aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--configure.ac11
-rw-r--r--lib/vtls/cyassl.c6
2 files changed, 14 insertions, 3 deletions
diff --git a/configure.ac b/configure.ac
index 3031f05ae..4fba81715 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2182,7 +2182,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
fi
if test "x$USE_CYASSL" = "xyes"; then
- AC_MSG_NOTICE([detected CyaSSL])
+ AC_MSG_NOTICE([detected $cyassllibname])
dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
AC_CHECK_SIZEOF(long long)
@@ -2195,9 +2195,14 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
LIBS="-l$cyassllibname -lm $LIBS"
- if test "x$cyassllib" = "xwolfssl"; then
+ if test "x$cyassllibname" = "xwolfssl"; then
dnl Recent WolfSSL versions build without SSLv3 by default
- AC_CHECK_FUNCS(wolfSSLv3_client_method)
+ dnl WolfSSL needs configure --enable-opensslextra to have *get_peer*
+ AC_CHECK_FUNCS(wolfSSLv3_client_method \
+ wolfSSL_get_peer_certificate)
+ else
+ dnl Cyassl needs configure --enable-opensslextra to have *get_peer*
+ AC_CHECK_FUNCS(CyaSSL_get_peer_certificate)
fi
if test -n "$cyassllib"; then
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 20629f45d..e762d339f 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -413,6 +413,8 @@ cyassl_connect_step2(struct connectdata *conn,
}
if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) {
+#if defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \
+ defined(HAVE_CYASSL_GET_PEER_CERTIFICATE)
X509 *x509;
const char *x509_der;
int x509_der_len;
@@ -449,6 +451,10 @@ cyassl_connect_step2(struct connectdata *conn,
failf(data, "SSL: public key does not match pinned public key!");
return result;
}
+#else
+ failf(data, "Library lacks pinning support built-in");
+ return CURLE_NOT_BUILT_IN;
+#endif
}
conssl->connecting_state = ssl_connect_3;