From 507ec9f7d2870f21c63d4020a43813aa20b397e7 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Thu, 10 Aug 2023 22:07:26 -0400 Subject: [PATCH] Bring compat layer logic from configure.ac into settings.h --- CMakeLists.txt | 7 +------ configure.ac | 7 +------ wolfssl/wolfcrypt/asn_public.h | 4 +++- wolfssl/wolfcrypt/settings.h | 38 ++++++++++++++++++++++++++++++++-- 4 files changed, 41 insertions(+), 15 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3858aed84..c55da9222 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -411,12 +411,7 @@ endif() if (WOLFSSL_OPENSSLEXTRA AND NOT WOLFSSL_OPENSSLCOEXIST) list(APPEND WOLFSSL_DEFINITIONS - "-DOPENSSL_EXTRA" - "-DWOLFSSL_ALWAYS_VERIFY_CB" - "-DWOLFSSL_VERIFY_CB_ALL_CERTS" - "-DWOLFSSL_EXTRA_ALERTS" - "-DHAVE_EXT_CACHE" - "-DWOLFSSL_FORCE_CACHE_ON_TICKET") + "-DOPENSSL_EXTRA") endif() if (WOLFSSL_OPENSSLALL) diff --git a/configure.ac b/configure.ac index 51ad07cce..594f7a9de 100644 --- a/configure.ac +++ b/configure.ac @@ -8411,18 +8411,13 @@ fi if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then - AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB" - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS" - AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET" - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AKID_NAME -DHAVE_CTS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi if test "$ENABLED_OPENSSLEXTRA" = "x509small" then AC_MSG_NOTICE([Enabling only a subset of X509 opensslextra]) AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA_X509_SMALL" - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EKU_OID -DWOLFSSL_MULTI_ATTRIB" - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OPENSSL_RAND_CB" fi if test "$ENABLED_WOLFSCEP" = "yes" diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h index 6a063c6af..7e73bc42d 100644 --- a/wolfssl/wolfcrypt/asn_public.h +++ b/wolfssl/wolfcrypt/asn_public.h @@ -392,7 +392,9 @@ typedef struct CertExtension { } CertExtension; #endif -#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) +#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_CERT_EXT) || \ + defined(WOLFSSL_CERT_REQ) typedef struct CertName { char country[CTC_NAME_SIZE]; char countryEnc; diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index d8e52d901..3aaf11652 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -312,6 +312,42 @@ #endif #endif +/* OpenSSL compat layer */ +#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_COEXIST) +#undef WOLFSSL_ALWAYS_VERIFY_CB +#define WOLFSSL_ALWAYS_VERIFY_CB + +#undef WOLFSSL_VERIFY_CB_ALL_CERTS +#define WOLFSSL_VERIFY_CB_ALL_CERTS + +#undef WOLFSSL_EXTRA_ALERTS +#define WOLFSSL_EXTRA_ALERTS + +#undef HAVE_EXT_CACHE +#define HAVE_EXT_CACHE + +#undef WOLFSSL_FORCE_CACHE_ON_TICKET +#define WOLFSSL_FORCE_CACHE_ON_TICKET + +#undef WOLFSSL_AKID_NAME +#define WOLFSSL_AKID_NAME + +#undef HAVE_CTS +#define HAVE_CTS +#endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */ + +/* Special small OpenSSL compat layer for certs */ +#ifdef OPENSSL_EXTRA_X509_SMALL +#undef WOLFSSL_EKU_OID +#define WOLFSSL_EKU_OID + +#undef WOLFSSL_MULTI_ATTRIB +#define WOLFSSL_MULTI_ATTRIB + +#undef WOLFSSL_NO_OPENSSL_RAND_CB +#define WOLFSSL_NO_OPENSSL_RAND_CB +#endif /* OPENSSL_EXTRA_X509_SMALL */ + #if defined(_WIN32) && !defined(_M_X64) && \ defined(HAVE_AESGCM) && defined(WOLFSSL_AESNI) @@ -2020,8 +2056,6 @@ extern void uITRON4_free(void *p) ; #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */ #endif - - /* --------------------------------------------------------------------------- * Math Library Selection (in order of preference) * ---------------------------------------------------------------------------