From e36df36f847341c645cef1a100540b40da31f732 Mon Sep 17 00:00:00 2001
From: Jon Shallow <supjps-libcoap@jpshallow.com>
Date: Sat, 20 Apr 2024 12:36:17 +0100
Subject: [PATCH] dtls1.3: Fix issues when --enable-dtls13 enabled

Fixed issue reported by scan-build when DTLS13 is enabled.

Fix compile issue when WOLFSSL_DTLS_CH_FRAG is enabled.

Fix running of scripts/dtlscid.test by removing 'set -e' as bwrap
command may not be there.
---
 scripts/dtlscid.test | 3 ++-
 src/tls.c            | 4 ++++
 src/tls13.c          | 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/scripts/dtlscid.test b/scripts/dtlscid.test
index ff05181e9..f38bf4307 100755
--- a/scripts/dtlscid.test
+++ b/scripts/dtlscid.test
@@ -1,6 +1,7 @@
 #!/bin/bash
 
-set -e
+# dtlscid.test
+# Copyright wolfSSL 2022-2024
 
 # if we can, isolate the network namespace to eliminate port collisions.
 if [[ -n "$NETWORK_UNSHARE_HELPER" ]]; then
diff --git a/src/tls.c b/src/tls.c
index 79c245620..b76bb86e4 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -6120,8 +6120,12 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output,
 #ifdef WOLFSSL_DTLS13
     if (ssl->options.dtls) {
         tls13minor = (byte)DTLSv1_3_MINOR;
+    #ifndef WOLFSSL_NO_TLS12
         tls12minor = (byte)DTLSv1_2_MINOR;
+    #endif
+    #ifndef NO_OLD_TLS
         tls11minor = (byte)DTLS_MINOR;
+    #endif
         isDtls = 1;
     }
 #endif /* WOLFSSL_DTLS13 */
diff --git a/src/tls13.c b/src/tls13.c
index 19e4ff501..b5c041772 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -4443,7 +4443,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
 
     {
 #ifdef WOLFSSL_DTLS_CH_FRAG
-        int maxFrag = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
+        word16 maxFrag = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
         word16 lenWithoutExts = args->length;
 #endif