polarssl: enable AES-GCM and CAMELLIA-GCM ciphersuites

Recent versions of Chrome require this ciphers to successfully handshake with
a TLS enabled uhttpd server using the ustream-polarssl backend.

If `CONFIG_GCM` is disabled, `ssl_ciphersuite_from_id()` will return `NULL`
when cipher `0x9d` is looked up, causing the calling `ssl_ciphersuite_match()`
to fail with `POLARSSL_ERR_SSL_INTERNAL_ERROR`.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/package/libs/polarssl/Makefile b/package/libs/polarssl/Makefile
index 03e3252e0a90a042790aaa326ee42acaca4453ef..573966e33b66d3ed40700ebc65d16dd2f933fd13 100644 (file)
--- a/package/libs/polarssl/Makefile
+++ b/package/libs/polarssl/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=polarssl
 SRC_PKG_NAME:=mbedtls
 PKG_VERSION:=1.3.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(SRC_PKG_NAME)-$(PKG_VERSION)-gpl.tgz

diff --git a/package/libs/polarssl/patches/200-reduce_config.patch b/package/libs/polarssl/patches/200-reduce_config.patch
index 6fef1a6f5c1822569464c793a0def91e3a6e504b..9e2734aa6c6cf81f1b23a0a981c0db37bcaaac1f 100644 (file)
--- a/package/libs/polarssl/patches/200-reduce_config.patch
+++ b/package/libs/polarssl/patches/200-reduce_config.patch
@@ -170,16 +170,6 @@
  
  /**
   * \def POLARSSL_ENTROPY_C
-@@ -1662,8 +1662,8 @@
-  *
-  * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
-  * requisites are enabled as well.
-- */
- #define POLARSSL_GCM_C
-+ */
- 
- /**
-  * \def POLARSSL_HAVEGE_C
 @@ -1699,8 +1699,8 @@
   * Requires: POLARSSL_MD_C
   *