From 0b6c53c8b09f281dc20edcf32535e9f6d5de745c Mon Sep 17 00:00:00 2001
From: Josh Holtrop <josh@wolfssl.com>
Date: Tue, 17 Jun 2025 14:35:37 -0400
Subject: [PATCH] Remove DTLS from echoserver/echoclient examples

This fixes some intermittent CI testsuite failures.
---
 examples/echoclient/echoclient.c | 53 ++------------------------------
 examples/echoserver/echoserver.c | 39 ++---------------------
 testsuite/testsuite.c            |  5 ---
 3 files changed, 4 insertions(+), 93 deletions(-)

diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c
index 269962bce..abb0a29a9 100644
--- a/examples/echoclient/echoclient.c
+++ b/examples/echoclient/echoclient.c
@@ -38,10 +38,6 @@
 
 #include <wolfssl/ssl.h>
 
-#ifdef WOLFSSL_DTLS
-    #include <wolfssl/error-ssl.h>
-#endif
-
 #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
         #include <stdio.h>
         #include <string.h>
@@ -94,7 +90,6 @@ void echoclient_test(void* args)
     SSL*        ssl    = 0;
 
     int ret = 0, err = 0;
-    int doDTLS = 0;
     int doPSK = 0;
     int sendSz;
 #ifndef WOLFSSL_MDK_SHELL
@@ -123,10 +118,6 @@ void echoclient_test(void* args)
     if (!fin)  err_sys("can't open input file");
     if (!fout) err_sys("can't open output file");
 
-#ifdef WOLFSSL_DTLS
-    doDTLS  = 1;
-#endif
-
 #ifdef WOLFSSL_LEANPSK
     doPSK = 1;
 #endif
@@ -142,13 +133,7 @@ void echoclient_test(void* args)
     port = wolfSSLPort;
 #endif
 
-#if defined(WOLFSSL_DTLS)
-    #ifdef WOLFSSL_DTLS13
-    method = wolfDTLSv1_3_client_method();
-    #elif !defined(WOLFSSL_NO_TLS12)
-    method  = DTLSv1_2_client_method();
-    #endif
-#elif !defined(NO_TLS)
+#if !defined(NO_TLS)
     #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
     method = wolfTLSv1_2_client_method();
     #else
@@ -239,13 +224,9 @@ void echoclient_test(void* args)
 #endif /* WOLFSSL_ASYNC_CRYPT */
 
     ssl = SSL_new(ctx);
-    tcp_connect(&sockfd, wolfSSLIP, port, doDTLS, 0, ssl);
+    tcp_connect(&sockfd, wolfSSLIP, port, 0, 0, ssl);
 
     SSL_set_fd(ssl, sockfd);
-#if defined(USE_WINDOWS_API) && defined(WOLFSSL_DTLS) && defined(NO_MAIN_DRIVER)
-    /* let echoserver bind first, TODO: add Windows signal like pthreads does */
-    Sleep(100);
-#endif
 
     do {
         err = 0; /* Reset error */
@@ -324,16 +305,6 @@ void echoclient_test(void* args)
                 LIBCALL_CHECK_RET(fflush(fout));
                 sendSz -= ret;
             }
-#ifdef WOLFSSL_DTLS
-            else if (wolfSSL_dtls(ssl) &&
-                     err == WC_NO_ERR_TRACE(DECRYPT_ERROR))
-            {
-                /* This condition is OK. The packet should be dropped
-                 * silently when there is a decrypt or MAC error on
-                 * a DTLS record. */
-                sendSz = 0;
-            }
-#endif
             else {
                 fprintf(stderr, "SSL_read msg error %d, %s\n", err,
                     ERR_error_string((unsigned long)err, buffer));
@@ -342,27 +313,7 @@ void echoclient_test(void* args)
         }
     }
 
-
-#ifdef WOLFSSL_DTLS
-    strncpy(msg, "break", 6);
-    sendSz = (int)strlen(msg);
-    /* try to tell server done */
-    do {
-        err = 0; /* reset error */
-        ret = SSL_write(ssl, msg, sendSz);
-        if (ret <= 0) {
-            err = SSL_get_error(ssl, 0);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
-                if (ret < 0) break;
-            }
-        #endif
-        }
-    } while (err == WC_NO_ERR_TRACE(WC_PENDING_E));
-#else
     SSL_shutdown(ssl);
-#endif
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c
index 7c8806138..ab1815cc7 100644
--- a/examples/echoserver/echoserver.c
+++ b/examples/echoserver/echoserver.c
@@ -97,7 +97,6 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
     WOLFSSL_CTX*    ctx    = 0;
 
     int    ret = 0;
-    int    doDTLS = 0;
     int    doPSK;
     int    outCreated = 0;
     int    shutDown = 0;
@@ -124,10 +123,6 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
 
     ((func_args*)args)->return_code = -1; /* error state */
 
-#ifdef WOLFSSL_DTLS
-    doDTLS  = 1;
-#endif
-
 #if (defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
                                 !defined(HAVE_ED448)) || defined(WOLFSSL_LEANPSK)
     doPSK = 1;
@@ -153,15 +148,9 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
     fdOpenSession(Task_self());
 #endif
 
-    tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
+    tcp_listen(&sockfd, &port, useAnyAddr, 0, 0);
 
-#if defined(WOLFSSL_DTLS)
-    #ifdef WOLFSSL_DTLS13
-    method = wolfDTLSv1_3_server_method();
-    #elif !defined(WOLFSSL_NO_TLS12)
-    method  = wolfDTLSv1_2_server_method();
-    #endif
-#elif !defined(NO_TLS)
+#if !defined(NO_TLS)
     #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
     method = wolfTLSv1_2_server_method();
     #else
@@ -312,31 +301,13 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
         int     err = 0;
         SOCKADDR_IN_T client;
         socklen_t     client_len = sizeof(client);
-#ifndef WOLFSSL_DTLS
         clientfd = accept(sockfd, (struct sockaddr*)&client,
                          (ACCEPT_THIRD_T)&client_len);
-#else
-        clientfd = sockfd;
-        {
-            /* For DTLS, peek at the next datagram so we can get the client's
-             * address and set it into the ssl object later to generate the
-             * cookie. */
-            int n;
-            byte b[1500];
-            n = (int)recvfrom(clientfd, (char*)b, sizeof(b), MSG_PEEK,
-                              (struct sockaddr*)&client, &client_len);
-            if (n <= 0)
-                err_sys("recvfrom failed");
-        }
-#endif
         if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed");
 
         ssl = wolfSSL_new(ctx);
         if (ssl == NULL) err_sys("SSL_new failed");
         wolfSSL_set_fd(ssl, clientfd);
-        #ifdef WOLFSSL_DTLS
-            wolfSSL_dtls_set_peer(ssl, &client, client_len);
-        #endif
         #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
             wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
         #elif !defined(NO_DH)
@@ -492,18 +463,12 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
                 err_sys("SSL_write echo failed");
             }
         }
-#ifndef WOLFSSL_DTLS
         wolfSSL_shutdown(ssl);
-#endif
 #ifdef HAVE_WRITE_DUP
         wolfSSL_free(write_ssl);
 #endif
         wolfSSL_free(ssl);
         CloseSocket(clientfd);
-#ifdef WOLFSSL_DTLS
-        tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
-        SignalReady(args, port);
-#endif
     }
 
     CloseSocket(sockfd);
diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c
index 3b19c0cbc..057f5273d 100644
--- a/testsuite/testsuite.c
+++ b/testsuite/testsuite.c
@@ -467,11 +467,6 @@ static int test_tls(func_args* server_args)
     if (echo_args.return_code != 0)
         return echo_args.return_code;
 
-#ifdef WOLFSSL_DTLS
-    /* Ensure server is ready for UDP data. */
-    wait_tcp_ready(server_args);
-#endif
-
     /* Next client connection - send quit to shutdown server. */
     echo_args.argc = 2;
     XSTRLCPY(arg[1], "quit", sizeof(arg[1]));