wolfSSL updates

CMakeLists.txt

@@ -404,6 +404,7 @@ if (LWS_WITH_SSL AND LWS_WITH_WOLFSSL)
 		set(WOLFSSL_FOUND 1)
 	endif()
 	set(USE_WOLFSSL 1)
+	set(LWS_WITH_TLS 1)
 	if (LWS_WITH_CYASSL)
 		set(USE_OLD_CYASSL 1)
 	endif()

lib/libwebsockets.h

@@ -182,9 +182,30 @@ typedef unsigned long long lws_intptr_t;
 
 #ifdef USE_WOLFSSL
 #ifdef USE_OLD_CYASSL
+#ifdef _WIN32
+/*
+ * Include user-controlled settings for windows from
+ * <wolfssl-root>/IDE/WIN/user_settings.h
+ */
+#include <IDE/WIN/user_settings.h>
+#include <cyassl/ctaocrypt/settings.h>
+#else
+#include <cyassl/options.h>
+#endif
 #include <cyassl/openssl/ssl.h>
 #include <cyassl/error-ssl.h>
+
 #else
+#ifdef _WIN32
+/*
+ * Include user-controlled settings for windows from
+ * <wolfssl-root>/IDE/WIN/user_settings.h
+ */
+#include <IDE/WIN/user_settings.h>
+#include <wolfssl/wolfcrypt/settings.h>
+#else
+#include <wolfssl/options.h>
+#endif
 #include <wolfssl/openssl/ssl.h>
 #include <wolfssl/error-ssl.h>
 #endif /* not USE_OLD_CYASSL */

lib/tls/openssl/openssl-server.c

@@ -181,9 +181,17 @@ lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
 		 * The passed memory-buffer cert image is in DER, and the
 		 * memory-buffer private key image is PEM.
 		 */
+#ifndef USE_WOLFSSL
 		if (SSL_CTX_use_certificate_ASN1(vhost->ssl_ctx,
 						 (int)len_mem_cert,
 						 (uint8_t *)mem_cert) != 1) {
+#else
+		if (wolfSSL_CTX_use_certificate_buffer(vhost->ssl_ctx,
+						 (uint8_t *)mem_cert,
+						 (int)len_mem_cert,
+						 WOLFSSL_FILETYPE_ASN1) != 1) {
+
+#endif
 			lwsl_err("Problem loading update cert\n");
 
 			return 1;
@@ -196,8 +204,13 @@ lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
 
 			return 1;
 		}
+#ifndef USE_WOLFSSL
 		if (SSL_CTX_use_PrivateKey_ASN1(EVP_PKEY_RSA, vhost->ssl_ctx,
 						p, (long)(long long)flen) != 1) {
+#else
+		if (wolfSSL_CTX_use_PrivateKey_buffer(vhost->ssl_ctx,
+						p, flen, WOLFSSL_FILETYPE_ASN1) != 1) {
+#endif
 			lwsl_notice("unable to use memory privkey\n");
 
 			return 1;

lib/tls/openssl/ssl.c

@@ -348,9 +348,15 @@ lws_ssl_info_callback(const SSL *ssl, int where, int ret)
 	struct lws_context *context;
 	struct lws_ssl_info si;
 
+#ifndef USE_WOLFSSL
 	context = (struct lws_context *)SSL_CTX_get_ex_data(
 					SSL_get_SSL_CTX(ssl),
 					openssl_SSL_CTX_private_data_index);
+#else
+	context = (struct lws_context *)SSL_CTX_get_ex_data(
+					SSL_get_SSL_CTX((SSL*) ssl),
+					openssl_SSL_CTX_private_data_index);
+#endif
 	if (!context)
 		return;
 	wsi = wsi_from_fd(context, SSL_get_fd(ssl));
@@ -596,6 +602,7 @@ lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
 
 	case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY:
 	{
+#ifndef USE_WOLFSSL
 		size_t klen = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), NULL);
 		uint8_t *tmp, *ptmp;
 
@@ -621,7 +628,7 @@ lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
 		buf->ns.len = (int)klen;
 		memcpy(buf->ns.name, tmp, klen);
 		OPENSSL_free(tmp);
-
+#endif
 		return 0;
 	}
 	default:

lib/tls/private.h

@@ -23,9 +23,21 @@
 
 #if defined(USE_WOLFSSL)
  #if defined(USE_OLD_CYASSL)
+  #if defined(_WIN32)
+   #include <IDE/WIN/user_settings.h>
+   #include <cyassl/ctaocrypt/settings.h>
+  #else
+   #include <cyassl/options.h>
+  #endif
   #include <cyassl/openssl/ssl.h>
   #include <cyassl/error-ssl.h>
  #else
+  #if defined(_WIN32)
+   #include <IDE/WIN/user_settings.h>
+   #include <wolfssl/wolfcrypt/settings.h>
+  #else
+   #include <wolfssl/options.h>
+  #endif
   #include <wolfssl/openssl/ssl.h>
   #include <wolfssl/error-ssl.h>
   #define OPENSSL_NO_TLSEXT
@@ -198,4 +210,4 @@ lws_context_init_client_ssl(const struct lws_context_creation_info *info,
 			    struct lws_vhost *vhost);
 
 LWS_EXTERN void
-lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret);
+lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret);