about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/wolfssl/default.nix
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2023-11-16 12:53:32 +0100
committerAlyssa Ross <hi@alyssa.is>2023-11-16 12:53:32 +0100
commit67419f0e56f99b0ebbe14574d3492110ac84c8d6 (patch)
tree3abc8e1606a2c80b6f5d14fef175e50800202163 /nixpkgs/pkgs/development/libraries/wolfssl/default.nix
parenta2c1eff83c3118a9aee8076c7f84f58137416b6e (diff)
parent9008bc4eb62c878d0812105ea1b34255d651df88 (diff)
downloadnixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.tar
nixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.tar.gz
nixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.tar.bz2
nixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.tar.lz
nixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.tar.xz
nixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.tar.zst
nixlib-67419f0e56f99b0ebbe14574d3492110ac84c8d6.zip
Merge branch 'nixos-unstable-small' of https://github.com/NixOS/nixpkgs into HEAD
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/wolfssl/default.nix')
-rw-r--r--nixpkgs/pkgs/development/libraries/wolfssl/default.nix17


1 files changed, 14 insertions, 3 deletions
diff --git a/nixpkgs/pkgs/development/libraries/wolfssl/default.nix b/nixpkgs/pkgs/development/libraries/wolfssl/default.nix
index 35280e4b5eb3..d43571247476 100644
--- a/nixpkgs/pkgs/development/libraries/wolfssl/default.nix
+++ b/nixpkgs/pkgs/development/libraries/wolfssl/default.nix
@@ -1,10 +1,12 @@
 { lib
 , stdenv
 , fetchFromGitHub
+, fetchpatch
 , Security
 , autoreconfHook
 , util-linux
 , openssl
+, cacert
 # The primary --enable-XXX variant. 'all' enables most features, but causes build-errors for some software,
 # requiring to build a special variant for that software. Example: 'haproxy'
 , variant ? "all"
@@ -13,15 +15,23 @@
 }:
 stdenv.mkDerivation (finalAttrs: {
   pname = "wolfssl-${variant}";
-  version = "5.6.3";
+  version = "5.6.4";
 
   src = fetchFromGitHub {
     owner = "wolfSSL";
     repo = "wolfssl";
     rev = "refs/tags/v${finalAttrs.version}-stable";
-    hash = "sha256-UN4zs+Rxh/bsLD1BQA+f1YN/UOJ6OB2HduhoetEp10Y=";
+    hash = "sha256-a9a3ca4Zb/XTS5YfPJwnXPYbDjmgD8qylhPQg5pjzJM=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "fix-expected-test-response.patch";
+      url = "https://github.com/wolfSSL/wolfssl/commit/ca694938fd053a8557f9f08b1b4265292d8bef65.patch";
+      hash = "sha256-ETxszjjEMk0WdYgXHWTxTaWZPpyDs9jdko0jtkjzgwI=";
+    })
+  ];
+
   postPatch = ''
     patchShebangs ./scripts
     # ocsp stapling tests require network access, so skip them
@@ -46,7 +56,7 @@ stdenv.mkDerivation (finalAttrs: {
     "--enable-bigcache"
 
     # Use WolfSSL's Single Precision Math with timing-resistant cryptography.
-    "--enable-sp=yes${lib.optionalString (!stdenv.isx86_32) ",asm"}"
+    "--enable-sp=yes${lib.optionalString (stdenv.hostPlatform.isx86_64 || stdenv.hostPlatform.isAarch) ",asm"}"
     "--enable-sp-math-all"
     "--enable-harden"
   ] ++ lib.optionals (stdenv.hostPlatform.isx86_64) [
@@ -83,6 +93,7 @@ stdenv.mkDerivation (finalAttrs: {
 
   nativeCheckInputs = [
     openssl
+    cacert
   ];
 
   postInstall = ''

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-01 03:44:09 +0000