[OpenWrt-Devel] [PATCH ustream-ssl v2 1/3] Remove CyaSSL, WolfSSL < 3.10.4 support
Eneas U de Queiroz
cotequeiroz at gmail.com
Wed Sep 18 22:18:01 EDT 2019
This updates the CyaSSL names to wolfSSL, and removes obsolete code to
support old versions of the library < v3.10.4.
Some #include statements were moved around, so that wolfssl/options.h is
loaded before any other wolfssl/openssl header.
Signed-off-by: Eneas U de Queiroz <cotequeiroz at gmail.com>
diff --git a/CMakeLists.txt b/CMakeLists.txt
index c4a3c44..3b557c3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,7 +1,5 @@
cmake_minimum_required(VERSION 2.6)
-INCLUDE(CheckIncludeFiles)
-
PROJECT(ustream-ssl C)
ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations)
@@ -11,15 +9,10 @@ IF(MBEDTLS)
ADD_DEFINITIONS(-DHAVE_MBEDTLS)
SET(SSL_SRC ustream-mbedtls.c)
SET(SSL_LIB mbedtls mbedcrypto mbedx509 m)
-ELSEIF(CYASSL)
- CHECK_INCLUDE_FILES (cyassl/version.h HAVE_CYASSL_VERSION_H)
- SET(CMAKE_EXTRA_INCLUDE_FILES cyassl/ssl.h)
- IF (HAVE_CYASSL_VERSION_H)
- ADD_DEFINITIONS(-DHAVE_CYASSL_VERSION_H)
- ENDIF()
- ADD_DEFINITIONS(-DHAVE_CYASSL)
- SET(SSL_SRC ustream-io-cyassl.c ustream-openssl.c)
- SET(SSL_LIB cyassl m)
+ELSEIF(WOLFSSL)
+ ADD_DEFINITIONS(-DHAVE_WOLFSSL)
+ SET(SSL_SRC ustream-io-wolfssl.c ustream-openssl.c)
+ SET(SSL_LIB wolfssl m)
ELSE()
SET(SSL_SRC ustream-io-openssl.c ustream-openssl.c)
SET(SSL_LIB crypto ssl)
diff --git a/ustream-internal.h b/ustream-internal.h
index a8c534f..8d5d0db 100644
--- a/ustream-internal.h
+++ b/ustream-internal.h
@@ -24,9 +24,6 @@
#if defined(HAVE_MBEDTLS)
#include "ustream-mbedtls.h"
#else
-#if defined(HAVE_CYASSL)
-#include <wolfssl/options.h>
-#endif
#include "ustream-openssl.h"
#endif
diff --git a/ustream-io-cyassl.c b/ustream-io-wolfssl.c
similarity index 61%
rename from ustream-io-cyassl.c
rename to ustream-io-wolfssl.c
index d97d55e..052518a 100644
--- a/ustream-io-cyassl.c
+++ b/ustream-io-wolfssl.c
@@ -23,12 +23,6 @@
#include "ustream-ssl.h"
#include "ustream-internal.h"
-#ifdef HAVE_CYASSL_VERSION_H
-#include <cyassl/version.h>
-#else
-#define LIBCYASSL_VERSION_HEX 0
-#endif
-
static int s_ustream_read(char *buf, int len, void *ctx)
{
struct ustream *s = ctx;
@@ -61,7 +55,6 @@ static int s_ustream_write(char *buf, int len, void *ctx)
return ustream_write(s, buf, len, false);
}
-#if (LIBCYASSL_VERSION_HEX > 0)
static int io_recv_cb(SSL* ssl, char *buf, int sz, void *ctx)
{
return s_ustream_read(buf, sz, ctx);
@@ -71,36 +64,11 @@ static int io_send_cb(SSL* ssl, char *buf, int sz, void *ctx)
{
return s_ustream_write(buf, sz, ctx);
}
-#else
-/* not defined in the header file */
-typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
-typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
-
-void SetCallbackIORecv_Ctx(SSL_CTX*, CallbackIORecv);
-void SetCallbackIOSend_Ctx(SSL_CTX*, CallbackIOSend);
-void SetCallbackIO_ReadCtx(SSL* ssl, void *rctx);
-void SetCallbackIO_WriteCtx(SSL* ssl, void *wctx);
-
-#define CyaSSL_SetIOReadCtx SetCallbackIO_ReadCtx
-#define CyaSSL_SetIOWriteCtx SetCallbackIO_WriteCtx
-#define CyaSSL_SetIORecv SetCallbackIORecv_Ctx
-#define CyaSSL_SetIOSend SetCallbackIOSend_Ctx
-
-static int io_recv_cb(char *buf, int sz, void *ctx)
-{
- return s_ustream_read(buf, sz, ctx);
-}
-
-static int io_send_cb(char *buf, int sz, void *ctx)
-{
- return s_ustream_write(buf, sz, ctx);
-}
-#endif
__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
{
- CyaSSL_SetIOReadCtx(ssl, conn);
- CyaSSL_SetIOWriteCtx(ssl, conn);
- CyaSSL_SetIORecv((void *) ctx, io_recv_cb);
- CyaSSL_SetIOSend((void *) ctx, io_send_cb);
+ wolfSSL_SetIOReadCtx(ssl, conn);
+ wolfSSL_SetIOWriteCtx(ssl, conn);
+ wolfSSL_SetIORecv((void *) ctx, io_recv_cb);
+ wolfSSL_SetIOSend((void *) ctx, io_send_cb);
}
diff --git a/ustream-openssl.c b/ustream-openssl.c
index b2df362..21abf61 100644
--- a/ustream-openssl.c
+++ b/ustream-openssl.c
@@ -18,9 +18,9 @@
#include <string.h>
#include <ctype.h>
-#include <openssl/x509v3.h>
#include "ustream-ssl.h"
#include "ustream-internal.h"
+#include <openssl/x509v3.h>
/* Ciphersuite preference:
* - for server, no weak ciphers are used if you use an ECDSA key.
@@ -203,7 +203,7 @@ static void ustream_ssl_error(struct ustream_ssl *us, int ret)
uloop_timeout_set(&us->error_timer, 0);
}
-#ifndef CYASSL_OPENSSL_H_
+#ifndef WOLFSSL_OPENSSL_H_
static bool ustream_ssl_verify_cn(struct ustream_ssl *us, X509 *cert)
{
@@ -252,7 +252,7 @@ __hidden enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us)
r = SSL_connect(ssl);
if (r == 1) {
-#ifndef CYASSL_OPENSSL_H_
+#ifndef WOLFSSL_OPENSSL_H_
ustream_ssl_verify_cert(us);
#endif
return U_SSL_OK;
diff --git a/ustream-openssl.h b/ustream-openssl.h
index afff22b..0a6ca91 100644
--- a/ustream-openssl.h
+++ b/ustream-openssl.h
@@ -19,6 +19,10 @@
#ifndef __USTREAM_OPENSSL_H
#define __USTREAM_OPENSSL_H
+#if defined(HAVE_WOLFSSL)
+#include <wolfssl/options.h>
+#endif
+
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <stdbool.h>
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list