Some code refactoring has been done since 3.2.0 that
bufio.lua no longer exists, libeco.so and bufio.so have been added.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
libwolfsslcpu-crypto has to be taken into consideration when selecting
the default SSL backend.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Currently, lua-eco will add dependencies to all SSL libraries that are
selected, even though it will only use one of them. That means that the
package downloaded from the regular repository will install OpenSSL,
wolfSSL and mbedTLS, even though it will only use OpenSSL.
Fix that by adding a built option so that the default can be changed at
build-time. To maintain the author's intention, a default symbol is
computed based on what libraries are being built into the image, or just
selected as a module. Originally, the order or preference was OpenSSL,
wolfSSL, then mbedTLS.
One change was made to the original order: if OpenSSL and wolfSSL are
both selected as module, and mbedTLS is not built into the image,
wolfSSL will be preferred over OpenSSL. This is being done to keep the
package consistent with OpenWRT's selection of wolfSSL as the default
SSL library. If they are both included in the image, then OpenSSL will
be preferred.
The order of preference is:
1. If at least one library is included in the image, use the first of
OpenSSL, wolfSSL, and mbedTLS that is included in the image.
2. If at least one library is selected, but none included in the image,
prefer wolfSSL, then OpenSSL, then mbedTLS.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Jianhui Zhao