Make sure we pass down TARGET_CPPFLAGS to let toolchains with no default
search paths to find the mbdetls headers, and override TARGET_LDFLAGS to
include libraries we are linking against.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit 306ee64361)
px5g-standalone only supports SHA1 for certificates, which is strongly
deprecated. The new px5g-standalone is about 27k bigger (compressed),
and has identical behavior to px5g-mbedtls (it uses SHA256).
Signed-off-by: Felix Fietkau <nbd@nbd.name>
moved px5g to Encryption submenu of Utilities, in an effort to tidy up a bit the Utilities section of make menuconfig.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
px5g has been listed as a blocker for switching to new mbedtls
as the default, therefore make and mbedtls variant of px5g so
that an new mbedtls-only image can be created.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
Generate a random serial from /dev/urandom when creating selfsigned certs.
Fixes "sec_error_reused_issuer_and_serial" with Firefox.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43168
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.
I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.
However, I can not garantee that I always picked the correct information
and/or did not miss license information.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 43155
the attached patch fixes a bug of px5g when instructed to build
certificates that expire after 2038-01-19, caused a multiplication that
may overflow the "to" variable of type time_t
Attached patch checks if "to" precedes "from": if so sets "to" to its
maximum value. Pretty rude, but works well even if certificate is set to
expire in a century
Signed-off-by: Federico Fissore <federico@fissore.org>
Patchork: http://patchwork.openwrt.org/patch/3749/
SVN-Revision: 37165