Commit Graph

41 Commits

Author SHA1 Message Date
Ankur Tyagi c49bff1273 wolfssl: patch CVE-2025-7394
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7394

Backport patches from the PR[1][2][3] mentioned in the changelog[4].

[1] https://github.com/wolfSSL/wolfssl/pull/8849
[2] https://github.com/wolfSSL/wolfssl/pull/8867
[3] https://github.com/wolfSSL/wolfssl/pull/8898
[4] https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-01-12 08:12:18 +05:30
Gyorgy Sarvari b7180060eb wolfssl: patch CVE-2025-7395
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7395

Backport the patches from the PR[1] that is referenced by the project's
changelog[2] to fix this issue.

[1]: https://github.com/wolfSSL/wolfssl/pull/8833
[2]: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-12-30 07:08:15 +05:30
Khem Raj 57b939762c wolfssl: Add packageconfig for reproducible build
Make this option turned on by default

Fixes
WARNING: wolfssl-5.7.2-r0 do_package_qa: QA Issue: File /usr/lib/libwolfssl.so.42.2.0 in package wolfssl contains reference to TMPDIR [buildpaths]

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
2025-04-16 20:30:02 -04:00
Sofiane HAMAM 3e3de7632e wolfssl: Upgrade 5.7.0 -> 5.7.2
The upgrade includes many vulnerability fixes, new features and
inhancements, refer to:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable

Signed-off-by: Sofiane HAMAM <sofiane.hamam@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-03-23 15:27:16 -04:00
Sofiane HAMAM 7bc1db1659 Wolfssl: add ptest
Add ptest for Wolfssl package.
Set IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-wolfssl to 700M
enough to avoid a "No space left on device".

BEGIN: /usr/lib/wolfssl/ptest
Wolfssl ptest logs are stored in /tmp/wolfss_temp.qvuQ9h/ptest.log
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
DURATION: 7
END: /usr/lib/wolfssl/ptest

Signed-off-by: Sofiane HAMAM <sofiane.hamam@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-03-23 15:27:08 -04:00
Wang Mingyu eee270ce10 wolfssl: upgrade 5.6.6 -> 5.7.0
Changelog:
============
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-02 14:56:53 -07:00
Wang Mingyu d1d3cf63e0 wolfssl: upgrade 5.6.4 -> 5.6.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-01-08 19:54:45 -08:00
Khem Raj 53c88ad2b3 wolfssl: upgrade 5.5.4 -> 5.6.4
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-11-06 08:48:27 -08:00
Wang Mingyu 4e00651548 wolfssl: upgrade 5.5.3 -> 5.5.4
Changelog:
https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-12-27 16:03:06 -08:00
Wang Mingyu 58793ca934 wolfssl: upgrade 5.5.2 -> 5.5.3
Fixes
---------
 Fix for possible buffer zeroization overrun introduced at the end of
 v5.5.2 release cycle in GitHub pull request 5743 (#5743) and fixed in
 pull request 5757 (#5757). In the case where a specific memory allocation
 failed or a hardware fault happened there was the potential for an overrun
 of 0's when masking the buffer used for (D)TLS 1.2 and lower operations.
 (D)TLS 1.3 only and crypto only users are not affected by the issue.
 This is not related in any way to recent issues reported in OpenSSL.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-11-09 10:17:15 -08:00
Wang Mingyu a9334a5cba wolfssl: upgrade 5.5.1 -> 5.5.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-10-31 08:27:33 -07:00
zhengrq.fnst 6829378d00 wolfssl: upgrade 5.5.0 -> 5.5.1
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-10-10 10:19:33 -07:00
zhengruoqin 48c95ebd3e wolfssl: upgrade 5.4.0 -> 5.5.0
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-09-13 09:55:02 -07:00
wangmy 1b43fcf335 wolfssl: upgrade 5.3.0 -> 5.4.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-07-26 10:40:36 -04:00
wangmy 09e0149e28 wolfssl: upgrade 5.2.0 -> 5.3.0
Changelog:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.3.0-stable

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-05-09 08:59:46 -07:00
Khem Raj 7d8a0e840d recipes: Update LICENSE variable to use SPDX license identifiers
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-03-04 17:41:45 -08:00
Wang Mingyu dafa33c46b wolfssl: upgrade 5.1.0- > 5.2.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-02-24 08:35:24 -08:00
wangmy 0a1f6a9879 wolfssl: upgrade 5.0.0 -> 5.1.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-01-05 11:10:02 -08:00
Oleksandr Kravchuk 13ba4e62b6 wolfssl: update to 5.0.0
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-11-08 10:06:23 -08:00
Richard Purdie b402a3076f recipes: Update SRC_URI branch and protocols
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-11-03 06:57:49 -07:00
Martin Jansa c61dc077bb Convert to new override syntax
This is the result of automated script (0.9.1) conversion:

oe-core/scripts/contrib/convert-overrides.py .

converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2021-08-03 10:21:25 -07:00
zangrc 5c2112a571 wolfssl: upgrade 4.7.0 -> 4.7.1
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-04-15 20:01:48 -07:00
Oleksandr Kravchuk ea21ccbbcb wolfssl: updae to 4.7.0
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-02-19 10:02:43 -08:00
zangrc e12d9290e3 wolfssl: upgrade 4.5.0 -> 4.6.0
0001-Make-ByteReverseWords-available-for-big-and-little-e.patch
Removed since this is included in 4.6.0

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-01-05 09:16:26 -08:00
Alexander Vickberg 35459c1d25 wolfssl: upgrade 4.4.0 -> 4.5.0
Add patch from upstream which fixes building on big endian.

Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-10-06 08:45:24 -07:00
Pierre-Jean Texier fba5d0ae98 wolfssl: upgrade 4.3.0 -> 4.4.0
Release 4.4.0 of wolfSSL embedded TLS has bug fixes, new features
and fixes for security vulnerabilities.

See full changelog https://github.com/wolfSSL/wolfssl/releases/tag/v4.4.0-stablefixes

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-04-26 23:12:15 -07:00
Wang Mingyu 65c38c877d wolfssl: upgrade 4.2.0 -> 4.3.0
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-01-06 19:22:26 -08:00
Zang Ruochen ceaa3f7701 wolfssl: upgrade 4.1.0 -> 4.2.0
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-10-25 10:32:45 -07:00
Oleksandr Kravchuk 5064a83dc0 wolfssl: update to 4.1.0
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-07-30 19:15:24 -07:00
Oleksandr Kravchuk 4cf971e9a4 wolfssl: update to 4.0.0
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-09 21:31:36 -07:00
Randy MacLeod e57fe0b07e wolfssl: update to 3.15.8 and use github SRC_URI
The previous SRC_URI did not work for the new version and
when looking at the site, users are required to navigate
through a click-through license agreement. Also use git
repo rather than the .zip archive since the github checksum
can change from time to time.

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-06 08:22:48 -07:00
Oleksandr Kravchuk f096abd399 wolfssl: update to 3.15.7
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-03-17 08:44:41 -07:00
Chris Conlon 5f9bcfcd3b wolfssl: Update version to 3.15.5
This patch updates wolfSSL to the current 3.15.5 version. It removes a previous
patch for generating cyassl/options.h, as wolfSSL proper now does that as part
of the Autoconf configure step. It also removes the ipv6 PACKAGECONFIG usage.
wolfSSL is IP neutral and the --enable-ipv6 configure option only affects
the wolfSSL example client/server. As these examples are not compiled as part
of this recipe, the PACKAGECONFIG is unnecessary.

Signed-off-by: Chris Conlon <chris@wolfssl.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-12-06 17:06:39 -08:00
Trevor Woerner bbbec23533 wolfssl: update 3.12.0 -> 3.14.4
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00
Trevor Woerner 83cedc2f76 wolfssl: switch away from github archive
Since we know that github archives which are automatically generated have a
tendency to change their checksums[1], switch to using a git clone.

[1] http://lists.openembedded.org/pipermail/openembedded-devel/2017-September/114916.html

Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00
dengke.du@windriver.com 04bc4b4c86 wolfssl: upgrade to 3.12.0
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-09-12 10:55:07 -04:00
Peter Kjellerstedt 0c31f55bcf Make use of the new bb.utils.filter() function
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2017-03-07 13:30:26 +01:00
Jackie Huang 940a621f19 wolfssl: control ipv6 support based on DISTRO_FEATURES
Add PACKAGECONFIG for ipv6 and control it based
on DISTRO_FEATURES.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2016-09-05 13:34:12 -04:00
lchristina26 441c328ec4 wolfssl: update to version 3.9.0
Update includes new leantls configuration, RSA OAEP padding support,
Arduino example client, and more.

Signed-off-by: lchristina26 <leah@wolfssl.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2016-04-01 12:05:27 -04:00
Joe MacDonald 8980f0d2a2 meta-networking: standardize SECTION values
SECTION has been used inconsistently throughout the recipes in this layer.
Convert them to all use the same convention.

Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2015-06-05 20:42:25 -04:00
lchristina26 c667c7dc68 wolfssl: change name from cyassl to wolfssl, update to version 3.4.0
CyaSSL is now called wolfSSL. Recipe updates included RPROVIDE and
PROVIDE lines, with updates to sha/md5 sums.

Signed-off-by: lchristina26 <leah@wolfssl.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2015-04-15 10:23:49 -04:00