mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-21 14:37:57 +00:00
libs/wolfssl: add SAN (Subject Alternative Name) support
x509v3 SAN extension is required to generate a certificate compatible with
chromium-based web browsers (version >58)
It can be disabled via unsetting CONFIG_WOLFSSL_ALT_NAMES
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit dfd695f4b9
)
This commit is contained in:
parent
5ea2e1d5ba
commit
7d376e6e52
@ -51,6 +51,10 @@ config WOLFSSL_HAS_ECC25519
|
||||
bool "Include ECC Curve 25519 support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_ALT_NAMES
|
||||
bool "Include SAN (Subject Alternative Name) support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO
|
||||
bool
|
||||
|
||||
|
@ -31,7 +31,8 @@ PKG_CONFIG_DEPENDS:=\
|
||||
CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
|
||||
CONFIG_WOLFSSL_HAS_ECC25519 CONFIG_WOLFSSL_HAS_OCSP \
|
||||
CONFIG_WOLFSSL_HAS_SESSION_TICKET CONFIG_WOLFSSL_HAS_TLSV10 \
|
||||
CONFIG_WOLFSSL_HAS_TLSV13 CONFIG_WOLFSSL_HAS_WPAS CONFIG_WOLFSSL_HAS_CERTGEN
|
||||
CONFIG_WOLFSSL_HAS_TLSV13 CONFIG_WOLFSSL_HAS_WPAS CONFIG_WOLFSSL_HAS_CERTGEN \
|
||||
CONFIG_WOLFSSL_ALT_NAMES
|
||||
|
||||
PKG_ABI_VERSION=$(patsubst %-stable,%,$(PKG_VERSION)).$(call version_abbrev,$(call confvar,$(PKG_CONFIG_DEPENDS)))
|
||||
|
||||
@ -63,7 +64,8 @@ TARGET_CFLAGS += \
|
||||
-fomit-frame-pointer \
|
||||
-flto \
|
||||
-DFP_MAX_BITS=8192 \
|
||||
-DWOLFSSL_ALT_CERT_CHAINS
|
||||
-DWOLFSSL_ALT_CERT_CHAINS \
|
||||
$(if $(CONFIG_WOLFSSL_ALT_NAMES),-DWOLFSSL_ALT_NAMES)
|
||||
|
||||
TARGET_LDFLAGS += -flto
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user