Conversation
…377) * Add RSA-PSS * Fix SHA-384/512 transcript hash truncation and add MGF1 bounds check Address review feedback on RSA-PSS PR: - Resize handshake_hash buffer from 130 to 162 bytes (64+34+64) in both nx_secure_tls_process_certificate_verify.c and nx_secure_tls_send_certificate_verify.c to fit SHA-512 transcript. - Replace hardcoded 32-byte transcript hash copy with dynamic length derived from hash_method->nx_crypto_ICV_size_in_bits. - Add bounds check in _nx_crypto_rsa_pss_mgf1 to reject hash_method whose output exceeds the local hash_buf size. * Fix RSA-PSS verify in TLS 1.2 ServerKeyExchange Extend RSA-PSS support to TLS 1.2 ServerKeyExchange signature verify: - nx_secure_process_server_key_exchange.c: detect RSA-PSS wire codes (0x0804/0805/0806) and dispatch to _nx_crypto_rsa_pss_verify after RSA decrypt; PKCS#1 v1.5 path kept for non-PSS signatures. - nx_secure_tls_process_clienthello_extensions.c: map RSA-PSS wire codes to the existing RSA SHA-256/384/512 internal IDs so the certificate cipher table lookup finds the right hash method.
…#265) * key_size_in_bits should be shifted right to convert to bytes * Add HKDF init length regression coverage --------- Co-authored-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org>
When compiling with NX_DEBUG enabled the nx_ram_network_driver gives a compiler error when printing the IP Address, since long sub-specifier is missing.
* Fixed server PSK identity selection for ECDHE-PSK * Fixed selected client PSK identity preservation Implemented logic to cache the PSK store entry selected by the server identity hint so ClientKeyExchange emits the matching identity when clients use the PSK store path. Cast the ECC supported-group test value to USHORT so the PSK identity regression builds cleanly with -Werror on Linux. Assisted-By: Codex (OpenAI GPT-5.5) <codex@openai.com>
…267) * add support for parsing ASN.1 GeneralizedTime * fix validity format field error * changed CertMsg notBefore format to be in GeneralizedTime format * changed notBefore time to be in GeneralizedTime format * changed notAfter time to be in GeneralizedTime format * expand tests for invalid date format * update function comments * update function comments --------- Co-authored-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org>
… consistency (#372) ftp server: call logout callback on client timeout for consistency Otherwise this is not symmetric with the other case where logout is also called when the client disconnects. Refactor performing the logout into a separate helper to avoid duplication. Fix security bug: stale authenticated flag after inactivity timeout. Moving nx_ftp_client_request_authenticated = NX_FALSE into the _nx_ftp_server_logout_client helper ensures every call site (QUIT, disconnect, and now timeout) consistently resets auth state. Before this fix, a new TCP connection accepted on a timed-out socket slot could issue commands without USER/PASS. Remove the now-redundant per-callsite authenticated resets in the QUIT handler and the control-disconnect processing path. Fix AUTHOR field in _nx_ftp_server_logout_client (was 'TBD'). Remove trailing whitespace from the new function comment block and from the blank line following the QUIT logout call. Add regression test netx_ftp_server_activity_timeout_test that forces the inactivity timer to fire, asserts the logout callback is invoked, uses a raw TCP connection to verify commands are rejected with 530 before USER/PASS (demonstrating the auth-reset fix), and confirms a fresh authenticated session works normally. Co-authored-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
● - initial support
- bsd: address PR review feedback
- Fix build failure: so_linger was stored on NX_TCP_SOCKET which has
no such field. Linger state is now kept in NX_BSD_SOCKET using the
new nx_bsd_option_linger field and the existing
NX_BSD_SOCKET_ENABLE_OPTION_LINGER flag.
- Fix sign-conversion warning in setsockopt(IP_TOS): read the value
as INT, validate range 0..0xFF, then cast to ULONG.
- Reject out-of-range INT values (< 0 or > 255) in
setsockopt(IP_TTL).
- Add lower-bound check for IPPROTO_IP options in getsockopt and
setsockopt so that SO_* option numbers are no longer silently
accepted at the IPPROTO_IP level.
- Add null check for raw sockets in IP_TOS and IP_TTL get/set paths;
return ENOPROTOOPT instead of dereferencing a NULL pointer.
- Validate
*option_length before writing in SO_BROADCAST, TCP_NODELAY,
SO_LINGER and IP_TOS getsockopt paths; set
*option_length to the
actual size returned on success.
- Separate ENOPROTOOPT (wrong socket type) from EINVAL (wrong length)
in SO_LINGER get/set error handling.
- Remove unused so_linger local variable from getsockopt.
- Replace C++-style // comments in the close/linger path with C99
/*
*/ comments.
- Add regression test netx_bsd_socket_options_test covering SO_LINGER,
IP_TOS, IP_TTL, SO_BROADCAST and TCP_NODELAY round-trips and error
paths; register in bsd_test_cases in regression/CMakeLists.txt.
Co-authored-by: Frédéric Desbiens frederic.desbiens@eclipse-foundation.org
Co-authored-by: Copilot 223556219+Copilot@users.noreply.github.com
* initial support * bsd: address PR review feedback - Fix accept() regression: preserve accepted socket FD even when recreating the secondary listen socket fails due to slot exhaustion. Set secondary_socket_id = NX_BSD_MAX_SOCKETS to invalidate the slot for future accept() calls, but still return the already-accepted FD. - Restore select() writefds 'not in use' case: closed/unallocated descriptors must be reported immediately as writable per BSD semantics. Several tests (netx_bsd_tcp_basic_blocking_test, _rcvbuf_test, _getaddrinfo_test) depend on this behaviour. - Fix select() exceptfds race with readfds: the readfds scan calls nx_tcp_socket_receive() which dequeues the head packet; a subsequent peek at nx_tcp_socket_receive_queue_head in the exceptfds scan then finds NULL. Move the URG/push-flag check into the readfds scan immediately after the successful dequeue while the packet is still accessible. - Add regression test netx_bsd_select_improvements_test covering: * zero-timeout select clears all fdsets without blocking * normal TCP data sets readfds, not exceptfds * a not-in-use descriptor appears in writefds Register test in regression/CMakeLists.txt. --------- Co-authored-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* recvfromto support
* nx_bsd_inet_aton, disabling other format than four numbers separated by dots. Otherwise used in nx_bsd_inet_pton
It accepts unallowed format of IP address.
* bsd: address PR review feedback
- Fix build failure: add missing nx_bsd_recvfromto() prototype to
nxd_bsd.h near the other receive prototypes. The nx_bsd_recvfromto
macro maps to recvfromto, but without a prior declaration the
compiler emits -Werror=missing-declarations.
- Revert inet_aton() change: restore the 1-part, 2-part and 3-part
abbreviated IPv4 address formats (a.b.c and a.b). The PR removed
them, breaking existing tests that rely on these forms.
- Add IPv6 destination address support in recvfromto(): when the
receiving BSD socket is AF_INET6, extract the destination IPv6
address from the IPv6 packet header and populate a sockaddr_in6
in toAddr, mirroring the existing IPv4 path.
- Add regression test netx_bsd_recvfromto_test covering:
* recvfromto() populates fromAddr (sender) and toAddr (destination)
with correct address/port values for IPv4 UDP
* recvfromto() with NULL toAddr/toAddrLen works like recvfrom()
* inet_aton() still accepts abbreviated a.b and a.b.c forms
Register test in regression/CMakeLists.txt.
---------
Co-authored-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Yuxin Zhou <yzhou@192.2.2.61>
scripts/submodule_set_dev.sh - points filex and threadx to origin/dev scripts/submodule_set_release.sh - points them to origin/master on release day Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Updated version number constants * Updated port version strings --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Applied the standard MIT license header to all project-owned C, header, assembly, shell, and Python files that were missing a copyright notice. Third-party, toolchain startup, and auto-generated files were excluded. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.