From 92f07864c1f29b39df73b0f3858c500a8d8fa931 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sun, 26 Oct 2025 00:18:44 +0200
Subject: [PATCH] wolfssl: Update to version 5.8.2

This version fixes multiple security problems:
CVE-2025-7395: Problem in certificate verification on Apple devices
CVE-2025-7394: Predictable results from RAND_bytes() after fork call in OpenSSL compatibility layer
CVE-2025-7396: Activate Curve25519 blinding support

See Release notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.8.0-stable
https://github.com/wolfSSL/wolfssl/releases/tag/v5.8.2-stable

wolfSSL is now GPLv3 instead of GPLv2, see:
https://github.com/wolfSSL/wolfssl/commit/629c5b4cf61ac717d40678b5cd65974b42077af6

The file size increased a bit:
```
546060 bin/packages/mipsel_24kc/base/libwolfssl5.7.6.e624513f-5.7.6-r1.apk
560684 bin/packages/mipsel_24kc/base/libwolfssl5.8.2.e624513f-5.8.2-r1.apk
```

Link: https://github.com/openwrt/openwrt/pull/20547
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
 package/libs/wolfssl/Makefile                               | 6 +++---
 .../libs/wolfssl/patches/100-disable-hardening-check.patch  | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index ee6baefddc..3a57123969 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=5.7.6
+PKG_VERSION:=5.8.2
 PKG_REAL_VERSION:=$(PKG_VERSION)-stable
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_REAL_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_REAL_VERSION)
-PKG_HASH:=52b1e439e30d1ed8162a16308a8525a862183b67aa30373b11166ecbab000d63
+PKG_HASH:=3ef126e3466e2f8f6ebb62b916a7f8fb26c6709dbdf2b63a167759f2fdb53068
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_REAL_VERSION)
 
@@ -22,7 +22,7 @@ PKG_FIXUP:=libtool libtool-abiver
 PKG_INSTALL:=1
 PKG_BUILD_FLAGS:=no-mips16 lto
 PKG_BUILD_PARALLEL:=1
-PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE:=GPL-3.0-or-later
 PKG_LICENSE_FILES:=LICENSING COPYING
 PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
 PKG_CPE_ID:=cpe:/a:wolfssl:wolfssl
diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
index ab695d391d..ced7645164 100644
--- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch
+++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
@@ -1,6 +1,6 @@
 --- a/wolfssl/wolfcrypt/settings.h
 +++ b/wolfssl/wolfcrypt/settings.h
-@@ -3722,7 +3722,7 @@ extern void uITRON4_free(void *p) ;
+@@ -3842,7 +3842,7 @@ extern void uITRON4_free(void *p) ;
  
  /* warning for not using harden build options (default with ./configure) */
  /* do not warn if big integer support is disabled */
-- 
2.30.2