[OpenWrt-Devel] [PATCH ustream-ssl v2 1/3] Remove CyaSSL, WolfSSL < 3.10.4 support

Eneas U de Queiroz cotequeiroz at gmail.com
Wed Sep 18 22:18:01 EDT 2019


This updates the CyaSSL names to wolfSSL, and removes obsolete code to
support old versions of the library < v3.10.4.

Some #include statements were moved around, so that wolfssl/options.h is
loaded before any other wolfssl/openssl header.

Signed-off-by: Eneas U de Queiroz <cotequeiroz at gmail.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index c4a3c44..3b557c3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,7 +1,5 @@
 cmake_minimum_required(VERSION 2.6)
 
-INCLUDE(CheckIncludeFiles)
-
 PROJECT(ustream-ssl C)
 ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations)
 
@@ -11,15 +9,10 @@ IF(MBEDTLS)
   ADD_DEFINITIONS(-DHAVE_MBEDTLS)
   SET(SSL_SRC ustream-mbedtls.c)
   SET(SSL_LIB mbedtls mbedcrypto mbedx509 m)
-ELSEIF(CYASSL)
-  CHECK_INCLUDE_FILES (cyassl/version.h HAVE_CYASSL_VERSION_H)
-  SET(CMAKE_EXTRA_INCLUDE_FILES cyassl/ssl.h)
-  IF (HAVE_CYASSL_VERSION_H)
-    ADD_DEFINITIONS(-DHAVE_CYASSL_VERSION_H)
-  ENDIF()
-  ADD_DEFINITIONS(-DHAVE_CYASSL)
-  SET(SSL_SRC ustream-io-cyassl.c ustream-openssl.c)
-  SET(SSL_LIB cyassl m)
+ELSEIF(WOLFSSL)
+  ADD_DEFINITIONS(-DHAVE_WOLFSSL)
+  SET(SSL_SRC ustream-io-wolfssl.c ustream-openssl.c)
+  SET(SSL_LIB wolfssl m)
 ELSE()
   SET(SSL_SRC ustream-io-openssl.c ustream-openssl.c)
   SET(SSL_LIB crypto ssl)
diff --git a/ustream-internal.h b/ustream-internal.h
index a8c534f..8d5d0db 100644
--- a/ustream-internal.h
+++ b/ustream-internal.h
@@ -24,9 +24,6 @@
 #if defined(HAVE_MBEDTLS)
 #include "ustream-mbedtls.h"
 #else
-#if defined(HAVE_CYASSL)
-#include <wolfssl/options.h>
-#endif
 #include "ustream-openssl.h"
 #endif
 
diff --git a/ustream-io-cyassl.c b/ustream-io-wolfssl.c
similarity index 61%
rename from ustream-io-cyassl.c
rename to ustream-io-wolfssl.c
index d97d55e..052518a 100644
--- a/ustream-io-cyassl.c
+++ b/ustream-io-wolfssl.c
@@ -23,12 +23,6 @@
 #include "ustream-ssl.h"
 #include "ustream-internal.h"
 
-#ifdef HAVE_CYASSL_VERSION_H
-#include <cyassl/version.h>
-#else
-#define LIBCYASSL_VERSION_HEX 0
-#endif
-
 static int s_ustream_read(char *buf, int len, void *ctx)
 {
 	struct ustream *s = ctx;
@@ -61,7 +55,6 @@ static int s_ustream_write(char *buf, int len, void *ctx)
 	return ustream_write(s, buf, len, false);
 }
 
-#if (LIBCYASSL_VERSION_HEX > 0)
 static int io_recv_cb(SSL* ssl, char *buf, int sz, void *ctx)
 {
 	return s_ustream_read(buf, sz, ctx);
@@ -71,36 +64,11 @@ static int io_send_cb(SSL* ssl, char *buf, int sz, void *ctx)
 {
 	return s_ustream_write(buf, sz, ctx);
 }
-#else
-/* not defined in the header file */
-typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
-typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
-
-void SetCallbackIORecv_Ctx(SSL_CTX*, CallbackIORecv);
-void SetCallbackIOSend_Ctx(SSL_CTX*, CallbackIOSend);
-void SetCallbackIO_ReadCtx(SSL* ssl, void *rctx);
-void SetCallbackIO_WriteCtx(SSL* ssl, void *wctx);
-
-#define CyaSSL_SetIOReadCtx SetCallbackIO_ReadCtx
-#define CyaSSL_SetIOWriteCtx SetCallbackIO_WriteCtx
-#define CyaSSL_SetIORecv SetCallbackIORecv_Ctx
-#define CyaSSL_SetIOSend SetCallbackIOSend_Ctx
-
-static int io_recv_cb(char *buf, int sz, void *ctx)
-{
-	return s_ustream_read(buf, sz, ctx);
-}
-
-static int io_send_cb(char *buf, int sz, void *ctx)
-{
-	return s_ustream_write(buf, sz, ctx);
-}
-#endif
 
 __hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
 {
-	CyaSSL_SetIOReadCtx(ssl, conn);
-	CyaSSL_SetIOWriteCtx(ssl, conn);
-	CyaSSL_SetIORecv((void *) ctx, io_recv_cb);
-	CyaSSL_SetIOSend((void *) ctx, io_send_cb);
+	wolfSSL_SetIOReadCtx(ssl, conn);
+	wolfSSL_SetIOWriteCtx(ssl, conn);
+	wolfSSL_SetIORecv((void *) ctx, io_recv_cb);
+	wolfSSL_SetIOSend((void *) ctx, io_send_cb);
 }
diff --git a/ustream-openssl.c b/ustream-openssl.c
index b2df362..21abf61 100644
--- a/ustream-openssl.c
+++ b/ustream-openssl.c
@@ -18,9 +18,9 @@
 
 #include <string.h>
 #include <ctype.h>
-#include <openssl/x509v3.h>
 #include "ustream-ssl.h"
 #include "ustream-internal.h"
+#include <openssl/x509v3.h>
 
 /* Ciphersuite preference:
  * - for server, no weak ciphers are used if you use an ECDSA key.
@@ -203,7 +203,7 @@ static void ustream_ssl_error(struct ustream_ssl *us, int ret)
 	uloop_timeout_set(&us->error_timer, 0);
 }
 
-#ifndef CYASSL_OPENSSL_H_
+#ifndef WOLFSSL_OPENSSL_H_
 
 static bool ustream_ssl_verify_cn(struct ustream_ssl *us, X509 *cert)
 {
@@ -252,7 +252,7 @@ __hidden enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us)
 		r = SSL_connect(ssl);
 
 	if (r == 1) {
-#ifndef CYASSL_OPENSSL_H_
+#ifndef WOLFSSL_OPENSSL_H_
 		ustream_ssl_verify_cert(us);
 #endif
 		return U_SSL_OK;
diff --git a/ustream-openssl.h b/ustream-openssl.h
index afff22b..0a6ca91 100644
--- a/ustream-openssl.h
+++ b/ustream-openssl.h
@@ -19,6 +19,10 @@
 #ifndef __USTREAM_OPENSSL_H
 #define __USTREAM_OPENSSL_H
 
+#if defined(HAVE_WOLFSSL)
+#include <wolfssl/options.h>
+#endif
+
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <stdbool.h>

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list