902961c148
Update wolfssl to the latest release v3.12.2 and backport an upstream
pending fix for CVE-2017-13099 ("ROBOT vulnerability").
Ref: https://github.com/wolfSSL/wolfssl/pull/1229
Ref: https://robotattack.org/
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
11 lines
465 B
Diff
11 lines
465 B
Diff
--- a/wolfssl/wolfcrypt/settings.h
|
|
+++ b/wolfssl/wolfcrypt/settings.h
|
|
@@ -1553,7 +1553,7 @@ extern void uITRON4_free(void *p) ;
|
|
#endif
|
|
|
|
/* warning for not using harden build options (default with ./configure) */
|
|
-#ifndef WC_NO_HARDEN
|
|
+#if 0
|
|
#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
|
|
(defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
|
|
(!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
|