From 3e35eb13ada3b87e87cd108f9d459b9484446e9c Mon Sep 17 00:00:00 2001
From: Baptiste Jonglez <git@bitsofnetworks.org>
Date: Sun, 30 Jul 2017 17:57:37 +0200
Subject: mbedtls: Re-allow SHA1-signed certificates

Since mbedtls 2.5.1, SHA1 has been disallowed in TLS certificates.
This breaks openvpn clients that try to connect to servers that
present a TLS certificate signed with SHA1, which is fairly common.

Run-tested with openvpn-mbedtls 2.4.3, LEDE 17.01.2, on ar71xx.

Fixes: FS#942

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
---
 package/libs/mbedtls/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package/libs/mbedtls/Makefile')

diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile
index 4cceb74..101324d 100644
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mbedtls
 PKG_VERSION:=2.5.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
-- 
cgit v1.1