mirror of
https://github.com/openwrt/openwrt.git
synced 2025-02-03 09:40:44 +00:00
f609913b5c
This fixes the following security problems: * CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled * CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures This release is also ABI incompatible with the previous one, but it is API compatible. Some functions used by a lot of other software was renamed and the old function names are provided as a static inline now, but they are only active when deprecated functions are allowed, deactivate the removal of deprecated functions for now. Also increase the PKG_RELEASE version to force a rebuild and update of packages depending on mbedtls to handle the changed ABI. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
71 lines
1.7 KiB
Makefile
71 lines
1.7 KiB
Makefile
#
|
|
# Copyright (C) 2010-2015 Jo-Philipp Wich <jo@mein.io>
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
#
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=px5g
|
|
PKG_RELEASE:=5
|
|
PKG_LICENSE:=LGPL-2.1
|
|
PKG_BUILD_DIR:=$(BUILD_DIR)/px5g-$(BUILD_VARIANT)
|
|
|
|
PKG_USE_MIPS16:=0
|
|
|
|
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/px5g-mbedtls
|
|
SECTION:=utils
|
|
CATEGORY:=Utilities
|
|
SUBMENU:=Encryption
|
|
TITLE:=X.509 certificate generator (using mbedtls)
|
|
DEPENDS:=+libmbedtls
|
|
PROVIDES:=px5g
|
|
VARIANT:=mbedtls
|
|
endef
|
|
|
|
define Package/px5g-mbedtls/description
|
|
Px5g is a tiny standalone X.509 certificate generator.
|
|
It suitable to create key files and certificates in DER
|
|
and PEM format for use with stunnel, uhttpd and others.
|
|
endef
|
|
|
|
define Package/px5g-standalone
|
|
SECTION:=utils
|
|
CATEGORY:=Utilities
|
|
SUBMENU:=Encryption
|
|
TITLE:=X.509 certificate generator (standalone)
|
|
VARIANT:=standalone
|
|
endef
|
|
Package/px5g-standalone/description = $(Package/px5g-mbedtls/description)
|
|
|
|
define Build/Prepare
|
|
mkdir -p $(PKG_BUILD_DIR)
|
|
endef
|
|
|
|
TARGET_LDFLAGS += -lmbedtls -lmbedx509 -lmbedcrypto
|
|
|
|
ifeq ($(BUILD_VARIANT),standalone)
|
|
TARGET_LDFLAGS := -Wl,-Bstatic $(TARGET_LDFLAGS) -Wl,-Bdynamic
|
|
endif
|
|
|
|
TARGET_CFLAGS += -Wl,--gc-sections
|
|
|
|
define Build/Compile
|
|
$(TARGET_CC) $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -o $(PKG_BUILD_DIR)/px5g px5g.c $(TARGET_LDFLAGS)
|
|
endef
|
|
|
|
define Package/px5g-mbedtls/install
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(INSTALL_BIN) $(PKG_BUILD_DIR)/px5g $(1)/usr/sbin/px5g
|
|
endef
|
|
|
|
Package/px5g-standalone/install = $(Package/px5g-mbedtls/install)
|
|
|
|
$(eval $(call BuildPackage,px5g-mbedtls))
|
|
$(eval $(call BuildPackage,px5g-standalone))
|