Skip to content

No Server Guard Update#888

Open
ejohnstown wants to merge 1 commit intowolfSSL:masterfrom
ejohnstown:no-server
Open

No Server Guard Update#888
ejohnstown wants to merge 1 commit intowolfSSL:masterfrom
ejohnstown:no-server

Conversation

@ejohnstown
Copy link
Contributor

@ejohnstown ejohnstown commented Mar 6, 2026

  1. Adds --disable-server and --disable-client configure flags. Allows for compile-time exclusion of server or client code.
  2. Add check to internal.h for both NO_WOLFSSH_SERVER and NO_WOLFSSH_CLIENT being set and errors.
  3. In ports.h, add check for not-NO_WOLFSSH_CLIENT so SFTP/SCP filesystrem types are also available in client-only builds.
  4. Update the NO_WOLFSSH_SERVER and NO_WOLFSSH_DIR guards around wolfsftp.c. Update wolfSSH_SFTP_free() to skip directory cleanup when server code is disabled.

ZD #21261

@ejohnstown
No Server Guard Update
b5f6948 
1. Adds --disable-server and --disable-client configure flags. Allows for
   compile-time exclusion of server or client code.
2. Add check to internal.h for both NO_WOLFSSH_SERVER and
   NO_WOLFSSH_CLIENT being set and errors.
3. In ports.h, add check for not-NO_WOLFSSH_CLIENT so SFTP/SCP
   filesystrem types are also available in client-only builds.
4. Update the NO_WOLFSSH_SERVER and NO_WOLFSSH_DIR guards around
   wolfsftp.c. Update wolfSSH_SFTP_free() to skip directory cleanup
   when server code is disabled.

ZD #21261
Copilot AI review requested due to automatic review settings March 6, 2026 00:24
@ejohnstown ejohnstown self-assigned this Mar 6, 2026
Copilot AI reviewed Mar 6, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds build-time configuration options to compile out WolfSSH server or client code, with related preprocessor guards to keep SFTP/SCP buildable in reduced configurations.

Changes:

  • Introduces --disable-server / --disable-client configure flags that define NO_WOLFSSH_SERVER / NO_WOLFSSH_CLIENT.
  • Adds a compile-time error when both server and client are disabled.
  • Updates SFTP/SCP-related preprocessor guards (including wolfSSH_SFTP_free() directory cleanup behavior) to support client-only builds.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
wolfssh/port.h Broadens filesystem-type guard so SFTP/SCP types are available when building without server code.
wolfssh/internal.h Adds a hard error if both server and client are disabled simultaneously.
src/wolfsftp.c Refactors server/directory guards around SFTP code and adjusts cleanup behavior for server-disabled builds.
configure.ac Adds --disable-server / --disable-client flags and maps them to -DNO_WOLFSSH_SERVER / -DNO_WOLFSSH_CLIENT.
Comments suppressed due to low confidence (2)

src/wolfsftp.c:3438

  • The directory packet handlers are now only guarded by #ifndef NO_WOLFSSH_SERVER, but the corresponding NO_WOLFSSH_DIR guard closure was removed (#endif /* NO_WOLFSSH_DIR */). This makes the directory-specific code compile even when NO_WOLFSSH_DIR is defined, which can break NO_WOLFSSH_DIR builds (missing types/fields or unwanted directory functionality). Wrap the directory-specific handler section (e.g., the 'read a directory' / close-dir handlers) in #if !defined(NO_WOLFSSH_DIR) (or a combined !defined(NO_WOLFSSH_SERVER) && !defined(NO_WOLFSSH_DIR)), and ensure the #if/#endif pairing matches the new structure so non-directory server handlers remain available when NO_WOLFSSH_DIR is set.
#ifndef NO_WOLFSSH_SERVER

/* Handles packet to read a directory
 *
 * returns WS_SUCCESS on success

src/wolfsftp.c:3565

  • The directory packet handlers are now only guarded by #ifndef NO_WOLFSSH_SERVER, but the corresponding NO_WOLFSSH_DIR guard closure was removed (#endif /* NO_WOLFSSH_DIR */). This makes the directory-specific code compile even when NO_WOLFSSH_DIR is defined, which can break NO_WOLFSSH_DIR builds (missing types/fields or unwanted directory functionality). Wrap the directory-specific handler section (e.g., the 'read a directory' / close-dir handlers) in #if !defined(NO_WOLFSSH_DIR) (or a combined !defined(NO_WOLFSSH_SERVER) && !defined(NO_WOLFSSH_DIR)), and ensure the #if/#endif pairing matches the new structure so non-directory server handlers remain available when NO_WOLFSSH_DIR is set.
int wolfSSH_SFTP_RecvCloseDir(WOLFSSH* ssh, byte* handle, word32 handleSz)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

src/wolfsftp.c
Comment on lines 3622 to 3626

return WS_SUCCESS;
}
#endif /* NO_WOLFSSH_DIR */

/* Handles packet to write a file
Copy link

Copilot AI Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The directory packet handlers are now only guarded by #ifndef NO_WOLFSSH_SERVER, but the corresponding NO_WOLFSSH_DIR guard closure was removed (#endif /* NO_WOLFSSH_DIR */). This makes the directory-specific code compile even when NO_WOLFSSH_DIR is defined, which can break NO_WOLFSSH_DIR builds (missing types/fields or unwanted directory functionality). Wrap the directory-specific handler section (e.g., the 'read a directory' / close-dir handlers) in #if !defined(NO_WOLFSSH_DIR) (or a combined !defined(NO_WOLFSSH_SERVER) && !defined(NO_WOLFSSH_DIR)), and ensure the #if/#endif pairing matches the new structure so non-directory server handlers remain available when NO_WOLFSSH_DIR is set.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@ejohnstown ejohnstown

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ejohnstown