[From nobody Thu Jun 25 05:54:42 2020
Received: from sonic309-22.consmr.mail.ne1.yahoo.com ([66.163.184.148])
 by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux))
 id 1fUjZO-0002KV-T1
 for openwrt-devel@lists.openwrt.org; Mon, 18 Jun 2018 02:07:04 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1529287609; bh=sNVNp5hqPcfT+I1IQR8KJEcXp0WPoManLXAAbU9vApo=;
 h=From:To:Cc:Subject:Date:From:Subject;
 b=MIcacffhC0b6FEaiZfAUCeE0cqMaX6UycB8LW9+D0DYZPK1RnNTMn1M+DGws/C74gOZHGieCQp725qTnt92OhPgHJ1DSmHa/SFvaaHIA045kc835qWq1m5kwrgZykw6VNDGqWY26tFvSZGYp1Zj8oxMX/FhzNlEMhd1hBh6sp8r0YxPJ2BhRPGSe0JRYcLJ4LPxBJcfAqgBpPmrLdY45iZiXRU9aIfwE5HuSJV2j+JDDtPARHbpMPkIqmxjMTReZfoZnIMMNvG51n+H10l9mT0KYkbk9JFMkBr+/Mxw9Jchxrwkfah77JEH2fZSh9jrkxLAUE9AMVsYq2It66qZAIA==
X-YMail-OSG: Diwg14EVM1mgwoDRE3azdUuhk3GFyTmpkuJlZzfnSVTnr6O_w0cMr0WaeCWWhfM
 bYg7SgsXka8Rkbk4LOpi5wv4TnJX3HJfzXBdJ_SeDG4hHjWMQZ1huKt_UcdRQrtXit8Z0XsiIoSS
 pkT5pwfFMnLk0z3rKbsmPe.SwWWQ4iiBEk_CrAL0o1CzrOpVpR6bQzeg3QidQgn2SBOfqA3v5Rhq
 Fo3tgbjGfVTfc2RWq.g4KSVrdhDiAF6fPHbgd.L9oku4dgD2Ly1miCadD8vJaNuwpqpVDCp_d695
 Mj4UF9Xgzr0oyK_Mn3usgUbnZFI_HdkDXX4W.3JpS2to5fITTgtceK_6GL3jFzPbcKWctvuFFrva
 zGpZCLnqvSQTKpY3zu3ioYyrcAAshl7H4wNa8t10joPqwDD3U3pKldbdgwOUTkGhPa9aO6jf1PjC
 nD1_Q.fcA1cw3zCNQyIDbYnyjiU6c2uR0grNtAmw.tpczE2DbGBsYEXrBycfZj4aVbbE16fAF6E3
 dl_a0HYO_0cBkhLmlmS0hrxGW_W_nfCLEvsm3Hej0LUEBz.9B9T6gg2gufZXaif328El7uoO6SCw
 zlNOglEPYAG1eNvzsALADwrxlCZr9GFwoGETRuql9B_FsZ7aAqZhbkRaSdKFPeKuE.rTkSgp1MEA
 ZwGtcOjoWYtPz9AA0SptCH0A7TVztEsbxkZ1a.Qjqhv.VAiSJ8rGGDyyPGi2nLxlpC84RQQ1ztrX
 b7_Zp1lW7T0nu5n56SXFT_TRZToiRMj4QASQ78f4jBQcmbrr.k950jyz3SPdsXNF_9v_.zGgisJD
 pNOA1tszI4JgHJUlG3zSBNhwp0TCB48P8CUaCWq0XTpLFNaX.efEyBINq.0wkeVVdRjjxj5TWbb2
 Gl8g9snzJm55Ufg5U5Ifzoebfm06yEOrNlb_5EKhYrY6TRNJuxLz9CRdeXOJcw1lyqmfYte6UnCO
 FGJSeoJw-
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic309.consmr.mail.ne1.yahoo.com with HTTP; Mon, 18 Jun 2018 02:06:49 +0000
Received: from 18.175.75.177.infopasa.com.br (EHLO gateway.troianet.com.br)
 ([177.75.175.18])
 by smtp421.mail.ne1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID
 b0336d6b46bb304d581cdfb15fe4fa9f; 
 Mon, 18 Jun 2018 02:06:43 +0000 (UTC)
From: Eneas U de Queiroz &lt;cote2004-github@yahoo.com&gt;
To: openwrt-devel@lists.openwrt.org
Cc: Eneas U de Queiroz &lt;cote2004-github@yahoo.com&gt;
Subject: [PATCH] wolfssl: reorganized build options
Date: Sun, 17 Jun 2018 23:05:58 -0300
Message-Id: &lt;20180618020558.13295-1-cote2004-github@yahoo.com&gt;
X-Mailer: git-send-email 2.16.4
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20180617_190702_984196_982D7A37 
X-CRM114-Status: UNSURE (   6.84  )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -0.1 (/)
X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary:
 Content analysis details:   (-0.1 points)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
 trust [66.163.184.148 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
 (cote2004-github[at]yahoo.com)
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
 -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
 domain
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

Removed options that can't be turned off because we're building
with --enable-stunnel, some of which affected hostpad's Config.in.
Adjusted the title of OCSP option, as OCSP itself can't be turned off,
only the stapling part is selectable.
Fixed poly1035 build.  
Mark options turned on when wpad support is selected.
Add building with TLS v1.0 support as an option.

Signed-off-by: Eneas U de Queiroz &lt;cote2004-github@yahoo.com&gt;

PS: Is there any reason to split up chacha and poly1305 options?  
I would merge them in to a single option, but haven't done this here.
---
 package/libs/wolfssl/Config.in             | 17 ++++++---------
 package/libs/wolfssl/Makefile              | 33 ++++++++----------------------
 package/network/services/hostapd/Config.in |  3 ---
 3 files changed, 15 insertions(+), 38 deletions(-)

diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
index 50b0bb9cdf..45750a5892 100644
--- a/package/libs/wolfssl/Config.in
+++ b/package/libs/wolfssl/Config.in
@@ -12,10 +12,6 @@ config WOLFSSL_HAS_CHACHA
 	bool &quot;Include ChaCha cipher suite support&quot;
 	default n
 
-config WOLFSSL_HAS_ECC
-	bool &quot;Include ECC (Elliptic Curve Cryptography) support&quot;
-	default y
-
 config WOLFSSL_HAS_DH
 	bool &quot;Include DH (Diffie-Hellman) support&quot;
 	default y
@@ -24,12 +20,8 @@ config WOLFSSL_HAS_ARC4
 	bool &quot;Include ARC4 support&quot;
 	default y
 
-config WOLFSSL_HAS_DES3
-	bool &quot;Include DES3 (Tripple-DES) support&quot;
-	default y
-
-config WOLFSSL_HAS_PSK
-	bool &quot;Include PKS (Pre Share Key) support&quot;
+config WOLFSSL_HAS_TLSV10
+	bool &quot;Include TLS 1.0 support&quot;
 	default y
 
 config WOLFSSL_HAS_SESSION_TICKET
@@ -41,11 +33,14 @@ config WOLFSSL_HAS_DTLS
 	default n
 
 config WOLFSSL_HAS_OCSP
-	bool &quot;Include OSCP support&quot;
+	bool &quot;Include OSCP stapling support&quot;
 	default y
 
 config WOLFSSL_HAS_WPAS
 	bool &quot;Include wpa_supplicant support&quot;
+	select WOLFSSL_HAS_ARC4
+	select WOLFSSL_HAS_OCSP
+	select WOLFSSL_HAS_SESSION_TICKET
 	default y
 
 config WOLFSSL_HAS_ECC25519
diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index e08b6f3929..6e121330f4 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -26,11 +26,10 @@ PKG_CPE_ID:=cpe:/a:yassl:cyassl
 PKG_CONFIG_DEPENDS:=\
 	CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \
 	CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA \
-	CONFIG_WOLFSSL_HAS_DES3 CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
-	CONFIG_WOLFSSL_HAS_ECC CONFIG_WOLFSSL_HAS_ECC25519 \
+	CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
+	CONFIG_WOLFSSL_HAS_ECC25519 CONFIG_WOLFSSL_HAS_TLSV10 \
 	CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY_1305 \
-	CONFIG_WOLFSSL_HAS_PSK CONFIG_WOLFSSL_HAS_SESSION_TICKET \
-	CONFIG_WOLFSSL_HAS_WPAS
+	CONFIG_WOLFSSL_HAS_SESSION_TICKET CONFIG_WOLFSSL_HAS_WPAS
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -85,15 +84,9 @@ CONFIGURE_ARGS += \
 	--disable-chacha
 endif
 
-ifeq ($(CONFIG_WOLFSSL_HAS_ECC),y)
+ifneq ($(CONFIG_WOLFSSL_HAS_DH),y)
 CONFIGURE_ARGS += \
-	--enable-ecc \
-	--enable-supportedcurves
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
-CONFIGURE_ARGS += \
-	--enable-dh
+	--disable-dh
 endif
 
 ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
@@ -104,17 +97,9 @@ CONFIGURE_ARGS += \
 	--enable-arc4
 endif
 
-ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
-CONFIGURE_ARGS += \
-	--disable-des3
-else
-CONFIGURE_ARGS += \
-	--enable-des3
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
+ifeq ($(CONFIG_WOLFSSL_HAS_TLSV10),y)
 CONFIGURE_ARGS += \
-	--enable-psk
+	--enable-tlsv10
 endif
 
 ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
@@ -142,9 +127,9 @@ CONFIGURE_ARGS += \
 	--enable-curve25519
 endif
 
-ifneq ($(CONFIG_WOLFSSL_HAS_POLY1305),y)
+ifneq ($(CONFIG_WOLFSSL_HAS_POLY_1305),y)
 CONFIGURE_ARGS += \
-	--enable-poly1305
+	--disable-poly1305
 endif
 
 #ifneq ($(CONFIG_TARGET_x86),)
diff --git a/package/network/services/hostapd/Config.in b/package/network/services/hostapd/Config.in
index 222cfb7f13..23b0c9c037 100644
--- a/package/network/services/hostapd/Config.in
+++ b/package/network/services/hostapd/Config.in
@@ -71,11 +71,8 @@ config WPA_WOLFSSL
 	select WOLFSSL_HAS_AES_CCM
 	select WOLFSSL_HAS_AES_GCM
 	select WOLFSSL_HAS_ARC4
-	select WOLFSSL_HAS_DES3
 	select WOLFSSL_HAS_DH
-	select WOLFSSL_HAS_ECC
 	select WOLFSSL_HAS_OCSP
-	select WOLFSSL_HAS_PSK
 	select WOLFSSL_HAS_SESSION_TICKET
 	select WOLFSSL_HAS_WPAS
 
-- 
2.16.4


]