Commit Graph

39 Commits (bddb1bb6d1beb8d3593ab3cddf27f2101816645b)

Author SHA1 Message Date
Steven Barth a98b1cf597 openssl: fix upstream regression for non-ec builds
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44364 3c298f89-4303-0410-b956-a3cf2f4a3e73
2015-02-09 15:26:35 +00:00
Steven Barth c10ed85ffb openssl: bump to 1.0.2
Fixes CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566

Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44332 3c298f89-4303-0410-b956-a3cf2f4a3e73
2015-02-09 12:04:00 +00:00
Steven Barth 17801c4a69 openssl: update to 1.0.1l *sigh*
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43976 3c298f89-4303-0410-b956-a3cf2f4a3e73
2015-01-15 17:59:06 +00:00
Steven Barth ab095633cf openssl: bump to 1.0.1j
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43875 3c298f89-4303-0410-b956-a3cf2f4a3e73
2015-01-08 18:29:26 +00:00
Steven Barth 0742ac3b05 openssl: fix CVE-2014-3569
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43858 3c298f89-4303-0410-b956-a3cf2f4a3e73
2015-01-06 09:59:55 +00:00
Steven Barth 8d8d9ce2b9 openssl: reenable CMS (broke krb5)
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43176 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-11-04 08:37:06 +00:00
John Crispin 85c10a8a6a license info - revert r43155
turns out that r43155 adds duplicate info.

Signed-off-by: John Crispin <blogic@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43167 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-11-03 09:56:44 +00:00
John Crispin b8df8ca970 Add more license tags with SPDX identifiers
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.

I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.

However, I can not garantee that I always picked the correct information
and/or did not miss license information.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43155 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-11-03 08:01:08 +00:00
Steven Barth 2bf2015c24 Add a few SPDX tags
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43151 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-11-02 12:20:54 +00:00
Steven Barth b5a50ff4e2 openssl: optimize build options, disable old SSL versions
Based on a patchset by Etienne CHAMPETIER <champetier.etienne@gmail.com>
Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43123 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-30 13:11:04 +00:00
Felix Fietkau 0cf70f8a8b openssl: fix target definition for x86_64 (#18182)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43045 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-24 13:23:39 +00:00
John Crispin 058c79e407 openssl: host build fails when ccache is enabled
Signed-off-by: John Crispin <blogic@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43002 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-20 11:19:53 +00:00
Felix Fietkau c0464fcf03 Revert "openssl: add host build."
This reverts commit r42988

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42997 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-20 09:18:21 +00:00
John Crispin a762173207 openssl: add host build.
Only support Linux at the moment.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42988 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-20 06:29:27 +00:00
Felix Fietkau 2e352aab13 openssl: add ABI_VERSION to fix package rebuild issues (fixes #18169)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42963 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-19 16:19:07 +00:00
Jo-Philipp Wich b3c29f9f23 openssl: update to v1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)
Also refresh patches and bump copyright year in Makefile.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42929 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-10-16 08:32:54 +00:00
John Crispin 3b2b802a38 openssl: another day another bug fix update
Signed-off-by: John Crispin <blogic@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42055 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-08-07 20:54:41 +00:00
Hauke Mehrtens d25c5b67fc openssl: version bump to 1.0.1h
today appeared another serious vulnerability in openssl. More info is
here http://ccsinjection.lepidum.co.jp. Users are advised to update to
openssl 1.0.1h.

Signed-off-by: Martin Strbacka <martin.strbacka@nic.cz>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41026 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-06-05 21:32:36 +00:00
Steven Barth 7166609dc4 OpenSSL: update to 1.0.1g
This fixes the Heartbleed bug (CVE-2014-0160).

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@40421 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-04-08 05:24:36 +00:00
Felix Fietkau 29368b6958 openssl: Fix x86_64 build on some 64bit host systems
On some build hosts openssl fails to install since openssl installs itself into
lib64 while the openwrt Makefile expects the libs to end up in lib.

install -m0644 .../openwrt/build_dir/target-x86_64_uClibc-0.9.33.2/openssl-1.0.1e/ipkg-install/usr/lib/libcrypto.so.* .../openwrt/build_dir/target-x86_64_uClibc-0.9.33.2/openssl-1.0.1e/ipkg-x86_64/libopenssl/usr/lib/
install: cannot stat '.../openwrt/build_dir/target-x86_64_uClibc-0.9.33.2/openssl-1.0.1e/ipkg-install/usr/lib/libcrypto.so.*': No such file or directory
make[2]: *** [/openwrt/bin/x86_64/packages/libopenssl_1.0.1e-2_x86_64.ipk] Error 1
make[2]: Leaving directory `/openwrt/package/libs/openssl'
make[1]: *** [package/libs/openssl/compile] Error 2
make[1]: Leaving directory `/openwrt'

Set LIBDIR accordingly to fix this.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39885 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-03-12 10:00:53 +00:00
Felix Fietkau 2ceb14d456 openssl: update to 1.0.1f
This version includes this changes:

    Don't include gmt_unix_time in TLS server and client random values
    Fix for TLS record tampering bug CVE-2013-4353
    Fix for TLS version checking bug CVE-2013-6449
    Fix for DTLS retransmission bug CVE-2013-6450

Signed-off-by: Peter Wagner <tripolar@gmx.at>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39853 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-03-09 13:23:41 +00:00
Felix Fietkau d11fe14771 openssl: detect configuration changes and clean build tree accordingly (fixes #15067)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39852 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-03-09 13:19:29 +00:00
Felix Fietkau 3e05d1f90f openssl: move make depend call to Build/Configure
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39851 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-03-09 13:19:25 +00:00
Felix Fietkau ef48b885cf openssl: use termios instead of termio
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39748 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-02-24 21:09:03 +00:00
John Crispin f2b9871a1d openssl: fix up PKG_DEPENDS. there are 2 missing CONFIG_ prefixe
Signed-off-by: John Crispin <blogic@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39607 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-02-18 13:33:08 +00:00
Felix Fietkau 95758e8d2c openssl: Support multi-threaded applications
Allow multi-threaded applications to work properly by
removing the "no-threads" flag that is enabled by default.

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39048 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-12-14 10:19:48 +00:00
Felix Fietkau 2aa808585a openssl: add support for RIPEMD/160
RIPEMD is needed to update erlang and i'd like to enable RIPEMD160 support in openssh.

Size compared:

openssl without RIPEMD/160 support:
647K 29. Okt 20:00 bin/ar71xx/packages/libopenssl_1.0.1e-2_ar71xx.ipk

openssl with RIPEMD/160 support:
652K  8. Nov 15:11 bin/ar71xx/packages/libopenssl_1.0.1e-2_ar71xx.ipk

So the file size just grows ~5kb, which shouldn't be a problem.

Signed-off-by: Peter Wagner <tripolar@gmx.at>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@38809 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-11-14 20:42:15 +00:00
Felix Fietkau d4a372f076 openssl: add parallel build support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37927 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-09-10 12:09:13 +00:00
Felix Fietkau 2d1f470204 openssl: to disable mips16, use the new PKG_USE_MIPS16 flag instead of messing with cflags directly
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37771 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-08-14 13:02:33 +00:00
Felix Fietkau 81831ba3d0 openssl: enable elliptic curve crypto by default (so that it can be used by things like ipsec as well)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37524 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-07-24 12:38:06 +00:00
Felix Fietkau 091e82429a openssl: add elliptic curve crypto compilation options to openssl
This patch adds EC compilation options to openssl
OPENSSL_WITH_EC is needed for authsae (OPENSSL_WITH_EC2M isn't)
Activating ec (but not ec2m) in openssl take 35Ko more on ar71xx (ipk size)
Activating both take 52Ko.

Signed-off-by: Etienne CHAMPETIER <etienne.champetier@free.fr>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37523 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-07-24 12:37:55 +00:00
Felix Fietkau 51274528eb openssl: disable mips16, it makes the code slower
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36602 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-05-10 00:18:27 +00:00
Felix Fietkau ab8468d344 build: consistently use 'depends on' instead of 'depends'
make the syntax more compatible with kernel menuconfig

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36351 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-04-17 15:36:41 +00:00
Florian Fainelli 221ef39aab openssl: Pass in any TARGET_ASFLAGS
Packages not picking up the regular TARGET_AS need their openwrt
Makefiles tweaked. For a basic build, that's just openssl.

This depends on patch 1/5.

Signed-off-by: Jay Carlson <nop@nop.com>
Signed-off-by: Florian Fainelli <florian@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36201 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-04-05 12:36:09 +00:00
Florian Fainelli fd0cfb2de6 openssl: remove now obsolete cris/etrax patch
The etrax target has been removed in r34768.

Signed-off-by: Florian Fainelli <florian@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35684 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-02-19 17:22:51 +00:00
Florian Fainelli 477ea5965c openssl: update OpenSSL to 1.0.1e, fix Cisco DTLS.
1.0.1d had a rushed fix for CVE-2013-0169 which broke in certain
circumstances. 1.0.1e has the fix for TLS.

Also include a further patch from the 1.0.1 branch which fixes the
breakage this introduced for Cisco's outdated pre-standard version of
DTLS, as used by OpenConnect.

Update mirror URLs to reflect current reality.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Florian Fainelli <florian@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35600 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-02-14 13:00:03 +00:00
Tim Yardley e07df17a99 openssl: security update to 1.0.1d to address CBC TLS issue
addressing
CVE-2013-0169: 4th February 2013

Signed-off-by: Tim Yardley <yardley@gmail.com>



git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35524 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-02-08 19:36:06 +00:00
Hamish Guthrie a81ef914e0 licensing: Add licensing metadata to many packages
Two new variables are introduces to many packages, namely PKG_LICENSE and
PKG_LICENSE_FILES - there may be more than one license applied to packages,
and these are listed in the PKG_LICENSE variable and separated by spaces.
All relevant license files are also added to the PKG_LICENSE_FILES variable,
also space separated.

The licensing metadata is put into the bin/<platform>/packages/Packages file
for later parsing. A script for that is on it's way!


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33861 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-10-19 15:34:28 +00:00
Felix Fietkau a17a510a62 move library packages to package/libs/
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33657 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-10-08 11:24:12 +00:00