| Message ID | 20180428185449.GA29460@makrotopia.org |
|---|---|
| State | Accepted |
| Delegated to: | John Crispin |
| Headers | show |
| Series | [LEDE-DEV] wolfssl: fix options and add support for wpa_supplicant features | expand |
On Sat, Apr 28, 2018 at 9:55 PM, Daniel Golle <daniel@makrotopia.org> wrote: > Some options' default values have been changed upstream, others were > accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options > needed to build hostapd/wpa_supplicant against wolfssl. Sorry for the late reply. I wanted to take a look at the patch and check it a bit. I noticed that your patch is applied now to master. Overall this is good. I've been wanting for a while to rework this. Your approach is better right now before the release [than my rework]. Something like this: https://github.com/commodo/openwrt/commit/d41ea4f342de7dbb02c9cfb0b19373c39ec24f81 I'll test it a bit more. One more comment inline below. > > Signed-off-by: Daniel Golle <daniel@makrotopia.org> > --- > package/libs/wolfssl/Config.in | 12 ++++++++++++ > package/libs/wolfssl/Makefile | 33 ++++++++++++++++++++++++++++----- > 2 files changed, 40 insertions(+), 5 deletions(-) > > diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in > index 7e8a4b6cee..9b88914516 100644 > --- a/package/libs/wolfssl/Config.in > +++ b/package/libs/wolfssl/Config.in > @@ -32,10 +32,22 @@ config WOLFSSL_HAS_PSK > bool "Include PKS (Pre Share Key) support" > default n > > +config WOLFSSL_HAS_SESSION_TICKET > + bool "Include session ticket support" > + default n > + > config WOLFSSL_HAS_DTLS > bool "Include DTLS support" > default n > > +config WOLFSSL_HAS_OCSP > + bool "Include OSCP support" > + default n > + > +config WOLFSSL_HAS_WPAS > + bool "Include wpa_supplicant support" > + default n > + > config WOLFSSL_HAS_ECC25519 > bool "Include ECC Curve 22519 support" > depends on WOLFSSL_HAS_ECC > diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile > index 1d4b7f5579..d0bd3b5a35 100644 > --- a/package/libs/wolfssl/Makefile > +++ b/package/libs/wolfssl/Makefile > @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk > > PKG_NAME:=wolfssl > PKG_VERSION:=3.12.2 > -PKG_RELEASE:=1 > +PKG_RELEASE:=2 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip > PKG_SOURCE_URL:=https://www.wolfssl.com/ > @@ -51,7 +51,9 @@ CONFIGURE_ARGS += \ > --enable-opensslextra \ > --enable-sni \ > --enable-stunnel \ > - --disable-examples > + --disable-examples \ > + --disable-leanpsk \ > + --disable-leantls \ Nitpick: these are disabled by default. No need to disable them here. > > ifeq ($(CONFIG_IPV6),y) > CONFIGURE_ARGS += \ > @@ -79,19 +81,25 @@ CONFIGURE_ARGS += \ > --enable-supportedcurves > endif > > -ifneq ($(CONFIG_WOLFSSL_HAS_DH),y) > +ifeq ($(CONFIG_WOLFSSL_HAS_DH),y) > CONFIGURE_ARGS += \ > --enable-dh > endif > > -ifeq ($(CONFIG_WOLFSSL_HAS_ARC4),n) > +ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y) > CONFIGURE_ARGS += \ > --disable-arc4 > +else > +CONFIGURE_ARGS += \ > + --enable-arc4 > endif > > -ifeq ($(CONFIG_WOLFSSL_HAS_DES3),y) > +ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y) > CONFIGURE_ARGS += \ > --disable-des3 > +else > +CONFIGURE_ARGS += \ > + --enable-des3 > endif > > ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y) > @@ -99,11 +107,26 @@ CONFIGURE_ARGS += \ > --enable-psk > endif > > +ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y) > +CONFIGURE_ARGS += \ > + --enable-session-ticket > +endif > + > ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y) > CONFIGURE_ARGS += \ > --enable-dtls > endif > > +ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y) > +CONFIGURE_ARGS += \ > + --enable-ocsp --enable-ocspstapling --enable-ocspstapling2 > +endif > + > +ifeq ($(CONFIG_WOLFSSL_HAS_WPAS),y) > +CONFIGURE_ARGS += \ > + --enable-wpas --enable-sha512 --enable-fortress --enable-fastmath > +endif > + > ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y) > CONFIGURE_ARGS += \ > --enable-curve25519 Thanks for this patch :) Alex > -- > 2.17.0 >
diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in index 7e8a4b6cee..9b88914516 100644 --- a/package/libs/wolfssl/Config.in +++ b/package/libs/wolfssl/Config.in @@ -32,10 +32,22 @@ config WOLFSSL_HAS_PSK bool "Include PKS (Pre Share Key) support" default n +config WOLFSSL_HAS_SESSION_TICKET + bool "Include session ticket support" + default n + config WOLFSSL_HAS_DTLS bool "Include DTLS support" default n +config WOLFSSL_HAS_OCSP + bool "Include OSCP support" + default n + +config WOLFSSL_HAS_WPAS + bool "Include wpa_supplicant support" + default n + config WOLFSSL_HAS_ECC25519 bool "Include ECC Curve 22519 support" depends on WOLFSSL_HAS_ECC diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 1d4b7f5579..d0bd3b5a35 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl PKG_VERSION:=3.12.2 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip PKG_SOURCE_URL:=https://www.wolfssl.com/ @@ -51,7 +51,9 @@ CONFIGURE_ARGS += \ --enable-opensslextra \ --enable-sni \ --enable-stunnel \ - --disable-examples + --disable-examples \ + --disable-leanpsk \ + --disable-leantls \ ifeq ($(CONFIG_IPV6),y) CONFIGURE_ARGS += \ @@ -79,19 +81,25 @@ CONFIGURE_ARGS += \ --enable-supportedcurves endif -ifneq ($(CONFIG_WOLFSSL_HAS_DH),y) +ifeq ($(CONFIG_WOLFSSL_HAS_DH),y) CONFIGURE_ARGS += \ --enable-dh endif -ifeq ($(CONFIG_WOLFSSL_HAS_ARC4),n) +ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y) CONFIGURE_ARGS += \ --disable-arc4 +else +CONFIGURE_ARGS += \ + --enable-arc4 endif -ifeq ($(CONFIG_WOLFSSL_HAS_DES3),y) +ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y) CONFIGURE_ARGS += \ --disable-des3 +else +CONFIGURE_ARGS += \ + --enable-des3 endif ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y) @@ -99,11 +107,26 @@ CONFIGURE_ARGS += \ --enable-psk endif +ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y) +CONFIGURE_ARGS += \ + --enable-session-ticket +endif + ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y) CONFIGURE_ARGS += \ --enable-dtls endif +ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y) +CONFIGURE_ARGS += \ + --enable-ocsp --enable-ocspstapling --enable-ocspstapling2 +endif + +ifeq ($(CONFIG_WOLFSSL_HAS_WPAS),y) +CONFIGURE_ARGS += \ + --enable-wpas --enable-sha512 --enable-fortress --enable-fastmath +endif + ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y) CONFIGURE_ARGS += \ --enable-curve25519
Some options' default values have been changed upstream, others were accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options needed to build hostapd/wpa_supplicant against wolfssl. Signed-off-by: Daniel Golle <daniel@makrotopia.org> --- package/libs/wolfssl/Config.in | 12 ++++++++++++ package/libs/wolfssl/Makefile | 33 ++++++++++++++++++++++++++++----- 2 files changed, 40 insertions(+), 5 deletions(-)