summaryrefslogtreecommitdiff
path: root/projects
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2016-12-24 13:49:25 -0500
committerJay Satiro <raysatiro@yahoo.com>2016-12-24 13:51:12 -0500
commit57cad81091bb5b92a9e03b01b52f449e6c3a8cae (patch)
treee521c7d39d96c69630d86c22fd0f6bffcd7647e7 /projects
parentcdbdef6f9f05139f613000f6818f101bb5d6e4ac (diff)
downloadcurl-57cad81091bb5b92a9e03b01b52f449e6c3a8cae.tar.gz
build-wolfssl: Sync config with wolfSSL 3.10
wolfSSL configure script relevant changes from 3.9 to 3.10: - DES3 no longer enabled by default - Shamir no longer enabled by default - Extended master secret enabled by default - RSA and ECC timing protections enabled by default For backwards compatibility I enabled DES3 and ECC shamir config options (ie no change from 3.9), and the other changes are included.
Diffstat (limited to 'projects')
-rw-r--r--projects/wolfssl_options.h19
1 files changed, 17 insertions, 2 deletions
diff --git a/projects/wolfssl_options.h b/projects/wolfssl_options.h
index 04752b811..d0ece9640 100644
--- a/projects/wolfssl_options.h
+++ b/projects/wolfssl_options.h
@@ -5,8 +5,8 @@ To remedy this issue for libcurl I've generated this options file that
build-wolfssl will copy to the wolfSSL include directories and will result in
maximum compatibility.
-These are the configure options that were used to build wolfSSL v3.9.0 in mingw
-and generate the options in this file:
+These are the configure options that were used to build wolfSSL v3.10.0 in
+mingw and generate the options in this file:
C_EXTRA_FLAGS="\
-Wno-attributes \
@@ -17,12 +17,15 @@ C_EXTRA_FLAGS="\
-DWOLFSSL_STATIC_RSA \
" \
./configure --prefix=/usr/local \
+ --disable-jobserver \
--enable-aesgcm \
--enable-alpn \
--enable-certgen \
+ --enable-des3 \
--enable-dh \
--enable-dsa \
--enable-ecc \
+ --enable-eccshamir \
--enable-fastmath \
--enable-opensslextra \
--enable-ripemd \
@@ -93,6 +96,15 @@ extern "C" {
#undef OPENSSL_EXTRA
#define OPENSSL_EXTRA
+#undef TFM_TIMING_RESISTANT
+#define TFM_TIMING_RESISTANT
+
+#undef ECC_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+
+#undef WC_RSA_BLINDING
+#define WC_RSA_BLINDING
+
#undef HAVE_AESGCM
#define HAVE_AESGCM
@@ -162,6 +174,9 @@ extern "C" {
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
+#undef HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
#undef WOLFSSL_TEST_CERT
#define WOLFSSL_TEST_CERT