[LEDE-DEV] [PATCH] wolfssl: fix options and add support for wpa_supplicant features
Alexandru Ardelean
ardeleanalex at gmail.com
Wed May 2 12:53:59 PDT 2018
On Sat, Apr 28, 2018 at 9:55 PM, Daniel Golle <daniel at makrotopia.org> wrote:
> Some options' default values have been changed upstream, others were
> accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options
> needed to build hostapd/wpa_supplicant against wolfssl.
Sorry for the late reply.
I wanted to take a look at the patch and check it a bit.
I noticed that your patch is applied now to master.
Overall this is good.
I've been wanting for a while to rework this.
Your approach is better right now before the release [than my rework].
Something like this:
https://github.com/commodo/openwrt/commit/d41ea4f342de7dbb02c9cfb0b19373c39ec24f81
I'll test it a bit more.
One more comment inline below.
>
> Signed-off-by: Daniel Golle <daniel at makrotopia.org>
> ---
> package/libs/wolfssl/Config.in | 12 ++++++++++++
> package/libs/wolfssl/Makefile | 33 ++++++++++++++++++++++++++++-----
> 2 files changed, 40 insertions(+), 5 deletions(-)
>
> diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
> index 7e8a4b6cee..9b88914516 100644
> --- a/package/libs/wolfssl/Config.in
> +++ b/package/libs/wolfssl/Config.in
> @@ -32,10 +32,22 @@ config WOLFSSL_HAS_PSK
> bool "Include PKS (Pre Share Key) support"
> default n
>
> +config WOLFSSL_HAS_SESSION_TICKET
> + bool "Include session ticket support"
> + default n
> +
> config WOLFSSL_HAS_DTLS
> bool "Include DTLS support"
> default n
>
> +config WOLFSSL_HAS_OCSP
> + bool "Include OSCP support"
> + default n
> +
> +config WOLFSSL_HAS_WPAS
> + bool "Include wpa_supplicant support"
> + default n
> +
> config WOLFSSL_HAS_ECC25519
> bool "Include ECC Curve 22519 support"
> depends on WOLFSSL_HAS_ECC
> diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
> index 1d4b7f5579..d0bd3b5a35 100644
> --- a/package/libs/wolfssl/Makefile
> +++ b/package/libs/wolfssl/Makefile
> @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
>
> PKG_NAME:=wolfssl
> PKG_VERSION:=3.12.2
> -PKG_RELEASE:=1
> +PKG_RELEASE:=2
>
> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
> PKG_SOURCE_URL:=https://www.wolfssl.com/
> @@ -51,7 +51,9 @@ CONFIGURE_ARGS += \
> --enable-opensslextra \
> --enable-sni \
> --enable-stunnel \
> - --disable-examples
> + --disable-examples \
> + --disable-leanpsk \
> + --disable-leantls \
Nitpick: these are disabled by default.
No need to disable them here.
>
> ifeq ($(CONFIG_IPV6),y)
> CONFIGURE_ARGS += \
> @@ -79,19 +81,25 @@ CONFIGURE_ARGS += \
> --enable-supportedcurves
> endif
>
> -ifneq ($(CONFIG_WOLFSSL_HAS_DH),y)
> +ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
> CONFIGURE_ARGS += \
> --enable-dh
> endif
>
> -ifeq ($(CONFIG_WOLFSSL_HAS_ARC4),n)
> +ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
> CONFIGURE_ARGS += \
> --disable-arc4
> +else
> +CONFIGURE_ARGS += \
> + --enable-arc4
> endif
>
> -ifeq ($(CONFIG_WOLFSSL_HAS_DES3),y)
> +ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
> CONFIGURE_ARGS += \
> --disable-des3
> +else
> +CONFIGURE_ARGS += \
> + --enable-des3
> endif
>
> ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
> @@ -99,11 +107,26 @@ CONFIGURE_ARGS += \
> --enable-psk
> endif
>
> +ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
> +CONFIGURE_ARGS += \
> + --enable-session-ticket
> +endif
> +
> ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y)
> CONFIGURE_ARGS += \
> --enable-dtls
> endif
>
> +ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y)
> +CONFIGURE_ARGS += \
> + --enable-ocsp --enable-ocspstapling --enable-ocspstapling2
> +endif
> +
> +ifeq ($(CONFIG_WOLFSSL_HAS_WPAS),y)
> +CONFIGURE_ARGS += \
> + --enable-wpas --enable-sha512 --enable-fortress --enable-fastmath
> +endif
> +
> ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y)
> CONFIGURE_ARGS += \
> --enable-curve25519
Thanks for this patch :)
Alex
> --
> 2.17.0
>
More information about the Lede-dev
mailing list