iperf3: Upgrade 3.18 -> 3.20

Change summary from: https://software.es.net/iperf/news.html#iperf-3-19-released and RELNOTES links: iperf-3.20 fixes a number of bugs and also adds some minor enhancements. https://github.com/esnet/iperf/blob/master/RELNOTES.md#iperf-320-2025-11-14 iperf-3.19.1 is a security fix release to address three issues reported by Han Lee of Apple Information Security. https://github.com/esnet/iperf/blob/master/RELNOTES.md#iperf-3191-2025-07-25 iperf-3.19 includes support for MP-TCPv1 under Linux, keepalives on the control connection, support for the MSG_TRUNC receive option, and a number of minor bug fixes. https://github.com/esnet/iperf/blob/master/RELNOTES.md#iperf-319-2025-05-16 Drop 2 CVE patches that were backports. Drop 0001-configure.ac-check-for-CPP-prog.patch which is merged in: https://github.com/esnet/iperf/commit/beadb59b90e8 License-Update: The only changes were: ❯ git log --oneline 3.18..3.20 LICENSE 9f6dc21 Copyright updates for 2025. edf5c75 Fix typo in LICENSE Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2025-12-13 22:05:27 +01:00 · 2025-11-17 16:46:23 -05:00 · 2025-11-17 16:46:23 -05:00 · 736e14743c
commit 736e14743c
parent b88a959117
4 changed files with 2 additions and 175 deletions
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch
+++ b/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch
@ -1,66 +0,0 @@
-From a46630d4e373e9a3ef974c1b67767f6816c66572 Mon Sep 17 00:00:00 2001
-From: Rudi Heitbaum <rudi@heitbaum.com>
-Date: Mon, 9 Dec 2024 10:13:02 +0000
-Subject: [PATCH] fix build with gcc-15
-
-Upstream-Status: Submitted [https://github.com/esnet/iperf/pull/1805]
-
-Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
---
- src/iperf_api.c | 8 ++++----
- src/iperf_api.h | 8 ++++----
- 2 files changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/src/iperf_api.c b/src/iperf_api.c
-index 7fb741e..4bb5b2f 100644
--- a/src/iperf_api.c
-+++ b/src/iperf_api.c
-@@ -599,25 +599,25 @@ iperf_set_mapped_v4(struct iperf_test *ipt, const int val)
- }
- 
- void 
-iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)(struct iperf_stream *))
- {
-         ipt->on_new_stream = callback;
- }
- 
- void 
-iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *))
- {
-         ipt->on_test_start = callback;
- }
- 
- void 
-iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *))
- {
-         ipt->on_connect = callback;
- }
- 
- void 
-iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *))
- {
-         ipt->on_test_finish = callback;
- }
-diff --git a/src/iperf_api.h b/src/iperf_api.h
-index 1313142..df10c38 100644
--- a/src/iperf_api.h
-+++ b/src/iperf_api.h
-@@ -213,10 +213,10 @@ void    iperf_set_dont_fragment( struct iperf_test* ipt, int dont_fragment );
- void    iperf_set_test_congestion_control(struct iperf_test* ipt, char* cc);
- void    iperf_set_test_mss(struct iperf_test* ipt, int mss);
- void    iperf_set_mapped_v4(struct iperf_test* ipt, const int val);
-void    iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)());
-void    iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)());
-void    iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)());
-void    iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)());
-+void    iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)(struct iperf_stream *));
-+void    iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *));
-+void    iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *));
-+void    iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *));
- 
- #if defined(HAVE_SSL)
- void    iperf_set_test_client_username(struct iperf_test *ipt, const char *client_username);
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch
+++ b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch
@ -1,80 +0,0 @@
-Subject: [PATCH] iperf3: Fix CVE-2025-54349
-CVE: CVE-2025-54349
-Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4e5313bab0b9b3fe03513ab54f722c8a3e4b7bdf]
-Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
---
-diff --git a/iperf_auth.c b/iperf_auth.c
-index 72e85fc..91c4133 100644
--- a/src/iperf_auth.c
-+++ b/src/iperf_auth.c
-@@ -288,6 +288,7 @@ int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned ch
- }
- 
- int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext, int use_pkcs1_padding) {
-+    int ret =0;	
- #if OPENSSL_VERSION_MAJOR >= 3
-     EVP_PKEY_CTX *ctx;
- #else
-@@ -310,7 +311,8 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
-     keysize = RSA_size(rsa);
- #endif
-     rsa_buffer  = OPENSSL_malloc(keysize * 2);
-    *plaintext = (unsigned char*)OPENSSL_malloc(keysize);
-+    // Note: +1 for NULL
-+    *plaintext = (unsigned char*)OPENSSL_malloc(keysize + 1);
- 
-     BIO *bioBuff   = BIO_new_mem_buf((void*)encryptedtext, encryptedtext_len);
-     rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2);
-@@ -322,11 +324,12 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
- #if OPENSSL_VERSION_MAJOR >= 3
-     plaintext_len = keysize;
-     EVP_PKEY_decrypt_init(ctx);
-    int ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
-+
-+    ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
-     if (ret < 0){
-         goto errreturn;
-     }
-    EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
-+    ret = EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
-     EVP_PKEY_CTX_free(ctx);
- #else
-     plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, padding);
-@@ -337,7 +340,7 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
-     BIO_free(bioBuff);
- 
-     /* Treat a decryption error as an empty string. */
-    if (plaintext_len < 0) {
-+    if (plaintext_len <= 0) {
-         plaintext_len = 0;
-     }
- 
-@@ -386,7 +389,7 @@ int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *priva
-     int plaintext_len;
-     plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext, use_pkcs1_padding);
-     free(encrypted_b64);
-    if (plaintext_len < 0) {
-+    if (plaintext_len <= 0) {
-         return -1;
-     }
-     plaintext[plaintext_len] = '\0';
-@@ -394,16 +397,19 @@ int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *priva
-     char *s_username, *s_password;
-     s_username = (char *) calloc(plaintext_len, sizeof(char));
-     if (s_username == NULL) {
-+	OPENSSL_free(plaintext);
- 	return -1;
-     }
-     s_password = (char *) calloc(plaintext_len, sizeof(char));
-     if (s_password == NULL) {
-+	OPENSSL_free(plaintext);
- 	free(s_username);
- 	return -1;
-     }
- 
-     int rc = sscanf((char *) plaintext, auth_text_format, s_username, s_password, &utc_seconds);
-     if (rc != 3) {
-+	OPENSSL_free(plaintext);
- 	free(s_password);
- 	free(s_username);
- 	return -1;
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch
+++ b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch
@ -1,24 +0,0 @@
-Subject: [PATCH] iperf3: Fix CVE-2025-54350
-CVE: CVE-2025-54350
-Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a]
-Comment: Patch is refreshed as per codebase of 3.18
-Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
---
--- a/src/iperf_auth.c	2025-09-12 10:21:48.186090000 +0530
-+++ b/src/iperf_auth.c	2025-09-15 11:13:21.123222080 +0530
-@@ -28,7 +28,6 @@
- #include "iperf_config.h"
- 
- #include <string.h>
-#include <assert.h>
- #include <time.h>
- #include <sys/types.h>
- /* FreeBSD needs _WITH_GETLINE to enable the getline() declaration */
-@@ -152,7 +151,6 @@
- 
-     BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer
-     *length = BIO_read(bio, *buffer, strlen(b64message));
-    assert(*length == decodeLen); //length should equal decodeLen, else something went horribly wrong
-     BIO_free_all(bio);
- 
-     return (0); //success
--- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.20.bb
+++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.20.bb
@ -10,17 +10,14 @@ SECTION = "console/network"
 BUGTRACKER = "https://github.com/esnet/iperf/issues"

 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f9873a72f714e240530e759e103ac7b2"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b51332d7f45357a9410daa9a14a3655f"

 SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \
           file://0002-Remove-pg-from-profile_CFLAGS.patch \
           file://0001-configure.ac-check-for-CPP-prog.patch \
-           file://0001-fix-build-with-gcc-15.patch \
-           file://CVE-2025-54349.patch \
-           file://CVE-2025-54350.patch \
          "

-SRCREV = "2a2984488d6de8f7a2d1f5938e03ca7be57e227c"
+SRCREV = "0711330bacfaf1c2a804be66e7ecc26f481ede5d"

 RDEPENDS:${PN} = "libgcc"