mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-04 00:00:14 -04:00
eae30af029
The 5.4.0 update changed the default bignum implementation to what could explicitly be enabled via `--enable-sp-math-all`. Since this uses fixed-sized buffers sufficient for key sizes of SP_INT_BITS, with a default of 4096, modp6144 and modp8192 didn't work anymore (wc_DhGenerateKeyPair() returned MP_EXPTMOD_E). So we have to adapt the feature checks for this. To support the larger DH groups we can either increase the buffer size via `--with-max-rsa-bits` or add `--enable-heapmath` so buffers get (re-)allocated as needed. We go with the latter for now.
53 lines
1.1 KiB
Makefile
53 lines
1.1 KiB
Makefile
#!/usr/bin/make
|
|
|
|
PKG = wolfssl
|
|
SRC = https://github.com/wolfSSL/$(PKG).git
|
|
REV = v5.4.0-stable
|
|
|
|
NUM_CPUS := $(shell getconf _NPROCESSORS_ONLN)
|
|
|
|
CFLAGS = \
|
|
-DWOLFSSL_PUBLIC_MP \
|
|
-DWOLFSSL_DES_ECB \
|
|
-DHAVE_AES_ECB \
|
|
-DHAVE_ECC_BRAINPOOL \
|
|
-DWOLFSSL_MIN_AUTH_TAG_SZ=8
|
|
|
|
CONFIG_OPTS = \
|
|
--disable-crypttests \
|
|
--disable-examples \
|
|
--enable-silent-rules \
|
|
--enable-aesccm \
|
|
--enable-aesctr \
|
|
--enable-aescfb \
|
|
--enable-camellia \
|
|
--enable-curve25519 \
|
|
--enable-curve448 \
|
|
--enable-des3 \
|
|
--enable-ecccustcurves \
|
|
--enable-ed25519 \
|
|
--enable-ed448 \
|
|
--enable-heapmath \
|
|
--enable-keygen \
|
|
--enable-md4 \
|
|
--enable-rsapss \
|
|
--enable-sha3 \
|
|
--enable-shake256
|
|
|
|
all: install
|
|
|
|
.$(PKG)-cloned:
|
|
[ -d $(PKG) ] || git clone $(SRC) $(PKG)
|
|
@touch $@
|
|
|
|
.$(PKG)-checkout-$(REV): .$(PKG)-cloned
|
|
cd $(PKG) && git fetch --tags && git checkout $(REV)
|
|
@rm -f .$(PKG)-checkout-* && touch $@
|
|
|
|
.$(PKG)-built-$(REV): .$(PKG)-checkout-$(REV)
|
|
cd $(PKG) && ./autogen.sh && ./configure C_FLAGS="$(CFLAGS)" $(CONFIG_OPTS) && make -j $(NUM_CPUS)
|
|
@rm -f .$(PKG)-built-* && touch $@
|
|
|
|
install: .$(PKG)-built-$(REV)
|
|
cd $(PKG) && make install && ldconfig
|