git.ipfire.org Git - thirdparty/strongswan.git/commit

author	Tobias Brunner <tobias@strongswan.org>
	Tue, 12 Jul 2022 07:46:03 +0000 (09:46 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 18 Jul 2022 10:42:24 +0000 (12:42 +0200)
commit	eae30af029b1d80c1309bb5a2e79df139ec1662b
tree	d121078816a918481681454c7b97f37f4d207f03	tree
parent	110e8e6608b48dbefb9c5afd1f05818adabf9ace	commit \| diff

Use wolfSSL 5.4.0 for tests

The 5.4.0 update changed the default bignum implementation to what
could explicitly be enabled via `--enable-sp-math-all`.  Since this uses
fixed-sized buffers sufficient for key sizes of SP_INT_BITS, with a default
of 4096, modp6144 and modp8192 didn't work anymore (wc_DhGenerateKeyPair()
returned MP_EXPTMOD_E).  So we have to adapt the feature checks for this.

To support the larger DH groups we can either increase the buffer size
via `--with-max-rsa-bits` or add `--enable-heapmath` so buffers get
(re-)allocated as needed.  We go with the latter for now.

scripts/test.sh		diff \| blob \| blame \| history
src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c		diff \| blob \| blame \| history
testing/scripts/recipes/012_wolfssl.mk		diff \| blob \| blame \| history