curl-library
WolfSSL version problems
Date: Thu, 26 Mar 2015 18:49:16 +0100
CyaSSL was renamed to WolfSSL some time ago. Libcurl and
vtls/cyassl.c seems to suffer from this. I got the message:
* CyaSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, TLS 1.0
is used exclusively
because of this:
#if (LIBCYASSL_VERSION_HEX >= 0x03003000) /* 3.3.0 */
My CyaSSL/version.h has only:
#define LIBWOLFSSL_VERSION_HEX 0x03004004
So I think it's better to patch that like:
--- a/vtls/cyassl.c 2015-03-25 23:39:26 +0000
+++ b/vtls/cyassl.c 2015-03-26 18:31:30 +0000
@@ -94,7 +94,8 @@
switch(data->set.ssl.version) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
-#if LIBCYASSL_VERSION_HEX >= 0x03003000 /* 3.3.0 */
+#if (LIBWOLFSSL_VERSION_HEX >= 0x03003000) || \
+ (LIBCYASSL_VERSION_HEX >= 0x03003000) /* 3.3.0 */
/* the minimum version is set later after the SSL object is created */
req_method = SSLv23_client_method();
#else
---------
But there are more problems. With:
curl -v https://www.ssllabs.com/ssltest/viewMyClient.html
I get:
* subject alt name(s) or common name do not match "www.ssllabs.com"
I see no problem with the CERT from a trace to www.ssllabs.com.
Or in Google Chrome. Adding a '-k' helps though.
-- --gv ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2015-03-26