aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils/px5g
Commit message (Collapse)AuthorAgeFilesLines
* px5g: rename to px5g-mbedtlsPaul Spooren2020-08-312-395/+0
| | | | | | | | | | Two versions of `px5g` exists without sharing code. For clarification rename the previously existing MbedTLS based version to `px5g-mbedtls` to exists next to `px5g-wolfssl`. Rename code file of MbedTLS from `px5g.c` to `px5g-mbedtls.c`. Signed-off-by: Paul Spooren <mail@aparcar.org>
* px5g: support EC keysEneas U de Queiroz2019-09-012-19/+71
| | | | | | | | | | | | | | | | | | This adds an 'eckey' command to generate an EC key, with an optional curve name argument, with P-256 as default. For the 'selfsigned' command, it adds an 'ec' algorithm argument to the '-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option, mirroring the way openssl specifies the curve name. Notice that curve names are not necessarily the same in mbedtls and openssl. In particular, secp256r1 works for mbedtls, but openssl uses prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256 and P-384 are specifically supported. Package size increased by about 900 bytes (arm). Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* build: include BUILD_VARIANT in PKG_BUILD_DIRJeffery To2019-08-051-1/+0
| | | | | | | | | | | This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into account (if set), so that packages do not need to manually override PKG_BUILD_DIR just to handle variants. This also updates most base packages with variants to use the updated default PKG_BUILD_DIR. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* treewide: Bump PKG_RELEASE due to mbedtls updateDaniel Engberg2018-07-301-1/+1
| | | | | | | Bump PKG_RELEASE on packages that depends on (lib)mbedtls to avoid library mismatch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.11.0Daniel Engberg2018-07-071-1/+1
| | | | | | | | | | | | | | | | Update mbed TLS to 2.11.0 Disable OFB block mode and XTS block cipher mode, added in 2.11.0. The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS This is to avoid having a mismatch between packages when upgrading. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.846 Bytes ipkg for mips_24kc after: 164.382 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: update to version 2.9.0Hauke Mehrtens2018-05-221-1/+1
| | | | | | | | The soversion was changed in this version again and is now aligned with the 2.7.2 version. The size of the ipkg file stayed mostly the same. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ustream-ssl: px5g: Rebuild packageHauke Mehrtens2018-04-181-1/+1
| | | | | | | | | | | | mbedtls changed in version 2.7.0 the soversion of the libmbedcrypto.so library, all applications using this shared library have to be recompiled to be able to load the new library. Some binaries got rebuild to for the 2.7.0 release and are now using libmbedcrypto.so.1, the older ones are still using libmbedcrypto.so.0. Fixes: 75c5ab4ca ("mbedtls: update to version 2.7.0") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* px5g: Fix TARGET_LDFLAGS and add TARGET_CPPFLAGSFlorian Fainelli2017-03-011-2/+2
| | | | | | | | Make sure we pass down TARGET_CPPFLAGS to let toolchains with no default search paths to find the mbdetls headers, and override TARGET_LDFLAGS to include libraries we are linking against. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* px5g: replace px5g-standalone with a statically linked variant of px5g-mbedtlsFelix Fietkau2017-02-211-2/+22
| | | | | | | | px5g-standalone only supports SHA1 for certificates, which is strongly deprecated. The new px5g-standalone is about 27k bigger (compressed), and has identical behavior to px5g-mbedtls (it uses SHA256). Signed-off-by: Felix Fietkau <nbd@nbd.name>
* px5g: remove obsolete reference to $(BUILD_VARIANT)Felix Fietkau2017-01-091-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* px5g: remove legacy polarssl supportFelix Fietkau2017-01-092-61/+33
| | | | | | | The old polarssl 1.3 branch is EOL since end of 2016, and the package for it will be removed soon. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* px5g: move to Encryption submenuAlberto Bursi2016-10-261-0/+1
| | | | | | moved px5g to Encryption submenu of Utilities, in an effort to tidy up a bit the Utilities section of make menuconfig. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* px5g: Create mbedtls variantDaniel Dickinson2016-07-052-36/+69
| | | | | | | | px5g has been listed as a blocker for switching to new mbedtls as the default, therefore make and mbedtls variant of px5g so that an new mbedtls-only image can be created. Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-071-2/+2
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* px5g: add license tagFlorian Eckert2016-05-311-1/+2
| | | | | | show the license for this package in opkg Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
* px5g: Use SHA-256 when generating self-signed certificatesFelix Fietkau2015-11-061-1/+1
| | | | | | Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> SVN-Revision: 47391
* fix subject in generated certificatesJo-Philipp Wich2015-01-252-5/+4
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44149
* px5g: generate unique serial numbersJo-Philipp Wich2014-11-032-4/+8
| | | | | | | | | Generate a random serial from /dev/urandom when creating selfsigned certs. Fixes "sec_error_reused_issuer_and_serial" with Firefox. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43168
* license info - revert r43155John Crispin2014-11-031-3/+0
| | | | | | | | turns out that r43155 adds duplicate info. Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 43167
* Add more license tags with SPDX identifiersJohn Crispin2014-11-031-0/+3
| | | | | | | | | | | | | | | | | | Note, that licensing stuff is a nightmare: many packages does not clearly state their licenses, and often multiple source files are simply copied together - each with different licensing information in the file headers. I tried hard to ensure, that the license information extracted into the OpenWRT's makefiles fit the "spirit" of the packages, e.g. such small packages which come without a dedicated source archive "inherites" the OpenWRT's own license in my opinion. However, I can not garantee that I always picked the correct information and/or did not miss license information. Signed-off-by: Michael Heimpold <mhei@heimpold.de> SVN-Revision: 43155
* px5g: rename the old package to px5g-standalone, add a new one that links ↵Felix Fietkau2014-03-2119-8158/+138
| | | | | | | | against polarssl Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 40000
* px5g: creates certificates that expire in the pastJohn Crispin2013-07-041-0/+3
| | | | | | | | | | | | | | | the attached patch fixes a bug of px5g when instructed to build certificates that expire after 2038-01-19, caused a multiplication that may overflow the "to" variable of type time_t Attached patch checks if "to" precedes "from": if so sets "to" to its maximum value. Pretty rude, but works well even if certificate is set to expire in a century Signed-off-by: Federico Fissore <federico@fissore.org> Patchork: http://patchwork.openwrt.org/patch/3749/ SVN-Revision: 37165
* packages: clean up the package folderJohn Crispin2013-06-2119-0/+8331
Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 37007