Compliance fixes + verification paths#90
Merged
gasbytes merged 7 commits intowolfSSL:masterfrom Mar 27, 2026
Merged
Conversation
Program next-tick retry instead of arming the DHCP retry timer.
Per BSD sockets API, this getsockopt should only return boolean (enabled/disabled) state. Actual TTL value can be retrieved using recvmsg() with the appropriate flag.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR tightens network-stack correctness around option semantics and “send didn’t enqueue” failure handling, and adds targeted unit tests to cover DHCP/DNS negative paths, ESP transport-mode receive unwrapping, ARP-on-demand behavior, and non-Ethernet receive wrappers.
Changes:
- Fix
getsockopt(IP_RECVTTL)to return enabled/disabled state (not last observed TTL) and update unit tests accordingly. - Handle initial send/enqueue failures for DHCP REQUEST/DISCOVER and DNS queries, with new unit tests for the negative paths.
- Add unit tests for ESP transport-mode
ip_recv()unwrapping, ARP negotiation triggered by UDP/ICMP traffic, and non-EthernetwolfIP_recv()/wolfIP_recv_ex()framing paths.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/wolfip.c |
Adjusts socket option semantics and adds explicit failure handling/rollback for DHCP and DNS send paths. |
src/test/unit/unit_tests_tcp_ack.c |
Adds tests validating non-Ethernet receive wrappers deliver UDP and bypass Ethernet-layer filtering. |
src/test/unit/unit_tests_dns_dhcp.c |
Updates RECVTTL expectations; adds negative-path tests for DHCP/DNS send failures and adds ARP-miss retention tests. |
src/test/unit/unit_tests_api.c |
Renames/updates the RECVTTL getsockopt unit test to match the enabled-state semantics. |
src/test/unit/unit_esp.c |
Adds ip_recv() ESP transport-mode unwrap success/failure tests plus a UDP packet builder helper. |
src/test/unit/unit.c |
Registers the newly added/renamed unit tests in the main suite. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
gasbytes
approved these changes
Mar 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Handle failed DHCP REQUEST/DISCOVER socket enqueues explicitly and add negative retry tests.
Add direct ip_recv() ESP transport-mode success and unwrap-failure coverage.
Abort and roll back DNS query state when the first UDP send fails, with a matching unit test.
Make getsockopt(IP_RECVTTL) return enabled-state only instead of the last received TTL, and update tests.
Add direct wolfIP_poll() tests showing UDP/ICMP ARP misses emit ARP requests and retain queued payloads.
Add focused wrapper tests for wolfIP_recv() / wolfIP_recv_ex() on non-Ethernet interfaces, including header-padding behavior and delivery.