polarssl: backport of r35525

Signed-off-by: Tim Yardley <yardley@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/packages_12.09@35529 3c298f89-4303-0410-b956-a3cf2f4a3e73

diff --git a/libs/polarssl/Makefile b/libs/polarssl/Makefile
index 5dc2cf4..a66402c 100644 (file)
--- a/libs/polarssl/Makefile
+++ b/libs/polarssl/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=polarssl
-PKG_VERSION:=1.1.3
+PKG_VERSION:=1.2.5
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
-PKG_SOURCE_URL:=http://polarssl.org/code/releases
-PKG_MD5SUM:=fdd367e3b5ab43ed2af8ffbdfaf0fb81
+PKG_SOURCE_URL:=https://polarssl.org/code/releases
+PKG_MD5SUM:=f42dd79cd85384ac9ad482caa665ac8f
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk

diff --git a/libs/polarssl/patches/100-disable-testsuites.patch b/libs/polarssl/patches/100-disable-testsuites.patch
index b001cd6..cf9485e 100644 (file)
--- a/libs/polarssl/patches/100-disable-testsuites.patch
+++ b/libs/polarssl/patches/100-disable-testsuites.patch
@@ -1,29 +1,21 @@
---- a/tests/CMakeLists.txt     2012-05-20 18:37:02.390717106 +0200
-+++ b/tests/CMakeLists.txt     2012-05-20 18:37:12.282800152 +0200
-@@ -26,26 +26,3 @@
- endfunction(add_test_suite)
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -38,7 +38,7 @@ add_subdirectory(library)
+ add_subdirectory(include)
  
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-unused-function -Wno-unused-value")
--
--add_test_suite(aes)
--add_test_suite(arc4)
--add_test_suite(base64)
--add_test_suite(camellia)
--add_test_suite(cipher cipher.aes)
--add_test_suite(cipher cipher.camellia)
--add_test_suite(cipher cipher.des)
--add_test_suite(ctr_drbg)
--add_test_suite(debug)
--add_test_suite(des)
--add_test_suite(dhm)
--add_test_suite(error)
--add_test_suite(hmac_shax)
--add_test_suite(md)
--add_test_suite(mdx)
--add_test_suite(mpi)
--add_test_suite(pkcs1_v21)
--add_test_suite(shax)
--add_test_suite(rsa)
--add_test_suite(version)
--add_test_suite(xtea)
--add_test_suite(x509parse)
+ if(CMAKE_COMPILER_IS_GNUCC)
+-  add_subdirectory(tests)
++#  add_subdirectory(tests)
+ endif(CMAKE_COMPILER_IS_GNUCC)
+ 
+ add_subdirectory(programs)
+--- a/programs/CMakeLists.txt
++++ b/programs/CMakeLists.txt
+@@ -3,6 +3,6 @@ add_subdirectory(hash)
+ add_subdirectory(pkey)
+ add_subdirectory(random)
+ add_subdirectory(ssl)
+-add_subdirectory(test)
++#add_subdirectory(test)
+ add_subdirectory(x509)
+ add_subdirectory(util)

diff --git a/libs/polarssl/patches/200-reduce_config.patch b/libs/polarssl/patches/200-reduce_config.patch
new file mode 100644 (file)
index 0000000..c66bb3f
--- /dev/null
+++ b/libs/polarssl/patches/200-reduce_config.patch
@@ -0,0 +1,112 @@
+--- a/include/polarssl/config.h
++++ b/include/polarssl/config.h
+@@ -177,8 +177,8 @@
+  * Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C
+  *
+  * Enable the RSA prime-number generation code.
+- */
+ #define POLARSSL_GENPRIME
++ */
+ 
+ /**
+  * \def POLARSSL_FS_IO
+@@ -235,8 +235,8 @@
+  * \def POLARSSL_SELF_TEST
+  *
+  * Enable the checkup functions (*_self_test).
+- */
+ #define POLARSSL_SELF_TEST
++ */
+ 
+ /**
+  * \def POLARSSL_SSL_ALL_ALERT_MESSAGES
+@@ -425,8 +425,8 @@
+  *      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+  *      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+- */
+ #define POLARSSL_CAMELLIA_C
++ */
+ 
+ /**
+  * \def POLARSSL_CERTS_C
+@@ -437,8 +437,8 @@
+  * Caller:
+  *
+  * This module is used for testing (ssl_client/server).
+- */
+ #define POLARSSL_CERTS_C
++ */
+ 
+ /**
+  * \def POLARSSL_CIPHER_C
+@@ -477,8 +477,8 @@
+  *          library/ssl_tls.c
+  *
+  * This module provides debugging functions.
+- */
+ #define POLARSSL_DEBUG_C
++ */
+ 
+ /**
+  * \def POLARSSL_DES_C
+@@ -560,8 +560,8 @@
+  * enabled as well):
+  *      TLS_RSA_WITH_AES_128_GCM_SHA256
+  *      TLS_RSA_WITH_AES_256_GCM_SHA384
+- */
+ #define POLARSSL_GCM_C
++ */
+ 
+ /**
+  * \def POLARSSL_HAVEGE_C
+@@ -574,8 +574,8 @@
+  * Requires: POLARSSL_TIMING_C
+  *
+  * This module enables the HAVEGE random number generator.
+- */
+ #define POLARSSL_HAVEGE_C
++ */
+ 
+ /**
+  * \def POLARSSL_MD_C
+@@ -649,8 +649,8 @@
+  * Caller:  library/aes.c
+  *
+  * This modules adds support for the VIA PadLock on x86.
+- */
+ #define POLARSSL_PADLOCK_C
++ */
+ 
+ /**
+  * \def POLARSSL_PBKDF2_C
+@@ -763,8 +763,8 @@
+  * Caller:
+  *
+  * Requires: POLARSSL_SSL_CACHE_C
+- */
+ #define POLARSSL_SSL_CACHE_C
++ */
+ 
+ /**
+  * \def POLARSSL_SSL_CLI_C
+@@ -818,8 +818,8 @@
+  * Caller:  library/havege.c
+  *
+  * This module is used by the HAVEGE random number generator.
+- */
+ #define POLARSSL_TIMING_C
++ */
+ 
+ /**
+  * \def POLARSSL_VERSION_C
+@@ -868,8 +868,8 @@
+  *
+  * Module:  library/xtea.c
+  * Caller:
+- */
+ #define POLARSSL_XTEA_C
++ */
+ /* \} name */
+ 
+ #endif /* config.h */

diff --git a/libs/polarssl/patches/300-openssl_cipher_name_compat.patch b/libs/polarssl/patches/300-openssl_cipher_name_compat.patch
new file mode 100644 (file)
index 0000000..6ca43c3
--- /dev/null
+++ b/libs/polarssl/patches/300-openssl_cipher_name_compat.patch
@@ -0,0 +1,53 @@
+--- a/library/cipher.c
++++ b/library/cipher.c
+@@ -279,15 +279,21 @@ const cipher_info_t *cipher_info_from_st
+ #if defined(POLARSSL_BLOWFISH_C)
+     if( !strcasecmp( "BLOWFISH-CBC", cipher_name ) )
+         return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CBC );
++    if( !strcasecmp( "BF-CBC", cipher_name ) )
++        return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CBC );
+ 
+ #if defined(POLARSSL_CIPHER_MODE_CFB)
+     if( !strcasecmp( "BLOWFISH-CFB64", cipher_name ) )
+         return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CFB64 );
++    if( !strcasecmp( "BF-CFB64", cipher_name ) )
++        return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CFB64 );
+ #endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
+ 
+ #if defined(POLARSSL_CIPHER_MODE_CTR)
+     if( !strcasecmp( "BLOWFISH-CTR", cipher_name ) )
+         return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CTR );
++    if( !strcasecmp( "BF-CTR", cipher_name ) )
++        return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CTR );
+ #endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
+ #endif
+ 
+--- a/library/cipher_wrap.c
++++ b/library/cipher_wrap.c
+@@ -643,7 +643,7 @@ const cipher_info_t blowfish_cbc_info = 
+     POLARSSL_CIPHER_BLOWFISH_CBC,
+     POLARSSL_MODE_CBC,
+     32,
+-    "BLOWFISH-CBC",
++    "BF-CBC",
+     8,
+     8,
+     &blowfish_info
+@@ -654,7 +654,7 @@ const cipher_info_t blowfish_cfb64_info 
+     POLARSSL_CIPHER_BLOWFISH_CFB64,
+     POLARSSL_MODE_CFB,
+     32,
+-    "BLOWFISH-CFB64",
++    "BF-CFB64",
+     8,
+     8,
+     &blowfish_info
+@@ -666,7 +666,7 @@ const cipher_info_t blowfish_ctr_info = 
+     POLARSSL_CIPHER_BLOWFISH_CTR,
+     POLARSSL_MODE_CTR,
+     32,
+-    "BLOWFISH-CTR",
++    "BF-CTR",
+     8,
+     8,
+     &blowfish_info

diff --git a/libs/polarssl/patches/310-fix_blowfish_key_len.patch b/libs/polarssl/patches/310-fix_blowfish_key_len.patch
new file mode 100644 (file)
index 0000000..0b4878e
--- /dev/null
+++ b/libs/polarssl/patches/310-fix_blowfish_key_len.patch
@@ -0,0 +1,29 @@
+--- a/library/cipher_wrap.c
++++ b/library/cipher_wrap.c
+@@ -642,7 +642,7 @@ const cipher_base_t blowfish_info = {
+ const cipher_info_t blowfish_cbc_info = {
+     POLARSSL_CIPHER_BLOWFISH_CBC,
+     POLARSSL_MODE_CBC,
+-    32,
++    128,
+     "BF-CBC",
+     8,
+     8,
+@@ -653,7 +653,7 @@ const cipher_info_t blowfish_cbc_info = 
+ const cipher_info_t blowfish_cfb64_info = {
+     POLARSSL_CIPHER_BLOWFISH_CFB64,
+     POLARSSL_MODE_CFB,
+-    32,
++    128,
+     "BF-CFB64",
+     8,
+     8,
+@@ -665,7 +665,7 @@ const cipher_info_t blowfish_cfb64_info 
+ const cipher_info_t blowfish_ctr_info = {
+     POLARSSL_CIPHER_BLOWFISH_CTR,
+     POLARSSL_MODE_CTR,
+-    32,
++    128,
+     "BF-CTR",
+     8,
+     8,