fish/immortalwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
19eb5875db
immortalwrt/package/libs/mbedtls/Makefile
Magnus Kroken 5632ba7585
mbedtls: update to 2.16.8 
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues and the most notable of them
are described in more detail in the security advisories.

* Local side channel attack on RSA and static Diffie-Hellman
* Local side channel attack on classical CBC decryption in (D)TLS
* When checking X.509 CRLs, a certificate was only considered as revoked
if its revocationDate was in the past according to the local clock if
available.

Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2020-09-04 16:13:33 +08:00

125 lines
3.5 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2011-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=mbedtls
PKG_VERSION:=2.16.8
PKG_RELEASE:=1
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=fe9e3b15c3375943bdfebbbb20dd6b4f1147b3b5d926248bd835d73247407430
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=gpl-2.0.txt
PKG_CPE_ID:=cpe:/a:arm:mbed_tls
PKG_CONFIG_DEPENDS:=CONFIG_LIBMBEDTLS_HAVE_SSE2
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/mbedtls/Default
TITLE:=Embedded SSL
URL:=https://tls.mbed.org
endef
define Package/mbedtls/Default/description
The aim of the mbedtls project is to provide a quality, open-source
cryptographic library written in C and targeted at embedded systems.
endef
define Package/libmbedtls
$(call Package/mbedtls/Default)
SECTION:=libs
CATEGORY:=Libraries
SUBMENU:=SSL
TITLE+= (library)
ABI_VERSION:=12
endef
define Package/libmbedtls/config
config LIBMBEDTLS_HAVE_SSE2
depends on PACKAGE_libmbedtls
bool
default y if !TARGET_x86_legacy && !TARGET_x86_geode
prompt "Enable use of x86 SSE2 instructions"
depends on x86_64 || i386
help
Use of SSE2 instructions greatly increase performance (up to
3x faster) with a minimum (~0.2%, or 23KB) increase in package
size, but it will bring no benefit if your hardware does not
support them, such as Geode GX and LX. In this case you may
save 23KB by saying yes here. AMD Geode NX, and Intel
Pentium 4 and above support SSE2.
endef
define Package/mbedtls-util
$(call Package/mbedtls/Default)
SECTION:=utils
CATEGORY:=Utilities
TITLE+= (utilities)
DEPENDS:=+libmbedtls
endef
define Package/libmbedtls/description
$(call Package/mbedtls/Default/description)
This package contains the mbedtls library.
endef
define Package/mbedtls-util/description
$(call Package/mbedtls/Default/description)
This package contains mbedtls helper programs for private key and
CSR generation (gen_key, cert_req)
endef
PKG_INSTALL:=1
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS))
CMAKE_OPTIONS += \
-DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
-DENABLE_TESTING:Bool=OFF \
-DENABLE_PROGRAMS:Bool=ON
define Build/Configure
$(Build/Configure/Default)
awk 'BEGIN { rc = 1 } \
/#define MBEDTLS_HAVE_SSE2/ { $$$$0 = "$(if $(CONFIG_LIBMBEDTLS_HAVE_SSE2),,// )#define MBEDTLS_HAVE_SSE2"; rc = 0 } \
{ print } \
END { exit(rc) }' $(PKG_BUILD_DIR)/include/mbedtls/config.h \
>$(PKG_BUILD_DIR)/include/mbedtls/config.h.new && \
mv $(PKG_BUILD_DIR)/include/mbedtls/config.h.new $(PKG_BUILD_DIR)/include/mbedtls/config.h
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/mbedtls $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.a $(1)/usr/lib/
endef
define Package/libmbedtls/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so.* $(1)/usr/lib/
endef
define Package/mbedtls-util/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gen_key $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/cert_req $(1)/usr/bin/
endef
$(eval $(call BuildPackage,libmbedtls))
$(eval $(call BuildPackage,mbedtls-util))
Reference in New Issue View Git Blame Copy Permalink