return error code from wolfSSL_RefWithMutexUnlock() to expose result to caller;
fix endianness bug in src/x509.c:wolfSSL_X509_add_ext() (fixes failing test_wolfSSL_X509_add_ext on BE targets);
fix possible file handle leak in tests/api.c:test_wolfSSL_d2i_X509_REQ() (reported by clang-tidy);
in wolfssl/ssl.h, define CONST_NUM_ERR_WOLFSSL_SUCCESS, so that WOLFSSL_SUCCESS can be benignly miswrapped in WC_NO_ERR_TRACE().
in in wc_port.c, rename mutexful implementations of wolfSSL_Ref*() to wolfSSL_RefWithMutex*(), and build them even if defined(WOLFSSL_ATOMIC_OPS).
refactor wolfSSL_CTX_UnloadIntermediateCerts() to wrap the refcount check and deallocation with wolfSSL_RefWithMutexLock()...wolfSSL_RefWithMutexUnlock().
move port-specific setup for WARN_UNUSED_RESULT, WC_MAYBE_UNUSED, and WC_INLINE, from types.h to wc_port.h, to make them usable by port-specific definitions later in wc_port.h.
when defined(SINGLE_THREADED) and !defined(WOLFSSL_NO_ATOMICS), typedef int wolfSSL_Atomic_Int, so that access to wolfSSL_Atomic_Ints in SINGLE_THREADED builds is easy.
refactor fallback definitions of wolfSSL_Atomic_Int_FetchAdd and wolfSSL_Atomic_Int_FetchSub as WC_INLINE functions to avoid -Wunused-result.
In file included from ./wolfssl/error-ssl.h:27,
from ./wolfssl/ssl.h:35,
from ./wolfssl/internal.h:28,
from src/ssl.c:36:
./src/x509_str.c: In function 'int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE*, byte*, word32, int)':
./wolfssl/wolfcrypt/error-crypt.h:336:37: error: 'CONST_NUM_ERR_WOLFSSL_SUCCESS' was not declared in this scope; did you mean 'CONST_NUM_ERR_WOLFSSL_UNKNOWN'?
336 | #define WC_NO_ERR_TRACE(label) (CONST_NUM_ERR_ ## label)
| ^~~~~~~~~~~~~~
./src/x509_str.c:1456:15: note: in expansion of macro 'WC_NO_ERR_TRACE'
1456 | int ret = WC_NO_ERR_TRACE(WOLFSSL_SUCCESS);
| ^~~~~~~~~~~~~~~
Remote original-only option for kyber in configure.ac.
Default is ML-KEM only.
original is Kyber only.
ml-lem is ML-KEM.
to have both: all,original,ml-kem.
Use WOLFSSL_NO_ML_KEM* instead of WOLFSSL_WC_ML_KEM_* which requires the
inclusion of kyber headers.
* add WOLFSSL_ATOMIC_INITIALIZER() to wc_port.h;
* rename feature macro to WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS for clarity;
* remove spin lock logic in wolfSSL_Init() and instead return DEADLOCK_AVERTED_E on contended initialization;
* unless WOLFSSL_CLEANUP_THREADSAFE_BY_ATOMIC_OPS is user-defined to 0, automatically enable it when appropriate.
