Merge pull request #84 from pi-hole/ftl-build/update_mbedtls

Update mbedtls from 3.4.1 to 3.5.0

Author: DL6ER

ftl-build/alpine/Dockerfile

@@ -1,11 +1,12 @@
 ARG CONTAINER="alpine:edge"
 FROM ${CONTAINER} AS builder
 
+ARG TARGETPLATFORM
 ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.9.1
-ARG mbedtlsversion=3.4.1
+ARG mbedtlsversion=3.5.0
 
 RUN apk add --no-cache \
         alpine-sdk \
@@ -74,10 +75,16 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && rm -r nettle-${nettleversion}
 
 # Build static mbedTLS with pthread support
+# Disable AESNI on linux/386 asit would possibly result in an incompatible
+# binary in processors lacking the AESNI and SSE2 instruction sets
 RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
     && cd mbedtls-${mbedtlsversion} \
     && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
     && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && ( [ "${TARGETPLATFORM}" = "linux/386" ] \
+         && echo "BUILDING WITHOUT AESNI SUPPORT" \
+         && sed -i '/#define MBEDTLS_AESNI_C/s*^*//*g' include/mbedtls/mbedtls_config.h \
+         || echo "BUILDING WITH AESNI SUPPORT" ) \
     && make -j $(nproc) install \
     && cd .. \
     && rm -r mbedtls-${mbedtlsversion}

ftl-build/debian/Dockerfile

@@ -7,7 +7,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.9.1
-ARG mbedtlsversion=3.4.1
+ARG mbedtlsversion=3.5.0
 
 # Switch repositories to the archive server
 RUN if [ "${CONTAINER}" = "debian:stretch-slim" ]; then \