wget/ssl_helper: update to wolfssl-3.9.8

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2016-08-21 03:39:39 +02:00
parent 7b25b1c5b2
commit de3da6bf87
3 changed files with 52 additions and 0 deletions

View File

@ -0,0 +1,39 @@
#!/bin/sh
# How to configure & build a static wolfssl library
# suitable for static build of ssl_helper.
export CC="i686-gcc"
export CFLAGS="\
-Os \
-static \
-fomit-frame-pointer \
-falign-functions=1 -falign-labels=1 -falign-loops=1 -falign-jumps=1 \
-ffunction-sections -fdata-sections \
"
{
./configure \
--host="i686" \
--enable-static \
--enable-singlethreaded \
--disable-shared \
\
C_EXTRA_FLAGS="-DWOLFSSL_STATIC_RSA" \
|| exit $?
# The second group of options was added when "vanilla" config did not work.
# A good tool to debug problems is to try wolfssl's client tool, e.g.:
# examples/client/client -h www.google.com -p 443 -d -x
#
# configure has many other options, see ./configure --help
# --enable-ecc \
# --enable-sni \
#
# Also consult "wolfSSL - Embedded SSL Library Product Support Forums"
# for recent report of users having problems connecting.
make
} 2>&1 | tee "$0.log"

View File

@ -11,6 +11,13 @@ Build instructions:
* Drop this directory into wolfssl-3.6.8/ssl_helper
* Run ssl_helper.sh to compile and link the helper
* Unpack wolfssl-3.9.8.tar.gz from https://github.com/wolfSSL/wolfssl/releases
* Create configure:
./autogen.sh
* Build it: see 00cfg-wolfssl-3.9.8 shell script
* Drop this directory into wolfssl-x.y.z/ssl_helper
* Run ssl_helper.sh to compile and link the helper
Usage: "ssl_helper -d FILE_DESCRIPTOR" where FILE_DESCRIPTOR is open to the peer.
In bash, you can do it this way:

View File

@ -1091,6 +1091,12 @@ static void download_one_url(const char *url)
}
fflush(sfp);
/* If we use SSL helper, keeping our end of the socket open for writing
* makes our end (i.e. the same fd!) readable (EAGAIN instead of EOF)
* even after child closes its copy of the fd.
* This helps:
*/
shutdown(fileno(sfp), SHUT_WR);
/*
* Retrieve HTTP response line and check for "200" status code.