Bug 255084

Summary: security/mbedtls: Update to >= 2.25
Product: Ports & Packages Reporter: Tobias Kortkamp <tobik>
Component: Individual Port(s)Assignee: Tijl Coosemans <tijl>
Status: Closed FIXED    
Severity: Affects Only Me CC: diizzy, swills, takefu
Priority: --- Flags: tijl: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
mbedtls-2.26.0.patch
takefu: maintainer-approval+
mbedtls-2.27.0 patch
none
mbedtls-2.27.0 patch none

Description Tobias Kortkamp freebsd_committer freebsd_triage 2021-04-15 09:21:23 UTC 
Hi,

this is more of a request and is not very important. I don't have time to submit
a patch. Can you update mbedtls to a newer version? FWICT, security/uacme
needs at least 2.25.

Thanks.
Comment 1 Daniel Engberg freebsd_committer freebsd_triage 2021-04-15 15:25:17 UTC 
Not a fix for the version bump but perhaps it's worth deprecating support as mbedtls doesn't support TLS 1.3 in uacme?
https://github.com/ARMmbed/mbedtls/issues/508 and the linked issues
Comment 2 Tobias Kortkamp freebsd_committer freebsd_triage 2021-04-17 07:39:36 UTC 
(In reply to daniel.engberg.lists from comment #1)
Sorry, it's a little unclear to me what specifically you want to
deprecate?
Comment 3 Daniel Engberg freebsd_committer freebsd_triage 2021-04-17 16:48:44 UTC 
Remove support for mbedtls in uacme altogether as we can probably assume that we'll never see TLS 1.3 support within a reasonable amount of time.
Comment 4 Tijl Coosemans freebsd_committer freebsd_triage 2021-04-18 12:00:39 UTC 
2.16 is the latest stable branch.  All newer releases are essentially snapshots of the development branch.  The next stable branch is expected mid 2021.  I'd like to wait until then.
Comment 5 takefu 2021-05-01 03:36:35 UTC 
Created attachment 224585 [details]
mbedtls-2.26.0.patch

Update to 2.26.0
Comment 6 Daniel Engberg freebsd_committer freebsd_triage 2021-07-13 00:44:15 UTC 
3.3.0 is out, this release will however break compatibility with older versions.
See https://github.com/ARMmbed/mbedtls/releases/tag/v3.0.0 for more information
Comment 7 Steve Wills freebsd_committer freebsd_triage 2021-12-07 05:14:56 UTC 
Created attachment 229948 [details]
mbedtls-2.27.0 patch
Comment 8 Steve Wills freebsd_committer freebsd_triage 2021-12-07 05:30:25 UTC 
Created attachment 229949 [details]
mbedtls-2.27.0 patch
Comment 9 commit-hook freebsd_committer freebsd_triage 2022-01-28 12:16:11 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b93e64d3c3240d1e4a8fc510b14aa2175e5be012

commit b93e64d3c3240d1e4a8fc510b14aa2175e5be012
Author:     Tijl Coosemans <tijl@FreeBSD.org>
AuthorDate: 2021-12-30 17:29:42 +0000
Commit:     Tijl Coosemans <tijl@FreeBSD.org>
CommitDate: 2022-01-28 12:14:09 +0000

    security/mbedtls: Update to 2.28.0 and fix make test

    Also bump dependent ports for library version change.

    PR:             255084

 archivers/libarchive/Makefile                      |   1 +
 biology/ncbi-vdb/Makefile                          |   2 +-
 dns/kadnode/Makefile                               |   2 +-
 editors/imhex/Makefile                             |   1 +
 emulators/dolphin-emu/Makefile                     |   2 +-
 irc/inspircd/Makefile                              |   1 +
 lang/gauche/Makefile                               |   1 +
 lang/neko/Makefile                                 |   2 +-
 multimedia/librist/Makefile                        |   1 +
 multimedia/obs-studio/Makefile                     |   1 +
 net-im/sayaka/Makefile                             |   1 +
 net-p2p/btcheck/Makefile                           |   1 +
 net/bctoolbox/Makefile                             |   2 +-
 net/libwebsockets/Makefile                         |   1 +
 net/pichi/Makefile                                 |   1 +
 net/shadowsocks-libev/Makefile                     |   2 +-
 security/mbedtls/Makefile                          |  20 +-
 security/mbedtls/distinfo                          |   6 +-
 security/mbedtls/files/patch-config.h (gone)       |  20 -
 security/mbedtls/files/patch-dtls-srtp (gone)      | 659 ---------------------
 .../files/patch-include_mbedtls_config.h (new)     |  29 +
 security/mbedtls/pkg-descr                         |   2 +-
 security/mbedtls/pkg-plist                         |  41 +-
 security/openvpn-devel/Makefile                    |   1 +
 security/openvpn/Makefile                          |   2 +-
 security/uacme/Makefile                            |   1 +
 www/hiawatha/Makefile                              |   1 +
 www/lighttpd/Makefile                              |   1 +
 28 files changed, 101 insertions(+), 704 deletions(-)