azure-rtos/netxduo
1
0
Fork 0
mirror of https://github.com/azure-rtos/netxduo.git synced 2025-10-14 02:58:01 +08:00
Code Issues Packages Projects Releases Wiki Activity
242 Commits 2 Branches 27 Tags
master
Commit Graph

242 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Frédéric Desbiens
e306027c2f Merge pull request #346 from eclipse-threadx/hotfix-a 
Merge changes for v6.4.4.202503a
v6.4.4.202503a 		2025-10-06 13:52:13 -04:00
Frédéric Desbiens
c1ca6382e2 Added hotfix version ahead of v6.4.4.202503a release 2025-10-06 13:46:47 -04:00
Frédéric Desbiens
194e1469cc Added missing bearer and bearer_legth references 2025-10-06 13:43:58 -04:00
Frédéric Desbiens
3c70ca9aa6 Added missing parameters in _client_connect calls 2025-10-06 13:38:06 -04:00
Frédéric Desbiens
bb1f7f92a4 Fixed issues with websocket changes and updated tests (#345) 
* Restored ECC_CIPHERSUITE ifdef code.

* Remove unused variables.

* Replaced faulty comparisons with ifdefs.

* Fixed regression tests.
 2025-10-06 12:03:32 -04:00
Frédéric Desbiens
f9ecbd7740 Fixed compilation error per issue #344 2025-10-06 11:30:26 -04:00
Frédéric Desbiens
8d84ebe703 Merge pull request #343 from eclipse-threadx/dev 
Merge changes in preparation of the v6.4.4.202503 release.
v.6.4.4.202503_rel 		2025-10-02 15:52:16 +01:00
Frédéric Desbiens
582a3604fb Fixed ECDHE_PSK cipher suites implementation. (#342) 
* Restored ECC_CIPHERSUITE ifdef code.
* Added ifdefs to exclude PSK code when build options require it.
 2025-10-01 09:46:36 +01:00
Frédéric Desbiens
4ff4996d12 Fixed _nx_websocket_client_connect_internal declaration. 2025-09-29 16:48:15 +01:00
Frédéric Desbiens
d5a34aa078 Fixed typo in updated _nx_websocket_client_connect declaration. 2025-09-29 16:39:27 +01:00
Frédéric Desbiens
f064489c9b Fixed _nxe_websocket_client_connect declaration. 2025-09-29 16:37:33 +01:00
Frédéric Desbiens
1c814345aa Fixed _nxe_websocket_client_connect declaration. 2025-09-29 16:30:50 +01:00
Frédéric Desbiens
009591dcb3 Updated version number and added build number and hotfix. 2025-09-29 16:15:07 +01:00
Frédéric Desbiens
84b920fc65 Merge pull request #317 from sjscymru/fix-hdfk-buffer-overflow 
Fix HKDF implementation to prevent buffer overrun when compiled with NX_SECURE_KEY_CLEAR
 2025-09-29 11:24:13 +01:00
Frédéric Desbiens
b4ec3ca16e Merge pull request #313 from mdkf/dev 
#312 Handle HTTP code 429
 2025-09-29 11:23:20 +01:00
Frédéric Desbiens
5ebdc4d9a8 Merge commit from fork 
Insert a buffer_ptr position check before getting bytes
 2025-09-29 08:59:52 +01:00
Frédéric Desbiens
8299589ded Merge commit from fork 
Insert a index position check before getting bytes
 2025-09-29 08:57:02 +01:00
Frédéric Desbiens
1da6298043 Merge commit from fork 
Added buffer length check
 2025-09-29 08:46:42 +01:00
Frédéric Desbiens
f4de148a71 Merge commit from fork 
Insert a remaining buffer length check before dereferencing the pointer
 2025-09-29 08:44:00 +01:00
Frédéric Desbiens
b39da813ad Merge commit from fork 
Fixed issue in _nx_secure_tls_process_clienthello()
 2025-09-29 08:38:27 +01:00
Frédéric Desbiens
304fc836ff Merge commit from fork 
Fix length checking in supported version extension, add test
 2025-09-29 08:34:10 +01:00
Frédéric Desbiens
ef9731c2a4 Merge commit from fork 
Fix PSK extension length checking, add tests for such
 2025-09-29 08:29:34 +01:00
Frédéric Desbiens
cbffa17c68 Merge commit from fork 
Fix multiple NextX Duo vulnerabilities.
 2025-09-29 08:25:56 +01:00
Frédéric Desbiens
581c0038db Merge commit from fork 
Fixes an issue in nx_secure_tls_psk_identity_find()
 2025-09-29 08:22:00 +01:00
Frédéric Desbiens
4185fa3758 Merge pull request #326 from igortomiatti/implement-ecdhe-psk 
Implementation of ECDHE_PSK cipher suites
 2025-09-02 16:30:04 +01:00
Frédéric Desbiens
18312a1ecd Merge pull request #330 from joelguittet/websocket-improvement-headers 
Websocket improvement headers.
 2025-09-02 16:27:02 +01:00
Yuxin Zhou
3f3847f11c Address the following advisories: 
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-pf5q-r6q5-6j2f
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-cf2g-j6vv-m8c5
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-vwh7-h99r-fvwq
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-c9pq-93jp-w649
 2025-07-28 11:13:45 -07:00
Frédéric Desbiens
e164cd8dde Ensure proper RAM Disk sizing in the HTTPS demo. 2025-07-28 13:50:13 -04:00
Frédéric Desbiens
f0731397ed Added error handling to the HTTPS sample. 
Signed-off-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org>
 2025-07-21 12:27:42 -04:00
Joel Guittet
537210195f websocket client: Add support for Authorization Bearer header 
The Authorization: Bearer header allow to perform authentication
providing a token. It is optional.

Signed-off-by: Joel Guittet <joelguittet@gmail.com>
 2025-06-19 00:50:20 +02:00
Joel Guittet
a766a15e70 websocket client: Sec-WebSocket-Protocol is optional header 
The header Sec-WebSocket-Protocol is optional in both the
request and the response from the server.

Signed-off-by: Joel Guittet <joelguittet@gmail.com>
 2025-06-19 00:50:20 +02:00
Igor Tomiatti
a1bb0db736 Added the cipher suites: TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA and TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 2025-06-12 15:24:43 -03:00
Igor Tomiatti
1e306c525f Generate pre master secret according to ECDHE_PSK 2025-06-12 15:11:13 -03:00
Igor Tomiatti
1664c68f80 Generate client key exchange according to ECDHE_PSK 2025-06-12 15:09:51 -03:00
Igor Tomiatti
258898c025 Support for ECDHE_PSK in process server key exchange 2025-06-12 15:06:59 -03:00
cypherbridge
0095a25b7a patch for GHSA-v474-mv4g-v8cx 
edited by inspection not compiled or run-time tested
 2025-05-27 19:38:43 -07:00
cypherbridge
fb443afdbe patch for GHSA-8h38-qjhh-mf2h 
edited by inspection not compiled or run-time tested
 2025-05-27 19:17:33 -07:00
cypherbridge
ef78bf896f patch for GHSA-5vrv-8j5h-h6h6 
edited by inspection not compiled or run-time tested
 2025-05-27 19:01:20 -07:00
Huan Nguyen
8c54f65d66 Add length check for supported versions extension and regression test 2025-05-22 09:10:32 -06:00
Huan Nguyen
9702171925 Move empty packet check in nx_secure_tls_session_send 
It was causing some tests to hang forever because they were expecting
different errors to be returned. We do want to keep the check for
empty packets as the netx_web_invalid_release_test expects that
sending an empty packet fails. Note that the test also tests HTTPS,
which will technically send a non-empty packet because the empty
packet will be modified to include the TLS data. However, the
empty packet check in nx_secure_tls_session_send will fulfill the
same role as the check in nx_tcp_socket_send.c, checking for
an empty packet prior to the modification of the packet to include
TLS data.

This gets the tests passing again.
 2025-05-22 09:09:44 -06:00
Huan Nguyen
30accc9c2c Fix broken bounds check and add regression test 
The check is in the function
_nx_secure_tls_process_clienthello_psk_extension and was reported
as a vulnerability.
 2025-05-22 09:04:37 -06:00
Huan Nguyen
37d8682c1b Move empty packet check in nx_secure_tls_session_send 
It was causing some tests to hang forever because they were expecting
different errors to be returned. We do want to keep the check for
empty packets as the netx_web_invalid_release_test expects that
sending an empty packet fails. Note that the test also tests HTTPS,
which will technically send a non-empty packet because the empty
packet will be modified to include the TLS data. However, the
empty packet check in nx_secure_tls_session_send will fulfill the
same role as the check in nx_tcp_socket_send.c, checking for
an empty packet prior to the modification of the packet to include
TLS data.

This gets the tests passing again.
 2025-05-22 09:04:37 -06:00
ekleezg
9a1315f316 Insert a buffer_ptr position check before getting bytes 2025-05-20 14:39:47 +09:00
ekleezg
adbb3a231a Insert a index position check before getting bytes 2025-05-20 14:19:56 +09:00
ekleezg
d4c3b96ae3 Insert a remaining buffer length check before dereferencing the pointer 2025-05-20 14:10:34 +09:00
Frédéric Desbiens
5af33d7d55 Merge pull request #319 from eclipse-threadx/dev 
Fixes to build script and submodule definitions
 2025-05-16 14:28:03 +02:00
Frédéric Desbiens
c0bde1c4b7 Merge pull request #318 from hnguyenHWI/master 
Fix the FileX and ThreadX dependencies
 2025-05-16 14:25:29 +02:00
Huan Nguyen
25c708167d Fix URL for submodules to work for everyone 2025-05-15 09:06:15 -06:00
Huan Nguyen
8f9cf9207e Add newlines at EOF to comply with POSIX standard 2025-05-15 08:41:36 -06:00
Huan Nguyen
a4b2a34d76 Update FileX submodule 
Need to update to include the CMake version changes so that the
NetXDuo build scripts succeed.
 2025-05-15 08:34:44 -06:00