Compare commits
123 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
cbe66ee3a7 | ||
|
|
33160d08cb | ||
|
|
98206a06fe | ||
|
|
c5fcada2f3 | ||
|
|
9f95ff6e69 | ||
|
|
3078b09e41 | ||
|
|
7441432f8c | ||
|
|
000d285047 | ||
|
|
92cc61b531 | ||
|
|
330d52f8da | ||
|
|
7be798d940 | ||
|
|
b690a96329 | ||
|
|
e45aaed8ab | ||
|
|
25f7cc5fad | ||
|
|
5bef1c86aa | ||
|
|
c3aaff5c62 | ||
|
|
63494651c6 | ||
|
|
6ea0d5328d | ||
|
|
b5e51ef2d2 | ||
|
|
9c5597be5c | ||
|
|
6c3a0c118e | ||
|
|
e026bdad11 | ||
|
|
c25fdb6fa9 | ||
|
|
8d60243b00 | ||
|
|
abb8fe2e0b | ||
|
|
db84cc7c55 | ||
|
|
a9b00cffcc | ||
|
|
f89c924634 | ||
|
|
760d4e32b2 | ||
|
|
9ca47ed49e | ||
|
|
7d85f31654 | ||
|
|
e9fcd31237 | ||
|
|
39c1bd20e2 | ||
|
|
e8ce92f749 | ||
|
|
37c03f7739 | ||
|
|
b07c9547ba | ||
|
|
ee639ed085 | ||
|
|
7e61bcbcbd | ||
|
|
1dcd42a32e | ||
|
|
e1613e89be | ||
|
|
d44882c396 | ||
|
|
113f492765 | ||
|
|
87c3926250 | ||
|
|
595be10e4d | ||
|
|
bee7049a8a | ||
|
|
42b10964b0 | ||
|
|
ab660a5e4e | ||
|
|
510f2c8050 | ||
|
|
25900e352d | ||
|
|
c5694f3e42 | ||
|
|
da7f0db0fe | ||
|
|
c42ee03de2 | ||
|
|
be817c2d2d |
||
|
|
23ac5676a4 | ||
|
|
7543c5d148 | ||
|
|
5e97cebf83 | ||
|
|
d7d09eb023 | ||
|
|
a4ef955090 | ||
|
|
a0ef9addb1 | ||
|
|
44afab5191 | ||
|
|
e4e388800c | ||
|
|
2f8c73c631 | ||
|
|
6a9f55ef66 | ||
|
|
82e473e933 | ||
|
|
e99bcaff78 | ||
|
|
e361bb292d | ||
|
|
b08c1d3cb5 | ||
|
|
9df43c9df7 | ||
|
|
a9d1c50f1a |
||
|
|
c1f8e66db2 |
||
|
|
d401f95817 | ||
|
|
0596993205 |
||
|
|
5aa020da73 | ||
|
|
ccfb815fcf | ||
|
|
cbaa7ad9b2 | ||
|
|
86c02ce9dc | ||
|
|
9ba1f58c0f | ||
|
|
8f2a1d9b48 | ||
|
|
30a64d9273 | ||
|
|
b9c750507f | ||
|
|
2161d1913b | ||
|
|
2d72c1273b | ||
|
|
9f78d04c90 | ||
|
|
a64b049712 | ||
|
|
9936110449 | ||
|
|
bde9494b1b | ||
|
|
388fbfd381 | ||
|
|
f9ad674ef4 | ||
|
|
eaf4e9d2cd | ||
|
|
4350c1e186 | ||
|
|
f080bc92ec | ||
|
|
960c18ac9e | ||
|
|
b4e5f3f89f | ||
|
|
c8d9176d27 | ||
|
|
51d4b1440b | ||
|
|
4ef1497ac4 | ||
|
|
58cc7dbef0 | ||
|
|
505c517370 | ||
|
|
4b09fb236c | ||
|
|
2244afa0e8 | ||
|
|
beca303c29 | ||
|
|
eaa69df8d9 | ||
|
|
cb40e7efef | ||
|
|
64c7d6867d | ||
|
|
6d9878cbb2 | ||
|
|
0ef0aa89fa | ||
|
|
46d865d845 | ||
|
|
c13cb3cf69 | ||
|
|
39ffb6cb21 | ||
|
|
9bbca443d6 | ||
|
|
8841f0c3cb | ||
|
|
9afae358ed | ||
|
|
7e113a5794 | ||
|
|
25ae742c52 | ||
|
|
07736fd804 | ||
|
|
868ffea2e1 | ||
|
|
2a8763ec3a | ||
|
|
0eb271a9f5 | ||
|
|
6b130b528a | ||
|
|
0e56ef2311 | ||
|
|
655fab0edb | ||
|
|
aa2ff1da12 | ||
|
|
f21c1c5adf |
28 changed files with 11802 additions and 1130 deletions
1
.fmf/version
Normal file
1
.fmf/version
Normal file
|
|
@ -0,0 +1 @@
|
|||
1
|
||||
48
.gitignore
vendored
48
.gitignore
vendored
|
|
@ -126,4 +126,50 @@ gnutls-2.10.1-nosrp.tar.bz2
|
|||
/gnutls-3.6.13.tar.xz
|
||||
/gnutls-3.6.14.tar.xz
|
||||
/gnutls-3.6.14.tar.xz.sig
|
||||
/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||
/gnutls-3.6.15.tar.xz
|
||||
/gnutls-3.6.15.tar.xz.sig
|
||||
/gnutls-3.7.0.tar.xz
|
||||
/gnutls-3.7.0.tar.xz.sig
|
||||
/gnutls-3.7.1.tar.xz
|
||||
/gnutls-3.7.1.tar.xz.sig
|
||||
/gnutls-3.7.2.tar.xz
|
||||
/gnutls-3.7.2.tar.xz.sig
|
||||
/gnutls-3.7.3.tar.xz
|
||||
/gnutls-3.7.3.tar.xz.sig
|
||||
/gnutls-3.7.4.tar.xz
|
||||
/gnutls-3.7.5.tar.xz
|
||||
/gnutls-3.7.6.tar.xz
|
||||
/gnutls-3.7.7.tar.xz
|
||||
/gnutls-3.7.8.tar.xz
|
||||
/gnutls-3.8.0.tar.xz
|
||||
/gnutls-3.8.0.tar.xz.sig
|
||||
/gnutls-release-keyring.gpg
|
||||
/gnutls-3.8.1.tar.xz
|
||||
/gnutls-3.8.1.tar.xz.sig
|
||||
/gnutls-3.8.2.tar.xz
|
||||
/gnutls-3.8.2.tar.xz.sig
|
||||
/gnutls-3.8.3.tar.xz
|
||||
/gnutls-3.8.3.tar.xz.sig
|
||||
/gnutls-3.8.4.tar.xz
|
||||
/gnutls-3.8.4.tar.xz.sig
|
||||
/gnutls-3.8.5.tar.xz
|
||||
/gnutls-3.8.5.tar.xz.sig
|
||||
/gnutls-3.8.6.tar.xz
|
||||
/gnutls-3.8.6.tar.xz.sig
|
||||
/gmp-6.2.1.tar.xz
|
||||
/gnutls-3.8.7.tar.xz
|
||||
/gnutls-3.8.7.tar.xz.sig
|
||||
/gnutls-3.8.7.1.tar.xz
|
||||
/gnutls-3.8.7.1.tar.xz.sig
|
||||
/gnutls-3.8.8.tar.xz
|
||||
/gnutls-3.8.8.tar.xz.sig
|
||||
/gnutls-3.8.9.tar.xz
|
||||
/gnutls-3.8.9.tar.xz.sig
|
||||
/leancrypto-1.2.0.tar.gz
|
||||
/leancrypto-1.3.0.tar.gz
|
||||
/gnutls-3.8.10.tar.xz
|
||||
/gnutls-3.8.10.tar.xz.sig
|
||||
/leancrypto-1.5.0.tar.gz
|
||||
/gnutls-3.8.11.tar.xz
|
||||
/gnutls-3.8.11.tar.xz.sig
|
||||
/leancrypto-1.6.0.tar.gz
|
||||
|
|
|
|||
31
.packit.yaml
Normal file
31
.packit.yaml
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
# See the documentation for more information:
|
||||
# https://packit.dev/docs/configuration/
|
||||
|
||||
specfile_path: gnutls.spec
|
||||
|
||||
files_to_sync:
|
||||
- .packit.yaml
|
||||
- gnutls.spec
|
||||
|
||||
upstream_project_url: https://gitlab.com/gnutls/gnutls
|
||||
upstream_package_name: gnutls
|
||||
downstream_package_name: gnutls
|
||||
|
||||
actions:
|
||||
post-upstream-clone:
|
||||
- "wget https://src.fedoraproject.org/rpms/gnutls/raw/main/f/gnutls.spec"
|
||||
- "wget https://src.fedoraproject.org/rpms/gnutls/raw/main/f/gnutls-3.2.7-rpath.patch"
|
||||
get-current-version:
|
||||
- "git describe --abbrev=0"
|
||||
create-archive:
|
||||
- |
|
||||
bash -c "wget https://www.gnupg.org/ftp/gcrypt/gnutls/v$(expr $PACKIT_PROJECT_VERSION : '^\([0-9]*\.[0-9]*\)')/gnutls-${PACKIT_PROJECT_VERSION}.tar.xz"
|
||||
- |
|
||||
bash -c "wget https://www.gnupg.org/ftp/gcrypt/gnutls/v$(expr $PACKIT_PROJECT_VERSION : '^\([0-9]*\.[0-9]*\)')/gnutls-${PACKIT_PROJECT_VERSION}.tar.xz.sig"
|
||||
- bash -c "echo gnutls-${PACKIT_PROJECT_VERSION}.tar.xz"
|
||||
- bash -c "echo gnutls-${PACKIT_PROJECT_VERSION}.tar.xz.sig"
|
||||
|
||||
jobs:
|
||||
- job: propose_downstream
|
||||
trigger: release
|
||||
dist_git_branches: fedora-all
|
||||
3
README.packit
Normal file
3
README.packit
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
This repository is maintained by packit.
|
||||
https://packit.dev/
|
||||
The file was generated using packit 1.12.0.
|
||||
815
changelog
Normal file
815
changelog
Normal file
|
|
@ -0,0 +1,815 @@
|
|||
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Tue Jan 18 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-1
|
||||
- Update to upstream 3.7.3 release
|
||||
- Remove dependency on autogen
|
||||
- Add build-time conditionals for TPM 1.2 and GOST cryptography
|
||||
|
||||
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.2-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Sat May 29 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-1
|
||||
- Update to upstream 3.7.2 release
|
||||
|
||||
* Sun Mar 28 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-3
|
||||
- Remove %%defattr invocations which are no longer necessary
|
||||
- libpkcs11mock1.* is not installed anymore
|
||||
- hobble-gnutls: Remove SRP removal
|
||||
- Use correct source URL
|
||||
- Switch to using %%gpgverify macro
|
||||
|
||||
* Tue Mar 16 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-2
|
||||
- Restore fipscheck dependency
|
||||
|
||||
* Sat Mar 13 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-1
|
||||
- Update to upstream 3.7.1 release
|
||||
- Remove fipscheck dependency, as it is now calculated with an
|
||||
internal tool
|
||||
|
||||
* Fri Mar 5 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-4
|
||||
- Tolerate duplicate certs in the chain also with PKCS #11 trust store
|
||||
|
||||
* Tue Mar 2 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-3
|
||||
- Reduce BRs for non-bootstrapping build
|
||||
|
||||
* Wed Feb 10 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-2
|
||||
- Tolerate duplicate certs in the chain
|
||||
|
||||
* Mon Feb 8 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-1
|
||||
- Update to upstream 3.7.0 release
|
||||
- Temporarily disable LTO
|
||||
|
||||
* Tue Jan 26 2021 Daiki Ueno <dueno@redhat.com> - 3.6.15-4
|
||||
- Fix broken tests on rawhide (#1908110)
|
||||
- Add BuildRequires: make (by Tom Stellard)
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.15-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Mon Sep 28 2020 Jeff Law <law@redhat.com> - 3.6.15-2
|
||||
- Re-enable LTO now that upstream GCC bugs have been fixed
|
||||
|
||||
* Fri Sep 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.15-1
|
||||
- Update to upstream 3.6.15 release
|
||||
|
||||
* Mon Aug 17 2020 Jeff Law <law@redhat.com> - 3.6.14-7
|
||||
- Disable LTO on ppc64le
|
||||
|
||||
* Tue Aug 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.14-6
|
||||
- Fix underlinking of libpthread
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.14-5
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.14-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Thu Jul 02 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.14-3
|
||||
- Rebuild with autogen built with guile-2.2 (#1852706)
|
||||
|
||||
* Tue Jun 09 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.14-2
|
||||
- Fix memory leak when serializing iovec_t (#1845083)
|
||||
- Fix automatic libraries sonames detection (#1845806)
|
||||
|
||||
* Thu Jun 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.14-1
|
||||
- Update to upstream 3.6.14 release
|
||||
|
||||
* Sun May 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-6
|
||||
- Update gnutls-3.6.13-superseding-chain.patch
|
||||
|
||||
* Sun May 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-5
|
||||
- Fix cert chain validation behavior if the last cert has expired (#1842178)
|
||||
|
||||
* Mon May 25 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-4
|
||||
- Add option to gnutls-cli to wait for resumption under TLS 1.3
|
||||
|
||||
* Tue May 19 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-3
|
||||
- Disable RSA blinding during FIPS self-tests
|
||||
|
||||
* Thu May 14 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-2
|
||||
- Bump linked libraries soname to fix FIPS selftests (#1835265)
|
||||
|
||||
* Tue Mar 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-1
|
||||
- Update to upstream 3.6.13 release
|
||||
|
||||
* Thu Mar 26 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.12-2
|
||||
- Fix FIPS POST (#1813384)
|
||||
- Fix gnutls-serv --echo to not exit when a message is received (#1816583)
|
||||
|
||||
* Sun Feb 02 2020 Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> - 3.6.12-1
|
||||
- Update to upstream 3.6.12 release
|
||||
|
||||
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.11-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Mon Dec 02 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.11-1
|
||||
- Update to upstream 3.6.11 release
|
||||
|
||||
* Sun Sep 29 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.10-1
|
||||
- Update to upstream 3.6.10 release
|
||||
|
||||
* Fri Jul 26 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.9-1
|
||||
- Update to upstream 3.6.9 release
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Mon Jul 15 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.8-2
|
||||
- Rebuilt with guile-2.2
|
||||
|
||||
* Tue May 28 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.8-1
|
||||
- Update to upstream 3.6.8 release
|
||||
|
||||
* Wed Mar 27 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.7-1
|
||||
- Update to upstream 3.6.7 release
|
||||
- Fixed CVE-2019-3836 (#1693214)
|
||||
- Fixed CVE-2019-3829 (#1693210)
|
||||
|
||||
* Fri Feb 1 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.6-1
|
||||
- Update to upstream 3.6.6 release
|
||||
|
||||
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.5-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Fri Jan 11 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.5-2
|
||||
- Added explicit Requires for nettle >= 3.4.1
|
||||
|
||||
* Tue Dec 11 2018 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.5-1
|
||||
- Update to upstream 3.6.5 release
|
||||
|
||||
* Mon Oct 29 2018 James Antill <james.antill@redhat.com> - 3.6.4-5
|
||||
- Remove ldconfig scriptlet, now done via. transfiletrigger in glibc.
|
||||
|
||||
* Wed Oct 17 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-4
|
||||
- Fix issue with rehandshake affecting glib-networking (#1634736)
|
||||
|
||||
* Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.6.4-3
|
||||
- Add missing annobin notes for assembler sources
|
||||
|
||||
* Tue Oct 09 2018 Petr Menšík <pemensik@redhat.com> - 3.6.4-2
|
||||
- Rebuilt for unbound 1.8
|
||||
|
||||
* Tue Sep 25 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-1
|
||||
- Updated to upstream 3.6.4 release
|
||||
- Added support for the latest version of the TLS1.3 protocol
|
||||
- Enabled SHA1 support as SHA1 deprecation is handled via the
|
||||
fedora crypto policies.
|
||||
|
||||
* Thu Aug 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-4
|
||||
- Fixed gnutls-cli input reading
|
||||
- Ensure that we do not cause issues with version rollback detection
|
||||
and TLS1.3.
|
||||
|
||||
* Tue Aug 07 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-3
|
||||
- Fixed ECDSA public key import (#1612803)
|
||||
|
||||
* Thu Jul 26 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-2
|
||||
- Backported regression fixes from 3.6.2
|
||||
|
||||
* Mon Jul 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-1
|
||||
- Update to upstream 3.6.3 release
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.2-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed Jun 13 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-4
|
||||
- Enable FIPS140-2 mode in Fedora
|
||||
|
||||
* Wed Jun 06 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-3
|
||||
- Update to upstream 3.6.2 release
|
||||
|
||||
* Fri May 25 2018 David Abdurachmanov <david.abdurachmanov@gmail.com> - 3.6.2-2
|
||||
- Add missing BuildRequires: gnupg2 for gpgv2 in %%prep
|
||||
|
||||
* Fri Feb 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-1
|
||||
- Update to upstream 3.6.2 release
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Fri Feb 2 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-4
|
||||
- Rebuilt to address incompatibility with new nettle
|
||||
|
||||
* Thu Nov 30 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-3
|
||||
- Corrected regression from 3.6.1-2 which prevented the loading of
|
||||
arbitrary p11-kit modules (#1507402)
|
||||
|
||||
* Mon Nov 6 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-2
|
||||
- Prevent the loading of all PKCS#11 modules on certificate verification
|
||||
but only restrict to p11-kit trust module (#1507402)
|
||||
|
||||
* Sat Oct 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-1
|
||||
- Update to upstream 3.6.1 release
|
||||
|
||||
* Mon Aug 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.0-1
|
||||
- Update to upstream 3.6.0 release
|
||||
|
||||
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Tue Jul 04 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.14-1
|
||||
- Update to upstream 3.5.14 release
|
||||
|
||||
* Wed Jun 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.13-1
|
||||
- Update to upstream 3.5.13 release
|
||||
|
||||
* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-2
|
||||
- Fix issue with p11-kit-trust arch dependency
|
||||
|
||||
* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-1
|
||||
- Update to upstream 3.5.12 release
|
||||
|
||||
* Fri Apr 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.11-1
|
||||
- Update to upstream 3.5.11 release
|
||||
|
||||
* Mon Mar 06 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.10-1
|
||||
- Update to upstream 3.5.10 release
|
||||
|
||||
* Wed Feb 15 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-2
|
||||
- Work around missing pkg-config file (#1422256)
|
||||
|
||||
* Tue Feb 14 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-1
|
||||
- Update to upstream 3.5.9 release
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Sat Feb 4 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-2
|
||||
- Added patch fix initialization issue in gnutls_pkcs11_obj_list_import_url4
|
||||
|
||||
* Mon Jan 9 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-1
|
||||
- New upstream release
|
||||
|
||||
* Tue Dec 13 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-3
|
||||
- Fix PKCS#8 file loading (#1404084)
|
||||
|
||||
* Thu Dec 8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-1
|
||||
- New upstream release
|
||||
|
||||
* Fri Nov 4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.6-1
|
||||
- New upstream release
|
||||
|
||||
* Tue Oct 11 2016 walters@redhat.com - 3.5.5-2
|
||||
- Apply patch to fix compatibility with ostree (#1383708)
|
||||
|
||||
* Mon Oct 10 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.5-1
|
||||
- New upstream release
|
||||
|
||||
* Thu Sep 8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.4-1
|
||||
- New upstream release
|
||||
|
||||
* Mon Aug 29 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-2
|
||||
- Work around #1371082 for x86
|
||||
- Fixed issue with DTLS sliding window implementation (#1370881)
|
||||
|
||||
* Tue Aug 9 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-1
|
||||
- New upstream release
|
||||
|
||||
* Wed Jul 6 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.2-1
|
||||
- New upstream release
|
||||
|
||||
* Wed Jun 15 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.1-1
|
||||
- New upstream release
|
||||
|
||||
* Tue Jun 7 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.13-1
|
||||
- New upstream release (#1343258)
|
||||
- Addresses issue with setuid programs introduced in 3.4.12 (#1343342)
|
||||
|
||||
* Fri May 20 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.12-1
|
||||
- New upstream release
|
||||
|
||||
* Mon Apr 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.11-1
|
||||
- New upstream release
|
||||
|
||||
* Fri Mar 4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.10-1
|
||||
- New upstream release (#1314576)
|
||||
|
||||
* Wed Feb 3 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.9-1
|
||||
- Fix broken key usage flags introduced in 3.4.8 (#1303355)
|
||||
|
||||
* Mon Jan 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.8-1
|
||||
- New upstream release (#1297079)
|
||||
|
||||
* Mon Nov 23 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.7-1
|
||||
- New upstream release (#1284300)
|
||||
- Documentation updates (#1282864)
|
||||
- Adds interface to set unique IDs in certificates (#1281343)
|
||||
- Allow arbitrary key sizes with ARCFOUR (#1284401)
|
||||
|
||||
* Wed Oct 21 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.6-1
|
||||
- New upstream release (#1273672)
|
||||
- Enhances p11tool to write CKA_ISSUER and CKA_SERIAL_NUMBER (#1272178)
|
||||
|
||||
* Tue Oct 20 2015 Adam Williamson <awilliam@redhat.com> - 3.4.5-2
|
||||
- fix interaction with Chrome 45+ (master secret extension) (#1273102)
|
||||
|
||||
* Mon Sep 14 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.5-1
|
||||
- New upstream release (#1252192)
|
||||
- Eliminates hard limits on CRL parsing of certtool.
|
||||
|
||||
* Mon Aug 10 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.4-1
|
||||
- new upstream release
|
||||
- no longer requires trousers patch
|
||||
- fixes issue in gnutls_x509_privkey_import (#1250020)
|
||||
|
||||
* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-2
|
||||
- Don't link against trousers but rather dlopen() it when available.
|
||||
That avoids a dependency on openssl by the main library.
|
||||
|
||||
* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Jul 02 2015 Adam Jackson <ajax@redhat.com> 3.4.2-3
|
||||
- Only disable -z now for the guile modules
|
||||
|
||||
* Thu Jun 18 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-2
|
||||
- rename the symbol version for internal symbols to avoid clashes
|
||||
with 3.3.x.
|
||||
|
||||
* Wed Jun 17 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-1
|
||||
- new upstream release
|
||||
|
||||
* Tue May 5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-2
|
||||
- Provide missing GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA definition
|
||||
|
||||
* Mon May 4 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-1
|
||||
- new upstream release
|
||||
|
||||
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 3.3.14-2
|
||||
- Rebuilt for GCC 5 C++11 ABI change
|
||||
|
||||
* Mon Mar 30 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.14-1
|
||||
- new upstream release
|
||||
- improved BER decoding of PKCS #12 structures (#1131461)
|
||||
|
||||
* Fri Mar 6 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-3
|
||||
- Build with hardened flags
|
||||
- Removed -Wl,--no-add-needed linker flag
|
||||
|
||||
* Fri Feb 27 2015 Till Maas <opensource@till.name> - 3.3.13-2
|
||||
- Do not build with hardened flags
|
||||
|
||||
* Thu Feb 26 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-1
|
||||
- new upstream release
|
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-3
|
||||
- Make build verbose
|
||||
- Use %%license
|
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-2
|
||||
- Rebuilt for Fedora 23 Change
|
||||
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
|
||||
|
||||
* Mon Jan 19 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.12-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Jan 5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-2
|
||||
- enabled guile bindings (#1177847)
|
||||
|
||||
* Thu Dec 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Nov 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.10-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Oct 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-2
|
||||
- applied fix for issue in get-issuer (#1155901)
|
||||
|
||||
* Mon Oct 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-1
|
||||
- new upstream release
|
||||
|
||||
* Fri Sep 19 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-2
|
||||
- strip rpath from library
|
||||
|
||||
* Thu Sep 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Aug 25 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.7-1
|
||||
- new upstream release
|
||||
|
||||
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.6-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Wed Jul 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.6-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Jul 01 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-2
|
||||
- Added work-around for s390 builds with gcc 4.9 (#1102324)
|
||||
|
||||
* Mon Jun 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Jun 17 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-3
|
||||
- explicitly depend on p11-kit-trust
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Mon Jun 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-1
|
||||
- new upstream release
|
||||
|
||||
* Fri May 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.3-1
|
||||
- new upstream release
|
||||
|
||||
* Wed May 21 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-2
|
||||
- Require crypto-policies
|
||||
|
||||
* Fri May 09 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-1
|
||||
- new upstream release
|
||||
|
||||
* Mon May 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-4
|
||||
- Replaced /etc/crypto-profiles/apps with /etc/crypto-policies/back-ends.
|
||||
- Added support for "very weak" profile.
|
||||
|
||||
* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-2
|
||||
- gnutls_global_deinit() will not do anything if the previous
|
||||
initialization has failed (#1091053)
|
||||
|
||||
* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Apr 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.0-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Apr 08 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.13-1
|
||||
- new upstream release
|
||||
|
||||
* Wed Mar 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12.1-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Mar 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-2
|
||||
- use p11-kit trust store for certificate verification
|
||||
|
||||
* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Jan 14 2014 Tomáš Mráz <tmraz@redhat.com> 3.2.8-2
|
||||
- build the crywrap tool
|
||||
|
||||
* Mon Dec 23 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.8-1
|
||||
- new upstream release
|
||||
|
||||
* Wed Dec 4 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-2
|
||||
- Use the correct root key for unbound /var/lib/unbound/root.key (#1012494)
|
||||
- Pull asm fixes from upstream (#973210)
|
||||
|
||||
* Mon Nov 25 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-1
|
||||
- new upstream release
|
||||
- added dependency to autogen-libopts-devel to use the system's
|
||||
libopts library
|
||||
- added dependency to trousers-devel to enable TPM support
|
||||
|
||||
* Mon Nov 4 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.16-1
|
||||
- new upstream release
|
||||
- fixes CVE-2013-4466 off-by-one in dane_query_tlsa()
|
||||
|
||||
* Fri Oct 25 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.15-1
|
||||
- new upstream release
|
||||
- fixes CVE-2013-4466 buffer overflow in handling DANE entries
|
||||
|
||||
* Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-3
|
||||
- enable ECC NIST Suite B curves
|
||||
|
||||
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.13-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Mon Jul 15 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-1
|
||||
- new upstream release
|
||||
|
||||
* Mon May 13 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.11-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Mar 25 2013 Tomas Mraz <tmraz@redhat.com> 3.1.10-1
|
||||
- new upstream release
|
||||
- license of the library is back to LGPLv2.1+
|
||||
|
||||
* Fri Mar 15 2013 Tomas Mraz <tmraz@redhat.com> 3.1.9-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Mar 7 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-3
|
||||
- drop the temporary old library
|
||||
|
||||
* Tue Feb 26 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-2
|
||||
- don't send ECC algos as supported (#913797)
|
||||
|
||||
* Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Feb 6 2013 Tomas Mraz <tmraz@redhat.com> 3.1.7-1
|
||||
- new upstream version, requires rebuild of dependencies
|
||||
- this release temporarily includes old compatibility .so
|
||||
|
||||
* Tue Feb 5 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-2
|
||||
- rebuilt with new libtasn1
|
||||
- make guile bindings optional - breaks i686 build and there is
|
||||
no dependent package
|
||||
|
||||
* Tue Jan 8 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Nov 28 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-2
|
||||
- use RSA bit sizes supported by libgcrypt in FIPS mode for security
|
||||
levels (#879643)
|
||||
|
||||
* Fri Nov 9 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Nov 1 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-4
|
||||
- negotiate only FIPS approved algorithms in the FIPS mode (#871826)
|
||||
|
||||
* Wed Aug 8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-3
|
||||
- fix the gnutls-cli-debug manpage - patch by Peter Schiffer
|
||||
|
||||
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.20-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Mon Jun 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-1
|
||||
- new upstream version
|
||||
|
||||
* Fri May 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.19-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Mar 29 2012 Tomas Mraz <tmraz@redhat.com> 2.12.18-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Mar 8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.17-1
|
||||
- new upstream version
|
||||
- fix leaks in key generation (#796302)
|
||||
|
||||
* Fri Feb 03 2012 Kevin Fenzi <kevin@scrye.com> - 2.12.14-3
|
||||
- Disable largefile on arm arch. (#787287)
|
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.14-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Tue Nov 8 2011 Tomas Mraz <tmraz@redhat.com> 2.12.14-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Oct 24 2011 Tomas Mraz <tmraz@redhat.com> 2.12.12-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Sep 29 2011 Tomas Mraz <tmraz@redhat.com> 2.12.11-1
|
||||
- new upstream version
|
||||
|
||||
* Fri Aug 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.9-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Aug 16 2011 Tomas Mraz <tmraz@redhat.com> 2.12.8-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Jul 25 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-2
|
||||
- fix problem when using new libgcrypt
|
||||
- split libgnutlsxx to a subpackage (#455146)
|
||||
- drop libgnutls-openssl (#460310)
|
||||
|
||||
* Tue Jun 21 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-1
|
||||
- new upstream version
|
||||
|
||||
* Mon May 9 2011 Tomas Mraz <tmraz@redhat.com> 2.12.4-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Apr 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.3-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Apr 18 2011 Tomas Mraz <tmraz@redhat.com> 2.12.2-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Mar 3 2011 Tomas Mraz <tmraz@redhat.com> 2.10.5-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.10.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Wed Dec 8 2010 Tomas Mraz <tmraz@redhat.com> 2.10.4-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Dec 2 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-2
|
||||
- fix buffer overflow in gnutls-serv (#659259)
|
||||
|
||||
* Fri Nov 19 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Sep 30 2010 Tomas Mraz <tmraz@redhat.com> 2.10.2-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Sep 29 2010 jkeating - 2.10.1-4
|
||||
- Rebuilt for gcc bug 634757
|
||||
|
||||
* Thu Sep 23 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-3
|
||||
- more patching for internal errors regression (#629858)
|
||||
patch by Vivek Dasmohapatra
|
||||
|
||||
* Tue Sep 21 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-2
|
||||
- backported patch from upstream git hopefully fixing internal errors
|
||||
(#629858)
|
||||
|
||||
* Wed Aug 4 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Jun 2 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-2
|
||||
- add support for safe renegotiation CVE-2009-3555 (#533125)
|
||||
|
||||
* Wed May 12 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Mon Feb 15 2010 Rex Dieter <rdieter@fedoraproject.org> 2.8.5-4
|
||||
- FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624)
|
||||
|
||||
* Thu Jan 28 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-3
|
||||
- drop superfluous rpath from binaries
|
||||
- do not call autoreconf during build
|
||||
- specify the license on utils subpackage
|
||||
|
||||
* Mon Jan 18 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-2
|
||||
- do not create static libraries (#556052)
|
||||
|
||||
* Mon Nov 2 2009 Tomas Mraz <tmraz@redhat.com> 2.8.5-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Wed Sep 23 2009 Tomas Mraz <tmraz@redhat.com> 2.8.4-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 2.8.3-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.1-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Wed Jun 10 2009 Tomas Mraz <tmraz@redhat.com> 2.8.1-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Wed Jun 3 2009 Tomas Mraz <tmraz@redhat.com> 2.8.0-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Mon May 4 2009 Tomas Mraz <tmraz@redhat.com> 2.6.6-1
|
||||
- upgrade to a new upstream version - security fixes
|
||||
|
||||
* Tue Apr 14 2009 Tomas Mraz <tmraz@redhat.com> 2.6.5-1
|
||||
- upgrade to a new upstream version, minor bugfixes only
|
||||
|
||||
* Fri Mar 6 2009 Tomas Mraz <tmraz@redhat.com> 2.6.4-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Mon Dec 15 2008 Tomas Mraz <tmraz@redhat.com> 2.6.3-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Thu Dec 4 2008 Tomas Mraz <tmraz@redhat.com> 2.6.2-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-3
|
||||
- fix chain verification issue CVE-2008-4989 (#470079)
|
||||
|
||||
* Thu Sep 25 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-2
|
||||
- add guile subpackage (#463735)
|
||||
- force new libtool through autoreconf to drop unnecessary rpaths
|
||||
|
||||
* Tue Sep 23 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Jul 1 2008 Tomas Mraz <tmraz@redhat.com> 2.4.1-1
|
||||
- new upstream version
|
||||
- correct the license tag
|
||||
- explicit --with-included-opencdk not needed
|
||||
- use external lzo library, internal not included anymore
|
||||
|
||||
* Tue Jun 24 2008 Tomas Mraz <tmraz@redhat.com> 2.4.0-1
|
||||
- upgrade to latest upstream
|
||||
|
||||
* Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 2.0.4-3
|
||||
- fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
|
||||
(#447461, #447462, #447463)
|
||||
|
||||
* Mon Feb 4 2008 Joe Orton <jorton@redhat.com> 2.0.4-2
|
||||
- use system libtasn1
|
||||
|
||||
* Tue Dec 4 2007 Tomas Mraz <tmraz@redhat.com> 2.0.4-1
|
||||
- upgrade to latest upstream
|
||||
|
||||
* Tue Aug 21 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-2
|
||||
- license tag fix
|
||||
|
||||
* Wed Jun 6 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-1
|
||||
- upgrade to latest upstream (#232445)
|
||||
|
||||
* Tue Apr 10 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-2
|
||||
- properly require install-info (patch by Ville Skyttä)
|
||||
- standard buildroot and use dist tag
|
||||
- add COPYING and README to doc
|
||||
|
||||
* Wed Feb 7 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-1
|
||||
- new upstream version
|
||||
- drop libtermcap-devel from buildrequires
|
||||
|
||||
* Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2
|
||||
- detect forged signatures - CVE-2006-4790 (#206411), patch
|
||||
from upstream
|
||||
|
||||
* Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1
|
||||
- upgrade to new upstream version, only minor changes
|
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1
|
||||
- rebuild
|
||||
|
||||
* Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1
|
||||
- upgrade to new upstream version (#192070), rebuild
|
||||
of dependent packages required
|
||||
|
||||
* Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2
|
||||
- added missing buildrequires
|
||||
|
||||
* Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1
|
||||
- updated to new version (fixes CVE-2006-0645)
|
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2
|
||||
- bump again for double-long bug on ppc(64)
|
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1
|
||||
- rebuilt for new gcc4.1 snapshot and glibc changes
|
||||
|
||||
* Tue Jan 3 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3
|
||||
- rebuilt
|
||||
|
||||
* Fri Dec 9 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2
|
||||
- replaced *-config scripts with calls to pkg-config to
|
||||
solve multilib conflicts
|
||||
|
||||
* Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1
|
||||
- upgrade to newest upstream
|
||||
- removed .la files (#172635)
|
||||
|
||||
* Sun Aug 7 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1
|
||||
- upgrade to newest upstream (rebuild of dependencies necessary)
|
||||
|
||||
* Mon Jul 4 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2
|
||||
- split the command line tools to utils subpackage
|
||||
|
||||
* Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1
|
||||
- new upstream version fixes potential DOS attack
|
||||
|
||||
* Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2
|
||||
- readd the version script dropped by upstream
|
||||
|
||||
* Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1
|
||||
- update to the latest upstream version on the 1.0 branch
|
||||
|
||||
* Wed Mar 2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6
|
||||
- gcc4 rebuild
|
||||
|
||||
* Tue Jan 4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5
|
||||
- add gnutls Requires zlib-devel (#144069)
|
||||
|
||||
* Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4
|
||||
- Make gnutls-devel Require libgcrypt-devel
|
||||
|
||||
* Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3
|
||||
- rebuild with release++, otherwise unchanged.
|
||||
|
||||
* Tue Sep 7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2
|
||||
- patent tainted SRP code removed.
|
||||
|
||||
* Sun Sep 5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1
|
||||
- update to 1.0.20.
|
||||
- add --with-included-opencdk --with-included-libtasn1
|
||||
- add --with-included-libcfg --with-included-lzo
|
||||
- add --disable-srp-authentication.
|
||||
- do "make check" after build.
|
||||
|
||||
* Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1
|
||||
- upgrade to 0.9.2
|
||||
|
||||
* Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1
|
||||
- update to 0.4.4.
|
||||
|
||||
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
|
||||
- automated rebuild
|
||||
|
||||
* Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1
|
||||
- update to 0.4.3.
|
||||
|
||||
* Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1
|
||||
- update to 0.4.2.
|
||||
- change license to LGPL.
|
||||
- include splint annotations patch.
|
||||
|
||||
* Tue Apr 2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1
|
||||
- update to 0.4.0
|
||||
|
||||
* Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1
|
||||
- update to 0.3.2
|
||||
|
||||
* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1
|
||||
- add a URL
|
||||
|
||||
* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- initial package
|
||||
1
ci.fmf
Normal file
1
ci.fmf
Normal file
|
|
@ -0,0 +1 @@
|
|||
resultsdb-testcase: separate
|
||||
14
gating.yml
Normal file
14
gating.yml
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_testing
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_stable
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
13
gmp-6.2.1-c23.patch
Normal file
13
gmp-6.2.1-c23.patch
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
diff --git a/acinclude.m4 b/acinclude.m4
|
||||
index 906071c..a466b7c 100644
|
||||
--- a/acinclude.m4
|
||||
+++ b/acinclude.m4
|
||||
@@ -609,7 +609,7 @@ GMP_PROG_CC_WORKS_PART([$1], [long long reliability test 1],
|
||||
|
||||
#if defined (__GNUC__) && ! defined (__cplusplus)
|
||||
typedef unsigned long long t1;typedef t1*t2;
|
||||
-void g(){}
|
||||
+void g(int, t2, t1, t2, t2, int){}
|
||||
void h(){}
|
||||
static __inline__ t1 e(t2 rp,t2 up,int n,t1 v0)
|
||||
{t1 c,x,r;int i;if(v0){c=1;for(i=1;i<n;i++){x=up[i];r=x+1;rp[i]=r;}}return c;}
|
||||
3515
gmp-6.2.1-intel-cet.patch
Normal file
3515
gmp-6.2.1-intel-cet.patch
Normal file
File diff suppressed because it is too large
Load diff
|
|
@ -1,60 +0,0 @@
|
|||
From b57b820a3f0464e3151dd675af4f28ad109d683c Mon Sep 17 00:00:00 2001
|
||||
From: Vitezslav Cizek <vcizek@suse.com>
|
||||
Date: Tue, 9 Jun 2020 13:54:04 +0200
|
||||
Subject: [PATCH] configure: improve nettle, gmp, and hogweed soname detection
|
||||
|
||||
Some linkers might optimize away the libraries passed on the
|
||||
command line if they aren't actually needed, such as gnu ld with
|
||||
--as-needed.
|
||||
The ldd output then won't list the shared libraries and the
|
||||
detection will fail.
|
||||
Make sure nettle and others are really used.
|
||||
|
||||
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
|
||||
---
|
||||
configure.ac | 15 ++++++++++++---
|
||||
1 file changed, 12 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index e4ca66aec..ccbe4e563 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -741,7 +741,10 @@ LIBS=$save_LIBS
|
||||
save_LIBS=$LIBS
|
||||
LIBS="$LIBS $GMP_LIBS"
|
||||
AC_MSG_CHECKING([gmp soname])
|
||||
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
|
||||
+AC_LINK_IFELSE([AC_LANG_PROGRAM([
|
||||
+ #include <gmp.h>],[
|
||||
+ mpz_t n;
|
||||
+ mpz_init(n);])],
|
||||
[gmp_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libgmp\.so'`],
|
||||
[gmp_so=none])
|
||||
if test -z "$gmp_so"; then
|
||||
@@ -754,7 +757,10 @@ LIBS=$save_LIBS
|
||||
save_LIBS=$LIBS
|
||||
LIBS="$LIBS $NETTLE_LIBS"
|
||||
AC_MSG_CHECKING([nettle soname])
|
||||
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
|
||||
+AC_LINK_IFELSE([AC_LANG_PROGRAM([
|
||||
+ #include <nettle/sha2.h>],[
|
||||
+ struct sha256_ctx ctx;
|
||||
+ sha256_init(&ctx);])],
|
||||
[nettle_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libnettle\.so'`],
|
||||
[nettle_so=none])
|
||||
if test -z "$nettle_so"; then
|
||||
@@ -767,7 +773,10 @@ LIBS=$save_LIBS
|
||||
save_LIBS=$LIBS
|
||||
LIBS="$LIBS $HOGWEED_LIBS"
|
||||
AC_MSG_CHECKING([hogweed soname])
|
||||
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
|
||||
+AC_LINK_IFELSE([AC_LANG_PROGRAM([
|
||||
+ #include <nettle/rsa.h>],[
|
||||
+ struct rsa_private_key priv;
|
||||
+ nettle_rsa_private_key_init(&priv);])],
|
||||
[hogweed_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libhogweed\.so'`],
|
||||
[hogweed_so=none])
|
||||
if test -z "$hogweed_so"; then
|
||||
--
|
||||
2.25.4
|
||||
|
||||
|
|
@ -1,152 +0,0 @@
|
|||
From 6fbff7fc8aabeee2254405f254220bbe8c05c67d Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Fri, 5 Jun 2020 16:26:33 +0200
|
||||
Subject: [PATCH] crypto-api: always allocate memory when serializing iovec_t
|
||||
|
||||
The AEAD iov interface falls back to serializing the input buffers if
|
||||
the low-level cipher doesn't support scatter/gather encryption.
|
||||
However, there was a bug in the functions used for the serialization,
|
||||
which causes memory leaks under a certain condition (i.e. the number
|
||||
of input buffers is 1).
|
||||
|
||||
This patch makes the logic of the functions simpler, by removing a
|
||||
micro-optimization that tries to minimize the number of calls to
|
||||
malloc/free.
|
||||
|
||||
The original problem was reported by Marius Steffen in:
|
||||
https://bugzilla.samba.org/show_bug.cgi?id=14399
|
||||
and the cause was investigated by Alexander Haase in:
|
||||
https://gitlab.com/gnutls/gnutls/-/merge_requests/1277
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
lib/crypto-api.c | 36 +++++++++++-------------------------
|
||||
tests/aead-cipher-vec.c | 33 ++++++++++++++++++---------------
|
||||
2 files changed, 29 insertions(+), 40 deletions(-)
|
||||
|
||||
diff --git a/lib/crypto-api.c b/lib/crypto-api.c
|
||||
index 45be64ed1..8524f5ed4 100644
|
||||
--- a/lib/crypto-api.c
|
||||
+++ b/lib/crypto-api.c
|
||||
@@ -891,32 +891,23 @@ gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
|
||||
struct iov_store_st {
|
||||
void *data;
|
||||
size_t size;
|
||||
- unsigned allocated;
|
||||
};
|
||||
|
||||
static void iov_store_free(struct iov_store_st *s)
|
||||
{
|
||||
- if (s->allocated) {
|
||||
- gnutls_free(s->data);
|
||||
- s->allocated = 0;
|
||||
- }
|
||||
+ gnutls_free(s->data);
|
||||
}
|
||||
|
||||
static int iov_store_grow(struct iov_store_st *s, size_t length)
|
||||
{
|
||||
- if (s->allocated || s->data == NULL) {
|
||||
- s->size += length;
|
||||
- s->data = gnutls_realloc(s->data, s->size);
|
||||
- if (s->data == NULL)
|
||||
- return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
||||
- s->allocated = 1;
|
||||
- } else {
|
||||
- void *data = s->data;
|
||||
- size_t size = s->size + length;
|
||||
- s->data = gnutls_malloc(size);
|
||||
- memcpy(s->data, data, s->size);
|
||||
- s->size += length;
|
||||
- }
|
||||
+ void *data;
|
||||
+
|
||||
+ s->size += length;
|
||||
+ data = gnutls_realloc(s->data, s->size);
|
||||
+ if (data == NULL)
|
||||
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
||||
+
|
||||
+ s->data = data;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -926,11 +917,6 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
|
||||
memset(dst, 0, sizeof(*dst));
|
||||
if (iovcnt == 0) {
|
||||
return 0;
|
||||
- } else if (iovcnt == 1) {
|
||||
- dst->data = iov[0].iov_base;
|
||||
- dst->size = iov[0].iov_len;
|
||||
- /* implies: dst->allocated = 0; */
|
||||
- return 0;
|
||||
} else {
|
||||
int i;
|
||||
uint8_t *p;
|
||||
@@ -944,11 +930,11 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
|
||||
|
||||
p = dst->data;
|
||||
for (i=0;i<iovcnt;i++) {
|
||||
- memcpy(p, iov[i].iov_base, iov[i].iov_len);
|
||||
+ if (iov[i].iov_len > 0)
|
||||
+ memcpy(p, iov[i].iov_base, iov[i].iov_len);
|
||||
p += iov[i].iov_len;
|
||||
}
|
||||
|
||||
- dst->allocated = 1;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
diff --git a/tests/aead-cipher-vec.c b/tests/aead-cipher-vec.c
|
||||
index fba9010d9..6a30a35f7 100644
|
||||
--- a/tests/aead-cipher-vec.c
|
||||
+++ b/tests/aead-cipher-vec.c
|
||||
@@ -49,6 +49,7 @@ static void start(const char *name, int algo)
|
||||
giovec_t auth_iov[2];
|
||||
uint8_t tag[64];
|
||||
size_t tag_size = 0;
|
||||
+ size_t i;
|
||||
|
||||
key.data = key16;
|
||||
key.size = gnutls_cipher_get_key_size(algo);
|
||||
@@ -82,21 +83,23 @@ static void start(const char *name, int algo)
|
||||
if (ret < 0)
|
||||
fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret));
|
||||
|
||||
- ret = gnutls_aead_cipher_encryptv2(ch,
|
||||
- iv.data, iv.size,
|
||||
- auth_iov, 2,
|
||||
- iov, 3,
|
||||
- tag, &tag_size);
|
||||
- if (ret < 0)
|
||||
- fail("could not encrypt data: %s\n", gnutls_strerror(ret));
|
||||
-
|
||||
- ret = gnutls_aead_cipher_decryptv2(ch,
|
||||
- iv.data, iv.size,
|
||||
- auth_iov, 2,
|
||||
- iov, 3,
|
||||
- tag, tag_size);
|
||||
- if (ret < 0)
|
||||
- fail("could not decrypt data: %s\n", gnutls_strerror(ret));
|
||||
+ for (i = 0; i < 2; i++) {
|
||||
+ ret = gnutls_aead_cipher_encryptv2(ch,
|
||||
+ iv.data, iv.size,
|
||||
+ auth_iov, 2,
|
||||
+ iov, i + 1,
|
||||
+ tag, &tag_size);
|
||||
+ if (ret < 0)
|
||||
+ fail("could not encrypt data: %s\n", gnutls_strerror(ret));
|
||||
+
|
||||
+ ret = gnutls_aead_cipher_decryptv2(ch,
|
||||
+ iv.data, iv.size,
|
||||
+ auth_iov, 2,
|
||||
+ iov, i + 1,
|
||||
+ tag, tag_size);
|
||||
+ if (ret < 0)
|
||||
+ fail("could not decrypt data: %s\n", gnutls_strerror(ret));
|
||||
+ }
|
||||
|
||||
gnutls_aead_cipher_deinit(ch);
|
||||
}
|
||||
--
|
||||
2.25.4
|
||||
|
||||
|
|
@ -1,50 +0,0 @@
|
|||
From f15c02b1fb9faf3e06db2c51196a27b0f9d72672 Mon Sep 17 00:00:00 2001
|
||||
From: James Bottomley <James.Bottomley@HansenPartnership.com>
|
||||
Date: Sun, 28 Jun 2020 21:33:09 +0200
|
||||
Subject: [PATCH] build: use $(LIBPTHREAD) rather than non-existent
|
||||
$(LTLIBPTHREAD)
|
||||
|
||||
On a very recent openSUSE build, libgnutls is getting built without
|
||||
libpthread. This caused a thread related error when trying to load a
|
||||
pkcs11 module that uses threading. The reason is rather convoluted:
|
||||
glibc actually controls all the pthread_ function calls, but it
|
||||
returns success without doing anything unless -lpthread is in the link
|
||||
list. What's happening is that gnutls_system_mutex_init() is being
|
||||
called on _gnutls_pkcs11_mutex before library pthreading is
|
||||
initialized, so the pthread_mutex_init ends up being a nop. Then, when
|
||||
the pkcs11 module is loaded, pthreads get initialized and the call to
|
||||
pthread_mutex_lock is real, but errors out on the uninitialized mutex.
|
||||
|
||||
The problem seems to be that nothing in the gnulib macros gnutls
|
||||
relies on for threading support detection actually sets LTLIBPTHREAD,
|
||||
they only set LIBPTHREAD. The fix is to use LIBPTHREAD in
|
||||
lib/Makefile.in
|
||||
|
||||
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
|
||||
---
|
||||
bootstrap.conf | 4 ++--
|
||||
lib/Makefile.am | 8 +++++++-
|
||||
2 files changed, 9 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/lib/Makefile.am b/lib/Makefile.am
|
||||
index fa47ac5e6..02504d8d1 100644
|
||||
--- a/lib/Makefile.am
|
||||
+++ b/lib/Makefile.am
|
||||
@@ -168,7 +168,13 @@ libgnutls_la_LIBADD += accelerated/libaccelerated.la
|
||||
endif
|
||||
|
||||
if !WINDOWS
|
||||
-thirdparty_libadd += $(LTLIBPTHREAD)
|
||||
+# p11-kit does not work without threading support:
|
||||
+# https://github.com/p11-glue/p11-kit/pull/183
|
||||
+if ENABLE_PKCS11
|
||||
+thirdparty_libadd += $(LIBPMULTITHREAD)
|
||||
+else
|
||||
+thirdparty_libadd += $(LIBPTHREAD)
|
||||
+endif
|
||||
endif
|
||||
|
||||
if NEEDS_LIBRT
|
||||
--
|
||||
2.26.2
|
||||
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
--- a/guile/src/Makefile.in 2019-03-27 11:51:55.984398001 +0100
|
||||
+++ b/guile/src/Makefile.in 2019-03-27 11:52:27.259626076 +0100
|
||||
@@ -1472,7 +1472,7 @@
|
||||
# Use '-module' to build a "dlopenable module", in Libtool terms.
|
||||
# Use '-undefined' to placate Libtool on Windows; see
|
||||
# <https://lists.gnutls.org/pipermail/gnutls-devel/2014-December/007294.html>.
|
||||
-guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined
|
||||
+guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined -Wl,-z,lazy
|
||||
|
||||
# Linking against GnuTLS.
|
||||
GNUTLS_CORE_LIBS = $(top_builddir)/lib/libgnutls.la
|
||||
114
gnutls-3.8.10-tests-ktls.patch
Normal file
114
gnutls-3.8.10-tests-ktls.patch
Normal file
|
|
@ -0,0 +1,114 @@
|
|||
From e0eb2bbb212a5c9d72311c59e7235832a0075dcc Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Wed, 9 Jul 2025 18:54:48 +0900
|
||||
Subject: [PATCH] add tests/ktls_utils.h
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
tests/ktls_utils.h | 94 ++++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 94 insertions(+)
|
||||
create mode 100644 tests/ktls_utils.h
|
||||
|
||||
diff --git a/tests/ktls_utils.h b/tests/ktls_utils.h
|
||||
new file mode 100644
|
||||
index 0000000..231618d
|
||||
--- /dev/null
|
||||
+++ b/tests/ktls_utils.h
|
||||
@@ -0,0 +1,94 @@
|
||||
+#ifndef GNUTLS_TESTS_KTLS_UTILS_H
|
||||
+#define GNUTLS_TESTS_KTLS_UTILS_H
|
||||
+
|
||||
+#include <fcntl.h>
|
||||
+#include <signal.h>
|
||||
+
|
||||
+#include <netinet/in.h>
|
||||
+
|
||||
+#include <sys/socket.h>
|
||||
+#include <sys/wait.h>
|
||||
+
|
||||
+/* Sets the NONBLOCK flag on the socket(fd) */
|
||||
+inline static int set_nonblocking(int fd)
|
||||
+{
|
||||
+ int flags = fcntl(fd, F_GETFL, 0);
|
||||
+ if (flags == -1) {
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ if (fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1) {
|
||||
+ return 2;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+/* Creates a pair of TCP connected sockets */
|
||||
+static int create_socket_pair(int *client_fd, int *server_fd)
|
||||
+{
|
||||
+ int ret;
|
||||
+ struct sockaddr_in saddr;
|
||||
+ socklen_t addrlen;
|
||||
+ int listener;
|
||||
+
|
||||
+ listener = socket(AF_INET, SOCK_STREAM, 0);
|
||||
+ if (listener == -1) {
|
||||
+ fail("error in listener(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ int opt = 0;
|
||||
+ setsockopt(listener, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
|
||||
+
|
||||
+ memset(&saddr, 0, sizeof(saddr));
|
||||
+ saddr.sin_family = AF_INET;
|
||||
+ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
|
||||
+ saddr.sin_port = 0;
|
||||
+
|
||||
+ ret = bind(listener, (struct sockaddr *)&saddr, sizeof(saddr));
|
||||
+ if (ret == -1) {
|
||||
+ fail("error in bind(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ addrlen = sizeof(saddr);
|
||||
+ ret = getsockname(listener, (struct sockaddr *)&saddr, &addrlen);
|
||||
+ if (ret == -1) {
|
||||
+ fail("error in getsockname(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ ret = listen(listener, 1);
|
||||
+ if (ret == -1) {
|
||||
+ fail("error in listen(): %s\n", strerror(errno));
|
||||
+ close(listener);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ *client_fd = socket(AF_INET, SOCK_STREAM, 0);
|
||||
+ if (*client_fd < 0) {
|
||||
+ fail("error in socket(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ ret = connect(*client_fd, (struct sockaddr *)&saddr, addrlen);
|
||||
+ if (ret < 0) {
|
||||
+ fail("error in connect(): %s\n", strerror(errno));
|
||||
+ close(listener);
|
||||
+ close(*client_fd);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ *server_fd = accept(listener, NULL, NULL);
|
||||
+ if (*server_fd < 0) {
|
||||
+ fail("error in accept(): %s\n", strerror(errno));
|
||||
+ close(listener);
|
||||
+ close(*client_fd);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+#endif //GNUTLS_TESTS_KTLS_UTILS_H
|
||||
--
|
||||
2.49.0
|
||||
|
||||
58
gnutls-3.8.10-tests-mldsa.patch
Normal file
58
gnutls-3.8.10-tests-mldsa.patch
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
From 15fb5ad536c375a74cc0d87859c9fc919d924c9d Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 10 Jul 2025 05:45:06 +0900
|
||||
Subject: [PATCH] support VPATH build for mldsa tests
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
tests/cert-tests/mldsa.sh | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/tests/cert-tests/mldsa.sh b/tests/cert-tests/mldsa.sh
|
||||
index 7e31e11..55e31ce 100644
|
||||
--- a/tests/cert-tests/mldsa.sh
|
||||
+++ b/tests/cert-tests/mldsa.sh
|
||||
@@ -130,7 +130,7 @@ for variant in 44 65 87; do
|
||||
# Check default
|
||||
TMPKEYDEFAULT=$testdir/key-$algo-$format-default
|
||||
TMPKEY=$testdir/key-$algo-$format
|
||||
- ${VALGRIND} "${CERTTOOL}" -k --no-text --infile "data/key-$algo-$format.pem" >"$TMPKEYDEFAULT"
|
||||
+ ${VALGRIND} "${CERTTOOL}" -k --no-text --infile "$srcdir/data/key-$algo-$format.pem" >"$TMPKEYDEFAULT"
|
||||
if [ $? != 0 ]; then
|
||||
cat "$TMPKEYDEFAULT"
|
||||
exit 1
|
||||
@@ -138,19 +138,19 @@ for variant in 44 65 87; do
|
||||
|
||||
# The "expandedKey" format doesn't have public key part
|
||||
if [ "$format" = seed ] || [ "$format" = both ]; then
|
||||
- if ! "${DIFF}" "$TMPKEYDEFAULT" "data/key-$algo-both.pem"; then
|
||||
+ if ! "${DIFF}" "$TMPKEYDEFAULT" "$srcdir/data/key-$algo-both.pem"; then
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# Check roundtrip with --key-format
|
||||
- ${VALGRIND} "${CERTTOOL}" -k --no-text --key-format "$format" --infile "data/key-$algo-$format.pem" >"$TMPKEY"
|
||||
+ ${VALGRIND} "${CERTTOOL}" -k --no-text --key-format "$format" --infile "$srcdir/data/key-$algo-$format.pem" >"$TMPKEY"
|
||||
if [ $? != 0 ]; then
|
||||
cat "$TMPKEY"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- if ! "${DIFF}" "$TMPKEY" "data/key-$algo-$format.pem"; then
|
||||
+ if ! "${DIFF}" "$TMPKEY" "$srcdir/data/key-$algo-$format.pem"; then
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
@@ -164,7 +164,7 @@ for n in 1; do
|
||||
fi
|
||||
|
||||
echo "Testing inconsistent ML-DSA key ($n)"
|
||||
- if "${CERTTOOL}" -k --infile "data/key-mldsa-inconsistent$n.pem"; then
|
||||
+ if "${CERTTOOL}" -k --infile "$srcdir/data/key-mldsa-inconsistent$n.pem"; then
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
--
|
||||
2.49.0
|
||||
|
||||
2131
gnutls-3.8.6-compression-dlwrap.patch
Normal file
2131
gnutls-3.8.6-compression-dlwrap.patch
Normal file
File diff suppressed because it is too large
Load diff
3246
gnutls-3.8.6-liboqs-x25519-kyber768d00.patch
Normal file
3246
gnutls-3.8.6-liboqs-x25519-kyber768d00.patch
Normal file
File diff suppressed because it is too large
Load diff
27
gnutls-3.8.6-nettle-rsa-oaep.patch
Normal file
27
gnutls-3.8.6-nettle-rsa-oaep.patch
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
From a9800309197fe5aef913944b2fc77164946f0689 Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Tue, 23 Jul 2024 16:04:56 +0900
|
||||
Subject: [PATCH] build: link against libhogweed when checking
|
||||
nettle_rsa_oaep_*
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
configure.ac | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index fb0aefe1f4..8b55808bd7 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -795,7 +795,7 @@ AM_CONDITIONAL([NEED_SIV_GCM], [test "$ac_cv_func_nettle_siv_gcm_encrypt_message
|
||||
|
||||
# Check for RSA-OAEP
|
||||
save_LIBS=$LIBS
|
||||
-LIBS="$LIBS $NETTLE_LIBS"
|
||||
+LIBS="$LIBS $HOGWEED_LIBS $NETTLE_LIBS $GMP_LIBS"
|
||||
AC_CHECK_FUNCS(nettle_rsa_oaep_sha256_encrypt)
|
||||
LIBS=$save_LIBS
|
||||
AM_CONDITIONAL([NEED_RSA_OAEP], [test "$ac_cv_func_nettle_rsa_oaep_sha256_encrypt" != yes])
|
||||
--
|
||||
2.45.2
|
||||
|
||||
29
gnutls-3.8.8-tests-ktls-skip-tls12-chachapoly.patch
Normal file
29
gnutls-3.8.8-tests-ktls-skip-tls12-chachapoly.patch
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
From a36b73a21e4b5b6e051b23192a645dea34c9d6af Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Tue, 5 Nov 2024 14:45:46 +0900
|
||||
Subject: [PATCH] tests: skip CHACHA20-POLY1305 in TLS 1.2 when KTLS is enabled
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
tests/gnutls_ktls.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/tests/gnutls_ktls.c b/tests/gnutls_ktls.c
|
||||
index 90d3e9af91..d5ac4efecc 100644
|
||||
--- a/tests/gnutls_ktls.c
|
||||
+++ b/tests/gnutls_ktls.c
|
||||
@@ -347,9 +347,11 @@ void doit(void)
|
||||
{
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-128-GCM");
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-256-GCM");
|
||||
+#if 0
|
||||
if (!gnutls_fips140_mode_enabled()) {
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305");
|
||||
}
|
||||
+#endif
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM");
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM");
|
||||
if (!gnutls_fips140_mode_enabled()) {
|
||||
--
|
||||
2.47.0
|
||||
|
||||
1310
gnutls-3.8.9-ktls-kernel-check.patch
Normal file
1310
gnutls-3.8.9-ktls-kernel-check.patch
Normal file
File diff suppressed because it is too large
Load diff
1254
gnutls.spec
1254
gnutls.spec
File diff suppressed because it is too large
Load diff
Binary file not shown.
|
|
@ -6,10 +6,3 @@ if [ "$1" = "-e" ] ; then
|
|||
else
|
||||
CMD="rm -f"
|
||||
fi
|
||||
|
||||
# SRP
|
||||
for f in auth/srp_sb64.c auth/srp_passwd.c auth/srp_rsa.c \
|
||||
srp.c auth/srp.c ext/srp.c ; do
|
||||
eval "$CMD lib/$f"
|
||||
done
|
||||
|
||||
|
|
|
|||
4
plans/fips-smoke.fmf
Normal file
4
plans/fips-smoke.fmf
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
summary: Runs FIPS library integrity checks.
|
||||
name: fips-smoke
|
||||
execute:
|
||||
script: if [[ $(GNUTLS_DEBUG_LEVEL=99 GNUTLS_FORCE_FIPS_MODE=1 certtool 2>&1 | grep "Error") ]]; then exit 1; else exit 0; fi;
|
||||
10
plans/nss-2way.fmf
Normal file
10
plans/nss-2way.fmf
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed gnutls-openssl interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-nss-2way
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-gnutls & tag: interop-nss & tag: interop-2way'
|
||||
execute:
|
||||
how: tmt
|
||||
10
plans/openssl-2way.fmf
Normal file
10
plans/openssl-2way.fmf
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed gnutls-openssl interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-openssl-2way
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-gnutls & tag: interop-openssl & tag: interop-2way'
|
||||
execute:
|
||||
how: tmt
|
||||
10
plans/short-interop-tests.fmf
Normal file
10
plans/short-interop-tests.fmf
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed gnutls interop tests - short tests which do not need to run in parallel
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-gnutls-short
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-gnutls & tag: -interop-slow'
|
||||
execute:
|
||||
how: tmt
|
||||
8
sources
8
sources
|
|
@ -1,3 +1,5 @@
|
|||
SHA512 (gnutls-3.6.14.tar.xz) = b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604
|
||||
SHA512 (gnutls-3.6.14.tar.xz.sig) = 88e31d484ab2e2e9a6a080d1bb0e2219aa0ec85af9ea4abe8292bc8ae2d6784273414227142a2ebe0142b907a5ac6aa4d407388357f13d96b96eca8f8c61103a
|
||||
SHA512 (gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg) = a74b92826fd0e5388c9f6d9231959e38b26aeef83138648fab66df951d8e1a4db5302b569d08515d4d6443e5e4f6c466f98319f330c820790260d22a9b9f7173
|
||||
SHA512 (gnutls-3.8.11.tar.xz) = 68f9e5bec3aa6686fd3319cc9c88a5cc44e2a75144049fc9de5fb55fef2241b4e16996af4be5dd48308abbee8cfaed6c862903f6bb89aff5dfa5410075bd7386
|
||||
SHA512 (gnutls-3.8.11.tar.xz.sig) = 90883e5736299b103844ca42b85d371969ef66b50b60cb185e814ad9978598796e9ed07a590245ff28ac6ac084b1dee93fae0845576464583a5941835990957d
|
||||
SHA512 (gnutls-release-keyring.gpg) = 8c2b39239d1d8c5319757fcf669f28a11de7f8ec4a726f9904c57ba8105bea80240083c0de71b747115907bab46569f10cf58004137cc7884ac5c20f8319ae0a
|
||||
SHA512 (gmp-6.2.1.tar.xz) = c99be0950a1d05a0297d65641dd35b75b74466f7bf03c9e8a99895a3b2f9a0856cd17887738fa51cf7499781b65c049769271cbcb77d057d2e9f1ec52e07dd84
|
||||
SHA512 (leancrypto-1.6.0.tar.gz) = cb6ace4a1642208dd7656b62a48e99d6261f471aa7967b738057745a4534abfa11d380dd5de98a737c0c13b1e1cb37ce780e02297eefc1cf839581629d34e100
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue