@@ -1,3 +1,6 @@

 [submodule "pkg/docker"]

 	path = pkg/docker

 	url = https://github.com/kamailio/kamailio-ci.git

+[submodule "src/modules/tls_wolfssl/lib/wolfssl"]

+	path = src/modules/tls_wolfssl/lib/wolfssl

+	url = https://github.com/wolfSSL/wolfssl.git

new file mode 100644

@@ -0,0 +1,4 @@

+lib/lib

+lib/include

+lib/bin

+lib/share

@@ -8,74 +8,41 @@ include ../../Makefile.defs

 auto_gen=

 NAME=tls_wolfssl.so

-# set to yes when wanting to link with static libraries

-LIBSSL_STATIC ?= no

-# set to yes when wanting to link with static libraries compiled from source

-LIBSSL_STATIC_SRCLIB ?= no

-# set to the path of the folder with static libraries compiled from source

-LIBSSL_STATIC_SRCPATH ?= /usr/local/src/openssl

+LIBS += lib/lib/libwolfssl.a

+DEFS += -I./lib/include/

-ifeq ($(CROSS_COMPILE),)

-WOLFSSL_BUILDER=$(shell \

-	if pkg-config --exists wolfssl; then \

-		echo 'pkg-config wolfssl'; \

-	fi)

-endif

-

-ifneq ($(WOLFSSL_BUILDER),)

-

-ifneq ($(WOLFSSL_STATIC),yes)

-	DEFS += $(shell $(WOLFSSL_BUILDER) --cflags)

-	LIBS += $(shell $(WOLFSSL_BUILDER) --libs)

-

-else # $(WOLFSSL_STATIC),yes)

-

-	DEFS += -DKSR_WOLFSSL_STATIC

-

-ifneq ($(WOLFSSL_STATIC_SRCLIB),yes)

-	## when static libs (*.a) from packages are compiled with -fPIC

-	DEFS += $(shell $(WOLFSSL_BUILDER) --cflags)

-	LIBS += $(shell $(WOLFSSL_BUILDER) --libs-only-L)

-	# TODO: explore use of LIBS += -Wl,-Bstatic $(shell $(SSL_BUILDER) --libs-only-l)

-	LIBS += -l:libwolfssl.a -l:libz.a -l:libdl.a

-else

-	## when linking against static libs compiled from sources

-	DEFS += -I$(WOLFSSL_STATIC_SRCPATH)/include

-	LIBS += $(WOLFSSL_STATIC_SRCPATH)/libwolfssl.a

-endif # ifneq ($(WOLFSSL_STATIC_SRCLIB),yes)

-

-endif # ifneq ($(WOLFSSL_STATIC),yes)

-

-else # ifneq ($(SSL_BUILDER),)

-

-	DEFS += -I$(LOCALBASE)/wolfssl/include

-	LIBS += -L$(LOCALBASE)/lib \

-			-L$(LOCALBASE)/lib64  \

-			-lwolfssl

-endif # ifneq ($(SSL_BUILDER),)

-

-LIBS+= $(TLS_EXTRA_LIBS)

-

-# dcm: tls.cfg installed via local 'install-cfg' to update paths

-#MOD_INSTALL_CFGS=tls.cfg

 include ../../Makefile.modules

-

-install-tls-cert: $(cfg_prefix)/$(cfg_dir)

-	MAIN_NAME=$(MAIN_NAME) ./tls_cert.sh -d $(cfg_prefix)/$(cfg_dir)

-

-install-cfg:

-	@if ! [ -d $(cfg_prefix)/$(cfg_dir) ]; then \

-		mkdir -p "$(cfg_prefix)/$(cfg_dir)" ; \

-	fi

-	@$(call try_err, $(INSTALL_TOUCH) \

-			"$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" )

-	@sed -e "s#\/usr/local/etc/kamailio/#$(cfg_target)#g" \

-			-e "s#kamailio-selfsigned#$(MAIN_NAME)-selfsigned#g" \

-				< ./tls.cfg > "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample"

-	@if [ -z "${skip_cfg_install}" -a \

-			! -f "$(cfg_prefix)/$(cfg_dir)tls.cfg" ]; then \

-		mv -f "$(cfg_prefix)/$(cfg_dir)tls.cfg.sample" \

-						"$(cfg_prefix)/$(cfg_dir)tls.cfg" ; \

-	fi

-

+SOURCES := $(shell ls *.c)

+OBJECTS = $(SOURCES:.c=.o)

+MOD_DIR := $(shell pwd)

+

+$(OBJECTS): lib/lib/libwolfssl.a

+

+lib/lib/libwolfssl.a:

+	@cd ./lib/wolfssl; \

+	if [ ! -f "configure" ]; then \

+		./autogen.sh; \

+	fi; \

+	if [ ! -f "Makefile" ]; then \

+		env -u DEFS -u CFLAGS -u LDFLAGS -u LIBS EXTRA_CFLAGS="-g -fPIC" ./configure \

+		--enable-all --enable-pkcs11 --enable-static --enable-aligndata=no \

+		--disable-shared --disable-silent-rules --disable-examples \

+		--prefix=$(MOD_DIR)/lib \

+		--exec-prefix=$(MOD_DIR)/lib; \

+		sed -i s/-Werror// Makefile; \

+	fi;

+	@$(MAKE) -C ./lib/wolfssl install

+

+$(NAME): lib/lib/libwolfssl.a

+

+clean-wolfssl:

+	@rm -rf ./lib/{bin,include,share,lib}; \

+	cd ./lib/wolfssl; make clean || /bin/true

+

+clean-module:

+	@rm -f *.o *.so

+

+clean-all: clean-wolfssl clean-module

+  

+.PHONY: clean-wolfssl clean-module clean-all

new file mode 160000

@@ -0,0 +1 @@

+Subproject commit e722c15be860794179082a05d09e6a90dc77ccf0

@@ -215,7 +215,27 @@ static void* ser_realloc(void *ptr, size_t size, const char* file, int line)

 }

 #else /*TLS_MALLOC_DBG */

+static void* ser_malloc(size_t size)

+{

+	return shm_malloc(size);

+

+}

+

+static void* ser_realloc(void *ptr, size_t size)

+{

+	return shm_realloc(ptr, size);

+

+}

+#endif

+static void ser_free(void *ptr)

+{

+	if (ptr) {

+		shm_free(ptr);

+	}

+}

+

+#if 0

 // up align memory allocations to 16 bytes for

 // wolfSSL --enable-aligndata=yes (the default)

 static const int MAX_ALIGN = __alignof__(max_align_t);

@@ -245,7 +265,6 @@ static void* ser_realloc(void *ptr, size_t new_size)

 	return new_ptr + new_pad;

 }

-#endif /* LIBRESSL_VERSION_NUMBER */

 static void ser_free(void *ptr)

 {

@@ -254,7 +273,7 @@ static void ser_free(void *ptr)

 		shm_free((unsigned char*)ptr - pad);

 	}

 }

-

+#endif

 /*

  * Initialize TLS socket

@@ -309,7 +309,7 @@ static int tls_complete_init(struct tcp_connection* c)

 error:

 	atomic_dec(&cfg->ref_count);

 	if (data) shm_free(data);

-error2:

+

 	return -1;

 }