Thanks, applied the full series with some cleanup and fixes. The last patches in this series were quite inconvenient to review since there was a mix of refactoring and functional changes in the same patch and also cases where some FIPS cases were first removed and then re-added in a later patch in the same series. I ended up splitting those quite differently for the commit to make the real changes easier to understand. This broke the build with wolfSSL 5.2.0 which was the version I used when testing the functionality last time. I ended up adding a simple wrapper function based on the library version to try to work around that for now. I'm not sure whether 5.2.0 is considered supported anymore, so it might be fine to remove that wrapper if that is considered obsolete. In addition, I ran the full hwsim test case set with wolfSSL 5.5.4 on the STA side and OpenSSL on the AP and authentication server. The following test cases are failing likely due to some missing functionality. I did not look at the details, though. ap_wpa2_eap_fast_binary_pac ap_wpa2_eap_fast_binary_pac_errors ap_wpa2_eap_fast_cipher_suites ap_wpa2_eap_fast_eap_aka ap_wpa2_eap_fast_eap_sim ap_wpa2_eap_fast_gtc_auth_prov ap_wpa2_eap_fast_mschapv2_unauth_prov ap_wpa2_eap_fast_pac_file ap_wpa2_eap_fast_pac_lifetime ap_wpa2_eap_fast_pac_refresh ap_wpa2_eap_fast_pac_truncate ap_wpa2_eap_fast_prf_oom ap_wpa2_eap_fast_prov ap_wpa2_eap_fast_server_oom ap_wpa2_eap_fast_text_pac_errors ap_wpa2_eap_tls_ec_and_rsa ap_wpa2_eap_tls_intermediate_ca_ocsp ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1 ap_wpa2_eap_tls_rsa_and_ec ap_wpa2_eap_tls_versions ap_wpa2_eap_tls_versions_server ap_wpa2_eap_ttls_expired_cert ap_wpa2_eap_ttls_ignore_expired_cert ap_wpa2_eap_ttls_ocsp_revoked ap_wpa2_eap_ttls_ocsp_unknown ap_wpa2_eap_ttls_optional_ocsp_unknown ap_wpa2_eap_ttls_pap_check_cert_subject_neg dpp_peer_intro_failures dpp_pkex_hostapd_initiator eap_fast_proto_phase2 eap_fast_tlv_nak_oom eap_mschapv2_errors eap_proto_fast_errors eap_teap_tls_cs_sha1 eap_teap_tls_cs_sha256 eap_teap_tls_cs_sha384 fils_sk_pfs_25 openssl_ecdh_curves owe_invalid_assoc_resp sae_bignum_failure sae_no_ffc_by_default sae_password_ffc sae_pwe_failure sae_pwe_group_14 sae_pwe_group_15 sae_pwe_group_16 sae_pwe_group_23 sae_pwe_group_24 sae_pwe_group_25 sae_pwe_group_5 sae_reflection_attack_ffc sae_reflection_attack_ffc_internal sigma_dut_ap_cipher_ccmp_128 sigma_dut_ap_cipher_ccmp_256 sigma_dut_ap_cipher_ccmp_gcmp_1 sigma_dut_ap_cipher_ccmp_gcmp_2 sigma_dut_ap_cipher_gcmp_128 sigma_dut_ap_cipher_gcmp_256 sigma_dut_ap_cipher_gcmp_256_group_ccmp sigma_dut_ap_suite_b sigma_dut_eap_aka sigma_dut_eap_ttls sigma_dut_eap_ttls_uosc sigma_dut_eap_ttls_uosc_ca_mistrust sigma_dut_suite_b suite_b suite_b_192 suite_b_192_mic_failure suite_b_192_okc suite_b_192_pmkid_failure suite_b_192_pmksa_caching_roam suite_b_192_radius suite_b_192_rsa suite_b_192_rsa_dhe suite_b_192_rsa_ecdhe suite_b_192_rsa_insufficient_dh suite_b_192_rsa_insufficient_key suite_b_192_rsa_radius suite_b_192_rsa_tls_13 suite_b_mic_failure suite_b_pmkid_failure suite_b_radius -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap