@@ -1,7 +1,5 @@
cmake_minimum_required(VERSION 2.6)
-INCLUDE(CheckSymbolExists)
-
PROJECT(ustream-ssl C)
ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3)
@@ -26,17 +24,6 @@ ELSEIF(WOLFSSL)
SET(SSL_SRC ustream-io-wolfssl.c ustream-openssl.c)
SET(SSL_LIB ${wolfssl_library} m)
SET(CMAKE_REQUIRED_LIBRARIES "${wolfssl_library} -lm")
- CHECK_SYMBOL_EXISTS (wolfSSL_SSLSetIORecv "wolfssl/ssl.h"
- HAVE_WOLFSSL_SSLSETIORECV)
- IF (NOT HAVE_WOLFSSL_SSLSETIORECV)
- ADD_DEFINITIONS(-DNO_WOLFSSL_SSLSETIO_SEND_RECV)
- ENDIF()
- CHECK_SYMBOL_EXISTS (wolfSSL_X509_check_host
- "wolfssl/options.h;wolfssl/ssl.h"
- HAVE_WOLFSSL_X509_CHECK_HOST)
- IF (NOT HAVE_WOLFSSL_X509_CHECK_HOST)
- ADD_DEFINITIONS(-DNO_X509_CHECK_HOST)
- ENDIF()
ELSE()
SET(SSL_SRC ustream-io-openssl.c ustream-openssl.c)
SET(SSL_LIB crypto ssl)
@@ -67,15 +67,8 @@ static int io_send_cb(SSL* ssl, char *buf, int sz, void *ctx)
__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
{
-#ifndef NO_WOLFSSL_SSLSETIO_SEND_RECV
wolfSSL_SSLSetIORecv(ssl, io_recv_cb);
wolfSSL_SSLSetIOSend(ssl, io_send_cb);
-#else
- wolfSSL_SetIORecv((void *) ctx, io_recv_cb);
- wolfSSL_SetIOSend((void *) ctx, io_send_cb);
- if (ssl == NULL)
- return;
-#endif
wolfSSL_SetIOReadCtx(ssl, conn);
wolfSSL_SetIOWriteCtx(ssl, conn);
}
@@ -199,9 +199,6 @@ static int _ustream_ssl_init(struct ustream_ssl *us, struct ustream *conn, struc
us->conn = conn;
us->ctx = ctx;
-#if defined(HAVE_WOLFSSL) && defined(NO_WOLFSSL_SSLSETIO_SEND_RECV)
- ustream_set_io(ctx, NULL, conn);
-#endif
us->ssl = __ustream_ssl_session_new(us->ctx);
if (!us->ssl)
return -ENOMEM;
Mainly that NO_X509_CHECK_HOST is causing certificate validation issues in some setups: root@OpenWrt:/# wget https://www.google.com Downloading 'https://www.google.com' Connecting to 172.217.23.196:443 Connection error: Server hostname does not match SSL certificate but instead of spending time on fixing it, I've simply decided to remove it as we're now on wolfSSL 4.5.0 and those symbols should be avaialable so no symbol detection and handling should be needed anymore. Signed-off-by: Petr Štetiar <ynezz@true.cz> --- CMakeLists.txt | 13 ------------- ustream-io-wolfssl.c | 7 ------- ustream-ssl.c | 3 --- 3 files changed, 23 deletions(-)