WolfSSL and SHA256_DIGEST_LENGTH in vtls.h #1865

gvanem opened this Issue Sep 5, 2017 · 4 comments


None yet
3 participants

gvanem commented Sep 5, 2017

When building with USE_CYASSL and a recent WolfSSL, I get a compile error in vtls/cyassl.c (from MSVC):

  error C2059: syntax error: 'constant'

due to the enum in WolfSSL's openssl/sha.h:

enum {

and the fact vtls/vtls.h precedes openssl/sha.h.

Looking at the history of openssl/sha.h. it's not clear to me at which version this change was done.
But maybe libcurl could just do:

--- a/lib/vtls/vtls.h 2017-08-29 08:46:39
+++ b/lib/vtls/vtls.h 2017-09-05 16:05:09
@@ -116,7 +116,14 @@
 #define MD5_DIGEST_LENGTH 16 /* fixed size */

+#if !defined(SHA256_DIGEST_LENGTH) && !(defined(USE_CYASSL) && (LIBCYASSL_VERSION_HEX >= 0x03012000))
+ * in WolfSSL's <openssl/sha.h> 3.12+, an enum is used:
+ *  enum {
+ *    SHA256_DIGEST_LENGTH = 32
+ * };
+ *
+ */
 #define SHA256_DIGEST_LENGTH 32 /* fixed size */

bagder commented Sep 6, 2017

It seems they did this change in this commit.


jay commented Sep 6, 2017

hm that's a while ago. I have built more recent versions (but not yet the latest version) and haven't had this problem, I wonder why. How exactly are you building?


bagder commented Sep 6, 2017

I too get a build error with wolfssl 3.12, but with @gvanem's fix I get this:

vtls/vtls.h:119:65: error: "LIBCYASSL_VERSION_HEX" is not defined, evaluates to 0 [-Werror=undef]
 #if !defined(SHA256_DIGEST_LENGTH) && !(defined(USE_CYASSL) && (LIBCYASSL_VERSION_HEX >= 0x03012000))

@bagder bagder referenced this issue in wolfSSL/wolfssl Sep 6, 2017


name space violation #1133

bagder added a commit that referenced this issue Sep 6, 2017

vtls: switch to CURL_SHA256_DIGEST_LENGTH define
... instead of the prefix-less version since WolfSSL 3.12 now uses an
enum with that name that causes build failures for us.

Fixes #1865
Reported-by: Gisle Vanem

bagder commented Sep 6, 2017

My suggestion is probably to instead switch to use another define, provided in #1867. It avoids having to add wolfssl-specific checks to the generic vtls source files.

@bagder bagder closed this in 4bb80d5 Sep 7, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment