraw or request RA.
This commit adds support for adding a DHCPv6 delegated prefix to the
Routing Manager via a new Open Thread API. Previously this feature was
only supported using a platform generated RA on a Posix based BR. For
platforms that can get the prefix directly from a DHCPv6 PD client API
there is no point in creating a RA for setting the prefix. It's much
easier to use a direct call to configure it.
This new API uses an otBorderRoutingPrefixTableEntry structure as an
input parameter and evaluates the prefix based on the same rules as
one coming from a platform RA. The lifetime of the prefix can be
updated by calling the function again with new time values.
Updates the `Dnssd` module to allow it use
- Either the native OT mDNS implementation
- Or use the platform `otPlatDnssd` APIs (delegated to platform)
Also adds `OPENTHREAD_CONFIG_MULTICAST_DNS_AUTO_ENABLE_ON_INFRA_IF`
for mDNS module to be automatically enabled/disabled on the same
infra-if used for border routing based on infra-if state.
When an icmp echo request is sent to rloc/aloc address of a Thread
device, OT replies to the packet. The packet is also passed to host
and the kernel may reply to the echo request. This would cause 2 echo
replies and may be confusing when testing packet loss rate by pinging
a rloc/aloc address.
Added OT_ICMP6_ECHO_HANDLER_RLOC_ALOC_ONLY to otIcmp6EchoMode to let
OT only handle echo request to rloc/aloc addresses, this is the
default mode in posix code. Set otIcmp6EchoMode to
OT_ICMP6_ECHO_HANDLER_DISABLED will help to avoid double ping replies
from both OT and host.
Fix -Wformat trigger on some platforms as an int32_t is printed using %d
```
src/core/mac/sub_mac.cpp:336:73: warning: format '%d' expects argument of type 'int', but argument 5 has type 'int32_t' {aka 'long int'} [-Wformat=]
336 | logString.Append("Expected sample time %lu, margin ±%lu, deviation %d", ToUlong(sampleTime), ToUlong(ahead),
| ~^
| |
| int
| %ld
337 | deviation);
| ~~~~~~~~~
| |
| int32_t {aka long int}
```
- Inlines `AppendMleDatasetTlv()` in `DatasetManager` (removing from
`Dataset` class)
- Updates the locally read 'dataset' directly by removing the
timestamp before appending it to the message as an MLE TLV value.
- Leverages `Read()` which already updates the `DelayTimerTlv` with the
remaining delay, eliminating the need to re-calculate and update the
delay.
- Uses `Tlv::AppendTlv()` to append the MLE TLV with `dataset` bytes
as value.
- Updates `Dns::Name::ExtractLabels()` for in-place label extraction,
optimizing string operations.
- Introduces `Name::StripName()` to efficiently remove a suffix name
from a DNS name in place.
- Updates and simplifies unit tests `test_dns` to validate new
functionality.
This commit enhances the expect test against link metrics manager
feature to ensure that the feature can be continuously turned on or
off and work well. Because the feature will be controlled by the
feature flag in ot-br-posix.
The commit separates the spinel handling from other rcp specific
handling in `RadioSpinel` by putting the spinel handling into a new
class `SpinelDriver`. The purpose is to make the spinel handling
reusable in further change (for new architecture).
`SpinelDriver` has the following functions:
1. Co-processor initialization
2. Send a spinel command to the co-processor without waiting
3. Drive the processing of received spinel frames. But it will not do
the actual handling.
In this commit, `SpinelDriver` is added as a member of `RadioSpinel`
and `RadioSpinel` uses `SpinelDriver` to implement some of the
existing functions.
With `SpinelDriver`, it is possible to implement a new
RadioSpinel-like module that provides non-blocking APIs (No
`WaitResponse` is used). Note that there is a private, simpler
version of `WaitResponse` in `SpinelDriver` which is only used during
Co-processor initialization. The initialization process of spinel is
still blocking.
Based on discussion in #9901 , this clarifies in the documentation
that the CLI `dataset` commands can only be used in specific
situations (like testing), and that these commands allow setting
invalid (combinations of) parameters also. It points to the
Commissioner as the correct way of doing dataset updates in
production.
It also adds "Overview" sections that were missing in two README
files.
Updates `MleRouter::SetRouterEligible()` to restart the role transition
timer if the device is a child and the router eligibility is changed
to `true`.
This commit makes the following improvements to Delay Timer TLV
handling in Pending Operational Datasets:
- Enforces maximum delay adhering to the Thread spec's maximum Delay
Timer value (72 hours), clamping larger values.
- Defines min, max, and default delay timer constants in
`DelayTimerTlv`.
- Adds `CalculateRemainingDelay()` helper method to calculate
remaining delay.
- Removes code handling delay values exceeding the OpenThread `Timer`
limitation (now redundant due to the stricter 72-hour maximum).
This commit contains the following:
- Use `FindTlvValueOffset()` to find `Tlv::kGet` in message.
- Define and use `TlvList` to get list of requested TLV type.
- `TlvList` is an array of TLV types, not allowing duplicate values to
be added to the list.
- Simplify `SendGetResponse()` to handle including all or a subset of
TLVs in response.
This commit replaces `defined(__ANDROID__) &&
!OPENTHREAD_CONFIG_ANDROID_NDK_ENABLE` macro checks with
`OPENTHREAD_POSIX_CONFIG_ANDROID_ENABLE`. This is to make the build
options more configurable. E.g. there are cases where `__ANDROID__` is
defined but the platform is not fully Android-compatible so we don't
want to enable the Android platform implementation.
This commit aims to add more flags to the 'ShouldUsePlatformUdp'
function, to let sockets that have ports belonging to the stack send
their packets without using the UDP platform abstraction layer.
Without this change, when Platform UDP is enabled, packets originating
from the DHCPv6 Server/Client will take an undesired route from
socket -> platform UDP -> external IPv6 stack -> Thread IP stack ->
packet over the air.
Co-authored-by: Cristian Bulacu <cristian.bulacu@nxp.com>
This commit simplifies `DatasetManager::SendSetRequest()` by using
`Tv::Find<TlvType>()` helper method to search within the given
sequence of TLVs for `CommissionerSessionIdTlv`.
This commit introduces a `Component` enum to represent dataset
components, and defines templated methods (`IsPresent<>`, `Get<>`,
`Set<>`, etc) for streamlined access. This reduces boilerplate code
for individual component management.
This commit introduces native mDNS support within the OpenThread
stack, implementing RFC 6762 compliant registration of hosts,
services, and keys. It supports the following functionalities:
- Sending probes to claim names.
- Sending announcements on initial registration and changes.
- Sending "goodbye" announcements when unregistered or upon record
removal.
- Negative responses (NSEC).
- Support for service sub-types and their addition/removal.
- Support for `_services._dns-sd._udp` queries (all service types).
- Responding to queries (including "QU" questions).
- Delay mechanism when responding to multi-question query messages,
ensuring unique answers.
- Providing extra records in the Additional Data section if not
already in the Answer section (e.g., on a PTR query, include SRV
and host AAAA addresses).
- Implementing Known-Answer Suppression.
- Supporting multi-packet queries with known answers in follow-up
messages.
- Rate-limiting record multicasts (once per second).
- Rate-limiting probe responses (once per 250ms).
- Detecting conflicts after probes.
- Limiting the size of emitted responses or probes, breaking into
multiple messages if necessary.
- Detecting self originating messages (sent by mDNS module).
- Support for service browser.
- Support for service resolvers (SRV and TXT records) and IPv4/IPv6
address resolvers for hostnames.
- Introduces smart cache management:
- Passively caches service records for active browsers.
- Passively caches address records for active service resolvers.
- Enables multiple simultaneous browsers/resolvers for the same
service/host.
This commit introduces public `otMdns` OpenThread APIs and related CLI
commands for the mDNS module.
For platform abstraction, `otPlatMdns` APIs are defined in
`mdns_socket.h` (e.g., to send or receive mDNS messages):
- An implementation of the platform APIs is provided for posix.
- Also under the simulation platform, a simplified implementation of the
`otPlatMdns` APIs is provided (intended for testing).
This commit also adds a detailed `test_mdns` unit test, validating
various functionalities and covering potential edge cases.
This commit adds `Utils::VerhoeffChecksum` class along with public OT
APIs and related CLI commands for Verhoeff checksum calculation and
validation. Unit test `test_checksum` is updated to test the new
module.
Provided two methods for OpenThread multipan :
1. Get the index by an openthread instance reference.
2. Get the reference by an openthread instance index.
This commit refines the `NetworkData::Publisher` to differentiate
between DNS/SRP unicast entries based on whether the address
information resides in service data (part of service TLV) or server
data (part of server sub-TLV).
Additionally, if another BR adds a service data unicast entry,
`Publisher` will zero out the desired count for server data unicast
entries, effectively removing any previously published server data
unicast entries.
The `test_netdata_publisher` has been updated to validate all the
newly added behaviors.
This commit adds `LogWarnOnError()` to emit warning-level logs on
errors. The emitted log includes the error code. This replaces custom
`LogError()` across modules, simplifying the code.
This commit adds new test cases for a topology with two BRs when the
primary BR is abruptly powered off. It validates that the second BR
takes over and all nodes successfully re-register their SRP services
with the new BR using new OMR addresses.
The first test (`501`) covers the case where neither BR is acting as
mesh leader. The second test (`502`) covers the case where the
powered-off BR is also acting a mesh leader.
Filtering out traffic to/from RLOC/ALOC was added by #423 for #419.
The intention was to filter out Thread's control traffic.
Now we already added filtering out traffic by checking whether it
is destined to a service hosted in OpenThread stack, so filtering
out by RLOC/ALOC is not necessary anymore.
This commit removes this filter, as a result, the core lib gets
rid of the `PLATFORM_NETIF` flag.
This commit simplifies `MleRouter::CheckReachablity()`:
- Remove and inline `Mle::CheckReachability()` which is used
when `IsChild()`.
- Uses local `isReachable` boolean variable.
Unicast SRP dataset uses a ephemeral UDP port which could be taken by
another process. Currently SRP server creates the socket at the port
after the server is added into netdata. However, at that moment the
port may not be available on the platform so it may fail to create the
socket and start the server.
This commit adds the logic to restart the enabling process with
another port candidate if SRP server fails to create the socket.
This commit ensures `MeshForwarder::CheckReachablity()` rejects frames
where `Ip6::Header::DecompressFrom(FrameData)` returns a parse error.
This prevents the processing of potentially malformed messages.
This commit simplifies `MutableNetworkData::RemoveTemporaryData()`:
- The `RemoveTemporaryDataIn()` methods return a `bool` indicating
whether the whole TLV can be removed.
- The code is refactored to combine the call to `RemoveTlv()` for
all TLV types.
This commit updates the CLI `netdata show` command to allow an
optional RLOC16 as input. Providing an RLOC16 filters the output to
display prefix, route, and service entries associated specifically
with the specified RLOC16. This is helpful for checking entries added
by a specific border router.
`test-011-network-data-timeout.py` is updated to validate the new CLI
functionality.
This commit contains small changes to logs in `HandleTimeTick()`
method in `MleRouter` to include the RLOC16 of child entries when
updating the child table.
This commit introduces new API for setting vendor-specific extra
options to append to emitted Router Advertisement messages. Support
for this is also added in CLI under `br raoptions` command.
Implement basic unit tests for tcat to validate BLE secure part.
Additionally align handling of BLE connection states and connection
callbacks.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit updates how `RoutingManager` differentiates between
self-generated RA messages and those from other sources sending RA on
the same device. This enables learning of the RA header, specifically
the default route lifetime.
This commit introduces a new mechanism to calculate and store a SHA256
hash of recently emitted RAs. Received RAs are cross-referenced
against the stored hashes to determine their origin. This replaces
the prior method, which relied on parsing and analyzing the included
options in the received RA.
A new test case is added in `test_routing_manager` to validate the
learning of RA header from other sources on same device.
This commit enables channel manager on SSED, together with channel monitor,
auto-selecting a better CSL channel for the link between child and its parent.
It also fixes tracking of CcaSuccessRate on CslChannel and adds toranj tests
for auto-channel selection and thread_cert test for autocsl-channel selection.
This commit introduces `NetworkData::FindRlocs()` which returns the
list of RLCO16 of all border routers and servers in the Network Data
matching specified filter conditions. The `BorderRouterFilter` can be
used to filter the entry type. It can be set to `kAnyBrOrServer` to
include all BRs and servers, or `kBrProvidingExternalIpConn` to
restrict the list to BRs providing external IP connectivity. The new
`FindRlocs()` replaces `FindBorderRouters()` and `GetNextServer()`
methods and helps simplify the code. Unit test `test_network_data`
is updated to validate the new method.
Update constants and build switch options to reflect the new version
number "1.4" (previously "1.3.1").
Keeping the legacy "1.3.1" and OT_THREAD_VERSION_1_3_1 types for
backward compatibility with projects that might be using those version
names.
Note that this commit does not change the default config value of
`OPENTHREAD_CONFIG_THREAD_VERSION` which is the default version to use
if it is not explicitly specified by build switches or in a project
config file.
This commit updates the documentation for two configs
`OPENTHREAD_CONFIG_DEFAULT_SED_BUFFER_SIZE` and `SED_DATAGRAM_COUNT`
clarifying their intended use.
This commit moves the log functions in RadioSpinel to a new Logger
class (only for spinel module) so that:
1. reduce RadioSpinel's code size for better readability
2. make the log functions reusable by the new Spinel class to add in
the future.
This commit contains smaller enhancements in the code related to
aging/updating router entries:
- Consolidate nested `if` blocks for readability.
- Add router's RLOC16 to logs for improved router tracking.
- Refactor duplicate code in `SEND_LINK_REQUEST_ON_ADV_TIMEOUT`.
Previously, when a child was promoted to a router role, the
leader upon sending "Address Solicit Response" would clear cache entries
associated with the child's old RLOC16. This commit modifies the code
to retain these cache entries when the sender is a direct child
of the leader. By retaining the cache entries, they can be associated
with the promoted router's new RLOC16 when the Link Advertisement is
received.
This commit moves the `Process{Get/Set/Enable/Disable}` methods to the
Output class and rename the `Output` class to `Utils`. The purpose is
to reduce code size in the Interpreter class to make the class focus
more on the command handling and easier for further refactoring.
The commit also removes the alias typedef of `Arg` in each cli module
because they are unnecessary. Having one definition in the parent
class is enough.
- remove typo that passed a uint64_t pointer to a function which need
a sufficiently large buffer
- fix bug that coap copying uri path option or any other long option
failed
This commit introduces `using` declarations in the `RoutingManager`
class for types defined within the `Ip6::Nd` namespace. This allows
for shorter, more readable type names to be used.
Updates validation logic after published route entry replacement to
prevent occasional failures due to a race condition. This increases
test stability.
When detaching, a child transmits a Child Update Request message with
Timeout TLV set to 0. The child waits for 1 second after sending the
Child Update Request message before stopping Thread
operation. However, during this time, the MLE retransmission timer may
fire and retransmit the Child Update Request message, which can cause
it to send a new Child Update Request message with a non-zero Timeout
TLV.
This commit update the behavior to avoid retransmitting the Child
Update Request message when detaching.
This commit adds a argument `-L`/`--local-host` to simulation platform
to specify the source IP address for packets simulating 15.4
frames. This allows the simulation packets being transmitted over
different network interfaces, so that the simulation can run on
different hosts.
This can be used to enable multiple emulation devices(e.g. Android
Virtual Device) communicating to each other over emulated Thread
radio.
The argument accepts either an IPv4 address or a network interface
name. In the latter case, the first found IPv4 address on that
interface will be used will be used.
This commit enhances flexibility in Router Advertisement (RA) message
construction by employing `Heap::Array`. This eliminates the need for
a pre-allocated buffer and removes the constraint of predetermining
the maximum RA message size.
Additionally, introduces `TxMessage` and `RxMessage` nested classes
within `Ip6::Nd::RouterAdvert` for efficient handling of outgoing and
incoming RA messages:
- `TxMessage`: Facilitates appending elements to an RA message with
dynamic buffer allocation.
- `RxMessage`: Enables parsing and iterating over options within a
received RA message.
This commit updates logging in posix platform modules so that the
emitted logs will include the platform log module name. This uses
the `otLogPlatArgs()`.
Previously the OT CLI won't be reiniitalized when it finds there's
already a listening socket. It's actually necessary to do the
initialize, considering this scenario:
1. Run `otSysDeinit()` and `otSysInit()` to reset the OT application.
1. Note that the OT instance is replaced by a new one in `otSysInit()`. We need to
call `otCliInit()` in `Daemon` to initialize the CLI with the new
instance. However, this step has been skipped in `Daemon` because the
listening socket is not cleared.
- Validates that key guard time is updated to 93% of key rotation
time when it changes.
- Checks for proper key sequence updates after key rotation
expiration.
- Confirms key guard mechanism blocks key sequence increments
while mesh nodes staying connected.
This commit updates `Srp::Server` to add snooped cache entries in
address resolver cache table for all registered host addresses
received in an SRP update message.
Entries are added when an SRP update message is received directly from
a mesh device. The RLOC16 is looked up using `AddressResolver::Lookup()`
for the SRP Update message's sender IPv6 address (SRP client's address).
This leverages snoop entry created during UDP message processing
associating sender's IPv6 address with its RLOC16.
This commit adds a new test-case validating the new behavior.
This commit makes changes/fixes to `KeyManager` regarding key switch
guard time.
Key Rotation Time updates:
- When the Key Rotation Time changes (due to security policy updates),
the key switch guard time (`mKeySwitchGuardTime`) is also adjusted.
It's set to 93% of the Rotation Time (rounded down).
- Immediately checks if the new rotation time indicates a rotation is
due and keys are rotated.
New variable `mKeySwitchGuardTimer`:
- This is reset to the current guard time whenever the key sequence is
updated.
- It decrements hourly until reaching zero.
- Key switch guard comparison is made with this value, aligning the
implementation with the Thread specification.
`SetCurrentKeySequence()` modification:
- Now accepts a new input parameter that determines whether to apply
or ignore the key switch guard when updating the key sequence.
- During a key rotation check (when the rotation time has passed), the
key switch guard is ignored and we always move to the next key
sequence number.
Other changes:
- Variables handling guard and rotation time now use `uint16_t`
instead of `uint32_t` to align with security policy definitions.
- API and CLI command documentation for setting the "key switch guard
time" emphasize that they are intended for testing purposes.
This commit implements a subset of `otPlatInfraIf` platform APIs in
simulation platforms using the `utilsSocket` to emulate communication
between BRs. This can be used for testing.
This commit also adds one (simple) example test case with two BRs
attached to two different network on same infra-if.
This is to initialize CLI for daemon instance.
With this API, user can redirect the Vendor server CLI output when
needed, and then reset back using this API when the CLI output should
be restored.
This commit modifies the `RoutingManager` to not send any Router
Advertisements (RAs) until the initial policy evaluation has
completed.
This change leverages the `IsInitialPolicyEvaluationDone()` method
which ensures that both OMR and on-link prefixes have been
determined. Specifically, this guarantees that we wait for the
initial set of Router Solicitation (RS) messages to be sent and that
we discover all other routers on the AIL before sending the first RA.
This is because on-link prefix evaluation itself is dependent on the
`mRsSender.IsInProgress()` check that waits till all RS messages are
sent and RAs from other routers are received and processed.
Without this change, the BR could receive its own RS message,
triggering it to send an RA prematurely, potentially with incorrect
M and O flags.
This commit adds a new mechanism in `BorderAgent` to allow the use of
ephemeral key. New `otBorderAgentSetEphemeralKey` API is added to
allow user to set an ephemeral key. The ephemeral key is used
instead of PSKc from Operation Dataset for a given timeout duration.
New API `otBorderAgentClearEphemeralKey` allows users to cancel the
ephemeral key before its timeout expires. While the timeout interval
is in effect, the ephemeral key can be used only once by an external
commissioner to connect. Once the commissioner disconnects, the
ephemeral key is cleared, and Border Agent reverts to using PSKc.
This commit adds a callback mechanism to signal changes related to the
Border Agent's (BA) use of an ephemeral key. It is invoked when the
BA starts/stops using the key, or when parameters (e.g., port number)
change.
This commit also adds CLI command under `ba ephemeralkey` for the new
APIs along with test script validating the new APIs.
This change makes it possible to build the `posix/platform/infra_if`
module on macOS (and other non-Linux systems). It adds guard checks
`#ifdef __linux__` around the use of `mNetLinkSocket`(used for
network interface state change detection). This allows compilation to
proceed on macOS, though equivalent functionality for detecting netif
change is not yet implemented.
This commit also adds a new `toranj-macos` workflow job to validate
that the code builds successfully with the `posix` platform.
This commit ensures that segfault won't happen if
`nullptr` is passed to `StringLength()`.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit introduces a new module, `simul_utils.h`, under
`simulation` platform. This module provides common utility functions,
primarily related to socket operations (for emulation of radio or
TREL interface). The new functions are used by `radio.c` and
`trel.c`, consolidating code and preventing repetition.
This commit changes how the link information is tracked for a received
message over Thread radio.
It removes the `const void *mLinkInfo` field in `otMessageInfo`.
Instead a new public API `otMessageGetThreadLinkInfo()` is added to
retrieve the `otThreadLinkInfo` from an `otMessage`.
All the `ThreadLinkInfo` properties are now directly tracked in
`Message` as part its `Metadata`. The `Message::Clone()` method is
updated to properly copy the link info from the original message to
its clones.
This change helps simplify the code, avoid passing `ThreadLinkInfo`
references. More importantly, it prevents potential errors due to
incorrect use of a pointer to stack-allocated `ThreadLinkInfo` object.
This is especially important for modules that save/enqueue `Message`
and its `Ip6::MessageInfo` for later use, ensuring link information
remains valid.
This commit updates `LqiAverager::Add()` to explicitly use a `uint16_t`
local variable for calculating the new running average. This prevents
potential overflows.
This commit contains small changes in the CLI modules:
- Replace use of core-internal `kError` with `OT_ERROR` constants.
- Remove `#endif` comments when the corresponding `#if` is less
than 20 lines away adhering to OT style guide.
- Adhere to single `return` policy (use `ExitNow()`).
- Avoid calling `static` method `ParseToIp6Address()` with an object.
- Smaller style fixes: New lines after variable declaration, use
shorter local variable names, etc.
On Android, the platform doesn't restrict link-local/mesh-local source
addresses when forwarding multicast packets. For multicast packets sent
from link-local/mesh-local address to scope larger than realm-local,
set the hoplimit to 1 so the packet can be delivered to host, and will
not be forwarded to infrastructure link.
The feature is guarded by OPENTHREAD_CONFIG_IP6_RESTRICT_FORWARDING_LARGER_SCOPE_MCAST_WITH_LOCAL_SRC,
set as 1 to enable.
This commit contains smaller enhancements in `netdiag.h`:
- Changes TLV type constants to use `#define`.
- Removed unused definitions/constants.
- Move constants used by CLI module to related CLI method.
- Update comments and fix style.
This commit contains the following:
- Adds support for the Vendor App URL TLV.
- Includes new public OT APIs and configurations to get and set the
TLV value.
- Enables use of the TLV in the CLI `networkdiagnostic` command.
- Updates `test-020-net-diag-vendor-info.py` to validate the new TLV.
This commit updates how random challenge is generated for "Child
Update Request" message sent by a parent during child restoration
(after parent reset/re-attach).
A random challenge is now generated and saved in the `Child` entry
when it is first initialized in `kRestoredState`. The
`SendChildUpdateRequest()` will use the saved challenge rather than
generating a new one.
This change prevents overwriting the saved challenge when the child is
also detached and happens to send a "Parent Request" in the window
where the parent transitions to the router/leader role and before the
parent sends the "Child Update Request". It ensures that the same
random challenge is included in both "Parent Response" and "Child
Update Response," guaranteeing proper acceptance of the
child's "Child ID request".
Co-authored-by: Abtin Keshavarzian <abtink@google.com>
Currently mbedtls debug logging can only be set for builtin
mbedtls. With an external mbedtls the log level does not get
configured. This commit removes the builtin requirement.
This commit implements address deprecation mechanism in `Slaac` class.
When a prefix is removed from Network Data, its corresponding SLAAC
address is not removed immediately. Instead, it is marked as
deprecated and its "preferred" flag is set to false. After a
deprecation interval (300 seconds), the deprecated address is
removed. If the prefix is re-added to Network Data before the
deprecation time elapses, the SLAAC address is also reinstated.
Since the number of SLAAC address entries is limited, non-deprecated
addresses are prioritized. This means that if a new entry is required
for a new prefix, the earliest deprecating entry can be evicted to
accommodate the new entry.
The `Slaac` module keeps track of the associated Domain IDs for
deprecating SLAAC prefixes, even if the related Prefix TLV has
already been removed from the Network Data. This information is used
during external route lookup in `NetworkData::Leader::RouteLookup()`
if a deprecating SLAAC address is used as the source address in
an outbound message, ensuring that the message is not dropped and
can be delivered.
This commit also adds a detailed test `test-027-slaac-address.py`
validating various behaviors of SLAAC module.
This commit moves the `mBackboneRouterLocal` before `mMleRouter` in
`Instance` class to ensure that it is initialized and its constructor
is called before. This ensures when `Mle()` constructor invokes the
`ApplyNewMeshLocalPrefix()` method on `BackboneRouter::Local`, it
is already initialized.
Currently the the data poll timer is used to maintain synchronization
with the parent. It sends a data poll once per csl timeout. However
often this is not necessary as other packets that are sent cause
synchronization to be maintained. This commit resets the data poll
timer each time a frame containing the csl ie is successfully
transmitted.
This commit adds a generic SRP Advertising Proxy implementation to
OpenThread core, which uses a set of newly defined `otPlatDnssd`
platform APIs for DNS-SD (mDNS) support on infrastructure network on
a Border Router.
`Srp::Server` provides `ServiceUpdateHandler` callback mechanism that
allows platforms to implement their own advertising proxy function.
While this is still supported, the new generic advertising proxy
implementation makes it easier to port and support the proxy function
on new platforms. The platform needs to provide the DNS-SD platform
APIs, which are designed to be simple and easy to implement.
The `AdvertisingProxy` directly interacts with `Srp::Server` and its
registered `Host` and `Service` entries, tracking whether an entry
has been successfully advertised, is currently being advertised, or
has been replaced by a new registration.
The `AdvertisingProxy` ensures that consecutive SRP updates for the
same host or service are committed on the server in the order they
are received, even if their advertisements are finished in a
different order. This is important for SRP Replication support, as
the server may receive a large number of SRP updates back-to-back for
the same host.
The `AdvertisingProxy` will also register key records for SRP host and
service instance names. This will keep the claim on the name of a
removed entry while its key lease is not expired. It is also used
when an SRP host registration has no off-mesh routable address.
This commit adds a detailed unit test `test_srp_adv_proxy` that
validates the `AdvertisingProxy` under many scenarios. The test
covers a range of cases, including delayed registration callbacks and
timeouts, new registrations replacing outstanding advertisements,
platform DNS-SD state changes and failures, host address changes
adding/removing OMR addresses.
This commit simplifies `Ip6::SelectSourceAddress()` by adding a new
boolean `newAddrIsPreferred` tracking whether the new address is
preferred over the previously chosen one as we iterate over all
addresses.
This commit updates mesh-local addresses to be marked as preferred
(reverting the change from #6532). This ensures that mesh-local
addresses are not skipped over in `Ip6::SelectSourceAddress()`.
The intention behind #6532 was to ensure that mesh-local addresses,
when added to the platform host IPv6 stack (such as lwIP or the Linux
kernel), are not preferred and therefore not selected by the host
stack as the source address of application layer traffic unless
explicitly assigned.
This PR delegates this responsibility to the platform code and updates
`posix/platform/netif` to change the preferred flag for mesh-local
addresses when adding them on the platform IPv6 stack.
To make this easier, the `otIp6AddressInfo` is updated to
include `mMeshLocal` to indicate whether or not the address is
mesh-local. `otNetifAddress` already provides such a variable.
This commit moves the check for rule 1 on preferring same address as
the destination before the `(bestAddr == nullptr)` check. This
ensures that rule 1 will be correctly applied even when the address
happens to be first one in the `GetUnicastAddresses()` list.
There's no clear use case for looping back packets to host.
And it would probably result in host processing duplicate
messages. This commit disables looping packets back to host.
This commit always delivers multicast traffic to host.
Without this change, host will not be able to receive link-local and
mesh-local multicast traffic, even the host subscribes to some multicast
addresses in these scopes.
Note that this does not change the host forwarding rules, as link-local and
mesh-local traffic are not supposed to be forwarded to adjacent links.
This commit fixes `DiscoveredPrefixTable::Entry::IsDeprecated()` to
properly handle larger preferred lifetime values. It uses the method
`CalculateExpireDelay()` to handle time delay calculation, avoiding
overflow. The `test_routing_manager` test has also been updated to
check for larger preferred/valid lifetime values.
This commit introduces the `ClearAllBytes<ObjectType>()` template
function to zero out all bytes within an object. This replaces
`memset(0)` calls in OT core modules, simplifying code and improving
safety by automatically using the correct object size.
This commit updates how the `NetworkData::Publisher` handles "DNS/SRP
Service Unicast Address" entries. Specifically, when a "DNS/SRP
Service Anycast" entry is added by another BR, the publisher will set
the desired count of unicast entries to zero. This effectively
removes any previously added unicast entry. This new behavior is
only applied when the address and port are included in the Server TLV
data in a "DNS/SRP Service Unicast Address" entry.
The `test_netdata_publisher` has been updated to verify this new
behavior.
urrently the `RadioSpinel::RestoreProperties` only restores some
properties defined in `spinel.h`. But if
`OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE` is selected, users may
set some properties of RCP via vendor command. So the radio spinel
should allow users to register a callback to restore the vendor
properties of RCP.
While trying to read the Pskc or networkkey, we check if the keyref is
valid. We instead need to check if the key is present. There is a
possibility that the persistent data was erased before trying to read
the key, which might result in asserts.
In #9554, a new radio capability is introduced: `RX_ON_WHEN_IDLE`. On
the RCP scenario, if recoverd, there will be an error:
```
OPENTHREAD:[W] P-RadioSpinel-: Error processing result: NotImplemented
OPENTHREAD:[W] P-RadioSpinel-: Error waiting response: NotImplemented
```
When set the rx on when idle on Host to RCP, no `Set property handler`
will be found due to the target handler was surround by the macro
`OPENTHREAD_MTD || OPENTHREAD_FTD`. This `rx on when idle` capability
should not only be used for MTD and FTD, but also used for RADIO on a
NCP. This PR fixes it.
There are two changes:
1. Address the issue of handling tx timeout in case of multipan
enabled. When RCP recovery initiates due to a timeout, the SPINEL
attempts to transition to the Rx state and switch channels to
initialize the RCP. However, these actions should be ignored when
operating as Multiprotocol RCP, as another host/protocol might be
scanning, and encountering the Rx state or channel switch could
result in an error. Considering such scenarios, ignore the error
rather than assert it for multipan.
2. Make the CMake option OT_MULTIPAN_RCP depend on the compile time
value OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE, rather than being
initialized to OFF.
This commit contains the following
- It fixes `SecureTransport` to ensure we do the max connection
attempt check when transitioning from `kStateCloseNotify`.
- It adds new public `otCoapSecure` APIs to start the agent with a
given max connection attempts, and to check the agent's state,
whether it is connected, connecting or closed.
- It adds CLI commands under `coaps` for the new APIs.
- It adds `test-026-coaps-conn-limit.py` to validate the max
connection attempt limit of CoAP secure agent.
The IPv4-mapped IPv6 address is useful in certain platform/public
APIs where we need to support both IPv6 or IPv4 address. We can
use IPv4-mapped IPv6 address to represent an IPv4 address. This
commit adds simple helper functions to validate, create and
parse such addresses.
This commit introduces a new feature in `SecureTransport` and
`CoapSecure` that allows us to specify the maximum number of allowed
connection attempts before the socket is automatically closed and the
CoAP agent is stopped. This can be used to enhance security by
preventing attacks and excessive retries. This commit also adds a
callback mechanism to notify when the limit is reached and the CoAP
agent is stopped.
For the Spinel layer, when the state is transmitting, if the received
Spinel frame fails parsing, the current implementation passes the
`OT_ERROR_PARSE` error code to the sub_mac layer via the tx done
handler. This causes an assert because the error code `OT_ERROR_PARSE`
is not a valid one for `SubMac::HandleTransmitDone`. Additionally, I
believe that when the received Spinel frame fails parsing, we should
not trigger a transmit done to the sub_mac layer, as the `TxFrame` and
the `AckFrame` may not be valid for further processing.
In this corner case, I suggest considering ignoring the parsing-failed
received packets, waiting for the tx timeout, and then raising a tx
timeout failure to recover the RCP. This might be a reasonable
approach.
Add `ResetCsl` and `otPlatRadioResetCsl`
This allows handling stack reset as separate call instead of
using `kShortAddrInvalid` as `otShortAddress` and
`nullptr` as `otExtAddress` which can be difficult to handle
on vendor's side.
Default implementation still calls
`otPlatRadioEnableCsl(aInstance,0, Mac::kShortAddrInvalid, nullptr)`
So no action is needed if vendor has already implemented handling
this case.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
Android traditioanlly use /dev/socket/ directory for unix sockets of
system services. This commit changes ot-daemon to use
"/dev/socket/ot-daemon".
In additional, this disables the .lock file which is not needed
for Android and can't be created along with the socket file
Resolves comments in aosp/2891476
Adds support for responding to `MleCounterTlv` in `AppendDiagTlv()`
Processing the TLV is a received response is already implemented
and supported. Updates `test-020-net-diag` to check query of MLE
counters TLV.
Currently, when netlink informs that the network interface is up, an
IPv4 route is added if a valid one is specified. However, elsewhere we
only add/update the route when NAT64 is actually enabled. Since IPv4
route is not useful when NAT64 is not enabled, apply the same logic when
the network interface is started.
This avoids warnings when NAT64 is compiled in but disabled:
incoming message is an IPv4 datagram but no NAT64 prefix configured, drop
Config `OPENTHREAD_CONFIG_SRP_CLIENT_AUTO_START_DEFAULT_MODE` is
changed to use `1` by default (unless explicitly overridden in
project configs).
It also updates related test scripts to utilize auto-start mode or
explicitly disable it for manual SRP client control, reflecting this
default change.
Create OT API to support trel telemetry which is supported through
platform API and also add cli support to get/reset trel counters.
Metrics we are adding are:
- trel_frames_tx
- trel_bytes_tx
- trel_frames_rx
- trel_bytes_rx
- trel_frames_tx_failed
- num_trel_peers
Metrics already supported through API:
- trel_enabled
This commit introduces a new method, `Name::CompareMultipleLabels()`,
to efficiently parse and compare multiple DNS name labels directly
from a message. This is then used to optimize `Name::Matches()`
eliminating the need to read the entire name into a separate buffer.
This commit also updates `Name::Matches()` method to treat the
first label as a single label allowing it to include dot character
(which is useful for service instance label).
Additionally, `test_dns` unit test is updated to validate the
functionality of the new methods.
This commit updates `ExtractLabels()` documentation to clarify that
name and suffix name can include or exclude the trailing dot but both
inputs must follow the same style. It also updates `test_dns` unit
test to validate this behavior.
This commit adds `Name::Matches()` method which compares a `Name`
instance (which can be from a C string or encoded in a `Message`)
with a given set of labels and domain name strings. This method
allows the caller to specify name components separately, enabling
scenarios like comparing "service instance name" with separate
instance label, service type, and domain strings. Unit test
`test_dns` is also updated to validate the behavior of the newly
added method.
This commit adds net role 'DISABLED' into `spinel_net_role_t` to
differentiate between 'DISABLED' and 'DETACHED' status of NCP.
Since this is only used for NCP and not related with RCP, the
`RCP_API_VERSION` is not updated.
This commit introduces template variants for `ReadName()` and other
related methods, allowing flexible reading of DNS names and labels
from messages into a given array buffer. This simplifies the code and
improves readability.
Additionally, this commit defines new types, `Dns::Name::Buffer` and
`Dns::Name::LabelBuffer`, as arrays of char with fixed sizes to hold
DNS names and labels, respectively.
OpenThread forks typically inherit all commits in the repo, including
the `dependabot` changes, so it's not needed to generate the same PRs
in the forks as well.
`OPENTHREAD_ENABLE_SPINEL_VENDOR_HOOK` was not consistent with the
intended `OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK`.
Rename `OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK` to
`OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE` for consistency with
other configs.
When compiling `mRadioUrl=aUrl` in `Radio::Init()`, some compilers may
implicitly convert `aUrl` to a temporary `RadioUrl` object and then
copy the temporary `RadioUrl` to `mRadioUrl` via a default copy
constructor. The pointer members of `mRadioUrl` point to the content
of the temporary `RadioUrl`, and it eventually causes the program to
access the memory that has been released, which causes the program to
crash.
This commit disables the compiler from implicitly converting `aUrl` to
a `RadioUrl` object and deletes the default copy and move
constructors.
OpenThread defines a structure to supply runtime configuration files
on a POSIX platform. These runtime configuration files contain factory
and product configuration information. They can include information
such as radio target power, region, and calibration settings.
By default, OpenThread uses an example file located at
`src/posix/platform/openthread.conf.example`. However, the file
location can be modified by supplying a pre-processor definition.
This approach has a few flaws:
- The pre-processor definitions are not accessible outside of the
OpenThread project structure.
- In order to change the values in project, a new header file must
be provided, the existing one modified, or the value forcibly set
in the OpenThread cmake file.
This change introduces OT_POSIX_FACTORY_CONFIG and OT_POSIX_PRODUCT_CONFIG
to the project cmake structure. These values allow projects that are
using OpenThread as a sub-project to pass in these runtime config paths
at compile time. This offers project maintainers flexibility in how
their project is configured.
This commit adds `OmrPrefixManager::ShouldAdvertiseLocalAsRio()` which
determines whether the local OMR prefix should be advertised as RIO
in emitted RAs. To advertise, we must have decided to publish it, and
it must already be added and present in the Network Data. This
ensures that we only advertise the local OMR prefix in emitted RAs
when, as a Border Router, we can accept and route messages using an
OMR-based address destination, which requires the prefix to be
present in Network Data. Similarly, we stop advertising (and start
deprecating) the OMR prefix in RAs as soon as we decide to remove it.
After requesting its removal from Network Data, it may still be
present in Network Data for a short interval due to delays in
registering changes with the leader.
This commit adds `RioAdvertiser` component to `RoutingManager`, which
manages the list of prefixes advertised as RIO in emitted RA messages
by BR. The RIO prefixes are discovered from on-mesh prefixes in
Thread Network Data, including OMR prefixes from `OmrPrefixManager`
and other prefixes. Existing code for maintaining the list, appending
RIOs, and determining/setting the RIO preference is moved to the
`RioAdvertiser` class.
The `RioAdvertiser` adds a new mechanism to deprecate prefixes removed
from Network Data such that any removed prefix is still advertised as
RIO in emitted RA messages up to a deprecation interval of 300
seconds (using a shorter route lifetime in RIO). This mechanism
ensures that when an OMR prefix is withdrawn, traffic can still be
routed during deprecation time from AIL to Thread devices using the
old OMR address.
This commit also updates `test_routing_manager` to validate the new
behavior.
This commit adds cli `debug` command. This command is specifically
designed for testing and debugging purposes. It executes a series of
CLI commands to gather information about the device and thread
network.
This commit adds `SetState()` in `SecureTransport` class which
also logs the state changes. New helper methods `IsState{}()` is also
added to simplify the code.
mLinkRequestAttempts is not initialized to zero causing it to get a
random value during power cycle. This causes MTD thread device to send
linkrequest after power cycle.
Create a thread network with two devices with DUT with mode rn. Reset
both devices simultaneously, enable leader and then child device
(DUT). Because class member variable mLinkRequestAttempts is not
initialized to zero during initialization, it will get random value,
and value greater than zero will lead to send a link request message
which should not be the case for a MTD device.
This commit adds `FinalizeMessageDirectTx()`, which clears the
`DirectTx` flag on a given message, updates the IPv6 counter, and
signals other modules about the transmission status(particularly for
`MleDiscoverRequest` and `MleChildIdRequest` messages so their
internal state can be updated).
This commit ensures `FinalizeMessageDirectTx()` is called in various
scenarios:
- Successful message delivery (all fragments reach destination).
- Any fragment transmission failure (frame tx failure)
- Message drop due to address query failure or malformed message.
- Message drop by queue management.
- Message eviction to prioritize higher-priority messages.
This commit also updates `DiscoverScanner` to stop an ongoing discover
scan if the "MLE Discover Request" message transmission fails with error
other than CSMA error. This is necessary because the `DiscoverScanner`
reuses the same `Message` instance for tx on different scan channels.
If the `Message` is freed (e.g., evicted), the `Message` cannot be
reused.
Finally, this commit renames `RemoveMessage()` to `EvictMessage()` to
clarify the purpose and usage of this method.
This commit simplifies `ChannelMaskTlv` generation and parsing.
Notably, it ensures that when we read this TLV from a `Message` the
TLV value format is validated. The changes include:
- `Entry` class representing a channel page entry is now defined as
a `private` nested class within `ChannelMaskTlv`.
- A shared `EntriesData::Parse()` method is added that validates and
parses the entries in the TLV, whether the TLV value resides in a
buffer (e.g., within `Dataset`) or in a `Message`.
- `ChannelMaskTlv::AppendTo()` method is added to construct entries
from a given combined channel mask (for all pages) and append the
`ChannelMaskTlv` to a given `Message`.
- `Radio::kSupportedChannelPages` is changed to an array
(containing all supported pages) instead of mask.
- Helper functions added in `Radio`, `SupportsChannelPage()` to
verify if a channel page is supported by the radio, and
`ChannelMaskForPage()` to obtain the supported channel mask for
a given page.
When we are switching to another infra netif via
`otBorderRoutingInit()`, we may want to read the state of the new
infra netif via `otSysInfraIfIsRunning()`.
Allow out-of-tree compilation of vendor specific changes to the host
side of spinel. By setting `OT_SPINEL_VENDOR_HOOK_SOURCE_DIR`,
`OT_SPINEL_VENDOR_HOOK_SOURCE` and `OT_SPINEL_VENDOR_HOOK_HEADER`, the
corresponding compile flags
`OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK` and
`OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER` get set which force the
use of the `VendorRadioSpinel` class instead of the regular
`RadioSpinel` in `src/Posix/platform/radio`.
This commit enhances the SRP client to track registered addresses when
auto host address mode is enabled. A new field `mSrpRegistered` is
added to `Ip6::Netif::UnicastAddress` to track whether the address is
registered by the SRP client.
This optimization ensures that the SRP client only performs
registration when there is a change to the list of addresses that
need to be registered, preventing unnecessary re-registration and
reduces communication overhead, e.g., when a deprecating
non-preferred address which is not registered by SRP client is timed
out and removed.
This commit adds different flavors of `WriteTlv()` including template
version as `Write<SimpleTlvType>()`. These methods write or update a
TLV in `Dataset`. The new methods replace the previous `SetTlv()`
methods. This new approach introduces type safety checks during
compilation, guaranteeing the use of the correct value type for each
TLV. For instance, `Write<PanIdTlv>()` only accepts `uint16_t` value,
while `Write<NetworkKeyTlv>()` only accepts `NetworkKey` value. This
commit also renames the previous `GetTlv()` to `FindTlv()`.
Clang Compilers warns about ignoring return values.
This commit does not change the existing behavior.
Ignoring errors in `processNat64StateChange` should be safe, and we
may work under downgraded experience.
Ignoring errors in `nat64Init` should be safe like the outter if.
This commit updates the `test-603-channel-announce-recovery` test to
verify router node channel recovery (following channel change) in
addition to child recovery.
This commit adds a check when returning Link Metrics data collected by
the Link Metrics manager so that only subjects in 'active' or 'renew'
state will return the data. This is to avoid showing N/A results for
neighbors that don't support being a Link Metrics Subject. Based on
current implementation, a 'Subject' object is created when the device
is trying to register a Link Metrics probing at its neighbor. If the
neighbor device doesn't support being a Subject, the device won't get
a LinkMetricsManagement response. During this period (before timeout),
the 'Subject' object is in 'kConfiguring' state. So it's unnecessary
to return any value for Subject in such states.
This commit introduces two new methods, `ContainsTlv()` and its
template variant `Contains<TlvType>()`, in the `Dataset` class. These
methods enable checking whether a specified TLV type exists among the
Dataset's TLVs.
This commit updates the `AutoAddress` mode in `Srp::Client` to
exclude any deprecated (non-preferred) address when registering
host addresses.
It also updates `test_srp_auto_host_address` to validate the new
behavior.
This commit introduces template methods `ReadValueAs<>()` and
`WriteValueAs<>()` in `Tlv` class for handling simple TLV types
(single value and uint value). These methods are employed to simplify
the handling of `MeshCoP::Tlv` in `Dataset`. Specifically, the
following TLVs are simplified:
- `PanIdTlv`
- `ExtendedPanIdTlv`
- `PskcTlv`
- `NetworkKeyTlv`
- `MeshLocalPrefixTlv`
- `ActiveTimestampTlv`
- `PendingTimestampTlv`
- `DelayTimerTlv`
- `NetworkKeySequenceTlv`
- `JoinerUdpPortTlv`
These enhance the code by reducing repeated boilerplate code for the
these simple TLVs.
This commit contains smaller change in `bbr_local` module:
- `LogDomainPrefix()` and `LogService()` methods are updated to use
newly added `Action` enumeration.
- `HandleDomainPrefixUpdate()` is simplfied to pass the event
directly to `mDomainPrefixCallback`.
- `SetState()` is updated so we we first remove ALOC/multicast
addresses based on the previous state before adding/updating any
addresses based on the new state.
- Some methods/variables are renamed (e.g., use shorter name).
This commit refactors the code to unify the concept of 'Infrastructure
network interface' (which is for border routing) and 'backbone network
interface' (which is for backbone router). From now on they will both
be referred as 'infrastructure network interface'. In general border
routing and backbone router should be using the same infrastructure
network interface so I made this change.
This commit removes the `posix/platform/backbone.cpp` source file and
put its functionality in `posix/platform/infra_if.cpp`. Previously
`backbone.cpp` maintained its own variables `gBackboneNetifName` and
`gBackboneNetifIndex` which are redundant compared to the ones
maintained at `infra_if.cpp`. I removed these variables and changed
the references to use `otSysGetInfraNetifName` and
`otSysGetInfraNetifIndex` accordingly.
This commit adds `otBorderRoutingDhcp6PdGetState()` function
declaration in `border_routing.h` which was already implemented in
`border_routing_api.cpp` file.
This feature allows the RCP to support multiple host stacks on different PANs
by making use of the spinel Interface ID.
Created unit tests for testing multipan feature with multiple ot-instance
support.
Based on Si-Labs PR #8914 by @parag-silabs, but a little different approach.
Instead of handling everything by a single sub-mac instance, multiple
OpenThread instances are created on RCP side that map to different IID.
Thanks to this there are separate data kept for each interface. Platform
is able to determine interface by ot instance pointer passed as an argument
to most of the API functions.
Tx/scan queue was removed as it is possible to request transmission in
parallel, it is up to the platform to decide if it should fail or queue
second tx or it has two radios available.
NOTE:
Platform needs to provide different otRadioFrame of each instance and
the processing needs to take into account the instance being used.
Signed-off-by: Marek Porwisz <marek.porwisz@nordicsemi.no>
A compiling issue occurred (based on gcc 9.4.0) beacuse the
multiplication of different enum types. So it is a good idea to define
the `kUsPerMs` as `constexpr` constants instead of `enum`.
This commit simplifies the handling of Dataset TLVs that need to be
securely stored when the `PLATFORM_KEY_REFERENCES_ENABLE` feature is
enabled. Two new methods are added to the `Dataset` class:
- `SaveTlvInSecureStorageAndClearValue()` which saves the value of a
given TLV type in secure storage and clears the TLV value by
setting all value bytes to zero.
- `ReadTlvFromSecureStorage()` which reads the TLV value back from
secure storage and updates it in the `Dataset`.
These methods are used by `DatasetLocal` to manage the set of TLVs
that need to be securely stored defined by a constant array of
`SecurelyStoredTlv` entries. Each entry provides the TLV type
along with the associated `Crypto::Storage::KeyRef` to use for
active or pending Dataset.
When InfraIf is down and we received a RA from the host interface, we
may trigger the EvaluateRoutingPolicy unexpectly.
This might happen when infra if and uplink are separate interfaces.
This commit fixes this by adding Start and Stop to `PdPrefixManager`
to start / stop handling RA messages.
There was a check `self.assertNotEqual(br1_external_routes,
br2_external_routes)` that verifies the external route entries of BR1
and BR2 are different, based on the fact that their external route
prefixes (in /64) were different. However, today we're using generic
external routes like `fc00::/7` so the external route entries will be
the same when BR1 and BR2 have the same RLOC16.
I updated the test case to verify that the devices have expected
external route entries respectively.
Add missing `.GetValue()` for getting values from `TimerMicro`
Add testing with OT_CSL_RECEIVER_LOCAL_TIME_SYNC enabled
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit contains smaller enhancements in `MlrManager`:
- Use shorter names for variables and methods
- Avoid the use of normal `enum` name as a namespace
- Use core type `Ip6::Address` instead of `otIp6Address`
This commit updates `SelectSourceAddress()` to ensure that
non-deprecated addresses are always preferred over deprecated ones.
When iterating over addresses, the best option is tracked in
`bestAddr`. If the new address is not preferred and the currently
selected `bestAddr` is, the new address is skipped to ensure that it
is not picked.
Missing a header file included in the file `exit_code.h`, and
'otLogCritPlat' will not be declared. If using the function
`SuccessOrDie` with only inlcude the file
`src/lib/platform/exit_code.h`, it will have a compiling error
`'otLogCritPlat' was not declared in this scope`.
When running border routers, users have the option to perform RCP
firmware updates. After completing the update, users prefer not to
restart or reinitialize the master device but only want to restart and
restore the RCP device.
Restarting can be initiated by the user; for example, they can restart
the RCP device by triggering the reset pin. However, after this
restart is done, certain RCP information needs to be restored, such as
the panid and extended address.
Typically, the master device can restore the RCP by triggering
`RecoverFromRcpFailure`, but this behavior is not
user-controllable. So there's a need to implement a callable API for
RCP restoration.
If the `RestoreProperties` is made public, users can actively restore
the RCP by calling it and some other public functions.
At the moment, C API does not allow to get/set the configuration flag
which the message to be looped back to the Thread interface. It is
important within the context of sending already prepared IPv6 mutlicast
packets with `otIp6Send()`.
This commit implements a mechanism in `RoutingManager` to learn the
Managed Address Config `M` and Other Config `O` flags in received RA
message from discovered routers on the infrastructure link and copy
the same flags in the emitted RA message from BR.
If any discovered router on the infrastructure that is not itself a
stub router (i.e., does not include the Stub Router flag) includes
the `M` or `O` flags, the same flag are included in the emitted RA
message. If a discovered router has failed to respond to the maximum
number of NS probe attempts, we consider it as offline and ignore its
flags.
This commit also adds a detailed test case in `test_routing_manager`
to validate the newly added mechanism.
This commit adds `otBorderRoutingGetNextRouterEntry` as a new API to
iterate over discovered routers on the infrastructure link and get
information about them such as their address, their Managed Address
Configuration (`M`), Other Configuration (`O`), and Stub Router
flags.
The `otBorderRoutingPrefixTableEntry` is also updated to contain
the same information.
This commit also updates the CLI `br` sub-commands to provide this
information, adding `br routers` to obtain a list of discovered
routers.
This commit refactors the code to eliminate the use of `using` for
`BigEndian` or `LittleEndian` functions like `HostSwap` and `ReadUint`.
As these functions are frequently used in header files, using the
direct namespace enhances code safety by mitigating potential conflicts
arising from the order of included headers in the absence of explicit
`using` declarations. Generally, avoiding the `using` keyword in headers
is considered a recommended practice.
Additionally, this commit removes the `Encoding` namespace to shorten
the full function names.
This commit removes the use of `CHAR_BIT` in the code and instead
defines a constant `kBitsPerByte` for this in `numeric_limits.hpp`.
`CHAR_BIT` is generally defined as `8` but there are some platforms
were this may not be the case. The way we use `CHAR_BIT` is to
determine number of bits in a byte, so introducing our own constant
`kBitsPerByte` helps improve code readability and safety.
This commit also adds `BitSizeOf()` macro which is similar to `sizeof()`
but returns the number of bits of a given type or variable. Macro
`BytesForBitSize()` is also added which returns the number of bytes
needed to represent a given bit size. This replaces the
`BitVectorBytes()` macro previously defined in `encoding.hpp`.
This commit contains the following changes:
- Adds `CMake` option `OT_PLATFORM_KEY_REF`, corresponding to the
existing `OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE`
config.
- Add empty implementations of `otPlatCryptoEcdsa{}` under the
simulation platform.
- Modifies `test_platform.cpp` to ensure that the key-ref related APIs
are defined only when the key reference feature is enabled.
- Updates `toranj/build.sh` script to provide the option to enable the
key reference feature.
- Updates GitHub workflow to validate build with key reference feature
under simulation platform, ensuring that future PRs are validated
with this feature enabled.
This commit introduces `OT_DNS_TXT_KEY_ITER_MAX_LENGTH` with a value
of `64` to represent the maximum TXT data key length supported by
`otDnsTxtEntryIterator`. We intentionally set this value higher than
the recommended maximum key length of `9` (as specified in RFC 6763
section 6.4) to enable the parsing of TXT data when longer keys are
employed.
This commit updates unit test modules to be defined under the `ot`
namespace. This aligns all the unit tests to follow the same
model, eliminating the need to use `ot::` prefix in unit test
code.
This commit updates `JoinerRouter::PrepareJoinerEntrustMessage()` to
improve how TLVs from Active Operational Dataset are appended to the
message. The TLV types that should be included in Joiner Entrust are
now defined in an array `kTlvTypes`, and the code iterating over this
array will find the TLV in Dataset and append it to the message.
Previously, if a required TLV type was not present in the Dataset, the
code would have appended the TLV with an uninitialized and possibly
random value, which could lead to unexpected behavior. The new code
will fail if the required TLVs are not present in the Dataset
instead, ensuring that only valid TLVs are included in the Joiner
Entrust message.
Check and ensure at least the netlink header is received in the netlink
socket to be safe before intepreting the buffer as a netlink message.
Per https://linux.die.net/man/3/netlink, should make sure
current message type is not NLMSG_DONE before calling NLMSG_NEXT
to properly handle multi-part netlink message.
After a router with children downgrades, it's former children will
still send child update requests until they timeout. This allows the
downgraded device to respond with status TLV indicating error to help
those children realize they need to reattach sooner.
Add a new `OT_RADIO_CAPS_RX_ON_WHEN_IDLE` radio capability which lets
OpenThread know what the radio idle state operation will be: receive
or sleep.
This allows to save power on sleepy devices since the active --> idle
transition is much faster, specially for the cases in which there is
some kind of serialization between OpenThread core and the radio
driver.
This commit addresses occasional failures in `test_routing_manager` in
the `TestBorderRoutingProcessPlatfromGeneratedNd` case. Unlike other
tests, this test sets the `heapAllocations` after the call `InitTest
(/* aEnableBorderRouting */ true)` (which enables `RoutingManager`).
This means that depending on the random timing, the `heapAllocations`
may already count some allocated heap items by `RoutingManager`
itself. With the change in this commit, at the end of the test, we
check that the number of remaining heap allocations is less than
`heapAllocations`.
This commit updates the duplicate detection mechanism for the frag
header tags under `MULTI_RADIO` config. The tag check is now
performed upon receiving the first fragment. For subsequent
fragments, older tags are permitted to be processed, but they will be
discarded if there is no matching entry in the reassembly list.
This change addresses an issue where lowpan fragment frames using
older tags could be erroneously discarded if they are interrupted by
higher-priority messages (e.g., an MLE message).
This commit updates `RoutingManager` to use heap allocated array
for `OnMeshPrefixArray` under `BORDER_ROUTING_USE_HEAP_ENABLE`
config.
This commit also updates the `toranj-config-posix` header to
explicitly disable `BORDER_ROUTING_USE_HEAP_ENABLE` under the POSIX
config to validate builds with this config disabled. This aligns with
the main purpose of the `toranj` posix build config, which is to
validate builds under different configs (run from the
`toranj-unittest` job in the `toranj.yml` GitHub action workflow).
In `ot::Posix::InfraNetif::GetFlags()`, the OT process would die if
the infra network interface is removed on the POSIX platform. On
Android platform, this is not the desired behavior because the system
server may tell the OT process to switch another infra network
interface. It's fine for OT process to keep running when the previous
infra network interface disappears because later system server will
call `otSysSetInfraNetif()` to specify the new infra network
interface.
This commit makes the following smaller enhancements in `Slaac`
class:
- Adds a new `ShouldUseForSlaac()` method to check if a network data
prefix should be used for SLAAC, checking flags and applying the
filter if set.
- Introduces separate `RemoveAddresses()` and `AddAddresses()` methods
to manage SLAAC addresses, replacing the previous `Update()` method.
- Adds helper methods to `RemoveAllAddresses()`, `RemoveAddress()` to
remove a specific address, and `AddAddressFor(prefix)` to generate
and add an address for a given prefix.
- Simplifies `GenerateIid()` by removing unused input parameters.
Allow platforms to reduce the periodic access to `otPlatRadioGetNow`
to calculate CSL synchronization elapsed time in the case when those
radio API calls are costly.
The current code won't return a failure error code when a MGMT_SET
request is rejected by the leader, so the client doesn't know whether
the operation succeed or not.
This commit fixes this issue by converting the REJECTED state to the
OT_ERROR_REJECTED error code which is propagated back via the
otDatasetMgmtSetCallback callback.
The lib `openthread-spinel-ncp` is used by the NCP build, it doesn't
need the file `radio_spinel.cpp`. This commit changes the CMake file
to make only the lib `openthread-spinel-rcp` include the file
`radio_spinel.cpp`.
This commit updates the `NetworkData::Leader` sub-class model,
removing `LeaderBase` (which intended to provide common functions
shared between FTD and MTD) and instead adding all methods directly
in `Leader` class with all `FTD`-specific methods having conditional
`#if` check.
This commit moves the `instance` module to a newly added folder
`core/instance` (from `core/common`. Header file `extension.hpp`
and its example is also moved to the same folder.
This commit adds a public OT API to generate hex dump output line by
line. This function is then used for both `LogDump{}()` and frame
capture output by CLI `promiscuous` command (removing repeated
similar code) and harmonize the hex dump outputs.
This commit adds a new API `otSysSetInfraNetif` to support specifying
the infrastructure network interface for the platform. This can be
useful in following cases:
- The infra link cannot be determined at the start up of
`otbr-agent`. We can call this API to specify the infra link without
specifying it in the command line arguments.
- Let Thread Border Router switch to another infra link without
restarting the whole OpenThread stack.
The "assert" and "VerifyOrDie" were checking same condition, so
the second validation was never executed if (rval != sizeof(key)).
Additionally,"aSwapFd" was not freed on assertion.
With this commit,
1. addressed the memory leak to system resources.
2. Replaced VerifyOrDie() or assert() by VerifyOrExit()
3. handle error at exit
The current code of the `mac.cpp` caches the supported channel mask to
a local variable. But the supported channel mask may be changed after
the country code is changed. This will cause the supported channel
mask used in `mac.cpp` to be inconsistent with the actual supported
channel mask.
This commit adds an API `otLinkSetRegion()` to set the region code and
then update the cached supported channel mask to avoid the channel
mask inconsistencies. The current Thread channel may be not included
in the new supported channel mask. When the Thread stack detects this
case, it detaches the current Thread network gracefully.
This commit adds `otNetDataGetCommissioningDataset()` as a public
API to retrieve the Commissioning Dataset from the Network Data.
It also updates CLI `netdata show` command to output the Commissioning
Dataset information. The documentation in `README_NETDATA.md` and
in `cli_network_data` are also updated. The test scripts that parse
`netdata show` output are also updated.
This commit updates `HandleTmf<kUriCommissionerSet>()`, which is used
to set the Commissioning Dataset. The following changes have been made:
- `Tlv::Find<TlvType>()` methods are used to find and parse TLVs in the
received request message.
- The existing code required the dataset to contain either Joiner UDP
or Steering Data TLVs. This check has been removed, making the
implementation aligned with the Thread specification. This permits a
commissioner to disallow MeshCoP Joining by not including Steering
Data.
- A new flavor of `SetCommisioningData()` is added, which reads the
TLVs directly from a given `aMessage`. This method is now used
when processing `kUriCommissionerSet` to avoid using temporary
local buffers to read and copy the TLVs.
- `SetCommisioningData()` and its related methods have been moved to
`network_data_leader_ftd` since they are limited to and used on
FTD devices acting as leader.
- A new private `UpdateCommissioningData()` method has been added.
This method first checks whether or not we can add a Commissioning
Data TLV with a given length into Network Data, before removing
the current TLV. This is used as a common method when Commissioning
Data is set from a message or from a given data buffer.
This commit updates `HandleNetworkDataRestoredAfterReset()`, which is
called after Network Data is restored on the leader after a leader
reset and recovery.
We now resign any active Commissioner by clearing the Commissioning
Data and adopt the Session ID from the restored Network Data
Commissioning Data. This ensures that any stale Commissioning Data
is not retained in Network Data for longer after a leader reset.
Some equation checks accidentally became non-zero checks due to
typo. Such tests may fail in certain build configurations when the
heap allocation is zero after initialization of the test.
This commit updates CommissionerIdTlv to be defined as `StringTlvInfo`
(a TLV with a UTF-8 string value with a specified maximum length). This
allows us to use `Tlv` helper methods to `Find` and `Append` this
TLV, simplifying the code.
This commit also adds a helper `StringCopy()` method that copies a
C string into a given target string buffer array if it fits in the array.
This method can also optionally perform an encoding check on the string,
such as a UTF-8 encoding check. This helper method is used to simplify
setting different strings, such as Commissioner ID, Provisioning URL,
Vendor Name, etc.
This commit contains changes related to parsing of Commissioning
Dataset sub-TLVs in `NetworkData::Leader`:
- Adds `FindInCommisioningData<SubTlvType>` to search for a given
`SubTlvType` in Commissioning Data.
- Adds `FindCommissioningSessionId()`, `FindBorderAgentRloc()`,
and `FindJoinerUdpPort()` to parse and get get the info
from Commissioning Dataset.
This commit simplifies the `RadioSpinel::SetMacKey()` method.
A common `private` overload of `SetMacKey()` is added that uses
`const otMacKey &` as its input key type.
When `KEY_REFERENCES_ENABLE` is not enable the `SetMacKey()` simply
passes the key from the `otMacKeyMaterial` directly. This avoids the
unnecessary copying of the key into a local variable.
When `KEY_REFERENCES_ENABLE` is enabled, the keys are read from
secure storage. A new `ReadMacKey()` helper method is added which
also validates that the read key size is correct.
This commit contains smaller changes in` MeshCoP::Leader` class:
- Changes `CommissioningData` to be a `private` type in this class
- Adds `Init()` to `CommisioningData()` to init all sub-tlvs.
In RadioSpinel::SetMacKey we try to reuse the otMacKey passed to
export the literal key from PSA to be sent over SPINEL to RCP. But as
the passed param is const, we cant really use this. Better option is
to extract it into a local buffer and use that to pass the keys to
RCP.
This commit adds new public OT logging APIs `otLogPlat()` and
`otLogPlatArgs()`, which allow the caller to specify a platform
sub-module name to be included in the emitted log. This makes it
easier to distinguish logs from the platform layer and filter the
logs.
This commit also updates the `RadioSpinel` class to use the new API,
ensuring that its logs use the "P-RadioSpinel" module name.
This commit moves the helper methods to find a specific TLV in a
sequence of TLVs from the `MeshCoP::Tlv` class to the base `Tlv`
class. This makes these helper methods accessible to all subclasses.
Also fixes a pskc -> PSKc typo; and explain better how to init
dataset. Based on existing documentation I struggled a long time to
create a Pending Dataset in the proper way, so I thought it would be
good to document this better.
This commit updates the `Dataset::SetTlv<ValueType>()` documentation
to mention its specifications for `uint` types (which use big-endian
encoding). It also adds `static_assert` checks to ensure that the
general template implementation is not used with `uint16/32/64`
types.
This commit updates the `Ip6` class to use `OwnedPtr<Message>`. This
smart pointer automates the freeing of messages and helps to simplify
the code by removing all the logic that tracks whether a message
needs to be freed. It also makes the transfer of ownership of
`Message` instances between methods more clear.
This commit adds an `IsLeader()` check to ensure that the device is
acting as the leader before processing `kUriLeaderPetition` or
`kUriLeaderKeepAlive` TMF messages. This adds a safeguard to ensure
that only the leader can update the commissioner dataset.
This commit simplifies how the `Netif` unicast and multicast addresses
that use the mesh-local prefix are updated when the mesh-local prefix
is changed.
The `Netif::UnicastAddress` class now includes a `mMeshLocal` flag,
which is set for all mesh-local addresses (RLOCs, ALOCs, and ML-EID).
When the mesh-local prefix is changed, `Mle` will inform `ThreadNetif`
to apply the new prefix. `ThreadNetif` will then update all of the
assigned unicast addresses that are marked as mesh-local, as well as
all of the subscribed mesh-local prefix-based multicast addresses
(such as link-local or realm-local All Thread Nodes addresses). The
`Netif` class first signals the removal of the previous address based
on the old prefix, and then the addition of the new address with the
new mesh-local prefix.
This change simplifies the code, in particular the modules such as
`Commissioner`, `BorderAgent` and `BackboneRouter::Local`, which need
to manage specific ALOC addresses. These modules no longer need to be
informed when the mesh-local prefix is changed to update their
address, as it will be done by the `Netif` class directly.
This commit contains the following smaller changes in `Ip6` and its
public APIs:
- Updates the `otNetifAddress.mNext` field to be a pointer to `const`.
This prevents users of OT APIs from modifying addresses as they
iterate over the list of addresses. The `otNetifMulticastAddress`
structure already uses this model.
- Adds new API `otIp6HasUnicastAddress()` to check whether or not a
unicast IPv6 address is assigned to the Thread interface. This is
used to simplify CLI and `posix/platform/netif.cpp`.
- Fixes the returned error from `otIp6AddUnicastAddress()` to be
`OT_ERROR_INVALID_ARGS` when the address is a Thread internal
address, to match the documentation.
- Fixes documentation and style in `ip6.h`.
This commit adds `Ip6::PrepareMulticastToLargerThanRealmLocal()`,
which prepares to transmit a multicast message with destination
larger than realm-local address. It checks if any sleepy child of
device is subscribed to the multicast address and clones the message
for indirect tx if needed, before adding the IP-in-IP tunnel header.
The new method helps remove repeated code in `SendRaw()` and
`SenDatagram()`.
This commit updates how `Ip6::HandleDatagram()` processes a tunneled
IP-in-IP message. Previously, if a message was marked for both
`receive` and `forwardThread`, e.g., possible for a multicast message
from host with multicast-loop flag, it would be received but not
forwarded to the Thread mesh. This commit ensures that such messages
are handled properly.
Without this change, multicast transmission still works fine due to
the MPL layer retransmitting the message, which would then be
forwarded to the Thread mesh. However, this change improves the
multicast behavior by ensuring that the original/first message is
also forwarded to the Thread mesh.
This commit changes the code so that if we need to both `receive` and
`forwardThread`, we create a copy of the message by cloning it.
Otherwise, we take ownership of the original message and use it
directly. We then remove the encapsulating header before processing
the embedded message by calling the `HandleDatagram()` recursively.
This commit updates `PingSender` and its config to include a
`mMulticastLoop` flag and allow the caller to set this flag. When
set, multicast ping echo request messages are looped back and
received by the device itself if it is subscribed to the same
address. The `ping` CLI command is also updated to allow setting this
flag.
This commit also updates `test-008-multicast-traffic.py` to add new
test cases to cover the multicast loop flag behavior (pinging with or
without this flag). In particular, it covers when the ping
destination is a realm-local multicast address and when it is a
larger-than-realm-local multicast address (where the `ot::Ip6` module
would use a tunnel header for forwarding the message).
This commit contains smaller changes in `Ip6` class:
- Rename constant `kForwardIcmpTypes` to follow naming convention
- Simplify how it it used to filter which ICMP types are forwarded
to Thread mesh.
With the recent addition of `GetOrigin()`, the origin of a message is
tracked by `Message` itself. With this change, we no longer need to
pass `aIsOutbound` to `Ip6::Mpl` methods, as it can be determined
from the origin of `aMessage`. This commit simplifies the code by
removing the `aIsOutbound` input parameter.
This commit contains smaller changes in `HandleRetransmissionTimer()`:
- Remove nested if/else blocks and use `continue`.
- We clone the MPL message if more retx are needed, otherwise use the
`message` directly.
- In both cases, we now use the same code path for preparing and
sending the `message`, avoiding repeated code.
- Rename `GetTimerExpirations() to `DetermineMaxRetransmissions()`.
The posix platform is able to support the HDLC, SPI and vendor spinel
interfaces, but the spinel interface type can't be changed
dynamically. It is inconvenient to use different spinel interfaces for
Thread stack in Android. This commit enables the posix platform to
support the HDLC, SPI and vendor interface at the same time, and the
final spinel interface type is determined by the radio url protocol.
Some other changes:
1. Not use CRTP style for the radio spinel.
2. Deprecate the OT_POSIX_CONFIG_RCP_BUS and
OPENTHREAD_POSIX_CONFIG_RCP_TIME_SYNC_INTERVAL.
This commit simplifies the `MeshForwarder::SendMessage()` method and
its logic for determining whether to send a multicast message to
sleepy children. We first determine whether the destination address
is link-local or realm-local all-nodes, meaning it is destined to all
nodes. Otherwise, we need to check whether each sleepy child is
subscribed to the address. We then iterate through the child table
and mark the message for indirect transmission accordingly.
This commit updates the `ip6addr -v` CLI command to provide more
information about each address including origin, prefix length, and
preferred and valid flags.
This commit adds helper methods to the `Message` class to check if the
message origin matches a specific origin. These methods are used in
the code as syntactic sugar to simplify the code.
This commit updates `MeshForwarder::SendMessage()` on FTD to check if
the message is marked for direct transmission and/or indirect
transmission to a sleepy child. If there is no pending transmission,
the message is removed.
This situation can occur if the message destination is a multicast
address larger than realm-local scope. In such a case, `SendMessage()`
skips `SetDirectTransmission()` on the message(since such message
will be forwarded using IP-in-IP encapsulation by `Ip6` module) and
assumes the message is for a sleepy child. However, if none of the
children are subscribed to this address, the message will not be
marked for indirect transmission either. Without the fix in this
commit, such messages would have remained in the `mSendQueue` and not
been removed or freed, as messages are only checked for removal after
a direct or indirect transmission attempt.
As per the mbedTLS v3.5.0 release notes:
Ref: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0
MBEDTLS_CIPHER_BLKSIZE_MAX is deprecated in favor of
MBEDTLS_MAX_BLOCK_LENGTH (if you intended what the name suggests:
maximum size of any supported block cipher) or the new name
MBEDTLS_CMAC_MAX_BLOCK_SIZE (if you intended the actual semantics:
maximum size of a block cipher supported by the CMAC module).
This commit fixes the build issue keeping the backward compatibility
intact.
This commit adds `RouterRoleTransition` nested class to `MleRouter`.
This class tracks the timeout and jitter intervals for router role
transitions, i.e., device upgrading to router role from REED or
downgrading from router to REED. It provides helper methods like
`IsPending()` and `StartTimeout()` to check if role transition
is pending or to start the timeout countdown. These methods help to
simplify the code and make it more readable.
This commit updates `RoutingManager` to include the Flags Extension
Option with Stub Router flag in its emitted Router Advertisement
messages.
Config `STUB_ROUTER_FLAG_IN_EMITTED_RA_ENABLE` can be used to enable
or disable this behavior which is enabled by default.
This commit drops UDP datagrams from an untrusted origin to TMF port.
Examples of untrusted origin:
- A process other than OT on the host sends the packet to Thread
network via platform API.
- A packet forwarded from infrastructure network to Thread network by
Thread Border Router.
OT shouldn't allow UDP datagrams from untrusted origins going to TMF
port of any Thread device.
To implement this, there's an API `otIp6SendFromOrigin`
introduced. This can be used for specifying the origin of a packet you
want to send. This commit also encapsulates the 'origin' information
in `Message::Metadata`.
This commit updates `Mle` class such that on an FED (FTD child) when
an MLE message is received, we use `FindRxOnlyNeighborRouter()` in
addition to `FindNeighbor()` before performing security check. This
ensures that the key sequence and frame counters are validated for
messages from a rx-only neighbor router.
After security check and before calling `Handle{MleCommand}()` we
clear the `neighbor` if it is a rx-only except for a subset of MLE
messages such as MLE Advertisement. This ensures that, as an FED, we
are selective about which messages to process from rx-only
neighbors.
This commit also adds a new flavor of `FindRxOnlyNeighborRouter()`
that accepts an `Mac::ExtAddress` as its input parameter.
This commit fixes typos in Doxygen documentation, ensuring that
`@param` variable names match the function/method declaration. It
also adds any missing `@param` tags and removes extra ones.
Currently, when SED sends out the Child ID request, the first data
poll goes out immediately (from the SendChildIDRequest method in
MeshForwarder (snippet A). This does not check for any failures in RCP
or SubMac (Channel Access failures or Abort which can cause Child ID
request to fail transmission). In such failure scenarios, additional
data polls are sent out (to retrieve Child ID response which seems
like wasted OTA transmissions). Request to delay the start of data
polling procedure after the Child ID request is sent successfully.
This commit updates the attach process to the same partition after
a router/REED losing connectivity to the leader. It removes the
`kSamePartitionRetry` enumerator from `AttachMode`. With this change,
after trying to attach using `kSamePartition` attach mode (with a
total of six Parent Request attempts to Routers and REEDs), the
device will switch to `kAnyPartition` attach mode. This helps to
reduce the total number of attempts before the device can decide to
take the leader role.
This commit update `BackboneRouter::Local` to be a `TimeTicker`
receiver directly instead of using the `MleRouter for this. The
`TimeTicker` callback is used to delay registration by counting down
`mRegistrationTimeout`.
This commit contains smaller changes in `BackbonRouter::Local`:
- `AddService()` now gets a `RegisterationMode` enum as its input
either decide based on current state or force registration.
- We remove the `NetworkData::Notifier::HandleServerDataUpdated()`
calls after calling `AddService()` since `AddService()` method
itself will already call this (when successfully adds the service
to Network Data)
- We also remove the extra state check before calling `AddService()`
as it is done by the `AddService()` method itself.
This commit introduces a new configuration option for the routing
manager to use heap-allocated entries in the `DiscoveredPrefixTable`,
which maintains a list of discovered routers and their advertised
on-link prefixes. This makes the implementation more flexible when
dealing with a large number of routers and/or discovered prefix
entries.
The config option `OPENTHREAD_CONFIG_BORDER_ROUTING_USE_HEAP_ENABLE`
enables this behavior. By default, it is enabled. When disabled, the
previous model, which uses pre-allocated arrays and pools, is used
instead.
This commit also updates the unit test `test_routing_manager` to track
heap allocations and validate that all heap allocations by the
routing manager are freed when it is stopped.
This commit adds the `RaFlagsExtOption` class to represent an "RA
Flags Extension" Option. It also adds code to `RoutingManager` class
to process this option in received RA messages and check whether or
not the Stub Router Flag is set. Additionally, it checks and tracks
whether or not the `M` (Managed Address) and `O` (Other Config) flags
are set in the received RA message's header.
This commit simplifies the checks to decide whether or not to call
`ProcessRouteTlv()` in `MleRouter::HandleAdvertisement()`. The whole
check is guarded by `aRxInfo.IsNeighborStateValid()`, which ensures
that we only process Route TLVs for Advertisements received from
valid neighbors. In particular, we can remove the additional checks
in the case where the device is itself `IsChild()` (i.e., acting as
an FED). In this case, `aRxInfo.mNeighbor` will be determined using
`NeighborTable::FindNeighbor()`, which checks and accepts the parent
as the only valid neighbor of the FED child.
An invalid Discovery Response that carries no Joiner UDP Port TLV will
be accepted by the joiner, but we shouldn't qualify it as a valid
joiner router since we can only open a connection with a non-zero
port.
This commit updates `Ip6::HandlePayload()` to check the `message`
pointer for null in the common flow, instead of in the `if()` block
where the message is cloned when `aMessageOwnership` is set to
`kCopyToUse`. If `aMessageOwnership` is `kTakeCustody` the `message`
is initialized as `&aMessage` already which cannot be `nullptr`.
This protects against code checker warnings that `message` may remain
null if the given `aMessageOwnership` enum value is not one of its
two defined enumerator values.
This commit excludes `ot_testing` and `__pycache__` directories when
copying the files before building the docker.
Such files are usually generated by root user and will cause errors
when copying them as a non-root user.
This commit changes openthread rcp recovery code to keep `mState` as
`kStateDisabled` if the state before recovery was
`kStateDisabled`. This is needed to avoid otbr-agent crash in the
scenario where rcp recovery is triggered before otbr initialization.
This commit sets the default value of the configuration
`TMF_ADDRESS_CACHE_MAX_SNOOP_ENTRIES` to `1/16` of the total number
of address cache entries. This ensures that the snoop entries scale
with the total number of entries.
According to the description of
https://github.com/openwrt/openwrt/pull/11559, libanl is already
included in the musl c library, so we can turn this option on.
We enable OPENTHREAD_POSIX_CONFIG_NAT64_AIL_PREFIX_ENABLE on OpenWrt
platform for better experience.
This commit updates `ForwardContext` to be `Heap::Allocatable` and
uses `OwnerPtr` to simplify the ownership (and freeing) of allocated
`ForwardContext` objects.
The default supported channel mask is set to 0x7fff000 in the default
configuration file. The dbus client test case sets the channel to 11
which is not valid in the supported channel mask. It causes the CI test
failures in https://github.com/openthread/ot-br-posix/pull/2027.
This commit updates the default supported and preferred channel masks
in the configuration file to avoid the CI test failures.
This commit contains smaller changes in `BorderAgent` class:
- Define `kUdpPort` as a private constants in `BorderAgent` class.
- Add `SendMessage()` method to send message through `SecureAgent`.
- Add `LogError()` as a method so the correct log module is used.
- Remove unused `mMessageInfo` member variable.
- Harmonize log messages.
This commit saves the MAC counter to a local variable to avoid calling
the core function Get<Settings>().Read() in radio_spinel_impl.hpp. This
is useful when spinel module is used as a lib in other projects.
This commit allows developers to set the preferred channel mask and
the supported channel mask in the configuration file. The posix
platform selects channel masks from the configuration file based on
the region code when the region code is updated.
This commit implements the packet logic in OT core. It aims to have
the same effect as what's already achieved by our iptables-based
firewall. Instead of leveraging iptables, this commit filters the
border routing packets in user space by checking the
source/destination addresses of a packet.
This commit also adds a job to do BR regression test when this feature
is enabled and iptables-based firewall is disabled.
This commit updates `HandleNetworkDataRestoredAfterReset()` which is
called when a leader device is reset and recovers the Network Data
from other routers. With the new code, leader will now check and
remove entries in the restored Network Data that are from any
currently unallocated router ID.
This change acts as a safeguard against an edge case where the leader
is reset at an inopportune time, such as right after it removed an
allocated router ID and sent MLE advertisement but before it got the
chance to send the updated Network Data to other routers.
This commit adds a separate flag to be able to turn the posix part of
multicast routing implementation off/on.
The new
OPENTHREAD_POSIX_CONFIG_BACKBONE_ROUTER_MULTICAST_ROUTING_ENABLE flag
guards the feature of posix multicast routing using MFC(multicast
forwarding cache) in MRT(multicast routing table).
The existing
OPENTHREAD_CONFIG_BACKBONE_ROUTER_MULTICAST_ROUTING_ENABLE continues
to guard the core multicast routing feature, for example handling the
MLR.req message and the multicast listeners table.
In a system where it has its own multicast routing support for packet
forwarding between Thread network and AIL, it should set
OPENTHREAD_POSIX_CONFIG_BACKBONE_ROUTER_MULTICAST_ROUTING_ENABLE to 0.
This commit adds methods to parse parameter values directly from the
url, moves the url unit test to the test/unit, and updates the url
processing methods in posix platform.
- This commit resolves inconsistency between Host and RCP channel on
scan energy when network not created.
- Added fix in MAC layer to update the channel on scan energy.
This commit updates `AddressResolver::Resolve()` to validate that the
associated RLOC16 is reachable in the sense that a valid next hop can
be found towards it, before using a matching cache entry in
`mCachedList` or `mSnoopedList`. If the RLOC16 is not reachable, the
cache entry is removed to trigger a new address query.
The core config file shouldn't be included in public API headers
because they will be included from high level project code (like
ot-br-posix) and the config file cannot be located if included here.
Adds a precise specification for the local radio clock that is at the
core of all timing-sensitive aspects of the IEEE 802.15.4 protocol
(currently mostly CSL) and refers to this definition for fields that
reference the radio clock.
Specifies the reference planes and message timestamp points for RX
timestamps, RX windows and timed TX.
Documents the Thread-specific interpretation of the CSL Phase and
derives the formula for CSL TX timestamps from it.
Based on the standard based definitions given, the TX timestamp used
for timed TX now refers to the start of PHR. This change needs to be
synchronized with the platform radio driver implementations. An
appropriate change set has been prepared for Zephyr.
This commit updates MLE to skip sending an Announce response when
receiving an Announce message from a detached/orphan device and the
included channel and PAN ID in the received Announce message are the
same as the current network's channel and PAN ID.
This commit enhances `Srp::Server` to process and commit the completed
`UpdateMetadata` entries (signaled by the "proxy service handler"
calling `HandleServiceUpdateResult()`) from a `Tasklet`. This change
is helpful in the case where the `HandleServiceUpdateResult
()` callback is invoked directly from the "update service handler"
itself. While `Srp::Server` can handle this situation, the change
makes it easier for platform implementations of advertising proxy.
In particular, it addresses an issue with the `otbr` advertising proxy
implementation. This implementation can potentially access an already
freed `Host` object. This can happen because the implementation may
hold on to the `Host` object while iterating over its `Service`
entries as advertising an earlier `Service` of the same `Host` may
fail immediately and invoke the callback directly. This would then
cause the `Host` to be freed by `Srp::Server`.
This commit updates the `check-size` script to generate a formatted
table on a branch push. The table will first include the code size
difference for all binary files, followed by the difference for all
library files. This allows us to use the `check-size` script on local
machines during development to get a full size impact report, similar
to what will be reported on the GitHub Action branch push.
This commit also generates a size report for posting on a pull request
in Markdown format. In particular, the table with the size difference
for all library files is added as a collapsible section after the
main table for binary files.
Whenever an indirect/CSL transmitted frame is being purged or replaced,
make sure that both indirect and CSL transmission attempts counts are
reset in order to avoid issues like considering a new frame as a
retransmission.
This commit implements a new module LinkMetricsManager, which utilizes
the Link Metrics feature to get the Link Metrics data from neighboring
devices.
The commit also adds a few tests to the module:
- Unit Test: tests/unit/test_link_metrics_manager.cpp, will be run in
`unit-tests` in `unit.yml`.
- Expect Test: tests/scripts/expect/v1_2-linkmetricsmgr.exp, will be
run in `expects` in `simulation-1.2.yml`.
- Simulation Test:
tests/scripts/thread-cert/v1_2_LowPower_test_link_metrics_manager.py,
will be run in `packet-verification-low-power` in
`simulation-1.2.yml`.
This commit adds a build configuration flag for the feature to set and
get device properties, which are then used to calculate the local
leader weight on a device. The feature is enabled by default on
Thread 1.3.1 or later. The new configuration flag allows OpenThread
project integrators to enable this feature on earlier versions if
desired.
This commit updates the `check-size` script and how the OpenThread
size report is generated and reported.
The size report now includes four device types:
- FTD (not acting as a BR)
- MTD (including SED)
- Border Router (BR)
- RCP
Each type uses its own example config header file (e.g., BR uses
`examples/config/ot-core-config-check-size-br.h`). These header files
specify all the OT configs and enable/disable the set of features
that make sense for the given type.
This replaces the previous model where the same set of configs were
used for all types. This change allows us to track the code size of a
typical BR build, as well as the code size of other device types.
In order to build and generate a size report for the BR configuration
example with BR-specific features enabled (such as Border Routing
Manager or NAT64), we need an implementation of the related platform
APIs that are used by these features (e.g. `otPlatInfraIf` APIs).
This commit adds mock empty implementations of these APIs, which are
only included in the size-report builds.
In multi-radio scenarios, any key sequence change currently resets the
MAC frame counter for the PHY link over which the first frame (with
new keyId and frame counter) is received. Since the neighbor key
sequence is already modified, any subsequent frame received over the
alternate PHY would have match the neighbor key sequence, but
potentially smaller frame counter, which leads to drops due to
security failure.
This commit simplifies the `Cli::Dataset` implementation by defining
an array of `ComponentMapper` structures. Each `ComponentMapper`
structure corresponds to a Dataset component, and provides the
following information:
- The component's CLI name
- A method pointer to output that component
- A method pointer to parse that component
- A pointer to the component's mIsPresent boolean flag
A new `LookupMapper()` method allows us to find (using binary search)
the entry corresponding to a given component name. This model allows
us to reuse code patterns for the main dataset sub-commands,
`mgmtsetcommand`, and `mgmtgetcommand` commands when outputting or
parsing dataset components.
This commit adds support for TCP Fast Open, without cookie management.
To add support for this, I looked at the FreeBSD codebase and brought
in some code from FreeBSD 12.0 that implements TCP Fast Open --- the
version of FreeBSD that TCPlp is based on did not fully support TCP
Fast Open.
Normally, a part of TFO is cookie management --- the server generates
a cookie and includes it in the initial handshake, and client is
expected to present this cookie on future handshakes. This part is not
yet implemented, and I changed the logic from FreeBSD to allow data to
be exchanged in the TFO handshake even if the client does not present
a cookie. If we implement this functionality for TFO later, it is
probably worth departing from FreeBSD's data structures and policies
for maintaining cookie state in favor of something that is simpler and
more memory-efficient.
The CLI interface for the posix daemon ise useful for testing and
debugging but may not be useful for release/user builds. on size
sensitive plaforms such as Android, disabling the daemon CLI will
reduce the ot-daemon binary size by around 150 KB.
So this commit defines config
"OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE" to make the daemon CLI
interface optional.
This commit enhances the DNSSD Server by updating how it stores and
tracks information when trying to resolve a received query using a
discovery proxy.
The previous approach used a fixed-size array to retain information
for pending proxy queries. The new approach uses the already
allocated `Response.mMessage` and appends the newly defined
`ProxyQueryInfo` struct to it. The `ProxyQueryInfo` struct specifies
all the information we need to track associated with a query.
`ProxyQuery` message entries are placed in a message queue waiting
for a callback from the proxy. Once a callback is received, the
`ProxyQuery` message is converted back to a `Response.mMessage` and
response is prepared and sent. The new approach removes the
restriction on the number of outstanding proxy queries and simplifies
the code.
This commit also updates the `Response` to use `OwnedPtr<Message>` to
track the allocated response message (`mMessage`). This simplifies
the logic for freeing the message in case of errors. It also helps to
make it easier to track ownership transfers of the message. For
example, if `ResolveByProxy()` successfully takes over the message to
use as a `ProxyQuery`, the owned pointer (`mMessage`) in the
`Response` class is cleared, ensuring that the response is not sent
immediately and the message is not freed. Overall, `ProcessQuery()`
method becomes simpler, as we can now decide whether or not to send
a response based on whether or not `mMessage` is nullptr.
This commit simplifies and enhances the DNSSD Server implementation:
- A new method, `ParseQuestions()`, has been added to process the
questions in a received `Request` message and determine the
`QueryType`.
- The processing and appending of the query DNS name has been
simplified. The query name is now read and copied label by label
from the `Request` message into the `Response`. When matching the
name against SRP entries, the names are compared with the query
name directly as it is encoded in the `Response` message using the
`Dns::Name::CompareName()` method. This approach is more flexible
and simpler, and it works for all query types and name formats,
including service instance names where the first label can itself
contain a dot (`.`) character. This simplification allows us to
remove the helper functions that were previously used to parse the
query name and deal with the ambiguity that arises when service
instance names are read as strings of dot-separated labels.
- The management of offsets for DNS name compression has also been
simplified. A new method, `Response::ParseQueryName()`, has been
added to validate the query name (e.g., that it contains the
correct domain) and determine all offsets.
- The `ResolveBySrp()` method has also been simplified using query
type and the newly added flavors of `Append{Ptr/Srv/Txt}Record()`
methods.
- Finally, this commit adds the `Dns::Name::ExtractLabels()` helper
method, which extracts label(s) from a full DNS name string by
first checking that it contains a given suffix name (e.g., the
suffix name can be a domain name or a service name) and then
removing it, returning the label(s).
This commit updates the `GenerateEnhAck()` method to add checks to
validate the received frame before preparing the ACK. These checks
are added as a safeguard in case the caller (radio platform
implementation) does not validate the received frame before calling
this method to generate the ACK.
Specifically, the checks verify that the received frame is using the
2015 version, has the "Ack Request" flag, has a valid source address
(which is used as the destination in the generated ACK), and has a
valid destination address that is not broadcast. The checks also
verify that if the received frame is secured, it uses security level
`kSecurityEncMic32`.
The commit also simplifies the code by using `InitMacHeader()` to
prepare the header and addresses. Enhanced ACK frames always have a
destination address and no source address (to keep the frame
shorter). If the received frame has a source PAN ID, it is used in
the ACK frame. If it does not, the code checks if the received frame
has a destination PAN ID and uses that in the ACK frame.
This commit reorganizes the MLE constants that were previously defined
in the `mle_types.hpp` header file.
Global constants (those that are used by multiple classes) are kept in
`mle_types.hpp`. Other constants are moved to the specific class that
uses them. For example, many of the delay and timeout definitions are
now defined in the `Mle` and `MleRouter` classes as `private`
constants.
Some of the constants are renamed to simplify or shorten their names,
or to make it clear how they are used. Also, some of the time interval
constants are now defined directly in milliseconds (avoid using
`Time::SecToMsec()`).
This commit updates the `InitMacFrame()` method to allow the caller to
specify whether the source or destination PAN IDs are present or not.
It also handles all cases related to PAN ID compression as defined by
IEEE 802.15.4-2015. While these cases are not used by the Thread
stack itself, adding them to `InitMacFrame()` makes it more capable
allowing future use-cases of this method such as generating enhanced
ACKs based on a received frame.
The `test_mac_frame` unit test has been updated to cover the newly
added cases.
This commit adds an RTT implementation for the cli uart api. This can
be enabled using the `OT_RTT_UART` flag for cmake or
`OPENTHREAD_ENABLE_RTT_UART` for make.
This commit updates the type of parameter `status` in
`otLinkMetricsReportCallback` and `otLinkMetricsMgmtResponseCallback`
from `uint8_t` to `otLinkMetricsStatus` for better readability.
This commit updates the `ApplyDirectTxQueueLimit()` method. We mark
the "do not evict" flag on the newly queued `aMessage` so that it
will not be removed from `RemoveAgedMessages()`. This protects
against the unlikely case where the newly queued `aMessage` may
already be aged due to execution being interrupted for a long time
between the queuing of the message in `SendMessage()` and the call to
`ApplyDirectTxQueueLimit()`. This protects against the message being
potentially removed and freed twice.
This commit updates the `CheckForHostNameAlias()` method to handle the
case where the response may include multiple CNAME records. For
example, host name mapped to another name which is itself mapped
again. In order to detect CNAME record loops, we limit the number
of CNAME record name changes to `kMaxCnameAliasNameChanges = 40`.
In `LeaderBase::RouteLookup()`, OT currently checks the source address
of the packet to ensure it matches any of the Prefix TLV in leader's
netdata. Actually it should also verify that the Prefix TLV has a
Border Router sub-TLV.
In the current implementation, OT may wrongly send/forward a packet to
BR when its source address matches with a Prefix TLV which only
contains an External Route sub-TLV. This lets BR accidentally forward
packets from Thread to infra network. For example, a packet from
Mesh-Local address to On-Link address will be wrongly forwarded to
infra network.
I recently noticed this problem because we're now using either
`fc00:/7` or `::/0` for external routes in netdata, which always
matches Mesh-Local source addresses and makes the issue more obvious.
This commit contains changes and enhancements in the DNS-SD
server/resolver class `Dns::ServiceDiscovery::Server`.
- It defines `Request` and `Response` structures, which contain all
related information for a DNS query request and response. These
structures simplify the code by encapsulating all the related
information in one place.
- The `Response` class provides methods for preparing the response,
such as appending records, DNS names to the response, or checking
the questions or updating the header. These methods replace the
previous `static` methods, which required all the information to be
passed as input parameters.
- The `QueryTransacation` type is simplified by declaring it as a
subclass of `Response`. It inherits all the helper methods from
`Response`. Other previously defined `static` methods are now
defined as methods of `QueryTransacation` (such as `CanAnswer()`).
- `ResolveBySrp()` and its related methods now directly populate the
DNS response code in the `Response` DNS header instead of returning
it.
- `ResolveBySrp()` is updated such that if a failure is encountered
when preparing the answer section, no further processing is
performed. This ensures that a previous failure `rcode` is not
overwritten. When preparing the additional section, certain
`rcode` failures are allowed, such as if the DNS name is not found.
- The processing of `Timer` is simplified, using `FiretAtIfEarlier()`
and determining next expire time from `HandleTimer()`.
- This commit also adds an empty implementation of the `otPlatDns{}`
functions (used with `OPENTHREAD_CONFIG_DNS_UPSTREAM_QUERY_ENABLE`)
under the simulation platform.
When `ResolveByUpstream()` returns an error, we ensure that the error
is cleared so that the transmission of the DNS response (with
`kResponseServerFailure` rcode) is not skipped at the `exit` label.
Current implementation of RestoreProperties() assumes there's always a
networkInfo structure stored in the settings. But, it's possible the
RCP device needs to be recovered before this structure is populated.
Signed-off-by: Axel Le Bourhis <axel.lebourhis@nxp.com>
After recent reference device release, two THCI issues
have been found.
This commit adds `"` around command arguments that have
escapable characters (like `ot networkname aa\ bb`),
and skips lines containing only ANSI escape codes
in commissioning logs.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
This commit changes the `protected` declarations in the `Mle` class to
be `private` since `Mle` class and its subclass, the `MleRouter`, are
declared as `friend` classes.
The commit also re-arranges the `private` definitions in the `Mle`
class into five sections: constants, enumerations, nested classes,
methods declarations, and member variable definitions.
With the change to `private`, this commit also removes the redundant
documentation of methods.
This commit updates the `Mac::TxFrame::GenerateEnhAck()` method to
check the security level of the received frame. If the security level
is not `kSecurityEncMic32`, it will return `kErrorParse`. This should
help prevent radio platform implementations from trying to perform tx
security on an invalid generated enhanced ack frame. Specifically, it
can help prevent radio platforms from calling `ProcessTxSecurity()`
on an enhanced ack frame with a security level of `kSecurityNone`
which can cause an assert in `AesCcm::Init()` due to the tag length
being zero.
This commit updates the `TrickleTimer` to allow `IntervalMax` and
`IntervalMin` to be changed while the timer is running. In particular,
when `IntervalMax` is changed to a value that is shorter than the
current interval being used by the timer, the timer will adapt the
new shorter interval and may fire immediately.
A unit test `test_trickle_timer` has been added to validate the
behavior of `TrickleTimer` in detail. All different scenarios where
`IntervalMax` or `IntervalMin` are changed are covered by the
unit test.
The new mechanism to change the trickle timer `IntervalMax` is
used to update the MLE Advertisement trickle timer. The `IntervalMax`
is determined based on the number of router neighbors of the device
with link quality 2 or better. If the device has fewer router neighbors,
it will use a shorter `IntervalMax`. As new links are established
with routers, the `IntervalMax` is recalculated and updated on the
Advertisement trickle timer.
This commit also adds a new test `test-024-mle-adv-imax-change.py` to
validate updates to the `IntervalMax` value based on the number of
router neighbors.
Co-authored-by: David Smith <david.smith@mmbnetworks.com>
This commit adds `SetIfIndex` method to `RoutingManager` class. This
method allows the infrastructure interface to be changed. The user may
initialize multiple interfaces and choose one interface as
infrastructure interface. During run time, there might be some
networking congestion or other network issue. The user can change the
infrastructure interface via this function.
This commit also adds docs for the `init` command.
This commit updates `CommitSrpUpdate()` to ensure that `aHost` is
freed when granted key lease is zero and host is fully removed.
This commit also updates unit test `test_srp_server` (which checks the
heap allocations by server) to cover the situations where client sends
an update to remove host and all its services with or without
clearing key-lease.
This commit updates and enhances the specification of OT core config
header files. It adds `OPENTHREAD_PLATFORM_CORE_CONFIG_FILE`, which
can be used by platforms to provide a core config header file name.
The project and platform specific config header files are included in
the following order:
1. Project specific header (`OPENTHREAD_PROJECT_CORE_CONFIG_FILE`)
2. Platform specific header (`OPENTHREAD_PLATFORM_CORE_CONFIG_FILE`)
3. Default config values as specified by `config/{module}.h`
CMake config options `OT_PROJECT_CONFIG` and `OT_PLATFORM_CONFIG` are
also defined, which can be used to specify project and platform
config headers. Platforms can define a default config header for
`OT_PLATFORM_CONFIG`. The existing `OT_CONFIG` CMake option is marked
as deprecated (with a warning message which recommends use of the new
configs).
This commit also updates the default simulation and POSIX core config
headers to remove extra Doxygen-style documentation and ensure that
all definitions have an `#ifndef` guard check.
This commit defines two types to track challenge or response TLV data
in MLE messages:
- `TxChallenge` represents the maximum-sized challenge data to include
and send in MLE messages. OpenThread always uses the maximum size
of 8 bytes for challenge data in the messages it sends.
- `RxChallenge` represents variable-length challenge data read from a
received MLE message.
The two separate types help to simplify their use in code.
This commit updates public APIs for getting and setting CSL period to
use microseconds unit instead of the internal ten symbols unit. This
makes the APIs easier to use.
The CSL APIs have been renamed to follow the `otLinkGet/SetCsl{Item}()`
pattern, which is the common naming style of OpenThread. This
renaming will make the APIs more consistent and avoid potential
confusion with the now-removed APIs, which used a different unit for
CSL period.
This commit also updates the related CLI CSL commands:
- The `csl period` expects the given period to be in microseconds.
- The `csl` command (which outputs all CSL parameter) shows the CSL
period in microsecond unit (e.g., "Period: 160000us").
The NCP spinel `SPINEL_PROP_THREAD_CSL_PERIOD` is also updated to use
microsecond unit for CSL period.
The related test script are updated to use the new unit, in particular
the test harness `setCSLperiod()` in `harness-thci/OpenThread.py` is
updated (no need to convert from msec).
This commit simplifies the `Sever::RemoveHost()` method by removing
the input parameter `aNotifyServiceHandler`. This is because, unlike
the `RemoveService()` method, the `RemoveHost()` method always needs
to notify the service handler.
`NETLINK_EXT_ACK` and `NETLINK_CAP_ACK` are for getting netlink reply
details from the kernel and we can still function without the two
options.
This commit loose the check of enabling the two options to make
ot-posix works on platforms where the features are missing.
This commit fixes the name of the vendor supplied target to
OT_POSIX_CONFIG_RCP_VENDOR_INTERFACE so that this target name and the
misspelled target name do not both need to be defined by vendors.
This change updates the mechanism used by vendor.cmake to include a
cmake file to define the required vendor targets used by the rcp
vendor interface library instead of the find_package command that was
previously used.
The find_package command would allow for a package to be searched for
and a target to be linked unconditionally if defined by the CMake
project. This would lead to problems if the target was already
defined, perhaps as a subdirectory of a super project, and the cache
variable is still set for the openthread build. Additionally, this
change also brings the vendor extension of the posix library more in
line with the cli vendor extension, which was created after
find_package was used in vendor.cmake.
This commit simplifies the `MleRouter::HandleChildIdRequest()` method
by directly tracking the list of MLE TLVs to be included in the
response in a `TlvList`. This replaces the previous approach of using
boolean flags to track which TLVs should be included. The use of
`TlvList` also protects against the case where the child may have
included the same TLV type in the "TLV Request TLV" and ensures
that we do not include duplicate TLVs in the response.
Currently to support Link Metrics Subject, we pre-allocate 128
entries. But this is unnecessary for MTD since it will only have one
neighbor. This commit minimizes the number to 2 - one for Enhanced-ACK
Probing and one for Forward Tracking Series.
This commit simplifies the definition of CMake configurations by
adding new macros:
- `ot_string_option` for string-valued options (`OT_VENDOR_NAME`)
- `ot_int_option` for int-valued options (`OT_MLE_MAX_CHILDREN`)
- `ot_multi_option` for multi-valued options (`OT_LOG_LEVEL`)
The option definitions have also been moved to the `options.cmake`
file from `./CMakeLists.txt`.
This commit updates `Dns::ServiceDiscovery::Server` such that when
answering a PTR query with more than one answer, it does not include
additional records. This is to keep the size of the response small.
This commit also updates the test scripts validating browse (PTR
query) function to check the new behavior. In particular, a common
python function `_parse_dns_service_info()` is added to parse service
info in CLI output of "dns browse" or "dns service" commands and
handle if output of "dns browse" does not include service info.
This commit fixes the netlink ACK error logging by extracting error
messages from the `NLMSGERR_ATTR_MSG` attribute. The key point is that
the error code in the `nlmsgerr` header is not necessary `errno` and
can't be used with `strerror()`.
This commit adds support for the Advertising PIO (AP) flag in Network
Data `ExternalRoute` entries. It also updates the `RoutingManager`
class to set the AP flag on its published Network Data route when the
local on-link prefix is included as PIO in emitted RA messages, which
is equivalent to when the local on-link prefix is being published,
advertised, or deprecated.
This commit also updates the `test_routing_manager` unit test to
validate the AP flag in the published route under different
scenarios.
This commit removes the unnecessary Doxygen-style documentation of
used configuration options from toranj config header files. This
makes the test-specific config header simpler and avoids confusion
with the main config parameters documentation, which is included in
the corresponding `src/config/<name>.h` header files.
This commit adds command to install `prettier@2.0.4` from the
Bootstrap step in `pretty` job of `build.yml` GitHub Action workflow.
This should help with occasional failure of `pretty` check.
This commit adds `SetState()` method to the `OnLinkPrefixManager`
class. This method allows the state of the on-link prefix manager to
be changed in a single place, which simplifies the logging and makes
it easier to take additional actions on state change. For example,
the `SetState()` can be used to update the Advertising PIO (AP) flag
in the published route in Network Data.
For the RCP waiting response timeout handle logic, the error code of
processing `WaitResponse()` will be checked, if there is no error, the
function `ResetRcp` will return with a log "Software reset RCP
successfully". But the implementation of the `WaitResponse` it will
always return OT_ERROR_NONE even if waiting response timeout.
This commit returns `OT_ERROR_RESPONSE_TIMEOUT` on response timeout.
This commit updates and simplifies how `Srp::Server` stores the
sub-type services. The earlier implementation treated each sub-type
as its own service, which was tracked by a `Service` object. This
design allowed sub-type services to be registered and deleted
individually. However, the latest SRP RFC draft requires SRP servers
to treat updates to a service and all its sub-types as atomic. This
means that when a service and its sub-types are being updated, the
SRP Update message must contain the entirety of information about
that service and its sub-types. As a result of this change, we can
simplify the server implementation by tracking sub-types as an array
of sub-type names in the `Service` object.
This commit also updates the way the server commits a received SRP
update info into its existing data. Previously, the server would try
to merge the new information into existing `Host` and `Service`
objects. However, this could be inefficient, as it would require
moving heap-allocated items like "txt data" and/or array of host IPv6
addresses from one object to another. The new `CommitSrpUpdate()`
implementation now starts from the new `Host` object that is
constructed as the received SRP Update message from the client is
parsed. Any previously registered services that are not present in
the new `Host` object are then moved into it.
This commit adds new public OT APIs for retrieving the sub-types
associated with a service and making it easier to iterate over the
list of registered services by a host. Due to fundamental changes in
how services are stored by the `Srp::Server` class, some existing
public `otSrpServer` APIs for filtering and iterating over services
are being removed.
Processing of the Key Sequence is happening after each individual MLE
command processing, which leads to generating MLE responses with
outdated Key Sequence.
Make sure that the new greater Key Sequence is applied before
generating any MLE response.
A test case is updated to catch the case in which fragmented Child Id
Response was generated with the old Key Sequence whereas each
individual MAC fragment is already updated with the new Key Sequence,
leading to a security error.
This commit adds the ability to collect statistics on the time
messages spend in the TX queue.
When enabled, a histogram of the time-in-queue is collected. The
time-in-queue is tracked for direct transmissions only, and is
measured as the duration from when a message is added to the TX queue
until it is passed to the MAC layer for transmission or dropped.
The histogram data consists of a number of bins, each representing a
range of time-in-queue values. The bin interval length and maximum
tracked interval can be configured using newly added configuration
options.
This commit also adds a new public OT API and a related CLI command
(`timeinqueue`) to get the collected statistics or reset the data.
This commit contains multiple changes to Network Diagnostics
modules.
It adds new TLVs: Child TLV, Child IPv6 Address List TLV, Router
Neighbor TLV and MLE counters TLV.
Child TLV contains information about a child entry including RLOC16,
extended MAC address, mode (rx-on-idle, FTD/MTD, full netdata,
CSL-sync), timeout, age, supervision interval, CSL period and
timeout, and link quality info such as RSS (last and average) and
frame/message error rates. Neighbor TLV provides similar info for a
router neighbor. The Child IPv6 Address List TLV allows to query a
parent to get the list of IPv6 addresses registered by its MTD
children.
The new Child and Neighbor TLVs can be requested in Network Diagnostic
Get Query "d/dq" message to a router (unicast) or multiple routers
(multicast). The router responds with one or more Network Diagnostic
Get Answer "d/da" messages.
We allow multiple Answer messages to be sent in response to a Query.
This is to support the case where a router has many children, and we
want to avoid sending a large message that contains all of the TLVs
for all of the children. Instead, we can send a sequence of Answer
messages, each of which contains a subset of the TLVs.
Each Answer message includes an Answer TLV that indicates the index of
the message in the sequence. The first Answer message has an index of
0, the second has an index of 1, and so on. The Answer TLV also
indicates whether the message is the last one in the sequence, or if
there are more Answer messages to come. Answer messages are sent in
sequence, and the next one is not sent until we receive a successful
CoAP ACK/response for the previous one.
This commit adds a Query ID TLV (with a 16-bit identifier as it
value) that can be optionally included in a Query message. The Query
ID is echoed back in all Answer messages associated with the same
Query message. This allows a node that sends multiple Queries to
distinguish between the received Answers.
This commit updates `MeshDiag` to use the newly added TLVs
to query the child table or children IPv6 addresses of a router.
New public OpenThread APIs under `otMeshDiag` are added for this,
along with CLI commands and their documentation. A test-case is added
to validate the newly added mechanism.
This commit changes the `Time::GetDistantFuture/Past()` methods to
exclude the ambiguous time value which is half range `(1 << 31)`
apart. The returned value is now `(1 << 31) - 1` apart. This ensures
that `Min(now.GetDistantFuture(), now)` is well-defined and the same
as `Min(now, now.GetDistantFuture())`. This commit also updates
`test_timer` to validate this.
This commit simplifies scheduling of `mJoinerExpirationTimer` by using
`FireAtIfEarlier()` when adding or updating a `Joiner` entry instead
of recalculating the fire time. When a `Joiner` entry is removed, we
keep the timer unchanged and let it be rescheduled when the currently
scheduled timer expires. The next expiration time is determined in
`HandleJoinerExpirationTimer()`, which ensures that all expiration
times are strictly after `now` and avoids any potential issue with
the order of comparison between `now` and `next` being
`now.GetDistantFuture()`.
This commit updates the `RoutingManager::PdPrefixManager::Process()`
method to `Tidy()` the prefix before setting the prefix length and
potentially extending the prefix to `kOmrPrefixLength` (64 bits).
This ensures that extended bits in the prefix are set to zero.
This commit updates the NCP code to set the timeout field in spinel
`SPINEL_PROP_THREAD_ADDRESS_CACHE_TABLE` as zero when in ramp-down
mode. This ensures that the behavior of the NCP remains unchanged and
that test cases like `ncp/test-039-address-cache-table-snoop.py`,
which expect the timeout to reach zero, to pass.
Address resolver retry delay determines how long the device needs to
wait after a failed address query for a target address to allow a
next query attempt. This is tracked per target (in `CacheEntry`).
The retry delay starts with an initial value (15 seconds). If
consecutive queries fail, the retry delay doubles each time, up to a
maximum value (120 seconds). In the current code, the retry delay is
only reset to the initial value after a successful address
resolution.
This commit implements a new mechanism to reduce the retry delay over
time when there is no activity (no queries for the target address).
The ramp-down countdown starts after a previous retry delay has
expired. If no query is requested within the maximum retry delay
interval (120 seconds), the retry delay is divided by two. This
process is repeated until the retry delay reaches the initial
(minimum) value.
If a query is requested during the ramp-down process, the ramp-down is
stopped. The next actions are determined based on whether the query
is successful or fails. If the query is successful, the retry delay
is reset to the initial value. If the query fails, the retry delay
timeout is applied and the ramp-down process is started again after
the retry delay duration has expired.
This commit also updates the `test-014-address-resolver` to validate
the newly added ramp-down behavior.
This commit updates how `RoutePublisher` determines the published
route preference:
- Medium preference is used on a border router (BR) acting as a router
or a BR acting as an end-device (ED) connected to a parent with
link quality 3.
- An ED BR with lower link quality publishes its route with low
preference.
For ED BRs, the preference is updated if the parent's link quality
changes. However, to avoid frequent preference changes due to link
variability, the following rules are used:
- If the link quality goes to 1 or 2, the route preference is
immediately changed to low.
- On transition to link quality 3, we wait for 5 minutes before
changing the preference to medium.
- If the ED BR switches parents, the link quality to the new parent is
used to determine preference.
It also adds new APIs and related CLI commands to allow users to get
and manually set the published route preference. A new test script
`test-021-br-route-prf.py` is added to validate the selection of
route preference by BR.
This commit also adds a new mechanism to detect when the link quality
to the parent changes and signal it using a newly added `Notifier`
event.
This commit adds a mechanism to delay the downgrade of routers or
leader when the security policy TLV changes in the Active Operational
Dataset such that the device is no longer eligible to act as a
router.
If the decision to become a child is made due to a security policy
change, the device first delays a random period up to the "router
selection jitter" before downgrading. If the device is the leader, an
additional fixed delay of 10 seconds is added to the random period.
If the security policy changes again while the device is waiting to
downgrade such that it becomes router-eligible again, the downgrade
is cancelled and the device remains in its current role.
This commit adds a `test_router_downgrade_on_sec_policy_change` to
validate the behavior of newly added mechanism.
This commit also updates the CLI `dataset` sub-commands to allow
getting and setting the "version threshold for routing" (VR) field in
security policy.
This commit adds the `otDnsEncodeTxtData()` public API, which encodes
a given list of TXT record entries (key/value pairs) into TXT data
(following the format specified by RFC 6763). The decoding of TXT
data was previously provided by the `otDnsGetNextTxtEntry()` API.
Fix compilation error mbedtls_base64_encode not defined when compiling
with MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED disabled.
The logic for including the mbedtls/base64.h header file is doing the
wrong define check.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This commit adds a new mechanism to detect when Network Data (local or
leader) becomes full. When this happens, a callback function is
invoked. This callback function can be set using a newly added OT
API. The callback is invoked whenever:
- The device is acting as the leader and receives a Network Data
registration from a Border Router (BR) that it cannot add to
Network Data (running out of space).
- The device is acting as a BR and new entries cannot be added to its
local Network Data.
- The device is acting as a BR and tries to register its local Network
Data entries with the leader, but determines that its local entries
will not fit.
The `OPENTHREAD_CONFIG_BORDER_ROUTER_SIGNAL_NETWORK_DATA_FULL` config
controls the new mechanism and its API. It is enabled by default when
`OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE` is enabled.
This commit also adds CLI support for the new mechanism and adds a
test case to validate its behavior.
This commit updates the `Srp::Server` class to correctly handle the
case where a service is registered with a dot character in its
service instance name. The first label in a service instance name is
intended as a user-friendly name and can contain dot characters
(it has fewer restrictions than other labels in a DNS name).
In particular, this commit contains the following changes:
- The `PtrRecords::ReadPtrName()` method is used in `Srp::Server` to
read and validate the first label and the rest of the labels
separately. This also validates the format of the parsed PTR
record.
- The `Service::Description` class now remembers the instance label in
addition to the full instance name. This allows the instance label
to be easily retrieved.
- The `Dns::Name::ReadName()` method is updated to only verify that
the labels after the first label do not contain any dot characters.
This allows it to be used to read instance service names.
- The tests are updated to validate the behavior of the SRP server
when the instance label contains a dot character.
This commit updates the unit tests that emulate the radio platform API
to define `otPlatRadioGetCaps()`, which returns the ACK_TIMEOUT and
CSMA capabilities. This is to avoid having CSMA being implemented by
the `SubMac`, which then uses the microsecond timer that is not
emulated in the unit test platform.
It also updates the `InitTest()` function to clear the radio platform
variable `sRadioTxOngoing`. This is to avoid the possible
(though unlikely) situation where an earlier test finishes in the
middle of a transmission, causing an extra `TxDone` event in the
following test.
This commit adds two new methods, `SignalUnicastAddressChange()` and
`SignalMulticastAddressChange()`. These methods signal changes to
unicast or multicast addresses to the `Notifier`, `HistoryTracker`,
and user address callback.
Fix the behavior of `Mac::SetEnabled` for also enabling/disabling
the radio.
This ensures that the radio is turned off when `otLinkSetEnabled(false)`
is used.
This commit updates the cli command of TCP benchmark so that the
result of TCP benchmark could be queried any time. This enables test
scripts to automate TCP benchmark test. Currently the command `tcp
benchmark` is asynchronous and return immediately. If we use `ot-ctl
tcp benchmark` on posix, it's hard to fetch the test results. With the
newly added command, we can write a script to poll and get the result.
This commit implements time counting in radio to collect the time when
radio is in sleep/tx/rx time. 2 new APIs are added to get and reset
the statistics. This feature is only available on FTD and MTD. This PR
also adds cli commands to call the APIs on example cli firmware. This
feature is by default disabled in OT core config. It's enabled on
simulation platform by default now.
Regarding implementation, this feature is totally implemented by
software. It uses a simplified model to calculate the time. It may
not be very accurate, but it should be enough to give us an overview
of the time.
The `SpiFrame` is used by `ncp_spi.hpp` and `spi_interface.hpp`. This
commit moves the `SpiFrame` implementation from `ncp_spi.hpp` to
`spi_frame.hpp` as a dependent module.
This commit adds the `config/mesh_forwarder.h` header file, which
defines all of the configurations used by the `MeshForwarder`.
These configs were previously included in `misc.h`.
The `MultiFrameBuffer` is not only used by `hdlc.hpp`, it is also used
by `spi_interface.hpp` and `radio_spinel.hpp`. This commit moves the
`MultiFrameBuffer` implementation from `hdlc.hpp` to
`multi_frame_buffer.hpp` as a dependent module.
This commit adds a new mechanism to send a unicast MLE Link Request to
the device's former parent if its version is earlier than 1.3.0, when
the device is promoted from a child to a router role. This is to
address a potential compatibility issue with some non-OpenThread
stacks which may ignore MLE Advertisements from a previous/existing
child.
This commit updates toranj `build.sh` script to use Thread version
1.3.1. This ensures that we can cover features that are restricted to
this version in `toranj` test-cases.
Improve logging in CSL debug mode by properly calculating the drift
of the received frame compared with the established CSL sample time.
The new log also shows what was the accepted margin for the drift at
the reception time, and increases the logging level when the drift
is outside the margin.
Neither kCslReceiveTimeAhead or kMinReceiveOn* are considered for
the margin since they have no impact on understanding possible drift
errors between transmitter and receiver.
This commit restricts the `otDeviceProperties` functionality to
OpenThread builds with `OT_THREAD_VERSION` set to `1.3.1` or later.
This functionality was added in PR #8670 and is used to calculate and
set the local Leader Weight on the device based on its properties,
such as power supply configuration and whether or the device is
acting as a Border Router, etc.
This commit fixes the check for CMake `OT_THREAD_VERSION` against
different version strings ("1.1", 1.2", "1.3", and "1.3.1"). The
previous check used `EQUAL`, which would do a numerical match and
would treat `1.3` and `1.3.1` as equal. This commit changes the check
to use `STREQUAL`, which does a string match and will correctly
distinguish between `1.3` and `1.3.1`.
This commit also adds new `message(STATUS)` commands to output the
selected Thread version. This makes it easier to see which version of
Thread is being built.
This commit adds the following new API:
- otBorderRoutingProcessIcmp6Ra
And related APIs:
- otBorderRoutingDhcp6PdSetEnabled
- otBorderRoutingGetPdOmrPrefix
They are used to support the DHCPv6 PD on Thread Border Routers. On a
typical OS, the DHCPv6 Client of the platform network stack will
request a IPv6 subnet via DHCPv6-PD, then invoke the daemon for
sending router advertisements on the given interface.
With this commit, the RA will be catched by the processTransmit in
netif.cpp, which will then pass the message to
otBorderRoutingAddPrefixByRouterAdvertisement, RoutingManager will
then add the prefix according to the PIO in the router advertisement,
and take care of the lifetime of the prefix added.
This commit adds two changes to the `Tlvs` class:
- A new method, `FindTlvValueStartEndOffsets()`, has been added to
find the start and end offsets of a TLV value within a `Message`.
This method is useful for code that needs to find the value of a
TLV and then search within that value.
- The unused method, `FindTlvOffset()`, has been removed. This method
was previously only used by the `Tlvs` class itself.
This commit adds all Spinel interface functions to the `SpinelInterface`
as pure virtual functions and inherits all Spinel interfaces from
`SpinelInterface`, so that the Thread Network HAL can dynamically
create the Spinel interface based on the configuration of the radio URL
in Android. This commit also removes the macro guard from the Spinel
interface header files.
This commit moves BBR and DUA related constants to the related source
files (from `mle_types.hpp`). Additionally, unused constant variables
are removed. Some of the constants are renamed to make the definition
more clear.
This commit contains the following changes in the `Sntp::Client` class:
- The `Header` and `QueryMetadata` classes are moved to be internal
(nested) classes of `Client`.
- The `Header` constructor is removed and replaced with an `Init()`
method. This is to avoid unnecessary initialization of a `Header`
instances when reading it from a received message.
- The `QueryMetadata` constructor has been removed.
- The `QueryMetadata` uses `Callback<>` for `ResponseHandler`.
We should notice that the default CIDR (`192.168.255.0/24`) is not
safe to use, however, in most cases, the CIDR used can only be
determined during runtime since the single binary might be distributed
to BRs in different network conditions. And we cannot conclude an
always safe CIDR in all conditions.
This commit will emit an event when NAT64 CIDR is changed. So the
platform driver can update the route for NAT64.
Currently if we call `ScaleRawValueToRssi` with value 0 or 1, the
result is incorrect. Because it tries to static_cast `-130` or `-129`
to `int8_t`. I think it's not worthwhile to widen int8_t to int16_t
only for the 2 corner cases. So I prefer returning the smallest value
-128 for the 2 cases.
tcsetattr() fails on mac OS when a non-standard baudrate,
such as 1000000, is used. There is a separate ioct() that
accepts non-standard baudrates though.
This commit updates logs in the `RoutingManager` module:
- The log module name is changed to "RoutingManager".
- State changes are logged (enabling, disabling, starting, etc.).
- The `ScheduleRoutingPolicyEvaluation()` log will show the delay in
both milliseconds and "<mm>:<ss>.<msec>" format(e.g. `05:15.234`).
- Logging of PIOs and RIOs are harmonized (when preparing RA to send
or processing a received RA).
- Local on-link prefix logs are harmonized in `OnLinkPrefixManager`.
- `RsSender` logs are simplified.
This commit adds template `Fill<ObjectType>(ObjectType &aObject)`
functions for both `Crypto` and `NonCrypto` random number generation
modules. These functions fill a given object with random byes.
The CSL present flag was not cleared in the frame structure,
causing that the MAC security was not be processed for Key
ID Mode 2 frames. Consequently, MLE Announcements would be
rejected by the sub-MAC layer after a CSL receiver detached
from its parent.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
The default Thread interface name `wpan0` has been occupied by
other programs in Android. Thread network has to use other
network interface name. Then users have to specify an interface
name when they are using the command `ot-ctl`. It's very inconvenient.
This commit adds a configuration for developers to set the default
Thread interface name.
This commit adds `MacFilter` CLI sub-module that implements all
"macfilter" sub-commands. It also simplifies the implementation by
adding a common `OutputFilter()` method that can output either the
Address filter, the RSS filter, or both.
This commit adds a new helper method `OutputNat64Counters()` which
outputs a table row for NAT64 counters (4to6/6to4 packets/bytes).
This helps simplify the `nat64` commands.
The requirement in the code comments is not completely accurate wrt to
the example implementations. As such, the requirements are updated to
match what is implemented for the posix platform.
It is difficult for testers to know whether the stack has been
automatically restarted in the background. This commit adds an
instance id to indicate whether the stack has been restarted.
The instance id is set to a random value when the OpenThread
instance is constructed and its value will not change after
initialization.
This commit adds `otDnsClientResolveServiceAndHostAddress()` function
as a new DNS Client API. This function starts a DNS service instance
resolution for a given service instance, with a potential follow-up
address resolution for the host name discovered for the service
instance (when the server/resolver does not provide AAAA/A records
for the host name in the response to SRV query).
In order to test the behavior of the newly added function, `TestMode`
in `Dns::ServiceDiscovery::Server` is updated to add a new mode where
no RR is added in the Additional Data section of a DNS query response.
This commit adds a related CLI command for the new API and updates
`test_dns_client` to validate the behavior of new API using the new
`TestMode` on `Server`.
This commit adds the `OmrPrefixManager` class to the `RoutingManager`.
The `OmrPrefixManager` class manages OMR prefixes. In particular, it
determines the favored and local OMR prefixes, and decides when/if to
add/remove the local OMR prefix to/from Network Data.
Existing `kMinCslWindow` does not account for needed radio on time
before MHR. Solve it by splitting the configuration option into both
ahead and after minimum times.
This commit adds new logs to `HandleRcpTimeout()` when an RCP timeout
occurs during initialization. This error is often incorrectly
reported as a bug, but it is usually caused by an incorrect
configuration or a bad RCP image. The new logs aim to provide
information and hints to the user about the cause of the error.
This commit updates the `MleRouter` to echo back the "Supervision
TLV" in MLE Child ID Response message when it is included in
MLE Child ID Request by a child.
This commit adds a new mechanism to update the default route flag on
the local OMR prefix based on whether or not the BR is publishing
the `::/0` external route prefix.
When `RoutePublisher` (the component that determines which route
prefix to publish) decides to publish/unpublish the default route as
`::/0`, it will inform `LocalOmrPrefix` (the component that manages
when the local OMR prefix is added/removed in Thread Network Data) of
the def-route flag to use.
- If the local OMR prefix is not yet added, the def-route flag will be
remembered to be used when/if it is added.
- If the local OMR prefix is already added, the entry in Network Data
is updated to use the new def-route flag.
This change addresses a backward compatibility issue with devices running
1.2 or earlier Thread versions. These devices may not correctly parse or
accept a zero-length `::/0` route prefix in the Network Data. Adding
the default-route flag on the OMR prefix ensures that these devices
can reach the border router that added the OMR prefix.
This commit fixes an issue with `ServiceResponse::GetHostAddress()`
method. The issue only occurs when separate queries (e.g., for SRV
and TXT records) are used, and therefore separate `Response` objects
are collected and chained together as a linked list. The change
ensures that we check every response in the list when getting host
addresses.
This commit adds new versions of `NewMessage()` in `Ip6`, `Udp` with
different set of parameters. It also updated the code to avoid use of
default parameter value.
This commit simplifies and updates the `NewMessageFromData()` method
to always determine the priority from the IPv6 header, even if a
`Message::Settings` is provided. This change aligns the behavior of
`NewMessageFromData()` with the documented and intended behavior of
`otIp6NewMessageFromBuffer()`.
When adding cli commands to be used by a posix platform is is useful
to have access to the spinel interface when trying to communicate with
a RCP using vendor specific spinel properties. It is inadvisable to
create a separate spinel interface for custom properties as the two
interfaces would need to avoid contention on the hardware interface.
This accessor method allows access to the static spinel interface
defined in radio.cpp for external code segments. Dependent source
files can do so with: `(RadioSpinel<InterfaceType,
ProcessContextType>*)Posix::Radio::getSpinelInstance()` or similar.
This commit introduces a mechanism to track the connection time of
neighbors as the number of seconds since the last successful link
establishment with the neighbor. This feature requires the
configuration `OPENTHREAD_CONFIG_UPTIME_ENABLE` to be enabled which
is now enabled by default on FTD builds. The connection time of each
neighbor is available in the `otNeighborInfo` and `otChildInfo`
structures as the `mConnectionTime` member variable. A new CLI
command, `neighbor conntime`, has been added to display the
connection time and age of all neighbors.
This commit adds a helper function to parse a decimal number from a
given string as `uint8_t` and skip over the parsed characters. This
is used to simplify the methods parsing IPv6/IPv4 address or prefix
from a string.
Link metric macros `OPENTHREAD_CONFIG_MLE_LINK_METRICS_INITIATOR_ENABLE`
and `OPENTHREAD_CONFIG_MLE_LINK_METRICS_SUBJECT_ENABLE` were guarding
incorrect parts of code.
Signed-off-by: Przemyslaw Bida <przemyslaw.bida@nordicsemi.no>
This commit adds a public OT API to replace a previously published
external route entry in the Thread Network Data. It also adds a
related CLI command, and updates `test_netdata_publisher` to
validate the new behavior.
This commit adds new Border Agent functionality that generates and
saves 16 bytes ID in settings. The ID can be published in the MeshCoP
mDNS service and used by the client to identify a Border Router
device.
A new `otBorderAgentGetId()` API is defined and the ID is generated
the first time this API is called.
On some platforms, the /etc/resolv.conf might be a generated file, and
is not available at the first few minutes after boot.
This commit records the time when we read the DNS server addresses
from the upstream, and reload the server list when it expires.
We may want to use inotify or add a platform specific API to notify
the openthread about the change of DNS server list.
This commit breaks Link Metrics Initiator and Subject into two classes
and fixes incorrect swtich guard. For example, code for Initiator was
guarded by macro of Subject.
This commit migrate tests not targeting autotool to cmake.
* removed openthread-test-driver
* removed functional tests from autotool based check
* corrected file permission of python scripts
* added --run-directory to specify directory to collect logs and captures
* get test-ot-test-srp-server pass on POSIX platform
This commit adds the `Ip6::Prefix::FromString()` method, which parses
a human-readable IPv6 prefix string into a binary representation. It
also updates the unit test `test_ip_address` to validate the new
method, and updates the `parse_cmdline` module to use the new
function.
This commit updates the `CompareRouteEntries()` method so that if all
of the earlier checks (preference, path cost) are the same, it will
prefer a border router (BR) acting as a router over one acting as an
end device. The reason is that a device can more accurately calculate
the path cost to a router node than to an end device. This is because
the link quality between an end device and its parent is not known to
other devices.
This commit adds new Network Diagnostic TLVs for vendor name, vendor
model and vendor software version. The TLVs follow similar format as
the MeshCoP TLVs with the same name, i.e., all of them use UTF8
strings as value with name and model limited to 32 characters, and
software version to 16 characters.
The values for these TLVs can be set at build-time using a set of
newly added configs `OPENTHREAD_CONFIG_NET_DIAG_VENDOR_*`, or their
equivalent CMake options (e.g., `OT_VENDOR_NAME`).
It is recommended that these parameters are set at build time using
the configs. This way they are stored as constant strings and won't
consume RAM. However, for situations where the OT stack is integrated
as a library into different projects/products, we can enable a
feature for APIs to be added to set these strings at run-time. In
this case, the `OPENTHREAD_CONFIG_NET_DIAG_VENDOR_*` are treated as
the default values (used when OT stack is initialized).
This commit also adds Thread Stack Version TLV which has a string
value (up to 64 characters) and provides the version string from
`otGetVersionString()`.
This commit also adds CLI commands to get and set (when enabled) the
vendor name, model, and sw version on device. Also adds a test case
`test-020-net-diag-vendor-info.py`.
This commit allows an FED child to request Route TLV (in "TLV Request
TLV") in an MLE Data Request message. Parent will include the Route
TLV when requested by the child.
After successfully performing a quick re-attach upon reset, an FED
child requests Route TLV when sending MLE Data Request to its parent.
This is tracked by a newly added boolean `mRequestRouteTlv`, which is
set after quick re-attach and cleared when Route TLV is successfully
processed.
This commit also simplifies methods related to sending Data Request.
This commit fixes an issue with tracking time spent in each role after
`Mle::ResetCounters()`. The `mLastUpdatedTimestamp` is now updated
from `ResetCounters()`.
A vendor interface implementation for the posix library is currently
supported through linking a specified c++ source file. However, this
is unable to accomodate dependencies for external libraries or header
files that this vendor implementation source file may need.
The posix vendor support is changed to allow a vendor to specify a
cmake RcpVendorDeps module file to resolve missing dependencies for a
provided vendor support source file.
Additionally, this commit adds the ability for a vendor to define a
radio url help message when the vendor rcp bus is selected instead of
defaulting to the UART help message.
This commit updates the `RoutingManager` module to implement a new
model for publishing routes. The new model replaces the previous
model, which explicitly published all discovered routes and on-link
prefixes (from processing Router Advertisements on AIL) as external
routes in the Network Data.
The new model simplifies this logic by publishing either a `fc00::/7`
(ULA) route or a `::/0` (default) route in the Network Data,
depending on the set of discovered routes and on-link prefixes, and
the currently favored OMR prefix.
This commit adds the `RoutePublisher` class, a nested sub-component of
the `RoutingManager` class. The `RoutePublisher` class is responsible
for determining the route prefix to publish and its preference. The
preference of the published route is determined based on the current
role of the Border Router (BR): low preference if the BR is a child,
and medium preference if the BR is acting as a router.
This commit also updates `test_routing_manager` unit test validating
the new behavior.
This commit contains two related changes:
- On a parent, when we detect a former child has been promoted to
router role by receiving an MLE Advertisement from it, we replace
the address cache entries associated with the old (child) RLOC16
with it new RLOC16.
- On leader, when we successfully reply to an "Address Solicit"
message and assign a new RLOC16 to a node, we clear all entries
associated with old RLOC16. We do not change to new RLOC16 since we
cannot be sure that child will successfully receive the Address
Solicit" response.
This commit adds `MLE_PARENT_RESPONSE_CALLBACK_API_ENABLE` config
which enables support for `otThreadRegisterParentResponseCallback()`
API. This API registers a callback to notify user of received
Parent Response message(s) during attach. This API is mainly intended
for debugging and therefore is is disabled by default. It is enabled
in `toranj-config` so to validate the code (i.e. it causes no build
errors) during CI GitHub action runs.
This commit updates `otDnsClient` API documentation making the service
resolution `otDnsClientResolveService()` behavior more clear, in
particular that it sends queries for SRV/TXT records. The new
documents also highlight how records in Additional Data section
in a query response is parsed and provided in the callbacks and that
servers/resolvers may not provide the records.
Calls to otCliSetUserCommand overwrite the pointer user command list
pointer each time it is invoked, which results in successive calls to
otCliSetUserCommand replacing the previously registered command list
instead of appending to it. This is particularly relevant for the
posix platform in which the main function registers a set of posix
specific commands without any way to extend the set.
This commit replaces the command list pointer with a container of
command lists associated with a registered context in order to support
prepending the active list of user commands up to a configurable value
which defaults to 1 to maintain current behavior.
This commit removes logging of the CLI input in `Daemon::Process()`.
This ensures that sensitive info (e.g. dataset and/or network key)
is not emitted in the logs. The CLI input/output can be logged using
the CLI related configs `OPENTHREAD_CONFIG_CLI_LOG_INPUT_OUTPUT_ENABLE`
and/or `OPENTHREAD_CONFIG_CLI_LOG_INPUT_OUTPUT_LEVEL`.
This commit ensures to check that `KeyId` on a frame matches the
current `mKeyId` from `SignalFrameCounterUsed()`. This addresses
corner-case situation where on key sequence change, an ongoing frame
tx or enhanced ack to a received frame, can be processed after the
`mKeyId` change.
This commit fixes an issue in `HandleTimer()` where we need to use
`break` instead of `continue` after calling `FinalizeQuery()`. Note
that we now have two loops, an outer loop on `mMainQueries` and then
an inner loop on queries associated with a `mainQuery`. When we
finalize a query, its related `mainQuery` (along with all its
sub-queries) are finalized and removed.
This commit adds `ProcessAddressRegistrationTlv()` method which
finds an Address Registration TLV in a received MLE messages from
a child and processes its entries updating the child's registered
addresses.
This commit adds helper methods to append an IPv6 Address Entry in an
Address Registration TLV using compressed format where the entry
contains a lowpan context ID and the address's IID, or uncompressed
format where the full IPv6 address is appended.
This commit fixes `GetNextDiagTlv()` to correctly return error
`kErrorNotFound` if the message happens to end with an unknown TLV.
We ensure to set the `error` after the end of `while()` loop. With
the previous code we could return `kErrorNone` (since we would
successfully read and skip over the unknown TLV which would set
`error`).
This commit updates `Mle::SendChildUpdateRequest()`:
- It removes the use of default parameter.
- It adds a private version which accepts `ChildUpdateRequestMode`
indicating actions like whether to append challenge TLV, or
whether to append zero timeout value (used for graceful detach).
This commit unifies the RCP reset sequence on the HDLC and SPI
interfaces. The host will try the software reset first, and then try
the hardware reset if the software reset fails or allowed.
Reasons for unifying the RCP reset sequence:
- The parameters of the Thread stack are fixed on Android. Developers
can't use different parameters to specify SPI or HDLC interfaces to
use different methods to reset RCP.
- If the Thread stack and the BLE stack are running on the same radio
chip, the hardware reset chip will cause the BLE stack to crash. The
host needs to software reset RCP first, and try the hardware reset
if the software reset fails. This can reduce the impact on the BLE
stack.
This commit introduces `Server` and `Client` classes breaking the
`NetworkDiagnostic` module into two components. The `Server` responds
to queries and requests (handling Net Diag TMF commands), while
`Client` issues queries/requests and processes responses. The
`Server` is available under both FTD and MTD (which follows the
requirement of Thread spec). The client is enabled using newly added
`OPENTHREAD_CONFIG_TMF_NETDIAG_CLIENT_ENABLE` config option which is
also available as `OT_NETDIAG_CLIENT` CMake option or the autoconf
build switch `NETDIAG_CLIENT`. The client functionality is by default
enabled on Border Routers (tied to `CONFIG_BORDER_ROUTING_ENABLE`
config).
The previous `TMF_NETWORK_DIAG_MTD_ENABLE` config is now removed
along with its CMake `OT_MTD_NETDIAG` and autoconf switch. This
commit adds checks to trigger build error if the previous config
and/or its related CMake option are used.
This commit adds new IPv6 header DSCP values which indicate a TMF
message priority. This allows intermediate routers forwarding TMF
message to be able to determine and use the TMF message priority that
originator of the message selects (e.g., address query/notification
use net-level priority whereas network diagnostics message use normal
priority). This replaces the previous behavior where on intermediate
routers all TMF messages were treated as net-level priority.
The new DSCP values are allocated from local codepoint range
`0bxxxx11` (per RFC 2474 - section 6). If the sender does not use
TMF-specific DSCP values, we use `kPriorityNet` as default on
intermediate router. This ensures that senders that are using older
code (do not use the new) experience the same behavior as before.
This commit adds two small changes to address new warnings when
building with clang-14.
It also updates `mbedtls` CMakeLists to set `MBEDTLS_FATAL_WARNINGS`
option as `OFF` (so that compiler warnings are not treated as errors).
This avoid issues with new warning for `unused-but-set-variable` emitted
by clang-14.
When compiling the otbr-agent in Android, Android will link the
function debuggerd_init() and call it before calling the function
main(). The function debuggerd_init() sets signal handlers to
catch signals. This commit resets the signal actions to default and
re-raises the original signal to let the pre-configured functions
to catch signals.
This commit adds a helper function `UriToString<Uri>()` to convert
a given `Uri` enumeration value to a human-readable string. This is
used for logging.
This commit adds the openthread config header file to the spinel config
file to allow developers to configure the spinel configurations in the
openthread config file.
This commit updates DNS client to add `otDnsServiceMode` to the
`otDnsQueryConfig`. This new config property determines which records
to query and allow the API user to control the behavior during
service resolution: We can query for SRV record only or TXT record
only, or query for both SRV and TXT records in the same message, or
in parallel in different messages, or an "optimized" mode where
client will first try to query for both records together in the same
message but if server responds with an error, it then retries using
two parallel separate queries.
This gives flexibility and control to the API user. It also helps
address situations where the server (DNS resolver) may not accept
queries with more than one questions.
To support this new feature, this commit updates and enhances the
internal design of the `Dns::Client`. A new mechanism is added to
allow multiple `Query` instances to be associated with each other
under a main `Query` and responses for the related queries are saved
until all are received and validated before finalizing the main
`Query` and invoking the callback and allowing caller to retrieve the
info.
This commit also adds a detailed unit test `test_dns_client` which
covers DNS client browse and service resolution validating behavior
under all service modes. In order to test `Client` functionality,
this commit also adds a `TestMode` in `Dns::ServiceDiscovery::Server`
allowing us to change server behavior, e.g., reject messages with
more than one question in query.
This commit fixes CSL operations timing taking into account that the
CSL phase should refer to the beginning of the SHR.
On the CSL transmitter, corrects the transmission delay timing taking
into account that the timestamp of the received frame from the CSL
receiver refers to the start of the PHR.
On the CSL receiver, no changes are needed assuming the platform
injects the proper CSL phase value.
This commit changes the context ID reuse delay from 48 hours to
5 minutes. It also updates `test-019-netdata-context-id.py` to
check the default value.
This commit adds a new file
`tests/scripts/thread-cert/border_router/nat64/test_upstream_dns.py`
to test scripts for testing the DNS forwarding functions.
The test adds a record `test.domain` to the bind9 interface since when
adding to DNSSD tests, the OpenThread's DNSSD server will be conflict
with the Docker's DNS forwarding functions.
The added log may assist in diagnosing problems where packet
transmission over the air is absent.
Signed-off-by: Lukasz Duda <lukasz.duda@nordicsemi.no>
Some platforms, such as Android and CastOS, can monitor program crash.
And they can upload the crash dump to the crash server for developers
to analyze the crash reason.
This commit aborts the host after receiving a unexpected reset to
trigger platforms to upload the crash dump.
This commit simplifies `Ip6::HandleDatagram()` by combining the
two places where we call `PassToHost()` into one. It simplifies
how we perform the three actions `receive`, `forwardHost`, and
`forwardThread`.
This commit introduces a common `Preference` class which defines
constants and helper methods (e.g., to convert between an `int8_t`
preference and its 2-bit unsigned representation). This is used for
`RoutePreference` in Network Data entries and also for Parent
Priority in `ConnectivityTlv`.
This commit updates SRP client and server to support short variant
format for Update Lease Option. The short variant includes the lease
interval only (4 bytes) vs the long variant which includes both lease
and key lease intervals (8 bytes). Client and server can parse and
process both formats in received messages. Client by default uses the
long variant. Server will also use the long variant in its response
unless the request message uses the short variant format, i.e., if
the client uses the short variant, the server will also respond using
the short variant. This behavior is required by the latest Update
Lease draft.
This commit also updates `test_srp_server` unit test, adding a new
test-case to validate the behavior of client and server when short
Update Lease Option is used. A new method (intended for testing and
and only available under `REFERENCE_DEVCIE` config) is added which
configures the client to use the short variant format changing the
default behavior.
This commit adds checks to protect against an edge-case where TXT
data entries from a TREL peer may contain invalid and long keys. If
the TXT data happens to include keys longer than `Dns::kMaxKeyLength`,
the `mKey` in `Dns::TxtEntry` will be set to `nullptr` and the entire
entry will be provided in `mValue`. This commit adds code to skip over
such entries (check that `entry.mKey` is not null) at beginning of the
loop to avoid using a potential null `mKey` in `strcmp`.
This commit adds `otDeviceProperties` which represents a set of device
properties which are used to calculate and set the local Leader
Weight on the device.
The device property set contains a `otPowerSupplyConfig` enum value
specifying the device power supply:
- Battery powered.
- Externally powered (mains-powered).
- Stable external power with a battery backup or UPS.
- Unstable external power (e.g., a light bulb powered via a switch).
It also indicates whether or not device is a border router, supports
CCM, and specifies a Leader Weight adjustment value.
The `otDeviceProperties` can be set through the newly added OT public API
`otThreadSetDeviceProperties()`. Its default value (upon OT stack start)
can also be configured using OT configs:
- Newly added `OPENTHREAD_CONFIG_DEVICE_POWER_SUPPLY` specifies the
default power supply config to use. This config can also be set
using the newly added CMake option `OT_POWER_SUPPLY`.
- Existing `OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE` will indicate
if device is acting as a BR.
This commit also adds CLI command `deviceprops` for getting/setting
the device config. It also adds a unit test to validate the Leader
Weight calculation algorithm from a given device config.
Fix for the following bug:
Leader/Parent (OTBR) is reset (taken off the network), leading to its
MTD child being detached. When the parent is brought back on the
network without configuring the previous DUA prefix, the MTD asserts
complaining that its DUA prefix is not valid anymore.
1. We don't assert anymore in this situation, rather the MTD just
won't include the DUA address in its address registration TLV.
2. More importantly, we remove a "cached" DUA address if we find that
the network leader is no longer configured with a DUA prefix.
This commit simplifies `ThreadNetif` class by removing methods
like `IsOnMesh()` and `SendMessage()` which just call same method
on other modules (`NetworkData::Leader` and `MeshForwarder`). It
also moves the `RouteLookup()` method to `Ip6` class.
If there is no DUA request sent/scheduled, then there is no need to
trigger the periodic one second ticker timer.
This helps SEDs to be more power efficient and to avoid unnecessary
wakeups.
Signed-off-by: Doru Gucea <doru-cristian.gucea@nxp.com>
This commit updates `ConnectivityTlv` methods which get/set the Parent
Priority field (high, medium, low). This change ensures that we do
not use bitwise shift of a signed and potentially negative value
(`a >> b` where `a` is negative). Note that the behavior of right
bitwise shift of a negative value is not specified by C++ standard
and it is implementation/toolchain dependent.
This commit simplifies how the 6LoWPAN Context IDs are assigned and
tracked by `NetworkData::Leader` using a new nested class
`ContextIds`. A Context ID can be in one of the 3 states:
- It is unallocated.
- It is allocated and in-use.
- It is scheduled to be removed (after reuse delay interval).
This commit also adds a test-case `test-019-netdata-context-id.py`
which validates the assignment and removal of Context IDs under
different scenarios.
This commit adds `otNetDataGetNextLowpanContextInfo()` to iterate
through the list of LoWPAN Context entries in Thread Network Data
providing info about the prefix, its LoWPAN Context ID and Compress
flag (relating to `ContextTlv` sub-TLVs of `PrefixTlv`s in Network
Data).
This commit also updates CLI command `netdata show` to list the
context IDs in addition to prefixes, routes, and services.
This method helps when preparing the `ConnectivityTlv` and counting
the neighbors with which device shares a link at different
Link Quality values (1,2,3).
This setting is targeted for SEDs which may need to decrease the
timeout for receiving a Data Frame (which follows an ACK with FP bit
set) for power saving reasons.
IEEE 802.15.4-2015 specification doesn't enforce a specific timeout
value for this parameter so the application should be able to
configure it.
Signed-off-by: Doru Gucea <doru-cristian.gucea@nxp.com>
This commit updates the documentation for `otTcpConnect()` indicating
that caller need to wait for `otTcpEstablished` callback indicating
that TCP connection was established before it can start sending
data (e.g., calling `otTcpSendByReference()`).
It also removes the mention of "TCP Fast Open" which is not yet
supported.
This commit updates how we process Route TLV in a received
"MLE Link Accept" message when device is already acting as
router or leader:
- We ensure that the Router ID Sequence number in the received
Route TLV is more recent compared to the current one being
used before adopting the Router ID Set. We still update
the router table (next hops and costs) based on the received
Route TLV even if Sequence number is older.
- We also check that the ID of the router which sent the Link
Accept is marked as allocated in the Route TLV that it includes
in the message. This protects against an edge-case where the
sending router may be misbehaving.
In addition to the above two changes, this commit contains some
enhancements and simplifications:
- `RxMessage::ReadRouteTlv()` is added which reads and validates
a `RouteTlv` from an `Mle::RxMessage`.
- `MleRouter::ReadAndProcessRouteTlvOnFed()` is added which reads
and processes `RouteTlv` on an FED (avoid repeating same code).
- `MleRouter::ProcessRouteTlv()` is simplified.
This commit updates `NetworkData::Leader::HandleTimer()` such that
once the reuse delay time for a previously used Context ID is reached
and the ID is freed, the `mContextLastUsed` is also set to zero. This
ensures that context ID is freed only once from `HandleTimer
()` calls (which avoids incrementing the version again).
This commit contains two changes to `StartContextReuseTimer()`:
- We now start the context reuse timer only if the timer is not already
scheduled (`mContextLastUsed` will be non-zero when reuse timer
is already scheduled).
- The `mTimer` (which is used as a periodic timer) is only started
if it is not already running.
This commit updates `kMaxTlvsToRequest` constant to account for the
recently added `VersionTlv`. It also moves its definition from header
file to cpp file in `SendDiagGetTo()` method so to make it easier to
track and update it when/if new TLV types are added.
This commit adds `otDatasetConvertToTlvs()` to covert a given
Operational Dataset `otOperationalDataset` to TLVs. It also adds a
related CLI command `dataset tlvs`.
Use the command `make -f src/posix/Makefile-posix` to build the posix
platform on macOS, it generates the `-Wunused-command-line-argument`
warning (refer to #8828).
This commit moves the linker option `-rdynamic` from `COMMONCFLAGS` to
the `LDFLAGS` to resolve the warning.
This commit adds `OT_THREAD_VERSION_1_3_1` constant (equal to `5`) for
Thread Version 1.3.1. It also updates the build switch options for
CMake `OT_THREAD_VERSION` and autoconfig `THREAD_VERSION` and `BUILD.gn`
to support the new version value of "1.3.1".
Note that this commit does not change the default config value of
`OPENTHREAD_CONFIG_THREAD_VERSION` which is the default version to
use if it is not explicitly specified by build switches or in a
project config file.
This commit adds support for Net Diag Version TLV (TLV number 24)
which returns the Thread version of device (as `uint16_t`).
It also updated the `MeshDiag` to query for the Version TLV and
provide it in `otMeshDiagRouterInfo`. The related CLI commands
are also updated.
This commit updates `DecodeStreamRawTxRequest()` to set the read
boolean flags immediately after they are decoded (not wait till
all fields are read). This ensures correct processing of optional
fields.
This commit adds `mRxChannelAfterTxDone` in `otRadioFrame` which
specifies the RX channel after frame TX is done (after all retries
and ack received).
This is intended for situations where they may be delay in
interactions between OT stack and radio, as example this is used in
RCP and host architecture to make sure RCP switches to PAN channel
more quickly. In particular, this can help with CSL tx to a sleepy
child, where the child may use a different channel for CSL than the
PAN channel. After frame tx, we want the radio/RCP to go back to PAN
channel quickly to ensure that parent does not miss any tx from child
afterwards, e.g., child responding to the earlier CSL transmitted
frame from parent using PAN channel while radio still staying on CSL
channel.
This commit adds support for the `mRxChannelAfterTxDone` parameter in
spinel and posix host `RadioSpinel`. This is added in a backward
compatible way, i.e., if RCP is using a newer version but host is
older and does not provide the new parameter, RCP will use
`frame.mChannel` as default value for this, and if host is using a
newer version, older RCP will ignore it.
This commit adds new mechanism in `NetworkData::Leader` to track the
the maximum observed length of the Thread Network Data since OT stack
initialization or since the last time user reset the tracking
mechanism by calling `otNetDataResetMaxLength()`. This commit also
adds public OT API and CLI commands for this.
This commit adds a helper method `Mle::InitNeighbor()` which performs
common initialization of a `Neighbor` using `RxInfo`, e.g., setting
the Extended MAC address from the sender's IPv6 address IID, updating
the `LinkInfo`, and setting `LastHeard` time. This method is used
from different methods in `Mle` and `MleRouter where a new neighbor
(router, child, or parent candidate) is initialized.
This commit updates `MleRouter to send an immediate MLE Advertisement
on promotion to `router` role and assignment of new Router ID. This
helps inform our former parent of our newly allocated Router ID and
cause it to reset it own advertisement trickle timer. This can help
speed up the dissemination of the new Router ID to other routers. It
can also help with quicker link establishment with our former parent
and other routers.
It also removes tx of multicast Link Request (including its delay
mechanism) upon promotion to `router` role.
It also updates `Mle` so if we receive an MLE advertisement from a
former child (which is recently get promoted to router) to accept it
immediately and copy the info from `Child` entry to `Router`.
Finally this commit updates the following test-cases which are
impacted by the changes above (e.g., skipping the checks for
multicast Link Request):
- `v1_2_router_5_1_1`
- `Cert_5_1_01_RouterAttach`
- `Cert_5_2_04_REEDUpgrade`
- `Cert_5_5_02_LeaderReboot`
- `Cert_5_5_05_SplitMergeREED`
New API module from #8668 wasn't added to the high-level Doxygen
menu. This causes the module to show up incorrectly when we import
reference docs into openthread.io.
`script/clang-format` is supposed to add an EOF newline for every file
passed in as an argument. However, the script only processed the first
file. This can cause `script/make-pretty check` to fail even after
`script/make-pretty clang`.
This commit contains changes to child supervision feature. It adds a
new mechanism for a child to inform its desired supervision interval
to its parent. A new optional MLE TLV is added with type 27 and value
of `uint16_t` indicating the supervision interval in seconds. This
TLV is included in MLE Child ID Request and MLE Child Update Request
(sent from the child). The parent echoes back this TLV in the
corresponding responses to indicate that it supports supervision. This
commit changes the parent implementation to track the supervision
interval per child.
This commit also updates the OT public APIs along with the related
CLI commands:
- API now allows the supervision interval to be set on a child.
- New field in `otChildInfo` to indicate the child's supervision
interval.
- New counter is added to track the number of supervision check
timeouts failures on a child (intended for testing and debugging).
This commit adds a test `test_child_supervision` to cover behavior of
child supervision and its new behaviors.
This change allows backward compatibility: If the parent does not
support child supervision, it ignores the new TLV in the MLE messages
and the child would fall back to periodically exchanging MLE Child
Update Request with parent. If the child does not support supervision
and/or does not indicate its desired child supervision interval, the
parent will fall back to use the configured default interval.
`SetStateRouter()` and `SetStateLeader()` share a bunch of common
code (things that need to be updated on transition to either router
or leader role). This commit adds `SetStateRouterOrLeader()` method
for this.
This commit updates `MessagePool` to track number of in use buffers
along with max used so far since OT stack initialization or since
last time counter was reset. This info is then provided in
`otBufferInfo` and in CLI command `bufferinfo`. A new OT API
`otMessageResetBufferInfo()` is added to reset this counter.
This commit adds new public OT APIs in `border_routing.h` to get the
current state of `RoutingManager` and to get the current favored
on-link prefix.
This commit also updates CLI `br` commands:
- It moves the CLI `br` implementation into own `cli_br` module.
- It adds `br state` to get the current state
- It changes `br omrprefix`, `br onlinkprefix`, and `br nat64prefix`
to output both local and favored prefixes when no additional arg
is provided and allow the use of `local` or `favored` extra arg to
specify the type.
- It updates the documentation of `br` related commands in the source
code and also adding `cli/README_BR.md`.
This commit adds `AppendDiagTlv()` to append a dig TLV with a given
type to a `Message`. It also simplifies the `AppendRequestedTlvs()`
to directly parse the "Type List TLV".
This commit defines C++ style types for use in core module mirroring
the public OT C definitions. It also contains renames and smaller
enhancements in BackBone Router modules.
The `openthread-posix` library calls OT public APIs and library APIs
(e.g. radio_spinel, HDLC), but it doesn't link against the library
targets.
This commit also adds `extern "C"` for posix impl of `otPlatFree`
and `otPlatCAlloc`.
This commit adds a session timeout for the integrated Commissioner.
When the Joiner and Commissioner have a weak link, and the session
doesn't time out after a communication failure, the Joiner may fail to
join in subsequent attempts if the Commissioner is not stopped and
restarted. With the proposed modification, the Commissioner times out
the session after a configurable time, so the Joiner may be able to
join in a future attempt.
The dataset examples are generated by version 1.1 OT stack
where the Security Policy value has length of 3 bytes but 1.2
extends it to 4 bytes.
The real problem is that spec requires that **ZERO** Key Rotation
**SHALL NOT** be allowed:
```
Key rotation period in hours. The
minimum key rotation period SHALL be
1 hour and a key rotation period of 0
SHALL NOT be allowed.
```
But the example is using ZERO.
This commit fix this by updating the examples to 1.2 version.
This commit fix also problems that incomplete TLV HEX string
(Pending Timestamp and Delay Timer are missing) are used for
setting the Pending Dataset (e.g. `dataset set pending`).
This commit adds a set of APsI for forwarding a DNS query to the
upstream DNS server via platform API and a posix platform
implementation.
This feature is disabled by default, and this PR adds a `dns server
upstream {enable|disable}` command CLI for enabling and disabling this
feature.
Tests will be added after ot-br-posix adds related support.
This commit lets `do_build_otbr_docker()` skip unnecessary files when
copying the source code for building a docker image. It can save time
and disk space for the user.
This commit updates `ProcessNeighborAdvertMessage()` method in
`RoutingManager` to use the Target Address included in Neighbor
Advertisement to find the related `Router` (instead of sender's
IPv6 address). This addresses situations where the router
responding may use a different address.
Bug fix for an issue where any frame which fails CSL transmission gets
treated as a new frame (instead of a retransmission) for a subsequent
indirect retransmission (in the data poll handler). This fix checks
for the previous CSL transmit attempts and if it is greater than 0,
retransmits with the same frame counter, sequence number and key id as
previous attempt.
This commit updates `PrepareService()` functions to `memset` the
`Service` instance to zero before populating its fields. This ensures
that all new properties (e.g., recently added `mLease`/`mKeyLease`)
are set to zero and use the corresponding default value.
BR features are tested with "Border Router" CI task but it is built
with gcc by default. This commit adds BR features to posix build
checks which apply clang/clang++.
Linux kernels with CONFIG_MCTP enable (available in 5.16 or newer)
seem to have an issue when setting the link type to ARPHRD_VOID.
There seem to be no good reason why ARPHRD_VOID is used. Stick to
the default ARPHRD_NONE.
This commit keeps capture files in sync at runtime. Therefore, Harness
can obtain the addresses directly from the capture files in manual DUT
mode without having to enter the addresses manually.
This commit disables addrconf generating address by set addr_gen_mode to
IN6_ADDR_GEN_MODE_NONE, otherwise linux may generate a link local address
based on link type and presence of EUI64 address. This allows OpenThread
to fully manage link local address of its network interface.
This commit contains smaller enactments in `NetworkDiagnostic`
class:
- `SendCommand()` method is updated to accept a `Uri` for the
intended diag command.
- `PrepareMessageInfoForDest()` method is added which prepares a
`Tmf::MessageInfo` for sending diag commands to a destination
deciding which source address to use.
- The TLV class is renamed to `Tlv` from `NetworkDiagnosticTlv`
(since it is under the namespace `NetworkDiagnostic` already).
This makes it similar to TLVs from other modules, `Mle::Tlv`,
`MeshCoP::Tlv`, etc).
- Logging in `NetworkDiagnostic` is updated and simplified, now
using `Log(Action, Uri)` method. The logs provide more info
like the IP6 address of sender/receiver of a message.
This commit updates the custom CLI command `nodeidfilter` defined for
simulation platform enabling filtering at radio level. This commit
enhances this command so it can be used as both a deny-list or an
allow-list. It also adds support to output the list and filter mode
when no arg is given.
This commit adds anew feature in `HistoryTracker` to track the history
of changes to routers. In particular we track when a new router is
added or removed, or when next hop and/or path cost towards a router
is changed. On a cost change the recorded entry, provides the old
cost value along with the new path cost. This helps to track the cost
changes more easily (no need to look back at history to find the old
cost value).
This commit also adds CLI command `history router` for the new
feature.
This commit migrates unit tests to cmake.
* build unit tests with cmake
* add missing tests in cmake
* use ctest
* add platform udp stubs for test platform
* skip some static_assert with gcc-4
This commit extends `nexthop` command such that when it is used
without any input, it lists all currently allocated router IDs and
the next hop and path cost for each. Note that this info is
different from `router table` (which provides direct link along
with any backup next hop option).
This commit also adds a new API `otThreadIsRouterIdAllocated()` to
indicate whether or not a given router ID is currently allocated.
This commit updates `RouterTable` class to use a `Tasklet` to track
and signal when there is any change to the table, e.eg., new router
added or removed and/or next hop or cost for a router gets changed.
This commit contains changes related to handling of IPv6 Options. It
adds a new method `Option::ParseFrom()` which parses and validates an
IPv6 Option from a given message. This method handles the Pad1 Option
as well as other Option Types. This makes it easier (and safer) to
iterate through Options in an Extension Header. `Option::GetSize()`
is also updated to return the correct size for Pad1 Option since Pad1
Option does not follow the common Option format (has Type field with
no Length field).
This commit also adds a common `PadOption` class which based on the
desired padding size uses Pad1 or PadN as its type. It also provides
`InitToPadHeaderWithSize()` which prepares the option with proper
length to pad an Extension Header with a given current size (also
determining whether or not padding is needed).
This commit also updates `Ip6` methods to use `kLengthUnitSize`
constant.
According to Thread 1.3.0 Section 4.7.1.3, router synchronization
after reset requires the multicast link request message to be
retransmitted until a response is received, or the maximum
transmission limit has been reached. If the router was a leader or had
more than 5 children prior to reset, it MUST be retransmitted as a
critical message. Each multicast retransmission of an MLE Message on a
TL1 or TL2 Link must be delayed by MLE_MULTICAST_RETRANSMISSION_DELAY
multiplied by a random value between 0.9 and 1.1 with a resolution of
at least 1 ms.
This commit implements the above requirement. With this requirement,
in the cases when a router is reset and there is no other router to
respond to the link request then it takes longer time for the router
to join thread network. Thus some test cases are modified to allow
longer router sync time in such cases.
In `InsertMplOption()` we need to insert the Option at the original
end of Hop-by-hop Extension header which we track in `hbhSize`. Note
that the read `hbh` is updated (we increment the `Length` field which
increases the `hbh.GetSize()` by 8 bytes).
The code before this commit which inserted the header at the new
`hbh.GetSize()` offset still works correctly since we copy all the
bytes before the insertion offset back. It just copies more bytes than
necessary.
All sub-classes of `Option` provide `Init()` method to initialize
the Option.
This commit also updates `Lowpan::CompressExtensionHeader()` to
check that we did read an option from message before checking if
it can be compressed.
This commit updates the github actions `toranj` workflow and the
toranj `start.sh` script to trigger `toranj-ncp` tests on a Pull
Request only if there are changes in any of the `src/ncp` files.
This commit updates `Message` class adding new methods. A new
method `WriteBytesFromMessage()` is added which writes bytes read
from another or potentially the same message to the message at
a given offset. This method replaces the `CopyTo()` and unlike
`CopyTo()` it can be used to copy bytes within the same message
in either forward or backward directions.
This commit adds `RemoveHeader()` which removes header bytes from
the message at a given offset and length. It shrinks the message
and copies existing header bytes before the removed segment forward
to replace the removed bytes.
This commit also adds `InsertHeader()` method which grows the
message to make space for new header bytes at a given offset.
The existing header bytes are copied backward to make room for the
new header bytes.
Unit test `test_message` is updated to validated all the newly
added methods.
The tcplp test is not testing POSIX platform. This commit creates a new
workflow unit to host this test. In future, we may put all unit tests
in this workflow after automake support is removed.
Multicast has been proven to work unreliably with a low value of
OPENTHREAD_CONFIG_MLE_CHILD_ROUTER_LINKS for big dense networks.
Since there is no silver bullet value that suits all installations,
this commit makes it possible to configure its value at runtime.
Signed-off-by: Markus Becker <markus.becker@tridonic.com>
This commit addresses two issues:
- Use agnostic crypto API regardless of `OPENTHREAD_CONFIG_CRYPTO_LIB`
choice.
- Limits the configured ciphersuites in order to avoid client-server
conflicts during handshake.
This commit updates multiple core modules to use the `Message` helper
method `AppendBytesFromMessage()` to append bytes read from one
message at a given offset and length to the end of another message.
This commit updates the `ChildTableEntry` which is included in Network
Diagnostic "Child Table TLV" to also provide the Link Quality In info
for the child (using the unused two-bit field in the existing entry
format).
This commit contains two updates/fixes in `CslTxScheduler`:
In `CslTxScheduler::Update()` method, this commit adds a new call to
`ResetCslTxAttempts()` on `mCslTxChild` when the current indirect
message associated with the child gets changed (replaced or purged),
while MAC is busy with tx of a CSL frame to this child. This ensures
that the next CSL tx associated this child will be correctly treated
as a new frame (and not a retx) and gets its own frame counter.
This commit also updates `HandleSentFrame()` to ensure that we always
call `RescheduleCslTx()` from this method. `Update()` method is
called whenever there is a change to the head of indirect message
queue of any sleepy child. If we are not in the middle of CSL tx at
MAC layer, `RescheduleCslTx()` is called immediately to determine the
next CSL tx among all children and schedule it. Otherwise, we wait
for MAC to signal that frame TX is done. Current code only called
`RescheduleCslTx()` when there was a tx error in `HandleSentFrame()`.
This can cause the issue of not scheduling the next CSL in case
of tx success and/or if the current message was replaced/purged.
This commit adds `GetSize()` to `Ip6::ExtensionHeader` and base
class `OptionHeader`. This method returns the size (number of bytes)
of the header/option. In case of `ExtensionHeader` the size is
derived from "Length" field which is in 8-bye unit and does not
count the first 8 bytes.
he power calibration is supported by OT, this commit adds diag
commands that are used to measure the mapping between the actual power
and raw power settings, show the platform used power settings table.
1. Add "diag powersettings" to show the platform currently used power
settings table.
2. Add "diag rawpowersetting" to make the platform to use the given
raw power settings to transmit frames.
3. Add "diag cw" to transmit the continuous carrier wave.
This commit adds support for TLS in the TCP CLI tool, along with a
test of TLS functionality.
The main purpose of this is to provide an example of how to use
mbedTLS with TCPlp to run TLS. I felt it is important to have an
example because I expect that many applications that use TCP,
particularly those in which a Thread device exchanges data with a
device outside the Thread mesh, will need to run TLS over TCP for
security reasons.
A secondary benefit is to add TCP functionality to the TCP CLI
tool. Additionally, by having the example code be part of a "real"
application (the CLI tool), there is less risk of the code going stale
as OpenThread evolves.
I added an "expects" test for the TLS functionality in the CLI tool. I
also ran the code on two Nordic NRF52840-DK boards to make sure it
works.
The performance impact of TLS appears to be small. When using TCP
without TLS, I am able to achieve ~80 kb/s goodput between two
NRF52840-DK boards. With TLS in the same setup, I am able to achieve
~70-75 kb/s goodput.
This commit enhances/fixes how we validate an `OptionMpl` we read from
a received message. In `Mpl::ProcessOption()`, we first ensure that
we can read the minimum expected size of an MPL Option and then check
based on the read Control field, the Seed ID length and ensure we can
read the full `OptionMpl` under `kSeedIdLength2`.
This commit adds a new radio platform API which updates the MAC Frame
Counter only if the new value is larger than current value being used
by radio platform, i.e., `otPlatRadioSetMacFrameCounterIfLarger()`.
OT stack provides a default weak implementation of this API which
calls the existing `otPlatRadioSetMacFrameCouter()`.
This API is used when radio provides `OT_RADIO_CAPS_TRANSMIT_SEC`
capability and thereby is responsible for assigning the frame counter
to tx frames. It helps address an edge-case where OT stack may not
yet know of the latest frame counter values used by radio platform
(e.g., due to enhanced acks processed by radio platform directly or
due to delay between RCP and host) and then setting the value from OT
stack may cause the counter value on radio to move back (OT stack
will set the counter after appending it in `LinkFrameCounterTlv` on
all radios when multi-radio links feature is enabled).
This commit also updates spinel and RCP and `radio_spinel`
implementations to support the new API. This is added in a fully
compatible way, i.e., a new host firmware works with older RCP, and
similarly an old host can work with new RCP firmware.
This commit updates `Ip6::HandleDatagram()` to check the device role
to determine whether to allow messages received from the Thread mesh
to be forwarded back to the Thread mesh. This is allowed only when
device is acting as router or leader. This then lets us remove
`SetForwardingEnabled()` method.
This commit renames the method which passes a message to host
by invoking the registered receive callback to `PassToHost()`.
It also contains smaller style enhancements.
This commit updates how we prepare the MAC headers:
- New `enum`s are defined in `Mac::Frame` to specify the frame
`Type`, `Version`, `SecurityLevel`, etc.
- `InitMacHeader()` will itself determine the Frame Control Field
from the given address info.
- It now uses `FrameBuilder` to prepare the headers.
- New helper `MeshForwarder::PrepareMacHeaders()` is added which
takes care of adding MAC (address, security header) along with
any IE headers.
- These changes ensure that PAN ID Compression bit is properly
set on MAC frames when using 2015 version (ensure that PAN
IDs are not omitted when both addresses use Extended format).
This commit updates `RouterTable` to provide a common method to
determine both the next hop and the path cost towards a given
destination. This helps us combine and reuse similar code.
This commit also adds `otThreadGetNextHopAndPathCost()` as a new
public OT API to get the next hop and path cost. It also adds a
related CLI command `nexthop`.
A new test `test-018-next-hop-and-path-cost.py` is added which
validates the next hop and path cost calculation on different
network topologies and from different nodes (FEDs, routers).
Make sure that retransmission of data polls happens at least at the
CSL period rate, when this is lower than
OPENTHREAD_CONFIG_MAC_RETX_POLL_PERIOD.
This greatly improves latency under situations of heavy traffic, where
CSL synchronization might be lost ocassionaly due to the mix of CSL
and indirect transmissions.
This commit updates `MleRouter` such that on promotion from REED to
router role, we keep the router table's next hop and cost as what we
had as a REED, i.e., our parent being the next hop towards all other
routers and we tracked its cost towards them. As an FED, device may
have also established links with a subset of neighboring routers. We
ensure to clear the link to these neighbor to avoid using them since
the neighboring router will drop messages from us till we re-establish
link using our new RLOC16.
This commit updates `CompareRouteEntries()` so that on MTD we replace
the `PathCost()` check with a check to see if entry's RLOC matches
the device itself. This handles the uncommon case where an MTD itself
may be acting as a BR. This then allows us to remove the `MleRouter`
`PathCost()` method (which on MTD was returning zero).
This commit updates how we apply `Mac::Filter` ensuring the fixed RSS
filter is applied to all rx frames including received ack frames.
We add a new method `Mac::Filter::ApplyToRxFrame()` which applies the
filter rules directly to a rx frame, potentially updating its signal
strength to a fixed RSS. This common method is then called from
`Mac::HandleReceivedFrame()` replacing the existing code and also
from `Mac::RecordFrameTransmitStatus()` to a received `aAckFrame`.
This ensures that fixed RSS is correctly tracked on the corresponding
neighbor.
This commit also updates `Mac::Filter` methods which do not change
the `Filter` to be marked as `const`.
This commit applies to edge-case where OT is build with only TREL
radio link and no 15.4 radio link.
We define `Radio::kDefaultReceiveSensitivity` as the default rx
sensitivity value returned from `GetReceiveSensitivity()` and use the
same constant for noise floor returned from `SubMac::GetNoiseFloor()`.
This ensures that fixed RSS value applied through `macfilter add-lqi`
CLI command uses the same value for noise floor when calculating the
typical RSS for a given Link Quality value.
This commit changes `RouterTable::UpdateRoutes()`. Before updating the
routes, we track which routers have finite path cost. After the
update we check again to see if any path cost changed from finite to
infinite or vice versa and use this to decide whether to reset the
MLE Advertisement interval. This helps simplify the code and handle
some edge-cases related to resetting the Advertisement interval where
changing the Link Quality on the neighbor may impact the cost towards
routers which used it as next hop.
This commit contains smaller fixes and enhancements in `Mle` method
`Mle::HandleAdvertisement()`
- We add `VerifyOrExit(IsAttached())` at the top of the method.
- We always perform the check for stale parent i.e., check if we
got an MLE Advertisement from parent but with a different RLOC16.
The `MleRouter` method also does the same check, however in certain
cases (e.g., when there is Partition ID or leader ID mismatch) the
`MleRouter` method will exit early and expect the `Mle` method
to handle these cases.
- When on `Mle` method we handle Partition ID or leader ID mismatch
and then process `RouteTlv` we now also call `UpdateRoutesOnFed()`.
This commit updates `MleRouter::HandleAdvertisement()` to not call
`ExitNow()` and exit early when as a child we decide to try to
promote to router role and set `mRouterSelectionJitterTimeout`. This
ensures that we continue processing the message and call
`UpdateRoutesOnFed()` and `router->SetLastHeard()`.
This commit introduces 2 APIs to query infra link status:
- `otSysGetInfraNetifFlags` returns the `ifr_flags` of the infra
network interface.
- `otSysCountInfraNetifAddresses` counts the numbers of LLA, ULA and
GUA on the infra network interface.
This commit contains smaller enhancements in `MleRouter` method
`HandleAdvertisement()` processing received MLE Advertisement
message:
- We remove all the `IsFullThreadDevice()` checks in this method
since it is only called from `Mle` when device is FTD (already
checked by `Mle` before calling).
- Also this method is called only when device is attached (in child,
router, or leader role). So we can simplify the checks related to
the device's role.
- We pass the already read TLV values (e.g., `LeaderDataTlv`) to
this method (to avoid re-reading the same TLVs from message).
This commit adds new method `RouterTable::UpdateRoutesOnFed()` which
tracks cost towards all routers on an FED child based the parent's
cost towards them. This method is called whenever we receive an MLE
Advertisement from the parent (replacing the code which tracked the
cost only towards the leader) and also during attach process upon
receiving a Child ID Response containing `RouteTlv` from the parent.
This commit also updates `GetPathCost()` to handle more case:
- Where device is detached or disabled, we return `kMaxRouteCost`.
- If device is a child, we derive the path cost as the link cost
to the parent plus the cost from parent towards the destination.
- If device is a child and destination is another child of the
same parent, we use link cost to parent plus an estimated cost
towards the other child.
This commit also adds a new helper method `GetPathCostToLeader()`
which is then used in `MleRouter` to simplify the code, e.g.,
when deciding whether to respond to an MLE Parent Request to
to check the current path cost to leader.
The `network_diagnostic_tlvs.hpp` defines the net diag TLVs and uses
the public definitions (constants) from `openthread/netdiag.h` but
did not include it directly. This commit ensures we include it
directly.
This commit renames the configuration `RCP_TIME_OFFSET_CHECK_INTERVAL`
to `OPENTHREAD_POSIX_CONFIG_RCP_TIME_SYNC_INTERVAL` and moves it to
posix configuration file because this configuration may need to be
configured on different platforms.
There's a use case to check the CSL state of one certain child from
the parent. For now this can only be done by showing the full child
table. This commit adds the CSL state in the display of single child
info (cli command `child <id>`).
This commit adds a new mechanism for RCP to inform host of the range
of RCP API versions that it can work with. This helps address
situations where RCP may be running a newer firmware (with higher
RCP API version) and host side is older, ensuring that version
checks can be performed correctly.
This commit introduces a new RCP-specific spinel property
`SPINEL_PROP_RCP_MIN_HOST_API_VERSION`. This new property is
available when RCP indicates that it has the newly added capability
`SPINEL_CAP_RCP_MIN_HOST_API_VERSION`. This is used on host side to
determine if we can get this property from RCP.
With addition of this new property, the `RadioSpinel` version check
code is changed to get the min version from RCP itself and then check
on the host side that its version is within the supported range.
This commit updates cli-based `toranj` test framework and adds new
test-cases using this framework. The new test-cases re-implement all
the current ncp/wpantund based ones that cover OpenThread core
behavior (including the multi-radio and trel test-cases). Some of
the tests are enhanced (e.g. adding new checks) and some related
tests are combined into a single script.
This commit also updates the `toranj` CI GitHub workflow to use the
new cli-based model for multi-radio and trel (removing the ncp
based versions).
This commit contains smaller changes in `NetworkData::Leader`
class:
- Use `FindNextMatchingPrefixTlv()` in methods to iterate over
Prefix TLVs matching a given address.
- Simplify `IsOnMesh()` to iterate over Border Router sub-TLVs.
- Rename local variables to include `tlv` if they are a TLV.
This commit updates `Ip6::SelectSourceAddress()`. A new version of
is added which as its input gets a destination `Ip6::Address`
instead of an `Ip6::MessageInfo`, and returns the selected source
address as an `Ip6::Address *`. This helps simplify its use (no need
to create or pass `MessageInfo` instances). This commit also moves
the implementation of `otIp6SelectSourceAddress()` from `ip6_api.cpp`
to `Ip6` class adding a version of `SelectSourceAddress()` which
updates a passed-in `MessageInfo`directly.
The ot-br-posix uses the posix platform's config file as its config
file. So the ot-br-posix can't set different configurations with posix
platform via the config file. This commit adds a config macro
`OPENTHREAD_POSIX_CONFIG_FILE` for ot-br-posix to specify a config
file to overwrite the posix platform's configurations.
This commit add `discover reqcallback {enable/disable}` CLI command
which registers callback to output whenever device gets a "MLE
Discovery Request". This command allows the callback to be explicitly
set when needed and avoid having it be enabled by default (since the
extra output from this callback can be treated as unexpected result by
tests that parse the CLI output).
This commit adds a new helper method in `RxInfo` to check whether or
not the `mNeighbor` field (the neighbor from which message was
received) is non-null and in valid state.
This commit updates `GetPathCost()` method to handle the cases where
the destination RLOC16 is the device itself or if it is the child of
the device. It also handles when the device itself is acting as a
child (cost is calculated if destination is the parent).
This change addresses situation where `GetPathCost()` is used in
`NetworkData::CompareRouteEntries()` to select between BRs (e.g.,
multiple BRs providing the same off-mesh route prefix) ensuring a
direct child BR is preferred over other routers that are multiple
hops away.
This commit is fix to avoid dual processing on single TCP packet,
added fix which restricts TCP packet to pass from opentghread
stack. These changes are applicable only when openthread TCP stack is
used and it is implemented under feature flag -
OPENTHREAD_CONFIG_TCP_ENABLE
This commit fixes a potential message leak when NAT64 translator
feature is enabled in `Ip6::ProcessReceiveCallback()` where a cloned
copy of message is not freed if `TranslateFromIp6()` returns an
error or if `mReceiveIp4DatagramCallback` is not set.
This commit updates how we track and free the message in this method
(to help simplify the code and avoid similar situations). Variable
`message` points to the `Message` instance we own in this method. If
we can take ownership of `aMessage`, we use it as `message`.
Otherwise, we may create a clone of it. `message` will be set to
`nullptr` if the message ownership is transferred to an invoked
callback. At the end of this method we free `message` if it is not
`nullptr` (indicating it was not passed to a callback.
This commit adds a new behavior in `RoutingManager` to skip performing
NS probe with a router with an address belonging to device infra
interface itself. This addresses the situation where platform may not
be be able to receive and pass the NA message responses from device
itself.
This commit updates how BR determines the preference to use when
advertising Route Info Options (RIO) in emitted Router Advertisement
(RA) messages.
User can explicitly set the preference by calling OpenThread API
`otBorderRoutingSetRouteInfoOptionPreference()`.
But if not set or the previously set value is cleared by user,
RIO preference is determined based on device's current role:
- Medium preference when device is in router/leader role,
- Low preference when in child role.
If a role change causes RIO preference to change, BR schedules
to send a new RA using the updated RIO preference.
This commit adds a new CLI command `neighbor linkqulaity` which prints
the collected link quality info (such as frame error rate, message
error rate, average/last RSSI) for all neighbors.
This commit updates the `RouterTable::RemoveRouter()` to check
if `Router` being removed is a neighbor and signal its removal.
This ensures that we correctly signal neighboring router removal
from a call to either `UpdateRouterIdSet()` or `Release(aRouterId)`.
This commit updates how we set the `hopsLeft` when preparing a lowpan
`MeshHeader` frame so to use a constant max value. The max hops lefts
value is determined based on `kMaxRouteCost`(estimate on max hops
between routers within Thread mesh) and additional guard increment
(e.g., adding for two for source or destination being child and
require one more hop).
This change replaces the previous model where number of hops was
predicted on source using the routing cost towards the destination.
While the cost can be a good estimate for number of hops, it may not
necessarily be correct, as the source's view of route cost may be
less than what its neighbor and next hops on the path currently have
(e.g., sender can have stale information).
This commit updates `toranj-cli` to use the simulation platforms "log
to file" feature and CLI feature to emit CLI input/output to log. This
helps simplify the log collection during testing and decouple it from
parsing/processing the CLI output while performing the test.
This commit adds a new class `Callback<HandlerType>` which represents
a callback as a function pointer handler and a `void *` context pair.
The context is passed as one of the arguments to the function pointer
handler when the callback is invoked.
The `Callback` provides two specializations based on the position of
the context argument in the function pointer, i.e., whether it is
passed as the first argument or as the last argument. The
`Callback<HandlerType>` class automatically determines this at
compile-time based on the given `HandlerType` and passes the context
properly from `Invoke()` method.
The `Callback` class is used by OT core modules to simplify how
callbacks are defined and used.
If an infrastructure-provided NAT64 prefix is present, we should
bypass the NAT64 translator to let the border router forward the
packet to the infra NAT64 service.
This commit adds a new option in simulation platform to allow us to
specify a file name to write the logs into. This is applicable when
`LOG_OUTPUT` is set to `PLATFORM_DEFINED`. The filename can be
specified by `-l <name>` or `--log-file=<name>` options. If no log
file is provided then logs are emitted to syslog.
The actual output power of the Thread device may be determined by both
the Thread radio chip and the FEM. Consider the output power error of
the Thread radio chip and the gain error of the FEM, the actual output
power is inconsistent with the expected output power. To guarantee
that the actual output power is accurate and meet the regulatory
requirements, the output power should be calibrated in the factory if
the output power is not accurate.
This commit contains the following changes:
- Adds a power calibration implementation
- Adds a config file to configure the target power for different
countries
- Adds a tool for the factory to persist the power calibration data
This should not be cast to an unsigned integer. If the
mRadioTimeOffset is negative, the resulting time instance is incorrect
and breaks e.g. CSL over RCP.
This commit adds `MleRouter::ShouldDowngrade()` which determines
whether all conditions are satisfied for the router to downgrade
after receiving info for a neighboring router. This method is then
used in `HandleAdvertisement()`. It effectively combines some of the
other methods into one.
This commit defines `kChildIdResponseTimeout` as a new constant
in `mle_types.hpp` which is used as maximum wait time to receive
a "Child ID Response" message from parent during attach. This
commit also removes the now unused `kMaxChildUpdateResponseTimeout`.
This commit adds `OPENTHREAD_CONFIG_CLI_LOG_INPUT_OUTPUT_LEVEL` to
specify the log level to use when CLI input/output is emitted to logs
(`OPENTHREAD_CONFIG_CLI_LOG_INPUT_OUTPUT_ENABLE` is enabled).
This commit removes the `#if` checks for `OPENTHREAD_FTD` in
`MleRouter` method implementations as the entire `mle_router.cpp` is
covered with a `#if OPENTHREAD_FTD` check at the top of the file.
We should not use static member fields given the `posix::InfraIf` is
already a singleton. Instead, let's make it consistent with the rest
of the fields which are all non-static.
On some platforms, we need to support the cases that:
1. The infrastructure interface can't be determined when the Thread
daemon is started and we need to enable the Border Router features
after the infra interface is available.
2. Some BR devices want to send/recv RAs in a coordinated way to be
more efficient and consistent. For example, a BR which is also a
Wi-Fi router may want to send/recv RAs by a single component.
This commit add a new `OPENTHREAD_POSIX_CONFIG_INFRA_IF_ENABLE` for
disabling the default posix infra if implementation so that posix
platforms can add their own version.
A route in network data's output may have more than one flag. For
example, a NAT64 route can have `sn` as its flags. The previous
`__parse_routes` would crash when processing such a route.
This commit updates `NeighborHasComparableConnectivity()` method which
is used as one of conditions to decide whether the router needs to
downgrade to REED. This method check whether a given neighboring
router has as good or better-quality links to all our neighboring
routers with two-way link quality of two or better.
The previous implementation assumed that routers in `RouterTable`
would match the same set of routers and their order as in the
received `RouteTlv` from the peer router. This may not necessarily be
the case (particularly after #8483). This commit changes the
implementation so that we iterate over all Router IDs and directly
track the index of each allocated router ID in the received
`RouteTlv`.
This commit adds new cmake option `OT_15_4` to enable 802.15. radio
link. It also adds additional `message(STATUS)` to output the common
`OT_APP_CLI/NCP/RCP` and `OT_FTD/MTD/RCP` options.
This commit enables receiving Neighbor Advertisements (NA) on the
infra link.
OTBR relies on receiving Neighbor Advertisement to check if a router
is active. Without receiving NA, OTBR may wrongly see a router as
inactive and remove the discovered prefixes from Network Data too
early, which breaks the border routing feature.
This commit simplifies how `RouterTable` tracks the allocated Router
IDs and the `Router` entries. A new class `RouterIdMap` is added
which tracks the currently allocated Router IDs. For allocated IDs,
it also tracks the index of the `Router` entry in `mRouters` array.
For unallocated IDs, it tracks the remaining reuse delay time in
seconds (using the same underlying `uint8_t` per Router ID). This new
class makes it easier to find a `Router` by its ID. With this change,
we no longer need to keep the `mRouters` array sorted based on Router
ID (this was used when populating `RouteTlv`).
This commit also changes the `mRouters` to use `Array<Router>` which
will then tracks its length and also simplify range-based `for`
iteration over `RouterTable` entries.
This commit updates `Mle` to store the current RLOC16 in a member
variable `mRloc16` (in addition to setting it on `Mac` as device's
short address). This allows `Mle::GetRloc16()` to be defined as an
inline method instead of using `Get<Mac::Mac>().GetShortAddress()`.
This commit adds a new variable `mInitiallyAttachedAsSleepy` which
tracks whether or not device was initially attached as a sleepy
child. This is then used to determine whether or not we need to
re-attach on mode changes between rx-on and sleepy (rx-off). If we
initially attach as sleepy, then rx-on/off mode changes are allowed
without re-attach (device sends "Child Update Request" to its parent
to update its mode). Otherwise mode transition from rx-on to sleepy
requires a re-attach.
This commit updates behavior when device mode gets changed
so to re-attach on switching between MTD/FTD modes and also on
switching from rx-on to sleepy (rx-off) mode (when attached as a
child).
This commit also updates `test-027-child-mode-change.py` to match
the new behavior.
This commit updates the `Ip6::Mpl` to use `TimeTicker` instead of
its own `Timer` to age the entries in its `mSeedSet`. This commit
also updates the default number of seed entries by 3 to use the
memory saved by using `TimeTicker`.
Sometime we need to identify which platform we are currently using,
especially in a test cases, where a unified interface is provided to
control devices, the test cases have no idea about current platform.
- Use MLE `GetMeshLocal16()` to check if seed ID can be elided
(remove `mMatchingAddress).
- When processing MPL option if seed ID is elided, we ensure that
sender's address is RLOC format and use the RLOC16 as seed ID.
- When preparing MPL option directly use device's RLOC16 as seed ID
(removing `Mpl::Get/SetSeedId()` methods).
- Determine number of timer expirations (MPL retransmission) based
on device's current role.
This commit updates `Mpl::UpdateSeedSet()` to reset the `SeedEntry`
lifetime to `kSeedEntryLifetime` if we rx/tx a message with same
ID and sequence. This ensures that the entry is kept in the array
while other routers are forwarding the same message.
This commit updates `RegisterNetdataData()` to ensure that versions
are updated if there is any change even if there is an error during
integration of new entries (e.g., running out of space in Network
Data, or failing to allocate new service ID).
This commit fixes how we determine the CSL timings when preparing a
frame for CSL transmission. When scheduling the next CSL, we use
`mCslFrameRequestAheadUs` time in `GetNextCslTransmissionDelay()`. We
basically schedule `Mac` to start the CSL tx operation a bit earlier
than the desired CSL tx time. In `HandleFrameRequest()` (when we are
preparing the frame to be sent) we should be already within
`mCslFrameRequestAheadUs` time from the tx time. So this commit changes
the code such that we invoke `GetNextCslTransmissionDelay()` with zero
`aAheadUs` interval when preparing the frame. This ensures that we do not
skip the current CSL window and move to the next.
This commit also adds a check in `HandleFrameRequest()` to ensure that
we did not miss the current CSL window. This situation can happen if
`Mac` happens to be busy with some other operation and therefore late
to start CSL tx and invoke `HandleFrameRequest()`. In such a case we
don't want to use delay tx time for next CSL window (which may be way
later) and instead we abort the current CSL tx operation by returning
a `nullptr` frame.
This commit contains smaller enhancements in `RouteTlv`:
- `RouteTlv::IsValid()` checks that number of allocated IDs in
the Router ID Mask is less than max number of routers.
- It also checks that the TLV contains correct number of Route
Data entries matching the number of allocated router IDs.
- A new method `SetRouteData()` is added to set all the
data fields (link quality in/out and route cost) for a given
router index.
- These changes help ensure that messages containing invalid
`RouteTlv` are rejected (avoid situation where we may have
more allocated router IDs than max routers).
Fix an issue in which a CSL Transmitter would start to send malformed
frames to the radio in the ocassion of a data poll arriving while a
delayed CSL transmission was already scheduled.
Notice that `CslTxScheduler::HandleSentFrame` is reseting both CSL Tx
attempts and Indirect Tx attempts, so it makes sense to do the same
in `DataPollHandler::HandleSentFrame`.
This commit fixes the format string in logging functions.
When openthread is included in other projects that use the -Werror
option in their builds, such as Matter, these format string errors
appear. In this case, it can be seen in radio.h that the structure
members are uint32_t but printed with %u.
The size of types depends on the target, there needs to be a casing.
`LOCAL_EXPORT_CFLAGS` is exporting `OPENTHREAD_PROJECT_CFLAGS` which
contains quotes. This sometimes can cause compile errors due to
limitation of Android build system.
Also, `ot-cli` is repeating the flags in `LOCAL_CFLAGS`, which can
cause macro redefinition error. Since `ot-cli` depends on `ot-core`,
it already gets the flags from `LOCAL_EXPORT_CFLAGS`.
This commit contains smaller enhancements in `RouterTable` class:
- New method `FindNextHopOf()` is added to find the next hop of a
given router.
- Methods which find router are renamed: `FindRouterById()` to search
for a given Router ID, `FindRouterByRloc16()` to search for a given
RLOC16.
- The methods which find a neighbor router are declared as `private`
and only used by `friend` class `NeighborTable`. Other modules use
`NeighborTable` methods to find neighbors.
This commit updates `RoutingManager` to check if a change to xpanid
does impact the generated local on-link prefix. This can address two
situations: (1) when BR is started before Thread/MLE operation where
we can get a signal that xpanid is changed on MLE start (without it
actually changing), (2) if the xpanid does change but since not all
the xpanid bytes are used in the derivation of the local prefix, it
can remain as before.
This commit also updates the unit test to start the BR early (along
with MLE operation) under the `TestSavedOnLinkPrefixes()` case.
This commit updates the `RoutingManager` unit test to check that
there are no duplicate PIO/RIO prefixes in the emitted RA message.
It also updates the `TestSavedOnLinkPrefixes()` to check behavior
after device resets/restarts while it was advertising its local
on-link prefix or deprecating it.
This commit updates how UDP Encapsulation TLV is processed. In
particular, when handling a received TMF `kUriProxyTx` message
containing this TLV, we allow the TLV to be extended or not. This is
aligned with the Thread specification for this TLV. When appending
this TLV in `kUriProxyRx` TMF message, we continue to use Extended
TLV so to keep the behavior same as before.
This commit adds new private type `ParsedInfo` in `Tlv` class
which contains parsed TLV info such as TLV type, length, size,
value offset. This class provides `ParseFrom()` and `FindIn()`
methods to parse or find a TLV from a message.
This commit also adds a unit test `test_tlv` to validate the TLV
methods.
Add a Dependabot configuration that checks once a week if the GitHub
Actions are still using the latest version. If not, it opens a PR to
update them.
It will actually open few PRs, since only major versions are specified
(like v3), so only on a major release (like v4) it will update and
open a PR. But it helps actively keep GitHub Actions workflows up to
date and secure.
When adding a new spinel property or updating the existing spinel
property, it may cause the host can't work with the old RCP. The
host can be updated independently on some of our products. If the
compatibility issue happens, it causes the host dies after the
host is updated.
To reduce the compatibility issues between the host and RCP, this
commit updates the guideline of updating/adding RCP spinel properties.
This commit adds new methods in `Tlv` to read, find, or append simple
TLVs with a UTF8 string value. `StringTlvInfo<Type, kMaxStringLen>`
can be used to define constants and types for such TLVs. This helps
simplify implementation of many such TLVs, e.g., Vendor Name TLV,
Provisioning URL TLV, Network Name TLV, etc.
This commit updates `Mle` modules to use `FindTlvValueOffset()`
instead of `FindTlvOffset()` when trying to find a variable length
TLV (e.g., Network Data TLV or Address Registration TLV). This helps
simplify the code (we avoid reading the TLV again and can directly
read and process the TLV's value).
This commit simplifies `StateTlv` and updates the reading of TLV in
`DatasetManager::HandleMgmtSetResponse()` (which could previously
allow a TLV with empty value).
This class moves all the related code for preparing and sending
`kUriServerData` message to `NetworkData::Notifier`. In particular,
`RemoveStaleChildEntries()` and `UpdateInconsistentData()` are moved
to the `Notifier` class.
This commit adds `CompareRouteEntries()` which performs a three-way
comparison between two network data BR route entries:
- Entry with higher preference is selected first.
- If the same preference, prefer BR that is this device itself.
- If all same, prefer the one with lower mesh path cost.
This commit updates the `RouteLookup()` methods in `NetworkData`
and `ThreadNetif`:
- Removes the unused `aPrefixMatchLength` parameter.
- Requires `aRloc` to be a reference instead of a pointer.
he `execinfo.h` is a glibc specific header, and the glibc doesn't
exist under openwrt. It causes the compile errors under openwrt in
ot-br-posix. This commit uses __GLIBC__ instead of __linux__ to avoid
the compile errors when the OS doesn't contain the glibc.
This commit adds compile-time check of format string to all CLI
`Output` methods. It also updates CLI module to make arg string
formats consistent. In particular we use `'%lu` for `uint32_t`
arguments and they are explicitly cast to `unsigned long` using
`ToUlong()`.
This commit updates `NetworkDiagnostic` class's generation and
processing of TLVs. When appending list based TLVs (IPv6 Address List
TLV or Child Table TLV) depending on the number of entries we use
regular or extended TLV. When processing the message and reading the
TLVs, this commit updates the code to handle extended TLVs as well.
This commit changes the behavior of `GetNextDiagTlv()`. The
`otNetworkDiagTlv` data structure defines limited-size arrays for
IPv6 address list and child table. When processing a received message
if the number of entries is larger than the array size, the first set
entries (as many as fits in the array) are read and the rest are
ignored. This changes the existing behavior which returned a
`kErrorPrase` error in such a case.
This commit also adds a helper `Uint64ToString()` method to convert a
`uint64_t` to decimal format string. The new methods allow us to
output `uint64_t` values without needing to cast to `unsigned long
long` and/or use of `%llu` (which may not be provided by certain
embedded libraries).
This commit changes `ReadTlv()` methods so that they can be used
independent of whether the read TLV is an Extended TLV or not. This
makes them similar to `FindTlv()` methods.
This commit introduces `otBorderRoutingCounters` which contains the
number of packets and bytes forwarded via border routing.
The counters have 4 categories: inbound unicast, inbound multicast,
outbound unicast, outbound multicast.
I've verified this feature locally on a BR device by ping command in
following scenarios:
- A host pings an ED's OMR.
- An ED pings a host's onlink address.
- A host pings a multicast address which an ED subscribes to.
- An ED pings a multicast address which a host subscribes to.
This commit updates some of the `NetworkDiagnostic` TLV definitions
to reuse similar MLE TLVs (e.g. `LeaderDataTlv`). It also updates
the code to reuse helper methods to parse `Mle::DeviceMode` and
`Mle::LeaderData`.
This commit adds compile-time check of format string to all log
functions and macros. It also updates different core modules to make
arg string formats consistent under different platforms. In particular
we use `'%lu` for `uint32_t` arguments and they are explicitly cast
to `unsigned long` using `ToUlong()`.
This commit updates the `Cli::Output` class and the related types. A
new type `OutputImplementer` is added which provides the basic output
functionality, i.e., method `OutputV()`. `Output` class requires a
reference to an `OutputImplementer` which it then uses to provide all
the different `Output{}()` method flavors. The new model allows all
CLI sub-modules to directly inherit `Output` class while reusing a
single and common underlying `OutputImplementer` provided by the
`Cli::Interpreter`.
This commit enhances `ParseRoute()` method allowing flags to be
specified in one arg (sequence of char indicating different flags) or
potentially over different args. This commit also allows `-` to be
used in `route` or `prefix` commands to indicate empty flag.
This commit adds mechanism to save deprecating old on-link prefixes
in non-volatile `Settings`. With this, if the BR is restarted, it
will remember the old prefixes and keep deprecating them (advertising
them in emitted RA and publish them in Thread Network Data).
This commit also adds `TestSavedOnLinkPrefixes()` test case in
`test_routing_manager` to cover the behavior of the newly added
mechanism.
This commit increases the wait time in `test_single_border_router`
after re-enabling `ether` link. It also changes the order of pings
in the test (first ping from host to Thread router and the opposite
direction).
This commit implements a new optimization in `AddressResolver`
allowing it to resolve on-mesh IPv6 addresses using info from Thread
Network Data DNS/SRP Service (Unicast Address) entries.
When determining EID-to-RLOC mapping in `Resolve()`, we first try to
match the EID against unicast addresses discovered from DNS/SRP
service entries. This is limited to entries where the address/port
info is encoded as part of server data. If a match is found the
associated RLOC16 of the BR which added the entry in Network Data
will be used (i.e., the `server16` field from Network data server
sub-TLV). This optimization is used on devices where MLE Mode
indicates they receive full Network Data and not the stable subset
(since stable subset will not provide RLOC16 info).
This commit adds a similar check in `UpdateSnoopedCacheEntry()` so
that the limited snoop cache entries are not unnecessarily used for
addresses which can be resolved using Network Data services.
This commit adds a new mechanism in `RoutingManager` to periodically
check that discovered routers are still active and operational, so
that if the router providing the favored on-link prefix becomes
offline, we can detect it more quickly (instead of waiting for the
prefix lifetime to expire) and then the BR can start advertising its
own on-link prefix.
Receiving a Router or Neighbor Advertisement message from a router
indicates that it is active. After a timeout interval passes from the
last receive from a router we start sending Neighbor Solidification
(NS) probes to it. This timeout interval can be specified by newly
added build-time OT config parameter (default value is set to one
minute). If no response is received after multiple NS attempts, the
router is considered to be inactive and the discovered prefix entries
associated with the router are removed or deprecated.
This commit also updates the unit test for routing manager to validate
the behavior of the newly added mechanism.
This commit updates how `OnLinkPrefixManager` retains and deprecates
old local on-link prefixes. Instead of remembering a single old
prefix, a list of old prefixes are remembered and the number of
entries in the list can be configured at build-time using an OT
config.
If the BR is stopped, the deprecating prefixes are still remembered
and the the expire timer keeps running. They are removed from the
list when they expire. If the BR is started again the deprecating old
prefixes are again included as PIO in the emitted RA and also
published in Network Data.
The changes in this commit also ensure we can correctly handle the
situation where the extended PAN ID is changed to a previous value
before the corresponding on-link prefix expires, i.e. when a
currently deprecating prefix becomes the current local on-link prefix
again.
This commit also updates the unit test case validating the behavior of
newly added mechanism under different situations.
This commit updates how `OnLinkPrefixManager` retains and deprecates
old local on-link prefixes. Instead of remembering a single old
prefix, a list of old prefixes are remembered and the number of
entries in the list can be configured at build-time using an OT
config.
If the BR is stopped, the deprecating prefixes are still remembered
and the the expire timer keeps running. They are removed from the
list when they expire. If the BR is started again the deprecating old
prefixes are again included as PIO in the emitted RA and also
published in Network Data.
The changes in this commit also ensure we can correctly handle the
situation where the extended PAN ID is changed to a previous value
before the corresponding on-link prefix expires, i.e. when a
currently deprecating prefix becomes the current local on-link prefix
again.
This commit also updates the unit test case validating the behavior of
newly added mechanism under different situations.
A useful metric for a device is the amount of time it spends in each
mle role. This could help to identify connectivity issues on SED with
weak signal and frequent detaches by checking the time spent in
detached mode. It would also be useful to know the time spent in
leader state when having multiple FTDs frequently joining and
splitting in different partitions.
This information is not available from the role counters, since time
spent in each state is not related to the number of entries to that
state.
This commit adds mle counters to track time spent in each role, when
uptime feature is enabled (`OPENTHREAD_CONFIG_UPTIME_ENABLE=1`).
This commit adds `OT_TOOL_PRINTF_STYLE_FORMAT_ARG_CHECK` macro in
`toolchain.h`. It specifies that a function or method takes `printf`
style args. It asks the compiler to check the args for consistency
with the passed-in format string.
The commit uses the new macro in `String::Append()` and its uses are
updated to ensure consistency between format string and the args.
When a message is received that does not contain a source address (ex:
IEEE 802.15.4 Beacon Request) find neighbor should not be called to
attribute the message to a particular device in the network.
The bug was found in the following scenario:
* Network operating with REED devices.
* Other non-Thread IOT devices in the space periodically sending
beacon requests.
* Note that the REED devices have unexpectedly low average RSSI values
for their parents.
When the child processes the beacon request, it calls FindNeighbor(),
which defaults to returning the parent of the device if srcaddr is
none. The RSSI of the beacon request is then averaged into the value
for the device's parent.
Fix: Do not look up the neighbor if there is no source address in the
message, because there's no way to know who the message came from.
Update CoAP base handler to correctly detect when a handler is not
found and send a 4.04 response.
Prior to this change, the error code would be overridden in the case
where a URI handler was not found to kErrorNone. This meant that when
the exit code was reached, no 4.04 message was generated. This fixes
the logical flow to ensure the error message is sent on the link.
This commit renames `LocalOnPreifx` class to `OnLinkPrefixManager` and
moves all the code related to managing of the on-link prefix to this
class, e.g., method `Evaluate()` to evaluate and make a decision
about on-link prefix (whether we need to advertise our local on-link
prefix or there is a favored discovered on-link prefix provided by
another router on infra link).
This commit updates `Srp::Client` so that on `RemoveService()` we
always send an SRP Update message to server to remove the service even
if the service is not yet registered (from perspective of client).
For various reasons, we're not able to use `<` and `>` in our Doxygen
descriptions. I made some minor edits, LMKWYT. In the HTML, it renders
similar to this:
The IPv6 socket address string is formatted as [`address`]:`port`
where `address` is shown as 16 hex values separated by `:` and `port`
is the port number in decimal format, for example "[%x:%x:...:%x]:%u".
This commit enhances `RoutingManager` so that when we decide to
advertise the local on-link prefix and publish it in Network Data as
an external route, we wait for it to be seen in the leader's Network
Data before including it in the emitted RA messages as PIO. If the
prefix is already present in Network Data (e.g., may have been added
by another BR on the same Thread mesh) we start advertising it
immediately. When publishing prefixes in Network Data, it may take a
short random time before the entry is registered with leader and the
updated Network Data is propagated to all Thread nodes. This change
delays the advertisement of the on-link prefix on the infra link side
till it is configured as an external route on the Thread side.
This commit removes `OT_UNREACHABLE_CODE(break)` which is used
in `case` statements performing an `OT_ASSERT()` in a `switch` block.
If the `case` is the last one in the `switch` we can skip the `break`
and therefore we don't need to use `OT_UNREACHABLE_CODE()`.
This commit updates and enhances the mechanism in `RoutingManager`
to publish/unpublish external route prefixes in Thread Network Data.
Instead of each sub-component (e.g., `DiscoveredPrefixTable`,
`LocalOnLinkPrefix`, `Nat64PrefixManager`, ...) directly trying to
publish/unpublish its entries which can lead to conflicting requests
that then needs to be checked and handled by each component, this
commit adds a new method `EvaluatePublishingPrefix()`. This method
makes a collective decision by checking with different sub-components
to see whether or not each wants this prefix published and if so at
what preference level and flags.
This change help simplify the code and handling of conflicting
situations and edge cases (e.g., while deprecating current/old local
on-link prefix, other routers adding/removing same prefix as PIO or
RIO in their emitted RAs).
This commit renames and updates the `LinkMetrics::FindNeighbor()`
helper method which finds the neighbor for a given link-local address
for use in `LinkMetrics` class. This method now also validates that
the neighbor's Thread version is 1.2 or higher.
The build might fail when using build systems other than cmake and
NAT64_TRANSLATOR is enabled.
- Reorder the functions in `src/posix/platform/netif.cpp`
- Define a default NAT64 CIDR
- Define `kNat64RoutePriority`
This commit updates `NetworkData::Publisher` to reserve a set of
prefix entries for use by `RoutingManager` only. This allow us to
simplify how `RoutingManager` publishes route prefixes in Network
Data (assert on failure). In particular, this commit defines a new
enum `Requester` which specifies the requester (`kFromUser` or
`kFromRoutingManager`) associated with a published prefix. This is
used by methods `PublishExternalRoute()`/`PublishOnMeshPrefix()`.
When allocating new entries, we ensure that each requester is
limited to its maximum number of entries.
This commit adds a new class `Tmf::SecureAgent` as a sub-class of
`Coap::CoapSecure`. It also simplifies the handling of TMF URI
resources by secure agent (similar model as in `Tmf::Agent` added
in #8233.
Two changes made together broke fragmented packets handling: Some time
ago forwarding packets outside of thread was limited to 1280 bytes
Recently forwarding IP packet fragments was disabled. This makes it
not forward packet fragments nor fully assembled packets. According
to later change author this was to prevent packets from being handled
twice.
To fix this, forwarding of IP fragments was restored and instead
forwarding of reassembled frames was disabled regardless of the frame
size. This approach should save the need of fragmenting already
reassembled packets to fit into the
OPENTHREAD_CONFIG_IP6_MAX_DATAGRAM_LENGTH.
Signed-off-by: Marek Porwisz <marek.porwisz@nordicsemi.no>
This commit updates and simplifies the handling of TMF URI resources.
The new model centralizes the processing and dispatching of URI
handlers in `Tmf::Agent`. It should help reduce memory (RAM and
code) use as well.
- A new enumeration `Uri` type is defined specifying all the TMF
URIs along with functions to map between `Uri` and the related
URI path string.
- We use binary search in a sorted table to match a path string
(e.g., from a received CoAP message) to its corresponding URI.
- `Coap` class is updated to allow sub-classes to register an
optional `ResourceHandler` to handle URI resources.
- `Tmf::Agent` uses the new `ResourceHandler` to process the TMF URI
resources and invoke the related handlers on the proper module
(e.g., passing `kUriAddressQuery` to `AddressResolver` module,
`kUriActiveSet` to `MeshCoP::ActiveDatasetManager`, etc).
- The TMF handlers are defined as `HandleTmf<Uri>()` template method
specializations which are defined on the proper module.
- Most URI handlers can be processed at any time but some perform
additional checks, e.g., `kUriAddressSolicit` is passed to
`Mle::MleRouter` which checks that device role is leader before
processing the request.
This commit add a new feature in `Srp::Client` to allow user to
specify the lease and/or key lease intervals explicitly per service.
The lease intervals in a service can be left unspecified(set to zero)
in which case the default lease intervals will be used.
In an SRP Update message, the lease info is included in additional
section in an Update Lease Option record. Therefore the lease values
are applicable to the entire message and all its records. If we have
services with different lease intervals, they need to be registered
in separate messages. This commit updates `Srp::Client` to implement
such a mechanism. When preparing an SRP message, we first determine
the lease and key lease intervals and ensure the services using
matching intervals are included in the message.
This commit also updates and simplifies the "single service mode"
functionality to use the newly added mechanism for tracking which
services are included in the message.
This commit adds `test_srp_register_services_diff_lease` which covers
the behavior of the newly added mechanisms.
This commit updates `EnergyScanClient` and `EnergyScanServer`.
On server side, we prepare the report message after we parse the
request and directly append the results in the report message as
energy scans are performed. Client side is also updated to
correctly handle the case where the report message contains
greater number of results that can be supported on the client
based on its configuration.
This commit updates `Dns::Client` so that when reading service info
`otDnsServiceInfo` if the received TXT data does not fit in the given
buffer, it is read partially. A new field `mTxtDataTruncated` is added
in `otDnsServiceInfo` to indicate that TXT data was not fully read.
This commit also updates `dns` related commands in CLI so to output
the partially read TXT data and add a new config specifying the max
TXT data size used by CLI.
This commit updates CLI `SrpServer`, `CoapSecure`, `UdpExample`, and
`TcpExample` to use the template `Process<Cmd("cmd")>` model. This
helps make them similar to other CLI modules.
This class adds a template sub-classes of `TimerMilli/Micro` which
allows us to directly specify an `Owner` for timer along with handler
callback as a member method of `Owner`. This helps simplify the
use of `Timer` in core module.
`mbedtls_ssl_conf_sig_hashes` was deprecated in 3.2.0, and we
attempted to move over to the new recommended function. That new
function expects `MBEDTLS_TLS1_3_SIG_` type arguments.
This commit fixes the "single service mode" behavior to handle
if there are many simultaneous service removes. It also updates the
test to cover this situation.
This commit updates the default `LeaseConfig` intervals used by
`Srp::Server` to accept any requested lease time between 30 seconds
and 27 hours and any requested key lease time between 30 seconds and
189 hours.
We have to add the `OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE` definition
to `ot-config` because OpenThread core libraries will set config file
to "openthrad-core-posix-config.h" which depends on
`OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE` to correctly enable
PLATFORM_NETIF and PLATFORM_UDP features. Otherwise, OpenThread core
and posix libraries will use different feature definitions.
This commit updates `Clearable<Type>::Clear()` method to perform
`static_cast<Type *>(this)`. This ensures CRTP-style use and also
allows the `Clearable` to be used for types that may not be a
standard layout type (and/or more generally in cases where empty
base optimization may not be applied).
This commit updates `RoutingManager` to ensure to unpublish the old
local on-link prefix being deprecated on ext PAN ID change if the ext
PAN ID happens to change again before the previous deprecating prefix
is expired. Note that the code supports retaining one old deprecating
prefix entry since back-to-back ext pan ID change is not expected as
a typical use-case. This commit also updates `test_routing_manager`
to cover and test this scenario.
This commit updates `IsReceivedRouterAdvertFromManager()` which checks
if a received RA message was prepared by the `RoutingManager module
itself to allow deprecating PIOs in the RA message. These will handle
the case when old on-link prefix(es) (e.g., on extended PAN ID change)
are being deprecated.
This commit adds a unit test for `Srp::Server` (which also covers
`Srp::Client`) building a foundation for writing tests covering edge
cases of SRP server and its interaction with platform "update handler"
callback and SRP client.
For example, the test validates behavior of SRP sever, when
"update handler" accepts, rejects, or ignores (waits for timeout)
the received SRP updates. The test also validates that all heap
allocated objects (used by SRP sever) are properly freed under
different scenarios (validating that there is no heap object leak).
This commit adds new APIs and mechanisms to support `AutoEnableMode`
in SRP server. This mode allows us to delegate the control of SRP
server (when it is enabled or disabled) to the Border Routing
Manager.
Under this mode, SRP sever is auto-enabled if/when `RoutingManager` is
done with the initial prefix and route setup, i.e., when the OMR and
on-link prefixes are determined, advertised in the emitted Router
Advert message on infrastructure side and published in the Thread
Network Data. This ensures that bi-directional connectivity is set up
before allowing service registration and discovery to start. The SRP
server is auto-disabled if/when BR is stopped, for example, when the
infrastructure network interface is brought down or when the BR gets
detached.
This commit also adds CLI commands for the new APIs and adds a
test-case in `test_routing_manager` to test and validate the newly
added mechanism.
This commit adds separate `tpclp-ftd` and `tcplp-mtd` libraries.
Each library is then `target_link_libraries()` with the related
`openthread-ftd/mtd`. This should help avoid situation where both
`openthread-ftd` and `openthread-mtd` are included as dependency
and linked and address linker failures under certain versions of
`clang`.
This commit adds `Nat64PrefixManager` class in `RoutingManager` which
contains the NAT64 related logic including generation of local NAT64
prefix, discovery of infra interface prefix, maintaining the
discovered prefix lifetime, and selection of the NAT64 prefix to
publish in Network Data. This class encapsulates all variables and
methods related to NAT64.
This commit changes the format of the configuration file from JSON to
YAML, as YAML is designed for human interaction and better suitable
for configuration than JSON.
This commit fixes two DTLS session issues on Posix:
- Fix the issue that UDP connect would cause the kernel socket to bind
to an address that might be different from the address used by the
Commissioner.
- Set the socket address to avoid kernel selecting an incorrect source
address.
This commit fixes the bug that `mdns_query` inserts `ip6tables` rules
in an incorrect order. It also uses `ip6tables -F INPUT` to flush the
`INPUT` chain after mDNS query is done.
This commit introduces `nat64` command and 4 new subcommands
(`configuredcidr`, `configuredprefix`, `mappings`, `counters`)
nat64 cidr -- Get the configured CIDR for NAT64 translator.
nat64 mappings -- Get the mappings of NAT64 translator.
nat64 counters -- Get the packet counters and error counters of NAT64
translator.
This commit also introduces related API for the above commands, and
`otIp4AddressToString` & `otIp4CidrToString` for the CLI to format the
IPv4 address and CIDR.
This ensures that `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` is
defined in `config/srp_client.h` and can be safely used for defining
`OPENTHREAD_CONFIG_SRP_CLIENT_BUFFERS_MAX_HOST_ADDRESSES`.
This commit updates `RoutingManager` to deprecate a previously
advertised local on-link prefix when extended PAN ID gets changed.
The local on-link prefix is derived from Thread network extended PAN
ID. On extended PAN ID change, we continue to include the the old
prefix (if it was being advertised) in the emitted RAs as PIO (with
zero preferred lifetime) and continue to publish it in Network Data
up to its lifetime. This ensures that any device on infrastructure
link side that may be using an IPv6 address based on this old prefix
can continue to communicate with the Thread mesh devices.
This commit also adds a test-case in `test_routing_manager` to
validate the behavior of the newly added mechanism when ext PAN ID
changes while the local on-link is being advertised and also while
it was being deprecated.
This commit adds `RsSender` class in `RoutingManager` which contains
the logic related to the transmission of Router Solicitation
(RS) messages to discover other routers. This class encapsulates all
variables, constants, and methods related to the RS transmission
mechanism(number of RS messages in a cycle, time intervals, etc).
This commit updates the `Srp::Server` to log the processed info in a
received SRP Update message, such as host name, lease times, host
addresses, all services (and sub-types) being added or removed. The
info is logged before invoking the "update handler" and/or committing
the info into existing data. This change can help with debugging
issues.
This commit updates `otSrpClientEnableAutoStartMode` documentation
to describe how the preferred server is determined from Network Data
entries (different Network Data entry categories, their order of
preference, and how to handle when there are multiple options within
the same category).
This commit updates `SeriesFlags` definition to map to the public
`otLinkMetricsSeriesFlags` struct and adds helper methods to convert
to or set it from a `uint8_t` flags bitmask which is read or written
in the TLVs.
This commit adds a new method `ScheduleRoutingPolicyEvaluation()` in
`RoutingManager` which combines the logic from different related
methods. This helps simplify the code. The new method accept an enum
`SchduleMode` input which indicates the rule to use when determining
the next policy evaluation time, e.g., schedule it immediately, or
after a random delay, or after short random jitter time to reply to
a received RS, etc.
This commit updates `DiscoverScanner` so when scan operation is
finished it uses a `Tasklet` to clear the state and invoke the
callback. This allows users to safely call OT APIs from the
callback.
This commit updates CLI `linkmetrics query` command to allow it
to be used in blocking mode (wait for response to query). This
is then used in different tests to validate the `LinkMetrics`
module behavior. In particular, `v1_2_test_single_probe` and
`v1_2_LowPower_7_2_01_ForwardTrackingSeries` are updated to
validate that the received query report message is correctly
parsed.
This commit updates `Mle::DetachGracefully()` to stop Border Router
`RoutingManager`. This ensures that BR will have the chance to send
a final Router Advertisement message desecrating/removing its
previously advertised on-link or route prefixes.
This commit imports `Crypto` module only when it's used.
This helps thread-cert tests that do not use message factory to run
without having to install `Crypto` module.
We decided to rename BORDER_ROUTING_NAT64 to NAT64_BORDER_ROUTING so
the flag won't be confusing since we have NAT64_TRANSLATOR which does
not depends on the border routing manager.
This commit renames the method from `ReadTlv()` to `ReadTlvValue()`
to emphasize that it read the TLV value only (unlike `FindTlv()` helper
methods which find and read the whole TLV).
This commit harmonizes the constant used to indicate an "Invalid RSSI
value". It defines `Radio::kInvalidRssi` which is then used in all
core modules replacing `OT_RADIO_INVALID_RSSI` and similar constants
in `SubMac/Mac`.
This commit simplifies the helper functions that convert between
link margin, link quality and RSS (replacing the `static` methods
in `LinkQualityInfo`).
This commit adds `FwdProbingRegSubTlv` which is used to simplify
`SendMgmtRequestForwardTrackingSeries()` implementation. Similarly
`EnhAckConfigSubTlv` is updated and used to simplify method
`SendMgmtRequestEnhAckProbing()`.
This commit updates `ProcessServiceDiscoveryInstructions()` method
to use `Dns::Name::IsSubDomainOf()` to validate the relation between
service instance name and the base service name.
This commit updates the `RoutingManager` such that if we see that that
current favored discovered on-link prefix (from processed RAs from
other router) matches our local on-link prefix, we start/continue
advertising it as well. The local on-link prefix is derived from
extended PAN ID and therefore is the same for all BRs on the same
Thread mesh. Having multiple BRs advertise the same on-link prefix
adds redundancy (in case one BR goes offline).
This commit updates the scaling of the link margin and RSSI metrics.
The metric values are scaled when appended in the message (in a
Report sub-TLV) or when they are read back from received message. The
stored value in `MetricsValues` are changed to be always the actual
metric value (not the scaled value). This ensures that the value are
stored in proper int type (e.g., RSSI is `int8` vs the scaled value
which is `[0,255]`). Methods are added to perform the scaling which
now rounds to closest integer ensuring the reverse scaling gives back
the original value. Unit test is added to validate the scaling
methods.
This commit adds a check `Get<ChildTable>().Contains(Neighbor &)`
to ensure that the neighbor is from the child table before casting
the neighbor entry to `Child`. This adds safety and protection against
potential corner-case where we have a neighbor entry which is
`Parent` or `ParentCandidate` that is a REED.
This commit adds `ParentCandidate` in `Mle` class (as a sub-class of
`Parent`) and moves all member properties related to parent candidate
to this new class.
This class adds a template sub-class of `Tasklet` which allows
us to directly specify an `Owner` of tasklet along with handler
callback as a member method of `Owner`. This helps simplify the
use of `Tasklet` in core module.
This commit updates `LinkMetrics::HandleReport()` method:
- Fixes issue where `Status` sub-TLV would not be read.
- Uses `Tlv` helper method to read the sub-TLVs.
- Reads `ReportSubTlv` directly from message and uses its methods
to get the metrics values.
- Fixes issue where we would not skip over unknown sub-TLVs
correctly.
This commit fixes random 2015 frame version issue while attaching to
REED. the problem was caused by unconditionally casting Router structure
to Child structure and making out of original structure memory access.
Signed-off-by: Przemyslaw Bida <przemyslaw.bida@nordicsemi.no>
It can run all Thread 1.2 test cases with simulations now except those
requiring multiple versions support. It has been tested with the DUT
being a role of Router, Leader, Border Router, BR_1 and BR_2.
Status sub-TLV has a single `uint8_t` status value so we can use
declare it as `UintTlvInfo<SubTlv::kStatus, uint8_t>` and then use
helper `Append<StatusSubTlv>` and `Read<StatusSubTlv>` to append
and read it.
According to the Spec, egress packets from LLA should not be
forwarded. Linux kernel doesn't automatically block such forwarding
so that we need to check this before adding the MFC entry.
This commits add `GetTwoWayLinkQuality()` method to `Router` class
which returns the minimum of router's Link Quality In and Out
values. It also adds `GetLinkQualityIn()` to `Neighbor`. These
are used in `Mle` and `MeshForwarder`.
This commit simplifies the `LinkMetrics::AddReport()` method so that
when preparing the MLE Link Metrics Report TLV (and its sub-TLVs) we
determine the TLV length after all sub-TLVs are appended to the
message from the number of written bytes in the message (difference
between `aMessage.GetLength()` and initial offset of the TLV). This
allows to simplify methods `AppendReportSubTlvToMessage()` and
`AppendStatusSubTlvToMessage()` as well.
This commit adds a new header files `link_metrics_types.hpp` which
includes all `LinkMetrics` related types and constants. The related
type definition are moved to this header from `link_metrics.hpp` and
`link_metrics_tlvs.hpp` (which now contains the TLV definitions only).
This commit also moves the more complex method implementations to the
`cpp` file.
This commit changes the definitions (member variables, constants, and
methods) related to graceful detach mechanism to be `private` instead
of `protected` since they are only accessed/used by the `Mle` and not
by its sub-class `MleRouter`.
This commit addresses integer conversion warnings in `LinkMetrics`.
In particular it updates `ReadTypeIdFlagsFromMessage()` to use
`uint16_t` as offset value (instead of `uint8_t`).
This commit updates the `RoutingManager` to allow domain prefix from
Network Data to also be considered during OMR selection. In
particular:
- `IsValidOmrPrefix(config)` now accepts prefixes with `mDp` flag.
- `OmrPrefix` now tracks whether the prefix is domain prefix.
- When appending RIO in RA message, the domain prefix is always
excluded (independent of whether or not it is the current favored
OMR prefix).
This commit also updates the `test_routing_manager` unit test to add
a test case checking behavior of `RoutingManager` when a domain prefix
is selected as the favored OMR.
This commit adds a new enum `Ip6::MessageOrigin` which indicates the
origin of the message: From Thread Netif or from host. In case the
message is originating from host, it also indicates whether or not it
is allowed to pass back the message to the host.
This commit:
- implements the core logic for translating packets for NAT64,
including the public APIs exposed to platform daemons.
- includes changes for POSIX platform, use `OT_POSIX_NAT64_CIDR`,
`OPENTHREAD_POSIX_CONFIG_NAT64_CIDR` for setting the CIDR for NAT64
during build time.
- exposes `otNat64Send(otInstance *aInstance, otMessage *aMessage)`
and `void otNat64SetReceiveIp4Callback(otInstance *aInstance,
otNat64ReceiveIp4Callback aCallback, void *aContext)`.
According to Thread Spec, PBBR should not forward a multicast packet
from Thread interface to Backbone interface when the source address is
Mesh-Local.
This commit harmonizes and simplifies the code related to asserting
that the OT API pointer parameters are valid and not `nullptr`.
`OPENTHREAD_CONFIG_ASSERT_CHECK_API_POINTER_PARAM_FOR_NULL` is added
which when used performs assert check on all pointer inputs to APIs.
This is either done within `AsCoreType()` when the pointer is
converted to its related core type, or by a direct call to newly added
macro `AssertPointerIsNotNull()`.
Since enabling assert checks on every API parameter can increase code
size, this config is disabled by default and it is recommended to use
it during debugging only.
This commit adds `Parent` class as a sub-class of `Router` and moves
the CSL accuracy definitions in `Parent` class (from `Router`) since
we need to track CSL info only for the parent and not other entries
in the router table. This helps reduce the memory/RAM used by router
table.
This commit updates `RouterTable::Allocate()` to use Reservoir
sampling algorithm to randomly select a router ID while iterating
through the list of available IDs.
This commit updates `Ip6::HandleDatagram()` and removes the local
`netif` variable and directly uses `ThreadNetif` instead. Note that
the input parameter `aNetif` is either `nullptr` or points to
`ThreadNetif`, and in both cases the local variable `netif` will be
set to point to `ThreadNetif`.
This commit updates `LinkMetrics::AppendReport()` to ensure
the `values.mPduCountValue` (which is a `uint32_t`) is stored in
the host MCU encoding and not in big-endian encoding.
This was originally added in #7046 as a fix (basically saving the
value in local variable in the encoding we expect to later include
in the Report TLV), however #8006 updates the `ReportSubTlv` methods
to do the encoding change in the `Get/SetMetricsValue32()` (similar
to other OT `Tlv` definitions).
The CSL accuracy is represented as two parameters: clock accuracy in
ppm, and uncertainty in units of 10 microseconds. These two parameters
are often used together. This commit adds a new class `CslAccuracy`
encapsulating both. This new type is used in `Mac` and `Mle` methods
allowing us to pass both in one object.
This commit also adds `Mle::RxMessage::ReadCslClockAccuracyTlv()` to
read and parse the CSL Accuracy TLV value from a given received MLE
message.
This commit adds `thread/version.hpp` which defile Thread Version
constants. It also changes the `mVersion` in `Neighbor` class to
use `uint16_t` to track the version. This help harmonize it with
the MLE Version TLV and and version in `Settings`. Due to memory
alignment of existing member variables the change (from `u8` to
`u16`) does not increase the memory requirement for child or router
table.
This commit adds a smaller enhancement in `Ip6::HandlePayload()`. If
support for TCP `OPENTHREAD_CONFIG_TCP_ENABLE` is not enabled, we
exit early from this method before potentially creating a clone of
the message (to free later).
After BBR restarting, in order to receive the packets from multicast
group, the devices, which have registered multicast group addresses to
that BBR, needs to re-register these groups. In current logic, the
default max reregistration delay is too large (1200 seconds).
This commit increase the routing policy evaluation jitter from 1
second to 2~4 seconds to avoid adding on-link prefix when the AIL GUA
prefix is unavailable for a very short duration (usually during GUA
prefix renewing).
This commit adds `otThreadSearchForBetterParent()` to start the
process on a child to search for a better parent while staying
attached to its current parent. This commit also adds a related CLI
command `parent search`.
This commit moves the code for getting the parent info from the
`thread_api.cpp` to `Mle` class `GetParentInfo()` method. It also
updates the `Router::Info::SetFrom()` to populate the `mVersion` and
the newly added CSL related fields. This allows us to re-use the
same code for both router or parent info.
This commit adds a new struct `RaInfo` in `RoutingManager` which
tracks info about emitted RA messages: Number of RAs sent, last tx
time, header to use and whether the header is discovered from
receiving RAs from the host itself. This helps encapsulate all
related info in one data structure.
This commit adds generic helper functions:
- `Min()` to get the minimum of two values,
- `Max()` to get the maximum of two values, and
- `Clamp()` to clamp a value to a given closed range from a minimum
up to a maximum value. It also adds functions
- `ClampToUint8()` and `ClampToUint16()` to clamp a `uint` value to
a smaller bit-size (`uint8_t` or `uint16_t`) range.
- Updated the following deprecated APIs with their respective alternatives
- `mbedtls_ssl_conf_min_version` => `mbedtls_ssl_conf_min_tls_version`
- `mbedtls_ssl_conf_max_version` => `mbedtls_ssl_conf_min_tls_version`
- `mbedtls_ssl_conf_sig_hashes` => `mbedtls_ssl_conf_sig_algs`
- Updated the parameter data-type for `mbedtls_ssl_conf_sig_algs`
(list of allowed signature algorithms) from `int` to `uint16_t`
- Added macros for backward compatibility
This commit fetches the NAT64 prefix on infrastructure interface and
advertise it to Network Data at medium preference.
- Use `getaddrinfo_a()` function to asynchronously lookup the ipv6
address of the special domain `ipv4only.arpa`. The infrastructure
NAT64 prefix is extracted from the domain answer.
- `mInfraIfNat64PrefixStaleTimer` is scheduled to monitor the presence
and change of infrastructure NAT64 prefix.
- `EvaluateNat64Prefix` evaluates whether to advertise the
infrastructure prefix or the local ULA prefix or neither. When there
is a new infrastructure prefix, it will withdraw the legacy one and
add the new one. When the infrastructure prefix no longer exists, it
will withdraw the legacy one and add the local ULA prefix. When the
infrastructure prefix presents again, it will add the infrastructure
prefix and withdraw the local ULA prefix.
New tests are added to test the scenarios when infrastructure NAT64
prefix exists. `DNS64` on OTBR is turned on to enable `bind9` with
NAT64 prefix on infrastructure interface for these tests. `bind9` is
explicitly turned off when testing local ULA prefix. Since bind9 is
conflict with other components like dnssd, all nat64 tests are moved
under /nat64 directory and configured separately.
The case that two or more BRs have same infrastructure NAT64 prefix is
not covered by this commit and will be followed up later.
This commit updates `IsValidOmrPrefix()` to use `IsUniqeLocal()`
method of `Ip6::Prefix`. This relaxes the check to allow any ULA
prefix and not necessarily with 64 bits prefix length.
This commit moves more complex methods of `Ip6::Prefix` class to the
`cpp` file. It also simplifies the `IsLinkLocal()` implementation. It
also updates unit test `test_ip_address` to validate `IsLinkLocal()`,
`IsMulticast()`, and `IsUniqueLocal()` methods.
This commit adds `Mle::TlvList` type which represents a list of MLE
TLV types. It provides helper methods to `Add()` TLVs to the list
ensuring that any TLV type is included only once. The `TlvList` is
used when parsing "TLV Request TLV" or preparing which TLVs to
include in an MLE message.
BBR related configurations was previously removed for Thread 1.3 BRs.
However, when running 1.2 test case for a Thread 1.3 BR, these
configurations are still necessary.
This commit restores BBR dataset configurations for 1.2 BR_1/BR_2
roles.
This commit updates how unspecified CSL channel is conveyed in MLE
messages. Special value of zero in CSL Channel TLV is used to
indicate that the CSL channel is unspecified. The exclusion of the
TLV keeps the CSL channel as before (no change to the previously
set CSL channel).
This commit contains fixes and enhancements related to processing
of CSL Channel TLV and CSL Clock Accuracy TLV in MLE messages:
- Updates/adds `IsValid()` method to check if TLV is well-formed.
In particular, we check the TLV length to be at least the
expecte length (but can be larger) to allow for future changes
to the TLV format (adding new fields while remaining backward
compatible).
- Ensure to verify that the read TLV is valid before using its
content.
- Fix processing of Accuracy TLV in `HandleChildUpdateResponse()`
(where we could use incorrect values if TLV was not present).
This commit contains smaller enhancements in MLE:
- We use `static const` to define array of TLVs to request.
- Rename the const arrays to `kTlvs`.
- Adds template `AppendTlvRequestTlv()`.
- Adds template `SendDataRequest()`.
This commit extends the Thread API to allow a CSL Receiver application
to adjust its CSL parameters depending on the parent capabilities.
Specifically, it might decide to switch to polling operation instead
of CSL synchronization when the attached parent does not support CSL
Transmitter role (Thread Version 2) or it advertises poor CSL accuracy
or uncertainty.
With changes in #7554 the `Metadata` stuct size in `Message` increased,
leading to unsufficient message buffer size when the maximum number
of children is configured, due to the variable size of `ChildMask`.
Furthermore, enabling CoAP Blockwise option also extends the message
buffer size requirements.
This commit documents those cases and makes it clearer
for users how to overcome the possible building issues.
There is no hard dependency in the Thread specification which requires
the use of deterministic signatures. On the contrary, looking at the
tinycrypt implementation, that one issues randomized ECDSA signatures
and seems to be quite happy with that.
This change does not change the default behaviour, which is to use
deterministic ECDSA when using the default MbedTLS backend. It does
however make it possible for platforms which have qualified hardware
entropy to select 'plain' ECDSA instead, which gives both a performance
and code size improvement on those platforms.
This commit adds a new struct `Mac::Addresses` which represents two
MAC addresses corresponding to source and destination. This type
is then used in `MeshForwarder` and `Lowpan` methods allowing us
to pass both source and destination addresses as one parameter.
This commit simplifies `RoutingManager` by adding a nested class
`LocalOnLinkPrefix` which encapsulates the local on-link prefix
related info and functionality. It tracks the state of the prefix,
i.e. whether we are advertising, deprecating or not including it. It
provides a method to append it as a PIO in an RA message and uses a
timer to keep track of the prefix's lifetime (since the last time it
was advertised in an RA message).
This commit also updated the `test_routing_manager` unit test to add
`TestLocalOnLinkPrefixDeprecation()` checking the deprecation and
expiration of local on-link prefix.
After a factoryreset the `ot-ctl` may fail to connect to the socket
for ~10 seconds. In such a situation, if OTCI sends a new command,
`execute_command` will receive an exception and will retry the same
command for several times. Such retries will immediately fail because
`ot-ctl` connection is still down and there's no time gap between two
retries. Hence we should add some wait time before retrying so that
it gives `ot-ctl` some time to recover the connection.
This commit enhances OT CMake config options allowing them to use 3
values of "on", "off", and unspecified (empty string).
With this change is an `OT_{FEATURE}` option is set to "off", it is
explicitly disabled (`-DOPENTHREAD_CONFIG_{FEATURE}=0` is added which
defines the corresponding OT config as zero). This changes the CMake OT
option behavior from before where "off" was treated as unspecified.
If `OT_{FEATURE}` is left unspecified (or set to empty string), then
the related OT config is not defined by CMake build allowing it to be
to be determined by other means, e.g., a project specific config
header or default config specified in `src/core/config` header files).
This commit adds a CMake macro `ot_option()` to help simplify defining
CMake OT config options. This macro also help emit status messages
indicating the value of each OT config.
This commit contains smaller enhancements and fixes in `Lowpan`
related to IID calculation and compression:
- It updates `ComputeIid()` to return `Iid` only.
- `ComputeIid()` now uses the newly added `ApplyPrefix()` which
ensures the prefix bits are set in IID (if prefix len > 64).
- `CompressIid()` methods are simplified to use `IsLocator()`
method to determine if the IID matches the locator pattern.
This commit adds a new method `InterfaceIdentifier::ApplyPrefix()`
which applies a given prefix to an IID. This is applicable only when
the prefix length is longer than 64 bit. In this case, only the bits
in the IID up the prefix length are changed to match the prefix and
the remaining bits are left unchanged. This commit also updates the
unit test to validate the behavior of the new method.
This commit contains smaller enhancements in `Lowpan` related to
`Context`. It adds a new member variable `mIsValid` to this struct
which indicates whether we have a valid context. It also adds new
methods `FindContextForId()` and `FindContextToCompressAddress()`.
These methods will either retrieve a related context or `Clear()`
it (to indicate that there is no valid context and also set it ID
to zero which is the default used in lowpan compression).
This commit adds `border_routing.h` and `border_agent.h` header
files for OT configuration related to Border Routing Manager and
Border Agent (removing the definitions from `border_router.h`).
This commit updates `MeshForwarder::PrepareDataFrame()` to use
`FrameBuilder` to prepare the frame. It also updates `Lowpan`
fragment header definitions and adds `FirstFrag` and `NextFrag`
nested types. The unit test `test_lowpan` is also updated to
use the new types.
This commit adds `Insert()` and `Remove()` methods in `FrameBuilder`.
`Insert` can be used to insert new content in the frame at a given
offset moving any previously written content forward. `Remove()` can
be used to remove previously appended content from the frame moving
any content after the removed bytes backward. This commit also adds
`GetRemainingLength()` to get the remaining length (number of bytes
that can be appended) in the frame buffer, and `SetMaxLength()`. Unit
test `test_frame_builder` is also updated to validate all the newly
added methods.
This commit updates `test_routing_manager` unit test to validate the
behavior of `RoutingMangaer` related to default route prefix (when AIL
routers advertise default route in RA header or as `::/0` prefix in an
RIO).
This commit updates `test_routing_manager` unit test and adds a new
set of helper methods to simplify the implementation of test-case:
- `VerifyOmrPrefixInNetData()` to check OMR prefix in Network Data.
- `VerifyExternalRoutesInNetData()` to check external route prefixes
in Network Data.
- `VerifyPrefixTable()` to check the on-link and route prefixes in
discovered prefix table.
- Different flavors of `SendRouterAdvert()` to send RA with different
PIOs, RIOs, and default route info (in header).
This commit also breaks the test-cases into multiple functions each
covering specific aspect.
This commit fixes `MleRouter::HandleChildUpdateResponse()` to use the
MLE `StatusTlv` instead of `ThreadStatusTlv` when parsing a received
MLE Child Update Response (from a child).
After upgrading to a router, the device will wait until it receives a
Route TLV from a neighboring node indicating that the new Router ID
has been allocated. In normal cases, this is not an issue since the
Leader will disseminate a new Router ID Sequence after allocating a
new Router ID. However, in some scenarios, a device may request the
same Router ID that was previously allocated and significantly delay
establishing links with neighboring routers. With this commit, a
device will immediately send a Link Request if the Router ID was
previously allocated.
This commit updates `test_mle_msg_key_seq_jump` to increase the wait
time after key index change for MLE advertisement transmissions. The
MLE advertisement uses trickle timer with max interval of 32 seconds.
Based on this the max interval between two consecutive advertisement
transmissions can be 1.5 times the trickle timer max interval or 48
seconds. The test uses 52 sec as wait time which includes a 4 sec
additional guard time to account for any action and/or message
exchanges after rx of an advertisement. This change should help
address the occasional failures of this test.
This commit adds a new feature in `MeshForwarder` to specify a max
limit for the number of frames in tx queue marked for direct
transmission. `OPENTHREAD_CONFIG_MAX_FRAMES_IN_DIRECT_TX_QUEUE`
specifies the maximum number. If set to zero then this behavior is
disabled, i.e., no check is performed on tx queue length.
This commit also adds a new message action log "Dropping (dir queue
full)" which indicates when a message is being dropped due to the
newly added check.
This commit relaxes the pass condition for `test-017` which checks
that after a parent is reset it uses "MLE Child Update Request" to
recover its previous children. This is indirectly validated by
monitoring number of state/role changes on the children. With the
recent change which increases the number of MLE Parent Requests, the
window of time where parent is detached is increased and if during
this time a child tries to send to the parent it can detect that
parent is reset and detach itself causing the test to fail. This
commit relaxes the pass condition to at least one child recovering
using "Child Update" mechanism.
This commit renames the `DiscoveredPrefixTable::Entry` method to
`SetFrom()` from `InitFrom()` to make it clear that this method can
be used on an existing entry to update it.
This commit updated how `RoutingManager` selects the set of prefixes
to advertise as RIO in emitted RA messages from the BR. The related
code is now moved to `SendRouterAdvertisement()` method (instead of
previously being in `EvaluateOmrPrefix()`). Since the array for
storing the advertised prefixes has a limited size (configurable
through an OT build-time setting), we add more important prefixes
first in the array to ensure that they are advertised in the RA
message. The following order is used: (1) Local OMR prefix (if
added in Network Data), (2) currently favored OMR prefix, (3) any
other OMR prefixes from Network Data, (4) any other on-mesh prefix
(excluding Domain Prefix) from Network Data.
This commit fixes an issue with the potential overwriting of `mNext`
when existing entry in the list is updated (avoid calling `Clear()`).
It also updates `test_routing_manager` to check such a situation
and ensure that the fix is addressing the issue.
This commit adds a new class `FrameBuilder` which helps with
construction of frames in a given buffer. It provides helper methods
to append different items to the frame, e.g., bytes from a buffer or
`Message`, a `uint8`, `uint16` or `uint32` value assuming big or
little endian encoding, or a given object. It also provides methods
to overwrite previously appended content in the frame at a given
offset. This class is used in `Lowpan` (replacing `BufferWriter`)
which helps simplify the code. This commit also updates `Appender` to
use the `FrameBuilder` and adds a new unit test for `FrameBuidler`.
This commit updates the code to allow the config combination of
`OPENTHREAD_CONFIG_MESSAGE_USE_HEAP_ENABLE` along using external heap
`OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE`. This commit updates `Message`
`GetFreeBufferCount()` and `GetTotalBufferCount()` methods to return
special value `0xffff` under this config combo indicating the numbers
cannot be estimated.
This commit also updates `check-simulation-build-autotools` to add
such a build config so to be covered as part OT CI tests.
This commit updates the `Srp::Client` to add a randomly chosen short
delay before delay wait time before sending an update message. This
replaces the current model which was adding a fixed short delay.
Selecting the delay randomly helps in situations where some common
event triggers multiple SRP clients on Thread mesh to send an SRP
update(e.g., new OMR prefix causing new addresses, or a server entry
change on Thread Network Data).
Change the definition of OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE
through target_compile_detinifions().
Signed-off-by: Luis Ubieda <luisubiedas@gmail.com>
This commit adds a unit test for `RoutingManager` which builds a
foundation for writing test cases covering different behaviors of
`RoutingManager`, e.g., validating emitted router advertisements,
sending custom RA messages from different routers on AIL, adding or
removing entries in Network Data while monitoring the behavior of
`RoutingManager`.
This commit updates `RoutingManager` to remember the currently favored
OMR prefix (which can be an OMR prefix discovered from Network Data
or device's local OMR prefix). It adds a new public API to retrieve
this prefix and adds a related CLI sub-command.
This commit changes `RoutingManager` so to include all on-mesh
prefixes from Thread Network Data excluding domain prefix as Route
Info Option in the emitted Router Advertisement messages.
This commit changes `Mac::UpdateCsl()` to ensure we inform `SubMac`
and disable CSL when CSL support changes (e.g., device gets
detached). This ensures that `SubMac` internal variables (CSL period,
channel) are updated on a detach and if the device later attaches
again, we detect the change in CSL configuration and trigger the tx
of MLE Child Update Request.
The bootstrap script taps `armmbed/formulae`, and then tries
to install `arm-none-eabi-gcc` from that tap. However, if the
user has already tapped a different tap that offers
`arm-none-eabi-gcc`, then the install will fail.
This change removes the ambiguity of the install by specifying
the tap to use.
Thread BR may advertise IPv6 GUA rather than LLA. For example, Avahi
stops publishing LLA when any GUA is found on the network interface.
This commit enhances mdns_query to find border agents with
non-link-local addresses.
This commit changes the NAT64 CI tests to be ran as an independent
job. A new /nat64 folder is added and it would make it easier to
configure new NAT64 tests in the future.
With NAT64, we need to handle the IPv4 packets inside the border
router functions in OpenThread core.
This commit introduces a few new classes for NAT64:
- Add `Ip4::Cidr` (for specifying CIDR block of translated packets)
- Updated Ip4 address format -- use a union of (m8[4], m16[2], m32)
instead of 4 bytes.
- Extend `Checksum` for supporting ICMP in Ip4 (and TCP4 / UDP4) and
IPv4 header.
This commit adds a new class `FrameData` which is a sub-class of
`Data` (acts as a wrapper over a buffer pointer and a length). It is
used in `MeshForwarder` and `Lowpan` to simplify the method calls
(can pass `FrameData` instance instead of pointer and length). It
also provides helper methods for parsing the frame content (e.g.,
reading `uint16/32` value assuming big or little endian encoding).
When read successfully, the `FrameData` is updated to skip over the
read content. These methods help simplify `Lowpan` parsing and
decompression code. In particular the `Lowpan` methods now directly
update the passed-in `FrameData` to skip over the parsed header
portion (instead of returning the parsed header length).
This commit updates `Tmf::IsTmfMessage()` method to check source and
destination addresses. This change helps make this method more
generic(allow it to be used for both rx/tx messages). This commit
also simplifies the implementation (avoid using complex expression
containing multiple `&&` and `||`).
This commit updates `test-017-parent-reset-child-recovery.py` to make
it more robust by increasing the wait time for children to be
recovered after parent/leader reset. This is related to the increase
in data poll period of sleepy children to 10 sec which was done
previously to accommodate for the increased start-up time of leader
(due to change in number of MLE Parent Requests).
A new flavor of `Icmp::SendError()` is added which allows the caller
to provide the parsed `Ip6::Headers` of the error-causing message
instead the full `Message` instance. Note that the implementation of
`SendError()` only includes the IPv6 header of the error-causing
message in the payload of the ICMPv6 error message.
`MeshForwarder::CheckReachability()` method is updated to use the
recently added `Ip6::Headers` to parse the IPv6 headers from the
received frame. With the changes in this commit, we no longer need to
allocate a temporary `Message` which was used for reading the
decompressed IPv6 header and also to pass to `Icmp::SendError()` in
case of "destination unreachable" error.
This commit adds new public OT APIs to iterate over the Border Router
discovered prefix table from received Router Advertisement messages.
It also adds new CLI command to output the prefix table. The new APIs
are primary intended for testing.
This commit adds `<openthread/border_routing.h`> header and moves
all the `otBorderRouting` APIs (which are related to Border Routing
Manager) into this header. It also adds a note that these APIs are
available when `OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE` is enabled.
It also adds `border_routing_api.cpp` source file for the API
implementation.
2022-07-11 11:58:27 -07:00
3438 changed files with 347292 additions and 518671 deletions
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
## Our Standards
Examples of behavior that contributes to creating a positive environment include:
Examples of behavior that contributes to a positive environment for our community include:
-Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
-Focusing on what is best for the community
-Showing empathy towards other community members
-Demonstrating empathy and kindness toward other people
- Being respectful of differing opinions, viewpoints, and experiences
- Giving and gracefully accepting constructive feedback
-Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
-Focusing on what is best not just for us as individuals, but for the overall community
Examples of unacceptable behavior by participants include:
Examples of unacceptable behavior include:
- The use of sexualized language or imagery and unwelcome sexual attention or advances
- Trolling, insulting/derogatory comments, and personal or political attacks
- The use of sexualized language or imagery, and sexual attention or advances of any kind
- Trolling, insulting or derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or electronic address, without explicit permission
- Publishing others' private information, such as a physical or email address, without their explicit permission
- Other conduct which could reasonably be considered inappropriate in a professional setting
## Our Responsibilities
## Enforcement Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
## Scope
This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at openthread-conduct@google.com. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at openthread-conduct@google.com. All complaints will be reviewed and investigated promptly and fairly.
Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
All community leaders are obligated to respect the privacy and security of the reporter of any incident.
## Enforcement Guidelines
Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
### 1. Correction
**Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
**Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
### 2. Warning
**Community Impact**: A violation through a single incident or series of actions.
**Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
### 3. Temporary Ban
**Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
**Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
### 4. Permanent Ban
**Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
**Consequence**: A permanent ban from any sort of public interaction within the community.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.1, available at [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder][mozilla coc].
For answers to common questions about this code of conduct, see the FAQ at [https://www.contributor-covenant.org/faq][faq]. Translations are available at [https://www.contributor-covenant.org/translations][translations].
@@ -109,7 +109,7 @@ This will open up a text editor where you can specify which commits to squash.
#### Coding Conventions and Style
OpenThread uses and enforces the [OpenThread Coding Conventions and Style](STYLE_GUIDE.md) on all code, except for code located in [third_party](third_party). Use `script/make-pretty` and `script/make-pretty check` to automatically reformat code and check for code-style compliance, respectively. OpenThread currently requires [clang-format v9.0.0](https://releases.llvm.org/download.html#9.0.0) for C/C++ and [yapf v0.31.0](https://github.com/google/yapf) for Python.
OpenThread uses and enforces the [OpenThread Coding Conventions and Style](STYLE_GUIDE.md) on all code, except for code located in [third_party](third_party). Use `script/make-pretty` and `script/make-pretty check` to automatically reformat code and check for code-style compliance, respectively. OpenThread currently requires [clang-format v19](https://github.com/llvm/llvm-project/releases/tag/llvmorg-19.1.7) for C/C++ and [yapf v0.43.0](https://github.com/google/yapf) for Python.
As part of the cleanup process, you should also run `script/make-pretty check` to ensure that your code passes the baseline code style checks.
OpenThread is an open-source implementation of the Thread networking protocol, released by Google. It is designed to be OS and platform-agnostic, with a small memory footprint, making it highly portable. It supports both system-on-chip (SoC) and network co-processor (NCP) designs and is a Thread Certified Component.
The project is primarily written in C and C++, with Python used for scripting and tooling. It uses a variety of build systems, including CMake and GN, and is actively maintained with a strong emphasis on code quality and style, enforced through continuous integration.
## Building and Running
The project uses both CMake and GN as build systems. A collection of scripts in the `script/` directory simplifies the build and test process.
A bootstrap script is provided to install the required tools:
```bash
./script/bootstrap
```
### Building with CMake
The project provides CMake presets for easier configuration.
**Configure:**
```bash
cmake --preset simulation
```
**Build:**
```bash
cmake --build --preset simulation
```
### Building with Scripts
The `script/` directory contains several scripts for building the project for different configurations:
- **Simulation Build:**
```bash
script/check-simulation-build
```
- **POSIX Build:**
```bash
script/check-posix-build
```
- **ARM Build:**
```bash
script/check-arm-build
```
- **GN Build:**
```bash
script/check-gn-build
```
## Testing
The project uses CTest for testing.
To run the tests after building with the simulation preset:
```bash
ctest --preset simulation
```
### Nexus Tests
Nexus is a test framework that allows simulating multiple OpenThread nodes within a single process, enabling faster and more scalable network simulations.
For more details, see [tests/nexus/README.md](tests/nexus/README.md).
## Development Conventions
### Code Style
The project has a strict coding style, which is enforced by the `script/make-pretty` script. Before submitting a pull request, ensure your code is formatted correctly.
**Check code style:**
```bash
script/make-pretty check
```
**Format code:**
```bash
script/make-pretty
```
Key style points:
- **Indentation:** 4 spaces.
- **Naming:**
- `UpperCamelCase` for types (classes, structs, enums), methods, functions.
- `lowerCamelCase` for variables.
- `g` prefix for globals, `s` for statics, `m` for members, `a` for arguments.
- **Comments:** Doxygen is used for API documentation.
For more details, see the [STYLE_GUIDE.md](STYLE_GUIDE.md).
### Commits and Pull Requests
The project follows the "Fork-and-Pull" model. All contributions must be accompanied by a Contributor License Agreement (CLA). Pull requests are tested using GitHub Actions, and all checks must pass before merging.
For more details, see the [CONTRIBUTING.md](CONTRIBUTING.md).
@@ -10,26 +10,18 @@ OpenThread released by Google is... <a href="https://www.threadgroup.org/What-is
**...OS and platform agnostic**, with a narrow platform abstraction layer and a small memory footprint, making it highly portable. It supports both system-on-chip (SoC) and network co-processor (NCP) designs.
**...a Thread Certified Component**, implementing all features defined in the [Thread 1.2 specification](https://www.threadgroup.org/support#specifications), including all Thread networking layers (IPv6, 6LoWPAN, IEEE 802.15.4 with MAC security, Mesh Link Establishment, Mesh Routing) and device roles, as well as [Border Router](https://github.com/openthread/ot-br-posix) support.
**...a Thread Certified Component**, implementing all features defined in the [Thread 1.4.0 specification](https://www.threadgroup.org/support#specifications), including all Thread networking layers (IPv6, 6LoWPAN, IEEE 802.15.4 with MAC security, Mesh Link Establishment, Mesh Routing) and device roles, as well as [Border Router](https://github.com/openthread/ot-br-posix) support.
More information about Thread can be found at [threadgroup.org](http://threadgroup.org/). Thread is a registered trademark of the Thread Group, Inc.
@@ -54,10 +46,6 @@ We would love for you to contribute to OpenThread and help make it even better t
Contributors are required to abide by our [Code of Conduct](https://github.com/openthread/openthread/blob/main/CODE_OF_CONDUCT.md) and [Coding Conventions and Style Guide](https://github.com/openthread/openthread/blob/main/STYLE_GUIDE.md).
# Versioning
OpenThread follows the [Semantic Versioning guidelines](http://semver.org/) for release cycle transparency and to maintain backwards compatibility. OpenThread's versioning is independent of the Thread protocol specification version but will clearly indicate which version of the specification it currently supports.
# License
OpenThread is released under the [BSD 3-Clause license](https://github.com/openthread/openthread/blob/main/LICENSE). See the [`LICENSE`](https://github.com/openthread/openthread/blob/main/LICENSE) file for more information.
To report a security issue, please use [https://g.co/vulnz](https://g.co/vulnz). We use g.co/vulnz for our intake, and do coordination and disclosure here on GitHub (including using GitHub Security Advisory). The Google Security Team will respond within 5 working days of your report on g.co/vulnz.
- OpenThread uses `script/make-pretty` to reformat code and enforce code format and style. `script/make-pretty check` build target is included in OpenThread's continuous integration and must pass before a pull request is merged.
-`script/make-pretty` requires [clang-format v9.0.0](https://releases.llvm.org/download.html#9.0.0) for C/C++ and [yapf v0.31.0](https://github.com/google/yapf) for Python.
-`script/make-pretty` requires [clang-format v19](https://github.com/llvm/llvm-project/releases/tag/llvmorg-19.1.7) for C/C++ and [yapf v0.43.0](https://github.com/google/yapf) for Python.
OpenThread allows you to [configure](https://openthread.io/guides/build#configuration) the stack for different functionality and behavior. This configuration is based on changing compile-time constants during the build process using common switches listed in `/examples/common-switches.mk`.
This page lists the available common switches with description. Unless stated otherwise, the switches are set to 0 by default. For build command examples, see [build examples](https://openthread.io/guides/build#build_examples).
| BIG_ENDIAN | OT_BIG_ENDIAN | Allows the host platform to use big-endian byte order. |
| BORDER_AGENT | OT_BORDER_AGENT | Enables support for border agent. In most cases, enable this switch if you are building On-mesh Commissioner or Border Router with External Commissioning support. |
| BORDER_ROUTER | OT_BORDER_ROUTER | Enables support for Border Router. This switch is usually combined with the BORDER_AGENT and UDP_FORWARD (or PLATFORM_UDP in case of RCP design) switches to build Border Router device. |
| BORDER_ROUTING | OT_BORDER_ROUTING | Enables bi-directional border routing between Thread and Infrastructure networks for Border Router. |
| BORDER_ROUTING_NAT64 | OT_BORDER_ROUTING_NAT64 | Enables NAT64 border routing support for Border Router. |
| BUILTIN_MBEDTLS_MANAGEMENT | OT_BUILTIN_MBEDTLS_MANAGEMENT | Enables the built-in mbedTLS management. Enable this switch if the external mbedTLS is used, but mbedTLS memory allocation and debug config should be managed internally by OpenThread. |
| CHANNEL_MANAGER | OT_CHANNEL_MANAGER | Enables support for channel manager. Enable this switch on devices that are supposed to request a Thread network channel change. This switch should be used only with an FTD build. |
| CHANNEL_MONITOR | OT_CHANNEL_MONITOR | Enables support for channel monitor. Enable this switch on devices that are supposed to determine the cleaner channels. |
| CHILD_SUPERVISION | OT_CHILD_SUPERVISION | Enables support for [child supervision](https://openthread.io/guides/build/features/child-supervision). Enable this switch on a parent or child node with custom OpenThread application that manages the supervision, checks timeout intervals, and verifies connectivity between parent and child. |
| COAP | OT_COAP | Enables support for the CoAP API. Enable this switch if you want to control Constrained Application Protocol communication. |
| COAP_OBSERVE | OT_COAP_OBSERVE | Enables support for CoAP Observe (RFC7641) API. |
| COAPS | OT_COAPS | Enables support for the secure CoAP API. Enable this switch if you want to control Constrained Application Protocol Secure (CoAP over DTLS) communication. |
| COMMISSIONER | OT_COMMISSIONER | Enables support for Commissioner. Enable this switch on device that is able to perform Commissioner role. |
| COVERAGE | OT_COVERAGE | Enables the generation of code-coverage instances. |
| DEBUG | not implemented | Allows building debug instance. Code optimization is disabled. |
| DHCP6_CLIENT | OT_DHCP6_CLIENT | Enables support for the DHCP6 client. The device is able to act as typical DHCP client. Enable this switch on a device that is supposed to request networking parameters from the DHCP server. |
| DHCP6_SERVER | OT_DHCP6_SERVER | Enables support for the DHCP6 server. The device is able to act as typical DHCP server. Enable this switch on a device that is supposed to provide networking parameters to devices with DHCP_CLIENT switch enabled. |
| DIAGNOSTIC | OT_DIAGNOSTIC | Enables diagnostic support. Enable this switch on a device that is tested in the factory production stage. |
| DISABLE_BUILTIN_MBEDTLS | not implemented | Disables OpenThread's mbedTLS build. Enable this switch if you do not want to use the built-in mbedTLS and you do not want to manage mbedTLS internally. Enabling this switch will disable support for such features as memory allocation and debug. |
| DISABLE_DOC | not implemented | Disables building of the documentation. |
| DISABLE_EXECUTABLE | not implemented | Disables building of executables. |
| DISABLE_TOOLS | not implemented | Disables building of tools. |
| DEBUG_UART | not implemented | Enables the Debug UART platform feature. |
| DEBUG_UART_LOG | not implemented | Enables the log output for the debug UART. Requires OPENTHREAD_CONFIG_ENABLE_DEBUG_UART to be enabled. |
| DNS_CLIENT | OT_DNS_CLIENT | Enables support for DNS client. Enable this switch on a device that sends a DNS query for AAAA (IPv6) record. |
| DNS_DSO | OT_DNS_DSO | Enables support for DNS Stateful Operations (DSO). |
| DNSSD_SERVER | OT_DNSSD_SERVER | Enables support for DNS-SD server. DNS-SD server use service information from local SRP server to resolve DNS-SD query questions. |
| DUA | OT_DUA | Enables the Domain Unicast Address feature for Thread 1.2. |
| DYNAMIC_LOG_LEVEL | not implemented | Enables the dynamic log level feature. Enable this switch if OpenThread log level is required to be set at runtime. See [Logging guide](https://openthread.io/guides/build/logs) to learn more. |
| ECDSA | OT_ECDSA | Enables support for Elliptic Curve Digital Signature Algorithm. Enable this switch if ECDSA digital signature is used by application. |
| EXCLUDE_TCPLP_LIB | OT_EXCLUDE_TCPLP_LIB | Exclude TCPlp library from the build. |
| EXTERNAL_HEAP | OT_EXTERNAL_HEAP | Enables support for external heap. Enable this switch if the platform uses its own heap. Make sure to specify the external heap Calloc and Free functions to be used by the OpenThread stack. |
| FULL_LOGS | OT_FULL_LOGS | Enables all log levels and regions. This switch sets the log level to OT_LOG_LEVEL_DEBG and turns on all region flags. See [Logging guide](https://openthread.io/guides/build/logs) to learn more. |
| HISTORY_TRACKER | OT_HISTORY_TRACKER | Enables support for History Tracker. |
| IP6_FRAGM | OT_IP6_FRAGM | Enables support for IPv6 fragmentation. |
| JAM_DETECTION | OT_JAM_DETECTION | Enables support for [Jam Detection](https://openthread.io/guides/build/features/jam-detection). Enable this switch if a device requires the ability to detect signal jamming on a specific channel. |
| JOINER | OT_JOINER | Enables [support for Joiner](https://openthread.io/reference/group/api-joiner). Enable this switch on a device that has to be commissioned to join the network. |
| LEGACY | OT_LEGACY | Enables support for legacy network. |
| LINK_RAW | OT_LINK_RAW | Enables the Link Raw service. |
| LOG_OUTPUT | not implemented | Defines if the LOG output is to be created and where it goes. There are several options available: `NONE`, `DEBUG_UART`, `APP`, `PLATFORM_DEFINED` (default). See [Logging guide](https://openthread.io/guides/build/logs) to learn more. |
| MAC_FILTER | OT_MAC_FILTER | Enables support for the MAC filter. |
| MLE_LONG_ROUTES | OT_MLE_LONG_ROUTES | Enables the MLE long routes extension. **Note: Enabling this feature breaks conformance to the Thread Specification.** |
| NETDATA_PUBLISHER | OT_NETDATA_PUBLISHER | Enables support for Thread Network Data publisher. |
| PING_SENDER | OT_PING_SENDER | Enables support for ping sender. |
| OTNS | OT_OTNS | Enables support for [OpenThread Network Simulator](https://github.com/openthread/ot-ns). Enable this switch if you are building OpenThread for OpenThread Network Simulator. |
| REFERENCE_DEVICE | OT_REFERENCE_DEVICE | Enables support for Thread Test Harness reference device. Enable this switch on the reference device during certification. |
| SERVICE | OT_SERVICE | Enables support for injecting Service entries into the Thread Network Data. |
| SLAAC | OT_SLAAC | Enables support for adding auto-configured SLAAC addresses by OpenThread. This feature is enabled by default. |
| SNTP_CLIENT | OT_SNTP_CLIENT | Enables support for SNTP Client. |
| SPINEL_ENCRYPTER_LIBS | not implemented | Specifies library files (absolute paths) for implementing the NCP Spinel Encrypter. |
| SRP_CLIENT | OT_SRP_CLIENT | Enable support for SRP client. |
| SRP_SERVER | OT_SRP_SERVER | Enable support for SRP server. |
| THREAD_VERSION | OT_THREAD_VERSION | Enables the chosen Thread version (1.1 / 1.2 (default)). For example, set to `1.1` for Thread 1.1. |
| TIME_SYNC | OT_TIME_SYNC | Enables the time synchronization service feature. **Note: Enabling this feature breaks conformance to the Thread Specification.** | |
| TREL | OT_TREL | Enables TREL radio link for Thread over Infrastructure feature. |
| UDP_FORWARD | OT_UDP_FORWARD | Enables support for UDP forward. | Enable this switch on the Border Router device (running on the NCP design) with External Commissioning support to service Thread Commissioner packets on the NCP side. |
| UPTIME | OT_UPTIME | Enables support for tracking OpenThread instance's uptime. |
This directory contains example platform drivers for the [Texas Instruments CC2538][cc2538].
[cc2538]: http://www.ti.com/product/CC2538
The example platform drivers are intended to present the minimal code necessary to support OpenThread. As a result, the example platform drivers do not necessarily highlight the platform's full capabilities.
## Toolchain
Download and install the [GNU toolchain for ARM Cortex-M][gnu-toolchain].
In a Bash terminal, follow these instructions to install the GNU toolchain and other dependencies.
```bash
$ cd <path-to-openthread>
$ ./script/bootstrap
```
## Building
In a Bash terminal, follow these instructions to build the cc2538 examples.
```bash
$ cd <path-to-openthread>
$ ./bootstrap
$ make -f examples/Makefile-cc2538
```
### CC2592 support
If your board has a CC2592 range extender front-end IC connected to the CC2538 (e.g. the CC2538-CC2592 EM reference design), you need to initialise this part before reception of radio traffic will work.
Support is enabled in OpenThread by building with `CC2592=1`:
```bash
$ make -f examples/Makefile-cc2538 CC2592=1
```
The default settings should work for any design following the integration advice given in TI's application report ["AN130 - Using CC2592 Front End With CC2538"](http://www.ti.com/lit/pdf/swra447).
Additional settings can be customised:
-`CC2592_PA_EN`: This specifies which pin (on port C of the CC2538) connects to the CC2592's `PA_EN` pin. The default is `3` (PC3).
-`CC2592_LNA_EN`: This specifies which pin (on port C of the CC2538) connects to the CC2592's `LNA_EN` pin. The default is `2` (PC2).
-`CC2592_USE_HGM`: This defines whether the HGM pin of the CC2592 is under GPIO control or not. If not, it is assumed that the HGM pin is tied to a power rail.
-`CC2592_HGM_PORT`: The HGM pin can be connected to any free GPIO. TI recommend using PD2, however if you've used a pin on another GPIO port, you may specify that port (`A`, `B` or `C`) here.
-`CC2592_HGM_PORT`: The HGM pin can be connected to any free GPIO. TI recommend using PD2, however if you've used a pin on another GPIO port, you may specify that port (`A`, `B` or `C`) here. Default is `D`.
-`CC2592_HGM_PIN`: The HGM pin can be connected to any free GPIO. TI recommend using PD2, however if you've used a pin on another GPIO pin, you can specify the pin here. Default is `2`.
-`CC2592_HGM_DEFAULT_STATE`: By default, HGM is enabled at power-on, but you may want to have it default to off, specify `CC2592_HGM_DEFAULT_STATE=0` to do so.
-`CC2538_RECEIVE_SENSITIVITY`: If you have tied the HGM pin to a power rail, this allows you to calibrate the RSSI values according to the new receive sensitivity. This has no effect if `CC2592_USE_HGM=1` (the default).
-`CC2538_RSSI_OFFSET`: If you have tied the HGM pin to a power rail, this allows you to calibrate the RSSI values according to the new RSSI offset. This has no effect if `CC2592_USE_HGM=1` (the default).
## Flash Binaries
If the build completed successfully, the `elf` files may be found in `<path-to-openthread>/output/cc2538/bin`.
To flash the images with [Flash Programmer 2][ti-flash-programmer-2], the files must have the `*.elf` extension.
```bash
$ cd <path-to-openthread>/output/cc2538/bin
$ cp ot-cli ot-cli.elf
```
To load the images with the [serial bootloader][ti-cc2538-bootloader], the images must be converted to `bin`. This is done using `arm-none-eabi-objcopy`
The [cc2538-bsl.py script][cc2538-bsl-tool] provides a convenient method for flashing a CC2538 via the UART. To enter the bootloader backdoor for flashing, hold down SELECT for CC2538DK (corresponds to logic '0') while you press the Reset button.
// TODO: implement an operation to wake the host from sleep state.
}
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Tan Yan Quan
