cyassl: update to wolfssl 3.6.0

Upstream wolfssl already has better checks to detect broken ssl v2
ClientHellos, we can remove our hack.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46168
master
Hauke Mehrtens 10 years ago
parent 9177e16098
commit 69a2459c66
  1. 8
      package/libs/cyassl/Makefile
  2. 2
      package/libs/cyassl/patches/100-respect_cflags.patch
  3. 13
      package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch
  4. 4
      package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch
  5. 7
      package/libs/cyassl/patches/400-additional_compatibility.patch

@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=wolfssl PKG_NAME:=wolfssl
PKG_VERSION:=3.4.6 PKG_VERSION:=3.6.0
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
PKG_SOURCE_URL:=http://www.yassl.com/ PKG_SOURCE_URL:=http://www.wolfssl.com/
PKG_MD5SUM:=0410b3841588d635e9ecacb2d42c38f5 PKG_MD5SUM:=69a6700998fdef621103983817b96fe6
PKG_FIXUP:=libtool PKG_FIXUP:=libtool
PKG_INSTALL:=1 PKG_INSTALL:=1
@ -27,7 +27,7 @@ define Package/libcyassl
SUBMENU:=SSL SUBMENU:=SSL
CATEGORY:=Libraries CATEGORY:=Libraries
TITLE:=CyaSSL library TITLE:=CyaSSL library
URL:=http://www.yassl.com/ URL:=http://www.wolfssl.com/
endef endef
define Package/libcyassl/description define Package/libcyassl/description

@ -1,6 +1,6 @@
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -47,7 +47,7 @@ AC_SUBST([CYASSL_LIBRARY_VERSION]) @@ -47,7 +47,7 @@ AC_SUBST([WOLFSSL_LIBRARY_VERSION])
# capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even # capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even
# if user doesn't override, no way to tell # if user doesn't override, no way to tell

@ -1,13 +0,0 @@
--- a/src/internal.c
+++ b/src/internal.c
@@ -6353,6 +6353,10 @@ int ProcessReply(CYASSL* ssl)
b1 =
ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1);
+
+ /* does not appear to a be a SSLv2 client hello */
+ if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 )
+ return UNKNOWN_HANDSHAKE_TYPE;
}
else {
ssl->options.processReply = getRecordLayerHeader;

@ -1,9 +1,9 @@
--- a/wolfssl/openssl/ssl.h --- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h
@@ -398,6 +398,7 @@ @@ -397,6 +397,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR
/* yassl had set the default to be 500 */
#define SSL_get_default_timeout(ctx) 500 #define SSL_get_default_timeout(ctx) 500
+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y)) +#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y))
#ifdef __cplusplus #ifdef __cplusplus

@ -1,6 +1,7 @@
--- a/cyassl/openssl/ssl.h 2015-02-25 13:04:52.000000000 -0800 --- a/cyassl/openssl/ssl.h
+++ b/cyassl/openssl/ssl.h 2015-05-20 11:13:44.476628943 -0700 +++ b/cyassl/openssl/ssl.h
@@ -25,3 +25,12 @@ @@ -24,4 +24,13 @@
*
*/ */
+#ifndef CYASSL_OPENSSL_H_ +#ifndef CYASSL_OPENSSL_H_

Loading…
Cancel
Save