# Contributor: Leo # Contributor: Ɓukasz Jendrysik # Maintainer: Natanael Copa pkgname=mbedtls pkgver=2.28.4 # long-time support branch pkgrel=0 pkgdesc="Light-weight cryptographic and SSL/TLS library" url="https://www.trustedfirmware.org/projects/mbed-tls/" arch="all" license="Apache-2.0" makedepends="cmake perl python3 samurai" subpackages="$pkgname-static $pkgname-dev $pkgname-utils" source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pkgver.tar.gz" # Track security issues # https://tls.mbed.org/security # secfixes: # 2.28.1-r0: # - CVE-2022-35409 # 2.16.12-r0: # - CVE-2021-44732 # 2.16.8-r0: # - CVE-2020-16150 # 2.16.6-r0: # - CVE-2020-10932 # 2.16.4-r0: # - CVE-2019-18222 # 2.16.3-r0: # - CVE-2019-16910 # 2.14.1-r0: # - CVE-2018-19608 # 2.12.0-r0: # - CVE-2018-0498 # - CVE-2018-0497 # 2.7.0-r0: # - CVE-2018-0488 # - CVE-2018-0487 # - CVE-2017-18187 # 2.6.0-r0: # - CVE-2017-14032 # 2.4.2-r0: # - CVE-2017-2784 prepare() { default_prepare # Enable flags for non-embedded systems. python3 scripts/config.py set MBEDTLS_THREADING_C python3 scripts/config.py set MBEDTLS_THREADING_PTHREAD } build() { cmake -B build -G Ninja \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ -DUSE_SHARED_MBEDTLS_LIBRARY=ON cmake --build build } check() { cd build # tests break in parallel CTEST_OUTPUT_ON_FAILURE=TRUE ctest -j1 } package() { DESTDIR="$pkgdir" cmake --install build } utils() { pkgdesc="Utilities for mbedtls (including gen_key / cert_write)" mkdir -p "$subpkgdir"/usr mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } static() { pkgdesc="Static files for mbedtls" mkdir -p "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/ chmod -x "$subpkgdir"/usr/lib/*.a } sha512sums=" 15eaf58199af10c7ece0a6073bb01a086704e0651551a6106714a0b7e59dc60d5a9e2416fb00d12b8bca7a0c14ad28fc05148eaefd73c4d6c2a0f871c0637405 mbedtls-2.28.4.tar.gz "