mirror of
https://github.com/libssh2/libssh2.git
synced 2026-01-27 00:18:12 +03:00
a5b0fac292
Add workaround for the wolfSSL `EVP_Cipher(*p, NULL, NULL, 0)` bug to make libssh2 work with wolfSSL v5.6.0 and older. wolfSSL fixed this issue in v5.7.0: https://github.com/wolfSSL/wolfssl/pull/7143b0de0a1c95Without our local workaround: - v5.3.0 and older fail most tests: Ref: https://github.com/libssh2/libssh2/actions/runs/9646827522/job/26604211476#step:17:1263 - v5.4.0, v5.5.x, v5.6.0 fail these: ``` 29 - test_read-aes128-cbc (Failed) 30 - test_read-aes128-ctr (Failed) 32 - test_read-aes192-cbc (Failed) 33 - test_read-aes192-ctr (Failed) 34 - test_read-aes256-cbc (Failed) 35 - test_read-aes256-ctr (Failed) ``` Ref: https://github.com/libssh2/libssh2/actions/runs/9646827522/job/26604233819#step:17:978 Oddly enough the workaround breaks OpenSSL tests, so only enable it for the affected wolfSSL versions. Also add new build-from-source wolfSSL CI job to test the new codepath. wolfSSL has a build bug where `wolfssl/options.h` and `wolfssl/version.h` are not copied to the `install` destination with autotools. With CMake it has a different bug where `wolfcrypt/sp_int.h` is not copied (with v5.4.0). And another with CMake where `FIPS_mode()` remains missing (with v5.6.0 and earlier.) Therefore use CMake with v5.5.4 and a workaround for `FIPS_mode()`. Another option is autotools with v5.4.0 and a workaround for `install`, but CMake builds quicker. Regression-from3c953c05d6#797 Fixes #1020 Fixes #1299 Assisted-by: Michael Buckley via #1394 Closes #1394 (another attempt to fix the mentioned wolfSSL bug) Closes #1407