From b35e1360cd4f1c9cab9aa219decedec99f948982 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Mon, 5 Aug 2019 11:52:08 -0300 Subject: wolfssl: bump to 4.1.0-stable Always build AES-GCM support. Unnecessary patches were removed. This includes two vulnerability fixes: CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK extension parsing. CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes when performing ECDSA signing operations. The leak is considered to be difficult to exploit but it could potentially be used maliciously to perform a lattice based timing attack. This brings the package up-to-date with master, so it incorporates changes from 4.0.0 in master: * Removed options that can't be turned off because we're building with --enable-stunnel, some of which affect hostapd's Config.in. * Adjusted the title of OCSP option, as OCSP itself can't be turned off, only the stapling part is selectable. * Mark options turned on when wpad support is selected. * Add building options for TLS 1.0, and TLS 1.3. * Add hardware crypto support, which due to a bug, only works when CCM support is turned off. * Reorganized option conditionals in Makefile. Signed-off-by: Eneas U de Queiroz --- .../patches/900-remove-broken-autoconf-macros.patch | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch (limited to 'package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch') diff --git a/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch b/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch deleted file mode 100644 index 6b0861288f..0000000000 --- a/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -4614,7 +4614,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta - AC_CONFIG_FILES([Makefile wolfssl/version.h wolfssl/options.h cyassl/options.h support/wolfssl.pc rpm/spec]) - - AX_CREATE_GENERIC_CONFIG --AX_AM_JOBSERVER([yes]) - - AC_OUTPUT - ---- a/Makefile.am -+++ b/Makefile.am -@@ -20,8 +20,6 @@ dist_noinst_SCRIPTS = - noinst_SCRIPTS = - check_SCRIPTS = - --#includes additional rules from aminclude.am --@INC_AMINCLUDE@ - DISTCLEANFILES+= aminclude.am - - CLEANFILES+= cert.der \ -- cgit v1.2.3