[LEDE-DEV] [PATCH] wolfssl: enable openssl 1.0.1 compatibility

Karl Palsson karlp at tweak.net.au
Mon Jun 6 08:49:21 PDT 2016 

From: Karl Palsson <karlp at etactica.com>

>From wolfssl/openssl/opensslv.h, and from skimming the contents of what
"--enable-stunnel" actually does, it seems that --enable-opensslextra
doesn't give you the "full" openssl compatibility that you may wish for
these days.  Unfortuantely, while wolfssl writes the build time options
into wolfssl/options.h, it doesn't include that file itself.  User
applications must include that directly.

Signed-off-by: Karl Palsson <karlp at etactica.com>
---
 package/libs/cyassl/Makefile                          |  1 +
 ...ove_SSL_set_tlsext_host_name_outside_STUNNEL.patch | 19 -------------------
 2 files changed, 1 insertion(+), 19 deletions(-)
 delete mode 100644 package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch

diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile
index b6440f3..a2b3b5e 100644
--- a/package/libs/cyassl/Makefile
+++ b/package/libs/cyassl/Makefile
@@ -41,6 +41,7 @@ CONFIGURE_ARGS += \
 	--enable-singlethreaded \
 	--enable-opensslextra \
 	--enable-sni \
+	--enable-stunnel \
 	--enable-ecc \
 	--disable-examples
 
diff --git a/package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch b/package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch
deleted file mode 100644
index 51d89f7..0000000
--- a/package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- a/wolfssl/openssl/ssl.h
-+++ b/wolfssl/openssl/ssl.h
-@@ -402,6 +402,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR
- /* yassl had set the default to be 500 */
- #define SSL_get_default_timeout(ctx) 500
- 
-+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y))
-+
- /* Lighthttp compatibility */
- 
- #ifdef HAVE_LIGHTY                       
-@@ -488,7 +490,6 @@ typedef WOLFSSL_ASN1_BIT_STRING    ASN1_
- #define SSL_TLSEXT_ERR_NOACK                 alert_warning
- #define TLSEXT_NAMETYPE_host_name            WOLFSSL_SNI_HOST_NAME
- 
--#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name
- #define SSL_get_servername wolfSSL_get_servername
- #define SSL_set_SSL_CTX                  wolfSSL_set_SSL_CTX
- #define SSL_CTX_get_verify_callback      wolfSSL_CTX_get_verify_callback
-- 
2.4.11

More information about the Lede-dev mailing list