wolfssl: 5.7.2 -> 5.7.4

This commit is contained in:
Adrian Pistol 2024-10-26 10:00:20 +02:00
parent dc460ec76c
commit 61fd228ac9

View File

@ -10,23 +10,22 @@
# requiring to build a special variant for that software. Example: 'haproxy'
, variant ? "all"
, extraConfigureFlags ? []
, enableARMCryptoExtensions ? stdenv.hostPlatform.isAarch64 && ((builtins.match "^.*\\+crypto.*$" stdenv.hostPlatform.gcc.arch) != null)
, enableLto ? !(stdenv.hostPlatform.isStatic || stdenv.cc.isClang)
}:
stdenv.mkDerivation (finalAttrs: {
pname = "wolfssl-${variant}";
version = "5.7.2";
version = "5.7.4";
src = fetchFromGitHub {
owner = "wolfSSL";
repo = "wolfssl";
rev = "refs/tags/v${finalAttrs.version}-stable";
hash = "sha256-VTMVgBSDL6pw1eEKnxGzTdyQYWVbMd3mAnOnpAOKVhk=";
hash = "sha256-/dtW1E1wYfQEuotclUEOK5+Vg4S7vt1xWhr1lEtu60w=";
};
postPatch = ''
patchShebangs ./scripts
# ocsp stapling tests require network access, so skip them
sed -i -e'2s/.*/exit 77/' scripts/ocsp-stapling.test
# ensure test detects musl-based systems too
substituteInPlace scripts/ocsp-stapling2.test \
--replace '"linux-gnu"' '"linux-"'
@ -54,10 +53,11 @@ stdenv.mkDerivation (finalAttrs: {
# Enable AVX/AVX2/AES-NI instructions, gated by runtime detection via CPUID.
"--enable-intelasm"
"--enable-aesni"
] ++ lib.optionals (stdenv.hostPlatform.isAarch64 && stdenv.hostPlatform.isDarwin) [
] ++ lib.optionals (stdenv.hostPlatform.isAarch64) [
# No runtime detection under ARM and no platform function checks like for X86.
# However, all ARM macOS systems have the supported extensions autodetected in the configure script.
"--enable-armasm=inline"
(if enableARMCryptoExtensions
then "--enable-armasm=inline"
else "--disable-armasm")
] ++ extraConfigureFlags;
# Breaks tls13 tests on aarch64-darwin.
@ -67,6 +67,9 @@ stdenv.mkDerivation (finalAttrs: {
env.NIX_CFLAGS_COMPILE = lib.optionalString enableLto "-flto";
env.NIX_LDFLAGS_COMPILE = lib.optionalString enableLto "-flto";
# Don't attempt connections to external services in the test suite.
env.WOLFSSL_EXTERNAL_TEST = "0";
outputs = [
"dev"
"doc"