a513846df7
- Use official tarball and so drop autoreconf - Update hash of LICENSE file, verbatim copy of the current MPL 2.0 withebebb5027f- Fix CVE-2024-25189: libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel. https://github.com/benmcollins/libjwt/compare/v1.15.3...v1.17.0 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commitc65639ebd5) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
27 lines
784 B
Makefile
27 lines
784 B
Makefile
################################################################################
|
|
#
|
|
# libjwt
|
|
#
|
|
################################################################################
|
|
|
|
LIBJWT_VERSION = 1.17.0
|
|
LIBJWT_SITE = https://github.com/benmcollins/libjwt/releases/download/v$(LIBJWT_VERSION)
|
|
LIBJWT_SOURCE = libjwt-$(LIBJWT_VERSION).tar.bz2
|
|
LIBJWT_DEPENDENCIES = host-pkgconf jansson
|
|
LIBJWT_INSTALL_STAGING = YES
|
|
LIBJWT_LICENSE = MPL-2.0
|
|
LIBJWT_LICENSE_FILES = LICENSE
|
|
LIBJWT_CPE_ID_VENDOR = bencollins
|
|
LIBJWT_CPE_ID_PRODUCT = jwt_c_library
|
|
LIBJWT_CONF_OPTS = --without-examples
|
|
|
|
ifeq ($(BR2_PACKAGE_OPENSSL),y)
|
|
LIBJWT_CONF_OPTS += --with-openssl
|
|
LIBJWT_DEPENDENCIES += openssl
|
|
else
|
|
LIBJWT_CONF_OPTS += --without-openssl
|
|
LIBJWT_DEPENDENCIES += gnutls
|
|
endif
|
|
|
|
$(eval $(autotools-package))
|