- disable sslv3 (security) - patch is not needed anymore (see src/ssl.c) tested on ar71xx w. curl
Signed-off-by: Dirk Neukirchen <dirkneukirc...@web.de> --- package/libs/cyassl/Makefile | 9 +++++---- .../cyassl/patches/300-SSL_set_tlsext_host_name.patch | 19 ------------------- 2 files changed, 5 insertions(+), 23 deletions(-) delete mode 100644 package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile index 7384a3d..7501b99 100644 --- a/package/libs/cyassl/Makefile +++ b/package/libs/cyassl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=3.8.0 -PKG_RELEASE:=2 +PKG_VERSION:=3.9.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip PKG_SOURCE_URL:=https://www.wolfssl.com/ -PKG_MD5SUM:=a73d90c5439adea97a5002a73b46ddeb +PKG_MD5SUM:=f3396726a9befd61443c2cce216e39ba PKG_FIXUP:=libtool PKG_INSTALL:=1 @@ -41,9 +41,10 @@ CONFIGURE_ARGS += \ --without-zlib \ --enable-singlethreaded \ --enable-opensslextra \ + --enable-sessioncerts \ --enable-sni \ --enable-ecc \ - --enable-sslv3 \ + --enable-sha512 \ --disable-examples #ifneq ($(CONFIG_TARGET_x86),) diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch deleted file mode 100644 index a35cdad..0000000 --- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- a/wolfssl/openssl/ssl.h -+++ b/wolfssl/openssl/ssl.h -@@ -401,6 +401,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR - /* yassl had set the default to be 500 */ - #define SSL_get_default_timeout(ctx) 500 - -+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y)) -+ - /* Lighthttp compatability */ - - #ifdef HAVE_LIGHTY -@@ -487,7 +489,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_ - #define SSL_TLSEXT_ERR_NOACK alert_warning - #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME - --#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name - #define SSL_get_servername wolfSSL_get_servername - #define SSL_set_SSL_CTX wolfSSL_set_SSL_CTX - #define SSL_CTX_get_verify_callback wolfSSL_CTX_get_verify_callback -- 2.8.2 _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev