diff --git a/.gitmodules b/.gitmodules index f03308d506e..97045b8acd8 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,6 @@ [submodule "pkg/docker"] path = pkg/docker url = https://github.com/kamailio/kamailio-ci.git +[submodule "src/modules/tls_wolfssl/lib/wolfssl"] + path = src/modules/tls_wolfssl/lib/wolfssl + url = https://github.com/wolfSSL/wolfssl.git diff --git a/src/modules/tls_wolfssl/.gitignore b/src/modules/tls_wolfssl/.gitignore new file mode 100644 index 00000000000..e47da6ecbc4 --- /dev/null +++ b/src/modules/tls_wolfssl/.gitignore @@ -0,0 +1,4 @@ +lib/lib +lib/include +lib/bin +lib/share diff --git a/src/modules/tls_wolfssl/Makefile b/src/modules/tls_wolfssl/Makefile index 1238319597d..3f1ecd0caa8 100644 --- a/src/modules/tls_wolfssl/Makefile +++ b/src/modules/tls_wolfssl/Makefile @@ -8,74 +8,41 @@ include ../../Makefile.defs auto_gen= NAME=tls_wolfssl.so -# set to yes when wanting to link with static libraries -LIBSSL_STATIC ?= no -# set to yes when wanting to link with static libraries compiled from source -LIBSSL_STATIC_SRCLIB ?= no -# set to the path of the folder with static libraries compiled from source -LIBSSL_STATIC_SRCPATH ?= /usr/local/src/openssl +LIBS += lib/lib/libwolfssl.a +DEFS += -I./lib/include/ -ifeq ($(CROSS_COMPILE),) -WOLFSSL_BUILDER=$(shell \ - if pkg-config --exists wolfssl; then \ - echo 'pkg-config wolfssl'; \ - fi) -endif - -ifneq ($(WOLFSSL_BUILDER),) - -ifneq ($(WOLFSSL_STATIC),yes) - DEFS += $(shell $(WOLFSSL_BUILDER) --cflags) - LIBS += $(shell $(WOLFSSL_BUILDER) --libs) - -else # $(WOLFSSL_STATIC),yes) - - DEFS += -DKSR_WOLFSSL_STATIC - -ifneq ($(WOLFSSL_STATIC_SRCLIB),yes) - ## when static libs (*.a) from packages are compiled with -fPIC - DEFS += $(shell $(WOLFSSL_BUILDER) --cflags) - LIBS += $(shell $(WOLFSSL_BUILDER) --libs-only-L) - # TODO: explore use of LIBS += -Wl,-Bstatic $(shell $(SSL_BUILDER) --libs-only-l) - LIBS += -l:libwolfssl.a -l:libz.a -l:libdl.a -else - ## when linking against static libs compiled from sources - DEFS += -I$(WOLFSSL_STATIC_SRCPATH)/include - LIBS += $(WOLFSSL_STATIC_SRCPATH)/libwolfssl.a -endif # ifneq ($(WOLFSSL_STATIC_SRCLIB),yes) - -endif # ifneq ($(WOLFSSL_STATIC),yes) - -else # ifneq ($(SSL_BUILDER),) - - DEFS += -I$(LOCALBASE)/wolfssl/include - LIBS += -L$(LOCALBASE)/lib \ - -L$(LOCALBASE)/lib64 \ - -lwolfssl -endif # ifneq ($(SSL_BUILDER),) - -LIBS+= $(TLS_EXTRA_LIBS) - -# dcm: tls.cfg installed via local 'install-cfg' to update paths -#MOD_INSTALL_CFGS=tls.cfg include ../../Makefile.modules - -install-tls-cert: $(cfg_prefix)/$(cfg_dir) - MAIN_NAME=$(MAIN_NAME) ./tls_cert.sh -d $(cfg_prefix)/$(cfg_dir) - -install-cfg: - @if ! [ -d $(cfg_prefix)/$(cfg_dir) ]; then \ - mkdir -p "$(cfg_prefix)/$(cfg_dir)" ; \ - fi - @$(call try_err, $(INSTALL_TOUCH) \ - "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" ) - @sed -e "s#\/usr/local/etc/kamailio/#$(cfg_target)#g" \ - -e "s#kamailio-selfsigned#$(MAIN_NAME)-selfsigned#g" \ - < ./tls.cfg > "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" - @if [ -z "${skip_cfg_install}" -a \ - ! -f "$(cfg_prefix)/$(cfg_dir)tls.cfg" ]; then \ - mv -f "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" \ - "$(cfg_prefix)/$(cfg_dir)tls.cfg" ; \ - fi - +SOURCES := $(shell ls *.c) +OBJECTS = $(SOURCES:.c=.o) +MOD_DIR := $(shell pwd) + +$(OBJECTS): lib/lib/libwolfssl.a + +lib/lib/libwolfssl.a: + @cd ./lib/wolfssl; \ + if [ ! -f "configure" ]; then \ + ./autogen.sh; \ + fi; \ + if [ ! -f "Makefile" ]; then \ + env -u DEFS -u CFLAGS -u LDFLAGS -u LIBS EXTRA_CFLAGS="-g -fPIC" ./configure \ + --enable-all --enable-pkcs11 --enable-static --enable-aligndata=no \ + --disable-shared --disable-silent-rules --disable-examples \ + --prefix=$(MOD_DIR)/lib \ + --exec-prefix=$(MOD_DIR)/lib; \ + sed -i s/-Werror// Makefile; \ + fi; + @$(MAKE) -C ./lib/wolfssl install + +$(NAME): lib/lib/libwolfssl.a + +clean-wolfssl: + @rm -rf ./lib/{bin,include,share,lib}; \ + cd ./lib/wolfssl; make clean || /bin/true + +clean-module: + @rm -f *.o *.so + +clean-all: clean-wolfssl clean-module + +.PHONY: clean-wolfssl clean-module clean-all diff --git a/src/modules/tls_wolfssl/lib/wolfssl b/src/modules/tls_wolfssl/lib/wolfssl new file mode 160000 index 00000000000..e722c15be86 --- /dev/null +++ b/src/modules/tls_wolfssl/lib/wolfssl @@ -0,0 +1 @@ +Subproject commit e722c15be860794179082a05d09e6a90dc77ccf0 diff --git a/src/modules/tls_wolfssl/tls_init.c b/src/modules/tls_wolfssl/tls_init.c index 5a468525c61..c18050bf529 100644 --- a/src/modules/tls_wolfssl/tls_init.c +++ b/src/modules/tls_wolfssl/tls_init.c @@ -215,7 +215,27 @@ static void* ser_realloc(void *ptr, size_t size, const char* file, int line) } #else /*TLS_MALLOC_DBG */ +static void* ser_malloc(size_t size) +{ + return shm_malloc(size); + +} + +static void* ser_realloc(void *ptr, size_t size) +{ + return shm_realloc(ptr, size); + +} +#endif +static void ser_free(void *ptr) +{ + if (ptr) { + shm_free(ptr); + } +} + +#if 0 // up align memory allocations to 16 bytes for // wolfSSL --enable-aligndata=yes (the default) static const int MAX_ALIGN = __alignof__(max_align_t); @@ -245,7 +265,6 @@ static void* ser_realloc(void *ptr, size_t new_size) return new_ptr + new_pad; } -#endif /* LIBRESSL_VERSION_NUMBER */ static void ser_free(void *ptr) { @@ -254,7 +273,7 @@ static void ser_free(void *ptr) shm_free((unsigned char*)ptr - pad); } } - +#endif /* * Initialize TLS socket diff --git a/src/modules/tls_wolfssl/tls_server.c b/src/modules/tls_wolfssl/tls_server.c index fa12c399df8..30162cc13e3 100644 --- a/src/modules/tls_wolfssl/tls_server.c +++ b/src/modules/tls_wolfssl/tls_server.c @@ -309,7 +309,7 @@ static int tls_complete_init(struct tcp_connection* c) error: atomic_dec(&cfg->ref_count); if (data) shm_free(data); -error2: + return -1; }