Opened 4 years ago

Closed 4 years ago

#52615 closed enhancement (fixed)

curl: add support for wolfssl as light weight alternative to openssl and gnutls with permissive licensing.

Reported by: dbevans (David B. Evans) Owned by: ryandesign (Ryan Schmidt)
Priority: Normal Milestone:
Component: ports Version: 2.3.4
Keywords: Cc:
Port: curl

Description

Patch attached that adds +wolfssl variant as an alternative to +ssl and +gnutls. wolfSSL is a light weight implementation with good SSL/TLS protocol coverage and permissive licensing.

Attachments (2)

patch-curl-add-wolfssl-variant.diff (1001 bytes) - added by dbevans (David B. Evans) 4 years ago.
Proposed patch to add +wolfssl variant
patch-curl-add-wolfssl-darwinssl-variants.diff (2.6 KB) - added by dbevans (David B. Evans) 4 years ago.
Revised patch adds +darwinssl +wolfssl, corrects variant logic.

Download all attachments as: .zip

Change History (11)

Changed 4 years ago by dbevans (David B. Evans)

Proposed patch to add +wolfssl variant

comment:1 Changed 4 years ago by dbevans (David B. Evans)

Type: defectenhancement

This is an enhancement, not a defect. Sorry.

comment:2 Changed 4 years ago by ryandesign (Ryan Schmidt)

No objection to adding this variant.

Since the new wolfssl variant says it conflicts with the ssl and gnutls variants, those variants should also say that they conflict with the wolfssl variant.

This might also be a good time to deal with #38369.

comment:3 Changed 4 years ago by dbevans (David B. Evans)

Thanks for catching my errors. And you're right, adding support for Secure Transport would be an obvious extra. I guess one might as well as polarssl/mbedtls as requested in #51059 too.

I've been using this variant for the last couple of days without problems. It's designed to have a small footprint for embedded real time systems but covers all the current standards including TLS 1.2 and has a permissive license. Appears to be a good replacement for openssl/libressl for people who want to distribute an unencumbered TLS implementation.

I'll update the patch and send it back for additional review.

Changed 4 years ago by dbevans (David B. Evans)

Revised patch adds +darwinssl +wolfssl, corrects variant logic.

comment:4 Changed 4 years ago by dbevans (David B. Evans)

Revised patch attached for review.

  • optional +darwinssl +wolfssl variants added
  • variant logic corrected

Addition of support for polarssl/mbedtls pending completion of #51059.

Wonder if +ssl should be changed to +openssl (including legacy +ssl for compatibility) now?

Let me know if you have any futher issues. Thanks.

comment:5 in reply to:  4 ; Changed 4 years ago by larryv (Lawrence Velázquez)

Replying to devans@…:

Wonder if +ssl should be changed to +openssl (including legacy +ssl for compatibility) now?

This would also have to be done for every other port with an +ssl variant. There are ~80 such ports.

comment:6 in reply to:  5 Changed 4 years ago by dbevans (David B. Evans)

Replying to larryv:

Replying to devans@…:

Wonder if +ssl should be changed to +openssl (including legacy +ssl for compatibility) now?

This would also have to be done for every other port with an +ssl variant. There are ~80 such ports.

True and the current +ssl variants support libressl as well. On the other hand, there are 31 ports/subports that already have +openssl variant. Current usage is inconsistent.

comment:7 Changed 4 years ago by dbevans (David B. Evans)

Request for mbed/TLS support in curl formalized in #52681.

comment:8 Changed 4 years ago by dbevans (David B. Evans)

Support for +wolfssl +darwinssl committed in r154173 per revised patch. No change to +ssl variant naming.

comment:9 Changed 4 years ago by dbevans (David B. Evans)

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.