Commit Graph

6 Commits

Author SHA1 Message Date
Peter Korsgaard
9f57959147 cryptopp: fixup DOS newlines in CVE-2016-9939 patch
The patch did contain the correct newlines, but they got stripped by
patchwork so now the patch no longer applies.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-29 00:01:54 +01:00
Peter Korsgaard
222808a4b6 cryptopp: add upstream security fix for CVE-2016-9939
Fixes security issue (DoS) in Crypto++ ASN1 decoder:

https://github.com/weidai11/cryptopp/issues/346

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-28 11:18:09 +01:00
Gustavo Zacarias
bb50481b36 cryptopp: use $(HOST_MAKE_ENV) when calling $(MAKE)
Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-10-29 15:52:32 +02:00
Thomas Petazzoni
da90437be7 cryptopp: bump to 5.6.5
This commit bumps cryptopp from 5.6.3 to 5.6.5 in order to fix bug

The commit f707b9ef1688d4429ca6239cf2dc236440974681, which Buildroot
was downloading as a patch to fix build with older gcc versions, has
been merged upstream as of 5.6.4, is therefore no longer necessary,
and dropped in this commit.

In addition, Andrey Volkov in the bug report #9321, proposed to add a
number of patches to cryptopp to solve issues when using
tegrarcm. Those patches are the following ones:

 - patch 0: moving to autotools as the build system. This is not
   strictly a bug fix, and is not necessary.

 - patch 1: merged upstream in
   "3941be18891a6a87626b7c70f715ca91c61c08c3 Fixed hang on ARM
   platforms in Integer::DivideThreeWordsByTwo", which is part of
   5.6.5.

 - patch 2: merged upstream in
   "9fca0c28023a177106cf58a3de6da610f185a6e4 Work around issue on
   ARMEL in MultiplyTop and GCC. ARMHF is OK", which is part of 5.6.5.

 - patch 3: merged upstream in
   "dce2317195a7d9aa77b159fd1beddaf8358f6243 Increase range for GCC
   workaround on ARMEL. After speaking with AP from GCC, he states
   some issues are still likely present in Master, which is GCC 6.0",
   which is part of 5.6.5

 - patch 4: merged upstream in
   "605744d8260c6ada033805c13ae0b2646acf18d6 Fixed SecBlock append
   when "this == t", fixed assert, added validation test (Issue 92)",
   which is part of 5.6.5

 - patch 5: merged upstream in
   "9f335d719ebc27f58251559240de0077ec42c583 Fix the Rijndael timing
   attack counter measure", which is part of 5.6.5

 - patch 6: merged upstream in
   "d8b02cfaafd7350ed0f876cd5da405cff330d537 Fixed m68k detection
   (Issue 153)", which is part of 5.6.5

 - patch 7: merged upstream in
   "c82fd655ed7465db8d21a0e0559c304a7a86d298 Cleared assert in debug
   builds (Issue 138)", which is part of 5.6.5

Bottom line: none of the patches proposed by Andrey Volkov are
necessary if we bump to 5.6.5.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-10-22 22:26:32 +02:00
Julian Scheel
b4ccab9060 package/cryptopp: Backport gcc compatibility patch
Import patch from cryptopp upstream which fixes the gcc version checks
for using attribute deprecated with messages. Fixes build with host
gcc versions < 4.5.

Signed-off-by: Julian Scheel <julian@jusst.de>
[Thomas:
 - directly use the patch from upstream through <pkg>_PATCH rather
   than storing it in package/cryptopp/, as it helps avoiding
   line-endings problems: upstream has the source code with DOS line
   endings.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-28 13:50:03 +02:00
Julian Scheel
615a04b2c3 cryptopp: new package
Signed-off-by: Julian Scheel <julian@jusst.de>
[Thomas:
 - put HOST_CRYPTOPP_EXTRACT_CMDS earlier in the file, since it's what
   gets executed first.
 - fix typo in the name of HOST_CRYPTOPP_MAKE_OPTS
 - pass -fPIC in CXXFLAGS, since we're building a shared library
 - just call "make shared" for the build and "make install" for the
   installation.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-19 21:38:50 +02:00