From 7a3ddfc8a8aa443f981589c38ac43e72afda1fe0 Mon Sep 17 00:00:00 2001 From: Daniel Pawlik Date: Mon, 22 Apr 2024 09:15:31 +0200 Subject: [PATCH] Changed cryptography module to mbedtls --- configs/ath79/generic/uap-ac-lr/extended | 12 +++--------- configs/ath79/mikrotik/extended | 19 +++---------------- configs/common/openssl | 6 ++++++ configs/common/wolfssl | 5 +++++ configs/mediatek/mt7622/dumb_ap | 21 ++++----------------- configs/mediatek/mt7622/extended | 21 ++++----------------- configs/mediatek/mt7988a/extended | 19 +++---------------- configs/qualcommax/ax3600/extended | 19 +++---------------- configs/ramips/mt7621/extended | 19 +++---------------- 9 files changed, 34 insertions(+), 107 deletions(-) create mode 100644 configs/common/openssl create mode 100644 configs/common/wolfssl diff --git a/configs/ath79/generic/uap-ac-lr/extended b/configs/ath79/generic/uap-ac-lr/extended index 87875e1..fdea67f 100644 --- a/configs/ath79/generic/uap-ac-lr/extended +++ b/configs/ath79/generic/uap-ac-lr/extended @@ -113,15 +113,9 @@ CONFIG_PACKAGE_luci-app-vnstat2=y # language CONFIG_LUCI_LANG_pl=y -##### REPLACE CRYPTOLIB ##### -# mbedtls - comment it when openssl or wolfssl enabled! +####### REPLACE CRYPTOLIB ##### +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -## replace mbedtls with openssl - remember to leave commented "is not set" ! -#CONFIG_PACKAGE_luci-ssl-openssl=y -#CONFIG_PACKAGE_wpad-openssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set +####### diff --git a/configs/ath79/mikrotik/extended b/configs/ath79/mikrotik/extended index 5ece916..1cd74f7 100644 --- a/configs/ath79/mikrotik/extended +++ b/configs/ath79/mikrotik/extended @@ -105,22 +105,9 @@ CONFIG_PACKAGE_luci-app-vnstat2=y # language CONFIG_LUCI_LANG_pl=y -##### REPLACE CRYPTOLIB ##### -# mbedtls - comment it when openssl or wolfssl enabled! +####### REPLACE CRYPTOLIB ##### +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -## replace mbedtls with openssl - remember to leave commented "is not set" ! -#CONFIG_PACKAGE_luci-ssl-openssl=y -#CONFIG_PACKAGE_wpad-openssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set - -## replace mbedtls with wolfssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-wolfssl=y -# CONFIG_PACKAGE_wpad-wolfssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set +####### diff --git a/configs/common/openssl b/configs/common/openssl new file mode 100644 index 0000000..6ad6461 --- /dev/null +++ b/configs/common/openssl @@ -0,0 +1,6 @@ +#### replace mbedtls with openssl - remember to leave commented "is not set" ! +CONFIG_PACKAGE_luci-ssl-openssl=y +CONFIG_PACKAGE_wpad-openssl=y +# CONFIG_PACKAGE_wpad-mbedtls is not set +# CONFIG_PACKAGE_wpad-basic-mbedtls is not set +# CONFIG_PACKAGE_wpad-basic-openssl is not set diff --git a/configs/common/wolfssl b/configs/common/wolfssl new file mode 100644 index 0000000..12f8385 --- /dev/null +++ b/configs/common/wolfssl @@ -0,0 +1,5 @@ +CONFIG_PACKAGE_luci-ssl-wolfssl=y +CONFIG_PACKAGE_wpad-wolfssl=y +# CONFIG_PACKAGE_wpad-mbedtls is not set +# CONFIG_PACKAGE_wpad-basic-mbedtls is not set +# CONFIG_PACKAGE_wpad-basic-openssl is not set diff --git a/configs/mediatek/mt7622/dumb_ap b/configs/mediatek/mt7622/dumb_ap index d8d27e8..9eacfb3 100644 --- a/configs/mediatek/mt7622/dumb_ap +++ b/configs/mediatek/mt7622/dumb_ap @@ -83,25 +83,12 @@ CONFIG_PACKAGE_luci-app-usteer=y # language CONFIG_LUCI_LANG_pl=y -##### REPLACE CRYPTOLIB ##### -# mbedtls - comment it when openssl or wolfssl enabled! +####### REPLACE CRYPTOLIB ##### +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y -CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -#### replace mbedtls with openssl - remember to leave commented "is not set" ! -#CONFIG_PACKAGE_luci-ssl-openssl=y -#CONFIG_PACKAGE_wpad-openssl=y -# CONFIG_PACKAGE_wpad-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-openssl is not set - -#### replace mbedtls with wolfssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-wolfssl=y -# CONFIG_PACKAGE_wpad-wolfssl=y -# CONFIG_PACKAGE_wpad-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-openssl is not set +CONFIG_PACKAGE_wpad-mbedtls=y +####### # temporary workaround for kernel 6.6 # CONFIG_PACKAGE_kmod-usb-serial-dmx_usb_module is not set diff --git a/configs/mediatek/mt7622/extended b/configs/mediatek/mt7622/extended index b8f177d..22f9e4b 100644 --- a/configs/mediatek/mt7622/extended +++ b/configs/mediatek/mt7622/extended @@ -106,25 +106,12 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y -##### REPLACE CRYPTOLIB ##### -### mbedtls - comment it when openssl or wolfssl enabled! +####### REPLACE CRYPTOLIB ##### +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y -CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -#### replace mbedtls with openssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-openssl=y -# CONFIG_PACKAGE_wpad-openssl=y -# CONFIG_PACKAGE_wpad-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-openssl is not set - -#### replace mbedtls with wolfssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-wolfssl=y -# CONFIG_PACKAGE_wpad-wolfssl=y -# CONFIG_PACKAGE_wpad-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-openssl is not set +CONFIG_PACKAGE_wpad-mbedtls=y +####### # temporary workaround for kernel 6.6 # CONFIG_PACKAGE_kmod-usb-serial-dmx_usb_module is not set diff --git a/configs/mediatek/mt7988a/extended b/configs/mediatek/mt7988a/extended index 0528fd2..bdb322c 100644 --- a/configs/mediatek/mt7988a/extended +++ b/configs/mediatek/mt7988a/extended @@ -110,24 +110,11 @@ CONFIG_PACKAGE_bind-host=y CONFIG_LUCI_LANG_pl=y ####### REPLACE CRYPTOLIB ##### -## mbedtls - comment it when openssl or wolfssl enabled! +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y -CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -#### replace mbedtls with openssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-openssl=y -# CONFIG_PACKAGE_wpad-openssl=y -# CONFIG_PACKAGE_wpad-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-openssl is not set - -#### replace mbedtls with wolfssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-wolfssl=y -# CONFIG_PACKAGE_wpad-wolfssl=y -# CONFIG_PACKAGE_wpad-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-mbedtls is not set -# CONFIG_PACKAGE_wpad-basic-openssl is not set +CONFIG_PACKAGE_wpad-mbedtls=y +####### # MT7921 CONFIG_PACKAGE_kmod-mt7921-common=y diff --git a/configs/qualcommax/ax3600/extended b/configs/qualcommax/ax3600/extended index c6e030d..67f6864 100644 --- a/configs/qualcommax/ax3600/extended +++ b/configs/qualcommax/ax3600/extended @@ -106,22 +106,9 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y -##### REPLACE CRYPTOLIB ##### -# mbedtls - comment it when openssl or wolfssl enabled! +####### REPLACE CRYPTOLIB ##### +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -## replace mbedtls with openssl - remember to leave commented "is not set" ! -#CONFIG_PACKAGE_luci-ssl-openssl=y -#CONFIG_PACKAGE_wpad-openssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set - -## replace mbedtls with wolfssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-wolfssl=y -# CONFIG_PACKAGE_wpad-wolfssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set +####### diff --git a/configs/ramips/mt7621/extended b/configs/ramips/mt7621/extended index 93b8383..1444648 100644 --- a/configs/ramips/mt7621/extended +++ b/configs/ramips/mt7621/extended @@ -109,22 +109,9 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y -##### REPLACE CRYPTOLIB ##### -# mbedtls - comment it when openssl or wolfssl enabled! +####### REPLACE CRYPTOLIB ##### +# Remove section and copy from config/common/ a cryptolib section that you need. CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_wpad-mbedtls=y CONFIG_PACKAGE_wpad-basic-mbedtls=m - -## replace mbedtls with openssl - remember to leave commented "is not set" ! -#CONFIG_PACKAGE_luci-ssl-openssl=y -#CONFIG_PACKAGE_wpad-openssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set - -## replace mbedtls with wolfssl - remember to leave commented "is not set" ! -# CONFIG_PACKAGE_luci-ssl-wolfssl=y -# CONFIG_PACKAGE_wpad-wolfssl=y -## CONFIG_PACKAGE_wpad-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-mbedtls is not set -## CONFIG_PACKAGE_wpad-basic-openssl is not set +#######