89994968e9
Fixes denial of service attack and buffer overflow against TLS 1.3 servers using session ticket resumption. When built with --enable-session-ticket and making use of TLS 1.3 server code in wolfSSL, there is the possibility of a malicious client to craft a malformed second ClientHello packet that causes the server to crash. This issue is limited to when using both --enable-session-ticket and TLS 1.3 on the server side. Users with TLS 1.3 servers, and having --enable-session-ticket, should update to the latest version of wolfSSL. Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France" for research on tlspuffin. Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable Signed-off-by: Petr Štetiar <ynezz@true.cz> |
||
|---|---|---|
| .github | ||
| config | ||
| doc | ||
| include | ||
| LICENSES | ||
| package | ||
| scripts | ||
| target | ||
| toolchain | ||
| tools | ||
| .gitattributes | ||
| .gitignore | ||
| BSDmakefile | ||
| Config.in | ||
| COPYING | ||
| feeds.conf.default | ||
| Makefile | ||
| README_EN.md | ||
| README.md | ||
| rules.mk | ||
Welcome to Lean's git source of OpenWrt and packages
How to build your Openwrt firmware.
Note:
-
DO NOT USE root USER FOR COMPILING!!!
-
Users within China should prepare proxy before building.
-
Web admin panel default IP is 192.168.1.1 and default password is "password".
Let's start!
-
First, install Ubuntu 64bit (Ubuntu 20.04 LTS x86 is recommended).
-
Run
sudo apt-get updatein the terminal, and then runsudo apt-get -y install build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch python3 python2.7 unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib p7zip p7zip-full msmtp libssl-dev texinfo libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint device-tree-compiler g++-multilib antlr3 gperf wget curl swig rsync -
Run
git clone https://github.com/coolsnowwolf/ledeto clone the source code, and thencd ledeto enter the directory -
./scripts/feeds update -a ./scripts/feeds install -a make menuconfig -
Run
make -j8 download V=sto download libraries and dependencies (user in China should use global proxy when possible) -
Run
make -j1 V=s(integer following -j is the thread count, single-thread is recommended for the first build) to start building your firmware.
This source code is promised to be compiled successfully.
You can use this source code freely, but please link this GitHub repository when redistributing. Thank you for your cooperation!
Rebuild:
cd lede
git pull
./scripts/feeds update -a && ./scripts/feeds install -a
make defconfig
make -j8 download
make -j$(($(nproc) + 1)) V=s
If reconfiguration is need:
rm -rf ./tmp && rm -rf .config
make menuconfig
make -j$(($(nproc) + 1)) V=s
Build result will be produced to bin/targets directory.
Special tips:
-
This source code doesn't contain any backdoors or close source applications that can monitor/capture your HTTPS traffic, SSL is the final castle of cyber security. Safety is what a firmware should achieve.
-
If you have any technical problem, you may join the QQ discussion group: 297253733, link: click here
-
Want to learn OpenWrt development but don't know how? Can't motivate yourself for self-learning? Not enough fundamental knowledge? Learn OpenWrt development with Mr. Zuo through his Beginner OpenWrt Training Course. Click here to register.
Router Recommendation
Not Sponsored: If you are finding a low power consumption, small and performance promising x86/x64 router, I personally recommend the EZPROv1 Alumium Edition (N3710 4000M): Details
Donation
If this project does help you, please consider donating to support the development of this project.
Alipay
