From 3badb314c41f7e8907f802a3ae1e8d375bfe82b9 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 26 Jun 2026 13:58:37 -0700 Subject: [PATCH 1/3] Fix keyboard-interactive build without TERM - ClientFreeBuffers declared 'entry' under TERM && KBI but used it under KBI alone, so KBI-without-TERM failed to compile - widen the declaration guard to match the use --- examples/client/common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/client/common.c b/examples/client/common.c index 30c513832..e7427cbc5 100644 --- a/examples/client/common.c +++ b/examples/client/common.c @@ -1115,7 +1115,7 @@ int ClientLoadCA(WOLFSSH_CTX* ctx, const char* caCert) void ClientFreeBuffers(const char* pubKeyName, const char* privKeyName, void* heap) { -#if defined(WOLFSSH_TERM) && defined(WOLFSSH_KEYBOARD_INTERACTIVE) +#ifdef WOLFSSH_KEYBOARD_INTERACTIVE word32 entry; #endif #ifdef WOLFSSH_TPM From 1184c7242b389cf7533a3602f8109bdc824f7999 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 26 Jun 2026 14:05:02 -0700 Subject: [PATCH 2/3] Port Zephyr test sample to 3.4.0 and 4.4.0 Zephyr 3.5 moved the RAM disk driver from Kconfig to devicetree and 4.1 replaced CONFIG_NET_SOCKETS_POSIX_NAMES with CONFIG_POSIX_API. Port the sample to the new APIs while keeping it buildable on older Zephyr. - add ramdisk.overlay (zephyr,ram-disk node) for the FS scenarios; drop CONFIG_DISK_RAM_VOLUME_SIZE - switch to CONFIG_POSIX_API; include the POSIX time/select/socket/netdb headers in test.h and port.h, gated on ZEPHYR_VERSION_CODE >= 4.1.0 so older Zephyr keeps the BSD names from - select RAM disk (overlay >= 3.5, else CONFIG_DISK_RAM_VOLUME_SIZE) and POSIX (CONFIG_POSIX_API >= 4.1, else the legacy symbols) in CMakeLists.txt, with ramdisk_legacy.conf / posix_legacy.conf fallbacks - tests, nofs and kbi scenarios pass on qemu_x86 with Zephyr 3.4.0 (SDK 0.16.1) and 4.4.0 (SDK 1.0.0) --- wolfssh/port.h | 9 +++++- wolfssh/test.h | 11 ++++++++ zephyr/samples/tests/CMakeLists.txt | 36 ++++++++++++++++++++++++ zephyr/samples/tests/posix_legacy.conf | 14 +++++++++ zephyr/samples/tests/prj.conf | 12 ++++---- zephyr/samples/tests/prj_kbi.conf | 12 ++++---- zephyr/samples/tests/prj_nofs.conf | 10 +++---- zephyr/samples/tests/ramdisk.overlay | 16 +++++++++++ zephyr/samples/tests/ramdisk_legacy.conf | 9 ++++++ 9 files changed, 108 insertions(+), 21 deletions(-) create mode 100644 zephyr/samples/tests/posix_legacy.conf create mode 100644 zephyr/samples/tests/ramdisk.overlay create mode 100644 zephyr/samples/tests/ramdisk_legacy.conf diff --git a/wolfssh/port.h b/wolfssh/port.h index 983818378..fe17f0663 100644 --- a/wolfssh/port.h +++ b/wolfssh/port.h @@ -367,6 +367,13 @@ extern "C" { #elif defined(WOLFSSH_ZEPHYR) #include + #include + #if ZEPHYR_VERSION_CODE >= ZEPHYR_VERSION(4, 1, 0) + /* struct timeval: pre-4.1 it arrived via the socket headers when + * NET_SOCKETS_POSIX_NAMES was set; 4.1+ needs the POSIX header + * (CONFIG_POSIX_API). */ + #include + #endif #include #include @@ -393,7 +400,7 @@ extern "C" { #define WFGETS(b,s,f) NULL /* Not ported yet */ #undef WFPUTS #define WFPUTS(b,s) EOF /* Not ported yet */ - #define WUTIMES(a,b) (0) /* Not ported yet */ + #define WUTIMES(a,b) ((void)(a),(void)(b),0) /* Not ported yet */ #define WCHDIR(fs,b) z_fs_chdir((b)) #elif defined(MICROCHIP_MPLAB_HARMONY) diff --git a/wolfssh/test.h b/wolfssh/test.h index 0f22fd64c..641f20413 100644 --- a/wolfssh/test.h +++ b/wolfssh/test.h @@ -128,10 +128,21 @@ #define NUM_SOCKETS 5 #elif defined(WOLFSSH_ZEPHYR) #include + #include #include #include #include #include + #if ZEPHYR_VERSION_CODE >= ZEPHYR_VERSION(4, 1, 0) + /* Zephyr 4.1 removed NET_SOCKETS_POSIX_NAMES; the BSD/POSIX names + * (fd_set, select(), struct timeval, getaddrinfo()) now come from + * the POSIX headers, enabled via CONFIG_POSIX_API. Older Zephyr + * exposes them through above. */ + #include + #include + #include + #include + #endif #include #include #include diff --git a/zephyr/samples/tests/CMakeLists.txt b/zephyr/samples/tests/CMakeLists.txt index 3de00b745..f48a473d8 100644 --- a/zephyr/samples/tests/CMakeLists.txt +++ b/zephyr/samples/tests/CMakeLists.txt @@ -1,5 +1,41 @@ cmake_minimum_required(VERSION 3.20.0) +# Determine the Zephyr kernel version before find_package(Zephyr): the +# KERNEL_VERSION_* variables it would set are not available yet, and the +# RAM disk and POSIX config below depend on APIs that changed across releases. +# Parse $ZEPHYR_BASE/VERSION directly instead. +file(STRINGS $ENV{ZEPHYR_BASE}/VERSION zephyr_version_lines) +foreach(line ${zephyr_version_lines}) + if("${line}" MATCHES "VERSION_MAJOR[ \t]*=[ \t]*([0-9]+)") + set(ZEPHYR_VER_MAJOR ${CMAKE_MATCH_1}) + elseif("${line}" MATCHES "VERSION_MINOR[ \t]*=[ \t]*([0-9]+)") + set(ZEPHYR_VER_MINOR ${CMAKE_MATCH_1}) + endif() +endforeach() +if(NOT DEFINED ZEPHYR_VER_MAJOR OR NOT DEFINED ZEPHYR_VER_MINOR) + message(FATAL_ERROR + "Could not determine Zephyr version from $ENV{ZEPHYR_BASE}/VERSION") +endif() +set(ZEPHYR_VER "${ZEPHYR_VER_MAJOR}.${ZEPHYR_VER_MINOR}") + +# RAM disk: configured via the devicetree "zephyr,ram-disk" node on Zephyr +# >= 3.5, via Kconfig before that. Only the filesystem-backed scenarios need +# it; the nofs build (CONF_FILE="prj_nofs.conf") has no disk. +if(NOT "${CONF_FILE}" MATCHES "nofs") + if(ZEPHYR_VER VERSION_LESS 3.5) + list(APPEND EXTRA_CONF_FILE ${CMAKE_CURRENT_SOURCE_DIR}/ramdisk_legacy.conf) + else() + list(APPEND EXTRA_DTC_OVERLAY_FILE ${CMAKE_CURRENT_SOURCE_DIR}/ramdisk.overlay) + endif() +endif() + +# POSIX socket names / pthreads / clock: CONFIG_POSIX_API (in prj*.conf) +# covers these on Zephyr >= 4.1; older releases need the symbols the 4.1 +# POSIX reorg removed. +if(ZEPHYR_VER VERSION_LESS 4.1) + list(APPEND EXTRA_CONF_FILE ${CMAKE_CURRENT_SOURCE_DIR}/posix_legacy.conf) +endif() + find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(wolfssl_tests) diff --git a/zephyr/samples/tests/posix_legacy.conf b/zephyr/samples/tests/posix_legacy.conf new file mode 100644 index 000000000..ef7f9dc45 --- /dev/null +++ b/zephyr/samples/tests/posix_legacy.conf @@ -0,0 +1,14 @@ +# Pre-4.1 POSIX layer. +# +# The Zephyr 4.1 POSIX reorg removed CONFIG_PTHREAD_IPC / CONFIG_POSIX_CLOCK / +# CONFIG_NET_SOCKETS_POSIX_NAMES and folded their behaviour into +# CONFIG_POSIX_API (set in prj.conf). On older releases CONFIG_POSIX_API does +# not provide the global socket()/bind() names, so restore the explicit +# symbols and turn POSIX_API back off to reproduce the original pre-port +# configuration. +# +# Selected automatically by CMakeLists.txt on Zephyr < 4.1. +CONFIG_POSIX_API=n +CONFIG_PTHREAD_IPC=y +CONFIG_POSIX_CLOCK=y +CONFIG_NET_SOCKETS_POSIX_NAMES=y diff --git a/zephyr/samples/tests/prj.conf b/zephyr/samples/tests/prj.conf index 13ae0f9fe..38fa8ee2c 100644 --- a/zephyr/samples/tests/prj.conf +++ b/zephyr/samples/tests/prj.conf @@ -9,11 +9,10 @@ CONFIG_WOLFSSH=y CONFIG_WOLFSSH_SETTINGS_FILE="samples/tests/wolfssh_user_settings.h" CONFIG_WOLFSSH_SFTP_DEFAULT_DIR="/RAM:" -# Pthreads -CONFIG_PTHREAD_IPC=y - -# Clock for time() -CONFIG_POSIX_CLOCK=y +# POSIX layer: pthreads, clock for time(), and POSIX socket names (socket(), +# bind(), ...). Replaces CONFIG_PTHREAD_IPC / CONFIG_POSIX_CLOCK / +# CONFIG_NET_SOCKETS_POSIX_NAMES, all removed in the Zephyr 4.x POSIX reorg. +CONFIG_POSIX_API=y # Networking CONFIG_NETWORKING=y @@ -22,7 +21,6 @@ CONFIG_NET_IPV4=y CONFIG_NET_IPV6=n CONFIG_NET_TCP=y CONFIG_NET_SOCKETS=y -CONFIG_NET_SOCKETS_POSIX_NAMES=y CONFIG_NET_TEST=y CONFIG_NET_LOOPBACK=y @@ -69,8 +67,8 @@ CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y # FS CONFIG_DISK_ACCESS=y CONFIG_DISK_DRIVERS=y +# RAM disk size moved to devicetree (see ramdisk.overlay) on Zephyr >= 3.5 CONFIG_DISK_DRIVER_RAM=y -CONFIG_DISK_RAM_VOLUME_SIZE=64 CONFIG_FILE_SYSTEM=y CONFIG_FILE_SYSTEM_MKFS=y CONFIG_FAT_FILESYSTEM_ELM=y diff --git a/zephyr/samples/tests/prj_kbi.conf b/zephyr/samples/tests/prj_kbi.conf index 0ce421a7c..2be195413 100644 --- a/zephyr/samples/tests/prj_kbi.conf +++ b/zephyr/samples/tests/prj_kbi.conf @@ -9,11 +9,10 @@ CONFIG_WOLFSSH=y CONFIG_WOLFSSH_SETTINGS_FILE="samples/tests/wolfssh_user_settings_kbi.h" CONFIG_WOLFSSH_SFTP_DEFAULT_DIR="/RAM:" -# Pthreads -CONFIG_PTHREAD_IPC=y - -# Clock for time() -CONFIG_POSIX_CLOCK=y +# POSIX layer: pthreads, clock for time(), and POSIX socket names (socket(), +# bind(), ...). Replaces CONFIG_PTHREAD_IPC / CONFIG_POSIX_CLOCK / +# CONFIG_NET_SOCKETS_POSIX_NAMES, all removed in the Zephyr 4.x POSIX reorg. +CONFIG_POSIX_API=y # Networking CONFIG_NETWORKING=y @@ -22,7 +21,6 @@ CONFIG_NET_IPV4=y CONFIG_NET_IPV6=n CONFIG_NET_TCP=y CONFIG_NET_SOCKETS=y -CONFIG_NET_SOCKETS_POSIX_NAMES=y CONFIG_NET_TEST=y CONFIG_NET_LOOPBACK=y @@ -69,8 +67,8 @@ CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y # FS CONFIG_DISK_ACCESS=y CONFIG_DISK_DRIVERS=y +# RAM disk size moved to devicetree (see ramdisk.overlay) on Zephyr >= 3.5 CONFIG_DISK_DRIVER_RAM=y -CONFIG_DISK_RAM_VOLUME_SIZE=64 CONFIG_FILE_SYSTEM=y CONFIG_FILE_SYSTEM_MKFS=y CONFIG_FAT_FILESYSTEM_ELM=y diff --git a/zephyr/samples/tests/prj_nofs.conf b/zephyr/samples/tests/prj_nofs.conf index fd31308f2..95560e924 100644 --- a/zephyr/samples/tests/prj_nofs.conf +++ b/zephyr/samples/tests/prj_nofs.conf @@ -8,11 +8,10 @@ CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=131072 CONFIG_WOLFSSH=y CONFIG_WOLFSSH_SETTINGS_FILE="samples/tests/wolfssh_user_settings_nofs.h" -# Pthreads -CONFIG_PTHREAD_IPC=y - -# Clock for time() -CONFIG_POSIX_CLOCK=y +# POSIX layer: pthreads, clock for time(), and POSIX socket names (socket(), +# bind(), ...). Replaces CONFIG_PTHREAD_IPC / CONFIG_POSIX_CLOCK / +# CONFIG_NET_SOCKETS_POSIX_NAMES, all removed in the Zephyr 4.x POSIX reorg. +CONFIG_POSIX_API=y # Networking CONFIG_NETWORKING=y @@ -21,7 +20,6 @@ CONFIG_NET_IPV4=y CONFIG_NET_IPV6=n CONFIG_NET_TCP=y CONFIG_NET_SOCKETS=y -CONFIG_NET_SOCKETS_POSIX_NAMES=y CONFIG_NET_TEST=y CONFIG_NET_LOOPBACK=y diff --git a/zephyr/samples/tests/ramdisk.overlay b/zephyr/samples/tests/ramdisk.overlay new file mode 100644 index 000000000..e7660b072 --- /dev/null +++ b/zephyr/samples/tests/ramdisk.overlay @@ -0,0 +1,16 @@ +/* + * RAM disk node for the wolfSSH SFTP tests. + * + * Zephyr 3.5 moved the RAM disk driver from Kconfig (CONFIG_DISK_RAM_VOLUME_*) + * to devicetree. The disk-name must match CONFIG_WOLFSSH_SFTP_DEFAULT_DIR + * ("/RAM:") in prj.conf. 128 sectors * 512 bytes = 64 KiB, matching the old + * CONFIG_DISK_RAM_VOLUME_SIZE=64. + */ +/ { + ramdisk0 { + compatible = "zephyr,ram-disk"; + disk-name = "RAM"; + sector-size = <512>; + sector-count = <128>; + }; +}; diff --git a/zephyr/samples/tests/ramdisk_legacy.conf b/zephyr/samples/tests/ramdisk_legacy.conf new file mode 100644 index 000000000..551cc6068 --- /dev/null +++ b/zephyr/samples/tests/ramdisk_legacy.conf @@ -0,0 +1,9 @@ +# Pre-3.5 RAM disk geometry. +# +# Before Zephyr 3.5 the RAM disk size came from Kconfig rather than the +# devicetree "zephyr,ram-disk" node in ramdisk.overlay. 64 KiB matches the +# overlay (128 sectors * 512 bytes); the volume name defaults to "RAM", +# matching CONFIG_WOLFSSH_SFTP_DEFAULT_DIR="/RAM:" in prj.conf. +# +# Selected automatically by CMakeLists.txt on Zephyr < 3.5. +CONFIG_DISK_RAM_VOLUME_SIZE=64 From fb1170fc0943f61c9e4e67a9ccf6bf38ece906ce Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 26 Jun 2026 13:58:37 -0700 Subject: [PATCH 3/3] Test Zephyr sample on 3.4.0 and 4.4.0 - add a v4.4.0 matrix leg alongside v3.4.0 - run each leg in the Zephyr CI image with the matching SDK (ci:v0.26.4/SDK 0.16.1, ci:v0.29.0/SDK 1.0.0); drops the manual deps, west, pip and SDK install steps - scope twister by --testsuite-root and drop --test: the scenario id is path-prefixed on 3.4.0 but bare on 4.x - replace zip with tar caf logs.tar.xz for the failure-log artifact --- .github/workflows/zephyr.yml | 66 +++++++++++++----------------------- 1 file changed, 23 insertions(+), 43 deletions(-) diff --git a/.github/workflows/zephyr.yml b/.github/workflows/zephyr.yml index e8ef54f7a..93413bf13 100644 --- a/.github/workflows/zephyr.yml +++ b/.github/workflows/zephyr.yml @@ -13,34 +13,23 @@ jobs: strategy: matrix: config: + # Each leg runs in the Zephyr Project CI image whose bundled SDK + # matches the Zephyr release under test: v0.26.4 ships SDK 0.16.1 + # (for Zephyr 3.4.0), v0.29.0 ships SDK 1.0.0 (for Zephyr 4.4.0). - zephyr-ref: v3.4.0 - zephyr-sdk: 0.16.1 + docker-image: v0.26.4 + - zephyr-ref: v4.4.0 + docker-image: v0.29.0 runs-on: ubuntu-22.04 + container: + image: ghcr.io/zephyrproject-rtos/ci:${{ matrix.config.docker-image }} + options: '--entrypoint /bin/bash' + env: + # The Zephyr SDK is preinstalled under /opt/toolchains in the CI image. + ZEPHYR_SDK_INSTALL_DIR: /opt/toolchains # This should be a safe limit for the tests to run. timeout-minutes: 20 steps: - - name: Install dependencies - run: | - # Don't prompt for anything - export DEBIAN_FRONTEND=noninteractive - sudo apt-get update - # most of the ci-base zephyr docker image packages - sudo apt-get install -y zip bridge-utils uml-utilities \ - git cmake ninja-build gperf ccache dfu-util device-tree-compiler wget \ - python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \ - make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \ - autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \ - cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \ - gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \ - libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \ - libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \ - net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \ - python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \ - texinfo unzip wget ovmf xz-utils - - - name: Install west - run: sudo pip install west - - name: Init west workspace run: west init --mr ${{ matrix.config.zephyr-ref }} zephyr @@ -61,35 +50,26 @@ jobs: working-directory: zephyr run: west zephyr-export - - name: Install pip dependencies - working-directory: zephyr - run: sudo pip install -r zephyr/scripts/requirements.txt - - - name: Install zephyr SDK - run: | - wget -q https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${{ matrix.config.zephyr-sdk }}/zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64_minimal.tar.xz - tar xf zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64_minimal.tar.xz - cd zephyr-sdk-${{ matrix.config.zephyr-sdk }} - ./setup.sh -h -c -t x86_64-zephyr-elf - - name: Run wolfssh tests id: wolfssh-test working-directory: zephyr run: | - ./zephyr/scripts/twister --testsuite-root modules/lib/wolfssh --test zephyr/samples/tests/sample.lib.wolfssh_tests -vvv - rm -rf zephyr/twister-out - ./zephyr/scripts/twister --testsuite-root modules/lib/wolfssh --test zephyr/samples/tests/sample.lib.wolfssh_nofs_tests -vvv - rm -rf zephyr/twister-out + # Run every scenario discovered under the wolfssh testsuite root. + # Selecting by scenario name with --test is avoided on purpose: the + # scenario id is path-prefixed on older twister (v3.4.0) but bare on + # newer twister (v4.x), so a fixed --test value works on only one of + # the matrix legs. The wolfssh tree defines a single sample.yaml, so + # scoping by --testsuite-root runs exactly our scenarios on both. + ./zephyr/scripts/twister --testsuite-root modules/lib/wolfssh -vvv - - name: Zip failure logs + - name: Archive failure logs if: ${{ failure() && steps.wolfssh-test.outcome == 'failure' }} - run: | - zip -9 -r logs.zip zephyr/twister-out + run: tar caf logs.tar.xz zephyr/twister-out - name: Upload failure logs if: ${{ failure() && steps.wolfssh-test.outcome == 'failure' }} uses: actions/upload-artifact@v7 with: - name: zephyr-client-test-logs - path: logs.zip + name: zephyr-client-test-logs-${{ matrix.config.zephyr-ref }} + path: logs.tar.xz retention-days: 5