Bug 255084 - security/mbedtls: Update to >= 2.25
Summary: security/mbedtls: Update to >= 2.25
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Tijl Coosemans
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-15 09:21 UTC by Tobias Kortkamp
Modified: 2022-01-28 12:24 UTC (History)
3 users (show)

See Also:
tijl: maintainer-feedback+


Attachments
mbedtls-2.26.0.patch (34.07 KB, patch)
2021-05-01 03:36 UTC, takefu
takefu: maintainer-approval+
Details | Diff
mbedtls-2.27.0 patch (34.92 KB, patch)
2021-12-07 05:14 UTC, Steve Wills
no flags Details | Diff
mbedtls-2.27.0 patch (35.62 KB, patch)
2021-12-07 05:30 UTC, Steve Wills
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Kortkamp freebsd_committer freebsd_triage 2021-04-15 09:21:23 UTC
Hi,

this is more of a request and is not very important. I don't have time to submit
a patch. Can you update mbedtls to a newer version? FWICT, security/uacme
needs at least 2.25.

Thanks.
Comment 1 Daniel Engberg freebsd_committer freebsd_triage 2021-04-15 15:25:17 UTC
Not a fix for the version bump but perhaps it's worth deprecating support as mbedtls doesn't support TLS 1.3 in uacme?
https://github.com/ARMmbed/mbedtls/issues/508 and the linked issues
Comment 2 Tobias Kortkamp freebsd_committer freebsd_triage 2021-04-17 07:39:36 UTC
(In reply to daniel.engberg.lists from comment #1)
Sorry, it's a little unclear to me what specifically you want to
deprecate?
Comment 3 Daniel Engberg freebsd_committer freebsd_triage 2021-04-17 16:48:44 UTC
Remove support for mbedtls in uacme altogether as we can probably assume that we'll never see TLS 1.3 support within a reasonable amount of time.
Comment 4 Tijl Coosemans freebsd_committer freebsd_triage 2021-04-18 12:00:39 UTC
2.16 is the latest stable branch.  All newer releases are essentially snapshots of the development branch.  The next stable branch is expected mid 2021.  I'd like to wait until then.
Comment 5 takefu 2021-05-01 03:36:35 UTC
Created attachment 224585 [details]
mbedtls-2.26.0.patch

Update to 2.26.0
Comment 6 Daniel Engberg freebsd_committer freebsd_triage 2021-07-13 00:44:15 UTC
3.3.0 is out, this release will however break compatibility with older versions.
See https://github.com/ARMmbed/mbedtls/releases/tag/v3.0.0 for more information
Comment 7 Steve Wills freebsd_committer freebsd_triage 2021-12-07 05:14:56 UTC
Created attachment 229948 [details]
mbedtls-2.27.0 patch
Comment 8 Steve Wills freebsd_committer freebsd_triage 2021-12-07 05:30:25 UTC
Created attachment 229949 [details]
mbedtls-2.27.0 patch
Comment 9 commit-hook freebsd_committer freebsd_triage 2022-01-28 12:16:11 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b93e64d3c3240d1e4a8fc510b14aa2175e5be012

commit b93e64d3c3240d1e4a8fc510b14aa2175e5be012
Author:     Tijl Coosemans <tijl@FreeBSD.org>
AuthorDate: 2021-12-30 17:29:42 +0000
Commit:     Tijl Coosemans <tijl@FreeBSD.org>
CommitDate: 2022-01-28 12:14:09 +0000

    security/mbedtls: Update to 2.28.0 and fix make test

    Also bump dependent ports for library version change.

    PR:             255084

 archivers/libarchive/Makefile                      |   1 +
 biology/ncbi-vdb/Makefile                          |   2 +-
 dns/kadnode/Makefile                               |   2 +-
 editors/imhex/Makefile                             |   1 +
 emulators/dolphin-emu/Makefile                     |   2 +-
 irc/inspircd/Makefile                              |   1 +
 lang/gauche/Makefile                               |   1 +
 lang/neko/Makefile                                 |   2 +-
 multimedia/librist/Makefile                        |   1 +
 multimedia/obs-studio/Makefile                     |   1 +
 net-im/sayaka/Makefile                             |   1 +
 net-p2p/btcheck/Makefile                           |   1 +
 net/bctoolbox/Makefile                             |   2 +-
 net/libwebsockets/Makefile                         |   1 +
 net/pichi/Makefile                                 |   1 +
 net/shadowsocks-libev/Makefile                     |   2 +-
 security/mbedtls/Makefile                          |  20 +-
 security/mbedtls/distinfo                          |   6 +-
 security/mbedtls/files/patch-config.h (gone)       |  20 -
 security/mbedtls/files/patch-dtls-srtp (gone)      | 659 ---------------------
 .../files/patch-include_mbedtls_config.h (new)     |  29 +
 security/mbedtls/pkg-descr                         |   2 +-
 security/mbedtls/pkg-plist                         |  41 +-
 security/openvpn-devel/Makefile                    |   1 +
 security/openvpn/Makefile                          |   2 +-
 security/uacme/Makefile                            |   1 +
 www/hiawatha/Makefile                              |   1 +
 www/lighttpd/Makefile                              |   1 +
 28 files changed, 101 insertions(+), 704 deletions(-)