Add UDP support to NetX sockets for DTLS sessions#10408
Conversation
|
Can one of the admins verify this patch? |
|
Okay to test. Contributor agreement on file. Thank you @hmohide |
|
#10414 Should fix the zephyr tests if you rebase to pull in the updated workflow |
|
|
@dgarskeI think above failure not triggered by the changes? Do i need to make some change? Please guide |
|
Hi @hmohide these would all be solved by a rebase against latest master and force push. Please go ahead and do that. Thanks |
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Skoll Code Review
Scan type: reviewOverall recommendation: REQUEST_CHANGES
Findings: 9 total — 9 posted, 0 skipped
7 finding(s) posted as inline comments (see file-level comments below)
Posted findings
- [High] DTLS NetX receive maps timeouts to fatal error, breaking retransmission —
src/wolfio.c:2659-2665 - [Medium] wolfSSL_SetIO_NetX_Dtls stores caller pointers dereferenced much later (lifetime hazard) —
src/wolfio.c:2751-2759, wolfssl/internal.h:5719-5721 - [Medium] DTLS receive does not capture peer address (single fixed-peer limitation) —
src/wolfio.c:2644-2694 - [Medium] New public API and DTLS IO callbacks have no test coverage —
src/wolfio.c:2644-2759 - [Medium] New public API lacks doxygen; existing doxygen references renamed nxSocket field —
wolfssl/wolfio.h:798-801 - [Medium] DTLS NetX path requires NetX Duo APIs without a guard —
src/wolfio.c:2729-2745 - [Low] NetX_SendTo uses Allman braces and missing space after 'if' (style mismatch) —
src/wolfio.c:2729-2745 - [Low] Trailing whitespace will fail wolfSSL whitespace CI check —
src/wolfio.c:2640,2708,2736,2744,2754; wolfssl/internal.h:5718; wolfssl/wolfio.h:795,798-801 - [Low] Incorrect/misleading struct member comments (nxPort, nxUdpSocket) —
wolfssl/internal.h:5719-5721
Review generated by Skoll
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
@hmohide Our internal AI review found several items to consider: #10408 (review)
|
@dgarske i have updated the review comments |
- Replace non-ASCII em-dash with ASCII hyphen in NetX_ReceiveFrom comment to pass wolfSSL encoding/whitespace CI check - Add WOLFSSL_NETX_DUO to .wolfssl_known_macro_extras so the macro checker no longer flags it as unrecognized
|
Jenkins retest this please "Build 'wolfSSL/PRB-fips-repo-and-harness-test-v3-part2' failed with result: FAILURE" |
There was a problem hiding this comment.
Pull request overview
This PR adds NetX Duo UDP I/O callback support so DTLS sessions can run over NetX sockets (in addition to existing NetX TCP/TLS support), and wires the appropriate callbacks/context initialization into the default wolfSSL initialization paths.
Changes:
- Add NetX Duo DTLS UDP I/O callbacks (
NetX_ReceiveFrom/NetX_SendTo) and a public configuration API (wolfSSL_SetIO_NetX_Dtls). - Update NetX context structure to track separate TCP vs UDP socket handles and UDP destination addressing.
- Select UDP callbacks automatically for DTLS methods in
InitSSL_Ctx()and ensure DTLS I/O contexts point atssl->nxCtxwhen NetX is enabled.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
wolfssl/wolfio.h |
Adds public API and local callback prototypes for NetX Duo DTLS UDP I/O. |
wolfssl/internal.h |
Extends NetX I/O context to distinguish TCP vs UDP and store DTLS destination addressing. |
src/wolfio.c |
Implements NetX Duo DTLS UDP send/receive callbacks and updates existing NetX TCP callbacks to use renamed context fields. |
src/internal.c |
Selects NetX DTLS UDP callbacks for DTLS contexts and fixes DTLS default I/O ctx initialization for NetX. |
doc/dox_comments/header_files/wolfio.h |
Updates NetX docs and adds Doxygen for the new DTLS NetX Duo UDP API. |
doc/dox_comments/header_files-ja/wolfio.h |
Japanese doc updates/additions corresponding to the NetX changes. |
.wolfssl_known_macro_extras |
Registers WOLFSSL_NETX_DUO as a known macro. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Skoll Code Review
Scan type: reviewOverall recommendation: COMMENT
Findings: 5 total — 4 posted, 1 skipped
4 finding(s) posted as inline comments (see file-level comments below)
Posted findings
- [Medium] NetX_ReceiveFrom does not validate the datagram source peer —
src/wolfio.c:2645-2718 - [Medium] DTLS 1.3 quick-timeout can divide to zero and fall back to nxWait, disabling retransmission —
src/wolfio.c:2662-2675 - [Low] Zero-length datagram returns 0 instead of being ignored —
src/wolfio.c:2692-2717 - [Low] Redundant repeated wolfSSL_dtls_get_using_nonblock() calls —
src/wolfio.c:2662-2685
Skipped findings
- [Medium]
No test coverage for new NetX DTLS UDP callbacks
Review generated by Skoll
|
Ah the "Build 'wolfSSL/PRB-fips-repo-and-harness-test-v3-part2' failed with result: FAILURE" test won't pass since you opened this PR on your fork's master branch. That's a known issue with our CI. I won't make you re-open the PR. |
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Skoll Code Review
Scan type: reviewOverall recommendation: COMMENT
Findings: 5 total — 4 posted, 1 skipped
4 finding(s) posted as inline comments (see file-level comments below)
Posted findings
- [Medium] Invalid-peer / 0-length datagram receive loop has no bound and re-arms full wait each iteration —
src/wolfio.c:2700-2790 - [Medium] Strict pre-set peer filtering prevents DTLS server use (peer unknown until first ClientHello) —
src/wolfio.c:2746-2751 - [Low] Infinite-loop callback has no trailing return; may warn 'control reaches end of non-void function' —
src/wolfio.c:2790-2793 - [Info] Two stray blank lines added in generated doxygen header —
doc/dox_comments/header_files/wolfio.h:517-518
Skipped findings
- [Low]
New NetX Duo DTLS callbacks have no test coverage
Review generated by Skoll
|
Jenkins retest this please "Build 'wolfSSL/PRB-fips-repo-and-harness-test-v3-part2' failed with result: FAILURE" |
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Skoll Code Review
Scan type: reviewOverall recommendation: COMMENT
Findings: 5 total — 4 posted, 1 skipped
4 finding(s) posted as inline comments (see file-level comments below)
Posted findings
- [Medium] NetX_ReceiveFrom does not track cumulative elapsed time across loop iterations —
src/wolfio.c:2706-2774 - [Low] DTLS+NetX IOCB ctx switch means wolfSSL_dtls_set_peer() no longer affects NetX I/O —
src/internal.c:7916-7922 - [Low] Unreachable return after infinite do-while loop —
src/wolfio.c:2821-2823 - [Low] New code uses if (ssl) instead of if (ssl != NULL) —
src/wolfio.c:2877-2887
Skipped findings
- [Low]
No test coverage for new NetX DTLS/UDP callbacks
Review generated by Skoll
| } | ||
| #endif /* WOLFSSL_DTLS13 */ | ||
|
|
||
| do { |
There was a problem hiding this comment.
🟠 [Medium] NetX_ReceiveFrom does not track cumulative elapsed time across loop iterations
Unlike the reference implementation EmbedReceiveFrom (src/wolfio.c:755-814), which decrements dtls_timeout by the elapsed time on each loop iteration (dtls_timeout -= (LowResTimer() - start)) so the total blocking time during a handshake is bounded by the DTLS retransmit timeout, NetX_ReceiveFrom recomputes the full waitOption from wolfSSL_dtls_get_current_timeout(ssl) on every iteration of the do { } while(1) loop. When an invalid-peer datagram (line 2752-2768) or a 0-length datagram (line 2784-2796) is received and the code continues, the next nx_udp_socket_receive call again waits the full timeout. Under a flood of invalid/empty packets during the handshake, the effective time before the callback returns WOLFSSL_CBIO_ERR_TIMEOUT can grow to roughly maxInvalidPeerPackets * dtls_timeout (up to ~10x), delaying DTLS retransmission. The 10-packet cap bounds it (so it is not unbounded), but the retransmit timer fidelity degrades under attack. Consider tracking start time and decrementing the remaining wait, matching EmbedReceiveFrom.
Fix: Bound the cumulative receive time across loop iterations to the DTLS retransmit timeout rather than restarting the full wait each iteration.
| return BAD_MUTEX_E; | ||
| #endif | ||
|
|
||
| #ifdef HAVE_NETX |
There was a problem hiding this comment.
🔵 [Low] DTLS+NetX IOCB ctx switch means wolfSSL_dtls_set_peer() no longer affects NetX I/O
For DTLS builds with HAVE_NETX, IOCB_ReadCtx/IOCB_WriteCtx now point to &ssl->nxCtx instead of &ssl->buffers.dtlsCtx. This is correct and necessary for the new NetX DTLS callbacks (which expect a NetX_Ctx*), and it also fixes a latent type-confusion (previously the NetX callbacks would have received a dtlsCtx pointer). However, as a consequence, the standard DTLS peer-setting API wolfSSL_dtls_set_peer() (which writes into ssl->buffers.dtlsCtx.peer) no longer influences the NetX UDP send/receive path; the peer must instead be set via the new wolfSSL_SetIO_NetX_Dtls() (or auto-locked on first received datagram). This is a reasonable design but is an easy-to-miss behavioral gap for users porting existing DTLS code to NetX. Worth documenting explicitly.
Fix: Document in the wolfSSL_SetIO_NetX_Dtls dox comment that the peer must be configured through this API (or auto-locked from the first datagram) and that wolfSSL_dtls_set_peer() does not apply to the NetX UDP path.
| } | ||
|
|
||
| return copied; | ||
| } while (1); |
There was a problem hiding this comment.
🔵 [Low] Unreachable return after infinite do-while loop
The do { ... } while (1) loop only exits via the return statements inside it; the trailing return (int)copied; at line 2823 is unreachable dead code. It is harmless (and arguably defensive against 'control reaches end of non-void function' warnings on some compilers), but it can also trigger -Wunreachable-code in stricter CI configurations. Minor cleanup.
Fix: Remove the unreachable trailing return, or convert the loop to a for(;;)/while with a single tail return if a compiler warns about the non-void path.
| } | ||
|
|
||
| /* like set_fd, but for default NetX Duo UDP context */ | ||
| void wolfSSL_SetIO_NetX_Dtls(WOLFSSL* ssl, NX_UDP_SOCKET* nxsocket, |
There was a problem hiding this comment.
🔵 [Low] New code uses if (ssl) instead of if (ssl != NULL)
Per the wolfSSL C coding style, NULL checks in new code should be written if (ssl != NULL) rather than the truthiness form if (ssl). The new wolfSSL_SetIO_NetX_Dtls (and the rewritten wolfSSL_SetIO_NetX at line 2632) use if (ssl). This matches the adjacent pre-existing style, so it is purely stylistic, but the new function is new code subject to the explicit-comparison convention.
Fix: Use explicit if (ssl != NULL) in the new function to match wolfSSL conventions for new code.
|
@dgarske Earlier i saw this PR was approved by you. but i still getting the AI agent review comments. do i need to fix? |
Yes take a look at them. I ran our internal code scanner tool and it found those. Note you are welcome to push back on the findings if you don't think they are needed. |
Oh also please make sure you rebase to latest master. We made some CI optimization updates that you need to pull in. Thanks! |
- Replace non-ASCII em-dash with ASCII hyphen in NetX_ReceiveFrom comment to pass wolfSSL encoding/whitespace CI check - Add WOLFSSL_NETX_DUO to .wolfssl_known_macro_extras so the macro checker no longer flags it as unrecognized
i have rebased the branch |
Description
Add UDP support to NetX sockets for DTLS sessions
Fixes zd#
src/internal.c
src/wolfio.c
wolfssl/internal.h
wolfssl/wolfio.h
Testing
Yes, verified the DTLS communication with multiple session
Checklist