|
@@ -275,6 +275,36 @@ if("${FIPS_VERSION}" STREQUAL "v1")
|
|
|
override_cache(WOLFSSL_TLS13 "no")
|
|
|
endif()
|
|
|
|
|
|
+# Post-handshake authentication
|
|
|
+add_option("WOLFSSL_POSTAUTH"
|
|
|
+ "Enable wolfSSL Post-handshake Authentication (default: disabled)"
|
|
|
+ "no" "yes;no")
|
|
|
+
|
|
|
+if(WOLFSSL_POSTAUTH)
|
|
|
+ if(NOT WOLFSSL_TLS13)
|
|
|
+ message(WARNING "TLS 1.3 is disabled - disabling Post-handshake Authentication")
|
|
|
+ override_cache(WOLFSSL_POSTAUTH "no")
|
|
|
+ else()
|
|
|
+ list(APPEND WOLFSSL_DEFINITIONS
|
|
|
+ "-DWOLFSSL_POST_HANDSHAKE_AUTH")
|
|
|
+ endif()
|
|
|
+endif()
|
|
|
+
|
|
|
+# Hello Retry Request Cookie
|
|
|
+add_option("WOLFSSL_HRR_COOKIE"
|
|
|
+ "Enable the server to send Cookie Extension in HRR with state (default: disabled)"
|
|
|
+ "undefined" "yes;no;undefined")
|
|
|
+
|
|
|
+if("${WOLFSSL_HRR_COOKIE}" STREQUAL "yes")
|
|
|
+ if(NOT WOLFSSL_TLS13)
|
|
|
+ message(WARNING "TLS 1.3 is disabled - disabling HRR Cookie")
|
|
|
+ override_cache(WOLFSSL_HRR_COOKIE "no")
|
|
|
+ else()
|
|
|
+ list(APPEND WOLFSSL_DEFINITIONS
|
|
|
+ "-DWOLFSSL_SEND_HRR_COOKIE")
|
|
|
+ endif()
|
|
|
+endif()
|
|
|
+
|
|
|
# DTLS v1.3
|
|
|
add_option("WOLFSSL_DTLS13"
|
|
|
"Enable wolfSSL DTLS v1.3 (default: disabled)"
|
|
@@ -289,7 +319,11 @@ if(WOLFSSL_DTLS13)
|
|
|
endif()
|
|
|
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_DTLS13")
|
|
|
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_W64_WRAPPER")
|
|
|
-
|
|
|
+ if ("${WOLFSSL_HRR_COOKIE}" STREQUAL "undefined")
|
|
|
+ message(WARNING "DTLS1.3 is enabled - enabling HRR Cookie")
|
|
|
+ override_cache(WOLFSSL_HRR_COOKIE "yes")
|
|
|
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SEND_HRR_COOKIE")
|
|
|
+ endif()
|
|
|
if (WOLFSSL_AES)
|
|
|
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_AES_DIRECT")
|
|
|
endif()
|
|
@@ -307,36 +341,6 @@ if(WOLFSSL_DTLS_CID)
|
|
|
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_DTLS_CID")
|
|
|
endif()
|
|
|
|
|
|
-# Post-handshake authentication
|
|
|
-add_option("WOLFSSL_POSTAUTH"
|
|
|
- "Enable wolfSSL Post-handshake Authentication (default: disabled)"
|
|
|
- "no" "yes;no")
|
|
|
-
|
|
|
-if(WOLFSSL_POSTAUTH)
|
|
|
- if(NOT WOLFSSL_TLS13)
|
|
|
- message(WARNING "TLS 1.3 is disabled - disabling Post-handshake Authentication")
|
|
|
- override_cache(WOLFSSL_POSTAUTH "no")
|
|
|
- else()
|
|
|
- list(APPEND WOLFSSL_DEFINITIONS
|
|
|
- "-DWOLFSSL_POST_HANDSHAKE_AUTH")
|
|
|
- endif()
|
|
|
-endif()
|
|
|
-
|
|
|
-# Hello Retry Request Cookie
|
|
|
-add_option("WOLFSSL_HRR_COOKIE"
|
|
|
- "Enable the server to send Cookie Extension in HRR with state (default: disabled)"
|
|
|
- "no" "yes;no")
|
|
|
-
|
|
|
-if(WOLFSSL_HRR_COOKIE)
|
|
|
- if(NOT WOLFSSL_TLS13)
|
|
|
- message(WARNING "TLS 1.3 is disabled - disabling HRR Cookie")
|
|
|
- override_cache(WOLFSSL_HRR_COOKIE "no")
|
|
|
- else()
|
|
|
- list(APPEND WOLFSSL_DEFINITIONS
|
|
|
- "-DWOLFSSL_SEND_HRR_COOKIE")
|
|
|
- endif()
|
|
|
-endif()
|
|
|
-
|
|
|
# RNG
|
|
|
add_option("WOLFSSL_RNG"
|
|
|
"Enable compiling and using RNG (default: enabled)"
|