mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-27 01:11:14 +00:00
77e0e99d31
Always build AES-GCM support. Unnecessary patches were removed. This includes two vulnerability fixes: CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK extension parsing. CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes when performing ECDSA signing operations. The leak is considered to be difficult to exploit but it could potentially be used maliciously to perform a lattice based timing attack. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
12 lines
469 B
Diff
12 lines
469 B
Diff
--- a/wolfssl/wolfcrypt/settings.h
|
|
+++ b/wolfssl/wolfcrypt/settings.h
|
|
@@ -1930,7 +1930,7 @@ extern void uITRON4_free(void *p) ;
|
|
#endif
|
|
|
|
/* warning for not using harden build options (default with ./configure) */
|
|
-#ifndef WC_NO_HARDEN
|
|
+#if 0
|
|
#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
|
|
(defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
|
|
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
|