Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unauthenticated session #9269

Merged
merged 2 commits into from
Sep 14, 2021
Merged

Unauthenticated session #9269

merged 2 commits into from
Sep 14, 2021

Conversation

kghost
Copy link
Contributor

@kghost kghost commented Aug 26, 2021
edited
Loading

Problem

Add unauthenticated session.

Change overview

  • Add unauthenticated session table.
  • Send/Recv unauthenticated packets using unauthenticated session in secure session manager.
  • Handle peer address in unauthenticated session instead of PASESession or CASESession object

Testing

Manually verified using unit-tests

@todo
Copy link

todo bot commented Aug 26, 2021

remove IsReliableTransmissionAllowed, this function should be provided over session.

connectedhomeip/src/messaging/ExchangeMessageDispatch.h

Lines 68 to 73 in 5dd6f18

// TODO: remove IsReliableTransmissionAllowed, this function should be provided over session.
virtual bool IsReliableTransmissionAllowed() const { return true; }
virtual bool IsEncryptionRequired() const { return true; }
};

This comment was generated by todo based on a TODO comment in 5dd6f18 in #9269. cc @kghost.

@kghost kghost mentioned this pull request Aug 26, 2021
Merged
@restyled-io restyled-io bot mentioned this pull request Aug 26, 2021
Closed
@kghost kghost force-pushed the unauthenticated-session branch 10 times, most recently from e149401 to 2c41bc6 Compare August 31, 2021 13:55
@restyled-io restyled-io bot mentioned this pull request Aug 31, 2021
Closed
@kghost kghost force-pushed the unauthenticated-session branch 3 times, most recently from 36391a7 to 8fcb52d Compare September 1, 2021 15:40
@restyled-io restyled-io bot mentioned this pull request Sep 1, 2021
Closed
@msandstedt msandstedt self-requested a review September 1, 2021 20:46
@kghost kghost force-pushed the unauthenticated-session branch from 8fcb52d to f85b437 Compare September 2, 2021 08:03
@todo
Copy link

todo bot commented Sep 2, 2021

complete BLE address comparation

connectedhomeip/src/transport/UnauthenticatedSessionTable.h

Lines 189 to 199 in f85b437

// TODO: complete BLE address comparation
return true;
}
return false;
}
static constexpr uint64_t kMinimalActivityTimeMs = 30000;
Time::TimeSource<Time::Source::kSystem> mTimeSource;
BitMapObjectPool<UnauthenticatedSession, kMaxConnectionCount> mEntries;
};

This comment was generated by todo based on a TODO comment in f85b437 in #9269. cc @kghost.

@kghost kghost force-pushed the unauthenticated-session branch from f85b437 to 030f20d Compare September 2, 2021 09:25
msandstedt
msandstedt reviewed Sep 8, 2021
View reviewed changes
Copy link
Contributor

@msandstedt msandstedt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have some comments inline, but for the most part this seems like a very important step forward.

I am hoping we can address the scalability of this feature and provide a dynamic option for nodes where this makes sense. I think most everything else though will be easy to address.

@kghost kghost force-pushed the unauthenticated-session branch from ad49157 to 41393ee Compare September 10, 2021 12:03
@andy31415
Copy link
Contributor

@msandstedt ? I believe @kghost addressed previous round of comments.

@andy31415
Copy link
Contributor

@woody-apple @pan-apple would you like to review this as well as it touches secure sessions and encryption/non-encryption?

@kghost kghost force-pushed the unauthenticated-session branch from 41393ee to d04c0a0 Compare September 10, 2021 13:04
@woody-apple
Copy link
Contributor

@kghost has conflicts

@kghost kghost force-pushed the unauthenticated-session branch from d04c0a0 to 9724774 Compare September 14, 2021 04:21
@github-actions
Copy link

Size increase report for "gn_qpg-example-build" from 64d8f13

File Section File VM
chip-qpg6100-lighting-example.out .text 1084 1084
chip-qpg6100-lighting-example.out .bss 0 336
chip-qpg6100-lighting-example.out .heap 0 -336
Full report output 
BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-qpg6100-lighting-example.out and ./pull_artifact/chip-qpg6100-lighting-example.out:

sections,vmsize,filesize
.debug_info,0,836325
.debug_line,0,36223
.debug_loc,0,32939
.debug_str,0,26551
.debug_abbrev,0,16470
.debug_ranges,0,5568
.debug_frame,0,2244
.strtab,0,1356
.text,1084,1084
.debug_aranges,0,632
.symtab,0,448
.bss,336,0
.heap,-336,0
[Unmapped],0,-1084

Comparing ./master_artifact/chip-qpg6100-lighting-example.out.map and ./pull_artifact/chip-qpg6100-lighting-example.out.map:

BLOAT EXECUTION FAILED WITH CODE 1:
bloaty: unknown file type for file './pull_artifact/chip-qpg6100-lighting-example.out.map'

@github-actions
Copy link

Size increase report for "nrfconnect-example-build" from 64d8f13

File Section File VM
chip-shell.elf text 1208 1208
chip-shell.elf bss 0 352
chip-shell.elf rodata 56 56
chip-shell.elf device_handles -8 -8
chip-lock.elf text 996 996
chip-lock.elf bss 0 328
chip-lock.elf rodata 56 56
chip-lock.elf [LOAD #3 [RW]] 0 24
chip-lock.elf device_handles -4 -4
Full report output 
BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-shell.elf and ./pull_artifact/chip-shell.elf:

sections,vmsize,filesize
.debug_info,0,179917
.debug_str,0,13727
.debug_loc,0,9593
.debug_line,0,7103
.debug_abbrev,0,2804
.debug_ranges,0,1504
.strtab,0,1276
text,1208,1208
.debug_frame,0,528
.symtab,0,448
bss,352,0
.debug_aranges,0,136
rodata,56,56
device_handles,-8,-8

Comparing ./master_artifact/chip-lock.elf and ./pull_artifact/chip-lock.elf:

sections,vmsize,filesize
.debug_info,0,690039
.debug_line,0,17379
.debug_str,0,14155
.debug_loc,0,11093
.debug_abbrev,0,9906
.strtab,0,1441
.debug_ranges,0,1144
text,996,996
.debug_frame,0,692
.symtab,0,512
bss,328,0
.debug_aranges,0,208
rodata,56,56
[LOAD #3 [RW]],24,0
.shstrtab,0,-1
device_handles,-4,-4

@github-actions
Copy link

Size increase report for "esp32-example-build" from 64d8f13

File Section File VM
chip-all-clusters-app.elf .flash.text 1216 1216
chip-all-clusters-app.elf .dram0.bss 0 336
chip-all-clusters-app.elf .flash.rodata 64 64
chip-shell.elf .flash.text 1020 1020
chip-shell.elf .dram0.bss 0 360
chip-shell.elf .flash.rodata 56 56
chip-temperature-measurement-app.elf .flash.text 1028 1028
chip-temperature-measurement-app.elf .dram0.bss 0 336
chip-temperature-measurement-app.elf .flash.rodata 56 56
chip-bridge-app.elf .flash.text 944 944
chip-bridge-app.elf .dram0.bss 0 336
chip-bridge-app.elf .flash.rodata 56 56
chip-lock-app.elf .flash.text 1044 1044
chip-lock-app.elf .dram0.bss 0 336
chip-lock-app.elf .flash.rodata 56 56
Full report output 
BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-all-clusters-app.elf and ./pull_artifact/chip-all-clusters-app.elf:

sections,vmsize,filesize
.debug_info,0,869060
.debug_str,0,15447
.debug_line,0,10682
.debug_abbrev,0,8309
.debug_loc,0,8239
[Unmapped],0,2816
.debug_ranges,0,2256
.flash.text,1216,1216
.strtab,0,1059
.debug_frame,0,680
.dram0.bss,336,0
.debug_aranges,0,176
.symtab,0,160
.flash.rodata,64,64
.shstrtab,0,1
.riscv.attributes,0,-1

Comparing ./master_artifact/chip-shell.elf and ./pull_artifact/chip-shell.elf:

sections,vmsize,filesize
.debug_info,0,153409
.debug_str,0,14923
.debug_line,0,9341
.debug_loc,0,8031
.debug_abbrev,0,3204
.shstrtab,0,1956
.debug_ranges,0,1696
.strtab,0,1096
.flash.text,1020,1020
[ELF Section Headers],0,680
.debug_frame,0,432
.symtab,0,432
.dram0.bss,360,0
[9 Others],0,200
.debug_aranges,0,144
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE9FindEntryERKNS1_11PeerAddressEEUlPS2_E_E4CallEPvSF_,0,84
.xt.prop._ZN4chip9Transport18PeerMessageCounter6CommitEj,0,72
.flash.rodata,56,56
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Messaging15ExchangeContextELj8EE12CreateObjectIJPNS1_15ExchangeManagerEtRNS_13SessionHandleEbRPNS1_16ExchangeDelegateEEEEPS2_DpOT_,0,48
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE24FindLeastRecentUsedEntryEvEUlPS2_E_E4CallEPvSC_,0,48
[Unmapped],0,-1076

Comparing ./master_artifact/chip-persistent-storage.elf and ./pull_artifact/chip-persistent-storage.elf:

sections,vmsize,filesize

Comparing ./master_artifact/chip-pigweed-app.elf and ./pull_artifact/chip-pigweed-app.elf:

sections,vmsize,filesize

Comparing ./master_artifact/chip-ipv6only-app.elf and ./pull_artifact/chip-ipv6only-app.elf:

sections,vmsize,filesize

Comparing ./master_artifact/chip-temperature-measurement-app.elf and ./pull_artifact/chip-temperature-measurement-app.elf:

sections,vmsize,filesize
.debug_info,0,788355
.debug_line,0,19911
.debug_str,0,15325
.debug_abbrev,0,15058
.debug_loc,0,9363
.debug_ranges,0,1904
.shstrtab,0,1865
.strtab,0,1059
.flash.text,1028,1028
[ELF Section Headers],0,640
.debug_frame,0,528
.symtab,0,416
.dram0.bss,336,0
.debug_aranges,0,176
[8 Others],0,144
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE9FindEntryERKNS1_11PeerAddressEEUlPS2_E_E4CallEPvSF_,0,96
.xt.prop._ZN4chip9Transport18PeerMessageCounter6CommitEj,0,72
.flash.rodata,56,56
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Messaging15ExchangeContextELj8EE12CreateObjectIJPNS1_15ExchangeManagerEtRNS_13SessionHandleEbRPNS1_16ExchangeDelegateEEEEPS2_DpOT_,0,48
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE24FindLeastRecentUsedEntryEvEUlPS2_E_E4CallEPvSC_,0,48
[Unmapped],0,-1084

Comparing ./master_artifact/chip-bridge-app.elf and ./pull_artifact/chip-bridge-app.elf:

sections,vmsize,filesize
.debug_info,0,873998
.debug_line,0,21230
.debug_abbrev,0,16526
.debug_str,0,15330
.debug_loc,0,9488
.shstrtab,0,1862
.debug_ranges,0,1800
.strtab,0,1070
.flash.text,944,944
[ELF Section Headers],0,640
.debug_frame,0,528
.symtab,0,416
.dram0.bss,336,0
.debug_aranges,0,176
[8 Others],0,144
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE9FindEntryERKNS1_11PeerAddressEEUlPS2_E_E4CallEPvSF_,0,84
.xt.prop._ZN4chip9Transport18PeerMessageCounter6CommitEj,0,72
.flash.rodata,56,56
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Messaging15ExchangeContextELj8EE12CreateObjectIJPNS1_15ExchangeManagerEtRNS_13SessionHandleEbRPNS1_16ExchangeDelegateEEEEPS2_DpOT_,0,48
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE24FindLeastRecentUsedEntryEvEUlPS2_E_E4CallEPvSC_,0,48
[Unmapped],0,-1000

Comparing ./master_artifact/chip-lock-app.elf and ./pull_artifact/chip-lock-app.elf:

sections,vmsize,filesize
.debug_info,0,662914
.debug_str,0,15445
.debug_line,0,11975
.debug_loc,0,9525
.debug_abbrev,0,5773
[Unmapped],0,2996
.shstrtab,0,1865
.debug_ranges,0,1800
.strtab,0,1059
.flash.text,1044,1044
[ELF Section Headers],0,640
.debug_frame,0,528
.symtab,0,416
.dram0.bss,336,0
.debug_aranges,0,176
[8 Others],0,144
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE9FindEntryERKNS1_11PeerAddressEEUlPS2_E_E4CallEPvSF_,0,84
.xt.prop._ZN4chip9Transport18PeerMessageCounter6CommitEj,0,72
.flash.rodata,56,56
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Messaging15ExchangeContextELj8EE12CreateObjectIJPNS1_15ExchangeManagerEtRNS_13SessionHandleEbRPNS1_16ExchangeDelegateEEEEPS2_DpOT_,0,48
.xt.prop._ZN4chip16BitMapObjectPoolINS_9Transport22UnauthenticatedSessionELj4EE11LambdaProxyIZNS1_27UnauthenticatedSessionTableILj4ELNS_4Time6SourceE0EE24FindLeastRecentUsedEntryEvEUlPS2_E_E4CallEPvSC_,0,48

@andy31415 andy31415 merged commit 102c6e2 into project-chip:master Sep 14, 2021
This was referenced Sep 14, 2021
Closed
Closed
@msandstedt msandstedt mentioned this pull request Sep 15, 2021
Closed
@bzbarsky-apple bzbarsky-apple mentioned this pull request Sep 15, 2021
Closed
@mspang
Copy link
Contributor

mspang commented Sep 16, 2021

Problem

Add unauthenticated session.

Please provide more context than this.

Change overview

  • Add unauthenticated session table.
  • Send/Recv unauthenticated packets using unauthenticated session in secure session manager.
  • Handle peer address in unauthenticated session instead of PASESession or CASESession object

Testing

Manually verified using unit-tests

@kghost kghost deleted the unauthenticated-session branch September 17, 2021 00:12
@bzbarsky-apple bzbarsky-apple mentioned this pull request Sep 17, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tcarmelveilleux tcarmelveilleux tcarmelveilleux left review comments

@jmartinez-silabs jmartinez-silabs jmartinez-silabs approved these changes

@msandstedt msandstedt msandstedt approved these changes

@andy31415 andy31415 andy31415 approved these changes

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@jelderton jelderton Awaiting requested review from jelderton

@LuDuda LuDuda Awaiting requested review from LuDuda

@mspang mspang Awaiting requested review from mspang

@pan-apple pan-apple Awaiting requested review from pan-apple

@selissia selissia Awaiting requested review from selissia

@woody-apple woody-apple Awaiting requested review from woody-apple

Assignees

@kghost kghost

Labels
app controller efr32 esp32 k32w lib linux platform review - approved transport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

decouple peer address into transport, such that pairing session do not need to h...
7 participants
@kghost @andy31415 @woody-apple @mspang @tcarmelveilleux @msandstedt @jmartinez-silabs