Commit Graph

8 Commits (787ae50e419115c9d4a96ee146165ef05564276d)

Author SHA1 Message Date
Hauke Mehrtens 6161cab72f cyassl: update to version 3.2.0
This fixes a security problem:
Security fix for RSA Padding check vulnerability 

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42526 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-09-13 20:56:55 +00:00
Steven Barth ef0f6ced08 cyassl: update to 3.1.0
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42063 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-08-08 05:25:52 +00:00
Hauke Mehrtens e857ee07a4 cyassl: update to version 3.0.0
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@40621 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-05-01 14:04:15 +00:00
Imre Kaloz 2f536bc64e [cyassl]: change fixup method and fix CFLAGS handling
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>



git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39151 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-12-20 20:25:44 +00:00
Jo-Philipp Wich 26f93b4bb0 cyassl: upgrade to v2.8.0
Un-reverts the previous update commit and forward-ports the patch
to improve legacy SSLv2 handshake handling.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@38609 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-10-30 13:19:48 +00:00
Jo-Philipp Wich 407cc7b928 Revert "[cyassl]: upgrade to 2.8.0"
Reverts the CyaSSL version bump for now since the update completely broke
trunk building due to incompatible changes in the IO callback API which in
turn breaks the core ustream-ssl package.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@38576 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-10-29 09:53:48 +00:00
Imre Kaloz ff27022040 [cyassl]: upgrade to 2.8.0
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>



git-svn-id: svn://svn.openwrt.org/openwrt/trunk@38558 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-10-28 14:34:59 +00:00
Jo-Philipp Wich f7b01c3da2 [package] cyassl: add a patch to better check legacy SSLv2 client hello records
If junk data is received during SSL_accept(), cyassl will treat it as legacy SSLv2
record without performing further plausibility checks. Change the legacy code path
to return UNKNOWN_HANDSHAKE_TYPE if the value of the third byte isn't 0x01 the
hello message type.

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33675 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-10-09 16:41:36 +00:00