diff options
author | Dirk Neukirchen <dirkneukirchen@web.de> | 2016-05-21 07:35:36 +0200 |
---|---|---|
committer | Felix Fietkau <nbd@nbd.name> | 2016-05-21 09:57:12 +0200 |
commit | de27a1adaea1bcf57e28fa33c705da51364ef92b (patch) | |
tree | 50fdc1bef8e604052d323fa31d26ea4b6fa1a430 /package/libs | |
parent | 48ff6eff8c51f316de0d8566c01bab04ff0d75a8 (diff) | |
download | upstream-de27a1adaea1bcf57e28fa33c705da51364ef92b.tar.gz upstream-de27a1adaea1bcf57e28fa33c705da51364ef92b.tar.bz2 upstream-de27a1adaea1bcf57e28fa33c705da51364ef92b.zip |
cyassl/wolfssl: update to 3.9.0
wolfssl has a fine grained feature and compatibility control
for compiling stunnel, lighthttp or (partly) openssl dropin
ustream-ssl uses features that require normally
HAVE_SNI, HAVE_STUNNEL and the openssl compatibility headers
ar71xx ipkg sizes of wolfssl 3.9.0:
- with stunnel: 144022
- this patch (w.o. stunnel): 131712
- without openssl(extra): 111104
- w.o openssl/sni:108515
- w.o openssl/sni/ecc: 93954
so patch 300 saves around 12k compressed ipkg size
v2: keep & rename patch 300 for clarity, fixes ustream-ssl/cyassl
that broke with v1
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Diffstat (limited to 'package/libs')
-rw-r--r-- | package/libs/cyassl/Makefile | 8 | ||||
-rw-r--r-- | package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch (renamed from package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch) | 8 | ||||
-rw-r--r-- | package/libs/cyassl/patches/400-additional_compatibility.patch | 2 |
3 files changed, 8 insertions, 10 deletions
diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile index 7384a3d1db..b6440f3a85 100644 --- a/package/libs/cyassl/Makefile +++ b/package/libs/cyassl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=3.8.0 -PKG_RELEASE:=2 +PKG_VERSION:=3.9.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip PKG_SOURCE_URL:=https://www.wolfssl.com/ -PKG_MD5SUM:=a73d90c5439adea97a5002a73b46ddeb +PKG_MD5SUM:=f3396726a9befd61443c2cce216e39ba PKG_FIXUP:=libtool PKG_INSTALL:=1 @@ -38,12 +38,10 @@ endef TARGET_CFLAGS += $(FPIC) CONFIGURE_ARGS += \ - --without-zlib \ --enable-singlethreaded \ --enable-opensslextra \ --enable-sni \ --enable-ecc \ - --enable-sslv3 \ --disable-examples #ifneq ($(CONFIG_TARGET_x86),) diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch index a35cdadc8e..51d89f7ece 100644 --- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch +++ b/package/libs/cyassl/patches/300-debloat_move_SSL_set_tlsext_host_name_outside_STUNNEL.patch @@ -1,15 +1,15 @@ --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h -@@ -401,6 +401,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR +@@ -402,6 +402,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR /* yassl had set the default to be 500 */ #define SSL_get_default_timeout(ctx) 500 +#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y)) -+ - /* Lighthttp compatability */ ++ + /* Lighthttp compatibility */ #ifdef HAVE_LIGHTY -@@ -487,7 +489,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_ +@@ -488,7 +490,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_ #define SSL_TLSEXT_ERR_NOACK alert_warning #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME diff --git a/package/libs/cyassl/patches/400-additional_compatibility.patch b/package/libs/cyassl/patches/400-additional_compatibility.patch index 4d75d98906..1464e9d2a8 100644 --- a/package/libs/cyassl/patches/400-additional_compatibility.patch +++ b/package/libs/cyassl/patches/400-additional_compatibility.patch @@ -1,6 +1,6 @@ --- a/cyassl/openssl/ssl.h +++ b/cyassl/openssl/ssl.h -@@ -27,6 +27,9 @@ +@@ -28,6 +28,9 @@ #define CYASSL_OPENSSL_H_ #include <cyassl/ssl.h> |