Skip to content

Fixes for Zephyr secure sockets integration #10583

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
douzzer merged 1 commit into from
Jun 5, 2026
+20 −15
Merged

Fixes for Zephyr secure sockets integration #10583

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .wolfssl_known_macro_extras
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,7 @@ CONFIG_WOLFSSL_KEEP_PEER_CERT
CONFIG_WOLFSSL_MAX_FRAGMENT_LEN
CONFIG_WOLFSSL_MLKEM
CONFIG_WOLFSSL_NO_ASN_STRICT
CONFIG_WOLFSSL_OPENSSL_EXTRA_X509_SMALL
CONFIG_WOLFSSL_PSK
CONFIG_WOLFSSL_RSA_PSS
CONFIG_WOLFSSL_SESSION_EXPORT
Expand Down
3 changes: 0 additions & 3 deletions src/ssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10107,7 +10107,6 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
}
#endif

#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
int wolfSSL_clear(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_clear");
Expand Down Expand Up @@ -10224,8 +10223,6 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
return WOLFSSL_SUCCESS;
}

#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */

#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode)
{
Expand Down
5 changes: 3 additions & 2 deletions src/x509.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6049,8 +6049,9 @@ WOLFSSL_X509* wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file)

#endif /* OPENSSL_EXTRA && !NO_FILESYSTEM && !NO_STDIO_FILESYSTEM */

#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(WOLFSSL_WPAS_SMALL) || defined(KEEP_PEER_CERT) || \
defined(SESSION_CERTS)

#ifndef NO_FILESYSTEM
WOLFSSL_ABI
Expand Down
7 changes: 7 additions & 0 deletions zephyr/Kconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,13 @@ config WOLFSSL_ALWAYS_VERIFY_CB
help
Invoke verify callback on success as well as failure (WOLFSSL_ALWAYS_VERIFY_CB)

config WOLFSSL_OPENSSL_EXTRA_X509_SMALL
bool "wolfSSL minimal X509 compat APIs"
help
Define OPENSSL_EXTRA_X509_SMALL. Exposes a small subset of X509
helpers (wolfSSL_X509_free, wolfSSL_get_verify_result, ...) without
the rest of OPENSSL_EXTRA.

config WOLFCRYPT_ARMASM
bool "wolfCrypt ARM Assembly support"
depends on WOLFSSL_BUILTIN
Expand Down
10 changes: 0 additions & 10 deletions zephyr/samples/wolfssl_tls_sock/prj-no-malloc.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,22 +3,12 @@ CONFIG_MAIN_STACK_SIZE=655360
CONFIG_ENTROPY_GENERATOR=y
CONFIG_INIT_STACKS=y

# General config
CONFIG_NEWLIB_LIBC=y

# Pthreads
Comment thread
douzzer marked this conversation as resolved.
CONFIG_PTHREAD_IPC=y

# Clock for time()
CONFIG_POSIX_CLOCK=y

# Networking config
CONFIG_NETWORKING=y
CONFIG_NET_IPV4=y
CONFIG_NET_IPV6=n
CONFIG_NET_TCP=y
CONFIG_NET_SOCKETS=y
CONFIG_NET_SOCKETS_POSIX_NAMES=y

CONFIG_NET_TEST=y
CONFIG_NET_LOOPBACK=y
Expand Down
9 changes: 9 additions & 0 deletions zephyr/user_settings.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,15 @@ extern "C" {
#define WOLFSSL_ALWAYS_VERIFY_CB
#endif

/* Lightweight X509 helpers (wolfSSL_X509_free, wolfSSL_get_verify_result,
* wolfSSL_X509_load_certificate_buffer) without pulling in the full
* OPENSSL_EXTRA surface. Apps needing full OpenSSL compat can override
* user_settings.h via CONFIG_WOLFSSL_SETTINGS_FILE.
*/
#if defined(CONFIG_WOLFSSL_OPENSSL_EXTRA_X509_SMALL)
#define OPENSSL_EXTRA_X509_SMALL
#endif

/* DTLS */
#if defined(CONFIG_WOLFSSL_DTLS)
#define WOLFSSL_DTLS
Expand Down
Loading