[OpenWrt-Devel] [PATCH 0/3] wolfssl update

Eneas U de Queiroz cotequeiroz at gmail.com
Tue Jun 25 21:49:44 EDT 2019


This series updates wolfssl to version 3.15.7, which includes a security
fix.

Many of the build options were not being used, and are always built into
the library because of an uncondition --enable-stunnel option, so they
can be removed.  Since they were selected by hostapd, they are being
removed there as well.  The hostapd change includes the removal of the
selection of the library itself, allowing the package to be built as a
module.

This version adds support to hardware acceleration using /dev/crypto and
AF_ALG.

The library was run-tested on WRT-3200ACM using uhttpd with different
options, turning them on one by one cumulatively.  The size varied from
226K with all options off, to 309K with all options.

Enabling hardware acelleration and AES-CCM at the same time results in a
build failure, which dents my confidence in them.  Nonetheless, uhttpd
connects without a problem, and I can confirm /dev/crypto or AF_ALG
sockets open.

The package currently lacks a maintainer, so I've added myself.  I've
split the changes in 3 commits: one just with the version bump and some
minor Makefile changes; a second big one, more prone to trouble, and the
third one adjusting removed wolfssl options in hostapd.

Eneas U de Queiroz (3):
  wolfssl: update to 3.15.7, fix Makefile
  wolfssl: reorganize, add build options
  hostapd: adjust removed wolfssl options

 package/libs/wolfssl/Config.in                |  53 +++++---
 package/libs/wolfssl/Makefile                 | 122 +++++-------------
 .../patches/100-disable-hardening-check.patch |   4 +-
 .../900-remove-broken-autoconf-macros.patch   |   2 +-
 package/network/services/hostapd/Config.in    |   4 -
 5 files changed, 70 insertions(+), 115 deletions(-)


_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list