@@ -797,6 +797,7 @@ menu "Crypto"
source "package/libssh/Config.in"
source "package/libssh2/Config.in"
source "package/libuecc/Config.in"
+ source "package/mbedtls/Config.in"
source "package/nettle/Config.in"
source "package/openssl/Config.in"
source "package/polarssl/Config.in"
new file mode 100644
@@ -0,0 +1,20 @@
+config BR2_PACKAGE_MBEDTLS
+ bool "mbedtls"
+ help
+ mbed TLS (formerly known as PolarSSL) makes it trivially easy
+ for developers to include cryptographic and SSL/TLS
+ capabilities in their (embedded) products, facilitating this
+ functionality with a minimal coding footprint.
+
+ https://tls.mbed.org/
+
+if BR2_PACKAGE_MBEDTLS
+
+config BR2_PACKAGE_MBEDTLS_PROGRAMS
+ bool "mbedtls programs"
+ depends on BR2_USE_MMU # fork()
+ help
+ This option enables the installation and the build of
+ mbed TLS companion programs.
+
+endif
new file mode 100644
@@ -0,0 +1,2 @@
+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.0-2.1.3-1.3.15-and-polarssl.1.2.18-released
+sha256 3c6d3487ab056da94450cf907afc84f026aff7880182baffe137c98e3d00fb55 mbedtls-2.2.0-apache.tgz
new file mode 100644
@@ -0,0 +1,46 @@
+################################################################################
+#
+# mbedtls
+#
+################################################################################
+
+MBEDTLS_SITE = https://tls.mbed.org/code/releases
+MBEDTLS_VERSION = 2.2.0
+MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz
+MBEDTLS_CONF_OPTS = \
+ -DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \
+ -DENABLE_TESTING=OFF
+MBEDTLS_INSTALL_STAGING = YES
+MBEDTLS_LICENSE = Apache-2.0
+MBEDTLS_LICENSE_FILES = apache-2.0.txt
+
+# This is mandatory for hiawatha
+ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+define MBEDTLS_ENABLE_THREADING
+ $(SED) "s://#define MBEDTLS_THREADING_C:#define MBEDTLS_THREADING_C:" \
+ $(@D)/include/mbedtls/config.h
+ $(SED) "s://#define MBEDTLS_THREADING_PTHREAD:#define MBEDTLS_THREADING_PTHREAD:" \
+ $(@D)/include/mbedtls/config.h
+endef
+MBEDTLS_POST_PATCH_HOOKS += MBEDTLS_ENABLE_THREADING
+endif
+
+ifeq ($(BR2_STATIC_LIBS),y)
+MBEDTLS_CONF_OPTS += \
+ -DUSE_SHARED_MBEDTLS_LIBRARY=OFF -DUSE_STATIC_MBEDTLS_LIBRARY=ON
+else ifeq ($(BR2_SHARED_STATIC_LIBS),y)
+MBEDTLS_CONF_OPTS += \
+ -DUSE_SHARED_MBEDTLS_LIBRARY=ON -DUSE_STATIC_MBEDTLS_LIBRARY=ON
+else ifeq ($(BR2_SHARED_LIBS),y)
+MBEDTLS_CONF_OPTS += \
+ -DUSE_SHARED_MBEDTLS_LIBRARY=ON -DUSE_STATIC_MBEDTLS_LIBRARY=OFF
+endif
+
+ifeq ($(BR2_PACKAGE_ZLIB),y)
+MBEDTLS_CONF_OPTS += -DENABLE_ZLIB_SUPPORT=ON
+MBEDTLS_DEPENDENCIES += zlib
+else
+MBEDTLS_CONF_OPTS += -DENABLE_ZLIB_SUPPORT=OFF
+endif
+
+$(eval $(cmake-package))
Add the mbed TLS library, formerly known as PolarSSL. The 2.0+ version can live side-by-side with polarssl since it was renamed, hence can be added with no conflict. Use the Apache-2.0 license variant since it's somewhat more flexible, the codebase is the same as the GPLv2 variant, just copyright headers/license file changed. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> --- package/Config.in | 1 + package/mbedtls/Config.in | 20 +++++++++++++++++++ package/mbedtls/mbedtls.hash | 2 ++ package/mbedtls/mbedtls.mk | 46 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 69 insertions(+) create mode 100644 package/mbedtls/Config.in create mode 100644 package/mbedtls/mbedtls.hash create mode 100644 package/mbedtls/mbedtls.mk