projects / openwrt / staging / nbd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
mbedtls: enable threading support
[openwrt/staging/nbd.git] / package / libs / mbedtls / Makefile
diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile
index 6adf091c3ce045b9aad0aa1491ede60a22e94395..502bf65ffc450f43e2628c19617ba55102a4d47a 100644 (file)
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@@ -8,21 +8,74 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mbedtls
-PKG_VERSION:=2.16.11
-PKG_RELEASE:=$(AUTORELEASE)
-PKG_USE_MIPS16:=0
+PKG_VERSION:=2.28.7
+PKG_RELEASE:=2
+PKG_BUILD_FLAGS:=no-mips16 gc-sections no-lto
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=c18e7e9abf95e69e425260493720470021384a1728417042060a35d0b7b18b41
+PKG_HASH:=1df6073f0cf6a4e1953890bf5e0de2a8c7e6be50d6d6c69fa9fefcb1d14e981a
 
 PKG_LICENSE:=GPL-2.0-or-later
 PKG_LICENSE_FILES:=gpl-2.0.txt
 PKG_CPE_ID:=cpe:/a:arm:mbed_tls
 
-PKG_CONFIG_DEPENDS := \
-       CONFIG_LIBMBEDTLS_DEBUG_C \
-       CONFIG_LIBMBEDTLS_HKDF_C
+MBEDTLS_BUILD_OPTS_CURVES= \
+  CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED \
+  CONFIG_MBEDTLS_ECP_DP_CURVE448_ENABLED
+
+MBEDTLS_BUILD_OPTS_CIPHERS= \
+  CONFIG_MBEDTLS_AES_C \
+  CONFIG_MBEDTLS_CAMELLIA_C \
+  CONFIG_MBEDTLS_CCM_C \
+  CONFIG_MBEDTLS_CMAC_C \
+  CONFIG_MBEDTLS_DES_C \
+  CONFIG_MBEDTLS_GCM_C \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED \
+  CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
+  CONFIG_MBEDTLS_NIST_KW_C \
+  CONFIG_MBEDTLS_RIPEMD160_C \
+  CONFIG_MBEDTLS_RSA_NO_CRT \
+  CONFIG_MBEDTLS_XTEA_C
+
+MBEDTLS_BUILD_OPTS= \
+  $(MBEDTLS_BUILD_OPTS_CURVES) \
+  $(MBEDTLS_BUILD_OPTS_CIPHERS) \
+  CONFIG_MBEDTLS_CERTS_C \
+  CONFIG_MBEDTLS_CIPHER_MODE_OFB \
+  CONFIG_MBEDTLS_CIPHER_MODE_XTS \
+  CONFIG_MBEDTLS_DEBUG_C \
+  CONFIG_MBEDTLS_ENTROPY_FORCE_SHA256 \
+  CONFIG_MBEDTLS_HKDF_C \
+  CONFIG_MBEDTLS_PLATFORM_C \
+  CONFIG_MBEDTLS_SELF_TEST \
+  CONFIG_MBEDTLS_SSL_RENEGOTIATION \
+  CONFIG_MBEDTLS_SSL_TRUNCATED_HMAC \
+  CONFIG_MBEDTLS_THREADING_C \
+  CONFIG_MBEDTLS_THREADING_PTHREAD \
+  CONFIG_MBEDTLS_VERSION_C \
+  CONFIG_MBEDTLS_VERSION_FEATURES
+
+PKG_CONFIG_DEPENDS := $(MBEDTLS_BUILD_OPTS)
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
@@ -43,29 +96,12 @@ $(call Package/mbedtls/Default)
   CATEGORY:=Libraries
   SUBMENU:=SSL
   TITLE+= (library)
-  ABI_VERSION:=12
+  ABI_VERSION:=13
+  MENU:=1
 endef
 
 define Package/libmbedtls/config
-config LIBMBEDTLS_DEBUG_C
-       depends on PACKAGE_libmbedtls
-       bool "Enable debug functions"
-       default n
-       help
-        This option enables mbedtls library's debug functions.
-
-        It increases the uncompressed libmbedtls binary size
-        by around 60 KiB (for an ARMv5 platform).
-
-        Usually, you don't need this, so don't select this if you're unsure.
-
-config LIBMBEDTLS_HKDF_C
-       depends on PACKAGE_libmbedtls
-       bool "Enable the HKDF algorithm (RFC 5869)"
-       default n
-       help
-        This option adds support for the Hashed Message Authentication Code
-        (HMAC)-based key derivation function (HKDF).
+       source "$(SOURCE)/Config.in"
 endef
 
 define Package/mbedtls-util
@@ -87,30 +123,22 @@ This package contains mbedtls helper programs for private key and
 CSR generation (gen_key, cert_req)
 endef
 
-TARGET_CFLAGS += -ffunction-sections -fdata-sections
 TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS))
 
 CMAKE_OPTIONS += \
+       -DCMAKE_POSITION_INDEPENDENT_CODE=ON \
        -DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
        -DENABLE_TESTING:Bool=OFF \
        -DENABLE_PROGRAMS:Bool=ON
 
-define Build/Configure
-       $(Build/Configure/Default)
-
-       awk 'BEGIN { rc = 1 } \
-            /#define MBEDTLS_DEBUG_C/ { $$$$0 = "$(if $(CONFIG_LIBMBEDTLS_DEBUG_C),,// )#define MBEDTLS_DEBUG_C"; rc = 0 } \
-            { print } \
-            END { exit(rc) }' $(PKG_BUILD_DIR)/include/mbedtls/config.h \
-            >$(PKG_BUILD_DIR)/include/mbedtls/config.h.new && \
-       mv $(PKG_BUILD_DIR)/include/mbedtls/config.h.new $(PKG_BUILD_DIR)/include/mbedtls/config.h
-
-       awk 'BEGIN { rc = 1 } \
-            /#define MBEDTLS_HKDF_C/ { $$$$0 = "$(if $(CONFIG_LIBMBEDTLS_HKDF_C),,// )#define MBEDTLS_HKDF_C"; rc = 0 } \
-            { print } \
-            END { exit(rc) }' $(PKG_BUILD_DIR)/include/mbedtls/config.h \
-            >$(PKG_BUILD_DIR)/include/mbedtls/config.h.new && \
-       mv $(PKG_BUILD_DIR)/include/mbedtls/config.h.new $(PKG_BUILD_DIR)/include/mbedtls/config.h
+define Build/Prepare
+       $(call Build/Prepare/Default)
+
+       $(if $(strip $(foreach opt,$(MBEDTLS_BUILD_OPTS),$($(opt)))),
+        $(foreach opt,$(MBEDTLS_BUILD_OPTS),
+        $(PKG_BUILD_DIR)/scripts/config.py \
+        -f $(PKG_BUILD_DIR)/include/mbedtls/config.h \
+        $(if $($(opt)),set,unset) $(patsubst CONFIG_%,%,$(opt))),)
 endef
 
 define Build/InstallDev
Felix Fietkaus staging tree