- Handle case where output buffer is NULL. In this case, passed in output buffer
length pointer should be given the maximum output buffer size needed.
- Add better debug messages.
# New or Updated APIs
- wolfSSL_get_tlsext_status_type
- wolfSSL_X509_chain_up_ref
- wolfSSL_get0_verified_chain
- SSL_CTX_set_cert_cb
- SSL_certs_clear
- SSL_add0_chain_cert ssl_cert_add0_chain_cert
- SSL_add1_chain_cert ssl_cert_add1_chain_cert
- sk_X509_NAME_new_null
- SSL_CTX_set_cert_cb
- SSL_set0_verify_cert_store
- SSL_set_client_CA_list
# Other Changes
- Ignore gdbinit
- Add api.c tests for new API
- Add `WOLFSSL_X509_STORE* x509_store_pt` to `WOLFSSL`
- Add macro to select the `WOLFSSL` specific store when available and the associated `WOLFSSL_CTX` store otherwise. Calls to `ssl->ctx->cm` and `ssl->ctx->x509_store*` were replaced by macros.
- NO-OP when setting existing store
- Add reference counter to `WOLFSSL_X509_STORE`
- Cleanup MD5 redundant declarations
- WOLFSSL_ERROR may map to nothing so make assignment outside of it
- refMutex fields are excluded with SINGLE_THREADED macro
- Chain cert refactor
- Make `wolfSSL_add0_chain_cert` and `wolfSSL_add1_chain_cert` not affect the context associated with the SSL object
- `wolfSSL_CTX_add1_chain_cert` now updates the `ctx->certChain` on success and stores the cert in `ctx->x509Chain` for later free'ing
* Fixes for handling PKCS8 in keys with EVP PKEY. Resolves QT test issues. Replacement to PR #3925.
* Improved code handling for PKCS 8 headers. Change PemToDer to not strip the PKCS8 header.
* Add support in the ECC/RSA/DH key import code to support detection / handling of the PKCS8 header.
* Fix for `wc_RsaKeyToDer` to be exposed with `OPENSSL_EXTRA`.
* Adds EVP PKCS8 test case for RSA and ECC.
* Refactor `test_wolfSSL_OPENSSL_hexstr2buf` to resolve g++ compiler warning.
* Added new `WOLFSSL_TRAP_MALLOC_SZ` build option to trap mallocs that are over a specified size.
* Cleanup `WOLFSSL_DH_EXTRA` macro logic and do not allow with FIPS v1 or v2.
* Fixes for httpd (if `SSL_CONF_FLAG_FILE` is defined it is used to indicate support for `SSL_CONF_CTX_set_flags` and `SSL_CONF_cmd_value_type`).
* Add Curve448 and ED448 key type to `enum wc_PkType`.
* Expand `dh_ffdhe_test` to include 4096 bit.
- `SSL_CTX_set_min_proto_version` now allows setting not compiled in protocols but checks that the constraints leave any compiled in protocol available
- wolfSSL_HmacCopy return already returns `WOLFSSL_SUCCESS` or `WOLFSSL_FAILURE`
