Use generated user_settings.h for WolfSSL, as recommended by WolfSSL
documentation Apparently, WolfSSL wants to have *exactly* the same defines for the user of the library as the was when building library itself. A lot of #defines have an impact on ABI (structure sizes, alignment etc)
This commit is contained in:
Vladislav Vaintroub
parent
4ec302ebf8
commit
1e3dc15d62
1
.gitignore
vendored
1
.gitignore
vendored
@ -58,6 +58,7 @@ extra/perror
|
|||||||
extra/replace
|
extra/replace
|
||||||
extra/resolve_stack_dump
|
extra/resolve_stack_dump
|
||||||
extra/resolveip
|
extra/resolveip
|
||||||
|
extra/wolfssl/user_settings.h
|
||||||
import_executables.cmake
|
import_executables.cmake
|
||||||
include/*.h.tmp
|
include/*.h.tmp
|
||||||
include/config.h
|
include/config.h
|
||||||
|
|||||||
@ -49,12 +49,13 @@ ENDMACRO()
|
|||||||
|
|
||||||
MACRO (MYSQL_USE_BUNDLED_SSL)
|
MACRO (MYSQL_USE_BUNDLED_SSL)
|
||||||
SET(INC_DIRS
|
SET(INC_DIRS
|
||||||
|
${CMAKE_BINARY_DIR}/extra/wolfssl
|
||||||
${CMAKE_SOURCE_DIR}/extra/wolfssl/wolfssl
|
${CMAKE_SOURCE_DIR}/extra/wolfssl/wolfssl
|
||||||
${CMAKE_SOURCE_DIR}/extra/wolfssl/wolfssl/wolfssl
|
${CMAKE_SOURCE_DIR}/extra/wolfssl/wolfssl/wolfssl
|
||||||
)
|
)
|
||||||
SET(SSL_LIBRARIES wolfssl wolfcrypt)
|
SET(SSL_LIBRARIES wolfssl wolfcrypt)
|
||||||
SET(SSL_INCLUDE_DIRS ${INC_DIRS})
|
SET(SSL_INCLUDE_DIRS ${INC_DIRS})
|
||||||
SET(SSL_DEFINES "-DHAVE_OPENSSL -DHAVE_WOLFSSL -DOPENSSL_ALL -DWOLFSSL_MYSQL_COMPATIBLE -DWC_NO_HARDEN")
|
SET(SSL_DEFINES "-DHAVE_OPENSSL -DHAVE_WOLFSSL -DWOLFSSL_USER_SETTINGS")
|
||||||
SET(HAVE_ERR_remove_thread_state ON CACHE INTERNAL "wolfssl doesn't have ERR_remove_thread_state")
|
SET(HAVE_ERR_remove_thread_state ON CACHE INTERNAL "wolfssl doesn't have ERR_remove_thread_state")
|
||||||
SET(HAVE_EncryptAes128Ctr OFF CACHE INTERNAL "wolfssl does support AES-CTR, but differently from openssl")
|
SET(HAVE_EncryptAes128Ctr OFF CACHE INTERNAL "wolfssl does support AES-CTR, but differently from openssl")
|
||||||
SET(HAVE_EncryptAes128Gcm OFF CACHE INTERNAL "wolfssl does not support AES-GCM")
|
SET(HAVE_EncryptAes128Gcm OFF CACHE INTERNAL "wolfssl does not support AES-GCM")
|
||||||
|
|||||||
@ -25,25 +25,6 @@ ENDIF()
|
|||||||
|
|
||||||
SET(WOLFSSL_SRCDIR ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/src)
|
SET(WOLFSSL_SRCDIR ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/src)
|
||||||
ADD_DEFINITIONS(${SSL_DEFINES})
|
ADD_DEFINITIONS(${SSL_DEFINES})
|
||||||
ADD_DEFINITIONS(
|
|
||||||
-DHAVE_CRL
|
|
||||||
-DWOLFSSL_MYSQL_COMPATIBLE
|
|
||||||
-DHAVE_ECC
|
|
||||||
-DECC_TIMING_RESISTANT
|
|
||||||
-DBUILDING_WOLFSSL
|
|
||||||
-DHAVE_HASHDRBG
|
|
||||||
-DWOLFSSL_AES_DIRECT
|
|
||||||
-DWOLFSSL_SHA384
|
|
||||||
-DWOLFSSL_SHA512
|
|
||||||
-DWOLFSSL_SHA224
|
|
||||||
-DSESSION_CERT
|
|
||||||
-DKEEP_OUR_CERT
|
|
||||||
-DWOLFSSL_STATIC_RSA
|
|
||||||
-DWC_RSA_BLINDING
|
|
||||||
-DHAVE_TLS_EXTENSIONS
|
|
||||||
-DHAVE_AES_ECB
|
|
||||||
-DWOLFSSL_AES_COUNTER
|
|
||||||
-DNO_WOLFSSL_STUB)
|
|
||||||
|
|
||||||
SET(WOLFSSL_SOURCES
|
SET(WOLFSSL_SOURCES
|
||||||
${WOLFSSL_SRCDIR}/crl.c
|
${WOLFSSL_SRCDIR}/crl.c
|
||||||
@ -53,7 +34,8 @@ SET(WOLFSSL_SOURCES
|
|||||||
${WOLFSSL_SRCDIR}/wolfio.c
|
${WOLFSSL_SRCDIR}/wolfio.c
|
||||||
${WOLFSSL_SRCDIR}/ocsp.c
|
${WOLFSSL_SRCDIR}/ocsp.c
|
||||||
${WOLFSSL_SRCDIR}/ssl.c)
|
${WOLFSSL_SRCDIR}/ssl.c)
|
||||||
ADD_DEFINITIONS(-DWOLFSSL_LIB)
|
ADD_DEFINITIONS(-DWOLFSSL_LIB -DBUILDING_WOLFSSL)
|
||||||
|
|
||||||
INCLUDE_DIRECTORIES(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl)
|
INCLUDE_DIRECTORIES(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl)
|
||||||
IF(MSVC)
|
IF(MSVC)
|
||||||
# size_t to long truncation warning
|
# size_t to long truncation warning
|
||||||
@ -116,28 +98,31 @@ IF(NOT (MSVC AND CMAKE_C_COMPILER_ID MATCHES Clang)
|
|||||||
ENDIF()
|
ENDIF()
|
||||||
|
|
||||||
IF(WOLFSSL_FASTMATH)
|
IF(WOLFSSL_FASTMATH)
|
||||||
ADD_DEFINITIONS(-DUSE_FAST_MATH)
|
SET(USE_FAST_MATH 1)
|
||||||
# FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test
|
SET(TFM_TIMING_RESISTANT 1)
|
||||||
# WolfSSL will use more stack space with it
|
# FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test
|
||||||
ADD_DEFINITIONS(-DFP_MAX_BITS=16384)
|
# WolfSSL will use more stack space with it
|
||||||
SET(WOLFCRYPT_SOURCES ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/tfm.c)
|
SET(FP_MAX_BITS 16384)
|
||||||
|
SET(WOLFCRYPT_SOURCES ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/tfm.c)
|
||||||
ELSE()
|
ELSE()
|
||||||
SET(WOLFCRYPT_SOURCES ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/integer.c)
|
SET(WOLFCRYPT_SOURCES ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/integer.c)
|
||||||
ENDIF()
|
ENDIF()
|
||||||
|
|
||||||
IF(WOLFSSL_INTELASM)
|
IF(WOLFSSL_INTELASM)
|
||||||
ADD_DEFINITIONS(-DWOLFSSL_AESNI)
|
SET(WOLFSSL_AESNI 1)
|
||||||
SET(SSL_DEFINES "${SSL_DEFINES} -DWOLFSSL_AESNI" PARENT_SCOPE)
|
|
||||||
LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/cpuid.c)
|
LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/cpuid.c)
|
||||||
IF(MSVC)
|
IF(MSVC)
|
||||||
LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/aes_asm.asm)
|
LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/aes_asm.asm)
|
||||||
IF(CMAKE_C_COMPILER_ID MATCHES Clang)
|
IF(CMAKE_C_COMPILER_ID MATCHES Clang)
|
||||||
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -maes")
|
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -maes")
|
||||||
ELSE()
|
ELSE()
|
||||||
ADD_DEFINITIONS(-DHAVE_INTEL_RDSEED -DWOLFSSL_X86_64_BUILD)
|
SET(HAVE_INTEL_RDSEED 1)
|
||||||
|
SET(WOLFSSL_X86_64_BUILD 1)
|
||||||
ENDIF()
|
ENDIF()
|
||||||
ELSEIF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
|
ELSEIF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
|
||||||
ADD_DEFINITIONS(-DHAVE_INTEL_RDSEED -DUSE_INTEL_SPEEDUP)
|
SET(HAVE_INTEL_RDSEED 1)
|
||||||
|
SET(USE_INTEL_SPEEDUP 1)
|
||||||
LIST(APPEND WOLFCRYPT_SOURCES
|
LIST(APPEND WOLFCRYPT_SOURCES
|
||||||
${WOLFCRYPT_SRCDIR}/aes_asm.S
|
${WOLFCRYPT_SRCDIR}/aes_asm.S
|
||||||
${WOLFCRYPT_SRCDIR}/sha512_asm.S
|
${WOLFCRYPT_SRCDIR}/sha512_asm.S
|
||||||
@ -146,5 +131,7 @@ IF(WOLFSSL_INTELASM)
|
|||||||
ENDIF()
|
ENDIF()
|
||||||
ENDIF()
|
ENDIF()
|
||||||
|
|
||||||
|
CONFIGURE_FILE(user_settings.h.in user_settings.h)
|
||||||
|
INCLUDE_DIRECTORIES(${SSL_INCLUDE_DIRS})
|
||||||
ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES})
|
ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES})
|
||||||
|
|
||||||
|
|||||||
33
extra/wolfssl/user_settings.h.in
Normal file
33
extra/wolfssl/user_settings.h.in
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
#ifndef WOLFSSL_USER_SETTINGS_H
|
||||||
|
#define WOLFSSL_USER_SETTINGS_H
|
||||||
|
|
||||||
|
#define HAVE_CRL
|
||||||
|
#define WOLFSSL_MYSQL_COMPATIBLE
|
||||||
|
#define HAVE_ECC
|
||||||
|
#define ECC_TIMING_RESISTANT
|
||||||
|
#define HAVE_HASHDRBG
|
||||||
|
#define WOLFSSL_AES_DIRECT
|
||||||
|
#define WOLFSSL_SHA384
|
||||||
|
#define WOLFSSL_SHA512
|
||||||
|
#define WOLFSSL_SHA224
|
||||||
|
#define SESSION_CERT
|
||||||
|
#define KEEP_OUR_CERT
|
||||||
|
#define WOLFSSL_STATIC_RSA
|
||||||
|
#define WC_RSA_BLINDING
|
||||||
|
#define HAVE_TLS_EXTENSIONS
|
||||||
|
#define HAVE_AES_ECB
|
||||||
|
#define WOLFSSL_AES_COUNTER
|
||||||
|
#define NO_WOLFSSL_STUB
|
||||||
|
#define OPENSSL_ALL
|
||||||
|
|
||||||
|
|
||||||
|
#cmakedefine WOLFSSL_AESNI
|
||||||
|
#cmakedefine USE_FAST_MATH
|
||||||
|
#cmakedefine TFM_TIMING_RESISTANT
|
||||||
|
#cmakedefine HAVE_INTEL_RDSEED
|
||||||
|
#cmakedefine USE_INTEL_SPEEDUP
|
||||||
|
#cmakedefine FP_MAX_BITS @FP_MAX_BITS@
|
||||||
|
#cmakedefine USE_FAST_MATH
|
||||||
|
#cmakedefine WOLFSSL_X86_64_BUILD
|
||||||
|
|
||||||
|
#endif /* WOLFSSL_USER_SETTINGS_H */
|
||||||
Loading…
x
Reference in New Issue
Block a user