diff --git a/TESTS/configs/greentea_baremetal.json5 b/TESTS/configs/greentea_baremetal.json5 index bae8f4d04c1..639c7fbde9a 100644 --- a/TESTS/configs/greentea_baremetal.json5 +++ b/TESTS/configs/greentea_baremetal.json5 @@ -9,6 +9,17 @@ "platform.all-stats-enabled": 1, // Enable auto reboot on error, required for crash reporting test - "platform.fatal-error-auto-reboot-enabled": true + "platform.fatal-error-auto-reboot-enabled": true, + + // Allow lots of reboots so that we don't get in a situation where the MCU refuses to boot + // after crashing and being reflashed (since some MCUs/flash tools don't reset the + // crash data RAM) + "platform.error-reboot-max": 99999, + + // Enable mbed trace prints for tests that use it + "mbed-trace.enable": true, + + // Disable colored traces in tests, as the test runner does not like the terminal control chars + "mbed-trace.default-config": "TRACE_ACTIVE_LEVEL_INFO | TRACE_CARRIAGE_RETURN" } } diff --git a/TESTS/configs/greentea_full.json5 b/TESTS/configs/greentea_full.json5 index 4a9d8aeebb2..4eee1d21f39 100644 --- a/TESTS/configs/greentea_full.json5 +++ b/TESTS/configs/greentea_full.json5 @@ -9,6 +9,12 @@ // Allow lots of reboots so that we don't get in a situation where the MCU refuses to boot // after crashing and being reflashed (since some MCUs/flash tools don't reset the // crash data RAM) - "platform.error-reboot-max": 99999 + "platform.error-reboot-max": 99999, + + // Enable mbed trace prints for tests that use it + "mbed-trace.enable": true, + + // Disable colored traces in tests, as the test runner does not like the terminal control chars + "mbed-trace.default-config": "TRACE_ACTIVE_LEVEL_INFO | TRACE_CARRIAGE_RETURN" } } diff --git a/connectivity/netsocket/source/TLSSocketWrapper.cpp b/connectivity/netsocket/source/TLSSocketWrapper.cpp index e7b16d26c33..1dd05ce9c3e 100644 --- a/connectivity/netsocket/source/TLSSocketWrapper.cpp +++ b/connectivity/netsocket/source/TLSSocketWrapper.cpp @@ -247,10 +247,13 @@ nsapi_error_t TLSSocketWrapper::start_handshake(bool first_call) } #if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) - tr_info("Starting TLS handshake with %s", _ssl.hostname); -#else - tr_info("Starting TLS handshake"); + if (_ssl.hostname != nullptr) { + tr_info("Starting TLS handshake with %s", _ssl.hostname); + } else #endif + { + tr_info("Starting TLS handshake"); + } /* * Initialize TLS-related stuf. */ @@ -350,12 +353,15 @@ nsapi_error_t TLSSocketWrapper::continue_handshake() } } -#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) /* It also means the handshake is done, time to print info */ - tr_info("TLS connection to %s established", _ssl.hostname); -#else - tr_info("TLS connection established"); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) + if (_ssl.hostname != nullptr) { + tr_info("TLS connection to %s established", _ssl.hostname); + } else #endif + { + tr_info("TLS connection established"); + } #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(FEA_TRACE_SUPPORT) && !defined(MBEDTLS_X509_REMOVE_INFO) /* Prints the server certificate and verify it. */ diff --git a/connectivity/netsocket/tests/TESTS/netsocket/README.md b/connectivity/netsocket/tests/TESTS/netsocket/README.md index a9e86ac3cd7..d1075013959 100644 --- a/connectivity/netsocket/tests/TESTS/netsocket/README.md +++ b/connectivity/netsocket/tests/TESTS/netsocket/README.md @@ -36,7 +36,7 @@ The test environment consist of DUTs, network connection and the test server. Ar ### Public test server -Address: `echo.mbedcloudtesting.com`. +Address: `mbed-ce.dev`. Both IPv4 and IPv6 addresses are available from a public DNS service: @@ -82,8 +82,7 @@ time stream tcp6 nowait root internal Then run: ```shell -$ sudo systemctl enable inetutils-inetd.service -$ sudo systemctl start inetutils-inetd.service +$ sudo systemctl enable --now inetutils-inetd.service ``` Below is an example of how to install these services in TLS version into a Debian/Ubuntu based Linux distribution using Stunnel4 Daemon: @@ -93,7 +92,7 @@ $ sudo apt install stunnel4 $ nano /etc/stunnel/stunnel.conf ``` -Enable following services from /etc/inetd.conf: +Enable following services from /etc/stunnel/stunnel.conf: ``` ; ************************************************************************** @@ -126,12 +125,18 @@ key = /etc/letsencrypt/live//privkey.pem ``` +Then run: +```shell +$ sudo systemctl enable stunnel4.service +$ sudo systemctl start stunnel4.service +``` + Get, update and install certificate files by certbot (Provided by Let's Encrypt ). -- Install lighthttpd server: +- Install lighthttpd server and set up an index.html (if there is not already a website being served): ```.sh - $ sudo apt-get install lighttpd + $ sudo apt install lighttpd $ sudo rm -rf /var/www/html/* $ sudo echo "

Empty

" > /var/www/html/index.html $ sudo echo "" >> /var/www/html/index.html @@ -139,27 +144,21 @@ Get, update and install certificate files by certbot (Provided by Let's Encrypt $ sudo systemctl restart lighttpd.service ``` -- Install and set up certbot: - - ```.sh - $ sudo apt-get update - $ sudo apt-get install software-properties-common - $ sudo add-apt-repository ppa:certbot/certbot - $ sudo apt-get update - $ sudo apt-get install certbot - $ sudo certbot certonly - $ sudo certbot certonly --webroot -w /var/www/html -d - ``` - -- Set test server to renew certificate before expiry. +- Install and set up certbot using the guide [here](https://certbot.eff.org/instructions?ws=other&os=pip). Use the "No, I need to keep my web server running." option. When it asks for the webroot, use `/var/www/html`. - ```.sh - $ sudo echo "SHELL=/bin/sh" > /etc/cron.d/certbot - $ sudo echo "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" > /etc/cron.d/certbot - $ sudo echo "0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew" > /etc/cron.d/certbot - ``` +- Configure lighttpd for SSL: -Where is the test server URL. +```shell +$ sudo nano /etc/lighttpd/lighttpd.conf +``` +Add the following block at the end: +``` +$SERVER["socket"] == ":443" { + ssl.engine = "enable" + ssl.pemfile = "/etc/letsencrypt/live//fullchain.pem" + ssl.privkey = "/etc/letsencrypt/live//privkey.pem" +} +``` **Testing the connectivity** diff --git a/connectivity/netsocket/tests/TESTS/netsocket/test_params.h b/connectivity/netsocket/tests/TESTS/netsocket/test_params.h index da88e2f91a5..e13367e800e 100644 --- a/connectivity/netsocket/tests/TESTS/netsocket/test_params.h +++ b/connectivity/netsocket/tests/TESTS/netsocket/test_params.h @@ -19,7 +19,7 @@ #define TEST_PARAMS_H #ifndef MBED_CONF_APP_ECHO_SERVER_ADDR -#define ECHO_SERVER_ADDR "echo.mbedcloudtesting.com" +#define ECHO_SERVER_ADDR "mbed-ce.dev" #else #define ECHO_SERVER_ADDR MBED_CONF_APP_ECHO_SERVER_ADDR #endif diff --git a/connectivity/netsocket/tests/TESTS/netsocket/tls/cert.h b/connectivity/netsocket/tests/TESTS/netsocket/tls/cert.h index 310195305c2..f3b62ac720f 100644 --- a/connectivity/netsocket/tests/TESTS/netsocket/tls/cert.h +++ b/connectivity/netsocket/tests/TESTS/netsocket/tls/cert.h @@ -20,31 +20,35 @@ #if defined(MBED_CONF_APP_ECHO_SERVER_USE_CUSTOM_CERT) && MBED_CONF_APP_ECHO_SERVER_USE_CUSTOM_CERT #include "custom_cert.h" #else + +// This is the root CA certificate for Let's Encrypt (which is used for mbed-ce.dev), obtained +// using these instructions: https://os.mbed.com/docs/mbed-os/v5.15/tutorials/tls-tutorial.html const char *tls_global::cert = "-----BEGIN CERTIFICATE-----\n" - "MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" - "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" - "DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" - "MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" - "AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" - "jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" - "Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" - "U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" - "gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" - "/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" - "oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" - "BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" - "ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" - "p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" - "AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" - "Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" - "LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" - "r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" - "AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" - "ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" - "S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" - "qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" - "O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" - "UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" + "MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw\n" + "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n" + "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw\n" + "WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\n" + "RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G\n" + "h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV\n" + "6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw\n" + "gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD\n" + "ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj\n" + "v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB\n" + "AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g\n" + "BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu\n" + "Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc\n" + "MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL\n" + "pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp\n" + "eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH\n" + "pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7\n" + "s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu\n" + "h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv\n" + "YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8\n" + "ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0\n" + "LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+\n" + "EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY\n" + "Ig46v9mFmBvyH04=\n" "-----END CERTIFICATE-----\n"; + #endif //#if defined(MBED_CONF_APP_ECHO_SERVER_USE_CUSTOM_CERT) && MBED_CONF_APP_ECHO_SERVER_USE_CUSTOM_CERT diff --git a/connectivity/netsocket/tests/TESTS/netsocket/tls/main.cpp b/connectivity/netsocket/tests/TESTS/netsocket/tls/main.cpp index 38cd1dcf80c..c5b212d722d 100644 --- a/connectivity/netsocket/tests/TESTS/netsocket/tls/main.cpp +++ b/connectivity/netsocket/tests/TESTS/netsocket/tls/main.cpp @@ -161,6 +161,9 @@ int fetch_stats() // Test setup utest::v1::status_t greentea_setup(const size_t number_of_cases) { + // Enable logging + mbed_trace_init(); + GREENTEA_SETUP(tls_global::TESTS_TIMEOUT.count(), "default_auto"); _ifup(); diff --git a/platform/mbed-trace/mbed_lib.json b/platform/mbed-trace/mbed_lib.json index 9c27f4fd5e0..6a078dc8066 100644 --- a/platform/mbed-trace/mbed_lib.json +++ b/platform/mbed-trace/mbed_lib.json @@ -2,14 +2,13 @@ "name": "mbed-trace", "config": { "enable": { - "help": "Used to globally enable traces.", + "help": "Set to 1 to globally enable traces.", "value": null }, "max-level": { "help": "This flag is used to optimize the code size. For example, setting trace optimization level to TRACE_LEVEL_INFO will define all tr_debug() macros empty, which reduces the binary size. The possible optimization levels are TRACE_LEVEL_DEBUG, TRACE_LEVEL_INFO, TRACE_LEVEL_WARN, TRACE_LEVEL_ERROR and TRACE_LEVEL_CMD. To set the output tracing level, please use mbed_trace_config_set(TRACE_ACTIVE_LEVEL_INFO). The possible tracing levels for mbed_trace_config_set() are TRACE_ACTIVE_LEVEL_ALL, TRACE_ACTIVE_LEVEL_DEBUG (same as ALL), TRACE_ACTIVE_LEVEL_INFO, TRACE_ACTIVE_LEVEL_WARN, TRACE_ACTIVE_LEVEL_ERROR, TRACE_ACTIVE_LEVEL_CMD and TRACE_LEVEL_NONE.", "value": null, "macro_name": "MBED_TRACE_MAX_LEVEL" - }, "fea-ipv6": { "help": "Used to globally disable ipv6 tracing features.", @@ -28,7 +27,11 @@ "deallocator": { "value": "free", "macro_name": "MEM_FREE" + }, + "default-config": { + "help": "Default Mbed Trace config at initialization. Accepts a bitmask of values, same as mbed_trace_config_set", + "value": null, + "macro_name": "MBED_TRACE_CONFIG" } - } } \ No newline at end of file