[OpenWrt-Devel] [PATCH] wolfssl: reorganized build options
Alexandru Ardelean
ardeleanalex at gmail.com
Mon Jun 18 03:06:28 EDT 2018
On Mon, Jun 18, 2018 at 5:07 AM, Eneas U de Queiroz via openwrt-devel
<openwrt-devel at lists.openwrt.org> wrote:
> The sender domain has a DMARC Reject/Quarantine policy which disallows
> sending mailing list messages using the original "From" header.
>
> To mitigate this problem, the original message has been wrapped
> automatically by the mailing list software.
>
Let's have the discussion on Github on your PR
https://github.com/openwrt/openwrt/pull/1069
Thanks
Alex
> ---------- Forwarded message ----------
> From: Eneas U de Queiroz <cote2004-github at yahoo.com>
> To: openwrt-devel at lists.openwrt.org
> Cc: Eneas U de Queiroz <cote2004-github at yahoo.com>
> Bcc:
> Date: Sun, 17 Jun 2018 23:05:58 -0300
> Subject: [PATCH] wolfssl: reorganized build options
> Removed options that can't be turned off because we're building
> with --enable-stunnel, some of which affected hostpad's Config.in.
> Adjusted the title of OCSP option, as OCSP itself can't be turned off,
> only the stapling part is selectable.
> Fixed poly1035 build.
> Mark options turned on when wpad support is selected.
> Add building with TLS v1.0 support as an option.
>
> Signed-off-by: Eneas U de Queiroz <cote2004-github at yahoo.com>
>
> PS: Is there any reason to split up chacha and poly1305 options?
> I would merge them in to a single option, but haven't done this here.
> ---
> package/libs/wolfssl/Config.in | 17 ++++++---------
> package/libs/wolfssl/Makefile | 33 ++++++++----------------------
> package/network/services/hostapd/Config.in | 3 ---
> 3 files changed, 15 insertions(+), 38 deletions(-)
>
> diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
> index 50b0bb9cdf..45750a5892 100644
> --- a/package/libs/wolfssl/Config.in
> +++ b/package/libs/wolfssl/Config.in
> @@ -12,10 +12,6 @@ config WOLFSSL_HAS_CHACHA
> bool "Include ChaCha cipher suite support"
> default n
>
> -config WOLFSSL_HAS_ECC
> - bool "Include ECC (Elliptic Curve Cryptography) support"
> - default y
> -
> config WOLFSSL_HAS_DH
> bool "Include DH (Diffie-Hellman) support"
> default y
> @@ -24,12 +20,8 @@ config WOLFSSL_HAS_ARC4
> bool "Include ARC4 support"
> default y
>
> -config WOLFSSL_HAS_DES3
> - bool "Include DES3 (Tripple-DES) support"
> - default y
> -
> -config WOLFSSL_HAS_PSK
> - bool "Include PKS (Pre Share Key) support"
> +config WOLFSSL_HAS_TLSV10
> + bool "Include TLS 1.0 support"
> default y
>
> config WOLFSSL_HAS_SESSION_TICKET
> @@ -41,11 +33,14 @@ config WOLFSSL_HAS_DTLS
> default n
>
> config WOLFSSL_HAS_OCSP
> - bool "Include OSCP support"
> + bool "Include OSCP stapling support"
> default y
>
> config WOLFSSL_HAS_WPAS
> bool "Include wpa_supplicant support"
> + select WOLFSSL_HAS_ARC4
> + select WOLFSSL_HAS_OCSP
> + select WOLFSSL_HAS_SESSION_TICKET
> default y
>
> config WOLFSSL_HAS_ECC25519
> diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
> index e08b6f3929..6e121330f4 100644
> --- a/package/libs/wolfssl/Makefile
> +++ b/package/libs/wolfssl/Makefile
> @@ -26,11 +26,10 @@ PKG_CPE_ID:=cpe:/a:yassl:cyassl
> PKG_CONFIG_DEPENDS:=\
> CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \
> CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA \
> - CONFIG_WOLFSSL_HAS_DES3 CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
> - CONFIG_WOLFSSL_HAS_ECC CONFIG_WOLFSSL_HAS_ECC25519 \
> + CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
> + CONFIG_WOLFSSL_HAS_ECC25519 CONFIG_WOLFSSL_HAS_TLSV10 \
> CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY_1305 \
> - CONFIG_WOLFSSL_HAS_PSK CONFIG_WOLFSSL_HAS_SESSION_TICKET \
> - CONFIG_WOLFSSL_HAS_WPAS
> + CONFIG_WOLFSSL_HAS_SESSION_TICKET CONFIG_WOLFSSL_HAS_WPAS
>
> include $(INCLUDE_DIR)/package.mk
>
> @@ -85,15 +84,9 @@ CONFIGURE_ARGS += \
> --disable-chacha
> endif
>
> -ifeq ($(CONFIG_WOLFSSL_HAS_ECC),y)
> +ifneq ($(CONFIG_WOLFSSL_HAS_DH),y)
> CONFIGURE_ARGS += \
> - --enable-ecc \
> - --enable-supportedcurves
> -endif
> -
> -ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
> -CONFIGURE_ARGS += \
> - --enable-dh
> + --disable-dh
> endif
>
> ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
> @@ -104,17 +97,9 @@ CONFIGURE_ARGS += \
> --enable-arc4
> endif
>
> -ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
> -CONFIGURE_ARGS += \
> - --disable-des3
> -else
> -CONFIGURE_ARGS += \
> - --enable-des3
> -endif
> -
> -ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
> +ifeq ($(CONFIG_WOLFSSL_HAS_TLSV10),y)
> CONFIGURE_ARGS += \
> - --enable-psk
> + --enable-tlsv10
> endif
>
> ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
> @@ -142,9 +127,9 @@ CONFIGURE_ARGS += \
> --enable-curve25519
> endif
>
> -ifneq ($(CONFIG_WOLFSSL_HAS_POLY1305),y)
> +ifneq ($(CONFIG_WOLFSSL_HAS_POLY_1305),y)
> CONFIGURE_ARGS += \
> - --enable-poly1305
> + --disable-poly1305
> endif
>
> #ifneq ($(CONFIG_TARGET_x86),)
> diff --git a/package/network/services/hostapd/Config.in b/package/network/services/hostapd/Config.in
> index 222cfb7f13..23b0c9c037 100644
> --- a/package/network/services/hostapd/Config.in
> +++ b/package/network/services/hostapd/Config.in
> @@ -71,11 +71,8 @@ config WPA_WOLFSSL
> select WOLFSSL_HAS_AES_CCM
> select WOLFSSL_HAS_AES_GCM
> select WOLFSSL_HAS_ARC4
> - select WOLFSSL_HAS_DES3
> select WOLFSSL_HAS_DH
> - select WOLFSSL_HAS_ECC
> select WOLFSSL_HAS_OCSP
> - select WOLFSSL_HAS_PSK
> select WOLFSSL_HAS_SESSION_TICKET
> select WOLFSSL_HAS_WPAS
>
> --
> 2.16.4
>
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/listinfo/openwrt-devel
>
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list