[LEDE-DEV] [PATCH] cyassl/wolfssl: update to 3.9.0

Thu May 19 04:27:48 PDT 2016

- disable sslv3 (security)
- patch is not needed anymore (see src/ssl.c)

tested on ar71xx w. curl

Signed-off-by: Dirk Neukirchen <dirkneukirchen at web.de>
---
 package/libs/cyassl/Makefile                          |  9 +++++----
 .../cyassl/patches/300-SSL_set_tlsext_host_name.patch | 19 -------------------
 2 files changed, 5 insertions(+), 23 deletions(-)
 delete mode 100644 package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch

diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile
index 7384a3d..7501b99 100644
--- a/package/libs/cyassl/Makefile
+++ b/package/libs/cyassl/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=3.8.0
-PKG_RELEASE:=2
+PKG_VERSION:=3.9.0
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
 PKG_SOURCE_URL:=https://www.wolfssl.com/
-PKG_MD5SUM:=a73d90c5439adea97a5002a73b46ddeb
+PKG_MD5SUM:=f3396726a9befd61443c2cce216e39ba
 
 PKG_FIXUP:=libtool
 PKG_INSTALL:=1
@@ -41,9 +41,10 @@ CONFIGURE_ARGS += \
 	--without-zlib \
 	--enable-singlethreaded \
 	--enable-opensslextra \
+	--enable-sessioncerts \
 	--enable-sni \
 	--enable-ecc \
-	--enable-sslv3 \
+	--enable-sha512 \
 	--disable-examples
 
 #ifneq ($(CONFIG_TARGET_x86),)
diff --git a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch b/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch
deleted file mode 100644
index a35cdad..0000000
--- a/package/libs/cyassl/patches/300-SSL_set_tlsext_host_name.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- a/wolfssl/openssl/ssl.h
-+++ b/wolfssl/openssl/ssl.h
-@@ -401,6 +401,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STOR
- /* yassl had set the default to be 500 */
- #define SSL_get_default_timeout(ctx) 500
- 
-+#define SSL_set_tlsext_host_name(x, y) wolfSSL_UseSNI(x, WOLFSSL_SNI_HOST_NAME, y, strlen(y))
-+ 
- /* Lighthttp compatability */
- 
- #ifdef HAVE_LIGHTY                       
-@@ -487,7 +489,6 @@ typedef WOLFSSL_ASN1_BIT_STRING    ASN1_
- #define SSL_TLSEXT_ERR_NOACK                 alert_warning
- #define TLSEXT_NAMETYPE_host_name            WOLFSSL_SNI_HOST_NAME
- 
--#define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name
- #define SSL_get_servername wolfSSL_get_servername
- #define SSL_set_SSL_CTX                  wolfSSL_set_SSL_CTX
- #define SSL_CTX_get_verify_callback      wolfSSL_CTX_get_verify_callback
-- 
2.8.2


