mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-13 17:39:57 +00:00
Ankur Tyagi
ed8e7c6fb5
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7394 Backport patches from the PR[1][2][3] mentioned in the changelog[4]. [1] https://github.com/wolfSSL/wolfssl/pull/8849 [2] https://github.com/wolfSSL/wolfssl/pull/8867 [3] https://github.com/wolfSSL/wolfssl/pull/8898 [4] https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025 Dropped changes to github workflow and tests during backport. Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
61 lines
2.1 KiB
BlitzBasic
61 lines
2.1 KiB
BlitzBasic
SUMMARY = "wolfSSL Lightweight Embedded SSL/TLS Library"
|
|
DESCRIPTION = "wolfSSL, formerly CyaSSL, is a lightweight SSL library written \
|
|
in C and optimized for embedded and RTOS environments. It can \
|
|
be up to 20 times smaller than OpenSSL while still supporting \
|
|
a full TLS client and server, up to TLS 1.3"
|
|
HOMEPAGE = "https://www.wolfssl.com/products/wolfssl"
|
|
BUGTRACKER = "https://github.com/wolfssl/wolfssl/issues"
|
|
SECTION = "libs"
|
|
LICENSE = "GPL-2.0-only"
|
|
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
|
|
|
|
PROVIDES += "cyassl"
|
|
RPROVIDES:${PN} = "cyassl"
|
|
|
|
SRC_URI = " \
|
|
git://github.com/wolfSSL/wolfssl.git;protocol=https;branch=master \
|
|
file://0001-wolfssl-wolfcrypt-logging.h-and-wolfcrypt-src-loggin.patch \
|
|
file://run-ptest \
|
|
file://CVE-2025-13912.patch \
|
|
file://CVE-2025-7395-1.patch \
|
|
file://CVE-2025-7395-2.patch \
|
|
file://CVE-2025-7395-3.patch \
|
|
file://CVE-2025-7395-4.patch \
|
|
file://CVE-2025-7394-1.patch \
|
|
file://CVE-2025-7394-2.patch \
|
|
file://CVE-2025-7394-3.patch \
|
|
file://CVE-2025-7394-4.patch \
|
|
file://CVE-2025-7394-5.patch \
|
|
file://CVE-2025-7394-6.patch \
|
|
"
|
|
|
|
SRCREV = "b077c81eb635392e694ccedbab8b644297ec0285"
|
|
|
|
|
|
inherit autotools ptest
|
|
|
|
EXTRA_OECONF += "--enable-certreq --enable-dtls --enable-opensslextra --enable-certext --enable-certgen"
|
|
|
|
PACKAGECONFIG ?= "reproducible-build"
|
|
|
|
PACKAGECONFIG[reproducible-build] = "--enable-reproducible-build,--disable-reproducible-build,"
|
|
BBCLASSEXTEND += "native nativesdk"
|
|
|
|
CFLAGS += '-fPIC -DCERT_REL_PREFIX=\\"./\\"'
|
|
|
|
RDEPENDS:${PN}-ptest += " bash"
|
|
|
|
do_install_ptest() {
|
|
# Prevent QA Error "package contains reference to TMPDIR [buildpaths]" for unit.test script
|
|
# Replace the occurences of ${B}/src with '${PTEST_PATH}'
|
|
sed -i 's|${B}/src|${PTEST_PATH}|g' ${B}/tests/unit.test
|
|
|
|
install -d ${D}${PTEST_PATH}/test
|
|
|
|
# create an empty folder examples, needed in wolfssl's tests/api.c to "Test loading path with no files"
|
|
install -d ${D}${PTEST_PATH}/examples
|
|
cp -rf ${B}/tests/. ${D}${PTEST_PATH}/test
|
|
cp -rf ${S}/certs ${D}${PTEST_PATH}
|
|
cp -rf ${S}/tests ${D}${PTEST_PATH}
|
|
}
|