fix(coap): Update to libcoap v4.3.5a

Fixes some critical issues.

Author: mrdeep1

coap/examples/coap_client/main/coap_client_example_main.c

@@ -31,6 +31,7 @@
 
 #include "protocol_examples_common.h"
 
+#include "coap_config.h"
 #include "coap3/coap.h"
 
 

coap/examples/coap_client/main/idf_component.yml

@@ -1,8 +1,9 @@
-version: "1.0.0"
+version: 1.0.0
 description: CoAP Client Example
 dependencies:
   espressif/coap:
-    version: "^4.3.0"
-    override_path: '../../../'
+    version: ^4.3.0
+    override_path: ../../../
   protocol_examples_common:
     path: ${IDF_PATH}/examples/common_components/protocol_examples_common
+  espressif/ethernet_init: '*'

coap/examples/coap_server/main/coap_server_example_main.c

@@ -29,6 +29,7 @@
 
 #include "protocol_examples_common.h"
 
+#include "coap_config.h"
 #include "coap3/coap.h"
 
 #ifndef CONFIG_COAP_SERVER_SUPPORT

coap/examples/coap_server/main/idf_component.yml

@@ -1,8 +1,9 @@
-version: "1.0.0"
+version: 1.0.0
 description: CoAP Server Example
 dependencies:
   espressif/coap:
-    version: "^4.3.0"
-    override_path: '../../../'
+    version: ^4.3.0
+    override_path: ../../../
   protocol_examples_common:
     path: ${IDF_PATH}/examples/common_components/protocol_examples_common
+  espressif/ethernet_init: '*'

coap/idf_component.yml

@@ -1,4 +1,4 @@
-version: "4.3.5~3"
+version: "4.3.5~4"
 description: Constrained Application Protocol (CoAP) C Library
 url: https://github.com/espressif/idf-extra-components/tree/master/coap
 dependencies:

coap/libcoap

@@ -1,12 +1,9 @@
 /*
  * libcoap configure implementation for ESP32 platform.
  *
- * Uses libcoap software implementation for failover when concurrent
- * configure operations are in use.
- *
  * coap.h -- main header file for CoAP stack of libcoap
  *
- * Copyright (C) 2010-2012,2015-2024 Olaf Bergmann <[email protected]>
+ * Copyright (C) 2010-2012,2015-2025 Olaf Bergmann <[email protected]>
  *               2015 Carsten Schoenert <[email protected]>
  *
  * Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
@@ -15,8 +12,8 @@
  * of use.
  */
 
-#ifndef _CONFIG_H_
-#define _CONFIG_H_
+#ifndef COAP_CONFIG_H_
+#define COAP_CONFIG_H_
 
 /* Always enabled in ESP-IDF */
 #ifndef WITH_POSIX
@@ -56,11 +53,30 @@
 
 #ifdef CONFIG_LWIP_IPV4
 #define COAP_IPV4_SUPPORT 1
-#endif /* CONFIG_LWIP_IPV4 */
+#else /* ! CONFIG_LWIP_IPV4 */
+struct sockaddr_in {
+    u8_t            sin_len;
+    sa_family_t     sin_family;
+    in_port_t       sin_port;
+    struct in_addr  sin_addr;
+};
+#endif /* ! CONFIG_LWIP_IPV4 */
 
 #ifdef CONFIG_LWIP_IPV6
 #define COAP_IPV6_SUPPORT 1
-#endif /* CONFIG_LWIP_IPV6 */
+#else /* ! CONFIG_LWIP_IPV6 */
+struct sockaddr_in6 {
+    u8_t            sin6_len;
+    sa_family_t     sin6_family;
+    in_port_t       sin6_port;
+    u32_t           sin6_flowinfo;
+    struct in_addr  sin6_addr;
+    u32_t           sin6_scope_id;
+};
+#ifndef INET6_ADDRSTRLEN
+#define INET6_ADDRSTRLEN 40
+#endif /* INET6_ADDRSTRLEN */
+#endif /* ! CONFIG_LWIP_IPV6 */
 
 #ifdef CONFIG_COAP_ASYNC_SUPPORT
 #define COAP_ASYNC_SUPPORT 1
@@ -114,4 +130,4 @@
 #define COAP_MAX_LOGGING_LEVEL 0
 #endif /* ! CONFIG_COAP_DEBUGGING */
 
-#endif /* _CONFIG_H_ */
+#endif /* COAP_CONFIG_H_ */

coap/port/include/coap3/coap.h

@@ -6,7 +6,7 @@
  *
  * coap.h -- main header file for CoAP stack of libcoap
  *
- * Copyright (C) 2010-2012,2015-2024 Olaf Bergmann <[email protected]>
+ * Copyright (C) 2010-2012,2015-2025 Olaf Bergmann <[email protected]>
  *               2015 Carsten Schoenert <[email protected]>
  *
  * Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
@@ -56,7 +56,7 @@ struct in6_pktinfo {
 #define PACKAGE_VERSION "4.3.5"
 
 #ifdef CONFIG_MBEDTLS_TLS_ENABLED
-#define COAP_WITH_LIBMBEDTLS
+#define COAP_WITH_LIBMBEDTLS 1
 #endif /* CONFIG_MBEDTLS_TLS_ENABLED */
 
 #define COAP_DEFAULT_MAX_PDU_RX_SIZE CONFIG_LWIP_TCP_MSL

coap/port/include/coap_config.h

@@ -4,7 +4,7 @@ cpe: cpe:2.3:a:libcoap:libcoap:{}:*:*:*:*:*:*:*
 supplier: 'Organization: libcoap <https://libcoap.net/>'
 description: A CoAP (RFC 7252) implementation in C
 url: https://github.com/obgm/libcoap
-hash: 4d84859620540c8baf06fa094abb9e0ae19da0e7
+hash: e3fdcdcfbd1588754fe9dd4b754ac9397260f0f9
 cve-exclude-list:
   - cve: CVE-2024-31031
     reason: Resolved in version 4.3.5-rc1
@@ -14,3 +14,23 @@ cve-exclude-list:
     reason: Resolved in version 4.3.5-rc3
   - cve: CVE-2025-50518
     reason: Not applicable as per comment https://github.com/obgm/libcoap/issues/1724#issuecomment-3296780541
+  - cve: CVE-2025-59391
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69493
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69494
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69495
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69496
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69497
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69498
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69499
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69500
+    reason: Resolved in version 4.3.5a
+  - cve: CVE-2025-69501
+    reason: Resolved in version 4.3.5a