fix examples to follow options.h config#10037
Merged
douzzer merged 4 commits intowolfSSL:masterfrom Apr 2, 2026
Merged
Conversation
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #10037
No scan targets match the changed files in this PR. Review skipped.
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the example client/server (and shared test helpers) to stop overriding build-time configuration macros (from options.h / settings.h) and instead compile cleanly against the wolfSSL API surface as configured.
Changes:
- Removed example-level
#undef/forced-define blocks related toOPENSSL_COEXISTand OpenSSL-compat headers. - Migrated
examples/server/server.coff OpenSSL-compatSSL_*names toWOLFSSL*/wolfSSL_*APIs. - Added
!OPENSSL_COEXISTpreprocessor guards around OpenSSL-extra-only printing paths inwolfssl/test.h.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
wolfssl/test.h |
Avoids OpenSSL-extra helper paths when OPENSSL_COEXIST is set. |
examples/server/server.c |
Switches example server from SSL_* APIs/types to wolfSSL_*/WOLFSSL_*. |
examples/client/client.c |
Stops undefining coexist macros; aligns buffer filetype constants with wolfSSL API. |
Comments suppressed due to low confidence (4)
examples/server/server.c:640
- In
ServerWrite(), afterwolfSSL_write()returns<= 0, the code callswolfSSL_get_error(ssl, 0).wolfSSL_get_error()should be given the return value from the preceding call, otherwise the async/WANT_WRITE loop can behave incorrectly. UsewolfSSL_get_error(ssl, ret)here.
do {
err = 0; /* reset error */
ret = wolfSSL_write(ssl, output, len);
if (ret <= 0) {
err = wolfSSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
examples/server/server.c:3665
- In the early-data loop, when
wolfSSL_read_early_data()returns<= 0, the code callswolfSSL_get_error(ssl, 0)instead of passing theretvalue fromwolfSSL_read_early_data(). This can misreport WC_PENDING_E/WANT_READ/WANT_WRITE and break the loop logic. PassrettowolfSSL_get_error()here.
ret = wolfSSL_read_early_data(ssl, input, sizeof(input)-1,
&len);
if (ret <= 0) {
err = wolfSSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
/* returns the number of polled items or <0 for
* error */
ret = wolfSSL_AsyncPoll(ssl,
WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
}
examples/server/server.c:456
- In
ServerEchoData(), whenwolfSSL_read()returns<= 0, the code callswolfSSL_get_error(ssl, 0)instead of passing theretvalue fromwolfSSL_read(). This can produce an incorrect error code and break the WANT_READ/WANT_WRITE handling. PassrettowolfSSL_get_error()here.
/* Read data */
while (rx_pos < len) {
ret = wolfSSL_read(ssl, &buffer[rx_pos], len - rx_pos);
if (ret <= 0) {
err = wolfSSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
examples/server/server.c:492
- In
ServerEchoData(), the write error path logserrwhenwolfSSL_write()returns a short write, buterris not set based on the write result (and may still be uninitialized if the preceding reads succeeded). Capture the error from the write call (e.g., viawolfSSL_get_error(ssl, ret)whenret <= 0, or set a deterministic value for short writes) before logging/handling it.
WOLFSSL_ASYNC_WHILE_PENDING(
ret = wolfSSL_write(ssl, buffer, (int)min((word32)len, (word32)rx_pos)),
ret <= 0);
if (ret != (int)min((word32)len, (word32)rx_pos)) {
LOG_ERROR("SSL_write echo error %d\n", err);
err_sys_ex(runWithErrors, "SSL_write failed");
}
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
JacobBarthelmeh
force-pushed
the
nightly
branch
from
6a70cba to
3d62a6f
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
JacobBarthelmeh
force-pushed
the
nightly
branch
from
92a20c0 to
81c3d26
Compare
Contributor
Author
|
Retest this please Jenkins |
douzzer
added
Staged
douzzer
requested changes
Mar 31, 2026
Contributor
douzzer
left a comment
douzzer
left a comment
There was a problem hiding this comment.
Needs fixes -- I think just WOLFSSL_BIO_NOCLOSE instead of BIO_NOCLOSE:
[all-crypto-openssl-extra-coexist-smallstack] [16 of 61] [4f295cfb83]
configure${config_analyzer_note}... real 0m12.179s user 0m7.235s sys 0m5.970s
build...examples/client/client.c: In function ‘client_test’:
2dafd2102c (<carie@wolfssl.com> 2019-09-19 18:11:10 -0600 4381) WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
examples/client/client.c:4381:55: error: ‘BIO_NOCLOSE’ undeclared (first use in this function)
4381 | WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
| ^~~~~~~~~~~
2dafd2102c (<carie@wolfssl.com> 2019-09-19 18:11:10 -0600 4381) WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
examples/client/client.c:4381:55: note: each undeclared identifier is reported only once for each function it appears in
examples/client/client.c: In function ‘client_test’:
2dafd2102c (<carie@wolfssl.com> 2019-09-19 18:11:10 -0600 4381) WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
examples/client/client.c:4381:55: error: ‘BIO_NOCLOSE’ undeclared (first use in this function)
4381 | WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
| ^~~~~~~~~~~
2dafd2102c (<carie@wolfssl.com> 2019-09-19 18:11:10 -0600 4381) WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
examples/client/client.c:4381:55: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [Makefile:11200: examples/client/testsuite_testsuite_test-client.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[2]: *** [Makefile:10024: examples/client/tests_unit_test-client.o] Error 1
make[1]: *** [Makefile:11465: all-recursive] Error 1
make: *** [Makefile:6282: all] Error 2
real 0m5.647s user 0m28.594s sys 0m1.509s
scenario started 2026-03-30T23:36:07.364225Z, real elapsed 0m17.893915s
all-crypto-openssl-extra-coexist-smallstack fail_build
failed config: 'EXTRA_CPPFLAGS=-Werror' '--srcdir' '.' '--disable-jobserver' '--enable-option-checking=fatal' '--enable-all' '--enable-acert' '--enable-dtls13' '--enable-dtls-mtu' '--enable-dtls-frag-ch' '--enable-dtlscid' '--enable-quic' '--with-sys-crypto-policy' '--enable-experimental' '--enable-kyber=yes,original' '--enable-lms' '--enable-xmss' '--enable-dilithium' '--enable-slhdsa' '--enable-dual-alg-certs' '--disable-qt' '--disable-opensslall' '--enable-opensslcoexist' '--disable-all-osp' '--enable-wpas' '--disable-quic' '--enable-smallstack' '--enable-smallstackcache' 'CFLAGS=-DTEST_ALWAYS_RUN_TO_END -DOPENSSL_COMPATIBLE_DEFAULTS' 'CPPFLAGS=-DNO_WOLFSSL_CIPHER_SUITE_TEST -DWOLFSSL_OLD_PRIME_CHECK -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE'
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
douzzer
approved these changes
Apr 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The example server/client should not be modifying macro defines that come from how the wolfSSL library is configured when built.