feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

build updates for lighttpd

Browse Source 
Update configure.ac and various #ifdefs to enable WolfSSL to
build features for use by lighttpd.

Change signature of wolfSSL_GetVersion() to take const arg.
Pass (const WOLFSSL*) to wolfSSL_GetVersion() for use with
SSL_CTX_set_info_callback(), where OpenSSL callback takes (const SSL *)
This commit is contained in:
Glenn Strauss
2020-07-01 23:19:13 -04:00
committed by Daniel Pouzzner
parent d784bd61cd
commit 503de43cbd
7 changed files with 27 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
configure.ac
View File

@@ -719,6 +719,13 @@ AC_ARG_ENABLE([nginx],
[ ENABLED_NGINX=no ] [ ENABLED_NGINX=no ]
) )
# lighty Support
AC_ARG_ENABLE([lighty],
[AS_HELP_STRING([--enable-lighty],[Enable lighttpd/lighty (default: disabled)])],
[ ENABLED_LIGHTY=$enableval ],
[ ENABLED_LIGHTY=no ]
)
# haproxy compatibility build # haproxy compatibility build
AC_ARG_ENABLE([haproxy], AC_ARG_ENABLE([haproxy],
[AS_HELP_STRING([--enable-haproxy],[Enable haproxy (default: disabled)])], [AS_HELP_STRING([--enable-haproxy],[Enable haproxy (default: disabled)])],
@@ -847,7 +854,7 @@ AC_ARG_ENABLE([opensslextra],
[ ENABLED_OPENSSLEXTRA=$enableval ], [ ENABLED_OPENSSLEXTRA=$enableval ],
[ ENABLED_OPENSSLEXTRA=no ] [ ENABLED_OPENSSLEXTRA=no ]
) )
if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes" if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_OPENSSLEXTRA="yes" ENABLED_OPENSSLEXTRA="yes"
fi fi
@@ -1656,7 +1663,7 @@ AC_ARG_ENABLE([sessioncerts],
[ ENABLED_SESSIONCERTS=no ] [ ENABLED_SESSIONCERTS=no ]
) )
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_SESSIONCERTS=yes ENABLED_SESSIONCERTS=yes
fi fi
@@ -3097,7 +3104,7 @@ AC_ARG_ENABLE([ocsp],
[ ENABLED_OCSP=no ], [ ENABLED_OCSP=no ],
) )
if test "x$ENABLED_OPENSSLALL" = "xyes" || test "x$ENABLED_NGINX" = "xyes" if test "x$ENABLED_OPENSSLALL" = "xyes" || test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_OCSP=yes ENABLED_OCSP=yes
fi fi
@@ -3129,7 +3136,7 @@ AC_ARG_ENABLE([ocspstapling],
[ ENABLED_CERTIFICATE_STATUS_REQUEST=no ] [ ENABLED_CERTIFICATE_STATUS_REQUEST=no ]
) )
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_CERTIFICATE_STATUS_REQUEST="yes" ENABLED_CERTIFICATE_STATUS_REQUEST="yes"
fi fi
@@ -3154,7 +3161,7 @@ AC_ARG_ENABLE([ocspstapling2],
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ] [ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ]
) )
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_CERTIFICATE_STATUS_REQUEST_V2=yes ENABLED_CERTIFICATE_STATUS_REQUEST_V2=yes
fi fi
@@ -3180,7 +3187,7 @@ AC_ARG_ENABLE([crl],
) )
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno" if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_CRL=yes ENABLED_CRL=yes
fi fi
@@ -3533,7 +3540,7 @@ AC_ARG_ENABLE([session-ticket],
[ ENABLED_SESSION_TICKET=no ] [ ENABLED_SESSION_TICKET=no ]
) )
if test "x$ENABLED_NGINX" = "xyes" || test "$ENABLED_WPAS" = "yes" || test "x$ENABLED_HAPROXY" = "xyes" if test "x$ENABLED_NGINX" = "xyes" || test "$ENABLED_WPAS" = "yes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_SESSION_TICKET=yes ENABLED_SESSION_TICKET=yes
fi fi
@@ -3562,7 +3569,7 @@ AC_ARG_ENABLE([tlsx],
[ ENABLED_TLSX=no ] [ ENABLED_TLSX=no ]
) )
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_SIGNAL" = "xyes" if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_SIGNAL" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
ENABLED_TLSX=yes ENABLED_TLSX=yes
fi fi
@@ -3891,12 +3898,6 @@ then
fi fi
fi fi
# lighty Support
AC_ARG_ENABLE([lighty],
[AS_HELP_STRING([--enable-lighty],[Enable lighttpd/lighty (default: disabled)])],
[ ENABLED_LIGHTY=$enableval ],
[ ENABLED_LIGHTY=no ]
)
if test "$ENABLED_LIGHTY" = "yes" if test "$ENABLED_LIGHTY" = "yes"
then then
# Requires opensslextra make sure on # Requires opensslextra make sure on
@@ -3906,6 +3907,8 @@ then
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
fi fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1" AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1"
AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL2 -DOPENSSL_NO_SSL3 -DOPENSSL_NO_COMP"
fi fi
if test "$ENABLED_NGINX" = "yes" if test "$ENABLED_NGINX" = "yes"

2
src/ocsp.c
View File

@@ -494,7 +494,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
} }
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD) defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
WOLFSSL_OCSP_CERTID* id, int* status, int* reason, WOLFSSL_OCSP_CERTID* id, int* status, int* reason,

5
src/ssl.c
View File

@@ -4041,7 +4041,7 @@ int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version)
/* Function to get version as WOLFSSL_ enum value for wolfSSL_SetVersion */ /* Function to get version as WOLFSSL_ enum value for wolfSSL_SetVersion */
int wolfSSL_GetVersion(WOLFSSL* ssl) int wolfSSL_GetVersion(const WOLFSSL* ssl)
{ {
if (ssl == NULL) if (ssl == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@@ -44517,7 +44517,8 @@ WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x)
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
#ifdef HAVE_ALPN #ifdef HAVE_ALPN
void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data, void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data,
unsigned int *len) unsigned int *len)

2
wolfssl/internal.h
View File

@@ -2808,7 +2808,7 @@ struct WOLFSSL_CTX {
#ifdef HAVE_EX_DATA #ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data; WOLFSSL_CRYPTO_EX_DATA ex_data;
#endif #endif
#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) #if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY))
CallbackALPNSelect alpnSelect; CallbackALPNSelect alpnSelect;
void* alpnSelectArg; void* alpnSelectArg;
#endif #endif

4
wolfssl/ocsp.h
View File

@@ -38,7 +38,7 @@
typedef struct WOLFSSL_OCSP WOLFSSL_OCSP; typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\ #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY) defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP; typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP;
typedef struct OcspRequest WOLFSSL_OCSP_CERTID; typedef struct OcspRequest WOLFSSL_OCSP_CERTID;
@@ -62,7 +62,7 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
OcspEntry *entry, OcspRequest *ocspRequest); OcspEntry *entry, OcspRequest *ocspRequest);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD) defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
WOLFSSL_OCSP_CERTID *id, int *status, int *reason, WOLFSSL_OCSP_CERTID *id, int *status, int *reason,

4
wolfssl/ssl.h
View File

@@ -2392,7 +2392,7 @@ WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void);
WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void); WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void);
WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int);
WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*);
WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_GetVersion(const WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
/* moved to asn.c, old names kept for backwards compatibility */ /* moved to asn.c, old names kept for backwards compatibility */
@@ -2929,7 +2929,7 @@ enum {
WOLFSSL_MAX_ALPN_NUMBER = 257 WOLFSSL_MAX_ALPN_NUMBER = 257
}; };
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out, typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out,
unsigned char* outLen, const unsigned char* in, unsigned int inLen, unsigned char* outLen, const unsigned char* in, unsigned int inLen,
void *arg); void *arg);

2
wolfssl/wolfcrypt/asn.h
View File

@@ -1262,7 +1262,7 @@ struct CertStatus {
byte nextDate[MAX_DATE_SIZE]; byte nextDate[MAX_DATE_SIZE];
byte thisDateFormat; byte thisDateFormat;
byte nextDateFormat; byte nextDateFormat;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
WOLFSSL_ASN1_TIME thisDateParsed; WOLFSSL_ASN1_TIME thisDateParsed;
WOLFSSL_ASN1_TIME nextDateParsed; WOLFSSL_ASN1_TIME nextDateParsed;
byte* thisDateAsn; byte* thisDateAsn;