summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McDermott <patrick.mcdermott@libiquity.com>2021-01-03 02:23:43 (EST)
committer Patrick McDermott <patrick.mcdermott@libiquity.com>2021-01-03 03:24:35 (EST)
commit43ef90ae038229515964498083955db987d213a0 (patch)
tree11d9d720cac641d3408a942385c6511532f13099
parentb95b1d179222409d871d1b3b8ef44dd42e6aec94 (diff)
patches: Fix undeclared symbols
Fixes: CC vtls/libcurl_la-wolfssl.lo vtls/wolfssl.c: In function 'do_file_type': vtls/wolfssl.c:207:12: error: 'SSL_FILETYPE_PEM' undeclared (first use in this function); did you mean 'WOLFSSL_FILETYPE_PEM'? return SSL_FILETYPE_PEM; ^~~~~~~~~~~~~~~~ WOLFSSL_FILETYPE_PEM vtls/wolfssl.c:207:12: note: each undeclared identifier is reported only once for each function it appears in vtls/wolfssl.c:211:12: error: 'SSL_FILETYPE_ASN1' undeclared (first use in this function); did you mean 'WOLFSSL_FILETYPE_ASN1'? return SSL_FILETYPE_ASN1; ^~~~~~~~~~~~~~~~~ WOLFSSL_FILETYPE_ASN1 vtls/wolfssl.c: In function 'wolfssl_connect_step1': vtls/wolfssl.c:407:50: error: 'SSL_VERIFY_PEER' undeclared (first use in this function); did you mean 'WOLFSSL_VERIFY_PEER'? SSL_CONN_CONFIG(verifypeer)?SSL_VERIFY_PEER: ^~~~~~~~~~~~~~~ WOLFSSL_VERIFY_PEER vtls/wolfssl.c:408:50: error: 'SSL_VERIFY_NONE' undeclared (first use in this function); did you mean 'WOLFSSL_VERIFY_NONE'? SSL_VERIFY_NONE, ^~~~~~~~~~~~~~~ WOLFSSL_VERIFY_NONE vtls/wolfssl.c: In function 'wolfssl_connect_step2': vtls/wolfssl.c:564:15: error: 'SSL_FAILURE' undeclared (first use in this function); did you mean 'WOLFSSL_FAILURE'? if(ret == SSL_FAILURE) ^~~~~~~~~~~ WOLFSSL_FAILURE vtls/wolfssl.c:598:8: error: 'SSL_ERROR_WANT_READ' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_WANT_READ'? if(SSL_ERROR_WANT_READ == detail) { ^~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_WANT_READ vtls/wolfssl.c:602:13: error: 'SSL_ERROR_WANT_WRITE' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_WANT_WRITE'? else if(SSL_ERROR_WANT_WRITE == detail) { ^~~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_WANT_WRITE vtls/wolfssl.c: In function 'wolfssl_send': vtls/wolfssl.c:814:10: error: 'SSL_ERROR_WANT_READ' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_WANT_READ'? case SSL_ERROR_WANT_READ: ^~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_WANT_READ vtls/wolfssl.c:815:10: error: 'SSL_ERROR_WANT_WRITE' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_WANT_WRITE'? case SSL_ERROR_WANT_WRITE: ^~~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_WANT_WRITE vtls/wolfssl.c: In function 'wolfssl_recv': vtls/wolfssl.c:862:10: error: 'SSL_ERROR_ZERO_RETURN' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_ZERO_RETURN'? case SSL_ERROR_ZERO_RETURN: /* no more data */ ^~~~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_ZERO_RETURN vtls/wolfssl.c:864:10: error: 'SSL_ERROR_WANT_READ' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_WANT_READ'? case SSL_ERROR_WANT_READ: ^~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_WANT_READ vtls/wolfssl.c:865:10: error: 'SSL_ERROR_WANT_WRITE' undeclared (first use in this function); did you mean 'WOLFSSL_ERROR_WANT_WRITE'? case SSL_ERROR_WANT_WRITE: ^~~~~~~~~~~~~~~~~~~~ WOLFSSL_ERROR_WANT_WRITE vtls/wolfssl.c: In function 'Curl_wolfssl_init': vtls/wolfssl.c:903:29: error: 'SSL_SUCCESS' undeclared (first use in this function); did you mean 'WOLFSSL_SUCCESS'? return (wolfSSL_Init() == SSL_SUCCESS); ^~~~~~~~~~~ WOLFSSL_SUCCESS make[3]: *** [Makefile:2675: vtls/libcurl_la-wolfssl.lo] Error 1 make[3]: Leaving directory '/prokit/sessions/448429946/wd/tmp/src/lib' make[2]: *** [Makefile:1077: all] Error 2 make[2]: Leaving directory '/prokit/sessions/448429946/wd/tmp/src/lib' make[1]: *** [Makefile:996: all-recursive] Error 1 make[1]: Leaving directory '/prokit/sessions/448429946/wd/tmp/src' make: *** [../build:12: build] Error 2
-rw-r--r--changelog2
-rw-r--r--patches/01_fix-undeclared-symbols-without-OPENSSL_EXTRA.patch359
2 files changed, 361 insertions, 0 deletions
diff --git a/changelog b/changelog
index 8e33d01..4e21387 100644
--- a/changelog
+++ b/changelog
@@ -5,6 +5,8 @@ curl (7.74.0-1) trunk
* libcurl.4-dev: Remove static library.
* Link against wolfSSL for HTTPS support and depend on NSS CA root
certificates.
+ - Add patch to fix undeclared symbol errors when compiling against
+ wolfSSL built without OPENSSL_EXTRA.
* Organize packages into sections.
* Reword package descriptions.
* curl-doc: Rename to curl.4-doc.
diff --git a/patches/01_fix-undeclared-symbols-without-OPENSSL_EXTRA.patch b/patches/01_fix-undeclared-symbols-without-OPENSSL_EXTRA.patch
new file mode 100644
index 0000000..c62a730
--- /dev/null
+++ b/patches/01_fix-undeclared-symbols-without-OPENSSL_EXTRA.patch
@@ -0,0 +1,359 @@
+From: Patrick McDermott <patrick.mcdermott@libiquity.com>
+Subject: Fix undeclared symbols without OPENSSL_EXTRA
+
+diff -Naur src.orig/lib/vtls/wolfssl.c src/lib/vtls/wolfssl.c
+--- src.orig/lib/vtls/wolfssl.c 2020-12-07 03:24:14.000000000 -0500
++++ src/lib/vtls/wolfssl.c 2021-01-03 03:05:41.990032879 -0500
+@@ -93,8 +93,8 @@
+ #endif
+
+ struct ssl_backend_data {
+- SSL_CTX* ctx;
+- SSL* handle;
++ WOLFSSL_CTX* ctx;
++ WOLFSSL* handle;
+ };
+
+ static Curl_recv wolfssl_recv;
+@@ -204,11 +204,11 @@
+ static int do_file_type(const char *type)
+ {
+ if(!type || !type[0])
+- return SSL_FILETYPE_PEM;
++ return WOLFSSL_FILETYPE_PEM;
+ if(strcasecompare(type, "PEM"))
+- return SSL_FILETYPE_PEM;
++ return WOLFSSL_FILETYPE_PEM;
+ if(strcasecompare(type, "DER"))
+- return SSL_FILETYPE_ASN1;
++ return WOLFSSL_FILETYPE_ASN1;
+ return -1;
+ }
+
+@@ -224,7 +224,7 @@
+ struct Curl_easy *data = conn->data;
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ struct ssl_backend_data *backend = connssl->backend;
+- SSL_METHOD* req_method = NULL;
++ WOLFSSL_METHOD* req_method = NULL;
+ curl_socket_t sockfd = conn->sock[sockindex];
+ #ifdef HAVE_SNI
+ bool sni = FALSE;
+@@ -247,17 +247,17 @@
+ case CURL_SSLVERSION_TLSv1:
+ #if LIBWOLFSSL_VERSION_HEX >= 0x03003000 /* >= 3.3.0 */
+ /* minimum protocol version is set later after the CTX object is created */
+- req_method = SSLv23_client_method();
++ req_method = wolfSSLv23_client_method();
+ #else
+ infof(data, "wolfSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, "
+ "TLS 1.0 is used exclusively\n");
+- req_method = TLSv1_client_method();
++ req_method = wolfTLSv1_client_method();
+ #endif
+ use_sni(TRUE);
+ break;
+ case CURL_SSLVERSION_TLSv1_0:
+ #ifdef WOLFSSL_ALLOW_TLSV10
+- req_method = TLSv1_client_method();
++ req_method = wolfTLSv1_client_method();
+ use_sni(TRUE);
+ #else
+ failf(data, "wolfSSL does not support TLS 1.0");
+@@ -265,11 +265,11 @@
+ #endif
+ break;
+ case CURL_SSLVERSION_TLSv1_1:
+- req_method = TLSv1_1_client_method();
++ req_method = wolfTLSv1_1_client_method();
+ use_sni(TRUE);
+ break;
+ case CURL_SSLVERSION_TLSv1_2:
+- req_method = TLSv1_2_client_method();
++ req_method = wolfTLSv1_2_client_method();
+ use_sni(TRUE);
+ break;
+ case CURL_SSLVERSION_TLSv1_3:
+@@ -283,7 +283,7 @@
+ #endif
+ case CURL_SSLVERSION_SSLv3:
+ #ifdef WOLFSSL_ALLOW_SSLV3
+- req_method = SSLv3_client_method();
++ req_method = wolfSSLv3_client_method();
+ use_sni(FALSE);
+ #else
+ failf(data, "wolfSSL does not support SSLv3");
+@@ -304,8 +304,8 @@
+ }
+
+ if(backend->ctx)
+- SSL_CTX_free(backend->ctx);
+- backend->ctx = SSL_CTX_new(req_method);
++ wolfSSL_CTX_free(backend->ctx);
++ backend->ctx = wolfSSL_CTX_new(req_method);
+
+ if(!backend->ctx) {
+ failf(data, "SSL: couldn't create a context!");
+@@ -338,7 +338,7 @@
+
+ ciphers = SSL_CONN_CONFIG(cipher_list);
+ if(ciphers) {
+- if(!SSL_CTX_set_cipher_list(backend->ctx, ciphers)) {
++ if(!wolfSSL_CTX_set_cipher_list(backend->ctx, ciphers)) {
+ failf(data, "failed setting cipher list: %s", ciphers);
+ return CURLE_SSL_CIPHER;
+ }
+@@ -348,7 +348,7 @@
+ #ifndef NO_FILESYSTEM
+ /* load trusted cacert */
+ if(SSL_CONN_CONFIG(CAfile)) {
+- if(1 != SSL_CTX_load_verify_locations(backend->ctx,
++ if(1 != wolfSSL_CTX_load_verify_locations(backend->ctx,
+ SSL_CONN_CONFIG(CAfile),
+ SSL_CONN_CONFIG(CApath))) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
+@@ -382,7 +382,7 @@
+ if(SSL_SET_OPTION(primary.clientcert) && SSL_SET_OPTION(key)) {
+ int file_type = do_file_type(SSL_SET_OPTION(cert_type));
+
+- if(SSL_CTX_use_certificate_file(backend->ctx,
++ if(wolfSSL_CTX_use_certificate_file(backend->ctx,
+ SSL_SET_OPTION(primary.clientcert),
+ file_type) != 1) {
+ failf(data, "unable to use client certificate (no key or wrong pass"
+@@ -391,7 +391,7 @@
+ }
+
+ file_type = do_file_type(SSL_SET_OPTION(key_type));
+- if(SSL_CTX_use_PrivateKey_file(backend->ctx, SSL_SET_OPTION(key),
++ if(wolfSSL_CTX_use_PrivateKey_file(backend->ctx, SSL_SET_OPTION(key),
+ file_type) != 1) {
+ failf(data, "unable to set private key");
+ return CURLE_SSL_CONNECT_ERROR;
+@@ -403,9 +403,9 @@
+ * fail to connect if the verification fails, or if it should continue
+ * anyway. In the latter case the result of the verification is checked with
+ * SSL_get_verify_result() below. */
+- SSL_CTX_set_verify(backend->ctx,
+- SSL_CONN_CONFIG(verifypeer)?SSL_VERIFY_PEER:
+- SSL_VERIFY_NONE,
++ wolfSSL_CTX_set_verify(backend->ctx,
++ SSL_CONN_CONFIG(verifypeer)?WOLFSSL_VERIFY_PEER:
++ WOLFSSL_VERIFY_NONE,
+ NULL);
+
+ #ifdef HAVE_SNI
+@@ -455,8 +455,8 @@
+
+ /* Let's make an SSL structure */
+ if(backend->handle)
+- SSL_free(backend->handle);
+- backend->handle = SSL_new(backend->ctx);
++ wolfSSL_free(backend->handle);
++ backend->handle = wolfSSL_new(backend->ctx);
+ if(!backend->handle) {
+ failf(data, "SSL: couldn't create a context (handle)!");
+ return CURLE_OUT_OF_MEMORY;
+@@ -482,7 +482,7 @@
+
+ if(wolfSSL_UseALPN(backend->handle, protocols,
+ (unsigned)strlen(protocols),
+- WOLFSSL_ALPN_CONTINUE_ON_MISMATCH) != SSL_SUCCESS) {
++ WOLFSSL_ALPN_CONTINUE_ON_MISMATCH) != WOLFSSL_SUCCESS) {
+ failf(data, "SSL: failed setting ALPN protocols");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+@@ -507,11 +507,11 @@
+ Curl_ssl_sessionid_lock(conn);
+ if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL, sockindex)) {
+ /* we got a session id, use it! */
+- if(!SSL_set_session(backend->handle, ssl_sessionid)) {
++ if(!wolfSSL_set_session(backend->handle, ssl_sessionid)) {
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
+ Curl_ssl_sessionid_unlock(conn);
+- failf(data, "SSL: SSL_set_session failed: %s",
+- ERR_error_string(SSL_get_error(backend->handle, 0),
++ failf(data, "SSL: wolfSSL_set_session failed: %s",
++ ERR_error_string(wolfSSL_get_error(backend->handle, 0),
+ error_buffer));
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+@@ -522,8 +522,8 @@
+ }
+
+ /* pass the raw socket into the SSL layer */
+- if(!SSL_set_fd(backend->handle, (int)sockfd)) {
+- failf(data, "SSL: SSL_set_fd failed");
++ if(!wolfSSL_set_fd(backend->handle, (int)sockfd)) {
++ failf(data, "SSL: wolfSSL_set_fd failed");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+
+@@ -561,11 +561,11 @@
+ /* Enable RFC2818 checks */
+ if(SSL_CONN_CONFIG(verifyhost)) {
+ ret = wolfSSL_check_domain_name(backend->handle, hostname);
+- if(ret == SSL_FAILURE)
++ if(ret == WOLFSSL_FAILURE)
+ return CURLE_OUT_OF_MEMORY;
+ }
+
+- ret = SSL_connect(backend->handle);
++ ret = wolfSSL_connect(backend->handle);
+
+ #ifdef OPENSSL_EXTRA
+ if(Curl_tls_keylog_enabled()) {
+@@ -580,7 +580,7 @@
+ * Note that OpenSSL SSL_want_read() is always true here. If wolfSSL ever
+ * changes, the worst case is that no key is logged on error.
+ */
+- if(ret == SSL_SUCCESS ||
++ if(ret == WOLFSSL_SUCCESS ||
+ (!wolfSSL_want_read(backend->handle) &&
+ !wolfSSL_want_write(backend->handle))) {
+ wolfssl_log_tls12_secret(backend->handle);
+@@ -593,13 +593,13 @@
+
+ if(ret != 1) {
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
+- int detail = SSL_get_error(backend->handle, ret);
++ int detail = wolfSSL_get_error(backend->handle, ret);
+
+- if(SSL_ERROR_WANT_READ == detail) {
++ if(WOLFSSL_ERROR_WANT_READ == detail) {
+ connssl->connecting_state = ssl_connect_2_reading;
+ return CURLE_OK;
+ }
+- else if(SSL_ERROR_WANT_WRITE == detail) {
++ else if(WOLFSSL_ERROR_WANT_WRITE == detail) {
+ connssl->connecting_state = ssl_connect_2_writing;
+ return CURLE_OK;
+ }
+@@ -647,7 +647,7 @@
+ }
+ #endif
+ else {
+- failf(data, "SSL_connect failed with error %d: %s", detail,
++ failf(data, "wolfSSL_connect failed with error %d: %s", detail,
+ ERR_error_string(detail, error_buffer));
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+@@ -662,7 +662,7 @@
+ struct Curl_asn1Element *pubkey;
+ CURLcode result;
+
+- x509 = SSL_get_peer_certificate(backend->handle);
++ x509 = wolfSSL_get_peer_certificate(backend->handle);
+ if(!x509) {
+ failf(data, "SSL: failed retrieving server certificate");
+ return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
+@@ -706,7 +706,7 @@
+
+ rc = wolfSSL_ALPN_GetProtocol(backend->handle, &protocol, &protocol_len);
+
+- if(rc == SSL_SUCCESS) {
++ if(rc == WOLFSSL_SUCCESS) {
+ infof(data, "ALPN, server accepted to use %.*s\n", protocol_len,
+ protocol);
+
+@@ -726,7 +726,7 @@
+ Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ?
+ BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
+ }
+- else if(rc == SSL_ALPN_NOT_FOUND)
++ else if(rc == WOLFSSL_ALPN_NOT_FOUND)
+ infof(data, "ALPN, server did not agree to a protocol\n");
+ else {
+ failf(data, "ALPN, failure getting protocol, error %d", rc);
+@@ -761,10 +761,10 @@
+
+ if(SSL_SET_OPTION(primary.sessionid)) {
+ bool incache;
+- SSL_SESSION *our_ssl_sessionid;
++ WOLFSSL_SESSION *our_ssl_sessionid;
+ void *old_ssl_sessionid = NULL;
+
+- our_ssl_sessionid = SSL_get_session(backend->handle);
++ our_ssl_sessionid = wolfSSL_get_session(backend->handle);
+
+ Curl_ssl_sessionid_lock(conn);
+ incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL,
+@@ -805,15 +805,15 @@
+ struct ssl_backend_data *backend = connssl->backend;
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
+ int memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len;
+- int rc = SSL_write(backend->handle, mem, memlen);
++ int rc = wolfSSL_write(backend->handle, mem, memlen);
+
+ if(rc < 0) {
+- int err = SSL_get_error(backend->handle, rc);
++ int err = wolfSSL_get_error(backend->handle, rc);
+
+ switch(err) {
+- case SSL_ERROR_WANT_READ:
+- case SSL_ERROR_WANT_WRITE:
+- /* there's data pending, re-invoke SSL_write() */
++ case WOLFSSL_ERROR_WANT_READ:
++ case WOLFSSL_ERROR_WANT_WRITE:
++ /* there's data pending, re-invoke wolfSSL_write() */
+ *curlcode = CURLE_AGAIN;
+ return -1;
+ default:
+@@ -833,12 +833,12 @@
+ struct ssl_backend_data *backend = connssl->backend;
+
+ if(backend->handle) {
+- (void)SSL_shutdown(backend->handle);
+- SSL_free(backend->handle);
++ (void)wolfSSL_shutdown(backend->handle);
++ wolfSSL_free(backend->handle);
+ backend->handle = NULL;
+ }
+ if(backend->ctx) {
+- SSL_CTX_free(backend->ctx);
++ wolfSSL_CTX_free(backend->ctx);
+ backend->ctx = NULL;
+ }
+ }
+@@ -853,17 +853,17 @@
+ struct ssl_backend_data *backend = connssl->backend;
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
+ int buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize;
+- int nread = SSL_read(backend->handle, buf, buffsize);
++ int nread = wolfSSL_read(backend->handle, buf, buffsize);
+
+ if(nread < 0) {
+- int err = SSL_get_error(backend->handle, nread);
++ int err = wolfSSL_get_error(backend->handle, nread);
+
+ switch(err) {
+- case SSL_ERROR_ZERO_RETURN: /* no more data */
++ case WOLFSSL_ERROR_ZERO_RETURN: /* no more data */
+ break;
+- case SSL_ERROR_WANT_READ:
+- case SSL_ERROR_WANT_WRITE:
+- /* there's data pending, re-invoke SSL_read() */
++ case WOLFSSL_ERROR_WANT_READ:
++ case WOLFSSL_ERROR_WANT_WRITE:
++ /* there's data pending, re-invoke wolfSSL_read() */
+ *curlcode = CURLE_AGAIN;
+ return -1;
+ default:
+@@ -900,7 +900,7 @@
+ #ifdef OPENSSL_EXTRA
+ Curl_tls_keylog_open();
+ #endif
+- return (wolfSSL_Init() == SSL_SUCCESS);
++ return (wolfSSL_Init() == WOLFSSL_SUCCESS);
+ }
+
+
+@@ -919,7 +919,7 @@
+ const struct ssl_connect_data *connssl = &conn->ssl[connindex];
+ struct ssl_backend_data *backend = connssl->backend;
+ if(backend->handle) /* SSL is in use */
+- return (0 != SSL_pending(backend->handle)) ? TRUE : FALSE;
++ return (0 != wolfSSL_pending(backend->handle)) ? TRUE : FALSE;
+ else
+ return FALSE;
+ }