From 2bfc136bb4425ff3ec783811c4db779af21716cd Mon Sep 17 00:00:00 2001
From: Ian Campbell <52475242+xv-ian-c@users.noreply.github.com>
Date: Mon, 24 Jun 2024 15:11:32 +0100
Subject: [PATCH] Update to upstream wolfssl 5.7.2

Moving from v5.6.6-stable we are picking up:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
(there was no 5.7.1)

Our `disable-falcon-dilithium.patch` required an update, likely due to the
changes in https://github.com/wolfSSL/wolfssl/pull/7622.
---
 wolfssl-sys/build.rs                          |  2 ++
 .../patches/disable-falcon-dilithium.patch    | 25 ++++++++++++++++---
 wolfssl-sys/wolfssl-src                       |  2 +-
 3 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/wolfssl-sys/build.rs b/wolfssl-sys/build.rs
index f1f0465..26b71de 100644
--- a/wolfssl-sys/build.rs
+++ b/wolfssl-sys/build.rs
@@ -118,6 +118,8 @@ fn build_wolfssl(wolfssl_src: &Path) -> PathBuf {
         .enable("supportedcurves", None)
         // Enable TLS/1.3
         .enable("tls13", None)
+        // Enable liboqs, etc
+        .enable("experimental", None)
         // CFLAGS
         .cflag("-g")
         .cflag("-fPIC")
diff --git a/wolfssl-sys/patches/disable-falcon-dilithium.patch b/wolfssl-sys/patches/disable-falcon-dilithium.patch
index 2a6ae9e..eaf464e 100644
--- a/wolfssl-sys/patches/disable-falcon-dilithium.patch
+++ b/wolfssl-sys/patches/disable-falcon-dilithium.patch
@@ -1,15 +1,32 @@
+diff --git a/wolfssl/internal.h b/wolfssl/internal.h
+index 390b21b54..98458c780 100644
+--- a/wolfssl/internal.h
++++ b/wolfssl/internal.h
+@@ -3429,7 +3429,7 @@ typedef struct KeyShareEntry {
+     word32                keyLen;    /* Key size (bytes)                  */
+     byte*                 pubKey;    /* Public key                        */
+     word32                pubKeyLen; /* Public key length                 */
+-#if !defined(NO_DH) || defined(HAVE_FALCON) || defined(HAVE_DILITHIUM)
++#if !defined(NO_DH) || defined(HAVE_PQC)
+     byte*                 privKey;   /* Private key - DH and PQ KEMs only */
+     word32                privKeyLen;/* Only for PQ KEMs. */
+ #endif
 diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
-index 5eacd6c87..ab8632744 100644
+index a4302c700..f1ddb2231 100644
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -3070,8 +3070,8 @@ extern void uITRON4_free(void *p) ;
+@@ -3351,10 +3351,10 @@ extern void uITRON4_free(void *p) ;
   * group */
  #ifdef HAVE_LIBOQS
  #define HAVE_PQC
 -#define HAVE_FALCON
--#define HAVE_DILITHIUM
+-#ifndef HAVE_DILITHIUM
+-    #define HAVE_DILITHIUM
+-#endif
 +// #define HAVE_FALCON
-+// #define HAVE_DILITHIUM
++// #ifndef HAVE_DILITHIUM
++//     #define HAVE_DILITHIUM
++// #endif
  #ifndef WOLFSSL_NO_SPHINCS
      #define HAVE_SPHINCS
  #endif
diff --git a/wolfssl-sys/wolfssl-src b/wolfssl-sys/wolfssl-src
index 66596ad..00e4215 160000
--- a/wolfssl-sys/wolfssl-src
+++ b/wolfssl-sys/wolfssl-src
@@ -1 +1 @@
-Subproject commit 66596ad9e1d7efa8479656872cf09c9c1870a02e
+Subproject commit 00e42151ca061463ba6a95adb2290f678cbca472