mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-28 01:28:59 +00:00
wolfssl: update to 4.0.0-stable
Removed options that can't be turned off because we're building with --enable-stunnel, some of which affect hostapd's Config.in. Adjusted the title of OCSP option, as OCSP itself can't be turned off, only the stapling part is selectable. Mark options turned on when wpad support is selected. Add building options for TLS 1.0, and TLS 1.3. Add hardware crypto support, which due to a bug, only works when CCM support is turned off. Reorganized option conditionals in Makefile. Add Eneas U de Queiroz as maintainer. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This commit is contained in:
parent
2792daab5a
commit
ff69364ad8
@ -8,12 +8,8 @@ config WOLFSSL_HAS_AES_GCM
|
||||
bool "Include AES-GCM support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_CHACHA
|
||||
bool "Include ChaCha cipher suite support"
|
||||
default n
|
||||
|
||||
config WOLFSSL_HAS_ECC
|
||||
bool "Include ECC (Elliptic Curve Cryptography) support"
|
||||
config WOLFSSL_HAS_CHACHA_POLY
|
||||
bool "Include ChaCha20-Poly1305 cipher suite support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_DH
|
||||
@ -24,12 +20,17 @@ config WOLFSSL_HAS_ARC4
|
||||
bool "Include ARC4 support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_DES3
|
||||
bool "Include DES3 (Tripple-DES) support"
|
||||
config WOLFSSL_HAS_TLSV10
|
||||
bool "Include TLS 1.0 support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_PSK
|
||||
bool "Include PKS (Pre Share Key) support"
|
||||
if !(WOLFSSL_HAS_AES_CCM||WOLFSSL_HAS_AES_GCM||WOLFSSL_HAS_CHACHA_POLY)
|
||||
comment "! TLS 1.3 support needs one of: AES-CCM, AES-GCM, ChaCha20-Poly1305"
|
||||
endif
|
||||
|
||||
config WOLFSSL_HAS_TLSV13
|
||||
bool "Include TLS 1.3 support"
|
||||
depends on WOLFSSL_HAS_AES_CCM||WOLFSSL_HAS_AES_GCM||WOLFSSL_HAS_CHACHA_POLY
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_SESSION_TICKET
|
||||
@ -41,20 +42,40 @@ config WOLFSSL_HAS_DTLS
|
||||
default n
|
||||
|
||||
config WOLFSSL_HAS_OCSP
|
||||
bool "Include OSCP support"
|
||||
bool "Include OSCP stapling support"
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_WPAS
|
||||
bool "Include wpa_supplicant support"
|
||||
select WOLFSSL_HAS_ARC4
|
||||
select WOLFSSL_HAS_OCSP
|
||||
select WOLFSSL_HAS_SESSION_TICKET
|
||||
default y
|
||||
|
||||
config WOLFSSL_HAS_ECC25519
|
||||
bool "Include ECC Curve 22519 support"
|
||||
depends on WOLFSSL_HAS_ECC
|
||||
default n
|
||||
|
||||
config WOLFSSL_HAS_POLY1305
|
||||
bool "Include Poly-1305 support"
|
||||
default n
|
||||
if WOLFSSL_HAS_AES_CCM
|
||||
comment "! Hardware Acceleration does not build with AES-CCM enabled"
|
||||
endif
|
||||
if !WOLFSSL_HAS_AES_CCM
|
||||
choice
|
||||
prompt "Hardware Acceleration"
|
||||
default WOLFSSL_HAS_NO_HW
|
||||
|
||||
config WOLFSSL_HAS_NO_HW
|
||||
bool "None"
|
||||
|
||||
config WOLFSSL_HAS_AFALG
|
||||
bool "AF_ALG"
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO_AES
|
||||
bool "/dev/crypto - AES-only"
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO_FULL
|
||||
bool "/dev/crypto - full"
|
||||
endchoice
|
||||
endif
|
||||
|
||||
endif
|
||||
|
@ -8,12 +8,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=wolfssl
|
||||
PKG_VERSION:=3.15.7-stable
|
||||
PKG_VERSION:=4.0.0-stable
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
|
||||
PKG_HASH:=dc97c07a7667b39a890e14f4b4a209f51524a4cabee7adb6c80822ee78c1f62a
|
||||
PKG_HASH:=6cf678c72b485d1904047c40c20f85104c96b5f39778822783a2c407ccb23657
|
||||
|
||||
PKG_FIXUP:=libtool
|
||||
PKG_INSTALL:=1
|
||||
@ -21,15 +21,17 @@ PKG_USE_MIPS16:=0
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
PKG_LICENSE:=GPL-2.0-or-later
|
||||
PKG_LICENSE_FILES:=LICENSING COPYING
|
||||
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
|
||||
PKG_CPE_ID:=cpe:/a:wolfssl:wolfssl
|
||||
|
||||
PKG_CONFIG_DEPENDS:=\
|
||||
CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \
|
||||
CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA \
|
||||
CONFIG_WOLFSSL_HAS_DES3 CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
|
||||
CONFIG_WOLFSSL_HAS_ECC CONFIG_WOLFSSL_HAS_ECC25519 \
|
||||
CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY1305 \
|
||||
CONFIG_WOLFSSL_HAS_PSK CONFIG_WOLFSSL_HAS_SESSION_TICKET \
|
||||
CONFIG_WOLFSSL_HAS_AFALG CONFIG_WOLFSSL_HAS_ARC4 \
|
||||
CONFIG_WOLFSSL_HAS_CHACHA_POLY CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES \
|
||||
CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL, CONFIG_WOLFSSL_HAS_DH \
|
||||
CONFIG_WOLFSSL_HAS_DTLS CONFIG_WOLFSSL_HAS_ECC25519 \
|
||||
CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_SESSION_TICKET \
|
||||
CONFIG_WOLFSSL_HAS_TLSV10 CONFIG_WOLFSSL_HAS_TLSV13 \
|
||||
CONFIG_WOLFSSL_HAS_WPAS
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
@ -42,6 +44,7 @@ define Package/libwolfssl
|
||||
URL:=http://www.wolfssl.com/
|
||||
MENU:=1
|
||||
PROVIDES:=libcyassl
|
||||
DEPENDS:=+WOLFSSL_HAS_DEVCRYPTO:kmod-cryptodev +WOLFSSL_HAS_AFALG:kmod-crypto-user
|
||||
ABI_VERSION:=19
|
||||
endef
|
||||
|
||||
@ -64,68 +67,20 @@ CONFIGURE_ARGS += \
|
||||
--disable-examples \
|
||||
--disable-leanpsk \
|
||||
--disable-leantls \
|
||||
|
||||
ifeq ($(CONFIG_IPV6),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-ipv6
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_AES_CCM),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-aesccm
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_WOLFSSL_HAS_AES_GCM),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--disable-aesgcm
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_WOLFSSL_HAS_CHACHA),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--disable-chacha
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_ECC),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-ecc \
|
||||
--enable-supportedcurves
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-dh
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--disable-arc4
|
||||
else
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-arc4
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--disable-des3
|
||||
else
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-des3
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-psk
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-session-ticket
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-dtls
|
||||
endif
|
||||
--$(if $(CONFIG_IPV6),enable,disable)-ipv6 \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_AES_CCM),enable,disable)-aesccm \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_AES_GCM),enable,disable)-aesgcm \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_CHACHA_POLY),enable,disable)-chacha \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_CHACHA_POLY),enable,disable)-poly1305 \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_DH),enable,disable)-dh \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_ARC4),enable,disable)-arc4 \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_TLSV10),enable,disable)-tlsv10 \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_TLSV13),enable,disable)-tls13 \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_SESSION_TICKET),enable,disable)-session-ticket \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_DTLS),enable,disable)-dtls \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_ECC25519),enable,disable)-curve25519 \
|
||||
--$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \
|
||||
--enable-devcrypto=$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES),aes,$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL),yes,no))
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y)
|
||||
CONFIGURE_ARGS += \
|
||||
@ -137,23 +92,6 @@ CONFIGURE_ARGS += \
|
||||
--enable-wpas --enable-sha512 --enable-fortress --enable-fastmath
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-curve25519
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_WOLFSSL_HAS_POLY1305),y)
|
||||
CONFIGURE_ARGS += \
|
||||
--enable-poly1305
|
||||
endif
|
||||
|
||||
#ifneq ($(CONFIG_TARGET_x86),)
|
||||
# CONFIGURE_ARGS += --enable-intelasm
|
||||
#endif
|
||||
#ifneq ($(CONFIG_TARGET_x86_64),)
|
||||
# CONFIGURE_ARGS += --enable-intelasm
|
||||
#endif
|
||||
|
||||
define Build/InstallDev
|
||||
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- a/wolfssl/wolfcrypt/settings.h
|
||||
+++ b/wolfssl/wolfcrypt/settings.h
|
||||
@@ -1759,7 +1759,7 @@ extern void uITRON4_free(void *p) ;
|
||||
@@ -1880,7 +1880,7 @@ extern void uITRON4_free(void *p) ;
|
||||
#endif
|
||||
|
||||
/* warning for not using harden build options (default with ./configure) */
|
||||
|
@ -1,23 +0,0 @@
|
||||
From 42eacece82b6375a9f4bab3903a1a39f7d1dd579 Mon Sep 17 00:00:00 2001
|
||||
From: John Safranek <john@wolfssl.com>
|
||||
Date: Tue, 5 Mar 2019 09:26:30 -0800
|
||||
Subject: [PATCH] AR flags configure update In at least one environment the
|
||||
check for particular AR options was failing due to a bash script bug. Deleted
|
||||
an extra pair of parenthesis triggering an arithmetic statement when
|
||||
redundant grouping was desired.
|
||||
|
||||
---
|
||||
configure.ac | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -15,7 +15,7 @@ AC_CONFIG_AUX_DIR([build-aux])
|
||||
: ${CFLAGS=""}
|
||||
|
||||
# Test ar for the "U" option. Should be checked before the libtool macros.
|
||||
-xxx_ar_flags=$((ar --help) 2>&1)
|
||||
+xxx_ar_flags=$(ar --help 2>&1)
|
||||
AS_CASE([$xxx_ar_flags],[*'use actual timestamps and uids/gids'*],[: ${AR_FLAGS="Ucru"}])
|
||||
|
||||
AC_PROG_CC
|
@ -1,6 +1,6 @@
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -4614,7 +4614,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
|
||||
@@ -4740,7 +4740,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
|
||||
AC_CONFIG_FILES([Makefile wolfssl/version.h wolfssl/options.h cyassl/options.h support/wolfssl.pc rpm/spec])
|
||||
|
||||
AX_CREATE_GENERIC_CONFIG
|
||||
|
Loading…
Reference in New Issue
Block a user