mirror of https://github.com/hak5/openwrt.git
wolfssl: update to 3.15.7, fix Makefile
This includes a fix for a medium-level potential cache attack with a
variant of Bleichenbacher’s attack. Patches were refreshed.
Increased FP_MAX_BITS to allow 4096-bit RSA keys.
Fixed poly1305 build option, and some Makefile updates.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 2792daab5a
)
openwrt-19.07
parent
cd4fcd46f1
commit
3167a57f72
|
@ -53,7 +53,7 @@ config WOLFSSL_HAS_ECC25519
|
|||
depends on WOLFSSL_HAS_ECC
|
||||
default n
|
||||
|
||||
config WOLFSSL_HAS_POLY_1305
|
||||
config WOLFSSL_HAS_POLY1305
|
||||
bool "Include Poly-1305 support"
|
||||
default n
|
||||
|
||||
|
|
|
@ -8,11 +8,10 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=wolfssl
|
||||
PKG_VERSION:=3.15.3-stable
|
||||
PKG_RELEASE:=2
|
||||
PKG_VERSION:=3.15.7-stable
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
|
||||
# PKG_SOURCE_URL:=https://www.wolfssl.com/
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
|
||||
PKG_HASH:=dc97c07a7667b39a890e14f4b4a209f51524a4cabee7adb6c80822ee78c1f62a
|
||||
|
||||
|
@ -20,15 +19,16 @@ PKG_FIXUP:=libtool
|
|||
PKG_INSTALL:=1
|
||||
PKG_USE_MIPS16:=0
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
PKG_LICENSE:=GPL-2.0+
|
||||
PKG_CPE_ID:=cpe:/a:yassl:cyassl
|
||||
PKG_LICENSE:=GPL-2.0-or-later
|
||||
PKG_LICENSE_FILES:=LICENSING COPYING
|
||||
PKG_CPE_ID:=cpe:/a:wolfssl:wolfssl
|
||||
|
||||
PKG_CONFIG_DEPENDS:=\
|
||||
CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \
|
||||
CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA \
|
||||
CONFIG_WOLFSSL_HAS_DES3 CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
|
||||
CONFIG_WOLFSSL_HAS_ECC CONFIG_WOLFSSL_HAS_ECC25519 \
|
||||
CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY_1305 \
|
||||
CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY1305 \
|
||||
CONFIG_WOLFSSL_HAS_PSK CONFIG_WOLFSSL_HAS_SESSION_TICKET \
|
||||
CONFIG_WOLFSSL_HAS_WPAS
|
||||
|
||||
|
@ -42,7 +42,7 @@ define Package/libwolfssl
|
|||
URL:=http://www.wolfssl.com/
|
||||
MENU:=1
|
||||
PROVIDES:=libcyassl
|
||||
ABI_VERSION:=18
|
||||
ABI_VERSION:=19
|
||||
endef
|
||||
|
||||
define Package/libwolfssl/description
|
||||
|
@ -54,7 +54,7 @@ define Package/libwolfssl/config
|
|||
source "$(SOURCE)/Config.in"
|
||||
endef
|
||||
|
||||
TARGET_CFLAGS += $(FPIC)
|
||||
TARGET_CFLAGS += $(FPIC) -DFP_MAX_BITS=8192
|
||||
|
||||
# --enable-stunnel needed for OpenSSL API compatibility bits
|
||||
CONFIGURE_ARGS += \
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- a/wolfssl/wolfcrypt/settings.h
|
||||
+++ b/wolfssl/wolfcrypt/settings.h
|
||||
@@ -1624,7 +1624,7 @@ extern void uITRON4_free(void *p) ;
|
||||
@@ -1759,7 +1759,7 @@ extern void uITRON4_free(void *p) ;
|
||||
#endif
|
||||
|
||||
/* warning for not using harden build options (default with ./configure) */
|
||||
|
@ -8,4 +8,4 @@
|
|||
+#if 0
|
||||
#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
|
||||
(defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
|
||||
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
|
||||
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -4198,7 +4198,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
|
||||
@@ -4614,7 +4614,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
|
||||
AC_CONFIG_FILES([Makefile wolfssl/version.h wolfssl/options.h cyassl/options.h support/wolfssl.pc rpm/spec])
|
||||
|
||||
AX_CREATE_GENERIC_CONFIG
|
||||
|
|
Loading…
Reference in New Issue