1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-11 05:58:01 -05:00

wolfssl: Support wolfSSL builds missing TLS 1.1

The wolfSSL TLS library defines NO_OLD_TLS in some of their build
configurations and that causes the library to be built without TLS 1.1.
For example if MD5 is explicitly disabled when building wolfSSL then
that defines NO_OLD_TLS and the library is built without TLS 1.1 [1].

Prior to this change attempting to build curl with a wolfSSL that was
built with NO_OLD_TLS would cause a build link error undefined reference
to wolfTLSv1_client_method.

[1]: https://github.com/wolfSSL/wolfssl/blob/v4.5.0-stable/configure.ac#L2366

Bug: https://curl.se/mail/lib-2020-12/0121.html
Reported-by: Julian Montes

Closes https://github.com/curl/curl/pull/6388
This commit is contained in:
Jay Satiro 2020-12-29 15:46:42 -05:00
parent 82e6d34803
commit 7de2e96535

View File

@ -256,7 +256,7 @@ wolfssl_connect_step1(struct connectdata *conn,
use_sni(TRUE); use_sni(TRUE);
break; break;
case CURL_SSLVERSION_TLSv1_0: case CURL_SSLVERSION_TLSv1_0:
#ifdef WOLFSSL_ALLOW_TLSV10 #if defined(WOLFSSL_ALLOW_TLSV10) && !defined(NO_OLD_TLS)
req_method = TLSv1_client_method(); req_method = TLSv1_client_method();
use_sni(TRUE); use_sni(TRUE);
#else #else
@ -265,8 +265,13 @@ wolfssl_connect_step1(struct connectdata *conn,
#endif #endif
break; break;
case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_1:
#ifndef NO_OLD_TLS
req_method = TLSv1_1_client_method(); req_method = TLSv1_1_client_method();
use_sni(TRUE); use_sni(TRUE);
#else
failf(data, "wolfSSL does not support TLS 1.1");
return CURLE_NOT_BUILT_IN;
#endif
break; break;
case CURL_SSLVERSION_TLSv1_2: case CURL_SSLVERSION_TLSv1_2:
req_method = TLSv1_2_client_method(); req_method = TLSv1_2_client_method();