wolfssl: enable openssl 1.0.1 compatibility

>From wolfssl/openssl/opensslv.h, and from skimming the contents of what
"--enable-stunnel" actually does, it seems that --enable-opensslextra
doesn't give you the "full" openssl compatibility that you may wish for
these days.  Unfortuantely, while wolfssl writes the build time options
into wolfssl/options.h, it doesn't include that file itself.  User
applications must include that directly.

Signed-off-by: Karl Palsson <karlp@etactica.com>
master
Karl Palsson 9 years ago committed by Felix Fietkau
parent d84bf324ba
commit 9b118cde89
  1. 1
      package/libs/cyassl/Makefile
  2. 19
      package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch

@ -41,6 +41,7 @@ CONFIGURE_ARGS += \
--enable-singlethreaded \
--enable-opensslextra \
--enable-sni \
--enable-stunnel \
--enable-ecc \
--disable-examples

@ -1,19 +0,0 @@
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -402,6 +402,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR
/* yassl had set the default to be 500 */
#define SSL_get_default_timeout(ctx) 500
+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y))
+
/* Lighthttp compatibility */
#ifdef HAVE_LIGHTY
@@ -488,7 +490,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_
#define SSL_TLSEXT_ERR_NOACK alert_warning
#define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME
-#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name
#define SSL_get_servername wolfSSL_get_servername
#define SSL_set_SSL_CTX wolfSSL_set_SSL_CTX
#define SSL_CTX_get_verify_callback wolfSSL_CTX_get_verify_callback
Loading…
Cancel
Save