diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2018-10-07 20:07:03 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2018-10-07 20:10:14 -0400 |
commit | 0074b6d34294b2785a89aecd3fc48e4db5e0dd0a (patch) | |
tree | 30f462a1673bfa923c96359630ad7c147f04ee3c | |
parent | e9f223d35e523f4f7aa7173c1c51bee1769f7178 (diff) | |
download | lighttpd-git-0074b6d34294b2785a89aecd3fc48e4db5e0dd0a.tar.gz |
[mod_openssl] add support for wolfSSL
requires wolfSSL library version 3.15.3 or later
https://www.wolfssl.com/
https://github.com/wolfSSL/wolfssl
(thx dgarske)
x-ref:
"Adds support for building Lighttpd with wolfSSL"
https://github.com/lighttpd/lighttpd1.4/pull/92
-rw-r--r-- | src/mod_authn_file.c | 2 | ||||
-rw-r--r-- | src/mod_openssl.c | 14 | ||||
-rw-r--r-- | src/sys-crypto.h | 10 |
3 files changed, 26 insertions, 0 deletions
diff --git a/src/mod_authn_file.c b/src/mod_authn_file.c index 4c9afa6e..db1a241c 100644 --- a/src/mod_authn_file.c +++ b/src/mod_authn_file.c @@ -645,6 +645,7 @@ static handler_t mod_authn_file_htpasswd_basic(server *srv, connection *con, voi #endif #endif #ifdef USE_OPENSSL_CRYPTO /* (for MD4_*() (e.g. MD4_Update())) */ + #ifndef NO_MD4 /*(e.g. wolfSSL built without MD4)*/ if (0 == memcmp(password->ptr, CONST_STR_LEN("$1+ntlm$"))) { /* CRYPT-MD5-NTLM algorithm * This algorithm allows for the construction of (slight more) @@ -697,6 +698,7 @@ static handler_t mod_authn_file_htpasswd_basic(server *srv, connection *con, voi } else #endif + #endif { #if defined(HAVE_CRYPT_R) crypted = crypt_r(pw, password->ptr, &crypt_tmp_data); diff --git a/src/mod_openssl.c b/src/mod_openssl.c index 5a59246c..6774a5a6 100644 --- a/src/mod_openssl.c +++ b/src/mod_openssl.c @@ -10,6 +10,17 @@ #endif #endif +#include "sys-crypto.h" + +#ifdef HAVE_WOLFSSL_SSL_H +#include <openssl/bio.h> +#include <openssl/objects.h> +#include <openssl/pem.h> +#ifdef NO_OLD_SSL_NAMES +#define SSL_OP_NO_SSLv2 WOLFSSL_OP_NO_SSLv2 +#endif +#endif + #include <openssl/ssl.h> #include <openssl/bn.h> #include <openssl/err.h> @@ -108,6 +119,9 @@ handler_ctx_free (handler_ctx *hctx) INIT_FUNC(mod_openssl_init) { plugin_data_singleton = (plugin_data *)calloc(1, sizeof(plugin_data)); + #ifdef DEBUG_WOLFSSL + wolfSSL_Debugging_ON(); + #endif return plugin_data_singleton; } diff --git a/src/sys-crypto.h b/src/sys-crypto.h index f4ad9dc3..8158abac 100644 --- a/src/sys-crypto.h +++ b/src/sys-crypto.h @@ -6,4 +6,14 @@ #define USE_OPENSSL_CRYPTO #endif +#ifdef HAVE_WOLFSSL_SSL_H +#define USE_OPENSSL_CRYPTO +/* wolfSSL needs to be built with ./configure --enable-lighty for lighttpd. + * Doing so defines OPENSSL_EXTRA and HAVE_LIGHTY in <wolfssl/options.h>, and + * these defines are necessary for wolfSSL headers to expose sufficient openssl + * compatibility layer for wolfSSL to be able to provide an openssl substitute + * for use by lighttpd */ +#include <wolfssl/options.h> +#endif + #endif |