polarssl: bump to 1.3.10, work around rename to mbedtls

Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44361 3c298f89-4303-0410-b956-a3cf2f4a3e73

4 files changed, 34 insertions, 43 deletions

diff --git a/package/libs/polarssl/Makefile b/package/libs/polarssl/Makefile
index 384853e29c..b4d2490882 100644
--- a/package/libs/polarssl/Makefile
+++ b/package/libs/polarssl/Makefile
@@ -7,14 +7,14 @@
 
 include $(TOPDIR)/rules.mk
 
-PKG_NAME:=polarssl
-PKG_VERSION:=1.3.9
-PKG_RELEASE:=2
+PKG_NAME:=mbedtls
+PKG_VERSION:=1.3.10
+PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
-PKG_SOURCE_URL:=https://polarssl.org/code/releases
-PKG_MD5SUM:=48af7d1f0d5de512cbd6dacf5407884c
+PKG_SOURCE_URL:=https://polarssl.org/download/
+PKG_MD5SUM:=4b55fc9ad3da65a43addefa8b74fef13
 
 PKG_BUILD_PARALLEL:=1
 PKG_LICENSE:=GPL-2.0+
@@ -50,7 +50,7 @@ PKG_INSTALL:=1
 
 CMAKE_OPTIONS += \
 	-DCMAKE_BUILD_TYPE:String="Release" \
-	-DUSE_SHARED_POLARSSL_LIBRARY:Bool=ON \
+	-DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
 	-DENABLE_TESTING:Bool=OFF \
 	-DENABLE_PROGRAMS:Bool=OFF \
 
@@ -58,12 +58,14 @@ define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/include
 	$(CP) $(PKG_INSTALL_DIR)/usr/include/polarssl $(1)/usr/include/
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libpolarssl.so* $(1)/usr/lib/
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libmbedtls.so* $(1)/usr/lib/
+	$(LN) libmbedtls.so $(1)/usr/lib/libpolarssl.so
 endef
 
 define Package/libpolarssl/install
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libpolarssl.so* $(1)/usr/lib/
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libmbedtls.so* $(1)/usr/lib/
+	$(LN) libmbedtls.so $(1)/usr/lib/libpolarssl.so
 endef
 
 $(eval $(call BuildPackage,libpolarssl))
diff --git a/package/libs/polarssl/patches/100-disable_sslv3.patch b/package/libs/polarssl/patches/100-disable_sslv3.patch
index 06312f3471..4b779025f7 100644
--- a/package/libs/polarssl/patches/100-disable_sslv3.patch
+++ b/package/libs/polarssl/patches/100-disable_sslv3.patch
@@ -1,6 +1,6 @@
 --- a/include/polarssl/config.h
 +++ b/include/polarssl/config.h
-@@ -859,8 +859,8 @@
+@@ -951,8 +951,8 @@
   *           POLARSSL_SHA1_C
   *
   * Comment this macro to disable support for SSL 3.0
diff --git a/package/libs/polarssl/patches/200-reduce_config.patch b/package/libs/polarssl/patches/200-reduce_config.patch
index dc95faada5..b2ae4de957 100644
--- a/package/libs/polarssl/patches/200-reduce_config.patch
+++ b/package/libs/polarssl/patches/200-reduce_config.patch
@@ -1,6 +1,6 @@
 --- a/include/polarssl/config.h
 +++ b/include/polarssl/config.h
-@@ -395,8 +395,8 @@
+@@ -392,8 +392,8 @@
   *      TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_PSK_WITH_RC4_128_SHA
@@ -10,7 +10,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
-@@ -419,8 +419,8 @@
+@@ -416,8 +416,8 @@
   *      TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_DHE_PSK_WITH_RC4_128_SHA
@@ -20,7 +20,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-@@ -439,8 +439,8 @@
+@@ -436,8 +436,8 @@
   *      TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_ECDHE_PSK_WITH_RC4_128_SHA
@@ -30,7 +30,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
-@@ -464,8 +464,8 @@
+@@ -461,8 +461,8 @@
   *      TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
   *      TLS_RSA_PSK_WITH_RC4_128_SHA
@@ -40,7 +40,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED
-@@ -543,8 +543,8 @@
+@@ -540,8 +540,8 @@
   *      TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
   *      TLS_ECDHE_RSA_WITH_RC4_128_SHA
@@ -50,7 +50,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-@@ -567,8 +567,8 @@
+@@ -564,8 +564,8 @@
   *      TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
   *      TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
   *      TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
@@ -60,7 +60,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-@@ -591,8 +591,8 @@
+@@ -588,8 +588,8 @@
   *      TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
   *      TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
   *      TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
@@ -70,7 +70,7 @@
  
  /**
   * \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
-@@ -615,8 +615,8 @@
+@@ -612,8 +612,8 @@
   *      TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
   *      TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
   *      TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
@@ -80,7 +80,7 @@
  
  /**
   * \def POLARSSL_PK_PARSE_EC_EXTENDED
-@@ -778,8 +778,8 @@
+@@ -775,8 +775,8 @@
   * \def POLARSSL_SELF_TEST
   *
   * Enable the checkup functions (*_self_test).
@@ -89,8 +89,8 @@
 + */
  
  /**
-  * \def POLARSSL_SSL_ALL_ALERT_MESSAGES
-@@ -1302,8 +1302,8 @@
+  * \def POLARSSL_SSL_AEAD_RANDOM_IV
+@@ -1395,8 +1395,8 @@
   *      TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
   *      TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
   *      TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
@@ -100,7 +100,7 @@
  
  /**
   * \def POLARSSL_CCM_C
-@@ -1330,8 +1330,8 @@
+@@ -1423,8 +1423,8 @@
   * Requires: POLARSSL_PEM_PARSE_C
   *
   * This module is used for testing (ssl_client/server).
@@ -110,7 +110,7 @@
  
  /**
   * \def POLARSSL_CIPHER_C
-@@ -1370,8 +1370,8 @@
+@@ -1463,8 +1463,8 @@
   *          library/ssl_tls.c
   *
   * This module provides debugging functions.
@@ -120,7 +120,7 @@
  
  /**
   * \def POLARSSL_DES_C
-@@ -1426,8 +1426,8 @@
+@@ -1519,8 +1519,8 @@
   *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
   *
   * Requires: POLARSSL_ECP_C
@@ -130,7 +130,7 @@
  
  /**
   * \def POLARSSL_ECDSA_C
-@@ -1441,8 +1441,8 @@
+@@ -1534,8 +1534,8 @@
   *      ECDHE-ECDSA
   *
   * Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
@@ -140,7 +140,7 @@
  
  /**
   * \def POLARSSL_ECP_C
-@@ -1454,8 +1454,8 @@
+@@ -1547,8 +1547,8 @@
   *          library/ecdsa.c
   *
   * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
@@ -150,7 +150,7 @@
  
  /**
   * \def POLARSSL_ENTROPY_C
-@@ -1494,8 +1494,8 @@
+@@ -1587,8 +1587,8 @@
   *
   * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
   * requisites are enabled as well.
@@ -160,7 +160,7 @@
  
  /**
   * \def POLARSSL_HAVEGE_C
-@@ -1652,8 +1652,8 @@
+@@ -1746,8 +1746,8 @@
   * Requires: POLARSSL_HAVE_ASM
   *
   * This modules adds support for the VIA PadLock on x86.
@@ -170,7 +170,7 @@
  
  /**
   * \def POLARSSL_PBKDF2_C
-@@ -1813,8 +1813,8 @@
+@@ -1907,8 +1907,8 @@
   * Module:  library/ripemd160.c
   * Caller:  library/md.c
   *
@@ -180,7 +180,7 @@
  
  /**
   * \def POLARSSL_RSA_C
-@@ -1893,8 +1893,8 @@
+@@ -1987,8 +1987,8 @@
   * Caller:
   *
   * Requires: POLARSSL_SSL_CACHE_C
@@ -190,7 +190,7 @@
  
  /**
   * \def POLARSSL_SSL_CLI_C
-@@ -1970,8 +1970,8 @@
+@@ -2064,8 +2064,8 @@
   * Caller:  library/havege.c
   *
   * This module is used by the HAVEGE random number generator.
@@ -200,7 +200,7 @@
  
  /**
   * \def POLARSSL_VERSION_C
-@@ -2091,8 +2091,8 @@
+@@ -2185,8 +2185,8 @@
   *
   * Module:  library/xtea.c
   * Caller:
@@ -208,5 +208,5 @@
  #define POLARSSL_XTEA_C
 + */
  
- /* \} name SECTION: PolarSSL modules */
+ /* \} name SECTION: mbed TLS modules */
  
diff --git a/package/libs/polarssl/patches/300-CVE-2015-1182.patch b/package/libs/polarssl/patches/300-CVE-2015-1182.patch
deleted file mode 100644
index 5961d37aa5..0000000000
--- a/package/libs/polarssl/patches/300-CVE-2015-1182.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/library/asn1parse.c
-+++ b/library/asn1parse.c
-@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char
-             if( cur->next == NULL )
-                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
- 
-+            memset( cur->next, 0, sizeof( asn1_sequence ) );
-+
-             cur = cur->next;
-         }
-     }