aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/cyassl/patches
Commit message (Collapse)AuthorAgeFilesLines
* wolfssl: enable openssl 1.0.1 compatibilityKarl Palsson2016-06-071-19/+0
| | | | | | | | | | | >From wolfssl/openssl/opensslv.h, and from skimming the contents of what "--enable-stunnel" actually does, it seems that --enable-opensslextra doesn't give you the "full" openssl compatibility that you may wish for these days. Unfortuantely, while wolfssl writes the build time options into wolfssl/options.h, it doesn't include that file itself. User applications must include that directly. Signed-off-by: Karl Palsson <karlp@etactica.com>
* cyassl/wolfssl: update to 3.9.0Dirk Neukirchen2016-05-212-5/+5
| | | | | | | | | | | | | | | | | | | | | wolfssl has a fine grained feature and compatibility control for compiling stunnel, lighthttp or (partly) openssl dropin ustream-ssl uses features that require normally HAVE_SNI, HAVE_STUNNEL and the openssl compatibility headers ar71xx ipkg sizes of wolfssl 3.9.0: - with stunnel: 144022 - this patch (w.o. stunnel): 131712 - without openssl(extra): 111104 - w.o openssl/sni:108515 - w.o openssl/sni/ecc: 93954 so patch 300 saves around 12k compressed ipkg size v2: keep & rename patch 300 for clarity, fixes ustream-ssl/cyassl that broke with v1 Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* cyassl: update to wolfssl version 3.8.0Hauke Mehrtens2016-02-011-1/+1
| | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48616
* cyassl: update to wolfSSL version 3.7.0Hauke Mehrtens2015-12-053-23/+17
| | | | | | | | | | | | This version and version 3.6.8 are fixing the following security problems: * CVE-2015-7744 * CVE-2015-6925 The activation of SSLv3 support is needed for curl. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 47791
* cyassl: update to wolfssl 3.6.0Hauke Mehrtens2015-07-034-19/+7
| | | | | | | | | Upstream wolfssl already has better checks to detect broken ssl v2 ClientHellos, we can remove our hack. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 46168
* cyassl: version bump to 3.4.6Hauke Mehrtens2015-07-033-6/+21
| | | | | | | | | | | | This patch introduces a new build error into coova-chilli, but coova-chilli already fails to build even without it anyway. CyaSSL is now called wolfSSL, and all the API's have been renamed, and backward-compatibility headers added. Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 46167
* cyassl: add support for SSL_set_tlsext_host_nameJohn Crispin2015-04-011-0/+10
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45215
* cyassl: update to version 3.2.0Hauke Mehrtens2014-09-131-1/+1
| | | | | | | | | This fixes a security problem: Security fix for RSA Padding check vulnerability Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 42526
* cyassl: update to 3.1.0Steven Barth2014-08-081-1/+1
| | | | SVN-Revision: 42063
* cyassl: update to version 3.0.0Hauke Mehrtens2014-05-012-3/+3
| | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 40621
* change fixup method and fix CFLAGS handlingImre Kaloz2013-12-202-1/+12
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 39151
* cyassl: drop obsolete patchesJo-Philipp Wich2013-10-303-561/+0
| | | | SVN-Revision: 38610
* cyassl: upgrade to v2.8.0Jo-Philipp Wich2013-10-301-3/+3
| | | | | | | | | Un-reverts the previous update commit and forward-ports the patch to improve legacy SSLv2 handshake handling. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 38609
* Revert "[cyassl]: upgrade to 2.8.0"Jo-Philipp Wich2013-10-294-0/+574
| | | | | | | | | | Reverts the CyaSSL version bump for now since the update completely broke trunk building due to incompatible changes in the IO callback API which in turn breaks the core ustream-ssl package. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 38576
* upgrade to 2.8.0Imre Kaloz2013-10-284-574/+0
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 38558
* cyassl: add a patch to better check legacy SSLv2 client hello recordsJo-Philipp Wich2012-10-091-0/+13
| | | | | | | | | If junk data is received during SSL_accept(), cyassl will treat it as legacy SSLv2 record without performing further plausibility checks. Change the legacy code path to return UNKNOWN_HANDSHAKE_TYPE if the value of the third byte isn't 0x01 the hello message type. SVN-Revision: 33675
* move library packages to package/libs/Felix Fietkau2012-10-083-0/+561
SVN-Revision: 33657