mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-04-20 00:16:38 +02:00
109 lines
2.6 KiB
Text
109 lines
2.6 KiB
Text
# Contributor: Leo <thinkabit.ukim@gmail.com>
|
|
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
|
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
|
|
pkgname=mbedtls
|
|
pkgver=3.6.3 # long-time support branch
|
|
pkgrel=0
|
|
pkgdesc="Light-weight cryptographic and SSL/TLS library"
|
|
url="https://www.trustedfirmware.org/projects/mbed-tls/"
|
|
arch="all"
|
|
license="Apache-2.0 OR GPL-2.0-or-later"
|
|
makedepends="cmake perl python3 samurai"
|
|
subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
|
|
source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pkgver.tar.gz
|
|
gcc14.patch
|
|
"
|
|
|
|
# Track security issues
|
|
# https://mbed-tls.readthedocs.io/en/latest/security-advisories/
|
|
|
|
# secfixes:
|
|
# 3.6.3-r0:
|
|
# - CVE-2025-27809
|
|
# - CVE-2025-27810
|
|
# 3.6.2-r0:
|
|
# - CVE-2024-49195
|
|
# 3.6.1-r0:
|
|
# - CVE-2024-45157
|
|
# - CVE-2024-45158
|
|
# - CVE-2024-45159
|
|
# 2.28.8-r0:
|
|
# - CVE-2024-28960
|
|
# 2.28.7-r0:
|
|
# - CVE-2024-23170
|
|
# - CVE-2024-23775
|
|
# 2.28.5-r0:
|
|
# - CVE-2023-43615
|
|
# 2.28.1-r0:
|
|
# - CVE-2022-35409
|
|
# 2.16.12-r0:
|
|
# - CVE-2021-44732
|
|
# 2.16.8-r0:
|
|
# - CVE-2020-16150
|
|
# 2.16.6-r0:
|
|
# - CVE-2020-10932
|
|
# 2.16.4-r0:
|
|
# - CVE-2019-18222
|
|
# 2.16.3-r0:
|
|
# - CVE-2019-16910
|
|
# 2.14.1-r0:
|
|
# - CVE-2018-19608
|
|
# 2.12.0-r0:
|
|
# - CVE-2018-0498
|
|
# - CVE-2018-0497
|
|
# 2.7.0-r0:
|
|
# - CVE-2018-0488
|
|
# - CVE-2018-0487
|
|
# - CVE-2017-18187
|
|
# 2.6.0-r0:
|
|
# - CVE-2017-14032
|
|
# 2.4.2-r0:
|
|
# - CVE-2017-2784
|
|
|
|
prepare() {
|
|
default_prepare
|
|
|
|
# Enable flags for non-embedded systems.
|
|
python3 scripts/config.py set MBEDTLS_THREADING_C
|
|
python3 scripts/config.py set MBEDTLS_THREADING_PTHREAD
|
|
}
|
|
|
|
build() {
|
|
cmake -B build -G Ninja \
|
|
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
|
-DCMAKE_INSTALL_PREFIX=/usr \
|
|
-DCMAKE_INSTALL_LIBDIR=lib \
|
|
-DUSE_SHARED_MBEDTLS_LIBRARY=ON \
|
|
-DENABLE_TESTING="$(want_check && echo ON || echo OFF)"
|
|
cmake --build build
|
|
}
|
|
|
|
check() {
|
|
cd build
|
|
# tests break in parallel
|
|
ctest -j1
|
|
}
|
|
|
|
package() {
|
|
DESTDIR="$pkgdir" cmake --install build
|
|
}
|
|
|
|
utils() {
|
|
pkgdesc="Utilities for mbedtls (including gen_key / cert_write)"
|
|
|
|
mkdir -p "$subpkgdir"/usr
|
|
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
|
|
}
|
|
|
|
static() {
|
|
pkgdesc="Static files for mbedtls"
|
|
|
|
mkdir -p "$subpkgdir"/usr/lib
|
|
mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/
|
|
chmod -x "$subpkgdir"/usr/lib/*.a
|
|
}
|
|
|
|
sha512sums="
|
|
f31fd90d78634af8c17910f1a356010c94c13605b7f9a99ae74c37764f7dec7d29a5a7a8c1355b31e3ed32c68a6ed23cbe8e53c2a249f4d457906a86d35c55d4 mbedtls-3.6.3.tar.gz
|
|
3c07e8f773295a08b1f215b64f1f62e194ec4fa54b6485107a3db0d731e12df1a88321852dd5caeb5f1f4931695168c9618f316cfecfd92c42c88f610285cef6 gcc14.patch
|
|
"
|