diff mbox series

[8/8] channel_curl: enable SSL support

Message ID 20180305154006.18122-8-christian.storm@siemens.com
State Accepted
Headers show
Series [1/8] channel_curl: add support for Basic Auth credentials | expand

Commit Message

Storm, Christian March 5, 2018, 3:40 p.m. UTC 
In order be able to initialize channel_curl with SSL
support when !CONFIG_SURICATTA_SSL, introduce a cURL
SSL support option and an according KConfig option.

Signed-off-by: Christian Storm <christian.storm@siemens.com>
---
 Kconfig                | 22 ++++++++++++++++++++++
 Makefile.flags         |  7 +++++++
 corelib/channel_curl.c |  2 +-
 include/sslapi.h       |  2 +-
 4 files changed, 31 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/Kconfig b/Kconfig
index 1ac2b81..1bce6d4 100644
--- a/Kconfig
+++ b/Kconfig
@@ -69,6 +69,10 @@  config CURL
 	bool
 	default n
 
+config CURL_SSL
+	bool
+	default n
+
 config SYSTEMD
 	bool "enable systemd support"
 	default n
@@ -294,11 +298,29 @@  config DOWNLOAD
 comment "Image downloading support needs libcurl"
 	depends on !HAVE_LIBCURL
 
+config DOWNLOAD_SSL
+	bool "Enable SSL support for image downloading"
+	default n
+	depends on DOWNLOAD
+	depends on HAVE_LIBSSL
+	depends on HAVE_LIBCRYPTO
+	select CHANNEL_CURL_SSL
+	help
+	  Enable SSL and checksum verification support in channels
+	  using libcurl.
+
 config CHANNEL_CURL
 	bool
 	depends on HAVE_LIBCURL
 	select CURL
 
+config CHANNEL_CURL_SSL
+	bool
+	depends on CHANNEL_CURL
+	depends on HAVE_LIBSSL
+	depends on HAVE_LIBCRYPTO
+	select CURL_SSL
+
 config HASH_VERIFY
 	bool "Allow to add sha256 hash to each image"
 	depends on HAVE_LIBSSL
diff --git a/Makefile.flags b/Makefile.flags
index b6c2859..dac790f 100644
--- a/Makefile.flags
+++ b/Makefile.flags
@@ -177,6 +177,13 @@  ifeq ($(CONFIG_BOOTLOADER_EBG),y)
 LDLIBS += ebgenv z
 endif
 
+# channel_curl
+ifneq ($(CONFIG_CHANNEL_CURL_SSL),)
+ifeq ($(strip $(findstring crypto,$(LDLIBS))),)
+LDLIBS += crypto ssl
+endif
+endif
+
 # suricatta
 ifneq ($(CONFIG_SURICATTA),)
 ifneq ($(CONFIG_SURICATTA_SSL),)
diff --git a/corelib/channel_curl.c b/corelib/channel_curl.c
index 1340850..caa5c4f 100644
--- a/corelib/channel_curl.c
+++ b/corelib/channel_curl.c
@@ -73,7 +73,7 @@  channel_t *channel_new(void);
 
 channel_op_res_t channel_curl_init(void)
 {
-#ifdef CONFIG_SURICATTA_SSL
+#if defined(CONFIG_SURICATTA_SSL) || defined(CONFIG_CHANNEL_CURL_SSL)
 #define CURL_FLAGS CURL_GLOBAL_SSL
 #else
 #define CURL_FLAGS CURL_GLOBAL_NOTHING
diff --git a/include/sslapi.h b/include/sslapi.h
index ca27f42..213478e 100644
--- a/include/sslapi.h
+++ b/include/sslapi.h
@@ -15,7 +15,7 @@ 
  * Let compile when openSSL is not activated
  */
 #if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_ENCRYPTED_IMAGES) || \
-	defined(CONFIG_SURICATTA_SSL)
+	defined(CONFIG_SURICATTA_SSL) || defined(CONFIG_CHANNEL_CURL_SSL)
 #include <openssl/bio.h>
 #include <openssl/objects.h>
 #include <openssl/err.h>