aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs
Commit message (Collapse)AuthorAgeFilesLines
* openssl: update to version 1.0.2pHauke Mehrtens2018-08-153-4/+4
| | | | | | | | This fixes the following security problems: * CVE-2018-0732: Client DoS due to large DH parameter * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libubox: set RPATH for host buildJo-Philipp Wich2018-08-141-0/+3
| | | | | | | This is required for programs that indirectly link libjson-c through the libubox blobmsg_json library. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: set HOST_BUILD_PREFIXDaniel Golle2018-08-071-1/+2
| | | | | | | Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make bundle-libraries.sh happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libjson-c: set HOST_BUILD_PREFIXDaniel Golle2018-08-071-1/+2
| | | | | | | Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make bundle-libraries.sh happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libubox: fix source version dateJo-Philipp Wich2018-08-071-1/+1
| | | | | | | | The referenced Git commit was made on the 25th of July, not June. Fixes 432eaa940f ("libubox: fix mirror hash") Fixes 5dc32620c4 ("libubox: update to latest git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: fix mirror hashJo-Philipp Wich2018-08-071-1/+1
| | | | | | | | | | | Correct the mirror hash to reflect whats on the download server. A locally produced libubox SCM tarball was also verified to yield an identical checksum compared to the one currently on the download server. Fixes FS#1707. Fixes 5dc32620c4 ("libubox: update to latest git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: update to latest git HEADEneas U de Queiroz2018-08-071-4/+4
| | | | | | | | 23a3f28 openssl, wolfssl: match mbedTLS ciphersuite list 450ada0 ustream-ssl: Revised security on mbedtls 34b0b80 ustream-ssl: add openssl-1.1.0 compatibility Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* uclient: update to latest git HEADJo-Philipp Wich2018-08-031-3/+3
| | | | | | | | | | | | | | f2573da uclient-fetch: use package name pattern in message for missing SSL library 9fd8070 uclient-fetch: Check for nullpointer returned by uclient_get_url_filename f41ff60 uclient-http: basic auth: Handle memory allocation failure a73b23b uclient-http: auth digest: Handle multiple possible memory allocation failures 66fb58d uclient-http: Handle memory allocation failure 2ac991b uclient: Handle memory allocation failure for url 63beea4 uclient-http: Implement error handling for header-sending eb850df uclient-utils: Handle memory allocation failure for url file name ae1c656 uclient-http: Close ustream file handle only if allocated Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* wolfssl: remove myself as maintainerAlexandru Ardelean2018-07-301-1/+0
| | | | | | | I no longer have the time, nor the desire to maintain this package. Remove myself as maintainer. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* libevent2: Don't build tests and samplesEneas U de Queiroz2018-07-301-0/+13
| | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. This reduces build time significantly. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* libevent: update to 2.1.8Leon M. George2018-07-302-15/+102
| | | | Signed-off-by: Leon M. George <leon@georgemail.eu>
* ncurses: install lib on host buildAndy Walsh2018-07-301-0/+2
| | | | Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* treewide: Bump PKG_RELEASE due to mbedtls updateDaniel Engberg2018-07-301-1/+1
| | | | | | | Bump PKG_RELEASE on packages that depends on (lib)mbedtls to avoid library mismatch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.12.0Daniel Engberg2018-07-302-28/+28
| | | | | | | | | | | | | | | Update mbedtls to 2.12.0 Multiple security fixes Add support for Chacha20 and Poly1305 cryptographic primitives and their associated ciphersuites Difference in size on mips_24kc (ipk): 164kbytes (167882 bytes) 170kbytes (173563 bytes) https://tls.mbed.org/tech-updates/releases/mbedtls-2.12.0-2.7.5-and-2.1.14-released Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libjson-c: Update package URLRosen Penev2018-07-291-1/+1
| | | | | | Found through UScan. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libpcap: update to 1.9.0Syrone Wong2018-07-279-306/+50
| | | | | | | | | | | | | 001-Fix-compiler_state_t.ai-usage-when-INET6-is-not-defi.patch dropped due to upstream 002-Add-missing-compiler_state_t-parameter.patch dropped due to upstream 202-protocol_api.patch dropped due to implemented upstream by another way upstream commit: https://github.com/the-tcpdump-group/libpcap/commit/55c690f6f834b4762697d7a134de439c9096c921 and renamed via: https://github.com/the-tcpdump-group/libpcap/commit/697b1f7e9b1d6f5a5be04f821d7c5dc62458bb3b ead is the only user who use the protocol api, we have to use the new api since libpcap 1.9.0 Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
* libubox: update to latest git HEADJohn Crispin2018-07-251-4/+4
| | | | | | c83a84a fix segfault when passed blobmsg attr is NULL Signed-off-by: John Crispin <john@phrozen.org>
* elfutils: Copy missing libraries to staging and packagesTed Hess2018-07-241-6/+6
| | | | | | | Newer shared libraries seem to have the package version as part of their name. E.g.: libelf-0.173.so Signed-off-by: Ted Hess <thess@kitschensync.net>
* librpc: add host build to install h files needed for nfs-kernel-server to ↵Peter Wagner2018-07-161-0/+9
| | | | | | get compiled Signed-off-by: Peter Wagner <tripolar@gmx.at>
* popt: Replace dead upstream site with mirrorDaniel Engberg2018-07-161-1/+1
| | | | | | | We can safely assume by now that rpm5.org is dead and isn't coming back so just add another mirror instead. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libnl: bump to 3.4.0Konstantin Demin2018-07-074-31/+15
| | | | | | refresh patches Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* mbedtls: Activate deterministic ECDSAHauke Mehrtens2018-07-071-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | With deterministic ECDSA the value k needed for the ECDSA signature is not randomly generated any more, but generated from a hash over the private key and the message to sign. If the value k used in a ECDSA signature or the relationship between the two values k used in two different ECDSA signatures over the same content is know to an attacker he can derive the private key pretty easily. Using deterministic ECDSA as defined in the RFC6979 removes this problem by deriving the value k deterministically from the private key and the content which gets signed. The resulting signature is still compatible to signatures generated not deterministic. This increases the size of the ipk on mips 24Kc by about 2 KByte. old: 166.240 libmbedtls_2.11.0-1_mips_24kc.ipk new: 167.811 libmbedtls_2.11.0-1_mips_24kc.ipk This does not change the ECDSA performance in a measurable way. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Disable MBEDTLS_SHA256_SMALLER implementationDaniel Engberg2018-07-071-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | Disable MBEDTLS_SHA256_SMALLER implementation, not enabled by default in upstream and reduces performance by quite a bit. Source: include/mbedtls/config.h Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance. The default implementation is meant to be a reasonnable compromise between performance and size. This version optimizes more aggressively for size at the expense of performance. Eg on Cortex-M4 it reduces the size of mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 30%. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 164.382 Bytes ipkg for mips_24kc after: 166.240 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.11.0Daniel Engberg2018-07-073-29/+55
| | | | | | | | | | | | | | | | Update mbed TLS to 2.11.0 Disable OFB block mode and XTS block cipher mode, added in 2.11.0. The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS This is to avoid having a mismatch between packages when upgrading. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.846 Bytes ipkg for mips_24kc after: 164.382 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: cleanup config patchDaniel Engberg2018-07-071-35/+28
| | | | | | | Clean up patch, use "//" consistently. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libconfig: update to version 1.7.2Enrico Mioso2018-07-071-4/+4
| | | | | | | | | The previous link did not work here. Compile-tested on: bcm47xx Runtime-tested on: bcm47xx Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
* libubox: update to the latest versionFelix Fietkau2018-07-071-3/+3
| | | | | | 3c1b33b utils: add const_* byteswapping functions Signed-off-by: Felix Fietkau <nbd@nbd.name>
* elfutils: bump to 0.173Luiz Angelo Daros de Luca2018-07-047-351/+149
| | | | | | | | | - Removed hacks to use standalone argp as upstream now detects it nicely. - As we are already installing files, use files from PKG_INSTALL_DIR and not PKG_BUILD_DIR - Only changes Makefile.am as PKG_FIXUP:=autoreconf is in use Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* mbedtls: Cosmetic cleanupsDaniel Engberg2018-06-181-1/+1
| | | | | | | | | | | | | This is more of a cosmetic change and a reminder that the CMake script hardcodes -O2. Source: https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.7/CMakeLists.txt#L73 https://github.com/ARMmbed/mbedtls/blob/master/CMakeLists.txt#L97 Remove the release type option as it's already provided by the toolchain. Source: https://github.com/openwrt/openwrt/blob/master/include/cmake.mk#L50 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libnftnl: bump to version 1.1.1Rosy Song2018-06-181-2/+2
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* libjson-c: fix host-buildDaniel Golle2018-06-141-0/+1
| | | | | | Add -Wno-implicit-fallthrough to HOST_CFLAGS. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* package/libs/libnfnetlink: Remove dead mirrorDaniel Engberg2018-06-141-2/+1
| | | | | | Remove mirrors.evolva.ro as it's no longer available Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libubox: make sure blobmsg-json is included in host-buildDaniel Golle2018-06-141-1/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libjson-c: add host build (for libblobmsg-json)Daniel Golle2018-06-141-0/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* popt: Add backup siteDaniel Engberg2018-06-131-1/+1
| | | | | | Add Gentoo's distfiles repo as backup site. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* nettle: bump to 3.4Kevin Darbyshire-Bryant2018-06-011-2/+2
| | | | | | | | | | | 3.4 is mainly a bug fix/maintenance release. 3KB increase in ipk lib size on mips. Compile tested for: ar71xx, ramips Run tested on: ar71xx Archer C7 v2, ramips mir3g Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* wolfssl: change defaults to cover wpa_supplicant needsDaniel Golle2018-05-312-10/+10
| | | | | | | | | | | | | Implicetely selecting the required options via Kconfig snippet from hostapd worked fine in local builds when using menuconfig but confused the buildbots which (in phase1) may build wpad-mini and hence already come with CONFIG_WPA_WOLFSSL being defined as unset which then won't trigger changing the defaults of wolfssl. Work around by explicitely reflecting wpa_supplicant's needs in wolfssl's default settings to make buildbots happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wolfssl: add PKG_CONFIG_DEPENDS symbolsDaniel Golle2018-05-251-1/+10
| | | | | | | | This change will trigger rebuild on buildbots in case of changed config symbols, like in the case of hostapd selecting some wolfssl symbols lately. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wolfssl: update to version 3.14.4Daniel Golle2018-05-243-149/+6
| | | | | | | | Use download from github archive corresponding to v3.14.4 tag because the project's website apparently only offers 3.14.0-stable release downloads. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ustream-ssl: fix build against wolfSSLDaniel Golle2018-05-241-3/+3
| | | | | | | | | | | | commit 39a6ce205d (ustream-ssl: Enable ECDHE with OpenSSL.) broke build against wolfSSL because wolfSSL doesn't (yet) support SSL_CTX_set_ecdh_auto() of the OpenSSL API. Fix this in ustream-ssl: 189cd38b41 don't use SSL_CTX_set_ecdh_auto with wolfSSL Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ustream-ssl: update to latest git HEADJohn Crispin2018-05-221-4/+4
| | | | | | | 5322f9d mbedtls: Fix setting allowed cipher suites e8a1469 mbedtls: Add support for a session cache Signed-off-by: John Crispin <john@phrozen.org>
* mbedtls: Deactivate platform abstractionHauke Mehrtens2018-05-221-0/+9
| | | | | | | | This makes mbedtls use the POSIX API directly and not use the own abstraction layer. The size of the ipkg decreased by about 100 bytes. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Activate the session cacheHauke Mehrtens2018-05-221-10/+0
| | | | | | | | | | This make sit possible to store informations about a session and reuse it later. When used by a server it increases the time to create a new TLS session from about 1 second to less than 0.1 seconds. The size of the ipkg file increased by about 800 Bytes. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: update to version 2.9.0Hauke Mehrtens2018-05-223-28/+31
| | | | | | | | The soversion was changed in this version again and is now aligned with the 2.7.2 version. The size of the ipkg file stayed mostly the same. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* package sysfsutils: add support for sysfs settings at bootRodolfo Giometti2018-05-224-0/+83
| | | | | | This patch is based on sysfsutils package's behaviour on Debian OS. Signed-off-by: Rodolfo Giometti <giometti@linux.it>
* libnftnl: bump to 1.1.0Rosy Song2018-05-213-1706/+3
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* nghttp2: bump to 1.32.0Hans Dedecker2018-05-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 572735e4 Update manual pages e8d693c3 Bump up version number to 1.32.0, LT revision to 30:2:16 f44dfcd9 Update AUTHORS 1f1b0d93 Update manual pages ce8c749b Merge pull request #1173 from nghttp2/asio-client-sni 3e4f257b asio: Support client side SNI 86fab997 Upgrade neverbleed to the latest master c3ecd445 Merge pull request #1171 from nghttp2/h2load-rate-and-duration c65ca20a h2load: -r and --duration are mutually exclusive a5c408c5 Ignore all input after calling session_terminate_session 06379b28 Fix treatment of padding e04de48e Merge pull request #1162 from nghttp2/libressl 00964642 Use LIBRESSL_IN_USE instead of defined(LIBRESSL_VERSION_NUMBER) 8d0b4544 libressl 2.7 has X509_VERIFY_PARAM_* d8a34131 libressl 2.7 has SSL_CTX_get0_certificate 5db17d0a Compile with libressl 2.7.2 1bf69b56 Define LIBRESSL_LEGACY_API and LIBRESSL_2_7_API 3febaef1 Bump up LT revision to 30:1:16 due to v1.31.1 release b1bd6035 Fix frame handling b48bcb21 examples: Use C style comment in .c files 6f3ce2c7 examples: Remove unused lambda capture 2f9121cf Merge branch 'Sp1l-Sp1l/allow-no-npn' e65e7711 Add comment on #endif 636ef51b Fix compile error with -Wunused-function 400934e5 [PATCH] Allow building without NPN 4c3a3acf Merge pull request #1146 from vszakats/cmakestaticlib 9aa6002c Merge pull request #1144 from hellojaewon/master f342260b cmake: add ENABLE_STATIC_LIB option to build static lib a6dd4970 Fix typo 842509da Don't allow 101 HTTP status code because HTTP/2 removes HTTP Upgrade 4add618a Bump up version number to 1.32.0-DEV Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libusb: Add SourceForge mirror.Rosen Penev2018-05-021-1/+3
| | | | | | SourceForge is still getting updated so might as well have it here. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* wolfssl: fix options and add support for wpa_supplicant featuresDaniel Golle2018-05-022-5/+40
| | | | | | | | Some options' default values have been changed upstream, others were accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options needed to build hostapd/wpa_supplicant against wolfssl. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ustream-ssl: update to latest git HEADJohn Crispin2018-05-011-3/+3
| | | | | | | | 527e700 ustream-ssl: Remove RC4 from ciphersuite in server mode. 39a6ce2 ustream-ssl: Enable ECDHE with OpenSSL. 45ac930 remove polarssl support Signed-off-by: John Crispin <john@phrozen.org>