From patchwork Thu May 19 11:27:48 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dirk Neukirchen X-Patchwork-Id: 623961 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2001:1868:205::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3r9TVf45Plz9sdn for ; Thu, 19 May 2016 21:34:18 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1b3MAx-00084I-Na; Thu, 19 May 2016 11:31:35 +0000 Received: from mout.web.de ([212.227.17.11]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1b3MAv-0007xv-Qt for lede-dev@lists.infradead.org; Thu, 19 May 2016 11:31:34 +0000 Received: from tenchi-htpc.lan ([91.66.244.150]) by smtp.web.de (mrweb101) with ESMTPSA (Nemesis) id 0LzbLS-1bhPmn1dQI-014h4n for ; Thu, 19 May 2016 13:31:11 +0200 From: Dirk Neukirchen To: lede-dev@lists.infradead.org Date: Thu, 19 May 2016 13:27:48 +0200 Message-Id: <1463657268-25750-1-git-send-email-dirkneukirchen@web.de> X-Mailer: git-send-email 2.8.2 X-Provags-ID: V03:K0:uzGVqUXJzqpVvrNGCLucIwCG6d1EnTZEkALJsZCBUuIF43tKzl5 +YWkfN9ci6xoDPNXZJ33nT37fVY99aqk87k+yRsttPNmDS7+Vqx7TBK8EFzNYYkyXPDaClv Gm6jewImdessBMaF9C0oQ2/VVC5CGFtaxHPi74ZcI+b/koaaTfLO2bQBp6BKjt9lCkcMXah UmdBjY811Z1JScytZfCCg== X-UI-Out-Filterresults: notjunk:1; V01:K0:1g6XmCwVuaA=:J7jfXS5DLzgodJhF+8/2Fl CjHWvmIqo07zlxF9gy8cdN286mfuFBmC/jRhFFxecDkeMPcSZflDPvpeZ//IYDOrDtIt6c0qZ TXHI0YIu6zkFk3RHIIqOv0P3hFXH/lsjLHEYNr53TexyqjNL1/FI0Dbt8rk8HTk4Cx74i3bXd E3brwAl6IdYESSr2xuzfKc8UVme82S1CpuPSMfe4GuHRAIKpnhu2pjatI4F2NI7anl0Svkuv3 gT8lIdflkbOjbQsG1hwciMSQ/AfRaJvFcAK9NEh7jOZqpXlmgsYs/D5n7yxIxMV41rGZYp+QS h168Dxry8dgMYUIR4gl/OZKjrNybrR0NHsbN7J146E5+eH6qnNXsyuipZHch4UjiSRc+2Wz/o n2TUZI758223aNJmz5R8VdOhwwoNVVJXyz3gMZpLa5dXyiXVLArZNwOOZvhGaz3yxRYPwUPlX chBPJzccZNbWSWMpWN6D78r8DJ3CItF3uuUpL5yQcsSAkGi9wSjtPcXLceEagnJIZWosR6SSa RX7e99XUbjHHezzu6KY3j76MJxdjb7GwUmK8IfuGLmvSZaL/OoWodWHgHgTSiwOGXaGBKR6lq 3bBLLk8nFzwQcShPIwzWMv3RQ93GU2HnUCqydKeERIjgP5PDnvFV41qErcOUcQuj/wWPq+HkG 4T0/a6ep0g6w5qmssPbGYhzaHcSD8zBTp/3DMBucMAzu1+8STseMQYvtpCMlWyyD3nqsDFTs9 2XsHyGhpJSJ9hBNGPRTgHI03Z14g4egkhKyiGe+K8G5+7YogpBqelumzZXg= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160519_043134_243548_1B9F0881 X-CRM114-Status: UNSURE ( 8.21 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -4.0 (----) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-4.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [212.227.17.11 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (dirkneukirchen[at]web.de) -1.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [212.227.17.11 listed in wl.mailspike.net] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders Subject: [LEDE-DEV] [PATCH] cyassl/wolfssl: update to 3.9.0 X-BeenThere: lede-dev@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: "Lede-dev" Errors-To: lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org - disable sslv3 (security) - patch is not needed anymore (see src/ssl.c) tested on ar71xx w. curl Signed-off-by: Dirk Neukirchen --- package/libs/cyassl/Makefile | 9 +++++---- .../cyassl/patches/300-SSL_set_tlsext_host_name.patch | 19 ------------------- 2 files changed, 5 insertions(+), 23 deletions(-) delete mode 100644 package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile index 7384a3d..7501b99 100644 --- a/package/libs/cyassl/Makefile +++ b/package/libs/cyassl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=3.8.0 -PKG_RELEASE:=2 +PKG_VERSION:=3.9.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip PKG_SOURCE_URL:=https://www.wolfssl.com/ -PKG_MD5SUM:=a73d90c5439adea97a5002a73b46ddeb +PKG_MD5SUM:=f3396726a9befd61443c2cce216e39ba PKG_FIXUP:=libtool PKG_INSTALL:=1 @@ -41,9 +41,10 @@ CONFIGURE_ARGS += \ --without-zlib \ --enable-singlethreaded \ --enable-opensslextra \ + --enable-sessioncerts \ --enable-sni \ --enable-ecc \ - --enable-sslv3 \ + --enable-sha512 \ --disable-examples #ifneq ($(CONFIG_TARGET_x86),) diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch deleted file mode 100644 index a35cdad..0000000 --- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- a/wolfssl/openssl/ssl.h -+++ b/wolfssl/openssl/ssl.h -@@ -401,6 +401,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR - /* yassl had set the default to be 500 */ - #define SSL_get_default_timeout(ctx) 500 - -+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y)) -+ - /* Lighthttp compatability */ - - #ifdef HAVE_LIGHTY -@@ -487,7 +489,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_ - #define SSL_TLSEXT_ERR_NOACK alert_warning - #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME - --#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name - #define SSL_get_servername wolfSSL_get_servername - #define SSL_set_SSL_CTX wolfSSL_set_SSL_CTX - #define SSL_CTX_get_verify_callback wolfSSL_CTX_get_verify_callback