wolfssl: bump to 5.2.0

Fixes two high-severity vulnerabilities:

- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
  can be bypassed.  If a malicious client does not send the
  certificate_verify message a client can connect without presenting a
  certificate even if the server requires one.

- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
  v1.3 server can have its certificate heck bypassed. If the sig_algo in
  the certificate_verify message is different than the certificate
  message checking may be bypassed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [ABI version change]
(cherry picked from commit e89f3e85eb1c1d81294e5d430a91b0ba625e2ec0)
(cherry picked from commit 2393b09b5906014047a14a79c03292429afcf408)

1 files changed, 2 insertions, 4 deletions

diff --git a/package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch b/package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch
index 9651c03af6..d6e7998744 100644
--- a/package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch
+++ b/package/libs/wolfssl/patches/300-fix-SSL_get_verify_result-regression.patch
@@ -1,4 +1,4 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From 87e43dd63ba429297e439f2dfd1ee8b45981e18b Mon Sep 17 00:00:00 2001
 From: Juliusz Sosinowicz <juliusz@wolfssl.com>
 Date: Sat, 12 Feb 2022 00:34:24 +0100
 Subject: [PATCH] Reported in ZD13631
@@ -10,11 +10,9 @@ References: https://github.com/wolfSSL/wolfssl/issues/4879
  src/internal.c | 3 +++
  1 file changed, 3 insertions(+)
 
-diff --git a/src/internal.c b/src/internal.c
-index 0dded42a76c4..f5814d30607c 100644
 --- a/src/internal.c
 +++ b/src/internal.c
-@@ -12372,6 +12372,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+@@ -12342,6 +12342,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte*
                              }
  
                              ret = 0; /* clear errors and continue */