src/internal.c: fix for -Wdeclaration-after-statement and clang-diagnostic-unreachable-code-break;
tests/api.c: fix for -Wunused-variable and clang-analyzer-deadcode.DeadStores;
olfcrypt/src/pkcs12.c: fixes for cppcheck uselessAssignmentPtrArg and arrayIndexThenCheck, and clang-tidy clang-analyzer-deadcode.DeadStores and clang-analyzer-core.NonNullParamChecker;
wolfssl/src/tls.c: fix for clang-analyzer-deadcode.DeadStores;
wolfcrypt/src/tfm.c: fix for clang-diagnostic-newline-eof;
src/tls13.c: fix for clang-analyzer-core.NonNullParamChecker.
HAVE_ECH only used by TLS 1.3 add protection around all code.
ssl->options.onlyPskDheKe only available when HAVE_SUPPORTED_CURVES.
CleanupClientTickets() defined when HAVE_SUPPORTED_CURVES.
TLSX_KeyShare_DeriveSecret only defined when HAVE_SUPPORTED_CURVES.
DecodeResponseData - initialize variable single.
New OpenSSL compatibility BN code requires mp_read_radix - turn on in
integer.c, sp_int.c when OPENSSL_EXTRA defined.
rsa.c:_CheckProbablePrime - make sure tmp1 and tmp2 are initialized
before error handling jumps to freeing them.
test_remove_hs_message uses 1024-bit DH key which is not supported when
using SP math with SP.
Long server IDs were being truncated. Hash long IDs instead.
TLS 1.3 session ticket on client side no longer added session to client
cache. Explicit call added.
on handshake messages' errors:
- don't send alerts on WANT_READ, WANT_WRITE and WC_PENDING_E "errors"
- use return error code to decide which alert description
to send
- use alert description handshake_failure in the general case
- if a fatal alert was already sent, do not send any new alerts. This allow
a more specific alert description in case the exact description can't be
derived from the return code
src/internal.c: In function 'SendCertificateVerify':
./wolfssl/wolfcrypt/types.h:345:40: error: attribute 'fallthrough' not preceding a case label or default label [-Werror]
345 | #define FALL_THROUGH ; __attribute__ ((fallthrough))
In file included from ./wolfssl/internal.h:27,
from src/internal.c:92:
src/internal.c: In function 'SendCertificateVerify':
./wolfssl/wolfcrypt/types.h:345:40: error: attribute 'fallthrough' not preceding a case label or default label [-Werror]
345 | #define FALL_THROUGH ; __attribute__ ((fallthrough))