openwrt/package/libs/mbedtls/Makefile
Baptiste Jonglez 3e35eb13ad mbedtls: Re-allow SHA1-signed certificates
Since mbedtls 2.5.1, SHA1 has been disallowed in TLS certificates.
This breaks openvpn clients that try to connect to servers that
present a TLS certificate signed with SHA1, which is fairly common.

Run-tested with openvpn-mbedtls 2.4.3, LEDE 17.01.2, on ar71xx.

Fixes: FS#942

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2017-08-11 20:45:28 +02:00

73 lines
1.8 KiB
Makefile

#
# Copyright (C) 2011-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=mbedtls
PKG_VERSION:=2.5.1
PKG_RELEASE:=2
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
PKG_SOURCE_URL:=https://tls.mbed.org/download/
PKG_HASH:=312f020006f0d8e9ede3ed8e73d907a629baf6475229703941769372ab0adee2
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0+
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/mbedtls/Default
SUBMENU:=SSL
TITLE:=Embedded SSL
URL:=https://tls.mbed.org
endef
define Package/mbedtls/Default/description
The aim of the mbedtls project is to provide a quality, open-source
cryptographic library written in C and targeted at embedded systems.
endef
define Package/libmbedtls
$(call Package/mbedtls/Default)
SECTION:=libs
CATEGORY:=Libraries
TITLE+= (library)
ABI_VERSION:=$(PKG_VERSION)-$(PKG_RELEASE)
endef
define Package/libmbedtls/description
$(call Package/mbedtls/Default/description)
This package contains the mbedtls library.
endef
PKG_INSTALL:=1
TARGET_CFLAGS += -ffunction-sections -fdata-sections
CMAKE_OPTIONS += \
-DCMAKE_BUILD_TYPE:String="Release" \
-DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
-DENABLE_TESTING:Bool=OFF \
-DENABLE_PROGRAMS:Bool=OFF \
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/mbedtls $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.a $(1)/usr/lib/
endef
define Package/libmbedtls/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/
endef
$(eval $(call BuildPackage,libmbedtls))