Commit Graph

17 Commits (9306bdf31c0b536389f79d66cee3dcc2d97735c1)

Author SHA1 Message Date
Florian Fainelli 306ee64361 px5g: Fix TARGET_LDFLAGS and add TARGET_CPPFLAGS
Make sure we pass down TARGET_CPPFLAGS to let toolchains with no default
search paths to find the mbdetls headers, and override TARGET_LDFLAGS to
include libraries we are linking against.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-03-01 17:19:51 -08:00
Felix Fietkau 709d10e220 px5g: replace px5g-standalone with a statically linked variant of px5g-mbedtls
px5g-standalone only supports SHA1 for certificates, which is strongly
deprecated. The new px5g-standalone is about 27k bigger (compressed),
and has identical behavior to px5g-mbedtls (it uses SHA256).

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-21 16:05:42 +01:00
Felix Fietkau 589a16fdb6 px5g: remove obsolete reference to $(BUILD_VARIANT)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-09 16:37:33 +01:00
Felix Fietkau 1cf64e210f px5g: remove legacy polarssl support
The old polarssl 1.3 branch is EOL since end of 2016, and the package
for it will be removed soon.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-09 14:35:08 +01:00
Alberto Bursi 7fa89d7f3c px5g: move to Encryption submenu
moved px5g to Encryption submenu of Utilities, in an effort to tidy up a bit the Utilities section of make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:48 +02:00
Daniel Dickinson a7f6dc9f8b px5g: Create mbedtls variant
px5g has been listed as a blocker for switching to new mbedtls
as the default, therefore make and mbedtls variant of px5g so
that an new mbedtls-only image can be created.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-07-05 22:59:12 +02:00
Jo-Philipp Wich 24a7ccb056 treewide: replace jow@openwrt.org with jo@mein.io
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-07 11:42:52 +02:00
Felix Fietkau 7eeb254cc4 treewide: replace nbd@openwrt.org with nbd@nbd.name
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-07 08:58:42 +02:00
Florian Eckert 5ac43d6ec2 px5g: add license tag
show the license for this package in opkg

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-05-31 14:54:19 -04:00
Felix Fietkau 4205078a78 px5g: Use SHA-256 when generating self-signed certificates
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 47391
2015-11-06 10:52:52 +00:00
Jo-Philipp Wich 542b6c30e5 fix subject in generated certificates
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44149
2015-01-25 23:33:49 +00:00
Jo-Philipp Wich 0ceece4c82 px5g: generate unique serial numbers
Generate a random serial from /dev/urandom when creating selfsigned certs.
Fixes "sec_error_reused_issuer_and_serial" with Firefox.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43168
2014-11-03 18:12:42 +00:00
John Crispin 74a3a77bcd license info - revert r43155
turns out that r43155 adds duplicate info.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43167
2014-11-03 09:56:44 +00:00
John Crispin c10d97484a Add more license tags with SPDX identifiers
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.

I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.

However, I can not garantee that I always picked the correct information
and/or did not miss license information.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 43155
2014-11-03 08:01:08 +00:00
Felix Fietkau eb225996ee px5g: rename the old package to px5g-standalone, add a new one that links against polarssl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40000
2014-03-21 15:55:23 +00:00
John Crispin 62cd76ab2c px5g: creates certificates that expire in the past
the attached patch fixes a bug of px5g when instructed to build
certificates that expire after 2038-01-19, caused a multiplication that
may overflow the "to" variable of type time_t

Attached patch checks if "to" precedes "from": if so sets "to" to its
maximum value. Pretty rude, but works well even if certificate is set to
expire in a century

Signed-off-by: Federico Fissore <federico@fissore.org>
Patchork: http://patchwork.openwrt.org/patch/3749/

SVN-Revision: 37165
2013-07-04 13:31:32 +00:00
John Crispin 4ebf19b48f packages: clean up the package folder
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37007
2013-06-21 16:54:37 +00:00