include $(TOPDIR)/rules.mk
PKG_NAME:=mbedtls
-PKG_VERSION:=2.1.2
-PKG_RELEASE:=1
+PKG_VERSION:=2.28.1
+PKG_RELEASE:=$(AUTORELEASE)
PKG_USE_MIPS16:=0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
-PKG_SOURCE_URL:=https://tls.mbed.org/download/
-PKG_MD5SUM:=38b7baae95d6b0826605a1edfffeebe4
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=6797a7b6483ef589deeab8d33d401ed235d7be25eeecda1be8ddfed406d40ff4
-PKG_BUILD_PARALLEL:=1
-PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=gpl-2.0.txt
+PKG_CPE_ID:=cpe:/a:arm:mbed_tls
+
+PKG_CONFIG_DEPENDS := \
+ CONFIG_LIBMBEDTLS_DEBUG_C \
+ CONFIG_LIBMBEDTLS_HKDF_C
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/mbedtls/Default
- SUBMENU:=SSL
TITLE:=Embedded SSL
URL:=https://tls.mbed.org
endef
$(call Package/mbedtls/Default)
SECTION:=libs
CATEGORY:=Libraries
+ SUBMENU:=SSL
TITLE+= (library)
- ABI_VERSION:=$(PKG_VERSION)-$(PKG_RELEASE)
+ ABI_VERSION:=12
+endef
+
+define Package/libmbedtls/config
+config LIBMBEDTLS_DEBUG_C
+ depends on PACKAGE_libmbedtls
+ bool "Enable debug functions"
+ default n
+ help
+ This option enables mbedtls library's debug functions.
+
+ It increases the uncompressed libmbedtls binary size
+ by around 60 KiB (for an ARMv5 platform).
+
+ Usually, you don't need this, so don't select this if you're unsure.
+
+config LIBMBEDTLS_HKDF_C
+ depends on PACKAGE_libmbedtls
+ bool "Enable the HKDF algorithm (RFC 5869)"
+ default n
+ help
+ This option adds support for the Hashed Message Authentication Code
+ (HMAC)-based key derivation function (HKDF).
+endef
+
+define Package/mbedtls-util
+$(call Package/mbedtls/Default)
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE+= (utilities)
+ DEPENDS:=+libmbedtls
endef
define Package/libmbedtls/description
This package contains the mbedtls library.
endef
-PKG_INSTALL:=1
+define Package/mbedtls-util/description
+$(call Package/mbedtls/Default/description)
+This package contains mbedtls helper programs for private key and
+CSR generation (gen_key, cert_req)
+endef
+
+TARGET_CFLAGS += -ffunction-sections -fdata-sections
+TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS))
CMAKE_OPTIONS += \
- -DCMAKE_BUILD_TYPE:String="Release" \
+ -DCMAKE_POSITION_INDEPENDENT_CODE=ON \
-DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
-DENABLE_TESTING:Bool=OFF \
- -DENABLE_PROGRAMS:Bool=OFF \
+ -DENABLE_PROGRAMS:Bool=ON
+
+define Build/Configure
+ $(Build/Configure/Default)
+
+ awk 'BEGIN { rc = 1 } \
+ /#define MBEDTLS_DEBUG_C/ { $$$$0 = "$(if $(CONFIG_LIBMBEDTLS_DEBUG_C),,// )#define MBEDTLS_DEBUG_C"; rc = 0 } \
+ { print } \
+ END { exit(rc) }' $(PKG_BUILD_DIR)/include/mbedtls/config.h \
+ >$(PKG_BUILD_DIR)/include/mbedtls/config.h.new && \
+ mv $(PKG_BUILD_DIR)/include/mbedtls/config.h.new $(PKG_BUILD_DIR)/include/mbedtls/config.h
+
+ awk 'BEGIN { rc = 1 } \
+ /#define MBEDTLS_HKDF_C/ { $$$$0 = "$(if $(CONFIG_LIBMBEDTLS_HKDF_C),,// )#define MBEDTLS_HKDF_C"; rc = 0 } \
+ { print } \
+ END { exit(rc) }' $(PKG_BUILD_DIR)/include/mbedtls/config.h \
+ >$(PKG_BUILD_DIR)/include/mbedtls/config.h.new && \
+ mv $(PKG_BUILD_DIR)/include/mbedtls/config.h.new $(PKG_BUILD_DIR)/include/mbedtls/config.h
+
+ sed -i '/fuzz/d' $(PKG_BUILD_DIR)/programs/CMakeLists.txt
+ sed -i '/test/d' $(PKG_BUILD_DIR)/programs/CMakeLists.txt
+endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/mbedtls $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.a $(1)/usr/lib/
endef
define Package/libmbedtls/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so.* $(1)/usr/lib/
+endef
+
+define Package/mbedtls-util/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gen_key $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/cert_req $(1)/usr/bin/
endef
$(eval $(call BuildPackage,libmbedtls))
+$(eval $(call BuildPackage,mbedtls-util))