him411/openwrt-6.x
1
0
Fork 0
mirror of https://github.com/LiBwrt-op/openwrt-6.x.git synced 2026-01-06 11:14:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
28d8e6a871
openwrt-6.x/package/libs
History
Andre Heider 28d8e6a871 wolfssl: build with WOLFSSL_ALT_CERT_CHAINS 
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."

This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].

This is the recommended solution from upstream [1].

The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f

[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793

Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
2021-10-17 16:25:10 +02:00
..
argp-standalone
elfutils elfutils: update to 0.182 2021-08-08 19:50:46 +02:00
gettext
gettext-full gettext-full: disable parallel compilation 2021-08-08 19:50:46 +02:00
gmp gmp: update to 6.2.1 2021-02-14 19:38:15 +01:00
jansson jansson: Activate link time optimization (LTO) 2020-09-06 20:30:18 +02:00
libaudit libaudit: add host-build required by policycoreutils/host 2020-09-01 14:24:07 +01:00
libbsd
libcap libcap: update to 2.51 2021-08-08 19:50:46 +02:00
libevent2 libevent2: update to 2.1.12 2021-02-14 19:38:15 +01:00
libiconv
libiconv-full libiconv-full: Makefile polishing 2020-11-26 13:09:32 -10:00
libjson-c libjson-c: remove old math patch 2021-08-30 19:16:49 -10:00
libmnl
libnetfilter-conntrack libnetfilter-conntrack: update to 1.0.8 2020-12-15 00:18:12 +01:00
libnfnetlink libnfnetlink: quote $(FPIC) on command line 2021-03-19 13:37:51 -10:00
libnftnl libnftnl: update to 1.2.0 2021-08-08 19:50:46 +02:00
libnl
libnl-tiny treewide: unmark selected packages nonshared 2021-07-02 18:12:15 +02:00
libpcap libpcap: update to 1.10.1 2021-08-08 19:50:46 +02:00
libselinux libselinux: update to version 3.2 2021-03-08 21:27:35 +00:00
libsemanage libsemanage: fix pkgconfig paths 2021-04-15 11:54:14 +01:00
libsepol libsepol: update to version 3.2 2021-03-08 21:27:35 +00:00
libtool
libubox libubox: update to the latest version 2021-08-24 17:35:45 +02:00
libunwind libunwind: Add MIPS64 dep check 2021-03-01 00:34:23 +01:00
libusb libusb: Fix parsing of descriptors for multi-configuration devices 2021-02-21 10:12:10 -10:00
mbedtls mbedtls: update to 2.16.11 2021-08-08 19:50:46 +02:00
musl-fts
ncurses ncurses: add screen-256color terminfo 2021-03-29 13:47:55 -10:00
nettle nettle: update to 3.7.3 2021-08-08 19:50:46 +02:00
openssl openssl: bump to 1.1.1l 2021-08-26 21:37:20 +02:00
pcre pcre: update to 8.45 2021-08-08 19:50:46 +02:00
popt
readline readline: update to 8.1 2021-02-14 19:38:15 +01:00
sysfsutils
toolchain toolchain: remove uClibc install stuff 2020-12-22 19:11:50 +01:00
uclibc++
uclient uclient: update to Git version 2021-05-14 2021-05-14 23:40:42 +02:00
ustream-ssl ustream-ssl: variants conflict with each other 2021-06-21 18:48:03 -10:00
wolfssl wolfssl: build with WOLFSSL_ALT_CERT_CHAINS 2021-10-17 16:25:10 +02:00
zlib zlib: properly split patches 2021-02-24 14:08:29 +01:00