-
Notifications
You must be signed in to change notification settings - Fork 835
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Unable to fully disable AES with preprocessor flags #7984
Comments
The same problem happens in wolfssl/wolfssl/wolfcrypt/cryptocb.h Line 290 in c390047
|
Yet another problem I'm running into is that wolfssl/wolfssl/wolfcrypt/cryptocb.h Line 435 in c390047
wolfssl/wolfssl/wolfcrypt/cryptocb.h Line 651 in c390047
Is there another flag that turns off CMAC? |
Hello @rdmark How are you configuring wolfSSL? Also the netatalk branch you shared appears to be invalid. Thanks, |
My apologies, I have restored the branch now. Please try checking it out again. We are configuring WolfSSL within the Meson build system of our project. It's treated as an embedded library. See the flags listed starting at https://github.com/Netatalk/netatalk/blob/c9265a4674536dc404a664f60bb66433e3148ba8/meson_config.h#L710 |
Hi @rdmark How is wolfSSL picking up the config in https://github.com/Netatalk/netatalk/blob/c9265a4674536dc404a664f60bb66433e3148ba8/meson_config.h Can you build wolfSSL as a shared lib in docker then just link against it? That would also make updating to a new version much easier! Thanks, |
WolfSSL is built as the "ssl" module in libatalk. When the Thanks for the tip about Docker. In many instances this would be a good solution, I agree. However, our case is a little different. Our main "customers" are downstream package maintainers (FreeBSD, NetBSD, Fedora, Debian etc.) who take the tarball and integrate it with their packaging infrastructure for redistribution. The majority of distros out there aren't distributing packaged WolfSSL shared libraries (yet), which is why we decided to bundle it as an embedded library. Does this explain our current setup sufficiently? |
I was not able to reproduce the error using the instructions you shared:
I am building in Ubuntu. Is there some other config different from the instruction?
|
Ah of course, the branch I gave you actually contains the workaround for the issue, so of course you won’t see it… Please check out the commit right before and try again, for instance: https://github.com/Netatalk/netatalk/tree/5682070edbce472047943922cdc57aee74def7ea |
Contact Details
No response
Version
5.7.2
Description
I am trying to completely disable WolfSSL AES, to avoid conflicts with AES symbols in libnettle. This is when using WolfSSL as an embedded library in the Netatalk codebase.
I'm trying to disable AES in WolfSSL with these flags:
However, this particular macro in
evp.h
is still getting compiled, seemingly because bothHAVE_AESGCM
andHAVE_AESCCM
are still resolving to non-zero.wolfssl/wolfssl/openssl/evp.h
Line 516 in c390047
Reproduction steps
https://github.com/Netatalk/netatalk/tree/1430-nettle-and-wolfssl-both-define-aes_max_key_size
Relevant log output
The text was updated successfully, but these errors were encountered: