mirror of https://github.com/hak5/openwrt.git
libs/wolfssl: disable hardening check in `settings.h`
This seems to cause a false-positive warning/error while building `libwebsockets-cyassl`. ``` make[6]: Leaving directory '/home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1' make[6]: Entering directory '/home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1' [ 2%] Building C object CMakeFiles/websockets.dir/lib/base64-decode.c.o In file included from /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/wolfssl/ssl.h:31:0, from /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/cyassl/ssl.h:33, from /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/cyassl/openssl/ssl.h:30, from /home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1/lib/private-libwebsockets.h:256, from /home/sandu/work/lede/build_dir/target-x86_64_musl/libwebsockets-cyassl/libwebsockets-2.2.1/lib/base64-decode.c:43: /home/sandu/work/lede/staging_dir/target-x86_64_musl/usr/include/wolfssl/wolfcrypt/settings.h:1642:14: error: #warning "For timing resistance / side-channel attack prevention consider using harden options" [-Werror=cpp] #warning "For timing resistance / side-channel attack prevention consider using harden options" ``` Hardening is enabled by default in libwolfssl at build-time. However, the `settings.h` header is exported (along with other headers) for build (via Build/InstallDev). This looks like a small bug/issue with wolfssl. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>openwrt-18.06
parent
d03c23c8d4
commit
8334a23679
|
@ -0,0 +1,13 @@
|
|||
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
|
||||
index 039c238..73537e0 100644
|
||||
--- a/wolfssl/wolfcrypt/settings.h
|
||||
+++ b/wolfssl/wolfcrypt/settings.h
|
||||
@@ -1633,7 +1633,7 @@ extern void uITRON4_free(void *p) ;
|
||||
#endif
|
||||
|
||||
/* warning for not using harden build options (default with ./configure) */
|
||||
-#ifndef WC_NO_HARDEN
|
||||
+#if 0
|
||||
#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
|
||||
(defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
|
||||
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
|
Loading…
Reference in New Issue