A new version of mbedtls is available, which is the first of the next long term support branch. This version fixes a couple of bugs, and adds some new features. Changelog can be found at https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.0-2.7.9-and-2.1.18-released
'make test' runs successful, consumers have been build tested, and lightly run tested with net/openvpn,mbedtls. Concerning the port: - Bump minor of mbedtls and mbedcrypt as symbols have been added - Tell PORTROACH to follow the LTS branch. Advantage is that we can more easily backport security fixes (no new features will be added to the LTS branch, the API and ABI will be maintained, and only bug fixes will be made) - Take maintainership OK? Index: Makefile =================================================================== RCS file: /cvs/ports/security/polarssl/Makefile,v retrieving revision 1.26 diff -u -p -r1.26 Makefile --- Makefile 7 Dec 2018 13:11:24 -0000 1.26 +++ Makefile 10 Jan 2019 17:13:06 -0000 @@ -1,18 +1,22 @@ # $OpenBSD: Makefile,v 1.26 2018/12/07 13:11:24 bket Exp $ +PORTROACH= limit:^2\.16 + COMMENT= SSL library with an intuitive API and readable source code -DISTNAME= mbedtls-2.14.1 +DISTNAME= mbedtls-2.16.0 EXTRACT_SUFX= -gpl.tgz # check SOVERSION -SHARED_LIBS += mbedtls 6.0 # 12 -SHARED_LIBS += mbedcrypto 4.1 # 3 +SHARED_LIBS += mbedtls 6.1 # 12 +SHARED_LIBS += mbedcrypto 4.2 # 3 SHARED_LIBS += mbedx509 3.0 # 0 CATEGORIES= security HOMEPAGE= https://tls.mbed.org/ + +MAINTAINER= Bjorn Ketelaars <b...@openbsd.org> # Dual licensed: GPLv2+/Commercial, Apache v2 is also available PERMIT_PACKAGE_CDROM= Yes Index: distinfo =================================================================== RCS file: /cvs/ports/security/polarssl/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo 7 Dec 2018 13:11:24 -0000 1.18 +++ distinfo 10 Jan 2019 17:13:06 -0000 @@ -1,2 +1,2 @@ -SHA256 (mbedtls-2.14.1-gpl.tgz) = uqESGVJ4b1ssZsUiJqjKDgUSbekg0XViZlUd9neRW34= -SIZE (mbedtls-2.14.1-gpl.tgz) = 2477521 +SHA256 (mbedtls-2.16.0-gpl.tgz) = yNekaWKHy5UzxFW91lhZEG291EcsElGUOHSG5tTfJ5k= +SIZE (mbedtls-2.16.0-gpl.tgz) = 2515339 Index: patches/patch-include_mbedtls_config_h =================================================================== RCS file: /cvs/ports/security/polarssl/patches/patch-include_mbedtls_config_h,v retrieving revision 1.7 diff -u -p -r1.7 patch-include_mbedtls_config_h --- patches/patch-include_mbedtls_config_h 26 Nov 2018 15:18:28 -0000 1.7 +++ patches/patch-include_mbedtls_config_h 10 Jan 2019 17:13:06 -0000 @@ -6,7 +6,7 @@ www/hiawatha. Index: include/mbedtls/config.h --- include/mbedtls/config.h.orig +++ include/mbedtls/config.h -@@ -1582,7 +1582,7 @@ +@@ -1624,7 +1624,7 @@ * * Uncomment this to enable pthread mutexes. */ @@ -15,7 +15,7 @@ Index: include/mbedtls/config.h /** * \def MBEDTLS_VERSION_FEATURES -@@ -2774,7 +2774,7 @@ +@@ -2816,7 +2816,7 @@ * * Enable this layer to allow use of mutexes within mbed TLS */ Index: patches/patch-tests_suites_host_test_function =================================================================== RCS file: /cvs/ports/security/polarssl/patches/patch-tests_suites_host_test_function,v retrieving revision 1.1 diff -u -p -r1.1 patch-tests_suites_host_test_function --- patches/patch-tests_suites_host_test_function 2 Oct 2018 15:13:04 -0000 1.1 +++ patches/patch-tests_suites_host_test_function 10 Jan 2019 17:13:06 -0000 @@ -15,9 +15,9 @@ Index: tests/suites/host_test.function #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) -@@ -547,20 +544,6 @@ int execute_tests( int argc , const char ** argv ) - { +@@ -548,20 +545,6 @@ int execute_tests( int argc , const char ** argv ) test_info.failed = 0; + test_info.paramfail_test_state = PARAMFAIL_TESTSTATE_IDLE; -#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) - /* Suppress all output from the library unless we're verbose @@ -36,7 +36,7 @@ Index: tests/suites/host_test.function function_id = strtol( params[0], NULL, 10 ); if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS ) -@@ -572,13 +555,6 @@ int execute_tests( int argc , const char ** argv ) +@@ -573,13 +556,6 @@ int execute_tests( int argc , const char ** argv ) } } @@ -50,7 +50,7 @@ Index: tests/suites/host_test.function } -@@ -662,10 +638,6 @@ int execute_tests( int argc , const char ** argv ) +@@ -663,10 +639,6 @@ int execute_tests( int argc , const char ** argv ) mbedtls_memory_buffer_alloc_free(); #endif