From 9e45f9d63c797baab2b3bd2574990ee94d3f80cb Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Sat, 11 Jun 2016 03:18:07 +0200 Subject: [PATCH] polarssl: enable AES-GCM and CAMELLIA-GCM ciphersuites Recent versions of Chrome require this ciphers to successfully handshake with a TLS enabled uhttpd server using the ustream-polarssl backend. If `CONFIG_GCM` is disabled, `ssl_ciphersuite_from_id()` will return `NULL` when cipher `0x9d` is looked up, causing the calling `ssl_ciphersuite_match()` to fail with `POLARSSL_ERR_SSL_INTERNAL_ERROR`. Signed-off-by: Jo-Philipp Wich --- package/libs/polarssl/Makefile | 2 +- package/libs/polarssl/patches/200-reduce_config.patch | 10 ---------- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/package/libs/polarssl/Makefile b/package/libs/polarssl/Makefile index 03e3252e0a..573966e33b 100644 --- a/package/libs/polarssl/Makefile +++ b/package/libs/polarssl/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=polarssl SRC_PKG_NAME:=mbedtls PKG_VERSION:=1.3.16 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_USE_MIPS16:=0 PKG_SOURCE:=$(SRC_PKG_NAME)-$(PKG_VERSION)-gpl.tgz diff --git a/package/libs/polarssl/patches/200-reduce_config.patch b/package/libs/polarssl/patches/200-reduce_config.patch index 6fef1a6f5c..9e2734aa6c 100644 --- a/package/libs/polarssl/patches/200-reduce_config.patch +++ b/package/libs/polarssl/patches/200-reduce_config.patch @@ -170,16 +170,6 @@ /** * \def POLARSSL_ENTROPY_C -@@ -1662,8 +1662,8 @@ - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. -- */ - #define POLARSSL_GCM_C -+ */ - - /** - * \def POLARSSL_HAVEGE_C @@ -1699,8 +1699,8 @@ * Requires: POLARSSL_MD_C *