--enable-quic --enable-opensslcoexist options are mutually exclusive

wolfSSL / wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

https://www.wolfssl.com

GNU General Public License v2.0

2.31k stars 823 forks source link

--enable-quic --enable-opensslcoexist options are mutually exclusive #7641

Closed alexsn closed 2 months ago

alexsn commented 3 months ago

Version

5.7.0

Description

./configure --enable-quic --enable-opensslcoexist fails with the following error: configure: error: Cannot use --enable-opensslcoexist with --enable-opensslextra

This occurs due to this setting.

Any workaround I can use as I need both wolfssl and openssl to be linked into my application.

kareem-wolfssl commented 3 months ago

Hi @alexsn ,

This is an intentional error as our QUIC support depends extensively on our OpenSSL compatibility layer which is not compatible with OpenSSL coexistence. Are you able to share some information about your use case for linking wolf and OpenSSL into your application? Our OpenSSL compatibility layer supports many OpenSSL APIs and can be used in place of OpenSSL.

alexsn commented 3 months ago

Hey @kareem-wolfssl, thanks for the reply. The original issue I encountered was multiple function definitions when statically linking openssl with wolfssl. I was able to get openssl / wolfssl to coexist without --enable-opensslcoexist by compiling wolfssl with NO_WOLFSSL_STUB and adding the following small change:

#if !defined(NETOS) && !defined(NO_WOLFSSL_STUB)
void ERR_load_SSL_strings(void)
{

}
#endif

Is this patch acceptable as I want ERR_load_SSL_strings to be removed in the presence of NO_WOLFSSL_STUB