diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2015-07-03 23:20:36 +0000 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2015-07-03 23:20:36 +0000 |
commit | 69a2459c668e9ddf129bbff94633a621e21aeca8 (patch) | |
tree | 01975115d8f2c5369f8db4b7b0ef1af01dabf0e2 /package/libs/cyassl/patches | |
parent | 9177e160987af4939b65b865adc1be916e28b997 (diff) | |
download | upstream-69a2459c668e9ddf129bbff94633a621e21aeca8.tar.gz upstream-69a2459c668e9ddf129bbff94633a621e21aeca8.tar.bz2 upstream-69a2459c668e9ddf129bbff94633a621e21aeca8.zip |
cyassl: update to wolfssl 3.6.0
Upstream wolfssl already has better checks to detect broken ssl v2
ClientHellos, we can remove our hack.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46168
Diffstat (limited to 'package/libs/cyassl/patches')
4 files changed, 7 insertions, 19 deletions
diff --git a/package/libs/cyassl/patches/100-respect_cflags.patch b/package/libs/cyassl/patches/100-respect_cflags.patch index 0e03230dcf..94117aec99 100644 --- a/package/libs/cyassl/patches/100-respect_cflags.patch +++ b/package/libs/cyassl/patches/100-respect_cflags.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -47,7 +47,7 @@ AC_SUBST([CYASSL_LIBRARY_VERSION]) +@@ -47,7 +47,7 @@ AC_SUBST([WOLFSSL_LIBRARY_VERSION]) # capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even # if user doesn't override, no way to tell diff --git a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch deleted file mode 100644 index 4e2c540bd8..0000000000 --- a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/src/internal.c -+++ b/src/internal.c -@@ -6353,6 +6353,10 @@ int ProcessReply(CYASSL* ssl) - b1 = - ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++]; - ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1); -+ -+ /* does not appear to a be a SSLv2 client hello */ -+ if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 ) -+ return UNKNOWN_HANDSHAKE_TYPE; - } - else { - ssl->options.processReply = getRecordLayerHeader; diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch index 5bccb05133..00a23fe798 100644 --- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch +++ b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch @@ -1,9 +1,9 @@ --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h -@@ -398,6 +398,7 @@ +@@ -397,6 +397,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR + /* yassl had set the default to be 500 */ #define SSL_get_default_timeout(ctx) 500 - +#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y)) #ifdef __cplusplus diff --git a/package/libs/cyassl/patches/400-additional_compatibility.patch b/package/libs/cyassl/patches/400-additional_compatibility.patch index 360fb148cf..07956f1209 100644 --- a/package/libs/cyassl/patches/400-additional_compatibility.patch +++ b/package/libs/cyassl/patches/400-additional_compatibility.patch @@ -1,6 +1,7 @@ ---- a/cyassl/openssl/ssl.h 2015-02-25 13:04:52.000000000 -0800 -+++ b/cyassl/openssl/ssl.h 2015-05-20 11:13:44.476628943 -0700 -@@ -25,3 +25,12 @@ +--- a/cyassl/openssl/ssl.h ++++ b/cyassl/openssl/ssl.h +@@ -24,4 +24,13 @@ + * */ +#ifndef CYASSL_OPENSSL_H_ |