[openwrt/openwrt] wolfssl: update to 5.1.1-stable

LEDE Commits lede-commits at lists.infradead.org
Sat Feb 12 15:32:47 PST 2022


hauke pushed a commit to openwrt/openwrt.git, branch openwrt-21.02:
https://git.openwrt.org/5b13b0b02c703a3c0c60828abfde01f283a2d821

commit 5b13b0b02c703a3c0c60828abfde01f283a2d821
Author: Sergey V. Lobanov <sergey at lobanov.in>
AuthorDate: Sat Jan 1 22:37:13 2022 +0300

    wolfssl: update to 5.1.1-stable
    
    Bump from 4.8.1-stable to 5.1.1-stable
    
    Detailed release notes: https://github.com/wolfSSL/wolfssl/releases
    
    Upstreamed patches:
    001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch -
     https://github.com/wolfSSL/wolfssl/commit/fa8f23284d4689c2a737204b337b58d966dcbd8c
    002-Update-macro-guard-on-SHA256-transform-call.patch -
     https://github.com/wolfSSL/wolfssl/commit/f447e4c1fa4c932c0286fa0331966756e243db81
    
    Refreshed patches:
    100-disable-hardening-check.patch
    200-ecc-rng.patch
    
    CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains
    configure option
    
    The size of the ipk changed on aarch64 like this:
    491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk
    520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk
    
    Tested-by: Alozxy <alozxy at users.noreply.github.com>
    Acked-by: Eneas U de Queiroz <cotequeiroz at gmail.com>
    Signed-off-by: Sergey V. Lobanov <sergey at lobanov.in>
    (cherry picked from commit 93d91197b98463277b601ec2653351666a4ca4bd)
---
 package/libs/wolfssl/Makefile                      |   6 +-
 ...-asm-change-asm-snippets-to-get-compiling.patch | 116 ---------------------
 ...date-macro-guard-on-SHA256-transform-call.patch |  22 ----
 .../patches/100-disable-hardening-check.patch      |   2 +-
 package/libs/wolfssl/patches/200-ecc-rng.patch     |   4 +-
 5 files changed, 6 insertions(+), 144 deletions(-)

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 1b6dca09a3..00db9a7712 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=4.8.1-stable
+PKG_VERSION:=5.1.1-stable
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=50db45f348f47e00c93dd244c24108220120cb3cc9d01434789229c32937c444
+PKG_HASH:=d3e0544dbe7e9587c0f6538cdc671b6492663bb7a4281819538abe6c99cdbd92
 
 PKG_FIXUP:=libtool libtool-abiver
 PKG_INSTALL:=1
@@ -64,7 +64,6 @@ TARGET_CFLAGS += \
 	-fomit-frame-pointer \
 	-flto \
 	-DFP_MAX_BITS=8192 \
-	-DWOLFSSL_ALT_CERT_CHAINS \
 	$(if $(CONFIG_WOLFSSL_ALT_NAMES),-DWOLFSSL_ALT_NAMES)
 
 TARGET_LDFLAGS += -flto
@@ -77,6 +76,7 @@ CONFIGURE_ARGS += \
 	--enable-opensslextra \
 	--enable-sni \
 	--enable-stunnel \
+	--enable-altcertchains \
 	--disable-crypttests \
 	--disable-examples \
 	--disable-jobserver \
diff --git a/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch b/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch
deleted file mode 100644
index 763f9e8d06..0000000000
--- a/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-From fa8f23284d4689c2a737204b337b58d966dcbd8c Mon Sep 17 00:00:00 2001
-From: Sean Parkinson <sean at wolfssl.com>
-Date: Fri, 20 Aug 2021 10:23:38 +1000
-Subject: [PATCH] Maths x86 asm: change asm snippets to get compiling
-
-TFM:
-  Use register or memory for c0, c1, c2 in SQRADD and SQRADD2.
-SP:
-  Use register or memory for vl, vh, vo in SP_ASM_MUL_ADD,
-SP_ASM_MUL_ADD2 and SP_ASM_SQR_ADD.
----
- wolfcrypt/src/asm.c    | 29 ++++++++++++++++++++---------
- wolfcrypt/src/sp_int.c |  6 +++---
- 2 files changed, 23 insertions(+), 12 deletions(-)
-
---- a/wolfcrypt/src/asm.c
-+++ b/wolfcrypt/src/asm.c
-@@ -698,33 +698,39 @@ __asm__(                             \
- 
- #define SQRADD(i, j)                                      \
- __asm__(                                                  \
--     "movl  %6,%%eax     \n\t"                            \
-+     "movl  %3,%%eax     \n\t"                            \
-      "mull  %%eax        \n\t"                            \
-      "addl  %%eax,%0     \n\t"                            \
-      "adcl  %%edx,%1     \n\t"                            \
-      "adcl  $0,%2        \n\t"                            \
--     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","cc");
-+     :"+rm"(c0), "+rm"(c1), "+rm"(c2)                     \
-+     : "m"(i)                                             \
-+     :"%eax","%edx","cc");
- 
- #define SQRADD2(i, j)                                     \
- __asm__(                                                  \
--     "movl  %6,%%eax     \n\t"                            \
--     "mull  %7           \n\t"                            \
-+     "movl  %3,%%eax     \n\t"                            \
-+     "mull  %4           \n\t"                            \
-      "addl  %%eax,%0     \n\t"                            \
-      "adcl  %%edx,%1     \n\t"                            \
-      "adcl  $0,%2        \n\t"                            \
-      "addl  %%eax,%0     \n\t"                            \
-      "adcl  %%edx,%1     \n\t"                            \
-      "adcl  $0,%2        \n\t"                            \
--     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","%edx", "cc");
-+     :"+rm"(c0), "+rm"(c1), "+rm"(c2)                     \
-+     : "m"(i), "m"(j)                                     \
-+     :"%eax","%edx", "cc");
- 
- #define SQRADDSC(i, j)                                    \
--__asm__(                                                     \
-+__asm__(                                                  \
-      "movl  %3,%%eax     \n\t"                            \
-      "mull  %4           \n\t"                            \
-      "movl  %%eax,%0     \n\t"                            \
-      "movl  %%edx,%1     \n\t"                            \
-      "xorl  %2,%2        \n\t"                            \
--     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","cc");
-+     :"=r"(sc0), "=r"(sc1), "=r"(sc2)                     \
-+     : "g"(i), "g"(j)                                     \
-+     :"%eax","%edx","cc");
- 
- #define SQRADDAC(i, j)                                    \
- __asm__(                                                  \
-@@ -733,7 +739,9 @@ __asm__(
-      "addl  %%eax,%0     \n\t"                            \
-      "adcl  %%edx,%1     \n\t"                            \
-      "adcl  $0,%2        \n\t"                            \
--     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","cc");
-+     :"=r"(sc0), "=r"(sc1), "=r"(sc2)                     \
-+     : "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j)       \
-+     :"%eax","%edx","cc");
- 
- #define SQRADDDB                                          \
- __asm__(                                                  \
-@@ -743,7 +751,10 @@ __asm__(
-      "addl %6,%0         \n\t"                            \
-      "adcl %7,%1         \n\t"                            \
-      "adcl %8,%2         \n\t"                            \
--     :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
-+     :"=r"(c0), "=r"(c1), "=r"(c2)                        \
-+     : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1),     \
-+       "r"(sc2)                                           \
-+     : "cc");
- 
- #elif defined(TFM_X86_64)
- /* x86-64 optimized */
---- a/wolfcrypt/src/sp_int.c
-+++ b/wolfcrypt/src/sp_int.c
-@@ -476,7 +476,7 @@ static WC_INLINE sp_int_digit sp_div_wor
-         "addl	%%eax, %[l]	\n\t"                    \
-         "adcl	%%edx, %[h]	\n\t"                    \
-         "adcl	$0   , %[o]	\n\t"                    \
--        : [l] "+r" (vl), [h] "+r" (vh), [o] "+r" (vo)    \
-+        : [l] "+rm" (vl), [h] "+rm" (vh), [o] "+rm" (vo) \
-         : [a] "r" (va), [b] "r" (vb)                     \
-         : "eax", "edx", "cc"                             \
-     )
-@@ -502,7 +502,7 @@ static WC_INLINE sp_int_digit sp_div_wor
-         "addl	%%eax, %[l]	\n\t"                    \
-         "adcl	%%edx, %[h]	\n\t"                    \
-         "adcl	$0   , %[o]	\n\t"                    \
--        : [l] "+r" (vl), [h] "+r" (vh), [o] "+r" (vo)    \
-+        : [l] "+rm" (vl), [h] "+rm" (vh), [o] "+rm" (vo) \
-         : [a] "r" (va), [b] "r" (vb)                     \
-         : "eax", "edx", "cc"                             \
-     )
-@@ -541,7 +541,7 @@ static WC_INLINE sp_int_digit sp_div_wor
-         "addl	%%eax, %[l]	\n\t"                    \
-         "adcl	%%edx, %[h]	\n\t"                    \
-         "adcl	$0   , %[o]	\n\t"                    \
--        : [l] "+r" (vl), [h] "+r" (vh), [o] "+r" (vo)    \
-+        : [l] "+rm" (vl), [h] "+rm" (vh), [o] "+rm" (vo) \
-         : [a] "m" (va)                                   \
-         : "eax", "edx", "cc"                             \
-     )
diff --git a/package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch b/package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch
deleted file mode 100644
index f986b72798..0000000000
--- a/package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From f447e4c1fa4c932c0286fa0331966756e243db81 Mon Sep 17 00:00:00 2001
-From: JacobBarthelmeh <jacob at wolfssl.com>
-Date: Fri, 17 Sep 2021 15:06:13 -0700
-Subject: [PATCH] update macro guard on SHA256 transform call
-
----
- src/ssl.c   | 3 ++-
- tests/api.c | 3 ++-
- 2 files changed, 4 insertions(+), 2 deletions(-)
-
---- a/src/ssl.c
-+++ b/src/ssl.c
-@@ -17639,7 +17639,8 @@ size_t wolfSSL_get_client_random(const W
-     
-     #if defined(OPENSSL_EXTRA)
-     #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
--        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
-+        !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH)
-     /* Apply SHA256 transformation to the data */
-     int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256, 
-                                                 const unsigned char* data)
diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
index 4141e28750..79d0d6f759 100644
--- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch
+++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
@@ -1,6 +1,6 @@
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -2274,7 +2274,7 @@ extern void uITRON4_free(void *p) ;
+@@ -2346,7 +2346,7 @@ extern void uITRON4_free(void *p) ;
  #endif
  
  /* warning for not using harden build options (default with ./configure) */
diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch
index d8581be7eb..78ff4b1f4a 100644
--- a/package/libs/wolfssl/patches/200-ecc-rng.patch
+++ b/package/libs/wolfssl/patches/200-ecc-rng.patch
@@ -11,7 +11,7 @@ RNG regardless of the built settings for wolfssl.
 
 --- a/wolfcrypt/src/ecc.c
 +++ b/wolfcrypt/src/ecc.c
-@@ -10938,21 +10938,21 @@ void wc_ecc_fp_free(void)
+@@ -11647,21 +11647,21 @@ void wc_ecc_fp_free(void)
  
  #endif /* FP_ECC */
  
@@ -37,7 +37,7 @@ RNG regardless of the built settings for wolfssl.
  
 --- a/wolfssl/wolfcrypt/ecc.h
 +++ b/wolfssl/wolfcrypt/ecc.h
-@@ -616,10 +616,8 @@ WOLFSSL_API
+@@ -647,10 +647,8 @@ WOLFSSL_API
  void wc_ecc_fp_free(void);
  WOLFSSL_LOCAL
  void wc_ecc_fp_init(void);



More information about the lede-commits mailing list