• larry
  • Moderator
  • Offline
  • Registered: 2010-10-21
  • Posts: 42

Topic: Building wolfSSL with OpenVPN (from old forums)

1.
      kriegaex

      [Avatar]
      2007-10-01 01:14:52 UTC
      Probably I am asking too much, but I would like to know how realistic it would be to use libcyassl as a drop-in replacement for OpenSSL (libcrypto, libssh) in connection with OpenVPN on an embedded platform (mipsel Linux, kernel 2.6.13.1) featuring BusyBox, /dev/urandom etc. The same question applies to stunnel, but I just pushed another thread concerning stunnel anyway.
   2.
      kriegaex

      [Avatar]
      2007-10-01 01:19:21 UTC
      BTW: The lib cross-compiles without any problems for my platform (mipsel-linux-uclibc), the testsuite is also okay:

      $ ./testsuite
      MD5 test passed!
      SHA test passed!
      SHA-256 test passed!
      HMAC test passed!
      ARC4 test passed!
      DES test passed!
      DES3 test passed!
      AES test passed!
      RANDOM test passed!
      RSA test passed!
      OPENSSL test passed!
      Client message: hello wolfssl!
      Server response: I hear you fa shizzle!
      yassl error: can't open input file
   3.
      touskaProject Admin

      [Avatar]
      2007-10-01 19:07:05 UTC
      I'll spend some time this week getting wolfSSL to compile, link, and run with OpenVPN. I'll update this message when it's ready.

Share

  • Registered: 2011-02-03
  • Posts: 6

Re: Building wolfSSL with OpenVPN (from old forums)

Any luck with this?

Share

  • todd
  • Moderator
  • Offline
  • Registered: 2010-10-21
  • Posts: 98

Re: Building wolfSSL with OpenVPN (from old forums)

It was a little more work than I thought and we never finished it.  We have enough customer/ potential customer work right though that our efforts for other project compatibility has fallen off.  It's certainly on our todo list.  Maybe we can devout some time to it later this month.  We'd also assist anyone trying to do it themselves if that's an option.

Share

  • Registered: 2011-02-03
  • Posts: 6

Re: Building wolfSSL with OpenVPN (from old forums)

Ok, thanks. I would venture to say that, for embedded ssl systems, the option to replace openssl with wolfSSL might be quite a significant attraction.

Share

  • todd
  • Moderator
  • Offline
  • Registered: 2010-10-21
  • Posts: 98

Re: Building wolfSSL with OpenVPN (from old forums)

Definitely.  Though to be a perfect drop in replacement we'd have to implement the several thousand function calls they support, and that would probably negate the size advantage.

Share

  • Registered: 2011-02-03
  • Posts: 6

Re: Building wolfSSL with OpenVPN (from old forums)

Agreed. But the configure script should be able to weed out whatever one does not want/need - or simply default to turning everything off, except the "standard" wolfSSL configuration.  It is important to be able to keep the library size down to a minimum, without doing anything other than "./configure && make".

So people who want any available extra functionality can turn them on, with, for example, "--enable-openvpn" or something like that.

Share