diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2016-12-24 13:49:25 -0500 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2016-12-24 13:51:12 -0500 |
commit | 57cad81091bb5b92a9e03b01b52f449e6c3a8cae (patch) | |
tree | e521c7d39d96c69630d86c22fd0f6bffcd7647e7 /projects | |
parent | cdbdef6f9f05139f613000f6818f101bb5d6e4ac (diff) | |
download | curl-57cad81091bb5b92a9e03b01b52f449e6c3a8cae.tar.gz |
build-wolfssl: Sync config with wolfSSL 3.10
wolfSSL configure script relevant changes from 3.9 to 3.10:
- DES3 no longer enabled by default
- Shamir no longer enabled by default
- Extended master secret enabled by default
- RSA and ECC timing protections enabled by default
For backwards compatibility I enabled DES3 and ECC shamir config options
(ie no change from 3.9), and the other changes are included.
Diffstat (limited to 'projects')
-rw-r--r-- | projects/wolfssl_options.h | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/projects/wolfssl_options.h b/projects/wolfssl_options.h index 04752b811..d0ece9640 100644 --- a/projects/wolfssl_options.h +++ b/projects/wolfssl_options.h @@ -5,8 +5,8 @@ To remedy this issue for libcurl I've generated this options file that build-wolfssl will copy to the wolfSSL include directories and will result in maximum compatibility. -These are the configure options that were used to build wolfSSL v3.9.0 in mingw -and generate the options in this file: +These are the configure options that were used to build wolfSSL v3.10.0 in +mingw and generate the options in this file: C_EXTRA_FLAGS="\ -Wno-attributes \ @@ -17,12 +17,15 @@ C_EXTRA_FLAGS="\ -DWOLFSSL_STATIC_RSA \ " \ ./configure --prefix=/usr/local \ + --disable-jobserver \ --enable-aesgcm \ --enable-alpn \ --enable-certgen \ + --enable-des3 \ --enable-dh \ --enable-dsa \ --enable-ecc \ + --enable-eccshamir \ --enable-fastmath \ --enable-opensslextra \ --enable-ripemd \ @@ -93,6 +96,15 @@ extern "C" { #undef OPENSSL_EXTRA #define OPENSSL_EXTRA +#undef TFM_TIMING_RESISTANT +#define TFM_TIMING_RESISTANT + +#undef ECC_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT + +#undef WC_RSA_BLINDING +#define WC_RSA_BLINDING + #undef HAVE_AESGCM #define HAVE_AESGCM @@ -162,6 +174,9 @@ extern "C" { #undef HAVE_SUPPORTED_CURVES #define HAVE_SUPPORTED_CURVES +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + #undef WOLFSSL_TEST_CERT #define WOLFSSL_TEST_CERT |