diff options
Diffstat (limited to 'main/mbedtls/APKBUILD')
-rw-r--r-- | main/mbedtls/APKBUILD | 58 |
1 files changed, 40 insertions, 18 deletions
diff --git a/main/mbedtls/APKBUILD b/main/mbedtls/APKBUILD index 2a4f74e8ceb..eb993bf3b11 100644 --- a/main/mbedtls/APKBUILD +++ b/main/mbedtls/APKBUILD @@ -2,20 +2,34 @@ # Contributor: Ćukasz Jendrysik <scadu@yandex.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=mbedtls -pkgver=2.16.10 -pkgrel=1 +pkgver=3.6.0 # long-time support branch +pkgrel=0 +_framework_commit=f1aa3f5c96da714f06dd4e23d84ba18e4f3cf359 pkgdesc="Light-weight cryptographic and SSL/TLS library" -url="https://tls.mbed.org" +url="https://www.trustedfirmware.org/projects/mbed-tls/" arch="all" -license="Apache-2.0" -makedepends="cmake perl python3" +license="Apache-2.0 OR GPL-2.0-or-later" +makedepends="cmake perl python3 samurai" subpackages="$pkgname-static $pkgname-dev $pkgname-utils" -source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pkgver.tar.gz" +source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pkgver.tar.gz + $pkgname-framework-$_framework_commit.tar.gz::https://github.com/Mbed-TLS/mbedtls-framework/archive/$_framework_commit.tar.gz + " # Track security issues # https://tls.mbed.org/security # secfixes: +# 2.28.8-r0: +# - CVE-2024-28960 +# 2.28.7-r0: +# - CVE-2024-23170 +# - CVE-2024-23775 +# 2.28.5-r0: +# - CVE-2023-43615 +# 2.28.1-r0: +# - CVE-2022-35409 +# 2.16.12-r0: +# - CVE-2021-44732 # 2.16.8-r0: # - CVE-2020-16150 # 2.16.6-r0: @@ -41,28 +55,33 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pk prepare() { default_prepare + # TF-PSA-Crypto and Mbed TLS version-independent build and test framework + rmdir "$builddir"/framework + mv "$srcdir/$pkgname-framework-$_framework_commit" "$builddir"/framework + # Enable flags for non-embedded systems. - sed -i \ - -e 's|//\(#define MBEDTLS_THREADING_C\)|\1|' \ - -e 's|//\(#define MBEDTLS_THREADING_PTHREAD\)|\1|' \ - "$builddir"/include/mbedtls/config.h + python3 scripts/config.py set MBEDTLS_THREADING_C + python3 scripts/config.py set MBEDTLS_THREADING_PTHREAD } build() { - cmake . \ - -DCMAKE_BUILD_TYPE="MinSizeRel" \ + cmake -B build -G Ninja \ + -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ - -DCMAKE_VERBOSE_MAKEFILE=ON \ - -DUSE_SHARED_MBEDTLS_LIBRARY=ON - make + -DCMAKE_INSTALL_LIBDIR=lib \ + -DUSE_SHARED_MBEDTLS_LIBRARY=ON \ + -DENABLE_TESTING="$(want_check && echo ON || echo OFF)" + cmake --build build } check() { - make test + cd build + # tests break in parallel + CTEST_OUTPUT_ON_FAILURE=TRUE ctest -j1 } package() { - make DESTDIR="$pkgdir" install + DESTDIR="$pkgdir" cmake --install build } utils() { @@ -80,4 +99,7 @@ static() { chmod -x "$subpkgdir"/usr/lib/*.a } -sha512sums="9a2d7b5e786d7bc377c9fbf36322621b8873037e6f28d1ff16bd81650f87d421aaf1c34f8b8f1829c824710c63b2c262208dc3f242dac7f361c1d9607fe9933c mbedtls-2.16.10.tar.gz" +sha512sums=" +7e50cf2bb2c9abeb56f18a25bc126b96ac5e3329702cf5b2e266df6b649b9544ab5f2ac00bd57e06091e10cdcf907e600c14eb415942d028000d7b6f1c0cfa42 mbedtls-3.6.0.tar.gz +9f415f96d6b6c6750dad900e6bc8d5f641e6c322d0cb19143218a4b4e7aee5fa6a7a15fe388b883f5d08b49f2e508c6c4838706133768aa668b972343e547c07 mbedtls-framework-f1aa3f5c96da714f06dd4e23d84ba18e4f3cf359.tar.gz +" |