4 files changed, 2 insertions, 175 deletions
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch
deleted file mode 100644
index d3f3e712c9..0000000000
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From a46630d4e373e9a3ef974c1b67767f6816c66572 Mon Sep 17 00:00:00 2001
-From: Rudi Heitbaum <rudi@heitbaum.com>
-Date: Mon, 9 Dec 2024 10:13:02 +0000
-Subject: [PATCH] fix build with gcc-15
-Upstream-Status: Submitted [https://github.com/esnet/iperf/pull/1805]
-Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
---
- src/iperf_api.c | 8 ++++----
- src/iperf_api.h | 8 ++++----
- 2 files changed, 8 insertions(+), 8 deletions(-)
-diff --git a/src/iperf_api.c b/src/iperf_api.c
-index 7fb741e..4bb5b2f 100644
--- a/src/iperf_api.c
-+++ b/src/iperf_api.c
-@@ -599,25 +599,25 @@ iperf_set_mapped_v4(struct iperf_test *ipt, const int val)
- }
- 
- void 
-iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)(struct iperf_stream *))
- {
-         ipt->on_new_stream = callback;
- }
- 
- void 
-iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *))
- {
-         ipt->on_test_start = callback;
- }
- 
- void 
-iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *))
- {
-         ipt->on_connect = callback;
- }
- 
- void 
-iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)())
-+iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *))
- {
-         ipt->on_test_finish = callback;
- }
-diff --git a/src/iperf_api.h b/src/iperf_api.h
-index 1313142..df10c38 100644
--- a/src/iperf_api.h
-+++ b/src/iperf_api.h
-@@ -213,10 +213,10 @@ void    iperf_set_dont_fragment( struct iperf_test* ipt, int dont_fragment );
- void    iperf_set_test_congestion_control(struct iperf_test* ipt, char* cc);
- void    iperf_set_test_mss(struct iperf_test* ipt, int mss);
- void    iperf_set_mapped_v4(struct iperf_test* ipt, const int val);
-void    iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)());
-void    iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)());
-void    iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)());
-void    iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)());
-+void    iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)(struct iperf_stream *));
-+void    iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *));
-+void    iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *));
-+void    iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)(struct iperf_test *));
- 
- #if defined(HAVE_SSL)
- void    iperf_set_test_client_username(struct iperf_test *ipt, const char *client_username);
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch
deleted file mode 100644
index 61e1888685..0000000000
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-Subject: [PATCH] iperf3: Fix CVE-2025-54349
-CVE: CVE-2025-54349
-Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4e5313bab0b9b3fe03513ab54f722c8a3e4b7bdf]
-Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
---
-diff --git a/iperf_auth.c b/iperf_auth.c
-index 72e85fc..91c4133 100644
--- a/src/iperf_auth.c
-+++ b/src/iperf_auth.c
-@@ -288,6 +288,7 @@ int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned ch
- }
- 
- int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext, int use_pkcs1_padding) {
-+    int ret =0;        
- #if OPENSSL_VERSION_MAJOR >= 3
-     EVP_PKEY_CTX *ctx;
- #else
-@@ -310,7 +311,8 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
-     keysize = RSA_size(rsa);
- #endif
-     rsa_buffer  = OPENSSL_malloc(keysize * 2);
-    *plaintext = (unsigned char*)OPENSSL_malloc(keysize);
-+    // Note: +1 for NULL
-+    *plaintext = (unsigned char*)OPENSSL_malloc(keysize + 1);
- 
-     BIO *bioBuff   = BIO_new_mem_buf((void*)encryptedtext, encryptedtext_len);
-     rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2);
-@@ -322,11 +324,12 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
- #if OPENSSL_VERSION_MAJOR >= 3
-     plaintext_len = keysize;
-     EVP_PKEY_decrypt_init(ctx);
-    int ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
-+
-+    ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
-     if (ret < 0){
-         goto errreturn;
-     }
-    EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
-+    ret = EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
-     EVP_PKEY_CTX_free(ctx);
- #else
-     plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, padding);
-@@ -337,7 +340,7 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
-     BIO_free(bioBuff);
- 
-     /* Treat a decryption error as an empty string. */
-    if (plaintext_len < 0) {
-+    if (plaintext_len <= 0) {
-         plaintext_len = 0;
-     }
- 
-@@ -386,7 +389,7 @@ int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *priva
-     int plaintext_len;
-     plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext, use_pkcs1_padding);
-     free(encrypted_b64);
-    if (plaintext_len < 0) {
-+    if (plaintext_len <= 0) {
-         return -1;
-     }
-     plaintext[plaintext_len] = '\0';
-@@ -394,16 +397,19 @@ int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *priva
-     char *s_username, *s_password;
-     s_username = (char *) calloc(plaintext_len, sizeof(char));
-     if (s_username == NULL) {
-+       OPENSSL_free(plaintext);
-        return -1;
-     }
-     s_password = (char *) calloc(plaintext_len, sizeof(char));
-     if (s_password == NULL) {
-+       OPENSSL_free(plaintext);
-        free(s_username);
-        return -1;
-     }
- 
-     int rc = sscanf((char *) plaintext, auth_text_format, s_username, s_password, &utc_seconds);
-     if (rc != 3) {
-+       OPENSSL_free(plaintext);
-        free(s_password);
-        free(s_username);
-        return -1;
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch
deleted file mode 100644
index 12ca38b830..0000000000
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Subject: [PATCH] iperf3: Fix CVE-2025-54350
-CVE: CVE-2025-54350
-Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a]
-Comment: Patch is refreshed as per codebase of 3.18
-Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
---
--- a/src/iperf_auth.c  2025-09-12 10:21:48.186090000 +0530
-+++ b/src/iperf_auth.c  2025-09-15 11:13:21.123222080 +0530
-@@ -28,7 +28,6 @@
- #include "iperf_config.h"
- 
- #include <string.h>
-#include <assert.h>
- #include <time.h>
- #include <sys/types.h>
- /* FreeBSD needs _WITH_GETLINE to enable the getline() declaration */
-@@ -152,7 +151,6 @@
- 
-     BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer
-     *length = BIO_read(bio, *buffer, strlen(b64message));
-    assert(*length == decodeLen); //length should equal decodeLen, else something went horribly wrong
-     BIO_free_all(bio);
- 
-     return (0); //success
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3_3.18.bb b/meta-oe/recipes-benchmark/iperf3/iperf3_3.20.bb
index a8c74c1b45..7d4d6beeb8 100644
--- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.18.bb
+++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.20.bb
@@ -10,17 +10,14 @@ SECTION = "console/network"
 BUGTRACKER = "https://github.com/esnet/iperf/issues"
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f9873a72f714e240530e759e103ac7b2"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b51332d7f45357a9410daa9a14a3655f"
 SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \
           file://0002-Remove-pg-from-profile_CFLAGS.patch \
           file://0001-configure.ac-check-for-CPP-prog.patch \
-           file://0001-fix-build-with-gcc-15.patch \
-           file://CVE-2025-54349.patch \
-           file://CVE-2025-54350.patch \
          "
-SRCREV = "2a2984488d6de8f7a2d1f5938e03ca7be57e227c"
+SRCREV = "0711330bacfaf1c2a804be66e7ecc26f481ede5d"
 RDEPENDS:${PN} = "libgcc"

diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch deleted file mode 100644 index d3f3e712c9..0000000000 --- a/meta-oe/recipes-benchmark/iperf3/iperf3/0001-fix-build-with-gcc-15.patch +++ /dev/null
@@ -1,66 +0,0 @@
1	From a46630d4e373e9a3ef974c1b67767f6816c66572 Mon Sep 17 00:00:00 2001
2	From: Rudi Heitbaum <rudi@heitbaum.com>
3	Date: Mon, 9 Dec 2024 10:13:02 +0000
4	Subject: [PATCH] fix build with gcc-15
5
6	Upstream-Status: Submitted [https://github.com/esnet/iperf/pull/1805]
7
8	Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
9	---
10	src/iperf_api.c \| 8 ++++----
11	src/iperf_api.h \| 8 ++++----
12	2 files changed, 8 insertions(+), 8 deletions(-)
13
14	diff --git a/src/iperf_api.c b/src/iperf_api.c
15	index 7fb741e..4bb5b2f 100644
16	--- a/src/iperf_api.c
17	+++ b/src/iperf_api.c
18	@@ -599,25 +599,25 @@ iperf_set_mapped_v4(struct iperf_test *ipt, const int val)
19	}
20
21	void
22	-iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)())
23	+iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (callback)(struct iperf_stream ))
24	{
25	ipt->on_new_stream = callback;
26	}
27
28	void
29	-iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)())
30	+iperf_set_on_test_start_callback(struct iperf_test* ipt, void (callback)(struct iperf_test ))
31	{
32	ipt->on_test_start = callback;
33	}
34
35	void
36	-iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)())
37	+iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (callback)(struct iperf_test ))
38	{
39	ipt->on_connect = callback;
40	}
41
42	void
43	-iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)())
44	+iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (callback)(struct iperf_test ))
45	{
46	ipt->on_test_finish = callback;
47	}
48	diff --git a/src/iperf_api.h b/src/iperf_api.h
49	index 1313142..df10c38 100644
50	--- a/src/iperf_api.h
51	+++ b/src/iperf_api.h
52	@@ -213,10 +213,10 @@ void iperf_set_dont_fragment( struct iperf_test* ipt, int dont_fragment );
53	void iperf_set_test_congestion_control(struct iperf_test* ipt, char* cc);
54	void iperf_set_test_mss(struct iperf_test* ipt, int mss);
55	void iperf_set_mapped_v4(struct iperf_test* ipt, const int val);
56	-void iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (*callback)());
57	-void iperf_set_on_test_start_callback(struct iperf_test* ipt, void (*callback)());
58	-void iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (*callback)());
59	-void iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (*callback)());
60	+void iperf_set_on_new_stream_callback(struct iperf_test* ipt, void (callback)(struct iperf_stream ));
61	+void iperf_set_on_test_start_callback(struct iperf_test* ipt, void (callback)(struct iperf_test ));
62	+void iperf_set_on_test_connect_callback(struct iperf_test* ipt, void (callback)(struct iperf_test ));
63	+void iperf_set_on_test_finish_callback(struct iperf_test* ipt, void (callback)(struct iperf_test ));
64
65	#if defined(HAVE_SSL)
66	void iperf_set_test_client_username(struct iperf_test ipt, const char client_username);


diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch deleted file mode 100644 index 61e1888685..0000000000 --- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54349.patch +++ /dev/null
@@ -1,80 +0,0 @@
1	Subject: [PATCH] iperf3: Fix CVE-2025-54349
2	CVE: CVE-2025-54349
3	Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4e5313bab0b9b3fe03513ab54f722c8a3e4b7bdf]
4	Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
5	---
6	diff --git a/iperf_auth.c b/iperf_auth.c
7	index 72e85fc..91c4133 100644
8	--- a/src/iperf_auth.c
9	+++ b/src/iperf_auth.c
10	@@ -288,6 +288,7 @@ int encrypt_rsa_message(const char plaintext, EVP_PKEY public_key, unsigned ch
11	}
12
13	int decrypt_rsa_message(const unsigned char encryptedtext, const int encryptedtext_len, EVP_PKEY private_key, unsigned char **plaintext, int use_pkcs1_padding) {
14	+ int ret =0;
15	#if OPENSSL_VERSION_MAJOR >= 3
16	EVP_PKEY_CTX *ctx;
17	#else
18	@@ -310,7 +311,8 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
19	keysize = RSA_size(rsa);
20	#endif
21	rsa_buffer = OPENSSL_malloc(keysize * 2);
22	- plaintext = (unsigned char)OPENSSL_malloc(keysize);
23	+ // Note: +1 for NULL
24	+ plaintext = (unsigned char)OPENSSL_malloc(keysize + 1);
25
26	BIO bioBuff = BIO_new_mem_buf((void)encryptedtext, encryptedtext_len);
27	rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2);
28	@@ -322,11 +324,12 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
29	#if OPENSSL_VERSION_MAJOR >= 3
30	plaintext_len = keysize;
31	EVP_PKEY_decrypt_init(ctx);
32	- int ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
33	+
34	+ ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
35	if (ret < 0){
36	goto errreturn;
37	}
38	- EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
39	+ ret = EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
40	EVP_PKEY_CTX_free(ctx);
41	#else
42	plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, padding);
43	@@ -337,7 +340,7 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
44	BIO_free(bioBuff);
45
46	/* Treat a decryption error as an empty string. */
47	- if (plaintext_len < 0) {
48	+ if (plaintext_len <= 0) {
49	plaintext_len = 0;
50	}
51
52	@@ -386,7 +389,7 @@ int decode_auth_setting(int enable_debug, const char authtoken, EVP_PKEY priva
53	int plaintext_len;
54	plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext, use_pkcs1_padding);
55	free(encrypted_b64);
56	- if (plaintext_len < 0) {
57	+ if (plaintext_len <= 0) {
58	return -1;
59	}
60	plaintext[plaintext_len] = '\0';
61	@@ -394,16 +397,19 @@ int decode_auth_setting(int enable_debug, const char authtoken, EVP_PKEY priva
62	char s_username, s_password;
63	s_username = (char *) calloc(plaintext_len, sizeof(char));
64	if (s_username == NULL) {
65	+ OPENSSL_free(plaintext);
66	return -1;
67	}
68	s_password = (char *) calloc(plaintext_len, sizeof(char));
69	if (s_password == NULL) {
70	+ OPENSSL_free(plaintext);
71	free(s_username);
72	return -1;
73	}
74
75	int rc = sscanf((char *) plaintext, auth_text_format, s_username, s_password, &utc_seconds);
76	if (rc != 3) {
77	+ OPENSSL_free(plaintext);
78	free(s_password);
79	free(s_username);
80	return -1;


diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch deleted file mode 100644 index 12ca38b830..0000000000 --- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch +++ /dev/null
@@ -1,24 +0,0 @@
1	Subject: [PATCH] iperf3: Fix CVE-2025-54350
2	CVE: CVE-2025-54350
3	Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a]
4	Comment: Patch is refreshed as per codebase of 3.18
5	Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
6	---
7	--- a/src/iperf_auth.c 2025-09-12 10:21:48.186090000 +0530
8	+++ b/src/iperf_auth.c 2025-09-15 11:13:21.123222080 +0530
9	@@ -28,7 +28,6 @@
10	#include "iperf_config.h"
11
12	#include <string.h>
13	-#include <assert.h>
14	#include <time.h>
15	#include <sys/types.h>
16	/* FreeBSD needs _WITH_GETLINE to enable the getline() declaration */
17	@@ -152,7 +151,6 @@
18
19	BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer
20	length = BIO_read(bio, buffer, strlen(b64message));
21	- assert(*length == decodeLen); //length should equal decodeLen, else something went horribly wrong
22	BIO_free_all(bio);
23
24	return (0); //success


diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3_3.18.bb b/meta-oe/recipes-benchmark/iperf3/iperf3_3.20.bb index a8c74c1b45..7d4d6beeb8 100644 --- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.18.bb +++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.20.bb
@@ -10,17 +10,14 @@ SECTION = "console/network"
10	BUGTRACKER = "https://github.com/esnet/iperf/issues"	10	BUGTRACKER = "https://github.com/esnet/iperf/issues"
11		11
12	LICENSE = "BSD-3-Clause"	12	LICENSE = "BSD-3-Clause"
13	LIC_FILES_CHKSUM = "file://LICENSE;md5=f9873a72f714e240530e759e103ac7b2"	13	LIC_FILES_CHKSUM = "file://LICENSE;md5=b51332d7f45357a9410daa9a14a3655f"
14		14
15	SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \	15	SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \
16	file://0002-Remove-pg-from-profile_CFLAGS.patch \	16	file://0002-Remove-pg-from-profile_CFLAGS.patch \
17	file://0001-configure.ac-check-for-CPP-prog.patch \	17	file://0001-configure.ac-check-for-CPP-prog.patch \
18	file://0001-fix-build-with-gcc-15.patch \
19	file://CVE-2025-54349.patch \
20	file://CVE-2025-54350.patch \
21	"	18	"
22		19
23	SRCREV = "2a2984488d6de8f7a2d1f5938e03ca7be57e227c"	20	SRCREV = "0711330bacfaf1c2a804be66e7ecc26f481ede5d"
24		21
25	RDEPENDS:${PN} = "libgcc"	22	RDEPENDS:${PN} = "libgcc"
26		23