Use generated user_settings.h for WolfSSL, as recommended by WolfSSL

documentation Apparently, WolfSSL wants to have *exactly* the same defines for the user of the library as the was when building library itself. A lot of #defines have an impact on ABI (structure sizes, alignment etc)
author: Vladislav Vaintroub <wlad@mariadb.com> 2019-06-04 17:11:42 +0200
committer: Vladislav Vaintroub <wlad@mariadb.com> 2019-06-14 15:50:12 +0200
commit: 1e3dc15d62c2f7f7d3afe6affb0db66c8515234d (patch)
tree: 46581d3ece06297c531968e840e140aa44e3fe37 /extra/wolfssl
parent: 4ec302ebf86ed2f36bd072ee5b43f5e2b724136b (diff)
download: mariadb-git-1e3dc15d62c2f7f7d3afe6affb0db66c8515234d.tar.gz
2 files changed, 50 insertions, 30 deletions
diff --git a/extra/wolfssl/CMakeLists.txt b/extra/wolfssl/CMakeLists.txt
index f3f09f631d7..2cb3f1dd3d1 100644
--- a/extra/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/CMakeLists.txt
@@ -25,25 +25,6 @@ ENDIF()
 
 SET(WOLFSSL_SRCDIR ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/src)
 ADD_DEFINITIONS(${SSL_DEFINES})
-ADD_DEFINITIONS(
-  -DHAVE_CRL
-  -DWOLFSSL_MYSQL_COMPATIBLE
-  -DHAVE_ECC
-  -DECC_TIMING_RESISTANT
-  -DBUILDING_WOLFSSL
-  -DHAVE_HASHDRBG
-  -DWOLFSSL_AES_DIRECT
-  -DWOLFSSL_SHA384
-  -DWOLFSSL_SHA512
-  -DWOLFSSL_SHA224
-  -DSESSION_CERT
-  -DKEEP_OUR_CERT
-  -DWOLFSSL_STATIC_RSA
-  -DWC_RSA_BLINDING
-  -DHAVE_TLS_EXTENSIONS
-  -DHAVE_AES_ECB
-  -DWOLFSSL_AES_COUNTER
-  -DNO_WOLFSSL_STUB)
 
 SET(WOLFSSL_SOURCES  
    ${WOLFSSL_SRCDIR}/crl.c
@@ -53,7 +34,8 @@ SET(WOLFSSL_SOURCES
    ${WOLFSSL_SRCDIR}/wolfio.c
    ${WOLFSSL_SRCDIR}/ocsp.c
    ${WOLFSSL_SRCDIR}/ssl.c)
-ADD_DEFINITIONS(-DWOLFSSL_LIB)
+ADD_DEFINITIONS(-DWOLFSSL_LIB -DBUILDING_WOLFSSL)
+
 INCLUDE_DIRECTORIES(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl)
 IF(MSVC)
   # size_t to long truncation warning
@@ -116,28 +98,31 @@ IF(NOT (MSVC AND CMAKE_C_COMPILER_ID MATCHES Clang)
 ENDIF()
 
 IF(WOLFSSL_FASTMATH)
- ADD_DEFINITIONS(-DUSE_FAST_MATH)
- # FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test
- # WolfSSL will use more stack space with it
- ADD_DEFINITIONS(-DFP_MAX_BITS=16384)
- SET(WOLFCRYPT_SOURCES  ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/tfm.c)
+  SET(USE_FAST_MATH 1)
+  SET(TFM_TIMING_RESISTANT 1)
+  # FP_MAX_BITS is set high solely to satisfy ssl_8k_key.test
+  # WolfSSL will use more stack space with it
+  SET(FP_MAX_BITS 16384)
+  SET(WOLFCRYPT_SOURCES  ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/tfm.c)
 ELSE()
- SET(WOLFCRYPT_SOURCES  ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/integer.c)
+  SET(WOLFCRYPT_SOURCES  ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/integer.c)
 ENDIF()
 
 IF(WOLFSSL_INTELASM)
-  ADD_DEFINITIONS(-DWOLFSSL_AESNI)
-  SET(SSL_DEFINES "${SSL_DEFINES} -DWOLFSSL_AESNI" PARENT_SCOPE)
+  SET(WOLFSSL_AESNI 1)
+
   LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/cpuid.c)
   IF(MSVC)
     LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/aes_asm.asm)
     IF(CMAKE_C_COMPILER_ID MATCHES Clang)
       SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -maes")
     ELSE()
-      ADD_DEFINITIONS(-DHAVE_INTEL_RDSEED -DWOLFSSL_X86_64_BUILD)
+      SET(HAVE_INTEL_RDSEED 1)
+      SET(WOLFSSL_X86_64_BUILD 1)
     ENDIF()
   ELSEIF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
-    ADD_DEFINITIONS(-DHAVE_INTEL_RDSEED -DUSE_INTEL_SPEEDUP)
+    SET(HAVE_INTEL_RDSEED 1)
+    SET(USE_INTEL_SPEEDUP 1)
     LIST(APPEND WOLFCRYPT_SOURCES
         ${WOLFCRYPT_SRCDIR}/aes_asm.S
         ${WOLFCRYPT_SRCDIR}/sha512_asm.S
@@ -146,5 +131,7 @@ IF(WOLFSSL_INTELASM)
   ENDIF()
 ENDIF()
 
+CONFIGURE_FILE(user_settings.h.in user_settings.h)
+INCLUDE_DIRECTORIES(${SSL_INCLUDE_DIRS})
 ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES})
 
diff --git a/extra/wolfssl/user_settings.h.in b/extra/wolfssl/user_settings.h.in
new file mode 100644
index 00000000000..f44143517fa
--- /dev/null
+++ b/extra/wolfssl/user_settings.h.in
@@ -0,0 +1,33 @@
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#define HAVE_CRL
+#define WOLFSSL_MYSQL_COMPATIBLE
+#define HAVE_ECC
+#define ECC_TIMING_RESISTANT
+#define HAVE_HASHDRBG
+#define WOLFSSL_AES_DIRECT
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHA512
+#define WOLFSSL_SHA224
+#define SESSION_CERT
+#define KEEP_OUR_CERT
+#define WOLFSSL_STATIC_RSA
+#define WC_RSA_BLINDING
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_AES_ECB
+#define WOLFSSL_AES_COUNTER
+#define NO_WOLFSSL_STUB
+#define OPENSSL_ALL
+
+
+#cmakedefine WOLFSSL_AESNI
+#cmakedefine USE_FAST_MATH
+#cmakedefine TFM_TIMING_RESISTANT
+#cmakedefine HAVE_INTEL_RDSEED
+#cmakedefine USE_INTEL_SPEEDUP
+#cmakedefine FP_MAX_BITS @FP_MAX_BITS@
+#cmakedefine USE_FAST_MATH
+#cmakedefine WOLFSSL_X86_64_BUILD
+
+#endif  /* WOLFSSL_USER_SETTINGS_H */
author	Vladislav Vaintroub <wlad@mariadb.com>	2019-06-04 17:11:42 +0200
committer	Vladislav Vaintroub <wlad@mariadb.com>	2019-06-14 15:50:12 +0200
commit	1e3dc15d62c2f7f7d3afe6affb0db66c8515234d (patch)
tree	46581d3ece06297c531968e840e140aa44e3fe37 /extra/wolfssl
parent	4ec302ebf86ed2f36bd072ee5b43f5e2b724136b (diff)
download	mariadb-git-1e3dc15d62c2f7f7d3afe6affb0db66c8515234d.tar.gz