From 593a8149c974f8f7166dab9d3d547fb63085cf6d Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Fri, 3 Jul 2015 23:20:36 +0000 Subject: [PATCH 1/1] cyassl: update to wolfssl 3.6.0 Upstream wolfssl already has better checks to detect broken ssl v2 ClientHellos, we can remove our hack. Signed-off-by: Hauke Mehrtens SVN-Revision: 46168 --- package/libs/cyassl/Makefile | 8 ++++---- .../libs/cyassl/patches/100-respect_cflags.patch | 2 +- .../200-SSL_accept-handle-hello-garbage.patch | 13 ------------- .../patches/300-SSL_set_tlsext_host_name.patch | 4 ++-- .../patches/400-additional_compatibility.patch | 7 ++++--- 5 files changed, 11 insertions(+), 23 deletions(-) delete mode 100644 package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile index 72b98e1d73..c25ae1ecf9 100644 --- a/package/libs/cyassl/Makefile +++ b/package/libs/cyassl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=3.4.6 +PKG_VERSION:=3.6.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip -PKG_SOURCE_URL:=http://www.yassl.com/ -PKG_MD5SUM:=0410b3841588d635e9ecacb2d42c38f5 +PKG_SOURCE_URL:=http://www.wolfssl.com/ +PKG_MD5SUM:=69a6700998fdef621103983817b96fe6 PKG_FIXUP:=libtool PKG_INSTALL:=1 @@ -27,7 +27,7 @@ define Package/libcyassl SUBMENU:=SSL CATEGORY:=Libraries TITLE:=CyaSSL library - URL:=http://www.yassl.com/ + URL:=http://www.wolfssl.com/ endef define Package/libcyassl/description diff --git a/package/libs/cyassl/patches/100-respect_cflags.patch b/package/libs/cyassl/patches/100-respect_cflags.patch index 0e03230dcf..94117aec99 100644 --- a/package/libs/cyassl/patches/100-respect_cflags.patch +++ b/package/libs/cyassl/patches/100-respect_cflags.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -47,7 +47,7 @@ AC_SUBST([CYASSL_LIBRARY_VERSION]) +@@ -47,7 +47,7 @@ AC_SUBST([WOLFSSL_LIBRARY_VERSION]) # capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even # if user doesn't override, no way to tell diff --git a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch deleted file mode 100644 index 4e2c540bd8..0000000000 --- a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/src/internal.c -+++ b/src/internal.c -@@ -6353,6 +6353,10 @@ int ProcessReply(CYASSL* ssl) - b1 = - ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++]; - ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1); -+ -+ /* does not appear to a be a SSLv2 client hello */ -+ if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 ) -+ return UNKNOWN_HANDSHAKE_TYPE; - } - else { - ssl->options.processReply = getRecordLayerHeader; diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch index 5bccb05133..00a23fe798 100644 --- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch +++ b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch @@ -1,9 +1,9 @@ --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h -@@ -398,6 +398,7 @@ +@@ -397,6 +397,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR + /* yassl had set the default to be 500 */ #define SSL_get_default_timeout(ctx) 500 - +#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y)) #ifdef __cplusplus diff --git a/package/libs/cyassl/patches/400-additional_compatibility.patch b/package/libs/cyassl/patches/400-additional_compatibility.patch index 360fb148cf..07956f1209 100644 --- a/package/libs/cyassl/patches/400-additional_compatibility.patch +++ b/package/libs/cyassl/patches/400-additional_compatibility.patch @@ -1,6 +1,7 @@ ---- a/cyassl/openssl/ssl.h 2015-02-25 13:04:52.000000000 -0800 -+++ b/cyassl/openssl/ssl.h 2015-05-20 11:13:44.476628943 -0700 -@@ -25,3 +25,12 @@ +--- a/cyassl/openssl/ssl.h ++++ b/cyassl/openssl/ssl.h +@@ -24,4 +24,13 @@ + * */ +#ifndef CYASSL_OPENSSL_H_ -- 2.30.2