mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 23:00:51 +02:00
bd8730543c
Three more failures in the branch's added tests, found via the ASAN, C++ and no-client CI configs: - test_wolfSSL_X509V3_EXT leaked 2296 bytes: the added X509_get_ext_d2i(x509, NID, &critical, NULL) calls (used to exercise the critical-flag output) discarded their allocated result. Free each per its actual return type: BASIC_CONSTRAINTS, ASN1_STRING (key usage), AUTHORITY_KEYID, AUTHORITY_INFO_ACCESS, and - for subject_key_identifier - a STACK_OF(ASN1_OBJECT) (wolfSSL_X509_get_ext_d2i wraps a lone obj in a stack). This was the real cause of the sanitize-asan / intelasm / krb-asan job failures (the read_write_ex/ECH/dtls13 asserts printed there are retry-masked and fail identically on master). - C++ build (all-pq-cxx): void* from X509_get_ext_d2i does not implicitly convert; add explicit WOLFSSL_X509_EXTENSION* casts. - no-client link (all-no-client): wolfSSL[_CTX]_UseOCSPStapling[V2] (CSR/CSR2) are client-side APIs; guard those blocks with !NO_WOLFSSL_CLIENT. Verified: full --enable-all + ASAN run is leak-free and passes; --enable-all -DNO_WOLFSSL_CLIENT builds and links.
Before creating any new configure files (.conf) read the CONF_FILES_README.md