From eaa8f2a95742bc1a7e3ab2d22a3949cc5f5bdba8 Mon Sep 17 00:00:00 2001 From: Aaron Jense Date: Mon, 21 Oct 2019 12:03:18 -0600 Subject: [PATCH] libwebsockets build fixes 1. Add --enable-libwebsockets option 2. Add OPENSSL_NO_EC (used in libwebsockets) 3. Add SSL_MODE_RELEASE_BUFFERS and debug message for when wolfSSL_CTX_set_mode doesn't recognize a mode. --- configure.ac | 21 ++++++++++++++++++++- src/ssl.c | 5 +++++ wolfssl/ssl.h | 5 +++-- 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index dccc887db..b4d23b2bc 100644 --- a/configure.ac +++ b/configure.ac @@ -182,6 +182,7 @@ then enable_stunnel=yes enable_nginx=yes enable_asio=yes + enable_libwebsockets=yes enable_pwdbased=yes enable_aeskeywrap=yes enable_x963kdf=yes @@ -433,6 +434,7 @@ AC_ARG_ENABLE([mcast], # lighty (--enable-lighty) HAVE_LIGHTY # stunnel (--enable-stunnel) HAVE_STUNNEL # asio (--enable-asio) WOLFSSL_ASIO +# libwebsockets (--enable-libwebsockets) WOLFSSL_LIBWEBSOCKETS # HAVE_POCO_LIB # WOLFSSL_MYSQL_COMPATIBLE # web server (--enable-webserver) HAVE_WEBSERVER @@ -472,6 +474,18 @@ AC_ARG_ENABLE([fortress], [ ENABLED_FORTRESS=no ] ) +# libwebsockets Support +AC_ARG_ENABLE([libwebsockets], + [AS_HELP_STRING([--enable-libwebsockets],[Enable libwebsockets (default: disabled)])], + [ ENABLED_LIBWEBSOCKETS=$enableval ], + [ ENABLED_LIBWEBSOCKETS=no ] + ) +if test "$ENABLED_LIBWEBSOCKETS" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LIBWEBSOCKETS -DOPENSSL_NO_EC" +fi + + if test "$ENABLED_OPENSSH" = "yes" then ENABLED_FORTRESS="yes" @@ -519,6 +533,10 @@ AC_ARG_ENABLE([opensslall], [ ENABLED_OPENSSLALL=$enableval ], [ ENABLED_OPENSSLALL=no ] ) +if test "$ENABLED_LIBWEBSOCKETS" = "yes" +then + ENABLED_OPENSSLALL="yes" +fi if test "$ENABLED_OPENSSLALL" = "yes" then @@ -531,7 +549,7 @@ AC_ARG_ENABLE([opensslextra], [ ENABLED_OPENSSLEXTRA=$enableval ], [ ENABLED_OPENSSLEXTRA=no ] ) -if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" +if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes" then ENABLED_OPENSSLEXTRA="yes" fi @@ -5134,6 +5152,7 @@ echo " * STUNNEL: $ENABLED_STUNNEL" echo " * Apache httpd: $ENABLED_APACHE_HTTPD" echo " * NGINX: $ENABLED_NGINX" echo " * ASIO: $ENABLED_ASIO" +echo " * LIBWEBSOCKETS: $ENABLED_LIBWEBSOCKETS" echo " * SIGNAL: $ENABLED_SIGNAL" echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS" echo " * DTLS: $ENABLED_DTLS" diff --git a/src/ssl.c b/src/ssl.c index 2b7599054..c7fb3044f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17267,6 +17267,11 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) WOLFSSL_ENTER("SSL_CTX_set_mode"); if (mode == SSL_MODE_ENABLE_PARTIAL_WRITE) ctx->partialWrite = 1; + #ifdef DEBUG_WOLFSSL + else { + WOLFSSL_MSG("mode is not supported."); + } + #endif return mode; } diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 60b2d0e2d..02c701135 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1601,10 +1601,11 @@ enum { SSL_CB_ACCEPT_EXIT = (SSL_ST_ACCEPT | SSL_CB_EXIT), SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT | SSL_CB_LOOP), SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT | SSL_CB_EXIT), - SSL_CB_MODE_READ = 1, - SSL_CB_MODE_WRITE = 2, + SSL_CB_MODE_READ = 1, + SSL_CB_MODE_WRITE = 2, SSL_MODE_ENABLE_PARTIAL_WRITE = 2, + SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ BIO_FLAGS_BASE64_NO_NL = 1, BIO_CLOSE = 1,