[OpenWrt-Devel] wolfssl: fix options and add support for wpa_supplicant features

Message ID 20180428185449.GA29460@makrotopia.org
State Accepted
Delegated to: John Crispin
Headers show
Series
  • [OpenWrt-Devel] wolfssl: fix options and add support for wpa_supplicant features
Related show

Commit Message

Daniel Golle April 28, 2018, 6:55 p.m.
Some options' default values have been changed upstream, others were
accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options
needed to build hostapd/wpa_supplicant against wolfssl.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 package/libs/wolfssl/Config.in | 12 ++++++++++++
 package/libs/wolfssl/Makefile  | 33 ++++++++++++++++++++++++++++-----
 2 files changed, 40 insertions(+), 5 deletions(-)

Comments

Alexandru Ardelean May 2, 2018, 7:53 p.m. | #1
On Sat, Apr 28, 2018 at 9:55 PM, Daniel Golle <daniel@makrotopia.org> wrote:
> Some options' default values have been changed upstream, others were
> accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options
> needed to build hostapd/wpa_supplicant against wolfssl.

Sorry for the late reply.
I wanted to take a look at the patch and check it a bit.
I noticed that your patch is applied now to master.

Overall this is good.
I've been wanting for a while to rework this.
Your approach is better right now before the release [than my rework].

Something like this:
https://github.com/commodo/openwrt/commit/d41ea4f342de7dbb02c9cfb0b19373c39ec24f81
I'll test it a bit more.

One more comment inline below.

>
> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
> ---
>  package/libs/wolfssl/Config.in | 12 ++++++++++++
>  package/libs/wolfssl/Makefile  | 33 ++++++++++++++++++++++++++++-----
>  2 files changed, 40 insertions(+), 5 deletions(-)
>
> diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
> index 7e8a4b6cee..9b88914516 100644
> --- a/package/libs/wolfssl/Config.in
> +++ b/package/libs/wolfssl/Config.in
> @@ -32,10 +32,22 @@ config WOLFSSL_HAS_PSK
>         bool "Include PKS (Pre Share Key) support"
>         default n
>
> +config WOLFSSL_HAS_SESSION_TICKET
> +       bool "Include session ticket support"
> +       default n
> +
>  config WOLFSSL_HAS_DTLS
>         bool "Include DTLS support"
>         default n
>
> +config WOLFSSL_HAS_OCSP
> +       bool "Include OSCP support"
> +       default n
> +
> +config WOLFSSL_HAS_WPAS
> +       bool "Include wpa_supplicant support"
> +       default n
> +
>  config WOLFSSL_HAS_ECC25519
>         bool "Include ECC Curve 22519 support"
>         depends on WOLFSSL_HAS_ECC
> diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
> index 1d4b7f5579..d0bd3b5a35 100644
> --- a/package/libs/wolfssl/Makefile
> +++ b/package/libs/wolfssl/Makefile
> @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
>
>  PKG_NAME:=wolfssl
>  PKG_VERSION:=3.12.2
> -PKG_RELEASE:=1
> +PKG_RELEASE:=2
>
>  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
>  PKG_SOURCE_URL:=https://www.wolfssl.com/
> @@ -51,7 +51,9 @@ CONFIGURE_ARGS += \
>         --enable-opensslextra \
>         --enable-sni \
>         --enable-stunnel \
> -       --disable-examples
> +       --disable-examples \
> +       --disable-leanpsk \
> +       --disable-leantls \

Nitpick: these are disabled by default.
No need to disable them here.

>
>  ifeq ($(CONFIG_IPV6),y)
>  CONFIGURE_ARGS += \
> @@ -79,19 +81,25 @@ CONFIGURE_ARGS += \
>         --enable-supportedcurves
>  endif
>
> -ifneq ($(CONFIG_WOLFSSL_HAS_DH),y)
> +ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
>  CONFIGURE_ARGS += \
>         --enable-dh
>  endif
>
> -ifeq ($(CONFIG_WOLFSSL_HAS_ARC4),n)
> +ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
>  CONFIGURE_ARGS += \
>         --disable-arc4
> +else
> +CONFIGURE_ARGS += \
> +       --enable-arc4
>  endif
>
> -ifeq ($(CONFIG_WOLFSSL_HAS_DES3),y)
> +ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
>  CONFIGURE_ARGS += \
>         --disable-des3
> +else
> +CONFIGURE_ARGS += \
> +       --enable-des3
>  endif
>
>  ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
> @@ -99,11 +107,26 @@ CONFIGURE_ARGS += \
>         --enable-psk
>  endif
>
> +ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
> +CONFIGURE_ARGS += \
> +       --enable-session-ticket
> +endif
> +
>  ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y)
>  CONFIGURE_ARGS += \
>         --enable-dtls
>  endif
>
> +ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y)
> +CONFIGURE_ARGS += \
> +       --enable-ocsp --enable-ocspstapling --enable-ocspstapling2
> +endif
> +
> +ifeq ($(CONFIG_WOLFSSL_HAS_WPAS),y)
> +CONFIGURE_ARGS += \
> +       --enable-wpas --enable-sha512 --enable-fortress --enable-fastmath
> +endif
> +
>  ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y)
>  CONFIGURE_ARGS += \
>         --enable-curve25519

Thanks for this patch :)
Alex

> --
> 2.17.0
>

Patch

diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
index 7e8a4b6cee..9b88914516 100644
--- a/package/libs/wolfssl/Config.in
+++ b/package/libs/wolfssl/Config.in
@@ -32,10 +32,22 @@  config WOLFSSL_HAS_PSK
 	bool "Include PKS (Pre Share Key) support"
 	default n
 
+config WOLFSSL_HAS_SESSION_TICKET
+	bool "Include session ticket support"
+	default n
+
 config WOLFSSL_HAS_DTLS
 	bool "Include DTLS support"
 	default n
 
+config WOLFSSL_HAS_OCSP
+	bool "Include OSCP support"
+	default n
+
+config WOLFSSL_HAS_WPAS
+	bool "Include wpa_supplicant support"
+	default n
+
 config WOLFSSL_HAS_ECC25519
 	bool "Include ECC Curve 22519 support"
 	depends on WOLFSSL_HAS_ECC
diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 1d4b7f5579..d0bd3b5a35 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -9,7 +9,7 @@  include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
 PKG_VERSION:=3.12.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
 PKG_SOURCE_URL:=https://www.wolfssl.com/
@@ -51,7 +51,9 @@  CONFIGURE_ARGS += \
 	--enable-opensslextra \
 	--enable-sni \
 	--enable-stunnel \
-	--disable-examples
+	--disable-examples \
+	--disable-leanpsk \
+	--disable-leantls \
 
 ifeq ($(CONFIG_IPV6),y)
 CONFIGURE_ARGS += \
@@ -79,19 +81,25 @@  CONFIGURE_ARGS += \
 	--enable-supportedcurves
 endif
 
-ifneq ($(CONFIG_WOLFSSL_HAS_DH),y)
+ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
 CONFIGURE_ARGS += \
 	--enable-dh
 endif
 
-ifeq ($(CONFIG_WOLFSSL_HAS_ARC4),n)
+ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
 CONFIGURE_ARGS += \
 	--disable-arc4
+else
+CONFIGURE_ARGS += \
+	--enable-arc4
 endif
 
-ifeq ($(CONFIG_WOLFSSL_HAS_DES3),y)
+ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
 CONFIGURE_ARGS += \
 	--disable-des3
+else
+CONFIGURE_ARGS += \
+	--enable-des3
 endif
 
 ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
@@ -99,11 +107,26 @@  CONFIGURE_ARGS += \
 	--enable-psk
 endif
 
+ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
+CONFIGURE_ARGS += \
+	--enable-session-ticket
+endif
+
 ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y)
 CONFIGURE_ARGS += \
 	--enable-dtls
 endif
 
+ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y)
+CONFIGURE_ARGS += \
+	--enable-ocsp --enable-ocspstapling --enable-ocspstapling2
+endif
+
+ifeq ($(CONFIG_WOLFSSL_HAS_WPAS),y)
+CONFIGURE_ARGS += \
+	--enable-wpas --enable-sha512 --enable-fortress --enable-fastmath
+endif
+
 ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y)
 CONFIGURE_ARGS += \
 	--enable-curve25519