From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [git commit branch/2020.02.x] package/tinydtls: security bump to version 0.9-rc1
Date: Wed, 15 Jul 2020 21:42:42 +0200 [thread overview]
Message-ID: <20200715195254.62EE686D40@busybox.osuosl.org> (raw)
commit: https://git.buildroot.net/buildroot/commit/?id=130760e1021c4ad1900940e84d1345e9bd7255b4
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.02.x
- Switch site to github
- License is now EPL-1.0 or EDL-1.0 as specified in the new LICENSE file
- Update indentation of hash file (two spaces)
- Drop first patch (already in version) and second patch (not needed since
https://github.com/eclipse/tinydtls/commit/f1ff324a4d1cc14dc6e1c3a88ea16f0242e106de)
- Fix CVE-2017-7243 as specified in
https://github.com/eclipse/tinydtls/issues/12 as well as other
security issues:
https://github.com/eclipse/tinydtls/commit/68a1cdaff9e329e13ea59529f1eb61b05632c297
https://github.com/eclipse/tinydtls/commit/494a40dfbb174930ca616e560532d52549736b42
https://github.com/eclipse/tinydtls/commit/2d9f0a82377277af1be8d559d18e30477d63e8ec
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1d14a3349dd50c245fed4b5a9d2c77b9964571e6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
...te-Makefile.in-to-allow-cross-compilation.patch | 170 ---------------------
.../0002-Fix-compilation-of-tests-directory.patch | 31 ----
package/tinydtls/Config.in | 2 +-
package/tinydtls/tinydtls.hash | 4 +-
package/tinydtls/tinydtls.mk | 12 +-
5 files changed, 9 insertions(+), 210 deletions(-)
diff --git a/package/tinydtls/0001-Update-Makefile.in-to-allow-cross-compilation.patch b/package/tinydtls/0001-Update-Makefile.in-to-allow-cross-compilation.patch
deleted file mode 100644
index 5e91f2ee5d..0000000000
--- a/package/tinydtls/0001-Update-Makefile.in-to-allow-cross-compilation.patch
+++ /dev/null
@@ -1,170 +0,0 @@
-From a6f312dfb4497d5e72664c4772a8b122e25b81d8 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fabrice.fontaine@orange.com>
-Date: Tue, 26 Jul 2016 09:09:53 +0200
-Subject: [PATCH] Update Makefile.in to allow cross-compilation
-
-Use CC, CPP and DESTDIR environment variables passed to configure in Makefile.in files
-Fix definition of LIBS and LDFLAGS (LDFLAGS was set to @LIBS@)
-
-Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
----
- Makefile.in | 13 ++++++++-----
- aes/Makefile.in | 7 +++++--
- doc/Makefile.in | 4 ++--
- ecc/Makefile.in | 7 +++++--
- sha2/Makefile.in | 7 +++++--
- tests/Makefile.in | 4 +++-
- 6 files changed, 28 insertions(+), 14 deletions(-)
-
-diff --git a/Makefile.in b/Makefile.in
-index 38cc665..7dcd424 100644
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -40,7 +40,9 @@ OBJECTS:= $(patsubst %.c, %.o, $(SOURCES)) $(SUB_OBJECTS)
- HEADERS:=dtls.h hmac.h dtls_debug.h dtls_config.h uthash.h numeric.h crypto.h global.h ccm.h \
- netq.h alert.h utlist.h prng.h peer.h state.h dtls_time.h session.h \
- tinydtls.h
-+CC:=@CC@
- CFLAGS:=-Wall -pedantic -std=c99 @CFLAGS@
-+CPP:=@CPP@
- CPPFLAGS:=@CPPFLAGS@ -DDTLS_CHECK_CONTENTTYPE
- SUBDIRS:=tests doc platform-specific sha2 aes ecc
- DISTSUBDIRS:=$(SUBDIRS)
-@@ -48,7 +50,8 @@ DISTDIR=$(top_builddir)/$(package)
- FILES:=Makefile.in configure configure.in dtls_config.h.in tinydtls.h.in \
- Makefile.tinydtls $(SOURCES) $(HEADERS)
- LIB:=libtinydtls.a
--LDFLAGS:=@LIBS@
-+LDFLAGS:=@LDFLAGS@
-+LIBS:=@LIBS@
- ARFLAGS:=cru
- doc:=doc
-
-@@ -100,10 +103,10 @@ dist: $(FILES) $(DISTSUBDIRS)
- tar czf $(package).tar.gz $(DISTDIR)
-
- install: $(LIB) $(HEADERS) $(SUBDIRS)
-- test -d $(libdir) || mkdir -p $(libdir)
-- test -d $(includedir) || mkdir -p $(includedir)
-- $(install) $(LIB) $(libdir)/
-- $(install) $(HEADERS) $(includedir)/
-+ test -d $(DESTDIR)$(libdir) || mkdir -p $(DESTDIR)$(libdir)
-+ test -d $(DESTDIR)$(includedir) || mkdir -p $(DESTDIR)$(includedir)
-+ $(install) $(LIB) $(DESTDIR)$(libdir)/
-+ $(install) $(HEADERS) $(DESTDIR)$(includedir)/
- for dir in $(SUBDIRS); do \
- $(MAKE) -C $$dir install="$(install)" includedir=$(includedir) install; \
- done
-diff --git a/aes/Makefile.in b/aes/Makefile.in
-index 7c9f6ef..9ff7799 100644
---- a/aes/Makefile.in
-+++ b/aes/Makefile.in
-@@ -28,8 +28,11 @@ top_srcdir:= @top_srcdir@
- SOURCES:= rijndael.c
- HEADERS:= rijndael.h
- OBJECTS:= $(patsubst %.c, %.o, $(SOURCES))
-+CPP=@CPP@
- CPPFLAGS=@CPPFLAGS@
-+CC=@CC@
- CFLAGS=-Wall -std=c99 -pedantic @CFLAGS@
-+LDFLAGS=@LDFLAGS@
- LDLIBS=@LIBS@
- FILES:=Makefile.in $(SOURCES) $(HEADERS)
- DISTDIR=$(top_builddir)/@PACKAGE_TARNAME at -@PACKAGE_VERSION@
-@@ -60,8 +63,8 @@ dist: $(FILES)
- cp -p $(FILES) $(DISTDIR)/aes
-
- install: $(HEADERS)
-- test -d $(includedir)/aes || mkdir -p $(includedir)/aes
-- $(install) $(HEADERS) $(includedir)/aes
-+ test -d $(DESTDIR)$(includedir)/aes || mkdir -p $(DESTDIR)$(includedir)/aes
-+ $(install) $(HEADERS) $(DESTDIR)$(includedir)/aes
-
- .gitignore:
- echo "core\n*~\n*.[oa]\n*.gz\n*.cap\n$(PROGRAM)\n$(DISTDIR)\n.gitignore" >$@
-diff --git a/doc/Makefile.in b/doc/Makefile.in
-index a07101e..5ab0a35 100644
---- a/doc/Makefile.in
-+++ b/doc/Makefile.in
-@@ -32,5 +32,5 @@ dist: doc
- cp -r $(FILES) $(DISTDIR)/doc
-
- install: $(doc) html
-- test -d $(htmldir) || mkdir -p $(htmldir)
-- cp -r html/* $(htmldir)
-+ test -d $(DESTDIR)$(htmldir) || mkdir -p $(DESTDIR)$(htmldir)
-+ cp -r html/* $(DESTDIR)$(htmldir)
-diff --git a/ecc/Makefile.in b/ecc/Makefile.in
-index 2ba17a1..2086d4f 100644
---- a/ecc/Makefile.in
-+++ b/ecc/Makefile.in
-@@ -36,8 +36,11 @@ include Makefile.contiki
- else
- ECC_OBJECTS:= $(patsubst %.c, %.o, $(ECC_SOURCES)) ecc_test.o
- PROGRAMS:= testecc testfield
-+CPP=@CPP@
- CPPFLAGS=@CPPFLAGS@
-+CC=@CC@
- CFLAGS=-Wall -std=c99 -pedantic @CFLAGS@ -DTEST_INCLUDE
-+LDFLAGS=@LDFLAGS@
- LDLIBS=@LIBS@
-
- .PHONY: all dirs clean install distclean .gitignore doc
-@@ -74,8 +77,8 @@ dist: $(FILES)
- cp -p $(FILES) $(DISTDIR)/ecc
-
- install: $(HEADERS)
-- test -d $(includedir)/ecc || mkdir -p $(includedir)/ecc
-- $(install) $(HEADERS) $(includedir)/ecc
-+ test -d $(DESTDIR)$(includedir)/ecc || mkdir -p $(DESTDIR)$(includedir)/ecc
-+ $(install) $(ECC_HEADERS) $(DESTDIR)$(includedir)/ecc
-
- .gitignore:
- echo "core\n*~\n*.[oa]\n*.gz\n*.cap\n$(PROGRAM)\n$(DISTDIR)\n.gitignore" >$@
-diff --git a/sha2/Makefile.in b/sha2/Makefile.in
-index 9f19314..69f8793 100644
---- a/sha2/Makefile.in
-+++ b/sha2/Makefile.in
-@@ -28,8 +28,11 @@ top_srcdir:= @top_srcdir@
- SOURCES:= sha2.c
- HEADERS:=sha2.h
- OBJECTS:= $(patsubst %.c, %.o, $(SOURCES))
-+CPP=@CPP@
- CPPFLAGS=@CPPFLAGS@ -I$(top_srcdir)
-+CC=@CC@
- CFLAGS=-Wall -std=c99 -pedantic @CFLAGS@
-+LDFLAGS=@LDFLAGS@
- LDLIBS=@LIBS@
- FILES:=Makefile.in $(SOURCES) $(HEADERS) README sha2prog.c sha2speed.c sha2test.pl
- DISTDIR=$(top_builddir)/@PACKAGE_TARNAME at -@PACKAGE_VERSION@
-@@ -62,8 +65,8 @@ dist: $(FILES)
- cp -pr testvectors $(DISTDIR)/sha2/testvectors
-
- install: $(HEADERS)
-- test -d $(includedir)/sha2 || mkdir -p $(includedir)/sha2
-- $(install) $(HEADERS) $(includedir)/sha2
-+ test -d $(DESTDIR)$(includedir)/sha2 || mkdir -p $(DESTDIR)$(includedir)/sha2
-+ $(install) $(HEADERS) $(DESTDIR)$(includedir)/sha2
-
- .gitignore:
- echo "core\n*~\n*.[oa]\n*.gz\n*.cap\n$(PROGRAM)\n$(DISTDIR)\n.gitignore" >$@
-diff --git a/tests/Makefile.in b/tests/Makefile.in
-index a8a2ed0..b45f440 100644
---- a/tests/Makefile.in
-+++ b/tests/Makefile.in
-@@ -32,9 +32,11 @@ SOURCES:= dtls-server.c ccm-test.c prf-test.c \
- OBJECTS:= $(patsubst %.c, %.o, $(SOURCES))
- PROGRAMS:= $(patsubst %.c, %, $(SOURCES))
- HEADERS:=
-+CC:=@CC@
- CFLAGS:=-Wall @CFLAGS@
-+CPP:=@CPP@
- CPPFLAGS:=-I$(top_srcdir) @CPPFLAGS@
--LDFLAGS:=-L$(top_builddir)
-+LDFLAGS:=-L$(top_builddir) @LDFLAGS@
- LDLIBS:=-ltinydtls @LIBS@
- DISTDIR=$(top_builddir)/@PACKAGE_TARNAME at -@PACKAGE_VERSION@
- FILES:=Makefile.in $(SOURCES) ccm-testdata.c #cbc_aes128-testdata.c
---
-2.7.4
-
diff --git a/package/tinydtls/0002-Fix-compilation-of-tests-directory.patch b/package/tinydtls/0002-Fix-compilation-of-tests-directory.patch
deleted file mode 100644
index 0ab579c45e..0000000000
--- a/package/tinydtls/0002-Fix-compilation-of-tests-directory.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From c629a108f5d03cd365c0ba71143ad507f6cd97f0 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fabrice.fontaine@orange.com>
-Date: Thu, 28 Jul 2016 08:36:06 +0200
-Subject: [PATCH] Fix compilation of tests directory
-
-binaries in tests subdirectory depends on libtinydtls so add $(LIB) dependency
-for dirs target in Makefile.in
-
-Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
----
- Makefile.in | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Makefile.in b/Makefile.in
-index 7dcd424..c493705 100644
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -68,8 +68,8 @@ check:
- echo top_builddir: $(top_builddir)
- $(MAKE) -C tests check
-
--dirs: $(SUBDIRS)
-- for dir in $^; do \
-+dirs: $(LIB) $(SUBDIRS)
-+ for dir in $(SUBDIRS); do \
- $(MAKE) -C $$dir ; \
- done
-
---
-2.7.4
-
diff --git a/package/tinydtls/Config.in b/package/tinydtls/Config.in
index 2f90eb2436..98cbbb5875 100644
--- a/package/tinydtls/Config.in
+++ b/package/tinydtls/Config.in
@@ -7,7 +7,7 @@ config BR2_PACKAGE_TINYDTLS
machine. It is implemented in C and provides support for
the mandatory cipher suites specified in CoAP.
- https://sourceforge.net/projects/tinydtls
+ https://projects.eclipse.org/projects/iot.tinydtls
comment "tinydtls needs a toolchain w/ threads"
depends on !BR2_TOOLCHAIN_HAS_THREADS
diff --git a/package/tinydtls/tinydtls.hash b/package/tinydtls/tinydtls.hash
index 66644df7a1..be6bf182e7 100644
--- a/package/tinydtls/tinydtls.hash
+++ b/package/tinydtls/tinydtls.hash
@@ -1,3 +1,3 @@
# Locally computed:
-sha256 ccf6d8fbae03fb2e0ba32878ed8e57d8b4f73538b1064df90a3e764da5fac010 tinydtls-0.8.2.tar.gz
-sha256 65fbf31c3551633e7dcc051fac80f2c1a73b0b077af9ed564d726155dfc40513 tinydtls.h
+sha256 af73742835b5a66dc0b4a9c126ca8243b5db2986b4969d76e2b4531aa7e13f67 tinydtls-0.9-rc1.tar.gz
+sha256 7e906fb56da52bb6bba38e77eec00e7d37fe65b0b7b28c4bf68ff036573d0de5 LICENSE
diff --git a/package/tinydtls/tinydtls.mk b/package/tinydtls/tinydtls.mk
index fe250014ca..e683dea1a0 100644
--- a/package/tinydtls/tinydtls.mk
+++ b/package/tinydtls/tinydtls.mk
@@ -4,13 +4,13 @@
#
################################################################################
-TINYDTLS_REL = r5
-TINYDTLS_VERSION = 0.8.2
-TINYDTLS_SITE = http://downloads.sourceforge.net/project/tinydtls/$(TINYDTLS_REL)
-TINYDTLS_LICENSE = MIT
-TINYDTLS_LICENSE_FILES = tinydtls.h
+TINYDTLS_VERSION = 0.9-rc1
+TINYDTLS_SITE = $(call github,eclipse,tinydtls,v$(TINYDTLS_VERSION))
+TINYDTLS_LICENSE = EPL-1.0 or EDL-1.0
+TINYDTLS_LICENSE_FILES = LICENSE
TINYDTLS_INSTALL_STAGING = YES
-TINYDTLS_STRIP_COMPONENTS = 2
+# From git
+TINYDTLS_AUTORECONF = YES
# use inttypes.h data types instead of u_intXX_t for musl compatibility
TINYDTLS_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -DSHA2_USE_INTTYPES_H"
reply other threads:[~2020-07-15 19:42 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200715195254.62EE686D40@busybox.osuosl.org \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.