aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs
Commit message (Collapse)AuthorAgeFilesLines
* wolfssl: fix options and add support for wpa_supplicant featuresDaniel Golle2018-05-022-5/+40
| | | | | | | | Some options' default values have been changed upstream, others were accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options needed to build hostapd/wpa_supplicant against wolfssl. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ustream-ssl: update to latest git HEADJohn Crispin2018-05-011-3/+3
| | | | | | | | 527e700 ustream-ssl: Remove RC4 from ciphersuite in server mode. 39a6ce2 ustream-ssl: Enable ECDHE with OpenSSL. 45ac930 remove polarssl support Signed-off-by: John Crispin <john@phrozen.org>
* libnl: Disable debug supportHauke Mehrtens2018-04-301-0/+3
| | | | | | | | | | | | | | | | | | | This dereses the size of the libnl pakcage a little bit old: 857 bin/packages/mips_24kc/base/libnl_3.4.0-1_mips_24kc.ipk 41195 bin/packages/mips_24kc/base/libnl-core_3.4.0-1_mips_24kc.ipk 7818 bin/packages/mips_24kc/base/libnl-genl_3.4.0-1_mips_24kc.ipk 24322 bin/packages/mips_24kc/base/libnl-nf_3.4.0-1_mips_24kc.ipk 136075 bin/packages/mips_24kc/base/libnl-route_3.4.0-1_mips_24kc.ipk new: 852 bin/packages/mips_24kc/base/libnl_3.4.0-1_mips_24kc.ipk 35020 bin/packages/mips_24kc/base/libnl-core_3.4.0-1_mips_24kc.ipk 7615 bin/packages/mips_24kc/base/libnl-genl_3.4.0-1_mips_24kc.ipk 24114 bin/packages/mips_24kc/base/libnl-nf_3.4.0-1_mips_24kc.ipk 131134 bin/packages/mips_24kc/base/libnl-route_3.4.0-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libusb: Update to 1.0.22Rosen Penev2018-04-301-4/+4
| | | | | | | | | | Switched download from SourceForge to GitHub. It seems the author migrated to that. Also fixed the website URL as the SourceForge link is dead. Compile tested on ar71xx and mvebu. Small size decrease on ar71xx: 30444 vs. 30099 bytes. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/zlib: move zlib build to toolsHauke Mehrtens2018-04-281-2/+0
| | | | | | | | | | | | | This allows us to link the other tools against our libz and we do not need the system zlib any more. Only the static linked library is copied to the staging directory so we have a statically linked library on all systems and not only on Linux. This also adds the new dependencies of the packages which are depending on zlib. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ustream-ssl: px5g: Rebuild packageHauke Mehrtens2018-04-181-1/+1
| | | | | | | | | | | | mbedtls changed in version 2.7.0 the soversion of the libmbedcrypto.so library, all applications using this shared library have to be recompiled to be able to load the new library. Some binaries got rebuild to for the 2.7.0 release and are now using libmbedcrypto.so.1, the older ones are still using libmbedcrypto.so.0. Fixes: 75c5ab4ca ("mbedtls: update to version 2.7.0") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* nghttp2: bump to 1.31.1Hans Dedecker2018-04-151-2/+2
| | | | | | | | 1e22b36c Update manual pages 0f818baf Bump up version number to 1.31.1 c411d169 Fix frame handling Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libubox: update to latest git HEADHans Dedecker2018-04-121-3/+3
| | | | | | 6eff829 utils: fix build error with g++ Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libubox: update to the latest versionFelix Fietkau2018-04-071-3/+3
| | | | | | | | 42a8ecd jshn: fix format string for int64 type 92009b7 utils: ensure that byte-order conversion functions evaluate the argument only once ace6489 switch from typeof to the more portable __typeof__ Signed-off-by: Felix Fietkau <nbd@nbd.name>
* Revert "libubox: update to the latest version"Felix Fietkau2018-04-071-3/+3
| | | | | | | This reverts commit def82714d92d124dc5376c340132392ff7a3d4a5. Needs further fixes Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libubox: update to the latest versionFelix Fietkau2018-04-071-3/+3
| | | | | | | 42a8ecd jshn: fix format string for int64 type 92009b7 utils: ensure that byte-order conversion functions evaluate the argument only once Signed-off-by: Felix Fietkau <nbd@nbd.name>
* Revert "ncurses: Remove obsolete compile fixes"Jo-Philipp Wich2018-04-042-0/+58
| | | | | | | | | This reverts commit 4fb684a7558ea5c11580378be062f73da07f8479. The compile fixes are still required for host systems using GCC 5.x, such as Ubuntu 16.04 LTS. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ncurses: Remove obsolete compile fixesRosen Penev2018-04-032-58/+0
| | | | | | | | | | It seems both issues (GCC5 and Musl) were fixed at some point. Thus, they can be dropped. Did not bump version as there is no change in functionality or size. Compile-tested on ar71xx and mvebu, both with musl. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* package/libs/mbedtls: add package with some mbedtls binaries.Paul Wassi2018-03-311-2/+23
| | | | | | Add some basic binaries required for private key and CSR generation. Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* mbedtls: update to version 2.8.0Hauke Mehrtens2018-03-312-20/+20
| | | | | | | | | | | | This fixes some minor security problems. Old size: 162262 bin/packages/mips_24kc/base/libmbedtls_2.7.0-1_mips_24kc.ipk New size: 163162 bin/packages/mips_24kc/base/libmbedtls_2.8.0-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ncurses: Update to 6.1.Rosen Penev2018-03-316-47/+36
| | | | | | | | | | | | | | Compile tested on ar71xx. Old size: 6527 bin/packages/mips_24kc/base/terminfo_6.0-1_mips_24kc.ipk 141465 bin/packages/mips_24kc/base/libncurses_6.0-1_mips_24kc.ipk New size: 6873 bin/packages/mips_24kc/base/terminfo_6.1-1_mips_24kc.ipk 146950 bin/packages/mips_24kc/base/libncurses_6.1-1_mips_24kc.ipk Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libtool: Update to 2.4.6Rosen Penev2018-03-312-14/+3
| | | | | | | | | | | | Compile tested on mvebu. old size: 12947 bin/packages/mips_24kc/base/libltdl_2.4-2_mips_24kc.ipk new size: 13002 bin/packages/mips_24kc/base/libltdl_2.4.6-1_mips_24kc.ipk Signed-off-by: Rosen Penev <rosenp@gmail.com>
* openssl: update to 1.0.2oPaul Wassi2018-03-313-5/+5
| | | | | | Fixes CVE-2018-0739 Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* libubox: update to the latest versionFelix Fietkau2018-03-231-3/+3
| | | | | | | 3aad294 libubox: Plug a small memory leak. eebe3fc utils: use constant byte-order conversion Signed-off-by: Felix Fietkau <nbd@nbd.name>
* nghttp2: bump to 1.31.0Hans Dedecker2018-03-051-2/+2
| | | | | | | | | | | | | | | | | | | | | 6e744662 Update bash_completion 478eac09 Update manual pages 88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16 45d76cf5 nghttpx: Close listening socket on graceful shutdown 54573f28 Merge pull request #1137 from nghttp2/session-set-user-data 17793e99 Add nghttp2_session_set_user_data() public API function 5eac3c90 Update manual pages e70195ae nghttpx: Update doc fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro 39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert 65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after e8af7afc nghttpx: Add an option to accept expired client certificate 38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after ff3edc09 nghttpx: Fix potential memory leak 0bb15406 Bump up version number to 1.31.0-DEV Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libunwind: fix build with musl on PPCMatthias Schiffer2018-02-251-0/+383
| | | | | | | | | | | Works around two incompatiblities between glibc and (POSIX-compliant) musl: - missing register definitions from asm/ptrace.h - non-POSIX-compliant ucontext_t on PPC32 with glibc Compile tested on mpc85xx. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* libnftnl: backport flowtable supportFelix Fietkau2018-02-213-1/+1704
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mbedtls: activate deprecated functionsHauke Mehrtens2018-02-161-9/+0
| | | | | | | | | Some functions used by a lot of other software was renamed and is only active when deprecated functions are allowed, deactivate the removal of deprecated functions for now. Fixes: 75c5ab4caf9 ("mbedtls: update to version 2.7.0") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: update to version 2.7.0Hauke Mehrtens2018-02-152-41/+39
| | | | | | | | This fixes the following security problems: * CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled * CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* bunwind: build for ARM64Hauke Mehrtens2018-02-101-1/+1
| | | | | | | ARM64 is supported by libunwind since some versions, allow building it for aarch64. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libubox: bump to git HEAD versionHans Dedecker2018-02-081-3/+3
| | | | | | b0c830 sh/jshn.sh: add json_for_each_item() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* nghttp2: bump to 1.30.0Hans Dedecker2018-02-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | f0836c7e Update manual pages 25db178b Bump up version number to 1.30.0, LT revision to 29:2:15 1b6713e6 Update AUTHORS c1a496cf nghttpx: Fix bug that h1 backend idle timeout expires sooner e098a211 mruby: Fix bug that response header is unexpectedly overwritten 0ba4bf51 Merge pull request #1120 from dylanplecki/issue-1119-mruby-header-overwrite 6deee203 Fix #1119: Stop overwrite of first header on mruby call to env.req.set_header(..) 6761a933 Merge pull request #1105 from nghttp2/nghttpx-upgrade-scheme 5cc3d159 nghttpx: Add upgrade-scheme parameter to backend option 652f57e7 Merge pull request #1104 from nghttp2/allow-ping-after-goaway acd6b40e Allow PING frame to be sent after GOAWAY 0fbb46ed Merge pull request #1101 from nghttp2/remember-pushed-links 6ad629de Merge pull request #1102 from nghttp2/fix-missing-alpn-validation 74754982 nghttpx: Fix missing ALPN validation (--npn-list) a31a2e3b nghttpx: Remember which resource is pushed a776b0db Merge pull request #1092 from nghttp2/define-103 cfd926f0 src: Define 103 status code 72f52716 Bump up version number to 1.30.0-DEV Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* openssl: remove call to now absent clean-staging make targetYousong Zhou2018-01-301-3/+0
| | | | | | | | | It's not needed now since commit a621b8c ("include: clean package staging dir files before configure") Fixes FS#1309 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* build: cleanup SSP_SUPPORT configure optionJulien Dusser2018-01-271-1/+1
| | | | | | | | | | | | | | | | | | Configure variable SSP_SUPPORT is ambiguous for packages (tor, openssh, avahi, freeswitch). It means 'toolchain supporting SSP', but for toolchain and depends it means 'build gcc with libssp'. Musl no longer uses libssp (1877bc9d8f), it has internal support, so SSP_SUPPORT was disabled leading some package to not use SSP. No information why Glibc and uClibc use libssp, but they may also provide their own SSP support. uClibc used it own with commit 933b588e25 but it was reverted in f3cacb9e84 without details. Create an new configure GCC_LIBSSP and automatically enable SSP_SUPPORT if either USE_MUSL or GCC_LIBSSP. Signed-off-by: Julien Dusser <julien.dusser@free.fr>
* libunwind: enable build for armMaxim Gorbachyov2018-01-271-1/+1
| | | | | | Tested with perf on mvebu. Signed-off-by: Maxim Gorbachyov <maxim.gorbachyov@gmail.com>
* openssl: tell the build system that we are doing CROSS_COMPILEYousong Zhou2018-01-261-0/+5
| | | | | | | | | | So that it will not try to run c_rehash with the just built binaries on certs/demo. Fixes openwrt/packages#5432 Reported-by: Val Kulkov <val.kulkov@gmail.com> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* libnftnl: update to 1.0.9Philip Prindeville2018-01-201-7/+7
| | | | | | | | Also, drop unsupported configure options. Don't use git retrieve but released tarball instead. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* treewide: replace LEDE_GIT with PROJECT_GITJo-Philipp Wich2018-01-104-4/+4
| | | | | | | Remove LEDE_GIT references in favor to the new name-agnostic PROJECT_GIT variable. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: fix package bumpJo-Philipp Wich2018-01-071-4/+4
| | | | | | | | The previous commit was incorrectly rebased and referred to a not yet existing PROJECT_GIT variable. Fixes: d86a269c1f libubox: update to latest git HEAD Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: update to latest git HEADJo-Philipp Wich2018-01-071-1/+1
| | | | | | 1c08e80 jshn: properly support JSON "null" type Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* zlib: only enable NEON optimizations on eligible targetsJo-Philipp Wich2018-01-071-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | Instead of inferring the availability of NEON support from the target optimization flags, use a preprocessor test to decide whether to enable ARMv8 NEON optimizations. Fixes the following build error spotted by the mediatek/32 buildbot: [ 26%] Building C object CMakeFiles/zlib.dir/contrib/arm/inflate.o In file included from .../zlib-1.2.11/contrib/arm/chunkcopy.h:10:0, from .../zlib-1.2.11/contrib/arm/inflate.c:87: .../arm_neon.h:31:2: error: #error You must enable NEON instructions (e.g. -mfloat-abi=softfp -mfpu=neon) to use arm_neon.h #error You must enable NEON instructions (e.g. -mfloat-abi=softfp -mfpu=neon) to use arm_neon.h ^ In file included from .../zlib-1.2.11/contrib/arm/inflate.c:87:0: .../zlib-1.2.11/contrib/arm/chunkcopy.h:18:9: error: unknown type name 'uint8x16_t' typedef uint8x16_t chunkcopy_chunk_t; ^ [...] CMakeFiles/zlib.dir/build.make:302: recipe for target 'CMakeFiles/zlib.dir/contrib/arm/inflate.o' failed Fixes: 3acecba520 "package/libs/zlib: Add ARM and NEON optimizations" Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* argp-standalone: clean up patch fuzzKevin Darbyshire-Bryant2018-01-051-8/+8
| | | | | | Refresh patches to tidy up fuzz. No functional changes Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* package/libs/zlib: Add host buildDaniel Engberg2018-01-021-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Some packages such as Python/Python3 (host pip/pip3) needs this to compile. More detailed explanation provided by Alexandru: "i need the zlib/host for Python/Python3 ; because, it seems the host pip/pip3 needs this to work ; i suspect in older versions this worked, because some of the host's build env would be used in the build, and then the zlib-dev from the host distro would be used ; now, the host-build does not seem to have any -I/usr/include stuff, which is good and it also seems that Python/Python3 does not like it if the zlib-dev package is too old, so using this zlib/host would be good for this as well" Source: https://github.com/lede-project/source/pull/1329#issuecomment-351055861 Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com> Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/zlib: Add option for O3 optimizationDaniel Engberg2018-01-022-0/+21
| | | | | | | | | | Add option to use O3 optimization as not all devices have space constraints. This option is default using GCC in upstream but isn't in the CMake makefile for some reason. Source: https://github.com/madler/zlib/blob/master/configure#L170 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/zlib: Add ARM and NEON optimizationsDaniel Engberg2018-01-024-1/+2770
| | | | | | | | | | | | | | | | | | | This adds two optimizations for ARM: NEON optimized Adler(-)32 checksum algorithm (ARMv7 and newer NEON CPUs) ARM(v7+) specific optimization for inflate I've also connected inflate optimization to the build using the following source as template. https://github.com/mirror/chromium/commit/0397489124ce7e6aced020f8b85f5034c7d5f49b#diff-a62ad2db6c83dbc205d34bb9a8884f16 Additional info: https://codereview.chromium.org/2676493007/ https://codereview.chromium.org/2722063002/ Sources: https://github.com/madler/zlib/pull/251 (only the first commit) https://github.com/madler/zlib/pull/256 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/zlib: Use toolchain build logicDaniel Engberg2018-01-021-22/+4
| | | | | | Use build logic provided by toolchain instead of doing it manually. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* nghttp2: bump to 1.29.0Hans Dedecker2017-12-241-2/+2
| | | | | | | | | | | | | | | | | | | | 439b9b6c (tag: v1.29.0) Update manual pages 48498452 Bump up version number to v1.29.0, LT revision to 29:1:15 d30f3816 Update manual pages 4d1139f6 Remove SPDY 48f57407 nghttpx: Update doc c1f14d73 Update manual pages 216f4dad nghttpx: Remove redundant check a4e27d76 Revert "nghttpx: Use an existing h2 backend connection as much as possible" 2365f12e Fix CMAKE_MODULE_PATH 03f7ec0f nghttpx: Write API request body in temporary file 2056e812 nghttpx: Increase api-max-request-body 1ebb6810 nghttpx: Faster configuration loading with lots of backends a3ebeeaf nghttpx: Fix crash with --backend-http-proxy-uri option 422ad1be Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY 97f1735c Bump up version number to 1.29.0 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libiconv-full: fix compile-time linking error GCC7Jake Staehle2017-12-191-1/+1
| | | | | | | | | | | | | | | LEDE Flyspray Task 1091: Fix libiconv-full 'undefined reference' compile linker error using GCC7 Musl Tested with targets x86 (i386 and x86_64) Addition of CFLAGS "std=gnu89" fixes the linker issues, credit to harrylwc Issue found with 'minidlna' package, which depends on 'libiconv-full' Error in compile log: ../lib/.libs/libiconv.so: undefined reference to `aliases_lookup' ../lib/.libs/libiconv.so: undefined reference to `aliases2_lookup' collect2: error: ld returned 1 exit status Makefile:64: recipe for target 'iconv_no_i18n' failed Signed-off-by: Jake Staehle <jacob@staehle.us>
* wolfssl: update to 3.12.2 (1 CVE)Jo-Philipp Wich2017-12-123-5/+147
| | | | | | | | | | Update wolfssl to the latest release v3.12.2 and backport an upstream pending fix for CVE-2017-13099 ("ROBOT vulnerability"). Ref: https://github.com/wolfSSL/wolfssl/pull/1229 Ref: https://robotattack.org/ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openssl: update to 1.0.2nPeter Wagner2017-12-081-3/+3
| | | | | | | | add no-ssl3-method again as 1.0.2n compiles without the ssl3-method(s) Fixes CVEs: CVE-2017-3737, CVE-2017-3738 Signed-off-by: Peter Wagner <tripolar@gmx.at>
* nghttp2: bump to 1.28.0Hans Dedecker2017-11-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 939ad5dd Update manual pages 24d92b97 Add deprecation warning when spdylay support is enabled 4c92ff18 Bump up version number to 1.28.0, LT revision to 29:0:15 280db5c6 Update neverbleed 7fbcb2d0 Merge pull request #1074 from nghttp2/fix-doc 53aeb2c3 Fix doc ff200bfc clang-format-5.0 fee3151f Switch to clang-format-5.0 99a85159 Update manual pages 2a981a3f Merge pull request #1066 from nghttp2/nghttpx-add-affinity-cookie-secure 0028275d nghttpx: Add affinity-cookie-secure parameter to backend option ee8bfddf Merge pull request #1063 from nghttp2/error_callback2 194acb1f src: Use nghttp2_error_callback2 43a2a70a Add nghttp2_error_callback2 73344ae9 nghttpx: Use plain hex string format for client serial c479f612 Merge pull request #1060 from nghttp2/nghttpx-add-client-serial eca0a302 nghttpx: Add $tls_client_serial log variable 4720c5cb nghttpx: Make client serial available in mruby script cd55ab28 nghttpx: Add function to get serial number from certificate d402cfdf Merge pull request #1057 from nghttp2/nghttpx-add-tls-client-issuer-name 22502182 Add tls_client_issuer_name log variable and expose it to mruby 05e1fd5e Update manual pages 943d7923 Add Session Affinity section to nghttpx howto 568ecbfb doc: Add missing port f5ddd7f4 nghttpx: Make initial_addr_idx_ unsigned 88abbce7 nghttpx: Fix compile error with gcc 16e90365 nghttpx: Fix affinity retry fa7945c6 nghttpx: Refactor daca43f0 nghttpx: Fix stalled backend connection on retry 16bc11e6 nghttpx: Remove duplicated util::make_socket_nodelay 6f7e94cd Merge pull request #1047 from PiotrSikora/go_vet 61efa15a integration: Fix issues reported by the `go vet` tool. 8c0ea56b Merge pull request #1036 from nghttp2/nghttpx-affinity-cookie 54905371 nghttpx: Refactor 6010d393 integration: Add tests be5c39a1 src: Add tests b8fda680 nghttpx: Cookie based session affinity e29b9c12 Merge pull request #1045 from nghttp2/nghttpx-sha1-fingerprint 539e2781 nghttpx: Add tls_client_fingerprint_sha1 to mruby and accesslog 7008afd4 nghttpx: Refactor get_x509_fingerprint to accept hash function 77a41756 Merge pull request #1041 from nghttp2/fix-examples-client-server b15045d6 Merge pull request #1040 from nghttp2/nghttpx-mruby-add-more-tls-vars 03084f75 examples: Make client and server work with libevent-2.1.8 60baca27 nghttpx: Add more TLS related attributes to mruby Env object 86990db2 Merge pull request #1038 from nghttp2/nghttpx-add-more-logging-vars cb376bcd nghttpx: Add client fingerprint and subject name to accesslog f2b8edd1 nghttpx: Fix memory leak c4f8afcf nghttpx: Get TLS info only when it is necessary when writing accesslog 1a1a216d Merge pull request #1037 from nghttp2/nghttpx-mruby-tls-client-vars 9f80a82c nghttpx: Add client fingerprint and subject name to mruby env c573c80b nghttpx: Pass a pointer to SSL instead of TLSSessionInfo to LogSpec 3cd6817e Fix typos d4a69658 Add another warning about mruby 8e06fe49 Fix typo aaeeec8f Fix typos 66d5e246 Bump up version number to 1.28.0-DEV Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libusb-compat: Upgrade to 0.1.15Rosen Penev2017-11-221-3/+3
| | | | | | Compile tested on ramips (mt7621) Signed-off-by: Rosen Penev <rosenp@gmail.com>
* wolfssl: add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-191-0/+1
| | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* openssl: Add optimization optionDaniel Engberg2017-11-182-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add option to optimize for speed instead of size cmd: openssl speed md5 sha1 sha256 sha512 des des-ede3 aes-128-cbc \ aes-192-cbc aes-256-cbc rsa2048 dsa2048 === Linksys WRT3200ACM === Default optimization: The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 14111.49k 47147.75k 123375.02k 206937.09k 258828.97k sha1 14495.71k 46763.99k 116679.94k 188115.29k 228294.66k des cbc 22315.63k 23118.98k 23323.14k 23348.22k 23363.58k des ede3 8085.97k 8217.26k 8255.74k 8266.41k 8273.92k aes-128 cbc 48740.10k 52606.12k 54224.98k 56263.68k 54774.44k aes-192 cbc 43410.83k 47325.31k 48994.05k 49377.96k 48532.14k aes-256 cbc 39132.46k 42512.60k 43692.63k 43997.18k 44070.23k sha256 19987.80k 47314.69k 86119.08k 109352.28k 119466.67k sha512 8034.63k 32321.92k 47495.94k 65777.32k 74080.26k sign verify sign/s verify/s rsa 2048 bits 0.020387s 0.000528s 49.1 1892.2 sign verify sign/s verify/s dsa 2048 bits 0.005920s 0.006396s 168.9 156.3 Optimize for speed (-O3 instead of -Os and disable -DOPENSSL_SMALL_FOOTPRINT): The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 14655.49k 48561.79k 126953.56k 210741.93k 262430.72k sha1 14607.90k 47032.15k 117725.87k 188226.22k 228499.46k des cbc 28041.11k 29586.84k 29939.80k 30047.91k 30067.37k des ede3 10697.93k 10899.75k 10956.97k 10972.84k 10980.01k aes-128 cbc 58852.70k 65956.07k 68675.67k 69388.29k 69607.42k aes-192 cbc 50299.73k 56501.23k 58491.65k 59008.00k 59159.89k aes-256 cbc 44684.38k 47944.36k 49098.67k 49573.89k 49463.30k sha256 19673.53k 47248.58k 86775.04k 110053.72k 119382.02k sha512 8029.67k 32033.02k 47440.04k 65740.12k 74072.06k sign verify sign/s verify/s rsa 2048 bits 0.019666s 0.000529s 50.8 1892.0 sign verify sign/s verify/s dsa 2048 bits 0.005882s 0.006450s 170.0 155.0 === D-Link DIR-860L (B1) === Default optimization: The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 3376.97k 11654.74k 32966.76k 60016.27k 80729.43k sha1 2310.95k 6024.87k 11680.32k 15273.93k 16784.07k des cbc 6787.21k 7014.36k 7072.49k 7088.73k 7092.48k des ede3 2462.47k 2499.87k 2509.48k 2511.35k 2514.75k aes-128 cbc 10014.28k 11018.87k 11308.99k 11381.03k 11406.20k aes-192 cbc 8930.35k 9675.27k 9895.97k 9954.57k 9971.92k aes-256 cbc 8022.81k 8624.03k 8799.60k 8843.14k 8856.07k sha256 2546.33k 5542.19k 9326.99k 11249.03k 11969.57k sha512 877.22k 3503.44k 4856.01k 6554.96k 7299.32k sign verify sign/s verify/s rsa 2048 bits 0.109348s 0.003132s 9.1 319.3 sign verify sign/s verify/s dsa 2048 bits 0.032745s 0.037212s 30.5 26.9 Optimize for speed (-O3 instead of -Os and disable -DOPENSSL_SMALL_FOOTPRINT): The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 3660.39k 12401.37k 34501.23k 62438.83k 81786.64k sha1 3500.20k 10730.70k 25056.19k 37715.86k 44253.13k des cbc 7189.75k 7545.88k 7641.90k 7665.71k 7672.18k des ede3 2690.64k 2734.33k 2745.24k 2748.13k 2748.81k aes-128 cbc 11325.29k 12731.75k 13151.34k 13259.95k 13289.55k aes-192 cbc 9932.36k 10997.65k 11309.84k 11389.53k 11408.92k aes-256 cbc 8845.13k 9677.01k 9920.30k 9980.77k 9996.42k sha256 3200.50k 7107.76k 12230.85k 14933.73k 15962.15k sha512 879.12k 3510.79k 4956.45k 6711.45k 7484.39k sign verify sign/s verify/s rsa 2048 bits 0.085641s 0.002365s 11.7 422.9 sign verify sign/s verify/s dsa 2048 bits 0.023881s 0.026120s 41.9 38.3 -O3 is considered safe for OpenSSL Ref: https://wiki.openssl.org/index.php/Compilation_and_Installation Tested hardware: Linksys WRT3200ACM / D-Link DIR-860L (B1) Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-1710-0/+10
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>