diff options
| author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-08-05 11:47:58 -0300 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-08-17 16:43:23 +0200 |
| commit | 77e0e99d3104debc7ce31d6c15ff1e10e19ceb7c (patch) | |
| tree | 67e9cf8898201ab77d30f91a4f6b844e0c83c55e /package/libs/wolfssl/Makefile | |
| parent | 16730410136f1512203da9d21bb6a42f1cb43b4e (diff) | |
| download | upstream-77e0e99d3104debc7ce31d6c15ff1e10e19ceb7c.tar.gz upstream-77e0e99d3104debc7ce31d6c15ff1e10e19ceb7c.tar.bz2 upstream-77e0e99d3104debc7ce31d6c15ff1e10e19ceb7c.zip | |
wolfssl: bump to 4.1.0-stable
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Diffstat (limited to 'package/libs/wolfssl/Makefile')
| -rw-r--r-- | package/libs/wolfssl/Makefile | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 678eb4936b..2ad03a5aca 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=4.0.0-stable +PKG_VERSION:=4.1.0-stable PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=6cf678c72b485d1904047c40c20f85104c96b5f39778822783a2c407ccb23657 +PKG_HASH:=f0d630c3ddfeb692b8ae38cc739f47d5e9f0fb708662aa241ede0c42a5eb3dd8 PKG_FIXUP:=libtool PKG_INSTALL:=1 @@ -25,14 +25,13 @@ PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com> PKG_CPE_ID:=cpe:/a:wolfssl:wolfssl PKG_CONFIG_DEPENDS:=\ - CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \ - CONFIG_WOLFSSL_HAS_AFALG CONFIG_WOLFSSL_HAS_ARC4 \ - CONFIG_WOLFSSL_HAS_CHACHA_POLY CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES \ - CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL, CONFIG_WOLFSSL_HAS_DH \ - CONFIG_WOLFSSL_HAS_DTLS CONFIG_WOLFSSL_HAS_ECC25519 \ - CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_SESSION_TICKET \ - CONFIG_WOLFSSL_HAS_TLSV10 CONFIG_WOLFSSL_HAS_TLSV13 \ - CONFIG_WOLFSSL_HAS_WPAS + CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AFALG \ + CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA_POLY \ + CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL \ + CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \ + CONFIG_WOLFSSL_HAS_ECC25519 CONFIG_WOLFSSL_HAS_OCSP \ + CONFIG_WOLFSSL_HAS_SESSION_TICKET CONFIG_WOLFSSL_HAS_TLSV10 \ + CONFIG_WOLFSSL_HAS_TLSV13 CONFIG_WOLFSSL_HAS_WPAS include $(INCLUDE_DIR)/package.mk @@ -65,11 +64,9 @@ CONFIGURE_ARGS += \ --enable-sni \ --enable-stunnel \ --disable-examples \ - --disable-leanpsk \ - --disable-leantls \ + --disable-jobserver \ --$(if $(CONFIG_IPV6),enable,disable)-ipv6 \ --$(if $(CONFIG_WOLFSSL_HAS_AES_CCM),enable,disable)-aesccm \ - --$(if $(CONFIG_WOLFSSL_HAS_AES_GCM),enable,disable)-aesgcm \ --$(if $(CONFIG_WOLFSSL_HAS_CHACHA_POLY),enable,disable)-chacha \ --$(if $(CONFIG_WOLFSSL_HAS_CHACHA_POLY),enable,disable)-poly1305 \ --$(if $(CONFIG_WOLFSSL_HAS_DH),enable,disable)-dh \ |