wolfssl: update to 3.15.7, fix Makefile

This includes a fix for a medium-level potential cache attack with a variant of Bleichenbacher’s attack. Patches were refreshed. Increased FP_MAX_BITS to allow 4096-bit RSA keys. Fixed poly1305 build option, and some Makefile updates. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 2792daab5a)
2019-07-01 13:39:59 -03:00
parent cd4fcd46f1
commit 3167a57f72
4 changed files with 13 additions and 13 deletions
--- a/package/libs/wolfssl/Config.in
+++ b/package/libs/wolfssl/Config.in
@@ -53,7 +53,7 @@ config WOLFSSL_HAS_ECC25519
 	depends on WOLFSSL_HAS_ECC
 	default n
-config WOLFSSL_HAS_POLY_1305
+config WOLFSSL_HAS_POLY1305
 	bool "Include Poly-1305 support"
 	default n
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,11 +8,10 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=wolfssl
-PKG_VERSION:=3.15.3-stable
+PKG_VERSION:=3.15.7-stable
-PKG_RELEASE:=2
+PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 # PKG_SOURCE_URL:=https://www.wolfssl.com/
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
 PKG_HASH:=dc97c07a7667b39a890e14f4b4a209f51524a4cabee7adb6c80822ee78c1f62a
@@ -20,15 +19,16 @@ PKG_FIXUP:=libtool
 PKG_INSTALL:=1
 PKG_USE_MIPS16:=0
 PKG_BUILD_PARALLEL:=1
-PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE:=GPL-2.0-or-later
-PKG_CPE_ID:=cpe:/a:yassl:cyassl
+PKG_LICENSE_FILES:=LICENSING COPYING
 PKG_CPE_ID:=cpe:/a:wolfssl:wolfssl
 PKG_CONFIG_DEPENDS:=\
 	CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \
 	CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA \
 	CONFIG_WOLFSSL_HAS_DES3 CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
 	CONFIG_WOLFSSL_HAS_ECC CONFIG_WOLFSSL_HAS_ECC25519 \
-	CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY_1305 \
+	CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY1305 \
 	CONFIG_WOLFSSL_HAS_PSK CONFIG_WOLFSSL_HAS_SESSION_TICKET \
 	CONFIG_WOLFSSL_HAS_WPAS
@@ -42,7 +42,7 @@ define Package/libwolfssl
  URL:=http://www.wolfssl.com/
  MENU:=1
  PROVIDES:=libcyassl
-  ABI_VERSION:=18
+  ABI_VERSION:=19
 endef
 define Package/libwolfssl/description
@@ -54,7 +54,7 @@ define Package/libwolfssl/config
 	source "$(SOURCE)/Config.in"
 endef
-TARGET_CFLAGS += $(FPIC)
+TARGET_CFLAGS += $(FPIC) -DFP_MAX_BITS=8192
 # --enable-stunnel needed for OpenSSL API compatibility bits
 CONFIGURE_ARGS += \
--- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch
+++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
@@ -1,6 +1,6 @@
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -1624,7 +1624,7 @@ extern void uITRON4_free(void *p) ;
+@@ -1759,7 +1759,7 @@ extern void uITRON4_free(void *p) ;
 #endif
 /* warning for not using harden build options (default with ./configure) */
@@ -8,4 +8,4 @@
 +#if 0
     #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
         (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
-         (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
+         (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
--- a/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch
+++ b/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch
@@ -1,6 +1,6 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4198,7 +4198,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
+@@ -4614,7 +4614,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
 AC_CONFIG_FILES([Makefile wolfssl/version.h wolfssl/options.h cyassl/options.h support/wolfssl.pc rpm/spec])
 AX_CREATE_GENERIC_CONFIG