polarssl: bump to 1.3.10, work around rename to mbedtls
authorSteven Barth <cyrus@openwrt.org>
Mon, 9 Feb 2015 12:44:32 +0000 (12:44 +0000)
committerSteven Barth <cyrus@openwrt.org>
Mon, 9 Feb 2015 12:44:32 +0000 (12:44 +0000)
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 44361

package/libs/polarssl/Makefile
package/libs/polarssl/patches/100-disable_sslv3.patch
package/libs/polarssl/patches/200-reduce_config.patch
package/libs/polarssl/patches/300-CVE-2015-1182.patch [deleted file]

index 384853e29caecad599ab1ee8a7d6c5a32be4d981..b4d249088201c6a9c27f88a9db6f6696f6528302 100644 (file)
@@ -7,14 +7,14 @@
 
 include $(TOPDIR)/rules.mk
 
-PKG_NAME:=polarssl
-PKG_VERSION:=1.3.9
-PKG_RELEASE:=2
+PKG_NAME:=mbedtls
+PKG_VERSION:=1.3.10
+PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
-PKG_SOURCE_URL:=https://polarssl.org/code/releases
-PKG_MD5SUM:=48af7d1f0d5de512cbd6dacf5407884c
+PKG_SOURCE_URL:=https://polarssl.org/download/
+PKG_MD5SUM:=4b55fc9ad3da65a43addefa8b74fef13
 
 PKG_BUILD_PARALLEL:=1
 PKG_LICENSE:=GPL-2.0+
@@ -50,7 +50,7 @@ PKG_INSTALL:=1
 
 CMAKE_OPTIONS += \
        -DCMAKE_BUILD_TYPE:String="Release" \
-       -DUSE_SHARED_POLARSSL_LIBRARY:Bool=ON \
+       -DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
        -DENABLE_TESTING:Bool=OFF \
        -DENABLE_PROGRAMS:Bool=OFF \
 
@@ -58,12 +58,14 @@ define Build/InstallDev
        $(INSTALL_DIR) $(1)/usr/include
        $(CP) $(PKG_INSTALL_DIR)/usr/include/polarssl $(1)/usr/include/
        $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libpolarssl.so* $(1)/usr/lib/
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libmbedtls.so* $(1)/usr/lib/
+       $(LN) libmbedtls.so $(1)/usr/lib/libpolarssl.so
 endef
 
 define Package/libpolarssl/install
        $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libpolarssl.so* $(1)/usr/lib/
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libmbedtls.so* $(1)/usr/lib/
+       $(LN) libmbedtls.so $(1)/usr/lib/libpolarssl.so
 endef
 
 $(eval $(call BuildPackage,libpolarssl))
index 06312f3471760c155739a542dc28ef022ef43b29..4b779025f72e3eb2b33e4d6178d181dfc4c55ebc 100644 (file)
@@ -1,6 +1,6 @@
 --- a/include/polarssl/config.h
 +++ b/include/polarssl/config.h
-@@ -859,8 +859,8 @@
+@@ -951,8 +951,8 @@
   *           POLARSSL_SHA1_C
   *
   * Comment this macro to disable support for SSL 3.0
index dc95faada56ac76a863653c96ab6389a53f9e145..b2ae4de9575f2669292fdd4deba60970abc99cdf 100644 (file)
@@ -1,6 +1,6 @@
 --- a/include/polarssl/config.h
 +++ b/include/polarssl/config.h
-@@ -395,8 +395,8 @@
+@@ -392,8 +392,8 @@
   *      TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_PSK_WITH_RC4_128_SHA
@@ -10,7 +10,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
-@@ -419,8 +419,8 @@
+@@ -416,8 +416,8 @@
   *      TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_DHE_PSK_WITH_RC4_128_SHA
@@ -20,7 +20,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-@@ -439,8 +439,8 @@
+@@ -436,8 +436,8 @@
   *      TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_ECDHE_PSK_WITH_RC4_128_SHA
@@ -30,7 +30,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
-@@ -464,8 +464,8 @@
+@@ -461,8 +461,8 @@
   *      TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_RSA_PSK_WITH_RC4_128_SHA
@@ -40,7 +40,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED
-@@ -543,8 +543,8 @@
+@@ -540,8 +540,8 @@
   *      TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
   *      TLS_ECDHE_RSA_WITH_RC4_128_SHA
@@ -50,7 +50,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-@@ -567,8 +567,8 @@
+@@ -564,8 +564,8 @@
   *      TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
   *      TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
@@ -60,7 +60,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-@@ -591,8 +591,8 @@
+@@ -588,8 +588,8 @@
   *      TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
   *      TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
   *      TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
@@ -70,7 +70,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
-@@ -615,8 +615,8 @@
+@@ -612,8 +612,8 @@
   *      TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
   *      TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
   *      TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
@@ -80,7 +80,7 @@
  
  /**
   * \def POLARSSL_PK_PARSE_EC_EXTENDED
-@@ -778,8 +778,8 @@
+@@ -775,8 +775,8 @@
   * \def POLARSSL_SELF_TEST
   *
   * Enable the checkup functions (*_self_test).
@@ -89,8 +89,8 @@
 + */
  
  /**
-  * \def POLARSSL_SSL_ALL_ALERT_MESSAGES
-@@ -1302,8 +1302,8 @@
+  * \def POLARSSL_SSL_AEAD_RANDOM_IV
+@@ -1395,8 +1395,8 @@
   *      TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
   *      TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
   *      TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
  
  /**
   * \def POLARSSL_CCM_C
-@@ -1330,8 +1330,8 @@
+@@ -1423,8 +1423,8 @@
   * Requires: POLARSSL_PEM_PARSE_C
   *
   * This module is used for testing (ssl_client/server).
  
  /**
   * \def POLARSSL_CIPHER_C
-@@ -1370,8 +1370,8 @@
+@@ -1463,8 +1463,8 @@
   *          library/ssl_tls.c
   *
   * This module provides debugging functions.
  
  /**
   * \def POLARSSL_DES_C
-@@ -1426,8 +1426,8 @@
+@@ -1519,8 +1519,8 @@
   *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
   *
   * Requires: POLARSSL_ECP_C
  
  /**
   * \def POLARSSL_ECDSA_C
-@@ -1441,8 +1441,8 @@
+@@ -1534,8 +1534,8 @@
   *      ECDHE-ECDSA
   *
   * Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
  
  /**
   * \def POLARSSL_ECP_C
-@@ -1454,8 +1454,8 @@
+@@ -1547,8 +1547,8 @@
   *          library/ecdsa.c
   *
   * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
  
  /**
   * \def POLARSSL_ENTROPY_C
-@@ -1494,8 +1494,8 @@
+@@ -1587,8 +1587,8 @@
   *
   * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
   * requisites are enabled as well.
  
  /**
   * \def POLARSSL_HAVEGE_C
-@@ -1652,8 +1652,8 @@
+@@ -1746,8 +1746,8 @@
   * Requires: POLARSSL_HAVE_ASM
   *
   * This modules adds support for the VIA PadLock on x86.
  
  /**
   * \def POLARSSL_PBKDF2_C
-@@ -1813,8 +1813,8 @@
+@@ -1907,8 +1907,8 @@
   * Module:  library/ripemd160.c
   * Caller:  library/md.c
   *
  
  /**
   * \def POLARSSL_RSA_C
-@@ -1893,8 +1893,8 @@
+@@ -1987,8 +1987,8 @@
   * Caller:
   *
   * Requires: POLARSSL_SSL_CACHE_C
  
  /**
   * \def POLARSSL_SSL_CLI_C
-@@ -1970,8 +1970,8 @@
+@@ -2064,8 +2064,8 @@
   * Caller:  library/havege.c
   *
   * This module is used by the HAVEGE random number generator.
  
  /**
   * \def POLARSSL_VERSION_C
-@@ -2091,8 +2091,8 @@
+@@ -2185,8 +2185,8 @@
   *
   * Module:  library/xtea.c
   * Caller:
  #define POLARSSL_XTEA_C
 + */
  
- /* \} name SECTION: PolarSSL modules */
+ /* \} name SECTION: mbed TLS modules */
  
diff --git a/package/libs/polarssl/patches/300-CVE-2015-1182.patch b/package/libs/polarssl/patches/300-CVE-2015-1182.patch
deleted file mode 100644 (file)
index 5961d37..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/library/asn1parse.c
-+++ b/library/asn1parse.c
-@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char
-             if( cur->next == NULL )
-                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
-+            memset( cur->next, 0, sizeof( asn1_sequence ) );
-+
-             cur = cur->next;
-         }
-     }