1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-03 09:58:02 -05:00

build-wolfssl: Sync config with wolfSSL 3.10

wolfSSL configure script relevant changes from 3.9 to 3.10:

- DES3 no longer enabled by default
- Shamir no longer enabled by default
- Extended master secret enabled by default
- RSA and ECC timing protections enabled by default

For backwards compatibility I enabled DES3 and ECC shamir config options
(ie no change from 3.9), and the other changes are included.
This commit is contained in:
Jay Satiro 2016-12-24 13:49:25 -05:00
parent cdbdef6f9f
commit 57cad81091

View File

@ -5,8 +5,8 @@ To remedy this issue for libcurl I've generated this options file that
build-wolfssl will copy to the wolfSSL include directories and will result in build-wolfssl will copy to the wolfSSL include directories and will result in
maximum compatibility. maximum compatibility.
These are the configure options that were used to build wolfSSL v3.9.0 in mingw These are the configure options that were used to build wolfSSL v3.10.0 in
and generate the options in this file: mingw and generate the options in this file:
C_EXTRA_FLAGS="\ C_EXTRA_FLAGS="\
-Wno-attributes \ -Wno-attributes \
@ -17,12 +17,15 @@ C_EXTRA_FLAGS="\
-DWOLFSSL_STATIC_RSA \ -DWOLFSSL_STATIC_RSA \
" \ " \
./configure --prefix=/usr/local \ ./configure --prefix=/usr/local \
--disable-jobserver \
--enable-aesgcm \ --enable-aesgcm \
--enable-alpn \ --enable-alpn \
--enable-certgen \ --enable-certgen \
--enable-des3 \
--enable-dh \ --enable-dh \
--enable-dsa \ --enable-dsa \
--enable-ecc \ --enable-ecc \
--enable-eccshamir \
--enable-fastmath \ --enable-fastmath \
--enable-opensslextra \ --enable-opensslextra \
--enable-ripemd \ --enable-ripemd \
@ -93,6 +96,15 @@ extern "C" {
#undef OPENSSL_EXTRA #undef OPENSSL_EXTRA
#define OPENSSL_EXTRA #define OPENSSL_EXTRA
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#undef WC_RSA_BLINDING
#define WC_RSA_BLINDING
#undef HAVE_AESGCM #undef HAVE_AESGCM
#define HAVE_AESGCM #define HAVE_AESGCM
@ -162,6 +174,9 @@ extern "C" {
#undef HAVE_SUPPORTED_CURVES #undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES #define HAVE_SUPPORTED_CURVES
#undef HAVE_EXTENDED_MASTER
#define HAVE_EXTENDED_MASTER
#undef WOLFSSL_TEST_CERT #undef WOLFSSL_TEST_CERT
#define WOLFSSL_TEST_CERT #define WOLFSSL_TEST_CERT