openwrt/package/libs/ustream-ssl/Makefile
Petr Štetiar 8444302a92 treewide: fix security issues by bumping all packages using libwolfssl
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all
packages using wolfSSL library.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f1b7e1434f)
(cherry picked from commit 562894b39d)
2022-10-05 21:09:50 +02:00

73 lines
1.9 KiB
Makefile

include $(TOPDIR)/rules.mk
PKG_NAME:=ustream-ssl
PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/ustream-ssl.git
PKG_SOURCE_DATE:=2022-01-16
PKG_SOURCE_VERSION:=868fd8812f477c110f9c6c5252c0bd172167b94c
PKG_MIRROR_HASH:=dd28d5e846b391917cf83d66176653bdfa4e8a0d5b11144b65a012fe7693ddeb
CMAKE_INSTALL:=1
PKG_LICENSE:=ISC
PKG_LICENSE_FILES:=
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/libustream/default
SECTION:=libs
CATEGORY:=Libraries
TITLE:=ustream SSL Library
DEPENDS:=+libubox
ABI_VERSION:=20201210
endef
define Package/libustream-openssl
$(Package/libustream/default)
TITLE += (openssl)
DEPENDS += +PACKAGE_libustream-openssl:libopenssl
VARIANT:=openssl
endef
define Package/libustream-wolfssl
$(Package/libustream/default)
TITLE += (wolfssl)
DEPENDS += +PACKAGE_libustream-wolfssl:libwolfssl
CONFLICTS := libustream-openssl
VARIANT:=wolfssl
endef
define Package/libustream-mbedtls
$(Package/libustream/default)
TITLE += (mbedtls)
DEPENDS += +libmbedtls
CONFLICTS := libustream-openssl libustream-wolfssl
VARIANT:=mbedtls
DEFAULT_VARIANT:=1
endef
ifeq ($(BUILD_VARIANT),wolfssl)
TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include/wolfssl
CMAKE_OPTIONS += -DWOLFSSL=on
endif
ifeq ($(BUILD_VARIANT),mbedtls)
CMAKE_OPTIONS += -DMBEDTLS=on
endif
define Package/libustream/default/install
$(INSTALL_DIR) $(1)/lib/
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libustream-ssl.so $(1)/lib/
endef
Package/libustream-openssl/install = $(Package/libustream/default/install)
Package/libustream-wolfssl/install = $(Package/libustream/default/install)
Package/libustream-mbedtls/install = $(Package/libustream/default/install)
$(eval $(call BuildPackage,libustream-mbedtls))
$(eval $(call BuildPackage,libustream-wolfssl))
$(eval $(call BuildPackage,libustream-openssl))