mirror of https://github.com/hak5/openwrt-owl.git
openssl: add option for NPN support
NPN has been superseded by ALPN so NPN is disabled by default The patch has been sent to OpenSSL for inclusion, see https://github.com/openssl/openssl/pull/1100 Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>owl
parent
eb4fc91a81
commit
0099748fd6
|
@ -25,6 +25,11 @@ config OPENSSL_WITH_COMPRESSION
|
|||
default n
|
||||
prompt "Enable compression support"
|
||||
|
||||
config OPENSSL_WITH_NPN
|
||||
bool
|
||||
default n
|
||||
prompt "Enable NPN support"
|
||||
|
||||
config OPENSSL_ENGINE_DIGEST
|
||||
bool
|
||||
depends on OPENSSL_ENGINE_CRYPTO
|
||||
|
|
|
@ -34,7 +34,8 @@ PKG_CONFIG_DEPENDS:= \
|
|||
CONFIG_OPENSSL_WITH_SSL3 \
|
||||
CONFIG_OPENSSL_HARDWARE_SUPPORT \
|
||||
CONFIG_OPENSSL_WITH_DEPRECATED \
|
||||
CONFIG_OPENSSL_WITH_COMPRESSION
|
||||
CONFIG_OPENSSL_WITH_COMPRESSION \
|
||||
CONFIG_OPENSSL_WITH_NPN
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
|
@ -131,6 +132,10 @@ else
|
|||
OPENSSL_OPTIONS += no-comp
|
||||
endif
|
||||
|
||||
ifndef CONFIG_OPENSSL_WITH_NPN
|
||||
OPENSSL_OPTIONS += no-nextprotoneg
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_x86_64),y)
|
||||
OPENSSL_TARGET:=linux-x86_64-openwrt
|
||||
OPENSSL_MAKEFLAGS += LIBDIR=lib
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
--- a/ssl/t1_ext.c
|
||||
+++ b/ssl/t1_ext.c
|
||||
@@ -275,7 +275,9 @@ int SSL_extension_supported(unsigned int
|
||||
case TLSEXT_TYPE_ec_point_formats:
|
||||
case TLSEXT_TYPE_elliptic_curves:
|
||||
case TLSEXT_TYPE_heartbeat:
|
||||
+# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
case TLSEXT_TYPE_next_proto_neg:
|
||||
+# endif
|
||||
case TLSEXT_TYPE_padding:
|
||||
case TLSEXT_TYPE_renegotiate:
|
||||
case TLSEXT_TYPE_server_name:
|
Loading…
Reference in New Issue