feat(esp-tls): Update esp_tls CMakeLists.txt and Kconfig for wolfssl (IDFGH-16560)

[gojimmypi]

Description

This is the sixth in a series of pull requests to improve wolfSSL integration with the ESP-IDF as proposed in #16145

As there are multiple changes there, it was suggested that I break the update into smaller pieces.

This PR updates the requirements for wolfSSL in the components/esp-tls/CMakeLists.txt and components/esp-tls/Kconfig

Related

See:

• Add wolfSSL esp-tls and Certificate Bundle Support wolfSSL/wolfssl#7936
• feat(esp-tls): Improve esp-tls-crypto for wolfssl (IDFGH-16535) #17658
• change(esp-tls): Improve support for wolfssl (IDFGH-15505) #16145
• Improving wolfSSL integration with the Espressif ESP-IDF (IDFGH-13019) #13966
• Improving wolfSSL integration with the Espressif ESP-IDF wolfSSL/wolfssl#7640
• ESP32 Espressif Improvements - Roadmap Summary wolfSSL/wolfssl#6234

Testing

The fully-implemented update is on my wolfssl-dev branch. I've been testing with this esp_http_client_example.

See also the published wolfSSL Managed component that already includes the Certificate Bundle feature introduced in wolfSSL/wolfssl#7936

---

Checklist

Before submitting a Pull Request, please ensure the following:

• 🚨 This PR does not introduce breaking changes.
• All CI checks (GH Actions) pass.
• Documentation is updated as needed.
• Tests are updated or added as necessary.
• Code is well-commented, especially in complex areas.
• Git history is clean — commits are squashed to the minimum necessary.

---

Note

Improves wolfSSL selection/linkage in esp-tls CMake and updates Kconfig (selects TLS_STACK_WOLFSSL, adds ESP_WOLFSSL_SMALL_CERT_VERIFY, and build diagnostics).

• Build system (components/esp-tls/CMakeLists.txt):
  • Add wolfSSL-aware build logic: set wolfssl_esp_tls_lib, include esp_tls_wolfssl.c, and add ${wolfssl_esp_tls_lib} to REQUIRES.
  • Introduce robust wolfSSL component discovery/linking across managed, converted, regular, and legacy esp-wolfssl locations; link COMPONENT_LIB to detected wolfssl.
  • Define compile flags -DWOLFSSL_ESPIDF and -DWOLFSSL_USER_SETTINGS.
  • Add extensive message(STATUS ...) diagnostics for configuration paths and decisions.
• Configuration (components/esp-tls/Kconfig):
  • Change wolfSSL option to select TLS_STACK_WOLFSSL (replaces depends on).
  • Add ESP_WOLFSSL_SMALL_CERT_VERIFY (default y) for reduced chain verification.
  • Add help text for wolfSSL option; retain OCSP-related settings.

^{Written by Cursor Bugbot for commit 75df0a7. This will update automatically on new commits. Configure here.}

[github-actions]

	Messages
📖	🎉 Good Job! All checks are passing!

👋 Hello gojimmypi, we appreciate your contribution to this project!

---

📘 Please review the project's Contributions Guide for key guidelines on code, documentation, testing, and more.

---

🖊️ Please also make sure you have read and signed the Contributor License Agreement for this project.

---

Click to see more instructions ...

This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...

We do welcome contributions in the form of bug reports, feature requests and pull requests via this public GitHub repository.

This GitHub project is public mirror of our internal git repository

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved, we synchronize it into our internal git repository.
4. In the internal git repository we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
5. If the change is approved and passes the tests it is merged into the default branch.
5. On next sync from the internal git repository merged change will appear in this public GitHub repository.

Generated by 🚫 dangerJS against 75df0a7

[cursor]

This is the final PR Bugbot will review for you during this billing cycle

Your free Bugbot reviews will reset on October 20

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[cursor]

Bug: Debug Output and Dependency Hardcoding

This change introduces two issues: accidentally committed debug message(STATUS) calls, including extensive CMAKE variable output, should be removed. Also, the wolfssl_esp_tls_lib variable is hardcoded to 'wolfssl' for the REQUIRES dependency, which conflicts with the dynamic component discovery logic and may cause build issues.