[Libwebsockets] working with wolfssl
andy at warmcat.com
andy at warmcat.com
Tue May 11 00:01:48 CEST 2021
On May 10, 2021 7:46:38 PM UTC, Trey Weaver <treyweaver at fastmail.net> wrote:
>Andy, your email helped!
>For some reason the wolfssl was not building with the openssl api even
>though I had the --enable-opensslextra option on. So I got past that
I think you solved that.
>I am compiling on the Arm (iMX6 -- Solid Run Module) both the WolfSSL
>and libwebsockets. Here are the cmake and configure for both.
>./configure --enable-opensslextra --enable-static –-enable-debug
>--enable-examples --enable-harden --host=arm-linux-gnueabihf
A couple of years ago we had an FAE from wolfssl discuss supporting it in lws with us, on behalf of his paying customers that wanted to use it in lws, and then provided a patch on lws which I gratefully took. Later I added the CI build against wolfssl to make sure it didn't regress, we now build against openssl3, boringssl and libressl in CI too.
For whatever reason, I guess from his perspective it was easier for this to meddle with wolfssl than adapt lws bits, part of the adaptation was he added a --enable-libwebsockets config flag on wolfssl that you also need.
>cmake -DLWS_WITH_SHARED:BOOL=OFF -DLWS_WITH_WOLFSSL=1
>But now when I do a compile I get the following error:
>(Note: I tried with both the libwolfssl.so and libwolfssl.a)
>[ 14%] Building C object
>In file included from
>In function ‘lws_context_init_ssl_library’:
>error: implicit declaration of function ‘wolfSSL_get_ex_new_index’; did
>you mean ‘wolfSSL_CTX_get_ex_new_index’?
> #define SSL_get_ex_new_index wolfSSL_get_ex_new_index
>note: in expansion of macro ‘SSL_get_ex_new_index’
> SSL_get_ex_new_index(0, "lws", NULL, NULL, NULL);
>cc1: all warnings being treated as errors
>I am begging to think I should abandon WolfSSL, I have been at this for
No the fact it builds and tests OK in CI is like a spoiler that it'll work in the end.
>On Mon, May 10, 2021, at 9:41 AM, Andy Green wrote:
>> On 5/10/21 2:25 PM, Trey Weaver wrote:
>> > When I do a straight up:
>> > *cmake ..*
>> > *make*
>> > everything goes fine. But when I try to add the wolfssl stuff like
>> > cmake -DLWS_WITH_WOLFSSL=1
>> > -DLWS_WOLFSSL_INCLUDE_DIRS=/home/jps/Temp/wolfssh.headers
>> > ..
>> > just like the build notes say to do and then do a make then I get
>> > error:
>> > *jps at dsp:~/Development/libwebsockets-4.2/libwebsockets/build$ make*
>> > *Scanning dependencies of target GENHDR*
>> > *[ 0%] Creating build include dir*
>> > *[ 0%] Built target GENHDR*
>> > *Scanning dependencies of target websockets_shared*
>> > *[ 1%] Building C object
>> > lib/CMakeFiles/websockets_shared.dir/plat/unix/unix-caps.c.o*
>> > *In file included from
>> > * from
>> > * from
>> > error: unknown type name ‘HMAC_CTX’*
>> > * HMAC_CTX ctx;*
>> > * ^~~~~~~~*
>> > *make: *** [lib/CMakeFiles/websockets_shared.dir/build.make:63:
>> > lib/CMakeFiles/websockets_shared.dir/plat/unix/unix-caps.c.o] Error
>> > *make: *** [CMakeFiles/Makefile2:1076:
>> > lib/CMakeFiles/websockets_shared.dir/all] Error 2*
>> > *make: *** [Makefile:163: all] Error 2*
>> > I am building 4.2 on a 32 bit ARM (iMX6).
>> So it's a native build actually on the arm device?
>> > I do see this in CMAKE:
>> > *-- Looking for wolfSSL_HMAC_CTX_new
>> > *
>> > *-- Looking for wolfSSL_HMAC_CTX_new - not found
>> > *
>> > I did compile wolfssl with the --enable-opensslextra option.
>> > I have attached the cmake output file....I don't know why every
>> > option is "not found" or if that is normal.
>> Most of them are "not found" on the CI build, eg
>> ... but there are like 5 or so that are found when built on x86_64 in
>> CI, particularly
>> -- Looking for wolfSSL_HMAC_CTX_new
>> -- Looking for wolfSSL_HMAC_CTX_new - found
>> It should have emitted something like this on stdout (I think)
>> Compiling with SSL support
>> wolfSSL include dir: /usr/local/include
>> wolfSSL libraries: /usr/local/lib/libwolfssl.so
>> I would look into exactly what you have in
>> it should contain a subdir wolfssl/ that has a bunch of .h, an
>> subdir inside wolfssl/ etc.
>> If that looks OK, then you need to go look in whatever your
>> of ./build/CMakeFiles/CMakeError.log is, and find the test it did for
>> wolfSSL_HMAC_CTX_new(), and paste what happened with that test. The
>> test builds that CMake does to determine api existence are allowed to
>> fail, then it takes the failure to mean that the api it was looking
>> doesn't exist. But there are many reasons the tests can fail to
>> eg, missing library so it can't link.
>> Also in CI, it is dynamically linking to the .so version of Wolfssl,
>> might try that.
>> Libwebsockets mailing list
>> Libwebsockets at ml.libwebsockets.org
>Libwebsockets mailing list
>Libwebsockets at ml.libwebsockets.org
More information about the Libwebsockets