aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/cyassl/patches
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2015-12-05 15:45:31 +0000
committerHauke Mehrtens <hauke@hauke-m.de>2015-12-05 15:45:31 +0000
commit52df3181c1277a78f8208e1bd942716514f852f5 (patch)
treeea1c800a554f5c7e12f45d018cac6314715941fc /package/libs/cyassl/patches
parente27c8bb15651f8b5dfd5732306e26e6fa8cb0c0a (diff)
downloadupstream-52df3181c1277a78f8208e1bd942716514f852f5.tar.gz
upstream-52df3181c1277a78f8208e1bd942716514f852f5.tar.bz2
upstream-52df3181c1277a78f8208e1bd942716514f852f5.zip
cyassl: update to wolfSSL version 3.7.0
This version and version 3.6.8 are fixing the following security problems: * CVE-2015-7744 * CVE-2015-6925 The activation of SSLv3 support is needed for curl. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 47791
Diffstat (limited to 'package/libs/cyassl/patches')
-rw-r--r--package/libs/cyassl/patches/100-respect_cflags.patch11
-rw-r--r--package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch15
-rw-r--r--package/libs/cyassl/patches/400-additional_compatibility.patch14
3 files changed, 17 insertions, 23 deletions
diff --git a/package/libs/cyassl/patches/100-respect_cflags.patch b/package/libs/cyassl/patches/100-respect_cflags.patch
deleted file mode 100644
index 94117aec99..0000000000
--- a/package/libs/cyassl/patches/100-respect_cflags.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -47,7 +47,7 @@ AC_SUBST([WOLFSSL_LIBRARY_VERSION])
-
- # capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even
- # if user doesn't override, no way to tell
--USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS"
-+USER_C_EXTRA_FLAGS="$CFLAGS"
-
- LT_PREREQ([2.2])
- LT_INIT([disable-static],[win32-dll])
diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch
index 00a23fe798..4bd078da21 100644
--- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch
+++ b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch
@@ -1,10 +1,19 @@
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
-@@ -397,6 +397,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR
+@@ -401,6 +401,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR
/* yassl had set the default to be 500 */
#define SSL_get_default_timeout(ctx) 500
+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y))
++
+ /* Lighthttp compatability */
- #ifdef __cplusplus
- } /* extern "C" */
+ #ifdef HAVE_LIGHTY
+@@ -483,7 +485,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_
+ #define SSL_TLSEXT_ERR_NOACK alert_warning
+ #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME
+
+-#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name
+ #define SSL_get_servername wolfSSL_get_servername
+ #define SSL_set_SSL_CTX wolfSSL_set_SSL_CTX
+ #define SSL_CTX_get_verify_callback wolfSSL_CTX_get_verify_callback
diff --git a/package/libs/cyassl/patches/400-additional_compatibility.patch b/package/libs/cyassl/patches/400-additional_compatibility.patch
index 07956f1209..4d75d98906 100644
--- a/package/libs/cyassl/patches/400-additional_compatibility.patch
+++ b/package/libs/cyassl/patches/400-additional_compatibility.patch
@@ -1,16 +1,12 @@
--- a/cyassl/openssl/ssl.h
+++ b/cyassl/openssl/ssl.h
-@@ -24,4 +24,13 @@
- *
- */
+@@ -27,6 +27,9 @@
+ #define CYASSL_OPENSSL_H_
-+#ifndef CYASSL_OPENSSL_H_
-+#define CYASSL_OPENSSL_H_
-+
-+#include <cyassl/ssl.h>
+ #include <cyassl/ssl.h>
+#ifndef HAVE_SNI
+#undef CYASSL_SNI_HOST_NAME
+#endif
#include <wolfssl/openssl/ssl.h>
-+
-+#endif
+
+ #endif