Commit 403dc759 authored by Vladislav Vaintroub's avatar Vladislav Vaintroub Committed by Sergei Golubchik

Update WolfSSL

Fix WolfSSL build:

- Do not build with TLSv1.0,it stopped working,at least with SChannel client
- Disable a test that depends on TLSv1.0
- define FP_MAX_BITS always, to fix 32bit builds.
- Increase MAX_AES_CTX_SIZE, to fix build on Linux
parent 8d85715d
...@@ -20,14 +20,18 @@ ...@@ -20,14 +20,18 @@
#define WOLFSSL_AES_COUNTER #define WOLFSSL_AES_COUNTER
#define NO_WOLFSSL_STUB #define NO_WOLFSSL_STUB
#define OPENSSL_ALL #define OPENSSL_ALL
#define WOLFSSL_ALLOW_TLSV10 #define NO_OLD_TIMEVAL_NAME
/*
FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test
WolfSSL will use more stack space with it, with fastmath
*/
#define FP_MAX_BITS 16384
#cmakedefine WOLFSSL_AESNI #cmakedefine WOLFSSL_AESNI
#cmakedefine USE_FAST_MATH #cmakedefine USE_FAST_MATH
#cmakedefine TFM_TIMING_RESISTANT #cmakedefine TFM_TIMING_RESISTANT
#cmakedefine HAVE_INTEL_RDSEED #cmakedefine HAVE_INTEL_RDSEED
#cmakedefine USE_INTEL_SPEEDUP #cmakedefine USE_INTEL_SPEEDUP
#cmakedefine FP_MAX_BITS @FP_MAX_BITS@
#cmakedefine USE_FAST_MATH #cmakedefine USE_FAST_MATH
#cmakedefine WOLFSSL_X86_64_BUILD #cmakedefine WOLFSSL_X86_64_BUILD
......
Subproject commit 3f13b49fa318fbd3216d7da36d942e7c276d3413 Subproject commit e116c89a58af750421d82ece13f80516d2bde02e
...@@ -45,7 +45,7 @@ extern "C" { ...@@ -45,7 +45,7 @@ extern "C" {
/* The max key length of all supported algorithms */ /* The max key length of all supported algorithms */
#define MY_AES_MAX_KEY_LENGTH 32 #define MY_AES_MAX_KEY_LENGTH 32
#define MY_AES_CTX_SIZE 600 #define MY_AES_CTX_SIZE 640
enum my_aes_mode { enum my_aes_mode {
MY_AES_ECB, MY_AES_CBC MY_AES_ECB, MY_AES_CBC
......
...@@ -81,8 +81,8 @@ ...@@ -81,8 +81,8 @@
#ifndef HAVE_WOLFSSL #ifndef HAVE_WOLFSSL
#define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X) #define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X)
#endif
#define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X) #define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)
#endif
#define X509_get0_notBefore(X) X509_get_notBefore(X) #define X509_get0_notBefore(X) X509_get_notBefore(X)
#define X509_get0_notAfter(X) X509_get_notAfter(X) #define X509_get0_notAfter(X) X509_get_notAfter(X)
#endif #endif
......
...@@ -74,6 +74,9 @@ sub skip_combinations { ...@@ -74,6 +74,9 @@ sub skip_combinations {
$skip{'main/ssl_verify_ip.test'} = 'x509v3 support required' $skip{'main/ssl_verify_ip.test'} = 'x509v3 support required'
unless $openssl_ver ge "1.0.2"; unless $openssl_ver ge "1.0.2";
$skip{'main/tls_version1.test'} = 'No TLSv1.0 support'
if $ssl_lib =~ /WolfSSL/;
%skip; %skip;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment