From 16414718f9ae57f294a8a9f70f766e0d170fae05 Mon Sep 17 00:00:00 2001 From: Ivan Pavlov Date: Tue, 14 Sep 2021 12:06:32 -0300 Subject: [PATCH] wolfssl: update to 4.8.1-stable Changes from 4.7.0: Fix one high (OCSP verification issue) and two low vulnerabilities Improve compatibility layer Other improvements and fixes For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases Signed-off-by: Ivan Pavlov (cherry picked from commit 7d92bb0509615550b98e2dc71091073c8258d564) [Added patch to allow compilation with libtool 2.4] Signed-off-by: Eneas U de Queiroz --- package/libs/wolfssl/Makefile | 6 +++--- ...m-change-asm-snippets-to-get-compiling.patch | 17 +++++------------ .../patches/100-disable-hardening-check.patch | 2 +- .../patches/110-build-with-libtool-2.4.patch | 13 +++++++++++++ package/libs/wolfssl/patches/200-ecc-rng.patch | 4 ++-- 5 files changed, 24 insertions(+), 18 deletions(-) create mode 100644 package/libs/wolfssl/patches/110-build-with-libtool-2.4.patch diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 41df3147d0..2881665753 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=4.7.0-stable -PKG_RELEASE:=3 +PKG_VERSION:=4.8.1-stable +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=b0e740b31d4d877d540ad50cc539a8873fc41af02bd3091c4357b403f7106e31 +PKG_HASH:=50db45f348f47e00c93dd244c24108220120cb3cc9d01434789229c32937c444 PKG_FIXUP:=libtool libtool-abiver PKG_INSTALL:=1 diff --git a/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch b/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch index 091b241285..763f9e8d06 100644 --- a/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch +++ b/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch @@ -13,8 +13,6 @@ SP_ASM_MUL_ADD2 and SP_ASM_SQR_ADD. wolfcrypt/src/sp_int.c | 6 +++--- 2 files changed, 23 insertions(+), 12 deletions(-) -diff --git a/wolfcrypt/src/asm.c b/wolfcrypt/src/asm.c -index b7f53d073..a37e75e02 100644 --- a/wolfcrypt/src/asm.c +++ b/wolfcrypt/src/asm.c @@ -698,33 +698,39 @@ __asm__( \ @@ -64,7 +62,7 @@ index b7f53d073..a37e75e02 100644 #define SQRADDAC(i, j) \ __asm__( \ -@@ -733,7 +739,9 @@ __asm__( \ +@@ -733,7 +739,9 @@ __asm__( "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ @@ -75,7 +73,7 @@ index b7f53d073..a37e75e02 100644 #define SQRADDDB \ __asm__( \ -@@ -743,7 +751,10 @@ __asm__( \ +@@ -743,7 +751,10 @@ __asm__( "addl %6,%0 \n\t" \ "adcl %7,%1 \n\t" \ "adcl %8,%2 \n\t" \ @@ -87,11 +85,9 @@ index b7f53d073..a37e75e02 100644 #elif defined(TFM_X86_64) /* x86-64 optimized */ -diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c -index 6070faaa9..d26702e47 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c -@@ -477,7 +477,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo, +@@ -476,7 +476,7 @@ static WC_INLINE sp_int_digit sp_div_wor "addl %%eax, %[l] \n\t" \ "adcl %%edx, %[h] \n\t" \ "adcl $0 , %[o] \n\t" \ @@ -100,7 +96,7 @@ index 6070faaa9..d26702e47 100644 : [a] "r" (va), [b] "r" (vb) \ : "eax", "edx", "cc" \ ) -@@ -503,7 +503,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo, +@@ -502,7 +502,7 @@ static WC_INLINE sp_int_digit sp_div_wor "addl %%eax, %[l] \n\t" \ "adcl %%edx, %[h] \n\t" \ "adcl $0 , %[o] \n\t" \ @@ -109,7 +105,7 @@ index 6070faaa9..d26702e47 100644 : [a] "r" (va), [b] "r" (vb) \ : "eax", "edx", "cc" \ ) -@@ -542,7 +542,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo, +@@ -541,7 +541,7 @@ static WC_INLINE sp_int_digit sp_div_wor "addl %%eax, %[l] \n\t" \ "adcl %%edx, %[h] \n\t" \ "adcl $0 , %[o] \n\t" \ @@ -118,6 +114,3 @@ index 6070faaa9..d26702e47 100644 : [a] "m" (va) \ : "eax", "edx", "cc" \ ) --- -2.31.1 - diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch index c89ff1be9d..4141e28750 100644 --- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch +++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch @@ -1,6 +1,6 @@ --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h -@@ -2255,7 +2255,7 @@ extern void uITRON4_free(void *p) ; +@@ -2274,7 +2274,7 @@ extern void uITRON4_free(void *p) ; #endif /* warning for not using harden build options (default with ./configure) */ diff --git a/package/libs/wolfssl/patches/110-build-with-libtool-2.4.patch b/package/libs/wolfssl/patches/110-build-with-libtool-2.4.patch new file mode 100644 index 0000000000..206c6dac6a --- /dev/null +++ b/package/libs/wolfssl/patches/110-build-with-libtool-2.4.patch @@ -0,0 +1,13 @@ +diff --git a/configure.ac b/configure.ac +index 144c857e4..de7f6b45a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -32,7 +32,7 @@ AC_ARG_PROGRAM + + AC_CONFIG_HEADERS([config.h:config.in]) + +-LT_PREREQ([2.4.2]) ++LT_PREREQ([2.4]) + LT_INIT([disable-static win32-dll]) + + #shared library versioning diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch index 2d33c06209..d8581be7eb 100644 --- a/package/libs/wolfssl/patches/200-ecc-rng.patch +++ b/package/libs/wolfssl/patches/200-ecc-rng.patch @@ -11,7 +11,7 @@ RNG regardless of the built settings for wolfssl. --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c -@@ -10293,21 +10293,21 @@ void wc_ecc_fp_free(void) +@@ -10938,21 +10938,21 @@ void wc_ecc_fp_free(void) #endif /* FP_ECC */ @@ -37,7 +37,7 @@ RNG regardless of the built settings for wolfssl. --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h -@@ -584,10 +584,8 @@ WOLFSSL_API +@@ -616,10 +616,8 @@ WOLFSSL_API void wc_ecc_fp_free(void); WOLFSSL_LOCAL void wc_ecc_fp_init(void); -- 2.30.2