diff options
author | Daniel Stenberg <daniel@haxx.se> | 2015-12-16 10:06:09 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2015-12-16 10:06:09 +0100 |
commit | 1ff3a07be9b875155b0076a91a0b8f5c5fd22067 (patch) | |
tree | 2f0b2a7571cecb8ab90a0f79a65a68e611903dba | |
parent | 15cb03ad846a10c4aa4889d46804389ad11cdc1d (diff) | |
download | curl-1ff3a07be9b875155b0076a91a0b8f5c5fd22067.tar.gz |
wolfssl: handle builds without SSLv3 support
-rw-r--r-- | configure.ac | 9 | ||||
-rw-r--r-- | lib/vtls/cyassl.c | 7 |
2 files changed, 14 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac index 4c14e382e..3031f05ae 100644 --- a/configure.ac +++ b/configure.ac @@ -2166,11 +2166,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then ]]) ],[ AC_MSG_RESULT(yes) - AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled]) + AC_DEFINE(USE_CYASSL, 1, [if CyaSSL/WolfSSL is enabled]) AC_SUBST(USE_CYASSL, [1]) CYASSL_ENABLED=1 USE_CYASSL="yes" - curl_ssl_msg="enabled (CyaSSL)" + curl_ssl_msg="enabled (WolfSSL)" ], [ AC_MSG_RESULT(no) @@ -2195,6 +2195,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then LIBS="-l$cyassllibname -lm $LIBS" + if test "x$cyassllib" = "xwolfssl"; then + dnl Recent WolfSSL versions build without SSLv3 by default + AC_CHECK_FUNCS(wolfSSLv3_client_method) + fi + if test -n "$cyassllib"; then dnl when shared libs were found in a path that the run-time dnl linker doesn't search through, we need to add it to diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index f51b04192..20629f45d 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -143,8 +143,15 @@ cyassl_connect_step1(struct connectdata *conn, use_sni(TRUE); break; case CURL_SSLVERSION_SSLv3: + /* before WolfSSL SSLv3 was enabled by default, and starting in WolfSSL + we check for its presence since it is built without it by default */ +#if !defined(WOLFSSL_VERSION) || defined(HAVE_WOLFSSLV3_CLIENT_METHOD) req_method = SSLv3_client_method(); use_sni(FALSE); +#else + failf(data, "No support for SSLv3"); + return CURLE_NOT_BUILT_IN; +#endif break; case CURL_SSLVERSION_SSLv2: failf(data, "CyaSSL does not support SSLv2"); |