polarssl: enable AES-GCM and CAMELLIA-GCM ciphersuites

Recent versions of Chrome require this ciphers to successfully handshake with a TLS enabled uhttpd server using the ustream-polarssl backend. If `CONFIG_GCM` is disabled, `ssl_ciphersuite_from_id()` will return `NULL` when cipher `0x9d` is looked up, causing the calling `ssl_ciphersuite_match()` to fail with `POLARSSL_ERR_SSL_INTERNAL_ERROR`. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
8 years ago · 9e45f9d63c
parent 1f86257c2f
commit 9e45f9d63c
2 changed files with 1 additions and 11 deletions
--- a/package/libs/polarssl/Makefile
+++ b/package/libs/polarssl/Makefile
@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=polarssl
 SRC_PKG_NAME:=mbedtls
 PKG_VERSION:=1.3.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_USE_MIPS16:=0

 PKG_SOURCE:=$(SRC_PKG_NAME)-$(PKG_VERSION)-gpl.tgz
--- a/package/libs/polarssl/patches/200-reduce_config.patch
+++ b/package/libs/polarssl/patches/200-reduce_config.patch
@ -170,16 +170,6 @@
 
 /**
  * \def POLARSSL_ENTROPY_C
-@@ -1662,8 +1662,8 @@
-  *
-  * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
-  * requisites are enabled as well.
- */
- #define POLARSSL_GCM_C
-+ */
- 
- /**
-  * \def POLARSSL_HAVEGE_C
@@ -1699,8 +1699,8 @@
  * Requires: POLARSSL_MD_C
  *