mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-27 01:11:14 +00:00
280fdac18f
This fixes two minor security problems. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
243 lines
5.1 KiB
Diff
243 lines
5.1 KiB
Diff
--- a/include/polarssl/config.h
|
|
+++ b/include/polarssl/config.h
|
|
@@ -432,8 +432,8 @@
|
|
* Requires: POLARSSL_HMAC_DRBG_C
|
|
*
|
|
* Comment this macro to disable deterministic ECDSA.
|
|
- */
|
|
#define POLARSSL_ECDSA_DETERMINISTIC
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
|
|
@@ -454,8 +454,8 @@
|
|
* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
|
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
|
|
* TLS_PSK_WITH_RC4_128_SHA
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
|
|
@@ -478,8 +478,8 @@
|
|
* TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
|
* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
|
|
* TLS_DHE_PSK_WITH_RC4_128_SHA
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
|
@@ -498,8 +498,8 @@
|
|
* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
|
* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
|
|
* TLS_ECDHE_PSK_WITH_RC4_128_SHA
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
|
|
@@ -523,8 +523,8 @@
|
|
* TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
|
* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
|
|
* TLS_RSA_PSK_WITH_RC4_128_SHA
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED
|
|
@@ -602,8 +602,8 @@
|
|
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
|
* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
|
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
|
@@ -626,8 +626,8 @@
|
|
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
|
|
* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
|
|
* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
|
@@ -650,8 +650,8 @@
|
|
* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
|
|
* TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
|
|
* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
|
@@ -674,8 +674,8 @@
|
|
* TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
|
|
* TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
|
* TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
|
- */
|
|
#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_PK_PARSE_EC_EXTENDED
|
|
@@ -835,8 +835,8 @@
|
|
* \def POLARSSL_SELF_TEST
|
|
*
|
|
* Enable the checkup functions (*_self_test).
|
|
- */
|
|
#define POLARSSL_SELF_TEST
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_SSL_ALL_ALERT_MESSAGES
|
|
@@ -1139,8 +1139,8 @@
|
|
* Requires: POLARSSL_VERSION_C
|
|
*
|
|
* Comment this to disable run-time checking and save ROM space
|
|
- */
|
|
#define POLARSSL_VERSION_FEATURES
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
|
|
@@ -1469,8 +1469,8 @@
|
|
* TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
|
* TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
|
* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
|
- */
|
|
#define POLARSSL_CAMELLIA_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_CCM_C
|
|
@@ -1497,8 +1497,8 @@
|
|
* Requires: POLARSSL_PEM_PARSE_C
|
|
*
|
|
* This module is used for testing (ssl_client/server).
|
|
- */
|
|
#define POLARSSL_CERTS_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_CIPHER_C
|
|
@@ -1537,8 +1537,8 @@
|
|
* library/ssl_tls.c
|
|
*
|
|
* This module provides debugging functions.
|
|
- */
|
|
#define POLARSSL_DEBUG_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_DES_C
|
|
@@ -1593,8 +1593,8 @@
|
|
* ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
|
|
*
|
|
* Requires: POLARSSL_ECP_C
|
|
- */
|
|
#define POLARSSL_ECDH_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_ECDSA_C
|
|
@@ -1608,8 +1608,8 @@
|
|
* ECDHE-ECDSA
|
|
*
|
|
* Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
|
|
- */
|
|
#define POLARSSL_ECDSA_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_ECP_C
|
|
@@ -1621,8 +1621,8 @@
|
|
* library/ecdsa.c
|
|
*
|
|
* Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
|
|
- */
|
|
#define POLARSSL_ECP_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_ENTROPY_C
|
|
@@ -1698,8 +1698,8 @@
|
|
* Requires: POLARSSL_MD_C
|
|
*
|
|
* Uncomment to enable the HMAC_DRBG random number geerator.
|
|
- */
|
|
#define POLARSSL_HMAC_DRBG_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_MD_C
|
|
@@ -1825,8 +1825,8 @@
|
|
* Requires: POLARSSL_HAVE_ASM
|
|
*
|
|
* This modules adds support for the VIA PadLock on x86.
|
|
- */
|
|
#define POLARSSL_PADLOCK_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_PBKDF2_C
|
|
@@ -1991,8 +1991,8 @@
|
|
* Module: library/ripemd160.c
|
|
* Caller: library/md.c
|
|
*
|
|
- */
|
|
#define POLARSSL_RIPEMD160_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_RSA_C
|
|
@@ -2071,8 +2071,8 @@
|
|
* Caller:
|
|
*
|
|
* Requires: POLARSSL_SSL_CACHE_C
|
|
- */
|
|
#define POLARSSL_SSL_CACHE_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_SSL_CLI_C
|
|
@@ -2148,8 +2148,8 @@
|
|
* Caller: library/havege.c
|
|
*
|
|
* This module is used by the HAVEGE random number generator.
|
|
- */
|
|
#define POLARSSL_TIMING_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_VERSION_C
|
|
@@ -2159,8 +2159,8 @@
|
|
* Module: library/version.c
|
|
*
|
|
* This module provides run-time version information.
|
|
- */
|
|
#define POLARSSL_VERSION_C
|
|
+ */
|
|
|
|
/**
|
|
* \def POLARSSL_X509_USE_C
|
|
@@ -2269,8 +2269,8 @@
|
|
*
|
|
* Module: library/xtea.c
|
|
* Caller:
|
|
- */
|
|
#define POLARSSL_XTEA_C
|
|
+ */
|
|
|
|
/* \} name SECTION: mbed TLS modules */
|
|
|