This fixes the build on MIPS BE like ath25 and ath79 target.
We get this error message when linking libwolfssl:
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libwolfssl.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libwolfssl.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: skipping incompatible /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libwolfssl.so when searching for -lwolfssl
mips-openwrt-linux-musl/bin/ld: cannot find -lwolfssl
collect2: error: ld returned 1 exit status
This reverts commit 2591c83b34.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes the build on MIPS BE like ath25 and ath79 target.
We get this error message when linking libubox:
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libubox.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libubox.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: skipping incompatible /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libubox.so when searching for -lubox
This reverts commit f421fefa8a.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fix license information.
Fix wrong ABI version. The library is versioned as libnftnl.so.11.4.0
Add PKG_BUILD_PARALLEL for faster compilation.
Remove autoreconf as nothing is being patched.
Minor cleanups for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).
The patch is backported from the upstream wolfssl development branch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reordered for consistency between packages.
Fixed license information.
Change PKG_BUILD_PARALLEL to 1. This is no longer a problem.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This adds a config option to allow compiling with HKDF algorithm support
to support applications that require this feature.
Signed-off-by: Etan Kissling <etan_kissling@apple.com>
This fixes the following build problem in hostapd:
mipsel-openwrt-linux-musl/bin/ld: /builder/shared-workdir/build/tmp/ccN4Wwer.ltrans7.ltrans.o: in function `crypto_ec_point_add':
<artificial>:(.text.crypto_ec_point_add+0x170): undefined reference to `ecc_projective_add_point'
mipsel-openwrt-linux-musl/bin/ld: <artificial>:(.text.crypto_ec_point_add+0x18c): undefined reference to `ecc_map'
mipsel-openwrt-linux-musl/bin/ld: /builder/shared-workdir/build/tmp/ccN4Wwer.ltrans7.ltrans.o: in function `crypto_ec_point_to_bin':
<artificial>:(.text.crypto_ec_point_to_bin+0x40): undefined reference to `ecc_map'
Fixes: ba40da9045 ("wolfssl: Update to v4.6.0-stable")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The symbol determines if the libevent2-pthreads libraries get built or not.
If we want to select libevent2-pthreads, and these haven't been built, an
error will occur mentioning that there are no 'libevent_pthreads-2.1.so'
files.
Adding CONFIG_PACKAGE_libevent2-pthreads to PKG_CONFIG_DEPEND will make
sure that the libraries get re-built in case libevent2-pthreads is
selected.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This version fixes a large number of bugs, although no security
vulnerabilities are listed.
Full changelog at:
https://www.wolfssl.com/docs/wolfssl-changelog/
or, as part of the version's README.md:
https://github.com/wolfSSL/wolfssl/blob/v4.6.0-stable/README.md
Due a number of API additions, size increases from 374.7K to 408.8K for
arm_cortex_a9_vfpv3-d16. The ABI does not change from previous version.
Backported patches were removed; remaining patch was refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
pcap-config as installed is using OS paths instead of OpenWrt ones.
Take fix from libpng and adjust as needed.
This problem seems to occur on Arch Linux and not on Debian/Fedora
based distros. No idea why.
Remove CMAKE_INSTALL as there is now an InstallDev section.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The paths are pointing to OS paths, not OpenWrt ones. Use SED line from
libpng to fix and adjust accordingly.
This may allow certain packages that use the config file to pick up pcre.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Updated ABI_VERSION.
Switched PKG_BUILD_PARALLEL on as there seems to be no issue anymore.
I can't find any information about why it was turned off.
Fixed license information.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
MIPS 32 bit support for sanitizer was added with GCC 9, MIPS 64 bit and
ARC are still not supported in GCC 10.
Deactivate them for now and change this when we change the default
compiler to GCC 9 or later.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Cleanup Makefile for consistency with other ones.
Remove PKG_SSP. It can be fixed with -lssp_nonshared.
Add PKG_BUILD_PARALLEL for faster compilation.
Add zlib dependency. 1.5.0 requires it now.
Refresh patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2c843b2bc04c Add initial GitLab CI support
073f89f567c0 uclient-fetch: wolfSSL: fix certificate validation
086c292160ac uclient-fetch: init_ca_cert: fix memory leak
a3c1a88b031a cmake: enable extra compiler checks
32ff717ed316 uclient-http: fix extra compiler warnings on mips_24kc and cortex-a9+neon
86a2ac6ac46f uclient-fetch: fix potential memory leaks
158dd9dd289c uclient: fix initialized but never read variable
66b4420856a7 uclient-fetch: fix statement may fallt hrough
436f9b3af2ad uclient-http: fix freeing of stack allocated memory
e6b5b8a98ce2 Fix extra compiler warnings
12df67e45bb0 Add basic cram based unit tests
b6e34845124f cmake: fix building out of the tree
Signed-off-by: Petr Štetiar <ynezz@true.cz>
68d09243b6fd Add initial GitLab CI support
8280140db9d1 wolfssl: remove now deprecated compatibility code
cee6791b362a ustream-mbedtls: fix certificate verification
55c3fd89d508 ustream-mbedtls: implement set_require_validation
c6b4c48689a3 ustream-openssl: wolfSSL: fix certificate validation
3bc05402bfab cmake: enable extra compiler checks
cd2c3d12db43 ustream-mbedtls: fix comparison of integers of different signs
5896991e46a3 ustream-openssl: fix BIO_method memory leak
2c342ae57c5b ustream-openssl: fix wolfSSL includes
fa8ecd6ed140 cmake: fix linking when mbed TLS not in default paths
63656f81045f cmake: fix linking when wolfSSL not in default paths
c26f71e844df cmake: fix building out of the tree
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add new utility function mkdir_p(char *path, mode_t mode) to replace
the partially buggy implementations found accross fstools and procd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fixes: CVE-2020-1971, defined as high severity, summarized as:
NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS
attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This enables all OpenSSL API available. It is required to avoid some
silent failures, such as when performing client certificate validation.
Package size increases from 356.6K to 374.7K for
arm_cortex-a9_vfpv3-d16.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tnis adds the --enable-lighty option to configure, enabling the minimum
API needed to run lighttpd, in the packages feed. Size increase is
about 120 bytes for arm_cortex-a9_vfpv3-d16.
While at it, speed up build by disabling crypt bench/test.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This is a neat project, but offers no benefit to OpenWrt. The initial
reason for it was to be a replacement for libstdcpp as it is smaller
and lacks compatibility for C++98. Unfortunately, compiling several
packages with it results in larger ipk sizes.
While not a member of the packages feed, this will be moved to
packages-abandoned to keep it somewhere.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This sets the --cross-compile-prefix option when running Configure, so
that that it will not use the host gcc to figure out, among other
things, compiler defines. It avoids errors, if the host 'gcc' is
handled by clang:
mips-openwrt-linux-musl-gcc: error: unrecognized command-line option
'-Qunused-arguments'
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
Added PKG_INSTALL to avoid using an explicit define Build/Compile
Added PKG_BUILD_PARALLEL for faster compilation.
Removed TARGET_CLAFGS. They are no longer necessary.
fPIC is default now. So is gnu99. -DUSE_DOS is a hack to include old
and mostly unused conversions.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
- Removed following patches:
100-strip_charsets.patch - makes the full variant slim.
101-autotools.patch - this one fails to apply because it was backported
from newer versions for 1.11.1.
103-configure_ac_fix.patch - backported from newer versions
200-work-with-libtool2.patch - is not needed anymore, it is done
differently in upstream
300-fortify-source-compat.patch - these files are not there anymore
- TVHeadend requires working iconv library e.g. transliteration to ASCII
and this does not work with libiconv-full currently.
There is a simple test, which requires to install iconv package.
Before applying this update:
root@turris:/# echo ŽluťoučkýKůň | iconv -t ASCII//TRANSLIT//IGNORE
luoukK
After applying this update:
root@turris:~# echo ŽluťoučkýKůň | iconv -t ASCII//TRANSLIT//IGNORE
Zlutouck'yKun
- Makefile changes:
Use HTTPS for their website
Fixed deprecated SPDX License Identifier
Move PKG_MAINTAINER above PKG_LICENSE
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com> [malta]
compiler warns that exit() isn't defined so checks for build system
compiler fail.
include <stdlib.h> to define exit()
Tested under macos Catalina & Big Sur
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>