Network Security Services (NSS) is a set of libraries designed
to support cross-platform development of security-enabled client
and server applications. Applications built with NSS can support
SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME,
X.509 v3 certificates, and other security standards.
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Netscape Portable Runtime (NSPR) provides a platform-neutral API for
system level and libc-like functions. The API is used in the Mozilla
clients, many of Red Hat's and Oracle's server applications, and
other software offerings.
this is needed for nss libraries
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Must depend on cpp for the unconditional --enable-cpp, or the build can
fail when CONFIG_PACKAGE_libpcrecpp is unset and nothing else has built
the c++ toolchain:
configure: error: Invalid C++ compiler or C++ compiler flags
Makefile:97: recipe for target '/usr/local/src/lede/build_dir/target-mipsel_24kc_musl/pcre-8.42/.configured_68b329da9893e34099c7d8ad5cb9c940' failed
make[3]: *** [/usr/local/src/lede/build_dir/target-mipsel_24kc_musl/pcre-8.42/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1
make[3]: Leaving directory '/usr/local/src/lede/feeds/packages/libs/pcre'
time: package/feeds/packages/pcre/compile#4.48#0.30#6.88
package/Makefile:107: recipe for target 'package/feeds/packages/pcre/compile' failed
Fixes: 17090fecf1 ("pcre: Fix compile of libpcrecpp")
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Having CONFLICTS for each variant in the other variant causes recursive dependency error, even though the two variants do conflict with each other. This commit removes one of the CONFLICT lines.
Build now completes without error on SDK.
Signed-off-by: Rob White <rob@blue-wave.net>
Google's gflags library is a C++ library that implements command line
flags processing. Adding the library so that it can used when compiling
other C++ programs.
Signed-off-by: Amol Bhave <ambhave@fb.com>
Jose is acommand line utility for performing various tasks on JSON
Object Signing and Encryption (JOSE) objects. José provides a full
crypto stack including key generation, signing and encryption.
Added: 198f720742
Signed-off-by: Tibor Dudlák <tibor.dudlak@gmail.com>
bump glog version from 0.3.5 to 0.4.0
Tested by building another package which depends on glog and verify that
it builds successfully.
Signed-off-by: Amol Bhave <ambhave@fb.com>
ICU 64 updates to Unicode 12 and to CLDR 35 locale data with many additions and corrections
And Workaround for ICU-20531 : https://unicode-org.atlassian.net/browse/ICU-20531
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This change adds the ability to produce host static build for the
libdouble-conversion library. Other host build tools can now depend on
this library if they need it.
Tested on a x86_64 host build machine.
make package/libdouble-conversion/host/compile produces
staging_dir/hostpkg/lib/libdouble-conversion.a file
Signed-off-by: Amol Bhave <ambhave@fb.com>
RE2 is a fast, safe, thread-friendly alternative to backtracking regular
expression engines like those used in PCRE, Perl, and Python. It is a
C++ library.
Signed-off-by: Amol Bhave <ambhave@fb.com>
Botan (Japanese for peony) is a cryptography library written in C++11
and released under the permissive Simplified BSD license.
Botan's goal is to be the best option for cryptography in new C++ code
by offering the tools necessary to implement a range of practical
systems, such as TLS/DTLS, PKIX certificate handling, PKCS#11 and TPM
hardware support, password hashing, and post quantum crypto schemes. In
addition to the C++, botan has a C89 API specifically designed to be
easy to call from other languages. A Python binding using ctypes calling
the C89 API is included.
github: https://github.com/randombit/botan
Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
Maintainer: Alexander Couzens lynxis@fe80.eu
Compile Tested: Snapshot SDK
Run Tested: target - ath79, hardware - gl-ar300m16, package - nodogsplash v3.2.1 and nodogsplash v3.3.1-beta, Openwrt Snapshot.
Description: Fix for issue #8180 and resubmitted PR #8563 - Any package with a dependency on the non-ssl version of libmicrohttpd ends up with the ssl version along with libgcrypt, libgnutls, .. This fix reverts the no-ssl version name from libmicrohttpd back to libmicrohttpd-no-ssl as it was in previous versions.
The two package names will now be libmicrohttpd-no-ssl and libmicrohttpd-ssl.
Signed-off-by: Rob White <rob@blue-wave.net>
log4cplus is a simple to use C++11 logging API providing thread--safe,
flexible, and arbitrarily granular control over log management and
configuration. It is modeled after the Java log4j API.
wiki: https://sourceforge.net/p/log4cplus/wiki/Home/
github: https://github.com/log4cplus/log4cplus
Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
Cleaned up configure arguments (alphabetized and sorted) and added some
new ones to help speed up compilation.
Disabled SSL support by default. SSLv2 and 3 have long been deprecated as
they are both insecure variants that currently hold less than 10% of total
encrypted traffic on the web.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Removed most patches as they are no longer necessary for compilation.
Added some compiler and linker flags to reduce size.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
- CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
- CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
- CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
- CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
- CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
- CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
- CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
- CVE-2019-3862
Out-of-bounds memory comparison
- CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Revert the addition of build dependency in commit 2d1694ff7
to a non-existent host build of zlib.
The host build of zlib was removed already in April 2018 by
8dcd941d8b (diff-1ed408c61d79f9c6c5d197333e94ce8d)
which made zlib a build tool defined in /tools
The newly introduced build dependency causes always a warning like:
WARNING: Makefile 'package/feeds/packages/postgresql/Makefile'
has a build dependency on 'zlib/host', which does not exist
Not sure what was the error that 2d1694ff7 tried to fix,
but reference to a non-existent host build is not the solution.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
With crypt(3) password storage scheme enabled, OpenLDAP can receive and
store SHA-256 and SHA-512 password hashes from Samba AD-DC. Without
crypt(3), synchronization of passwords between Samba AD-DC (v4.5 and
above) and OpenLDAP requires use of cleartext passwords.
To use password hashes from Samba, OpenLDAP must be compiled with
--enable-crypt switch. This patch introduces a new configuration
parameter to enable the use of crypt(3) function by OpenLDAP.
Enabling crypt(3) increases the size of slapd binary by 12 bytes on
the x86_64 target and by only 4 bytes on the ipq806x target.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
If the cpp lib is added after pcre is first compiled, pcre will
not be reconfigured and the build will fail.
Fix this by always building the cpp parts.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
spotted on buildbot trying postgresql/host build:
configure: error: zlib library not found
Fix this by adding zlib/host to HOST_BUILD_DEPENDS.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>