Commit Graph

18 Commits

Author SHA1 Message Date
Hauke Mehrtens
bd20cb272e polarssl: update to version 1.3.17
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:02 +02:00
Jo-Philipp Wich
9e45f9d63c polarssl: enable AES-GCM and CAMELLIA-GCM ciphersuites
Recent versions of Chrome require this ciphers to successfully handshake with
a TLS enabled uhttpd server using the ustream-polarssl backend.

If `CONFIG_GCM` is disabled, `ssl_ciphersuite_from_id()` will return `NULL`
when cipher `0x9d` is looked up, causing the calling `ssl_ciphersuite_match()`
to fail with `POLARSSL_ERR_SSL_INTERNAL_ERROR`.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-11 03:24:57 +02:00
Felix Fietkau
b0b0c319f9 polarssl: update to 1.3.16, fixes intermediate certificate validation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48257
2016-01-16 00:20:05 +00:00
Hauke Mehrtens
b792ea7ac0 polarssl: update to version 1.3.14
This fixes CVE-2015-5291 and some other smaller security issues.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47201
2015-10-18 21:48:32 +00:00
Felix Fietkau
34cacae2b9 polarssl: disable runtime version checks to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45607
2015-05-05 10:00:49 +00:00
Felix Fietkau
434bf8a90b polarssl: disable an unused random number generator
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45606
2015-05-05 10:00:36 +00:00
Steven Barth
1a014d170a polarssl: bump to 1.3.10, work around rename to mbedtls
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44361
2015-02-09 12:44:32 +00:00
Jo-Philipp Wich
555492e41a polarssl: patch CVE-2015-1182
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44060
2015-01-20 12:49:54 +00:00
Steven Barth
6d1d02eefb polarssl: update to 1.3.9
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43170
2014-11-03 19:36:06 +00:00
Felix Fietkau
e5daecce98 polarssl: disable SSLv3 support, fixes CVE-2014-3566 (POODLE)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42947
2014-10-18 09:17:31 +00:00
Steven Barth
0472c0e22f polarssl: bump to 1.3.8
SVN-Revision: 42061
2014-08-08 05:20:50 +00:00
Steven Barth
b5b0381cbb polarssl: bump to 1.3.7
SVN-Revision: 40892
2014-06-01 09:49:24 +00:00
Felix Fietkau
6d270ebc2b polarssl: add support for generating rsa keys
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39999
2014-03-21 15:55:18 +00:00
Felix Fietkau
b9825247c2 polarssl: update to version 1.3.4 and add openssl compat patch
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39930
2014-03-14 15:05:46 +00:00
Luka Perkov
d6415bf1bd polarssl: update to 1.2.9
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 38330
2013-10-07 21:28:12 +00:00
Felix Fietkau
4cd1ace48d polarssl: update to version 1.2.8
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37527
2013-07-24 16:59:43 +00:00
Tim Yardley
8f54ec7ce7 polarssl: security update (1.2.5) addressing CBC TLS issue
Signed-off-by: Tim Yardley <yardley@gmail.com>

SVN-Revision: 35525
2013-02-08 19:47:48 +00:00
Felix Fietkau
e4e460afb5 polarssl: add from /packages, update to 1.2.4, fix openssl compatibility
SVN-Revision: 35411
2013-01-30 20:07:04 +00:00