forked from wolfSSL/wolfssl
Fixes for building --enable-wpas=small with WPA Supplicant v2.7.
This commit is contained in:
David Garske
35
configure.ac
35
configure.ac
@ -645,26 +645,21 @@ then
|
||||
AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6 -DWOLFSSL_IPV6"
|
||||
fi
|
||||
|
||||
|
||||
if test "$ENABLED_WPAS" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_SECRET_CALLBACK -DWOLFSSL_STATIC_RSA"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PUBLIC_MP -DWOLFSSL_PUBLIC_ECC_ADD_DBL"
|
||||
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER -DHAVE_EX_DATA -DWOLFSSL_KEEP_PEER_CERT"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_VERIFY_CB"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT -DWOLFSSL_DER_LOAD"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN -DWOLFSSL_DES_ECB"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WPAS"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_WPAS" = "small"
|
||||
if test "$ENABLED_WPAS" != "no"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WPAS_SMALL"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_VERIFY_CB"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_KEEP_SNI"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EITHER_SIDE"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WPAS_SMALL"
|
||||
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA_X509_SMALL"
|
||||
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PUBLIC_MP"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DER_LOAD"
|
||||
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DES_ECB"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_FORTRESS" = "yes"
|
||||
@ -2323,7 +2318,7 @@ AC_ARG_ENABLE([des3],
|
||||
[ ENABLED_DES3=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_QT" = "yes" || test "$ENABLED_OPENVPN" = "yes"
|
||||
if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_QT" = "yes" || test "$ENABLED_OPENVPN" = "yes" || test "x$ENABLED_WPAS" != "xno"
|
||||
then
|
||||
ENABLED_DES3="yes"
|
||||
fi
|
||||
@ -2411,7 +2406,7 @@ AC_ARG_ENABLE([cmac],
|
||||
[ ENABLED_CMAC=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WPAS" = "yes"
|
||||
if test "$ENABLED_WPAS" != "no"
|
||||
then
|
||||
ENABLED_CMAC=yes
|
||||
fi
|
||||
@ -2848,7 +2843,7 @@ AC_ARG_ENABLE([crl],
|
||||
)
|
||||
|
||||
|
||||
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes"
|
||||
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno"
|
||||
then
|
||||
ENABLED_CRL=yes
|
||||
fi
|
||||
@ -3871,7 +3866,7 @@ AC_ARG_ENABLE([md4],
|
||||
if test "$ENABLED_MD4" = "no"
|
||||
then
|
||||
#turn on MD4 if using stunnel
|
||||
if test "x$ENABLED_STUNNEL" = "xyes"
|
||||
if test "x$ENABLED_STUNNEL" = "xyes" || test "x$ENABLED_WPAS" != "xno"
|
||||
then
|
||||
ENABLED_MD4="yes"
|
||||
else
|
||||
@ -4884,7 +4879,7 @@ AC_ARG_ENABLE([aeskeywrap],
|
||||
[ ENABLED_AESKEYWRAP=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WPAS" = "yes" && test "$ENABLED_FIPS" = "no"
|
||||
if test "$ENABLED_WPAS" != "no" && test "$ENABLED_FIPS" = "no"
|
||||
then
|
||||
ENABLED_AESKEYWRAP="yes"
|
||||
fi
|
||||
|
||||
79
src/ssl.c
79
src/ssl.c
@ -17658,10 +17658,9 @@ int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name)
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || \
|
||||
defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
|
||||
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || \
|
||||
defined(SESSION_CERTS)
|
||||
/* return the next, if any, altname from the peer cert */
|
||||
WOLFSSL_ABI
|
||||
char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* cert)
|
||||
@ -17807,6 +17806,11 @@ int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_EXTRA || KEEP_OUR_CERT || KEEP_PEER_CERT || SESSION_CERTS */
|
||||
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
|
||||
defined(KEEP_OUR_CERT) || defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
|
||||
|
||||
/* not an openssl compatibility function - getting for derCert */
|
||||
const byte* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz)
|
||||
@ -17820,6 +17824,10 @@ int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name)
|
||||
return x509->derCert->buffer;
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL || KEEP_OUR_CERT || KEEP_PEER_CERT || SESSION_CERTS */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
||||
/* used by JSSE (not a standard compatibility function) */
|
||||
/* this is not thread safe */
|
||||
WOLFSSL_ABI
|
||||
@ -17838,6 +17846,7 @@ int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name)
|
||||
|
||||
return notBeforeData;
|
||||
}
|
||||
|
||||
/* used by JSSE (not a standard compatibility function) */
|
||||
/* this is not thread safe */
|
||||
WOLFSSL_ABI
|
||||
@ -18001,6 +18010,7 @@ byte* wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509* x509,byte* in,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SEP */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
/* require OPENSSL_EXTRA since wolfSSL_X509_free is wrapped by OPENSSL_EXTRA */
|
||||
#if !defined(NO_CERTS) && defined(OPENSSL_EXTRA)
|
||||
@ -18288,9 +18298,9 @@ void wolfSSL_ACCESS_DESCRIPTION_free(WOLFSSL_ACCESS_DESCRIPTION* access)
|
||||
|
||||
/* access = NULL, don't try to access or double free it */
|
||||
}
|
||||
#endif
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_QT */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
||||
/* create a generic wolfSSL stack node
|
||||
* returns a new WOLFSSL_STACK structure on success */
|
||||
@ -18376,9 +18386,7 @@ int wolfSSL_sk_push(WOLFSSL_STACK* sk, const void *data)
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
/* Creates and returns new GENERAL_NAME structure */
|
||||
WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_new(void)
|
||||
{
|
||||
@ -19059,9 +19067,7 @@ int wolfSSL_i2d_DHparams(const WOLFSSL_DH *dh, unsigned char **out)
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#ifndef NO_FILESYSTEM
|
||||
|
||||
#ifndef NO_STDIO_FILESYSTEM
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
|
||||
|
||||
WOLFSSL_X509* wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file)
|
||||
{
|
||||
@ -19099,8 +19105,12 @@ WOLFSSL_X509* wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file)
|
||||
return newX509;
|
||||
}
|
||||
|
||||
#endif /* NO_STDIO_FILESYSTEM */
|
||||
#endif /* OPENSSL_EXTRA && !NO_FILESYSTEM && !NO_STDIO_FILESYSTEM */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
|
||||
defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
|
||||
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_ABI
|
||||
WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
{
|
||||
@ -19165,9 +19175,7 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
|
||||
return x509;
|
||||
}
|
||||
|
||||
#endif /* NO_FILESYSTEM */
|
||||
|
||||
#endif /* !NO_FILESYSTEM */
|
||||
|
||||
WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer(
|
||||
const unsigned char* buf, int sz, int format)
|
||||
@ -19234,7 +19242,7 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer(
|
||||
return x509;
|
||||
}
|
||||
|
||||
#endif /* KEEP_PEER_CERT || SESSION_CERTS */
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL || KEEP_PEER_CERT || SESSION_CERTS */
|
||||
|
||||
/* OPENSSL_EXTRA is needed for wolfSSL_X509_d21 function
|
||||
KEEP_OUR_CERT is to insure ability for returning ssl certificate */
|
||||
@ -23838,8 +23846,8 @@ int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, time_t* cmpTime)
|
||||
}
|
||||
#endif /* !NO_ASN_TIME */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
|
||||
!defined(TIME_OVERRIDES)
|
||||
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
|
||||
!defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
|
||||
WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj_ex(WOLFSSL_ASN1_TIME *asnTime,
|
||||
int offset_day, long offset_sec, time_t *in_tm)
|
||||
{
|
||||
@ -23884,6 +23892,9 @@ WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value(
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
/* Used to create a new WOLFSSL_ASN1_INTEGER structure.
|
||||
* returns a pointer to new structure on success and NULL on failure
|
||||
*/
|
||||
@ -24058,7 +24069,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509* x509)
|
||||
return a;
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
|
||||
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
|
||||
@ -27406,9 +27417,6 @@ WOLFSSL_STACK* wolfSSL_sk_new_null(void)
|
||||
|
||||
return sk;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
||||
WOLFSSL_BASIC_CONSTRAINTS* wolfSSL_BASIC_CONSTRAINTS_new(void)
|
||||
{
|
||||
@ -27477,7 +27485,7 @@ int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk)
|
||||
return (int)sk->num;
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
|
||||
defined(HAVE_EXT_CACHE))
|
||||
@ -44025,7 +44033,7 @@ int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
#endif /* OCSP */
|
||||
#endif /* OPENSSL_ALL / WOLFSSL_NGINX / WOLFSSL_HAPROXY */
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
|
||||
|
||||
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
|
||||
defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
|
||||
@ -44246,6 +44254,20 @@ int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer, WOLFSSL_X509 *subject)
|
||||
return X509_V_OK;
|
||||
}
|
||||
|
||||
char* wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* strings,
|
||||
int idx)
|
||||
{
|
||||
for (; idx > 0 && strings != NULL; idx--)
|
||||
strings = strings->next;
|
||||
if (strings == NULL)
|
||||
return NULL;
|
||||
return strings->data.string;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
||||
WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_X509_dup");
|
||||
@ -44258,16 +44280,7 @@ WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x)
|
||||
return wolfSSL_X509_d2i(NULL, x->derCert->buffer, x->derCert->length);
|
||||
}
|
||||
|
||||
char* wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* strings,
|
||||
int idx)
|
||||
{
|
||||
for (; idx > 0 && strings != NULL; idx--)
|
||||
strings = strings->next;
|
||||
if (strings == NULL)
|
||||
return NULL;
|
||||
return strings->data.string;
|
||||
}
|
||||
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */
|
||||
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
|
||||
#ifdef HAVE_ALPN
|
||||
|
||||
@ -3659,7 +3659,7 @@ struct WOLFSSL_X509 {
|
||||
WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */
|
||||
WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */
|
||||
#endif /* WOLFSSL_QT || OPENSSL_ALL */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_ASN1_INTEGER* serialNumber; /* Stores SN from wolfSSL_X509_get_serialNumber */
|
||||
#endif
|
||||
WOLFSSL_ASN1_TIME notBefore;
|
||||
|
||||
@ -191,7 +191,7 @@ typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID;
|
||||
typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS;
|
||||
typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION;
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
|
||||
struct WOLFSSL_AUTHORITY_KEYID {
|
||||
WOLFSSL_ASN1_STRING *keyid;
|
||||
@ -3320,6 +3320,11 @@ WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
|
||||
#endif /* !NO_CERTS */
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
|
||||
#ifdef WOLFSSL_WPAS_SMALL
|
||||
/* WPA Supplicant requires GEN_ values */
|
||||
#include <wolfssl/openssl/x509v3.h>
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||
WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
|
||||
int nid, int* c, int* idx);
|
||||
|
||||
Reference in New Issue
Block a user