Commit Graph

313 Commits

Author SHA1 Message Date
Jo-Philipp Wich
48d9137d31 openssl: update to v1.0.2d (CVE-2015-1793)
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.

This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46285
2015-07-09 13:04:27 +00:00
Steven Barth
f3cacb9e84 uclibc++: link libssp_nonshared only for musl
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46192
2015-07-06 08:55:28 +00:00
Hauke Mehrtens
69a2459c66 cyassl: update to wolfssl 3.6.0
Upstream wolfssl already has better checks to detect broken ssl v2
ClientHellos, we can remove our hack.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46168
2015-07-03 23:20:36 +00:00
Hauke Mehrtens
9177e16098 cyassl: version bump to 3.4.6
This patch introduces a new build error into coova-chilli, but
coova-chilli already fails to build even without it anyway. CyaSSL is
now called wolfSSL, and all the API's have been renamed, and
backward-compatibility headers added.

Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46167
2015-07-03 23:20:01 +00:00
Jo-Philipp Wich
27b9bf4493 uclibc++: make g++-uc* wrappers relocatable
The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which
will not work outside of the original build environment.

Replace the hardcoded staging_dir occurences with paths relative to the
$STAGING_DIR environment variable to make the g++-uc* wrappers usable in an
SDK environment.

Fixes the libdb47 build failure reported at
  https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46162
2015-07-03 13:33:05 +00:00
Steven Barth
6d48dcb8d5 libubox: fix MD5 for musl on big-endian platforms
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46145
2015-06-29 14:12:38 +00:00
Steven Barth
a47a5dd28d elfutils: bump to 0.163
Bugfix only release.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 46136
2015-06-29 06:47:31 +00:00
Jo-Philipp Wich
a98549b8ec libiconv-full: fix build with fortify source
Avoid redefining `realpath` to fix the following error:

    .../include/fortify/stdlib.h:36:13: error: 'realpath' undeclared here (not in a function)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46127
2015-06-25 12:13:57 +00:00
Steven Barth
933b588e25 uclibc++: link against libssp_nonshared instead of libssp
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46076
2015-06-20 18:36:52 +00:00
Steven Barth
34aeffef08 libpcap: fixup libtool
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46074
2015-06-20 17:37:28 +00:00
Steven Barth
8a9fd81e55 uclibc++: only disable SSP for ppc
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46067
2015-06-19 14:36:37 +00:00
Steven Barth
38da12f7e4 uclibc++: honor ldflags, disable SSP
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46066
2015-06-19 14:09:02 +00:00
Steven Barth
4d548dce67 libtool: enable passthrough for SSP options
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46065
2015-06-19 13:45:48 +00:00
Steven Barth
6e3b087de8 libnl-tiny: honor CFLAGS when linking
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46029
2015-06-18 08:13:04 +00:00
Felix Fietkau
535f58c362 libusb-compat: fix musl compatibility issues
Use stdint types instead of non-standard ones

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 46025
2015-06-18 06:39:09 +00:00
Steven Barth
6ac38545c9 openssl: disable parallel builds (spurious linking break)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46005
2015-06-16 17:28:11 +00:00
Felix Fietkau
7ba6500d2c elfutils: bump to 0.162
Besides source.tgz, 001-elfutils-portability.patch (provided by upstream
project) where updated.

Other patches where updated to fix hulk warnings and minor conflicts.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 45984
2015-06-15 07:46:21 +00:00
Felix Fietkau
b98fb76646 elfutils: import package from packages.git
elfutils is required by perf. So we'll move this package from
packages.git and make it part of the core distribution.

Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>

SVN-Revision: 45969
2015-06-14 17:43:40 +00:00
Felix Fietkau
389144d701 argp-standalone: import package from packages.git
argp-standalone is required by elfutils, itself required by perf. So
we'll move this package from packages.git and make it part of the core
distribution.

Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>

SVN-Revision: 45967
2015-06-14 17:43:28 +00:00
Felix Fietkau
0c66367e3f libubox: update to the latest version, adds a few fixes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45959
2015-06-14 17:41:33 +00:00
Steven Barth
38e0845bd7 openssl: 1.0.2c (srsly, you guys, srsly)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45950
2015-06-12 20:49:20 +00:00
Steven Barth
085a75aec2 openssl: fixes CVE-2015-4000 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792 CVE-2015-1791
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45947
2015-06-11 20:36:46 +00:00
Steven Barth
89c8d78d31 openssl: 1.0.2b (hey, we made it nearly 3 months this time!)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45946
2015-06-11 20:28:44 +00:00
Jo-Philipp Wich
645635801d ustream-ssl: fix compilation against current PolarSSL/mbedTLS version
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45934
2015-06-09 16:52:12 +00:00
Steven Barth
2f463c1112 polarssl: bump to 1.3.11
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45925
2015-06-08 07:38:13 +00:00
Hauke Mehrtens
c1a3a1ac2d ncurses: Fix building with gcc 5.1
This patch is taken from the gentoo guys who extracted this from a large
upstream commit (with many unrelated changes).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 45878
2015-06-02 21:54:54 +00:00
Felix Fietkau
e79506709f libubox: update to the latest version, adds a base64 implementation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45641
2015-05-08 12:35:41 +00:00
Felix Fietkau
af9672cfde ustream-ssl: correct year in PKG_VERSION string
ustream-ssl: correct the year in the PKG_VERSION string, as both r45157 and
r45441 left the old year 2014 there. For a casual user it may seem that the
current code is from April 2014, although
a4ca61527236e89eb9efb782fd9bfd04796144e3 is from April 2015.

http://nbd.name/gitweb.cgi?p=ustream-ssl.git;a=commit;h=a4ca61527236e89eb9efb782fd9bfd04796144e3
https://dev.openwrt.org/changeset/45441/
https://dev.openwrt.org/changeset/45157/

signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 45623
2015-05-08 10:43:48 +00:00
Felix Fietkau
334ad1d49f polarssl: include PKG_RELEASE in ABI_VERSION
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45610
2015-05-05 10:14:04 +00:00
Felix Fietkau
34cacae2b9 polarssl: disable runtime version checks to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45607
2015-05-05 10:00:49 +00:00
Felix Fietkau
434bf8a90b polarssl: disable an unused random number generator
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45606
2015-05-05 10:00:36 +00:00
Steven Barth
4d9694981b nettle: bump to 3.1.1
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45595
2015-05-03 11:19:42 +00:00
Felix Fietkau
4d58f0f4d9 Revert "ncurses: cleanup InstallDev"
This reverts r43204. The symlinks are faulty, as they point to a
temporary staging dir

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45569
2015-04-23 11:06:15 +00:00
Steven Barth
18f55ddf7d nettle: bump to 3.1
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45526
2015-04-20 20:47:42 +00:00
Felix Fietkau
1233e38be8 libnl-tiny: link library with -Bsymbolic-functions
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45510
2015-04-19 18:33:19 +00:00
Felix Fietkau
384ac9cdf7 uclient: update to the latest version, fixes a crash in processing redirect/disconnect after headers
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45446
2015-04-14 21:05:45 +00:00
John Crispin
da2742db3b ustream-ssl: update to latest git HEAD
fixes long writes when using polarssl

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45441
2015-04-14 19:01:24 +00:00
Felix Fietkau
baef360adb librpc: update to the latest version, fixes musl compatibility issues (#19445)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45366
2015-04-10 20:02:55 +00:00
John Crispin
3d248c4dee openssl: disable arm optimisation until we know why it fails on some socs
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45343
2015-04-10 08:27:55 +00:00
Nicolas Thill
fe46689f10 packages: use $(LN) macro, make symlinks relative
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45250
2015-04-03 00:07:43 +00:00
Nicolas Thill
b8dccba8f2 ustream-ssl: fix SNI when building against cyassl
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45224
2015-04-01 15:11:38 +00:00
Nicolas Thill
32085b22b0 libreadline: cleanup Makefile, fix shlib perms
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45223
2015-04-01 15:11:32 +00:00
John Crispin
426d3abe8f cyassl: add --enable-ecc as its needed when using the CA certificates
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45217
2015-04-01 13:00:45 +00:00
John Crispin
97b3237307 ustream-ssl: enable SNI when building for cyassl
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45216
2015-04-01 10:42:33 +00:00
John Crispin
b233fdcfa2 cyassl: add support for SSL_set_tlsext_host_name
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45215
2015-04-01 10:42:28 +00:00
John Crispin
67bf89324d ustream-ssl: properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45157
2015-03-30 13:17:27 +00:00
Felix Fietkau
2d13d8dc76 conntrack-tools: update package (along with associated libraries) to the latest version, fix musl build issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45077
2015-03-28 10:19:26 +00:00
Felix Fietkau
a24db9522c update libnetfilter_conntrack to version 1.0.4
This updates libnetfilter_conntrack to the latest
stable version 1.0.4 which was released Aug-06-2013.

Changeset is available here:
http://git.netfilter.org/libnetfilter_conntrack/log/

Signed-off-by: Christian Mehlis <christian@m3hlis.de>

SVN-Revision: 45074
2015-03-28 10:19:04 +00:00
Felix Fietkau
6aba44bfe0 toolchain: drop obsolete references to the coldfire target
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44975
2015-03-25 14:29:17 +00:00
Felix Fietkau
5d9eeab64a build: remove obsolete references to cris and avr32
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44965
2015-03-24 10:07:40 +00:00