projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
bluez-tools: Add package bluezetools
[feed/packages.git] / net / openvpn / patches / 002-add-wolfssl-support.patch
1 From: Gert Doering <gert@greenie.muc.de>
2
3 Support for wolfSSL in OpenVPN
4
5 This patch adds support for wolfSSL in OpenVPN. Support is added by using
6 wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged
7 and instead the OpenSSL includes point to wolfSSL headers and OpenVPN is
8 linked against the wolfSSL library. The wolfSSL installation directory is
9 detected using pkg-config.
10
11 As requested by OpenVPN maintainers, this patch does not include
12 wolfssl/options.h on its own. By defining the macro EXTERNAL_OPTS_OPENVPN
13 in the configure script wolfSSL will include wolfssl/options.h on its own
14 (change added in wolfSSL/wolfssl#2825). The patch
15 adds an option '--disable-wolfssl-options-h' in case the user would like
16 to supply their own settings file for wolfSSL.
17
18 wolfSSL:
19 Support added in: wolfSSL/wolfssl#2503
20
21 git clone https://github.com/wolfSSL/wolfssl.git
22 cd wolfssl
23 ./autogen.sh
24 ./configure --enable-openvpn
25 make
26 sudo make install
27
28 OpenVPN:
29
30 autoreconf -i -v -f
31 ./configure --with-crypto-library=wolfssl
32 make
33 make check
34 sudo make install
35
36 Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
37 Acked-by: Arne Schwabe <arne@rfc2549.org>
38 Message-Id: <20210317181153.83716-1-juliusz@wolfssl.com>
39 URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21686.html
40 Signed-off-by: Gert Doering <gert@greenie.muc.de>
41 ---
42 configure.ac | 110 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
43 src/openvpn/syshead.h | 3 ++-
44 2 files changed, 110 insertions(+), 3 deletions(-)
45 --- a/configure.ac
46 +++ b/configure.ac
47 @@ -271,16 +271,23 @@ AC_ARG_WITH(
48
49 AC_ARG_WITH(
50 [crypto-library],
51 - [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls @<:@default=openssl@:>@])],
52 + [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])],
53 [
54 case "${withval}" in
55 - openssl|mbedtls) ;;
56 + openssl|mbedtls|wolfssl) ;;
57 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
58 esac
59 ],
60 [with_crypto_library="openssl"]
61 )
62
63 +AC_ARG_ENABLE(
64 + [wolfssl-options-h],
65 + [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])],
66 + ,
67 + [enable_wolfssl_options_h="yes"]
68 +)
69 +
70 AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
71 if test -n "${PLUGINDIR}"; then
72 plugindir="${PLUGINDIR}"
73 @@ -1026,6 +1033,105 @@ elif test "${with_crypto_library}" = "mb
74 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
75 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
76 CRYPTO_LIBS="${MBEDTLS_LIBS}"
77 +
78 +elif test "${with_crypto_library}" = "wolfssl"; then
79 + AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should
80 + contain the regular wolfSSL header files but also the
81 + wolfSSL OpenSSL header files. Ex: -I/usr/local/include
82 + -I/usr/local/include/wolfssl])
83 + AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl])
84 +
85 + saved_CFLAGS="${CFLAGS}"
86 + saved_LIBS="${LIBS}"
87 +
88 + if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then
89 + # if the user did not explicitly specify flags, try to autodetect
90 + PKG_CHECK_MODULES(
91 + [WOLFSSL],
92 + [wolfssl],
93 + [],
94 + [AC_MSG_ERROR([Could not find wolfSSL.])]
95 + )
96 + PKG_CHECK_VAR(
97 + [WOLFSSL_INCLUDEDIR],
98 + [wolfssl],
99 + [includedir],
100 + [],
101 + [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])]
102 + )
103 + WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl"
104 + fi
105 + saved_CFLAGS="${CFLAGS}"
106 + saved_LIBS="${LIBS}"
107 + CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}"
108 + LIBS="${LIBS} ${WOLFSSL_LIBS}"
109 +
110 + AC_CHECK_LIB(
111 + [wolfssl],
112 + [wolfSSL_Init],
113 + [],
114 + [AC_MSG_ERROR([Could not link wolfSSL library.])]
115 + )
116 + AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
117 +
118 + # wolfSSL signal EKM support
119 + have_export_keying_material="yes"
120 +
121 + AC_DEFINE([HAVE_HMAC_CTX_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
122 + AC_DEFINE([HAVE_HMAC_CTX_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
123 + AC_DEFINE([HAVE_HMAC_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
124 + AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
125 + AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
126 + AC_DEFINE([HAVE_EVP_MD_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
127 + AC_DEFINE([HAVE_EVP_CIPHER_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
128 + AC_DEFINE([HAVE_OPENSSL_VERSION], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
129 + AC_DEFINE([HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
130 + AC_DEFINE([HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB_USERDATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
131 + AC_DEFINE([HAVE_SSL_CTX_SET_SECURITY_LEVEL], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
132 + AC_DEFINE([HAVE_X509_GET0_NOTBEFORE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
133 + AC_DEFINE([HAVE_X509_GET0_NOTAFTER], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
134 + AC_DEFINE([HAVE_X509_GET0_PUBKEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
135 + AC_DEFINE([HAVE_X509_STORE_GET0_OBJECTS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
136 + AC_DEFINE([HAVE_X509_OBJECT_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
137 + AC_DEFINE([HAVE_X509_OBJECT_GET_TYPE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
138 + AC_DEFINE([HAVE_EVP_PKEY_ID], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
139 + AC_DEFINE([HAVE_EVP_PKEY_GET0_RSA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
140 + AC_DEFINE([HAVE_EVP_PKEY_GET0_DSA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
141 + AC_DEFINE([HAVE_EVP_PKEY_GET0_EC_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
142 + AC_DEFINE([HAVE_RSA_SET_FLAGS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
143 + AC_DEFINE([HAVE_RSA_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
144 + AC_DEFINE([HAVE_RSA_GET0_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
145 + AC_DEFINE([HAVE_RSA_SET0_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
146 + AC_DEFINE([HAVE_DSA_GET0_PQG], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
147 + AC_DEFINE([HAVE_DSA_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
148 + AC_DEFINE([HAVE_RSA_METH_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
149 + AC_DEFINE([HAVE_RSA_METH_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
150 + AC_DEFINE([HAVE_RSA_METH_SET_PUB_ENC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
151 + AC_DEFINE([HAVE_RSA_METH_SET_PUB_DEC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
152 + AC_DEFINE([HAVE_RSA_METH_SET_PRIV_ENC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
153 + AC_DEFINE([HAVE_RSA_METH_SET_PRIV_DEC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
154 + AC_DEFINE([HAVE_RSA_METH_SET_INIT], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
155 + AC_DEFINE([HAVE_RSA_METH_SET_SIGN], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
156 + AC_DEFINE([HAVE_RSA_METH_SET_FINISH], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
157 + AC_DEFINE([HAVE_RSA_METH_SET0_APP_DATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
158 + AC_DEFINE([HAVE_RSA_METH_GET0_APP_DATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
159 + AC_DEFINE([HAVE_EC_GROUP_ORDER_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros])
160 +
161 + if test "${enable_wolfssl_options_h}" = "yes"; then
162 + AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
163 + else
164 + AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library])
165 + fi
166 +
167 + have_export_keying_material="yes"
168 +
169 + CFLAGS="${saved_CFLAGS}"
170 + LIBS="${saved_LIBS}"
171 +
172 + AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library])
173 + AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer])
174 + CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}"
175 + CRYPTO_LIBS="${WOLFSSL_LIBS}"
176 else
177 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
178 fi
179 --- a/src/openvpn/syshead.h
180 +++ b/src/openvpn/syshead.h
181 @@ -582,7 +582,8 @@ socket_defined(const socket_descriptor_t
182 /*
183 * Do we have CryptoAPI capability?
184 */
185 -#if defined(_WIN32) && defined(ENABLE_CRYPTO_OPENSSL)
186 +#if defined(_WIN32) && defined(ENABLE_CRYPTO_OPENSSL) && \
187 + !defined(ENABLE_CRYPTO_WOLFSSL)
188 #define ENABLE_CRYPTOAPI
189 #endif
190
Mirror of packages feed