Skip to content

Add UDP support to NetX sockets for DTLS sessions#10408

Open
hmohide wants to merge 16 commits into
wolfSSL:masterfrom
hmohide:master
Open

Add UDP support to NetX sockets for DTLS sessions#10408
hmohide wants to merge 16 commits into
wolfSSL:masterfrom
hmohide:master

Conversation

@hmohide

@hmohide hmohide commented May 6, 2026

Copy link
Copy Markdown

Description

Add UDP support to NetX sockets for DTLS sessions

Fixes zd#

src/internal.c
src/wolfio.c
wolfssl/internal.h
wolfssl/wolfio.h

Testing

Yes, verified the DTLS communication with multiple session

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@wolfSSL-Bot

Copy link
Copy Markdown

Can one of the admins verify this patch?

@dgarske

dgarske commented May 6, 2026

Copy link
Copy Markdown
Member

Okay to test. Contributor agreement on file. Thank you @hmohide

@night1rider

Copy link
Copy Markdown
Contributor

#10414 Should fix the zephyr tests if you rebase to pull in the updated workflow

@github-actions

github-actions Bot commented May 6, 2026

Copy link
Copy Markdown

MemBrowse Memory Report

gcc-arm-cortex-m0plus

  • FLASH: .text +596 B (+0.9%, 64,091 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m3

  • FLASH: .text +772 B (+0.6%, 122,181 B / 262,144 B, total: 47% used)

gcc-arm-cortex-m4

  • FLASH: .rodata.wolfSSL_ERR_reason_error_string.str1.1 +18 B, .text +832 B (+0.4%, 199,902 B / 262,144 B, total: 76% used)

gcc-arm-cortex-m4-baremetal

  • FLASH: .text +640 B (+1.0%, 66,699 B / 262,144 B, total: 25% used)

gcc-arm-cortex-m4-crypto-only

  • FLASH: .text +640 B (+0.4%, 174,314 B / 262,144 B, total: 66% used)

gcc-arm-cortex-m4-dtls13

  • FLASH: .text +832 B (+0.5%, 180,632 B / 1,048,576 B, total: 17% used)

gcc-arm-cortex-m4-min-ecc

  • FLASH: .text +640 B (+1.0%, 61,677 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m4-openssl-compat

  • FLASH: .rodata +16 B, .text +1,344 B (+0.2%, 769,492 B / 1,048,576 B, total: 73% used)

gcc-arm-cortex-m4-pkcs7

  • FLASH: .text +768 B (+0.4%, 212,142 B / 262,144 B, total: 81% used)

gcc-arm-cortex-m4-pq

  • FLASH: .rodata +24 B, .text +1,024 B (+0.4%, 278,984 B / 1,048,576 B, total: 27% used)

gcc-arm-cortex-m4-rsa-only

  • FLASH: .rodata +24 B, .text +1,088 B (+0.3%, 324,584 B / 1,048,576 B, total: 31% used)

gcc-arm-cortex-m4-sp-math

  • FLASH: .text +640 B (+1.0%, 61,677 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m4-tls12

  • FLASH: .text +768 B (+0.6%, 122,957 B / 262,144 B, total: 47% used)

gcc-arm-cortex-m4-tls13

  • FLASH: .rodata.wolfSSL_ERR_reason_error_string.str1.1 +18 B, .text +1,024 B (+0.4%, 235,728 B / 262,144 B, total: 90% used)

gcc-arm-cortex-m7

  • FLASH: .rodata.wolfSSL_ERR_reason_error_string.str1.1 +18 B, .text +768 B (+0.4%, 199,838 B / 262,144 B, total: 76% used)

gcc-arm-cortex-m7-pq

  • FLASH: .rodata +24 B, .text +1,024 B (+0.4%, 279,560 B / 1,048,576 B, total: 27% used)

gcc-arm-cortex-m7-tls13

  • FLASH: .rodata.wolfSSL_ERR_reason_error_string.str1.1 +18 B, .text +960 B (+0.4%, 235,728 B / 262,144 B, total: 90% used)

linuxkm-pie

  • Data: __patchable_function_entries +1,032 B (+4.2%, 25,320 B)

linuxkm-standard

  • Data: __patchable_function_entries +1,936 B (+4.2%, 47,952 B)

stm32-sim-stm32h753

  • FLASH: .text +1,392 B (+0.8%, 183,076 B / 2,097,152 B, total: 9% used)

@hmohide

hmohide commented May 7, 2026

Copy link
Copy Markdown
Author

@dgarskeI think above failure not triggered by the changes? Do i need to make some change? Please guide

@dgarske

dgarske commented May 7, 2026

Copy link
Copy Markdown
Member

Hi @hmohide these would all be solved by a rebase against latest master and force push. Please go ahead and do that. Thanks

@dgarske dgarske self-requested a review June 10, 2026 16:42

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: REQUEST_CHANGES
Findings: 9 total — 9 posted, 0 skipped
7 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [High] DTLS NetX receive maps timeouts to fatal error, breaking retransmissionsrc/wolfio.c:2659-2665
  • [Medium] wolfSSL_SetIO_NetX_Dtls stores caller pointers dereferenced much later (lifetime hazard)src/wolfio.c:2751-2759, wolfssl/internal.h:5719-5721
  • [Medium] DTLS receive does not capture peer address (single fixed-peer limitation)src/wolfio.c:2644-2694
  • [Medium] New public API and DTLS IO callbacks have no test coveragesrc/wolfio.c:2644-2759
  • [Medium] New public API lacks doxygen; existing doxygen references renamed nxSocket fieldwolfssl/wolfio.h:798-801
  • [Medium] DTLS NetX path requires NetX Duo APIs without a guardsrc/wolfio.c:2729-2745
  • [Low] NetX_SendTo uses Allman braces and missing space after 'if' (style mismatch)src/wolfio.c:2729-2745
  • [Low] Trailing whitespace will fail wolfSSL whitespace CI checksrc/wolfio.c:2640,2708,2736,2744,2754; wolfssl/internal.h:5718; wolfssl/wolfio.h:795,798-801
  • [Low] Incorrect/misleading struct member comments (nxPort, nxUdpSocket)wolfssl/internal.h:5719-5721

Review generated by Skoll

Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c
Comment thread src/wolfio.c
Comment thread wolfssl/wolfio.h Outdated
Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c Outdated
Comment thread wolfssl/internal.h

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hmohide Our internal AI review found several items to consider: #10408 (review)

@hmohide

hmohide commented Jun 12, 2026

Copy link
Copy Markdown
Author

@dgarske i have updated the review comments

Comment thread src/wolfio.c Outdated
Comment thread wolfssl/internal.h
- Replace non-ASCII em-dash with ASCII hyphen in NetX_ReceiveFrom
  comment to pass wolfSSL encoding/whitespace CI check
- Add WOLFSSL_NETX_DUO to .wolfssl_known_macro_extras so the
  macro checker no longer flags it as unrecognized
@dgarske

dgarske commented Jun 15, 2026

Copy link
Copy Markdown
Member

Jenkins retest this please "Build 'wolfSSL/PRB-fips-repo-and-harness-test-v3-part2' failed with result: FAILURE"

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds NetX Duo UDP I/O callback support so DTLS sessions can run over NetX sockets (in addition to existing NetX TCP/TLS support), and wires the appropriate callbacks/context initialization into the default wolfSSL initialization paths.

Changes:

  • Add NetX Duo DTLS UDP I/O callbacks (NetX_ReceiveFrom / NetX_SendTo) and a public configuration API (wolfSSL_SetIO_NetX_Dtls).
  • Update NetX context structure to track separate TCP vs UDP socket handles and UDP destination addressing.
  • Select UDP callbacks automatically for DTLS methods in InitSSL_Ctx() and ensure DTLS I/O contexts point at ssl->nxCtx when NetX is enabled.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
wolfssl/wolfio.h Adds public API and local callback prototypes for NetX Duo DTLS UDP I/O.
wolfssl/internal.h Extends NetX I/O context to distinguish TCP vs UDP and store DTLS destination addressing.
src/wolfio.c Implements NetX Duo DTLS UDP send/receive callbacks and updates existing NetX TCP callbacks to use renamed context fields.
src/internal.c Selects NetX DTLS UDP callbacks for DTLS contexts and fixes DTLS default I/O ctx initialization for NetX.
doc/dox_comments/header_files/wolfio.h Updates NetX docs and adds Doxygen for the new DTLS NetX Duo UDP API.
doc/dox_comments/header_files-ja/wolfio.h Japanese doc updates/additions corresponding to the NetX changes.
.wolfssl_known_macro_extras Registers WOLFSSL_NETX_DUO as a known macro.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c Outdated
Comment thread doc/dox_comments/header_files/wolfio.h
Comment thread doc/dox_comments/header_files-ja/wolfio.h Outdated

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 5 total — 4 posted, 1 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] NetX_ReceiveFrom does not validate the datagram source peersrc/wolfio.c:2645-2718
  • [Medium] DTLS 1.3 quick-timeout can divide to zero and fall back to nxWait, disabling retransmissionsrc/wolfio.c:2662-2675
  • [Low] Zero-length datagram returns 0 instead of being ignoredsrc/wolfio.c:2692-2717
  • [Low] Redundant repeated wolfSSL_dtls_get_using_nonblock() callssrc/wolfio.c:2662-2685

Skipped findings

  • [Medium] No test coverage for new NetX DTLS UDP callbacks

Review generated by Skoll

Comment thread src/wolfio.c
Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c Outdated
Comment thread src/wolfio.c Outdated
hmohide added 5 commits June 22, 2026 11:47
- Replace non-ASCII em-dash with ASCII hyphen in NetX_ReceiveFrom
  comment to pass wolfSSL encoding/whitespace CI check
- Add WOLFSSL_NETX_DUO to .wolfssl_known_macro_extras so the
  macro checker no longer flags it as unrecognized
@hmohide

hmohide commented Jun 22, 2026

Copy link
Copy Markdown
Author

@dgarske Earlier i saw this PR was approved by you. but i still getting the AI agent review comments. do i need to fix?

Yes take a look at them. I ran our internal code scanner tool and it found those. Note you are welcome to push back on the findings if you don't think they are needed.

Oh also please make sure you rebase to latest master. We made some CI optimization updates that you need to pull in. Thanks!

i have rebased the branch

@hmohide

hmohide commented Jun 23, 2026

Copy link
Copy Markdown
Author

@dgarske i have rebased. can you please review and approve

@dgarske

dgarske commented Jun 23, 2026

Copy link
Copy Markdown
Member

Jenkins retest this please. History lost

@dgarske dgarske self-requested a review June 23, 2026 14:56
@dgarske dgarske assigned dgarske and unassigned hmohide Jun 23, 2026
@dgarske

dgarske commented Jun 23, 2026

Copy link
Copy Markdown
Member

The CI "Build 'wolfSSL/PRB-fips-repo-and-harness-test-v3-part2' failed with result: FAILURE" is failing only because you have this PR opened on master. We can accept with that known CI issue. We are in a release cycle, so this won't be merged for a few days.

@hmohide

hmohide commented Jul 1, 2026

Copy link
Copy Markdown
Author

@dgarske any update on this PR. this one of the critical PR required for our relaese

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 4 total — 3 posted, 1 skipped
3 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] NetX_ReceiveFrom does not reject negative sz before using it as an unsigned lengthsrc/wolfio.c:2668-2806
  • [Low] Unreachable return at end of NetX_ReceiveFrom (dead code)src/wolfio.c:2821-2823
  • [Low] Post-handshake invalid-peer/0-length flood is not rate-limited in blocking modesrc/wolfio.c:2759-2795

Skipped findings

  • [Low] No test coverage for new DTLS NetX Duo I/O callbacks

Review generated by Skoll

Comment thread src/wolfio.c
Comment thread src/wolfio.c
Comment thread src/wolfio.c
@dgarske dgarske assigned hmohide and unassigned wolfSSL-Bot Jul 1, 2026
@dgarske

dgarske commented Jul 1, 2026

Copy link
Copy Markdown
Member

@dgarske any update on this PR. this one of the critical PR required for our relaese

Just a few minor items to review here -> #10408 (review)
You are welcome to push back / reject items that are not required/needed.

@dgarske

dgarske commented Jul 6, 2026

Copy link
Copy Markdown
Member

Okay to test. Thank you @hmohide

@dgarske

dgarske commented Jul 6, 2026

Copy link
Copy Markdown
Member

Jenkins retest this please "ERROR: Error fetching remote repo 'origin'"

@dgarske dgarske self-requested a review July 6, 2026 16:19

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Code Review

Scan type: reviewOverall recommendation: COMMENT
Findings: 4 total — 3 posted, 1 skipped
3 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Medium] NetX_ReceiveFrom retains leftover datagram bytes, diverging from DTLS datagram semanticssrc/wolfio.c:2809-2832
  • [Low] NetX_SendTo silently uses IPv6 path when destination address version is unsetsrc/wolfio.c:2870-2878
  • [Low] wolfSSL_SetIO_NetX_Dtls does not reset any buffered packet/offset statesrc/wolfio.c:2889-2899

Skipped findings

  • [Medium] No test coverage for new NetX Duo DTLS UDP callbacks

Review generated by Skoll

Comment thread src/wolfio.c
continue;
}

if (nxCtx->nxOffset > total) {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 [Medium] NetX_ReceiveFrom retains leftover datagram bytes, diverging from DTLS datagram semantics

When the caller's sz is smaller than the received datagram, the code copies sz bytes, advances nxCtx->nxOffset, keeps the packet, and returns copied without draining. The remainder of that datagram is then returned on the next call. This mirrors the TCP NetX_Receive byte-stream behavior, but for UDP/DTLS the standard reference EmbedReceiveFrom (recvfrom) delivers one datagram per call and discards any bytes beyond sz (datagram truncation semantics). Feeding the tail of an over-sized datagram back as a subsequent read could mis-frame DTLS records if the record layer ever requests fewer bytes than the datagram holds. In typical use wolfSSL passes a buffer large enough for a full record so this is an edge case, but the semantic difference from EmbedReceiveFrom is worth confirming.

Fix: Document/verify the leftover-retention choice for DTLS or switch to draining the packet each call so a single datagram is never split across reads.

Comment thread src/wolfio.c
return WOLFSSL_CBIO_ERR_GENERAL;
}

if (nxCtx->nxdIp.nxd_ip_version == NX_IP_VERSION_V4) {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] NetX_SendTo silently uses IPv6 path when destination address version is unset

The send path branches on nxCtx->nxdIp.nxd_ip_version == NX_IP_VERSION_V4, and the else falls through to nxd_udp_socket_send(). If a send is attempted before a peer address has been established (e.g. a server that sends before receiving a ClientHello, or an application that forgot to call wolfSSL_SetIO_NetX_Dtls with a valid peer), nxdIp.nxd_ip_version is 0 (zero-initialized), so the IPv6 branch runs with an all-zero NXD_ADDRESS. This fails gracefully (returns WOLFSSL_CBIO_ERR_GENERAL) rather than crashing, but the failure is opaque. In normal DTLS flows the peer is always locked before a send, so this is edge-case robustness only.

Fix: Optionally validate that nxdIp.nxd_ip_version is V4 or V6 before selecting the send path, to make misuse produce a clear diagnostic.

Comment thread src/wolfio.c
}

/* like set_fd, but for default NetX Duo UDP context */
void wolfSSL_SetIO_NetX_Dtls(WOLFSSL* ssl, NX_UDP_SOCKET* nxsocket,

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] wolfSSL_SetIO_NetX_Dtls does not reset any buffered packet/offset state

The setter assigns nxUdpSocket, nxdIp, nxPort, and nxWait but leaves nxPacket/nxOffset untouched. On a freshly allocated WOLFSSL the nxCtx is zero-initialized so this is harmless in the normal one-shot setup case. However, if the API is ever called to re-point IO mid-session while a partially-drained packet is buffered, that stale packet/offset would be applied to the new socket. This matches the existing wolfSSL_SetIO_NetX (TCP) behavior, so it is a consistency observation rather than a new defect.

Fix: Leave as-is for parity with wolfSSL_SetIO_NetX, or reset nxPacket/nxOffset if mid-session re-binding is intended to be supported.

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants