engine.mk is supposed to be included by engine packages, but it will not
be present in the SDK in the same place as in the main repository.
Move it to include/openssl-engine.mk to avoid this.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Co-authored-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* ncurses: add tmux terminfo
They're preferred terminal descriptions for tmux, with additional support to
some special characters and italic fonts. More info can be found at:
https://github.com/tmux/tmux/wiki/FAQ
Fixes: FS#3404
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
* ncurses: update to 6.3
release notes: https://invisible-island.net/ncurses/announce-6.3.html
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
Co-authored-by: Jitao Lu <dianlujitao@gmail.com>
Co-authored-by: Huangbin Zhan <zhanhb88@gmail.com>
This is a bugfix release. Changelog:
*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
forever for non-prime moduli. (CVE-2022-0778)
*) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
(RFC 5489) to the list of ciphersuites providing Perfect Forward
Secrecy as required by SECLEVEL >= 3.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
<https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0>
"Mbed TLS 2.28 is a long-time support branch.
It will be supported with bug-fixes and security
fixes until end of 2024."
<https://github.com/ARMmbed/mbedtls/blob/development/BRANCHES.md>
"Currently, the only supported LTS branch is: mbedtls-2.28.
For a short time we also have the previous LTS, which has
recently ended its support period, mbedtls-2.16.
This branch will move into the archive namespace around the
time of the next release."
this will also add support for uacme ualpn support.
size changes
221586 libmbedtls12_2.28.0-1_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(remark about 2.16's EOS, slightly reworded)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Backport fix for API breakage of SSL_get_verify_result() introduced in
v5.1.1-stable. In v4.8.1-stable SSL_get_verify_result() used to return
X509_V_OK when used on LE powered sites or other sites utilizing
relaxed/alternative cert chain validation feature. After an update to
v5.1.1-stable that API calls started returning X509_V_ERR_INVALID_CA
error and thus rendered all such connection attempts imposible:
$ docker run -it openwrt/rootfs:x86_64-21.02.2 sh -c "wget https://letsencrypt.org"
Downloading 'https://letsencrypt.org'
Connecting to 18.159.128.50:443
Connection error: Invalid SSL certificate
Fixes: #9283
References: https://github.com/wolfSSL/wolfssl/issues/4879
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This uses uci to configure engines, by generating a list of enabled
engines in /var/etc/ssl/engines.cnf from engines configured in
/etc/config/openssl:
config engine 'devcrypto'
option enabled '1'
Currently the only options implemented are 'enabled', which defaults to
true and enables the named engine, and the 'force' option, that enables
the engine even if the init script thinks the engine does not exist.
The existence test is to check for either a configuration file
/etc/ssl/engines.cnf.d/%ENGINE%.cnf, or a shared object file
/usr/lib/engines-1.1/%ENGINE%.so.
The engine list is generated by an init script which is set to run after
'log' because it informs the engines being enabled or skipped. It
should run before any service using OpenSSL as the crypto library,
otherwise the service will not use any engine.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This enables an engine during its package's installation, by adding it
to the engines list in /etc/ssl/engines.cnf.d/engines.cnf.
The engine build system was reworked, with the addition of an engine.mk
file that groups some of the engine packages' definitions, and could be
used by out of tree engines as well.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This changes the configuration of engines from the global openssl.cnf to
files in the /etc/ssl/engines.cnf.d directory. The engines.cnf file has
the list of enabled engines, while each engine has its own configuration
file installed under /etc/ssl/engines.cnf.d.
Patches were refreshed with --zero-commit.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* glibc: update to latest 2.33 HEAD (bug 28011)
b5711025bc x86_64: Remove unneeded static PIE check for undefined weak diagnostic
edfd11197e wordexp: handle overflow in positional parameter number (bug 28011)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* glibc: update to latest 2.33 HEAD (bug 28213)
9b01145592 MIPS: Setup errno for {f,l,}xstat
9c676ef514 RISC-V: Update rv64 ULPs
c6cadbf83a linux: Remove shmmax check from tst-sysvshm-linux
22d37364ae librt: add test (bug 28213)
27a78fd712 librt: fix NULL pointer dereference (bug 28213)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* toolchain: glibc: Update to version 2.34
glibc version 2.34 does not provide versioned shared libraries any more,
it only provides shared libraries using the ABI version. Do not try to
copy them any more.
The functions from libpthread and librt were integrated into the main
binary, the libpthread.so and librt.so are only used for backwards
compatibility any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* toolchain: glibc: Increase minimum kernel version to 5.4
Increase the minimum kernel version needed by the glibc compiled for
OpenWrt to version 5.4. With this setting the glibc build will remove
all code needed to support older kernel versions.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* toolchain: glibc: Enable --enable-bind-now
Enable --enable-bind-now when CONFIG_PKG_RELRO_FULL is set. This option
is activated by default. This will enable full RELRO protection.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* glibc: update to 2.34 HEAD
72123e1b56 NEWS: Add a bug entry for BZ #28755
08beb3a3f4 x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755]
b50d5b746c x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755]
1b9cd6a721 NEWS: add bug entry for BZ #28769 and BZ #28770
3438bbca90 Linux: Detect user namespace support in io/tst-getcwd-smallbuff
d084965adc realpath: Avoid overwriting preexisting error (CVE-2021-3998)
472e799a5f getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)
8c8a71c85f tst-realpath-toolong: Fix hurd build
f7a79879c0 realpath: Set errno to ENAMETOOLONG for result larger than PATH_MAX [BZ #28770]
73c362840c stdlib: Fix formatting of tests list in Makefile
269eb9d930 stdlib: Sort tests in Makefile
062ff490c1 support: Add helpers to create paths longer than PATH_MAX
82b1acd9de powerpc: Fix unrecognized instruction errors with recent binutils
1d401d1fcc x86: use default cache size if it cannot be determined [BZ #28784]
6890b8a3ae CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768)
1081f1d3dd sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542)
7b5d433fd0 CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542)
5575daae50 socket: Add the __sockaddr_un_set function
03e6e02e6a Disable debuginfod in printer tests [BZ #28757]
705f1e4606 Update syscall lists for Linux 5.16
2fe2af88ab i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bug 28771)
73558ffe84 Update syscall lists for Linux 5.15
e64235ff42 powerpc: Fix unrecognized instruction errors with recent GCC
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* toolchain: glibc: Remove patch for ARC700
The ARC700 target was renoved, this patch is not needed any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Hans Dedecker <dedeckeh@gmail.com>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes the following security problems:
* Zeroize several intermediate variables used to calculate the expected
value when verifying a MAC or AEAD tag. This hardens the library in
case the value leaks through a memory disclosure vulnerability. For
example, a memory disclosure vulnerability could have allowed a
man-in-the-middle to inject fake ciphertext into a DTLS connection.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
(out of memory). After that, calling mbedtls_ssl_session_free()
and mbedtls_ssl_free() would cause an internal session buffer to
be free()'d twice. CVE-2021-44732
The sizes of the ipk changed on MIPS 24Kc like this:
182454 libmbedtls12_2.16.11-2_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
* libs/wolfssl: add SAN (Subject Alternative Name) support
x509v3 SAN extension is required to generate a certificate compatible with
chromium-based web browsers (version >58)
It can be disabled via unsetting CONFIG_WOLFSSL_ALT_NAMES
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
* wolfssl: update to 5.1.1-stable
Bump from 4.8.1-stable to 5.1.1-stable
Detailed release notes: https://github.com/wolfSSL/wolfssl/releases
Upstreamed patches:
001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch -
fa8f23284d
002-Update-macro-guard-on-SHA256-transform-call.patch -
f447e4c1fa
Refreshed patches:
100-disable-hardening-check.patch
200-ecc-rng.patch
CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains
configure option
The size of the ipk changed on aarch64 like this:
491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk
520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk
Tested-by: Alozxy <alozxy@users.noreply.github.com>
Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Co-authored-by: Sergey V. Lobanov <sergey@lobanov.in>
session tickets are a feature of TLSv1.2 and require less memory
and overhead on the server than does managing a session cache
Building mbedtls with support for session tickets will allow the
feature to be used with lighttpd-1.4.56 and later.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This is a bugfix release. Changelog:
*) Avoid loading of a dynamic engine twice.
*) Fixed building on Debian with kfreebsd kernels
*) Prioritise DANE TLSA issuer certs over peer certs
*) Fixed random API for MacOS prior to 10.12
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Co-authored-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The http://www.us.tcpdump.org mirror will go offline soon, only use the
normal download URL.
Reported-by: Denis Ovsienko <denis@ovsienko.info>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
Backport an upstream patch that adds support for ELFv2 ABI on big endian
ppc64. As musl only supports ELFv2 ABI on ppc64 regardless of
endianness, this is required to be able to build OpenSSL for ppc64be.
Modify our targets patch to add linux-powerpc64-openwrt, which will use
the linux64v2 perlasm scheme. This will probably break the combination
ppc64 with glibc, but as we really only want to support musl, this
shouldn't be a problem.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>
Co-authored-by: Stijn Tintel <stijn@linux-ipv6.be>
fixing linking error when --enable-devcrypto=yes
fixes: 7d92bb050961 wolfssl: update to 4.8.1-stable
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
It's the default anyway and this just looks confusing, as if it wasn't.
Switch to AUTORELEASE while at it.
The binary size is unchanged.
Signed-off-by: Andre Heider <a.heider@gmail.com>
This gates out anything that might introduce semantically frivolous jitter,
maximizing chance of identical object files.
The binary size shrinks by 8kb:
1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
Signed-off-by: Andre Heider <a.heider@gmail.com>
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."
This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].
This is the recommended solution from upstream [1].
The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793
Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
Changes from 4.7.0:
Fix one high (OCSP verification issue) and two low vulnerabilities
Improve compatibility layer
Other improvements and fixes
For detailed changes refer to https://github.com/wolfSSL/wolfssl/releases
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
This version fixes two vulnerabilities:
- SM2 Decryption Buffer Overflow (CVE-2021-3711)
Severity: High
- Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
Severity: Medium
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Co-authored-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This enables building of rpcapd and adds it as a package.
It is a daemon that allows remote packet capturing from another machine.
E.g. Wireshark can talk to it using the Remote Capture Protocol (RPCAP).
https://www.tcpdump.org/manpages/rpcapd.8.html
Compile and run tested: OpenWrt SNAPSHOT r17190-2801fe6132 on x86/64
Signed-off-by: Stephan Schmidtmer <hurz@gmx.org>
Co-authored-by: Stephan Schmidtmer <hurz@gmx.org>
* elfutils: update to 0.182
Add --disable-libdebuginfod with remove libcurl dependency.
Remove totally unused host elfutils.
Refreshed and rebased patches.
Also happens to fix compilation with GCC11.
Newer versions of elfutils seem to have some kind of dependency on
obstack.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libcap: update to 2.51
Switched to AUTORELEASE to avoid manual increments.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libnftnl: update to 1.2.0
Switch to AUTORELEASE to avoid manual increments.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libpcap: update to 1.10.1
Switch to AUTORELEASE to avoid manual increments.
Refreshed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* mbedtls: update to 2.16.11
Switched to AUTORELEASE to avoid manual increments.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* nettle: update to 3.7.3
Switch to AUTORELEASE to avoid manual increments.
Refreshed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* pcre: update to 8.45
Switch to AUTORELEASE to avoid manual increments.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Co-authored-by: Rosen Penev <rosenp@gmail.com>
This adds conflicts between variants of libustream pacakge.
They provide the same file and thus it should not be possible to install
them side by side.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Security fixes:
* Fix a buffer overflow in mbedtls_mpi_sub_abs()
* Fix an errorneous estimation for an internal buffer in
mbedtls_pk_write_key_pem()
* Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout()
* Guard against strong local side channel attack against base64 tables
by making access aceess to them use constant flow code
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Co-authored-by: Magnus Kroken <mkroken@gmail.com>
This version fixes 2 security vulnerabilities, among other changes:
- CVE-2021-3450: problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag.
- CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Co-authored-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* mbedtls: update to 2.16.9
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* mbedtls: Implements AES and GCM with ARMv8 Crypto Extensions
A compact patch that provides AES and GCM implementations that utilize the
ARMv8 Crypto Extensions. The config flag is MBEDTLS_ARMV8CE_AES_C, which
is disabled by default as we don't do runtime checking for the feature.
The new implementation lives in armv8ce_aes.c.
Provides similar functionality to https://github.com/ARMmbed/mbedtls/pull/432
Thanks to Barry O'Rourke and others for that contribtion.
Tested on a Cortex A53 device and QEMU. On a midrange phone the real AES-GCM
throughput increases about 4x, while raw AES speed is up to 10x faster.
[updated Makefile to enable this function, adjusted commit message]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Co-authored-by: Rosen Penev <rosenp@gmail.com>
Co-authored-by: QiuSimons <45143996+QiuSimons@users.noreply.github.com>
This fixes 4 security vulnerabilities/bugs:
- CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support
SSLv2, but the affected functions still exist. Considered just a bug.
- CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate may overflow the output length argument in some
cases where the input length is close to the maximum permissable
length for an integer on the platform. In such cases the return value
from the function call will be 1 (indicating success), but the output
length value will be negative.
- CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to
create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it was failing to
correctly handle any errors that may occur while parsing the issuer
field (which might occur if the issuer field is maliciously
constructed). This may subsequently result in a NULL pointer deref and
a crash leading to a potential denial of service attack.
- Fixed SRP_Calc_client_key so that it runs in constant time. This could
be exploited in a side channel attack to recover the password.
The 3 CVEs above are currently awaiting analysis.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Co-authored-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
