build-wolfssl: Sync config with wolfSSL 3.11

wolfSSL configure script relevant changes from 3.10 to 3.11:

- Async threading support added; disabled by default without async
  crypto, which continues to be disabled by default.

wolfSSL configure script relevant changes from 3.11 to 3.11.1 (beta):

- TLS 1.3 beta support added; disabled by default.

For experimenting I put in a comment block the defines needed to enable
TLS 1.3 support (ie the equivalent of --enable-tls13).

diff --git a/projects/wolfssl_options.h b/projects/wolfssl_options.h
index d0ece964036ed99378d39d56cb8bd50d1d766a84..f6af47cab2da5ecba46157e838b942ea77950c4e 100644 (file)
--- a/projects/wolfssl_options.h
+++ b/projects/wolfssl_options.h
@@ -5,7 +5,7 @@ To remedy this issue for libcurl I've generated this options file that
 build-wolfssl will copy to the wolfSSL include directories and will result in
 maximum compatibility.
 
-These are the configure options that were used to build wolfSSL v3.10.0 in
+These are the configure options that were used to build wolfSSL v3.11.0 in
 mingw and generate the options in this file:
 
 C_EXTRA_FLAGS="\
@@ -96,6 +96,28 @@ extern "C" {
 #undef  OPENSSL_EXTRA
 #define OPENSSL_EXTRA
 
+/*
+The commented out defines below are the equivalent of --enable-tls13.
+Uncomment them to build wolfSSL with TLS 1.3 support as of v3.11.1-tls13-beta.
+This is for experimenting only, afaict TLS 1.3 support doesn't appear to be
+functioning correctly yet. https://github.com/wolfSSL/wolfssl/pull/943
+
+#undef  WC_RSA_PSS
+#define WC_RSA_PSS
+
+#undef  WOLFSSL_TLS13
+#define WOLFSSL_TLS13
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_FFDHE_2048
+#define HAVE_FFDHE_2048
+
+#undef  HAVE_HKDF
+#define HAVE_HKDF
+*/
+
 #undef  TFM_TIMING_RESISTANT
 #define TFM_TIMING_RESISTANT
 
@@ -189,6 +211,9 @@ extern "C" {
 #undef  USE_FAST_MATH
 #define USE_FAST_MATH
 
+#undef  WC_NO_ASYNC_THREADING
+#define WC_NO_ASYNC_THREADING
+
 
 #ifdef __cplusplus
 }