[openwrt/openwrt] wolfssl: bump to 5.5.0

LEDE Commits lede-commits at lists.infradead.org
Fri Sep 2 14:40:04 PDT 2022 

hauke pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/3d88f26d74f7771b808082cef541ed8286c40491

commit 3d88f26d74f7771b808082cef541ed8286c40491
Author: Ivan Pavlov <AuthorReflex at gmail.com>
AuthorDate: Wed Aug 31 08:04:42 2022 +0300

    wolfssl: bump to 5.5.0
    
    Remove upstreamed: 101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch
    
    Some low severity vulnerabilities fixed
    OpenVPN compatibility fixed (broken in 5.4.0)
    Other fixes && improvements
    
    Signed-off-by: Ivan Pavlov <AuthorReflex at gmail.com>
---
 package/libs/wolfssl/Makefile                      |  4 ++--
 .../patches/100-disable-hardening-check.patch      |  2 +-
 ...rand_prime-s-preprocessor-gating-to-match.patch | 23 ----------------------
 package/libs/wolfssl/patches/200-ecc-rng.patch     |  4 ++--
 4 files changed, 5 insertions(+), 28 deletions(-)

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 4554bce5df..ee07081cfd 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=5.4.0-stable
+PKG_VERSION:=5.5.0-stable
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=dc36cc19dad197253e5c2ecaa490c7eef579ad448706e55d73d79396e814098b
+PKG_HASH:=c34b74b5f689fac7becb05583b044e84d3b10d39f38709f0095dd5d423ded67f
 
 PKG_FIXUP:=libtool libtool-abiver
 PKG_INSTALL:=1
diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
index d3ad2e27bc..01bb5974ba 100644
--- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch
+++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
@@ -1,6 +1,6 @@
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -2442,7 +2442,7 @@ extern void uITRON4_free(void *p) ;
+@@ -2445,7 +2445,7 @@ extern void uITRON4_free(void *p) ;
  #endif
  
  /* warning for not using harden build options (default with ./configure) */
diff --git a/package/libs/wolfssl/patches/101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch b/package/libs/wolfssl/patches/101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch
deleted file mode 100644
index 4b56c1568a..0000000000
--- a/package/libs/wolfssl/patches/101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From dc92ec2aa9cb76b782bdba3fc5203267ebf39994 Mon Sep 17 00:00:00 2001
-From: Kareem <kareem at wolfssl.com>
-Date: Fri, 22 Jul 2022 11:07:46 -0700
-Subject: [PATCH] Update sp_rand_prime's preprocessor gating to match
- wolfSSL_BN_generate_prime_ex's.
-
----
- wolfcrypt/src/sp_int.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/wolfcrypt/src/sp_int.c
-+++ b/wolfcrypt/src/sp_int.c
-@@ -15647,8 +15647,8 @@ int sp_radix_size(sp_int* a, int radix,
-  * Prime number generation and checking.
-  ***************************************/
- 
--#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_DH) || !defined(NO_DSA)) && \
--    !defined(WC_NO_RNG)
-+#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || \
-+    !defined(NO_DSA)) && !defined(WC_NO_RNG)
- /* Generate a random prime for RSA only.
-  *
-  * @param  [out]  r     SP integer to hold result.
diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch
index 2e09e6d273..d68ef7f385 100644
--- a/package/libs/wolfssl/patches/200-ecc-rng.patch
+++ b/package/libs/wolfssl/patches/200-ecc-rng.patch
@@ -11,7 +11,7 @@ RNG regardless of the built settings for wolfssl.
 
 --- a/wolfcrypt/src/ecc.c
 +++ b/wolfcrypt/src/ecc.c
-@@ -12288,21 +12288,21 @@ void wc_ecc_fp_free(void)
+@@ -12348,21 +12348,21 @@ void wc_ecc_fp_free(void)
  
  #endif /* FP_ECC */
  
@@ -37,7 +37,7 @@ RNG regardless of the built settings for wolfssl.
  
 --- a/wolfssl/wolfcrypt/ecc.h
 +++ b/wolfssl/wolfcrypt/ecc.h
-@@ -650,10 +650,8 @@ WOLFSSL_API
+@@ -650,10 +650,8 @@ WOLFSSL_ABI WOLFSSL_API
  void wc_ecc_fp_free(void);
  WOLFSSL_LOCAL
  void wc_ecc_fp_init(void);

More information about the lede-commits mailing list