diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2020-10-26 21:14:09 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2020-10-26 22:12:39 -0400 |
commit | 17d8d9c919117ecd7747e91226c864fcccaab2b1 (patch) | |
tree | 3b5ec082c56dabc33ff61705319a1aace4f1e0e5 /configure.ac | |
parent | 1221bd6e40b7d595f4f900952bcdbb535e56ef9f (diff) | |
download | lighttpd-git-17d8d9c919117ecd7747e91226c864fcccaab2b1.tar.gz |
[mod_wolfssl] cripple SNI if not built OPENSSL_ALL
crippled functionality if wolfssl library not built --enable-opensslall
* SNI not handled since SNI callbacks are disabled in wolfSSL library
unless the wolfSSL library is built with --enable-openssall
This means that there is only one certificate per listening socket --
no certificate selection based on server name indication (SNI)
and is additionally a violation of the HTTP/2 specification,
which requires SNI.
slightly reduced functionality if wolfssl not built --enable-opensslall
* disable client certificate verification (error out if in lighttpd.conf)
* omit SSL_CIPHER_USEKEYSIZE, SSL_CIPHER_ALGKEYSIZE env vars
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index e6661867..1a6918c1 100644 --- a/configure.ac +++ b/configure.ac @@ -742,7 +742,7 @@ if test "$WITH_WOLFSSL" != no; then ) AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ #include <wolfssl/options.h> - #if !defined(HAVE_LIGHTY) && !defined(OPENSSL_ALL) + #if !defined(HAVE_LIGHTY) && !defined(OPENSSL_EXTRA) #error HAVE_LIGHTY macro not defined #endif ]])], [], [AC_MSG_ERROR([wolfssl must be built with ./configure --enable-lighty])]) |