From: Josef Schlehofer Date: Fri, 29 Mar 2019 23:51:58 +0000 (+0100) Subject: mbedtls: update to version 2.16.1 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=4ebd66d7a996b8b5ba05a759eedfba03adb37e7f;p=openwrt%2Fstaging%2Fadrian.git mbedtls: update to version 2.16.1 Refreshed patches Signed-off-by: Josef Schlehofer Tested-by: Daniel Engberg --- diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile index de91ff20e9..a0c86592d7 100644 --- a/package/libs/mbedtls/Makefile +++ b/package/libs/mbedtls/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mbedtls -PKG_VERSION:=2.16.0 -PKG_RELEASE:=2 +PKG_VERSION:=2.16.1 +PKG_RELEASE:=1 PKG_USE_MIPS16:=0 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz PKG_SOURCE_URL:=https://tls.mbed.org/download/ -PKG_HASH:=c8d7a4696287cb9533c455bdd65859106dbdd4472c125194387486e6d4df2799 +PKG_HASH:=7ab76eaefab0b02f26ca889230d553facb2598f3a8f077886c41ec1801d2131a PKG_BUILD_PARALLEL:=1 PKG_LICENSE:=GPL-2.0+ @@ -51,10 +51,10 @@ config LIBMBEDTLS_DEBUG_C default n help This option enables mbedtls library's debug functions. - + It increases the uncompressed libmbedtls binary size by around 60 KiB (for an ARMv5 platform). - + Usually, you don't need this, so don't select this if you're unsure. endef diff --git a/package/libs/mbedtls/patches/200-config.patch b/package/libs/mbedtls/patches/200-config.patch index 825d407c6f..da482eb027 100644 --- a/package/libs/mbedtls/patches/200-config.patch +++ b/package/libs/mbedtls/patches/200-config.patch @@ -17,7 +17,7 @@ /** * \def MBEDTLS_CIPHER_NULL_CIPHER -@@ -696,19 +696,19 @@ +@@ -716,19 +716,19 @@ * * Comment macros to disable the curve and functions for it */ @@ -46,7 +46,7 @@ /** * \def MBEDTLS_ECP_NIST_OPTIM -@@ -810,7 +810,7 @@ +@@ -830,7 +830,7 @@ * See dhm.h for more details. * */ @@ -55,7 +55,7 @@ /** * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -@@ -830,7 +830,7 @@ +@@ -850,7 +850,7 @@ * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA */ @@ -64,7 +64,7 @@ /** * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -@@ -855,7 +855,7 @@ +@@ -875,7 +875,7 @@ * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA */ @@ -73,7 +73,7 @@ /** * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -@@ -989,7 +989,7 @@ +@@ -1009,7 +1009,7 @@ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 */ @@ -82,7 +82,7 @@ /** * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED -@@ -1013,7 +1013,7 @@ +@@ -1033,7 +1033,7 @@ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 */ @@ -91,7 +91,7 @@ /** * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -@@ -1117,7 +1117,7 @@ +@@ -1137,7 +1137,7 @@ * This option is only useful if both MBEDTLS_SHA256_C and * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. */ @@ -100,7 +100,7 @@ /** * \def MBEDTLS_ENTROPY_NV_SEED -@@ -1212,14 +1212,14 @@ +@@ -1232,14 +1232,14 @@ * Uncomment this macro to disable the use of CRT in RSA. * */ @@ -117,7 +117,7 @@ /** * \def MBEDTLS_SHA256_SMALLER -@@ -1373,7 +1373,7 @@ +@@ -1393,7 +1393,7 @@ * configuration of this extension). * */ @@ -126,7 +126,7 @@ /** * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO -@@ -1548,7 +1548,7 @@ +@@ -1568,7 +1568,7 @@ * * Comment this macro to disable support for SSL session tickets */ @@ -135,7 +135,7 @@ /** * \def MBEDTLS_SSL_EXPORT_KEYS -@@ -1578,7 +1578,7 @@ +@@ -1598,7 +1598,7 @@ * * Comment this macro to disable support for truncated HMAC in SSL */ @@ -144,7 +144,7 @@ /** * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT -@@ -1637,7 +1637,7 @@ +@@ -1657,7 +1657,7 @@ * * Comment this to disable run-time checking and save ROM space */ @@ -153,7 +153,7 @@ /** * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 -@@ -1967,7 +1967,7 @@ +@@ -1987,7 +1987,7 @@ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ @@ -162,7 +162,7 @@ /** * \def MBEDTLS_ARIA_C -@@ -2033,7 +2033,7 @@ +@@ -2053,7 +2053,7 @@ * This module enables the AES-CCM ciphersuites, if other requisites are * enabled as well. */ @@ -171,7 +171,7 @@ /** * \def MBEDTLS_CERTS_C -@@ -2045,7 +2045,7 @@ +@@ -2065,7 +2065,7 @@ * * This module is used for testing (ssl_client/server). */ @@ -180,7 +180,7 @@ /** * \def MBEDTLS_CHACHA20_C -@@ -2149,7 +2149,7 @@ +@@ -2169,7 +2169,7 @@ * \warning DES is considered a weak cipher and its use constitutes a * security risk. We recommend considering stronger ciphers instead. */ @@ -189,7 +189,7 @@ /** * \def MBEDTLS_DHM_C -@@ -2312,7 +2312,7 @@ +@@ -2332,7 +2332,7 @@ * This module adds support for the Hashed Message Authentication Code * (HMAC)-based key derivation function (HKDF). */ @@ -198,7 +198,7 @@ /** * \def MBEDTLS_HMAC_DRBG_C -@@ -2622,7 +2622,7 @@ +@@ -2642,7 +2642,7 @@ * * This module enables abstraction of common (libc) functions. */ @@ -207,7 +207,7 @@ /** * \def MBEDTLS_POLY1305_C -@@ -2643,7 +2643,7 @@ +@@ -2663,7 +2663,7 @@ * Caller: library/md.c * */ @@ -216,7 +216,7 @@ /** * \def MBEDTLS_RSA_C -@@ -2750,7 +2750,7 @@ +@@ -2770,7 +2770,7 @@ * * Requires: MBEDTLS_CIPHER_C */ @@ -225,7 +225,7 @@ /** * \def MBEDTLS_SSL_CLI_C -@@ -2850,7 +2850,7 @@ +@@ -2870,7 +2870,7 @@ * * This module provides run-time version information. */ @@ -234,7 +234,7 @@ /** * \def MBEDTLS_X509_USE_C -@@ -2960,7 +2960,7 @@ +@@ -2980,7 +2980,7 @@ * Module: library/xtea.c * Caller: */ diff --git a/package/libs/mbedtls/patches/300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch b/package/libs/mbedtls/patches/300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch index b6c60f0019..757d83f49c 100644 --- a/package/libs/mbedtls/patches/300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch +++ b/package/libs/mbedtls/patches/300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch @@ -15,7 +15,7 @@ Signed-off-by: Hauke Mehrtens --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h -@@ -638,7 +638,8 @@ +@@ -644,7 +644,8 @@ "r6", "r7", "r8", "r9", "cc" \ );