Skip to content

Instantly share code, notes, and snippets.

@OneYX

OneYX/lede.diff

Created April 8, 2022 12:28
Show Gist options
  • Save OneYX/cef3154bc4d7218fb927a9c9c1bde8bc to your computer and use it in GitHub Desktop.
Save OneYX/cef3154bc4d7218fb927a9c9c1bde8bc to your computer and use it in GitHub Desktop.
Download ZIP
lede.diff
Raw
lede.diff
diff --git a/feeds.conf.default b/feeds.conf.default
index 416da4b..7242211 100644
--- a/feeds.conf.default
+++ b/feeds.conf.default
@@ -6,3 +6,5 @@ src-git telephony https://git.openwrt.org/feed/telephony.git
#src-git targets https://github.com/openwrt/targets.git
#src-git oldpackages http://git.openwrt.org/packages.git
#src-link custom /usr/src/openwrt/custom-feed
+src-git helloworld https://github.com/fw876/helloworld
+src-git passwall https://github.com/xiaorouji/openwrt-passwall
diff --git a/package/base-files/files/bin/config_generate b/package/base-files/files/bin/config_generate
index 1a047eb..b68a4b5 100755
--- a/package/base-files/files/bin/config_generate
+++ b/package/base-files/files/bin/config_generate
@@ -147,7 +147,7 @@ generate_network() {
static)
local ipad
case "$1" in
- lan) ipad=${ipaddr:-"192.168.1.1"} ;;
+ lan) ipad=${ipaddr:-"192.168.2.2"} ;;
*) ipad=${ipaddr:-"192.168.$((addr_offset++)).1"} ;;
esac
@@ -288,7 +288,8 @@ generate_static_system() {
delete system.@system[0]
add system system
set system.@system[-1].hostname='OpenWrt'
- set system.@system[-1].timezone='UTC'
+ set system.@system[-1].timezone='CST-8'
+ set system.@system[-1].zonename='Asia/Shanghai'
set system.@system[-1].ttylogin='0'
set system.@system[-1].log_size='64'
set system.@system[-1].urandom_seed='0'
diff --git a/package/base-files/files/etc/rc.local b/package/base-files/files/etc/rc.local
index 5639477..42eeeb6 100644
--- a/package/base-files/files/etc/rc.local
+++ b/package/base-files/files/etc/rc.local
@@ -1,4 +1,7 @@
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
-
+cat > /etc/resolv.conf <<EOF
+nameserver 127.0.0.1
+options ndots:0
+EOF
exit 0
diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile
index 3dd1e96..7fc1912 100644
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=mbedtls
-PKG_VERSION:=2.28.0
+PKG_VERSION:=2.16.12
PKG_RELEASE:=$(AUTORELEASE)
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=6519579b836ed78cc549375c7c18b111df5717e86ca0eeff4cb64b2674f424cc
+PKG_HASH:=294871ab1864a65d0b74325e9219d5bcd6e91c34a3c59270c357bb9ae4d5c393
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0-or-later
diff --git a/package/libs/mbedtls/patches/100-Implements-with-ARMv8-CE.patch b/package/libs/mbedtls/patches/100-Implements-with-ARMv8-CE.patch
deleted file mode 100644
index 4205fe7..0000000
--- a/package/libs/mbedtls/patches/100-Implements-with-ARMv8-CE.patch
+++ /dev/null
@@ -1,391 +0,0 @@
-From dfb6015ca79a9fee28f7fcb0af7e350a83574b83 Mon Sep 17 00:00:00 2001
-From: "Markku-Juhani O. Saarinen" <mjos@mjos.fi>
-Date: Mon, 20 Nov 2017 14:58:41 +0000
-Subject: Implements AES and GCM with ARMv8 Crypto Extensions
-
-A compact patch that provides AES and GCM implementations that utilize the
-ARMv8 Crypto Extensions. The config flag is MBEDTLS_ARMV8CE_AES_C, which
-is disabled by default as we don't do runtime checking for the feature.
-The new implementation lives in armv8ce_aes.c.
-
-Provides similar functionality to https://github.com/ARMmbed/mbedtls/pull/432
-Thanks to Barry O'Rourke and others for that contribtion.
-
-Tested on a Cortex A53 device and QEMU. On a midrange phone the real AES-GCM
-throughput increases about 4x, while raw AES speed is up to 10x faster.
-
-When cross-compiling, you want to set something like:
-
- export CC='aarch64-linux-gnu-gcc'
- export CFLAGS='-Ofast -march=armv8-a+crypto'
- scripts/config.pl set MBEDTLS_ARMV8CE_AES_C
-
-QEMU seems to also need
-
- export LDFLAGS='-static'
-
-Then run normal make or cmake etc.
----
-
---- a/ChangeLog.d/armv8_crypto_extensions.txt
-+++ b/ChangeLog.d/armv8_crypto_extensions.txt
-@@ -0,0 +1,2 @@
-+Features
-+ * Support ARMv8 Cryptography Extensions for AES and GCM.
---- a/include/mbedtls/armv8ce_aes.h
-+++ b/include/mbedtls/armv8ce_aes.h
-@@ -0,0 +1,63 @@
-+/**
-+ * \file armv8ce_aes.h
-+ *
-+ * \brief ARMv8 Cryptography Extensions -- Optimized code for AES and GCM
-+ */
-+
-+/*
-+ *
-+ * Copyright (C) 2006-2017, ARM Limited, All Rights Reserved
-+ * SPDX-License-Identifier: Apache-2.0
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
-+ * not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ *
-+ * This file is part of mbed TLS (https://tls.mbed.org)
-+ */
-+
-+#ifndef MBEDTLS_ARMV8CE_AES_H
-+#define MBEDTLS_ARMV8CE_AES_H
-+
-+#include "aes.h"
-+
-+/**
-+ * \brief [ARMv8 Crypto Extensions] AES-ECB block en(de)cryption
-+ *
-+ * \param ctx AES context
-+ * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
-+ * \param input 16-byte input block
-+ * \param output 16-byte output block
-+ *
-+ * \return 0 on success (cannot fail)
-+ */
-+
-+int mbedtls_armv8ce_aes_crypt_ecb( mbedtls_aes_context *ctx,
-+ int mode,
-+ const unsigned char input[16],
-+ unsigned char output[16] );
-+
-+/**
-+ * \brief [ARMv8 Crypto Extensions] Multiply in GF(2^128) for GCM
-+ *
-+ * \param c Result
-+ * \param a First operand
-+ * \param b Second operand
-+ *
-+ * \note Both operands and result are bit strings interpreted as
-+ * elements of GF(2^128) as per the GCM spec.
-+ */
-+
-+void mbedtls_armv8ce_gcm_mult( unsigned char c[16],
-+ const unsigned char a[16],
-+ const unsigned char b[16] );
-+
-+#endif /* MBEDTLS_ARMV8CE_AES_H */
---- a/include/mbedtls/check_config.h
-+++ b/include/mbedtls/check_config.h
-@@ -95,6 +95,10 @@
- #error "MBEDTLS_AESNI_C defined, but not all prerequisites"
- #endif
-
-+#if defined(MBEDTLS_ARMV8CE_AES_C) && !defined(MBEDTLS_HAVE_ASM)
-+#error "MBEDTLS_ARMV8CE_AES_C defined, but not all prerequisites"
-+#endif
-+
- #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
- #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
- #endif
-@@ -772,3 +776,4 @@
- typedef int mbedtls_iso_c_forbids_empty_translation_units;
-
- #endif /* MBEDTLS_CHECK_CONFIG_H */
-+
---- a/include/mbedtls/config.h
-+++ b/include/mbedtls/config.h
-@@ -73,6 +73,7 @@
- * Requires support for asm() in compiler.
- *
- * Used in:
-+ * library/armv8ce_aes.c
- * library/aria.c
- * library/timing.c
- * include/mbedtls/bn_mul.h
-@@ -1888,6 +1889,21 @@
- #define MBEDTLS_AESNI_C
-
- /**
-+ * \def MBEDTLS_ARMV8CE_AES_C
-+ *
-+ * Enable ARMv8 Crypto Extensions for AES and GCM
-+ *
-+ * Module: library/armv8ce_aes.c
-+ * Caller: library/aes.c
-+ * library/gcm.c
-+ *
-+ * Requires: MBEDTLS_HAVE_ASM
-+ *
-+ * This module adds support for Armv8 Cryptography Extensions for AES and GCM.
-+ */
-+//#define MBEDTLS_ARMV8CE_AES_C
-+
-+/**
- * \def MBEDTLS_AES_C
- *
- * Enable the AES block cipher.
---- a/library/aes.c
-+++ b/library/aes.c
-@@ -69,7 +69,9 @@
- #if defined(MBEDTLS_AESNI_C)
- #include "mbedtls/aesni.h"
- #endif
--
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+#include "mbedtls/armv8ce_aes.h"
-+#endif
- #if defined(MBEDTLS_SELF_TEST)
- #if defined(MBEDTLS_PLATFORM_C)
- #include "mbedtls/platform.h"
-@@ -1052,6 +1054,11 @@
- return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
- #endif
-
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+ // We don't do runtime checking for ARMv8 Crypto Extensions
-+ return mbedtls_armv8ce_aes_crypt_ecb( ctx, mode, input, output );
-+#endif
-+
- #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
- if( aes_padlock_ace )
- {
---- a/library/armv8ce_aes.c
-+++ b/library/armv8ce_aes.c
-@@ -0,0 +1,142 @@
-+/*
-+ * ARMv8 Cryptography Extensions -- Optimized code for AES and GCM
-+ *
-+ * Copyright (C) 2006-2017, ARM Limited, All Rights Reserved
-+ * SPDX-License-Identifier: Apache-2.0
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
-+ * not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ *
-+ * This file is part of mbed TLS (https://tls.mbed.org)
-+ */
-+
-+#if !defined(MBEDTLS_CONFIG_FILE)
-+#include "mbedtls/config.h"
-+#else
-+#include MBEDTLS_CONFIG_FILE
-+#endif
-+
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+
-+#include <arm_neon.h>
-+#include "mbedtls/armv8ce_aes.h"
-+
-+#ifndef asm
-+#define asm __asm
-+#endif
-+
-+/*
-+ * [Armv8 Cryptography Extensions] AES-ECB block en(de)cryption
-+ */
-+
-+#if defined(MBEDTLS_AES_C)
-+
-+int mbedtls_armv8ce_aes_crypt_ecb( mbedtls_aes_context *ctx,
-+ int mode,
-+ const unsigned char input[16],
-+ unsigned char output[16] )
-+{
-+ unsigned int i;
-+ const uint8_t *rk;
-+ uint8x16_t x, k;
-+
-+ x = vld1q_u8( input ); /* input block */
-+ rk = (const uint8_t *) ctx->rk; /* round keys */
-+
-+ if( mode == MBEDTLS_AES_ENCRYPT )
-+ {
-+ for( i = ctx->nr - 1; i != 0; i-- ) /* encryption loop */
-+ {
-+ k = vld1q_u8( rk );
-+ rk += 16;
-+ x = vaeseq_u8( x, k );
-+ x = vaesmcq_u8( x );
-+ }
-+ k = vld1q_u8( rk );
-+ rk += 16;
-+ x = vaeseq_u8( x, k );
-+ }
-+ else
-+ {
-+ for( i = ctx->nr - 1; i != 0 ; i-- ) /* decryption loop */
-+ {
-+ k = vld1q_u8( rk );
-+ rk += 16;
-+ x = vaesdq_u8( x, k );
-+ x = vaesimcq_u8( x );
-+ }
-+ k = vld1q_u8( rk );
-+ rk += 16;
-+ x = vaesdq_u8( x, k );
-+ }
-+
-+ k = vld1q_u8( rk ); /* final key just XORed */
-+ x = veorq_u8( x, k );
-+ vst1q_u8( output, x ); /* write out */
-+
-+ return ( 0 );
-+}
-+
-+#endif /* MBEDTLS_AES_C */
-+
-+
-+/*
-+ * [Armv8 Cryptography Extensions] Multiply in GF(2^128) for GCM
-+ */
-+
-+#if defined(MBEDTLS_GCM_C)
-+
-+void mbedtls_armv8ce_gcm_mult( unsigned char c[16],
-+ const unsigned char a[16],
-+ const unsigned char b[16] )
-+{
-+ /* GCM's GF(2^128) polynomial basis is x^128 + x^7 + x^2 + x + 1 */
-+ const uint64x2_t base = { 0, 0x86 }; /* note missing LS bit */
-+
-+ register uint8x16_t vc asm( "v0" ); /* named registers */
-+ register uint8x16_t va asm( "v1" ); /* (to avoid conflict) */
-+ register uint8x16_t vb asm( "v2" );
-+ register uint64x2_t vp asm( "v3" );
-+
-+ va = vld1q_u8( a ); /* load inputs */
-+ vb = vld1q_u8( b );
-+ vp = base;
-+
-+ asm (
-+ "rbit %1.16b, %1.16b \n\t" /* reverse bit order */
-+ "rbit %2.16b, %2.16b \n\t"
-+ "pmull2 %0.1q, %1.2d, %2.2d \n\t" /* v0 = a.hi * b.hi */
-+ "pmull2 v4.1q, %0.2d, %3.2d \n\t" /* mul v0 by x^64, reduce */
-+ "ext %0.16b, %0.16b, %0.16b, #8 \n\t"
-+ "eor %0.16b, %0.16b, v4.16b \n\t"
-+ "ext v5.16b, %2.16b, %2.16b, #8 \n\t" /* (swap hi and lo in b) */
-+ "pmull v4.1q, %1.1d, v5.1d \n\t" /* v0 ^= a.lo * b.hi */
-+ "eor %0.16b, %0.16b, v4.16b \n\t"
-+ "pmull2 v4.1q, %1.2d, v5.2d \n\t" /* v0 ^= a.hi * b.lo */
-+ "eor %0.16b, %0.16b, v4.16b \n\t"
-+ "pmull2 v4.1q, %0.2d, %3.2d \n\t" /* mul v0 by x^64, reduce */
-+ "ext %0.16b, %0.16b, %0.16b, #8 \n\t"
-+ "eor %0.16b, %0.16b, v4.16b \n\t"
-+ "pmull v4.1q, %1.1d, %2.1d \n\t" /* v0 ^= a.lo * b.lo */
-+ "eor %0.16b, %0.16b, v4.16b \n\t"
-+ "rbit %0.16b, %0.16b \n\t" /* reverse bits for output */
-+ : "=w" (vc) /* q0: output */
-+ : "w" (va), "w" (vb), "w" (vp) /* q1, q2: input */
-+ : "v4", "v5" /* q4, q5: clobbered */
-+ );
-+
-+ vst1q_u8( c, vc ); /* write out */
-+}
-+
-+#endif /* MBEDTLS_GCM_C */
-+
-+#endif /* MBEDTLS_ARMV8CE_AES_C */
---- a/library/CMakeLists.txt
-+++ b/library/CMakeLists.txt
-@@ -7,6 +7,7 @@
- aesni.c
- arc4.c
- aria.c
-+ armv8ce_aes.c
- asn1parse.c
- asn1write.c
- base64.c
---- a/library/gcm.c
-+++ b/library/gcm.c
-@@ -71,6 +71,10 @@
- #include "mbedtls/aesni.h"
- #endif
-
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+#include "mbedtls/armv8ce_aes.h"
-+#endif
-+
- #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
- #include "mbedtls/aes.h"
- #include "mbedtls/platform.h"
-@@ -140,6 +144,12 @@
- if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
- return( ret );
-
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+ // we don't do feature testing with ARMv8 cryptography extensions
-+ memcpy( ctx ->HL, h, 16 ); // put H at the beginning of buffer
-+ return( 0 ); // that's all we need
-+#endif
-+
- /* pack h as two 64-bits ints, big-endian */
- GET_UINT32_BE( hi, h, 0 );
- GET_UINT32_BE( lo, h, 4 );
-@@ -248,6 +258,11 @@
- unsigned char lo, hi, rem;
- uint64_t zh, zl;
-
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+ mbedtls_armv8ce_gcm_mult( output, x, (const unsigned char *) ctx->HL );
-+ return;
-+#endif
-+
- #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
- if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) {
- unsigned char h[16];
---- a/library/Makefile
-+++ b/library/Makefile
-@@ -72,6 +72,7 @@
- aesni.o \
- arc4.o \
- aria.o \
-+ armv8ce_aes.o \
- asn1parse.o \
- asn1write.o \
- base64.o \
-
---- a/library/version_features.c
-+++ b/library/version_features.c
-@@ -583,6 +583,9 @@
- #if defined(MBEDTLS_AESNI_C)
- "MBEDTLS_AESNI_C",
- #endif /* MBEDTLS_AESNI_C */
-+#if defined(MBEDTLS_ARMV8CE_AES_C)
-+ "MBEDTLS_ARMV8CE_AES_C",
-+#endif /* MBEDTLS_ARMV8CE_AES_C */
- #if defined(MBEDTLS_AES_C)
- "MBEDTLS_AES_C",
- #endif /* MBEDTLS_AES_C */
diff --git a/package/libs/mbedtls/patches/200-config.patch b/package/libs/mbedtls/patches/200-config.patch
deleted file mode 100644
index faf5bb5..0000000
--- a/package/libs/mbedtls/patches/200-config.patch
+++ /dev/null
@@ -1,228 +0,0 @@
---- a/include/mbedtls/config.h
-+++ b/include/mbedtls/config.h
-@@ -665,14 +665,14 @@
- *
- * Enable Output Feedback mode (OFB) for symmetric ciphers.
- */
--#define MBEDTLS_CIPHER_MODE_OFB
-+//#define MBEDTLS_CIPHER_MODE_OFB
-
- /**
- * \def MBEDTLS_CIPHER_MODE_XTS
- *
- * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
- */
--#define MBEDTLS_CIPHER_MODE_XTS
-+//#define MBEDTLS_CIPHER_MODE_XTS
-
- /**
- * \def MBEDTLS_CIPHER_NULL_CIPHER
-@@ -790,20 +790,20 @@
- * Comment macros to disable the curve and functions for it
- */
- /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
--#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
--#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
-+//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
-+//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
- #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
- #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
--#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
--#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
--#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
-+//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
-+//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
-+//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
- #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
--#define MBEDTLS_ECP_DP_BP256R1_ENABLED
--#define MBEDTLS_ECP_DP_BP384R1_ENABLED
--#define MBEDTLS_ECP_DP_BP512R1_ENABLED
-+//#define MBEDTLS_ECP_DP_BP256R1_ENABLED
-+//#define MBEDTLS_ECP_DP_BP384R1_ENABLED
-+//#define MBEDTLS_ECP_DP_BP512R1_ENABLED
- /* Montgomery curves (supporting ECP) */
- #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
--#define MBEDTLS_ECP_DP_CURVE448_ENABLED
-+//#define MBEDTLS_ECP_DP_CURVE448_ENABLED
-
- /**
- * \def MBEDTLS_ECP_NIST_OPTIM
-@@ -956,7 +956,7 @@
- * See dhm.h for more details.
- *
- */
--#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-+//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-
- /**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-@@ -976,7 +976,7 @@
- * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
- */
--#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-+//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-
- /**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-@@ -1001,7 +1001,7 @@
- * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
- */
--#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-+//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-
- /**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-@@ -1135,7 +1135,7 @@
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- */
--#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-+//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-
- /**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-@@ -1159,7 +1159,7 @@
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- */
--#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-+//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-
- /**
- * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-@@ -1263,7 +1263,7 @@
- * This option is only useful if both MBEDTLS_SHA256_C and
- * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
- */
--//#define MBEDTLS_ENTROPY_FORCE_SHA256
-+#define MBEDTLS_ENTROPY_FORCE_SHA256
-
- /**
- * \def MBEDTLS_ENTROPY_NV_SEED
-@@ -1478,14 +1478,14 @@
- * Uncomment this macro to disable the use of CRT in RSA.
- *
- */
--//#define MBEDTLS_RSA_NO_CRT
-+#define MBEDTLS_RSA_NO_CRT
-
- /**
- * \def MBEDTLS_SELF_TEST
- *
- * Enable the checkup functions (*_self_test).
- */
--#define MBEDTLS_SELF_TEST
-+//#define MBEDTLS_SELF_TEST
-
- /**
- * \def MBEDTLS_SHA256_SMALLER
-@@ -1756,7 +1756,7 @@
- * configuration of this extension).
- *
- */
--#define MBEDTLS_SSL_RENEGOTIATION
-+//#define MBEDTLS_SSL_RENEGOTIATION
-
- /**
- * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
-@@ -2017,7 +2017,7 @@
- *
- * Comment this macro to disable support for truncated HMAC in SSL
- */
--#define MBEDTLS_SSL_TRUNCATED_HMAC
-+//#define MBEDTLS_SSL_TRUNCATED_HMAC
-
- /**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
-@@ -2185,7 +2185,7 @@
- *
- * Comment this to disable run-time checking and save ROM space
- */
--#define MBEDTLS_VERSION_FEATURES
-+//#define MBEDTLS_VERSION_FEATURES
-
- /**
- * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
-@@ -2534,7 +2534,7 @@
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- */
--#define MBEDTLS_CAMELLIA_C
-+//#define MBEDTLS_CAMELLIA_C
-
- /**
- * \def MBEDTLS_ARIA_C
-@@ -2600,7 +2600,7 @@
- * This module enables the AES-CCM ciphersuites, if other requisites are
- * enabled as well.
- */
--#define MBEDTLS_CCM_C
-+//#define MBEDTLS_CCM_C
-
- /**
- * \def MBEDTLS_CERTS_C
-@@ -2612,7 +2612,7 @@
- *
- * This module is used for testing (ssl_client/server).
- */
--#define MBEDTLS_CERTS_C
-+//#define MBEDTLS_CERTS_C
-
- /**
- * \def MBEDTLS_CHACHA20_C
-@@ -2725,7 +2725,7 @@
- * \warning DES is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- */
--#define MBEDTLS_DES_C
-+//#define MBEDTLS_DES_C
-
- /**
- * \def MBEDTLS_DHM_C
-@@ -2890,7 +2890,7 @@
- * This module adds support for the Hashed Message Authentication Code
- * (HMAC)-based key derivation function (HKDF).
- */
--#define MBEDTLS_HKDF_C
-+//#define MBEDTLS_HKDF_C
-
- /**
- * \def MBEDTLS_HMAC_DRBG_C
-@@ -3203,7 +3203,7 @@
- *
- * This module enables abstraction of common (libc) functions.
- */
--#define MBEDTLS_PLATFORM_C
-+//#define MBEDTLS_PLATFORM_C
-
- /**
- * \def MBEDTLS_POLY1305_C
-@@ -3279,7 +3279,7 @@
- * Caller: library/md.c
- *
- */
--#define MBEDTLS_RIPEMD160_C
-+//#define MBEDTLS_RIPEMD160_C
-
- /**
- * \def MBEDTLS_RSA_C
-@@ -3486,7 +3486,7 @@
- *
- * This module provides run-time version information.
- */
--#define MBEDTLS_VERSION_C
-+//#define MBEDTLS_VERSION_C
-
- /**
- * \def MBEDTLS_X509_USE_C
-@@ -3596,7 +3596,7 @@
- * Module: library/xtea.c
- * Caller:
- */
--#define MBEDTLS_XTEA_C
-+//#define MBEDTLS_XTEA_C
-
- /* \} name SECTION: mbed TLS modules */
-
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment