wolfssl: bump to v5.3.0-stable

[openwrt/staging/noltari.git] / package / libs / wolfssl / Makefile

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 1fcca9fc5fd27da7878ec1b0754ded777eea08cf..cfd65b4a69b8c6cea4927661227ed2fd059cd433 100644 (file)
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=4.5.0-stable
-PKG_RELEASE:=1
+PKG_VERSION:=5.3.0-stable
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=7de62300ce14daa0051bfefc7c4d6302f96cabc768b6ae49eda77523b118250c
+PKG_HASH:=1a3bb310dc01d3e73d9ad91b6ea8249d081016f8eef4ae8f21d3421f91ef1de9
 
-PKG_FIXUP:=libtool
+PKG_FIXUP:=libtool libtool-abiver
 PKG_INSTALL:=1
 PKG_USE_MIPS16:=0
 PKG_BUILD_PARALLEL:=1
@@ -31,7 +31,10 @@ PKG_CONFIG_DEPENDS:=\
        CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
        CONFIG_WOLFSSL_HAS_ECC25519 CONFIG_WOLFSSL_HAS_OCSP \
        CONFIG_WOLFSSL_HAS_SESSION_TICKET CONFIG_WOLFSSL_HAS_TLSV10 \
-       CONFIG_WOLFSSL_HAS_TLSV13 CONFIG_WOLFSSL_HAS_WPAS CONFIG_WOLFSSL_HAS_CERTGEN
+       CONFIG_WOLFSSL_HAS_TLSV13 CONFIG_WOLFSSL_HAS_WPAS CONFIG_WOLFSSL_HAS_CERTGEN \
+       CONFIG_WOLFSSL_HAS_OPENVPN CONFIG_WOLFSSL_ALT_NAMES
+
+PKG_ABI_VERSION=$(patsubst %-stable,%,$(PKG_VERSION)).$(call version_abbrev,$(call confvar,$(PKG_CONFIG_DEPENDS)))
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -44,7 +47,7 @@ define Package/libwolfssl
   MENU:=1
   PROVIDES:=libcyassl
   DEPENDS:=+WOLFSSL_HAS_DEVCRYPTO:kmod-cryptodev +WOLFSSL_HAS_AFALG:kmod-crypto-user
-  ABI_VERSION:=24
+  ABI_VERSION:=$(PKG_ABI_VERSION)
 endef
 
 define Package/libwolfssl/description
@@ -56,13 +59,25 @@ define Package/libwolfssl/config
        source "$(SOURCE)/Config.in"
 endef
 
-TARGET_CFLAGS += $(FPIC) -DFP_MAX_BITS=8192 -fomit-frame-pointer
+TARGET_CFLAGS += \
+       $(FPIC) \
+       -fomit-frame-pointer \
+       -flto \
+       -DFP_MAX_BITS=8192 \
+       $(if $(CONFIG_WOLFSSL_ALT_NAMES),-DWOLFSSL_ALT_NAMES)
+
+TARGET_LDFLAGS += -flto
 
 # --enable-stunnel needed for OpenSSL API compatibility bits
 CONFIGURE_ARGS += \
+       --enable-reproducible-build \
+       --enable-lighty \
+       --enable-opensslall \
        --enable-opensslextra \
        --enable-sni \
        --enable-stunnel \
+       --enable-altcertchains \
+       --disable-crypttests \
        --disable-examples \
        --disable-jobserver \
        --$(if $(CONFIG_IPV6),enable,disable)-ipv6 \
@@ -78,6 +93,7 @@ CONFIGURE_ARGS += \
        --$(if $(CONFIG_WOLFSSL_HAS_DTLS),enable,disable)-dtls \
        --$(if $(CONFIG_WOLFSSL_HAS_ECC25519),enable,disable)-curve25519 \
        --$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \
+       --$(if $(CONFIG_WOLFSSL_HAS_OPENVPN),enable,disable)-openvpn \
        --enable-devcrypto=$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC),cbc\
                          ,$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES),aes\
                          ,$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL),yes,no)))
@@ -89,7 +105,7 @@ endif
 
 ifeq ($(CONFIG_WOLFSSL_HAS_WPAS),y)
 CONFIGURE_ARGS += \
-       --enable-wpas --enable-sha512 --enable-fortress --enable-fastmath
+       --enable-wpas --enable-fortress --enable-fastmath
 endif
 
 define Build/InstallDev