From patchwork Wed Oct 5 09:46:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1686279 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=n2N339e/; dkim=fail reason="key not found in DNS" header.d=true.cz header.i=@true.cz header.a=rsa-sha256 header.s=xnet header.b=ZadSLTNL; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mj8vd1Z16z23jY for ; Wed, 5 Oct 2022 20:50:36 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=9BcltC77iboDwSuVYiLzGfxUUzCJWSJgBGSnvaydW+k=; b=n2N339e/6TidlO t3Q+XezNoC7dXoN0JOJ8WsqeuF3x1iihf2JQ5d2xgo/VtQReYJXIoVUzRsKoIXnfN02MvC9dV3heE fRscFyOZa0H/ARnheh6Lk5Gj22+eGqDKVcaOtQ1xbKqq6uETfImtn0p9sYhNH0qXXFOdFF9PRpLgq bm7Og277oweQ9FWrXK2UGGYVnGK41FFBf5jHswGqhiP9eHO+TGBmPGrTdBH2zfdkvwzLkYVpLR9mt puzAJTFa1YvSvJGGW4E5p5c+L/ocXuYgQQCaXVE0SDOM/zPFgAIS/Z2GE4ehfE/bDzNipXiTmTzJK uab4nyemBvg22yFOYm8g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1og0zT-00DQRz-IV; Wed, 05 Oct 2022 09:46:59 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1og0zB-00DQJg-7S for openwrt-devel@lists.openwrt.org; Wed, 05 Oct 2022 09:46:43 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 1E00B36C0; Wed, 5 Oct 2022 11:46:35 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=true.cz; s=xnet; t=1664963195; bh=ihewd8uJj1cBojoHWYa4Zc++ABTpS8F2r5otT9GWtyU=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=ZadSLTNL4emLPBohqvLG/KB1tHGf+9YjgJz2rb3uEdNDlJvWhPU3XJr9lWJ21KEum SFOdTAcBr1YniB0SYSVziwgQJmuFiBmsN//4Xk4SEWGnjTFzO7N664ntK39S3CrTU6 6oeYuOi17yvRoNqRdRRVPrVqlDkXCx8DE08d1tqA= Received: by meh.true.cz (OpenSMTPD) with ESMTP id 36b909ea; Wed, 5 Oct 2022 11:46:11 +0200 (CEST) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Cc: Ivan Pavlov Subject: [PATCH 21.02 3/5] wolfssl: bump to 5.5.0 Date: Wed, 5 Oct 2022 11:46:28 +0200 Message-Id: <20221005094630.5311-4-ynezz@true.cz> In-Reply-To: <20221005094630.5311-1-ynezz@true.cz> References: <20221005094630.5311-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221005_024641_701228_975C6BF4 X-CRM114-Status: UNSURE ( 8.37 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ivan Pavlov Remove upstreamed: 101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch Some low severity vulnerabilities fixed OpenVPN compatibility fixed (broken in 5.4.0) Other fixes && improvements Content analysis details: (0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Ivan Pavlov Remove upstreamed: 101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch Some low severity vulnerabilities fixed OpenVPN compatibility fixed (broken in 5.4.0) Other fixes && improvements Signed-off-by: Ivan Pavlov (cherry picked from commit 3d88f26d74f7771b808082cef541ed8286c40491) (cherry picked from commit 0c8425bf11590afb0c6f1545b328ecb6ed4aee87) --- package/libs/wolfssl/Makefile | 4 ++-- .../libs/wolfssl/patches/100-disable-hardening-check.patch | 2 +- package/libs/wolfssl/patches/200-ecc-rng.patch | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index d0a67e118be2..ce66ec81eada 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=5.4.0-stable +PKG_VERSION:=5.5.0-stable PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=dc36cc19dad197253e5c2ecaa490c7eef579ad448706e55d73d79396e814098b +PKG_HASH:=c34b74b5f689fac7becb05583b044e84d3b10d39f38709f0095dd5d423ded67f PKG_FIXUP:=libtool libtool-abiver PKG_INSTALL:=1 diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch index d3ad2e27bc3e..01bb5974ba33 100644 --- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch +++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch @@ -1,6 +1,6 @@ --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h -@@ -2442,7 +2442,7 @@ extern void uITRON4_free(void *p) ; +@@ -2445,7 +2445,7 @@ extern void uITRON4_free(void *p) ; #endif /* warning for not using harden build options (default with ./configure) */ diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch index 2e09e6d273e3..d68ef7f3853a 100644 --- a/package/libs/wolfssl/patches/200-ecc-rng.patch +++ b/package/libs/wolfssl/patches/200-ecc-rng.patch @@ -11,7 +11,7 @@ RNG regardless of the built settings for wolfssl. --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c -@@ -12288,21 +12288,21 @@ void wc_ecc_fp_free(void) +@@ -12348,21 +12348,21 @@ void wc_ecc_fp_free(void) #endif /* FP_ECC */ @@ -37,7 +37,7 @@ RNG regardless of the built settings for wolfssl. --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h -@@ -650,10 +650,8 @@ WOLFSSL_API +@@ -650,10 +650,8 @@ WOLFSSL_ABI WOLFSSL_API void wc_ecc_fp_free(void); WOLFSSL_LOCAL void wc_ecc_fp_init(void);