From f431022415f3eaeb1f4563f4c7cdb7e33461e805 Mon Sep 17 00:00:00 2001
From: Alexander Vickberg <wickbergster@gmail.com>
Date: Thu, 17 Dec 2020 14:02:07 +0100
Subject: mbedtls: upgrade to 2.25.0

Deleted build fix patch. This is already applied in this release.

Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 ...x-incorrect-EOF-check-in-ssl_context_info.patch | 57 ----------------------
 .../recipes-connectivity/mbedtls/mbedtls_2.24.0.bb | 45 -----------------
 .../recipes-connectivity/mbedtls/mbedtls_2.25.0.bb | 43 ++++++++++++++++
 3 files changed, 43 insertions(+), 102 deletions(-)
 delete mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch
 delete mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb
 create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls_2.25.0.bb

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch b/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch
deleted file mode 100644
index 836fce91e6..0000000000
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From d696e7d91e42a190d06760279d2e396392143454 Mon Sep 17 00:00:00 2001
-From: Nayna Jain <nayna@linux.ibm.com>
-Date: Thu, 13 Aug 2020 19:17:53 +0000
-Subject: [PATCH] programs/ssl: Fix incorrect EOF check in ssl_context_info.c
-
-In `read_next_b64_code()`, the result of fgetc() is stored into a char,
-but later compared against EOF, which is generally -1.  On platforms
-where char is unsigned, this generates a compiler warning/error that the
-comparison will never be true (causing a build failure).  The value will
-never match, with the function ultimately bailing with a "Too many bad
-symbols are detected" error.
-
-On platforms with signed char, EOF is detected, but a file containing a
-0xFF character will causes a premature end of file exit of the loop.
-
-Fix this by changing the result to an int.
-
-Fixes #3794.
-
-Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
-Signed-off-by: David Brown <david.brown@linaro.org>
----
- ChangeLog.d/bugfix_3794.txt     | 4 ++++
- programs/ssl/ssl_context_info.c | 4 ++--
- 2 files changed, 6 insertions(+), 2 deletions(-)
- create mode 100644 ChangeLog.d/bugfix_3794.txt
-
-diff --git a/ChangeLog.d/bugfix_3794.txt b/ChangeLog.d/bugfix_3794.txt
-new file mode 100644
-index 0000000000..a483ea76ae
---- /dev/null
-+++ b/ChangeLog.d/bugfix_3794.txt
-@@ -0,0 +1,4 @@
-+Bugfix
-+  * Fix handling of EOF against 0xff bytes and on platforms with
-+    unsigned chars.  Fixes a build failure on platforms where char is
-+    unsigned.  Fixes #3794.
-diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
-index df8819a804..d109c1e6f7 100644
---- a/programs/ssl/ssl_context_info.c
-+++ b/programs/ssl/ssl_context_info.c
-@@ -377,13 +377,13 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len )
-     int valid_balance = 0;  /* balance between valid and invalid characters */
-     size_t len = 0;
-     char pad = 0;
--    char c = 0;
-+    int c = 0;
- 
-     while( EOF != c )
-     {
-         char c_valid = 0;
- 
--        c = (char) fgetc( b64_file );
-+        c = fgetc( b64_file );
- 
-         if( pad > 0 )
-         {
diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb
deleted file mode 100644
index e3a0169566..0000000000
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb
+++ /dev/null
@@ -1,45 +0,0 @@
-SUMMARY = "Lightweight crypto and SSL/TLS library"
-DESCRIPTION = "mbedtls is a lean open source crypto library          \
-for providing SSL and TLS support in your programs. It offers        \
-an intuitive API and documented header files, so you can actually    \
-understand what the code does. It features:                          \
-                                                                     \
- - Symmetric algorithms, like AES, Blowfish, Triple-DES, DES, ARC4,  \
-   Camellia and XTEA                                                 \
- - Hash algorithms, like SHA-1, SHA-2, RIPEMD-160 and MD5            \
- - Entropy pool and random generators, like CTR-DRBG and HMAC-DRBG   \
- - Public key algorithms, like RSA, Elliptic Curves, Diffie-Hellman, \
-   ECDSA and ECDH                                                    \
- - SSL v3 and TLS 1.0, 1.1 and 1.2                                   \
- - Abstraction layers for ciphers, hashes, public key operations,    \
-   platform abstraction and threading                                \
-"
-
-HOMEPAGE = "https://tls.mbed.org/"
-
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
-
-SECTION = "libs"
-
-S = "${WORKDIR}/git"
-SRCREV = "523f0554b6cdc7ace5d360885c3f5bbcc73ec0e8"
-SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=development \
-           file://fix-incorrect-EOF-check-in-ssl_context_info.patch \
-"
-
-inherit cmake
-
-PACKAGECONFIG ??= "shared-libs programs"
-PACKAGECONFIG[shared-libs] = "-DUSE_SHARED_MBEDTLS_LIBRARY=ON,-DUSE_SHARED_MBEDTLS_LIBRARY=OFF"
-PACKAGECONFIG[programs] = "-DENABLE_PROGRAMS=ON,-DENABLE_PROGRAMS=OFF"
-
-EXTRA_OECMAKE = "-DENABLE_TESTING=OFF -DLIB_INSTALL_DIR:STRING=${libdir}"
-
-PROVIDES += "polarssl"
-RPROVIDES_${PN} = "polarssl"
-
-PACKAGES =+ "${PN}-programs"
-FILES_${PN}-programs = "${bindir}/"
-
-BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.25.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.25.0.bb
new file mode 100644
index 0000000000..27c1b209dc
--- /dev/null
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.25.0.bb
@@ -0,0 +1,43 @@
+SUMMARY = "Lightweight crypto and SSL/TLS library"
+DESCRIPTION = "mbedtls is a lean open source crypto library          \
+for providing SSL and TLS support in your programs. It offers        \
+an intuitive API and documented header files, so you can actually    \
+understand what the code does. It features:                          \
+                                                                     \
+ - Symmetric algorithms, like AES, Blowfish, Triple-DES, DES, ARC4,  \
+   Camellia and XTEA                                                 \
+ - Hash algorithms, like SHA-1, SHA-2, RIPEMD-160 and MD5            \
+ - Entropy pool and random generators, like CTR-DRBG and HMAC-DRBG   \
+ - Public key algorithms, like RSA, Elliptic Curves, Diffie-Hellman, \
+   ECDSA and ECDH                                                    \
+ - SSL v3 and TLS 1.0, 1.1 and 1.2                                   \
+ - Abstraction layers for ciphers, hashes, public key operations,    \
+   platform abstraction and threading                                \
+"
+
+HOMEPAGE = "https://tls.mbed.org/"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+SECTION = "libs"
+
+S = "${WORKDIR}/git"
+SRCREV = "1c54b5410fd48d6bcada97e30cac417c5c7eea67"
+SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=development"
+
+inherit cmake
+
+PACKAGECONFIG ??= "shared-libs programs"
+PACKAGECONFIG[shared-libs] = "-DUSE_SHARED_MBEDTLS_LIBRARY=ON,-DUSE_SHARED_MBEDTLS_LIBRARY=OFF"
+PACKAGECONFIG[programs] = "-DENABLE_PROGRAMS=ON,-DENABLE_PROGRAMS=OFF"
+
+EXTRA_OECMAKE = "-DENABLE_TESTING=OFF -DLIB_INSTALL_DIR:STRING=${libdir}"
+
+PROVIDES += "polarssl"
+RPROVIDES_${PN} = "polarssl"
+
+PACKAGES =+ "${PN}-programs"
+FILES_${PN}-programs = "${bindir}/"
+
+BBCLASSEXTEND = "native nativesdk"
-- 
cgit 1.2.3-korg