From 883d1a25bef322d3fd6f7e3a24bec09e186e7bdf Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 22 Nov 2023 16:33:22 -0700
Subject: [PATCH] add WOLFSSL_ALWAYS_VERIFY_CB to --enable-jni, used with JSSE
 X509ExtendedTrustManager hostname verification

---
 configure.ac | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index ad47122ec..b6912f70d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -6105,7 +6105,10 @@ AC_ARG_ENABLE([jni],
     )
 if test "$ENABLED_JNI" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI -DHAVE_EX_DATA -DKEEP_PEER_CERT"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI"
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
+    AM_CFLAGS="$AM_CFLAGS -DKEEP_PEER_CERT"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_VERIFY_CB"
 
     # Enable prereqs if not already enabled
     if test "x$ENABLED_DTLS" = "xno"