Compare commits
14 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
5aacc8cd4f | ||
|
|
2d25b601bf | ||
|
|
02604373b4 | ||
|
|
cf8e00c764 | ||
|
|
7b240b0959 | ||
|
|
a5bbb28088 | ||
|
|
a68aefef99 | ||
|
|
10f6e99293 | ||
|
|
75c72994c6 | ||
|
|
ee88c45f9f | ||
|
|
bdd006b412 | ||
|
|
262cc0d561 | ||
|
|
36d1e2827b | ||
|
|
341d862ca3 |
27 changed files with 1115 additions and 11802 deletions
|
|
@ -1 +0,0 @@
|
|||
1
|
||||
46
.gitignore
vendored
46
.gitignore
vendored
|
|
@ -126,50 +126,6 @@ gnutls-2.10.1-nosrp.tar.bz2
|
|||
/gnutls-3.6.13.tar.xz
|
||||
/gnutls-3.6.14.tar.xz
|
||||
/gnutls-3.6.14.tar.xz.sig
|
||||
/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||
/gnutls-3.6.15.tar.xz
|
||||
/gnutls-3.6.15.tar.xz.sig
|
||||
/gnutls-3.7.0.tar.xz
|
||||
/gnutls-3.7.0.tar.xz.sig
|
||||
/gnutls-3.7.1.tar.xz
|
||||
/gnutls-3.7.1.tar.xz.sig
|
||||
/gnutls-3.7.2.tar.xz
|
||||
/gnutls-3.7.2.tar.xz.sig
|
||||
/gnutls-3.7.3.tar.xz
|
||||
/gnutls-3.7.3.tar.xz.sig
|
||||
/gnutls-3.7.4.tar.xz
|
||||
/gnutls-3.7.5.tar.xz
|
||||
/gnutls-3.7.6.tar.xz
|
||||
/gnutls-3.7.7.tar.xz
|
||||
/gnutls-3.7.8.tar.xz
|
||||
/gnutls-3.8.0.tar.xz
|
||||
/gnutls-3.8.0.tar.xz.sig
|
||||
/gnutls-release-keyring.gpg
|
||||
/gnutls-3.8.1.tar.xz
|
||||
/gnutls-3.8.1.tar.xz.sig
|
||||
/gnutls-3.8.2.tar.xz
|
||||
/gnutls-3.8.2.tar.xz.sig
|
||||
/gnutls-3.8.3.tar.xz
|
||||
/gnutls-3.8.3.tar.xz.sig
|
||||
/gnutls-3.8.4.tar.xz
|
||||
/gnutls-3.8.4.tar.xz.sig
|
||||
/gnutls-3.8.5.tar.xz
|
||||
/gnutls-3.8.5.tar.xz.sig
|
||||
/gnutls-3.8.6.tar.xz
|
||||
/gnutls-3.8.6.tar.xz.sig
|
||||
/gmp-6.2.1.tar.xz
|
||||
/gnutls-3.8.7.tar.xz
|
||||
/gnutls-3.8.7.tar.xz.sig
|
||||
/gnutls-3.8.7.1.tar.xz
|
||||
/gnutls-3.8.7.1.tar.xz.sig
|
||||
/gnutls-3.8.8.tar.xz
|
||||
/gnutls-3.8.8.tar.xz.sig
|
||||
/gnutls-3.8.9.tar.xz
|
||||
/gnutls-3.8.9.tar.xz.sig
|
||||
/leancrypto-1.2.0.tar.gz
|
||||
/leancrypto-1.3.0.tar.gz
|
||||
/gnutls-3.8.10.tar.xz
|
||||
/gnutls-3.8.10.tar.xz.sig
|
||||
/leancrypto-1.5.0.tar.gz
|
||||
/gnutls-3.8.11.tar.xz
|
||||
/gnutls-3.8.11.tar.xz.sig
|
||||
/leancrypto-1.6.0.tar.gz
|
||||
|
|
|
|||
31
.packit.yaml
31
.packit.yaml
|
|
@ -1,31 +0,0 @@
|
|||
# See the documentation for more information:
|
||||
# https://packit.dev/docs/configuration/
|
||||
|
||||
specfile_path: gnutls.spec
|
||||
|
||||
files_to_sync:
|
||||
- .packit.yaml
|
||||
- gnutls.spec
|
||||
|
||||
upstream_project_url: https://gitlab.com/gnutls/gnutls
|
||||
upstream_package_name: gnutls
|
||||
downstream_package_name: gnutls
|
||||
|
||||
actions:
|
||||
post-upstream-clone:
|
||||
- "wget https://src.fedoraproject.org/rpms/gnutls/raw/main/f/gnutls.spec"
|
||||
- "wget https://src.fedoraproject.org/rpms/gnutls/raw/main/f/gnutls-3.2.7-rpath.patch"
|
||||
get-current-version:
|
||||
- "git describe --abbrev=0"
|
||||
create-archive:
|
||||
- |
|
||||
bash -c "wget https://www.gnupg.org/ftp/gcrypt/gnutls/v$(expr $PACKIT_PROJECT_VERSION : '^\([0-9]*\.[0-9]*\)')/gnutls-${PACKIT_PROJECT_VERSION}.tar.xz"
|
||||
- |
|
||||
bash -c "wget https://www.gnupg.org/ftp/gcrypt/gnutls/v$(expr $PACKIT_PROJECT_VERSION : '^\([0-9]*\.[0-9]*\)')/gnutls-${PACKIT_PROJECT_VERSION}.tar.xz.sig"
|
||||
- bash -c "echo gnutls-${PACKIT_PROJECT_VERSION}.tar.xz"
|
||||
- bash -c "echo gnutls-${PACKIT_PROJECT_VERSION}.tar.xz.sig"
|
||||
|
||||
jobs:
|
||||
- job: propose_downstream
|
||||
trigger: release
|
||||
dist_git_branches: fedora-all
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
This repository is maintained by packit.
|
||||
https://packit.dev/
|
||||
The file was generated using packit 1.12.0.
|
||||
815
changelog
815
changelog
|
|
@ -1,815 +0,0 @@
|
|||
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Tue Jan 18 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-1
|
||||
- Update to upstream 3.7.3 release
|
||||
- Remove dependency on autogen
|
||||
- Add build-time conditionals for TPM 1.2 and GOST cryptography
|
||||
|
||||
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.2-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Sat May 29 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-1
|
||||
- Update to upstream 3.7.2 release
|
||||
|
||||
* Sun Mar 28 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-3
|
||||
- Remove %%defattr invocations which are no longer necessary
|
||||
- libpkcs11mock1.* is not installed anymore
|
||||
- hobble-gnutls: Remove SRP removal
|
||||
- Use correct source URL
|
||||
- Switch to using %%gpgverify macro
|
||||
|
||||
* Tue Mar 16 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-2
|
||||
- Restore fipscheck dependency
|
||||
|
||||
* Sat Mar 13 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-1
|
||||
- Update to upstream 3.7.1 release
|
||||
- Remove fipscheck dependency, as it is now calculated with an
|
||||
internal tool
|
||||
|
||||
* Fri Mar 5 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-4
|
||||
- Tolerate duplicate certs in the chain also with PKCS #11 trust store
|
||||
|
||||
* Tue Mar 2 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-3
|
||||
- Reduce BRs for non-bootstrapping build
|
||||
|
||||
* Wed Feb 10 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-2
|
||||
- Tolerate duplicate certs in the chain
|
||||
|
||||
* Mon Feb 8 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-1
|
||||
- Update to upstream 3.7.0 release
|
||||
- Temporarily disable LTO
|
||||
|
||||
* Tue Jan 26 2021 Daiki Ueno <dueno@redhat.com> - 3.6.15-4
|
||||
- Fix broken tests on rawhide (#1908110)
|
||||
- Add BuildRequires: make (by Tom Stellard)
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.15-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Mon Sep 28 2020 Jeff Law <law@redhat.com> - 3.6.15-2
|
||||
- Re-enable LTO now that upstream GCC bugs have been fixed
|
||||
|
||||
* Fri Sep 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.15-1
|
||||
- Update to upstream 3.6.15 release
|
||||
|
||||
* Mon Aug 17 2020 Jeff Law <law@redhat.com> - 3.6.14-7
|
||||
- Disable LTO on ppc64le
|
||||
|
||||
* Tue Aug 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.14-6
|
||||
- Fix underlinking of libpthread
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.14-5
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.14-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Thu Jul 02 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.14-3
|
||||
- Rebuild with autogen built with guile-2.2 (#1852706)
|
||||
|
||||
* Tue Jun 09 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.14-2
|
||||
- Fix memory leak when serializing iovec_t (#1845083)
|
||||
- Fix automatic libraries sonames detection (#1845806)
|
||||
|
||||
* Thu Jun 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.14-1
|
||||
- Update to upstream 3.6.14 release
|
||||
|
||||
* Sun May 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-6
|
||||
- Update gnutls-3.6.13-superseding-chain.patch
|
||||
|
||||
* Sun May 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-5
|
||||
- Fix cert chain validation behavior if the last cert has expired (#1842178)
|
||||
|
||||
* Mon May 25 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-4
|
||||
- Add option to gnutls-cli to wait for resumption under TLS 1.3
|
||||
|
||||
* Tue May 19 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-3
|
||||
- Disable RSA blinding during FIPS self-tests
|
||||
|
||||
* Thu May 14 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-2
|
||||
- Bump linked libraries soname to fix FIPS selftests (#1835265)
|
||||
|
||||
* Tue Mar 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-1
|
||||
- Update to upstream 3.6.13 release
|
||||
|
||||
* Thu Mar 26 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.12-2
|
||||
- Fix FIPS POST (#1813384)
|
||||
- Fix gnutls-serv --echo to not exit when a message is received (#1816583)
|
||||
|
||||
* Sun Feb 02 2020 Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> - 3.6.12-1
|
||||
- Update to upstream 3.6.12 release
|
||||
|
||||
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.11-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Mon Dec 02 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.11-1
|
||||
- Update to upstream 3.6.11 release
|
||||
|
||||
* Sun Sep 29 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.10-1
|
||||
- Update to upstream 3.6.10 release
|
||||
|
||||
* Fri Jul 26 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.9-1
|
||||
- Update to upstream 3.6.9 release
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Mon Jul 15 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.8-2
|
||||
- Rebuilt with guile-2.2
|
||||
|
||||
* Tue May 28 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.8-1
|
||||
- Update to upstream 3.6.8 release
|
||||
|
||||
* Wed Mar 27 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.7-1
|
||||
- Update to upstream 3.6.7 release
|
||||
- Fixed CVE-2019-3836 (#1693214)
|
||||
- Fixed CVE-2019-3829 (#1693210)
|
||||
|
||||
* Fri Feb 1 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.6-1
|
||||
- Update to upstream 3.6.6 release
|
||||
|
||||
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.5-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Fri Jan 11 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.5-2
|
||||
- Added explicit Requires for nettle >= 3.4.1
|
||||
|
||||
* Tue Dec 11 2018 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.5-1
|
||||
- Update to upstream 3.6.5 release
|
||||
|
||||
* Mon Oct 29 2018 James Antill <james.antill@redhat.com> - 3.6.4-5
|
||||
- Remove ldconfig scriptlet, now done via. transfiletrigger in glibc.
|
||||
|
||||
* Wed Oct 17 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-4
|
||||
- Fix issue with rehandshake affecting glib-networking (#1634736)
|
||||
|
||||
* Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.6.4-3
|
||||
- Add missing annobin notes for assembler sources
|
||||
|
||||
* Tue Oct 09 2018 Petr Menšík <pemensik@redhat.com> - 3.6.4-2
|
||||
- Rebuilt for unbound 1.8
|
||||
|
||||
* Tue Sep 25 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-1
|
||||
- Updated to upstream 3.6.4 release
|
||||
- Added support for the latest version of the TLS1.3 protocol
|
||||
- Enabled SHA1 support as SHA1 deprecation is handled via the
|
||||
fedora crypto policies.
|
||||
|
||||
* Thu Aug 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-4
|
||||
- Fixed gnutls-cli input reading
|
||||
- Ensure that we do not cause issues with version rollback detection
|
||||
and TLS1.3.
|
||||
|
||||
* Tue Aug 07 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-3
|
||||
- Fixed ECDSA public key import (#1612803)
|
||||
|
||||
* Thu Jul 26 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-2
|
||||
- Backported regression fixes from 3.6.2
|
||||
|
||||
* Mon Jul 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-1
|
||||
- Update to upstream 3.6.3 release
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.2-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed Jun 13 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-4
|
||||
- Enable FIPS140-2 mode in Fedora
|
||||
|
||||
* Wed Jun 06 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-3
|
||||
- Update to upstream 3.6.2 release
|
||||
|
||||
* Fri May 25 2018 David Abdurachmanov <david.abdurachmanov@gmail.com> - 3.6.2-2
|
||||
- Add missing BuildRequires: gnupg2 for gpgv2 in %%prep
|
||||
|
||||
* Fri Feb 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-1
|
||||
- Update to upstream 3.6.2 release
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Fri Feb 2 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-4
|
||||
- Rebuilt to address incompatibility with new nettle
|
||||
|
||||
* Thu Nov 30 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-3
|
||||
- Corrected regression from 3.6.1-2 which prevented the loading of
|
||||
arbitrary p11-kit modules (#1507402)
|
||||
|
||||
* Mon Nov 6 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-2
|
||||
- Prevent the loading of all PKCS#11 modules on certificate verification
|
||||
but only restrict to p11-kit trust module (#1507402)
|
||||
|
||||
* Sat Oct 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-1
|
||||
- Update to upstream 3.6.1 release
|
||||
|
||||
* Mon Aug 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.0-1
|
||||
- Update to upstream 3.6.0 release
|
||||
|
||||
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Tue Jul 04 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.14-1
|
||||
- Update to upstream 3.5.14 release
|
||||
|
||||
* Wed Jun 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.13-1
|
||||
- Update to upstream 3.5.13 release
|
||||
|
||||
* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-2
|
||||
- Fix issue with p11-kit-trust arch dependency
|
||||
|
||||
* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-1
|
||||
- Update to upstream 3.5.12 release
|
||||
|
||||
* Fri Apr 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.11-1
|
||||
- Update to upstream 3.5.11 release
|
||||
|
||||
* Mon Mar 06 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.10-1
|
||||
- Update to upstream 3.5.10 release
|
||||
|
||||
* Wed Feb 15 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-2
|
||||
- Work around missing pkg-config file (#1422256)
|
||||
|
||||
* Tue Feb 14 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-1
|
||||
- Update to upstream 3.5.9 release
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Sat Feb 4 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-2
|
||||
- Added patch fix initialization issue in gnutls_pkcs11_obj_list_import_url4
|
||||
|
||||
* Mon Jan 9 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-1
|
||||
- New upstream release
|
||||
|
||||
* Tue Dec 13 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-3
|
||||
- Fix PKCS#8 file loading (#1404084)
|
||||
|
||||
* Thu Dec 8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-1
|
||||
- New upstream release
|
||||
|
||||
* Fri Nov 4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.6-1
|
||||
- New upstream release
|
||||
|
||||
* Tue Oct 11 2016 walters@redhat.com - 3.5.5-2
|
||||
- Apply patch to fix compatibility with ostree (#1383708)
|
||||
|
||||
* Mon Oct 10 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.5-1
|
||||
- New upstream release
|
||||
|
||||
* Thu Sep 8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.4-1
|
||||
- New upstream release
|
||||
|
||||
* Mon Aug 29 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-2
|
||||
- Work around #1371082 for x86
|
||||
- Fixed issue with DTLS sliding window implementation (#1370881)
|
||||
|
||||
* Tue Aug 9 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-1
|
||||
- New upstream release
|
||||
|
||||
* Wed Jul 6 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.2-1
|
||||
- New upstream release
|
||||
|
||||
* Wed Jun 15 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.1-1
|
||||
- New upstream release
|
||||
|
||||
* Tue Jun 7 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.13-1
|
||||
- New upstream release (#1343258)
|
||||
- Addresses issue with setuid programs introduced in 3.4.12 (#1343342)
|
||||
|
||||
* Fri May 20 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.12-1
|
||||
- New upstream release
|
||||
|
||||
* Mon Apr 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.11-1
|
||||
- New upstream release
|
||||
|
||||
* Fri Mar 4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.10-1
|
||||
- New upstream release (#1314576)
|
||||
|
||||
* Wed Feb 3 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.9-1
|
||||
- Fix broken key usage flags introduced in 3.4.8 (#1303355)
|
||||
|
||||
* Mon Jan 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.8-1
|
||||
- New upstream release (#1297079)
|
||||
|
||||
* Mon Nov 23 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.7-1
|
||||
- New upstream release (#1284300)
|
||||
- Documentation updates (#1282864)
|
||||
- Adds interface to set unique IDs in certificates (#1281343)
|
||||
- Allow arbitrary key sizes with ARCFOUR (#1284401)
|
||||
|
||||
* Wed Oct 21 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.6-1
|
||||
- New upstream release (#1273672)
|
||||
- Enhances p11tool to write CKA_ISSUER and CKA_SERIAL_NUMBER (#1272178)
|
||||
|
||||
* Tue Oct 20 2015 Adam Williamson <awilliam@redhat.com> - 3.4.5-2
|
||||
- fix interaction with Chrome 45+ (master secret extension) (#1273102)
|
||||
|
||||
* Mon Sep 14 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.5-1
|
||||
- New upstream release (#1252192)
|
||||
- Eliminates hard limits on CRL parsing of certtool.
|
||||
|
||||
* Mon Aug 10 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.4-1
|
||||
- new upstream release
|
||||
- no longer requires trousers patch
|
||||
- fixes issue in gnutls_x509_privkey_import (#1250020)
|
||||
|
||||
* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-2
|
||||
- Don't link against trousers but rather dlopen() it when available.
|
||||
That avoids a dependency on openssl by the main library.
|
||||
|
||||
* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Jul 02 2015 Adam Jackson <ajax@redhat.com> 3.4.2-3
|
||||
- Only disable -z now for the guile modules
|
||||
|
||||
* Thu Jun 18 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-2
|
||||
- rename the symbol version for internal symbols to avoid clashes
|
||||
with 3.3.x.
|
||||
|
||||
* Wed Jun 17 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-1
|
||||
- new upstream release
|
||||
|
||||
* Tue May 5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-2
|
||||
- Provide missing GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA definition
|
||||
|
||||
* Mon May 4 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-1
|
||||
- new upstream release
|
||||
|
||||
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 3.3.14-2
|
||||
- Rebuilt for GCC 5 C++11 ABI change
|
||||
|
||||
* Mon Mar 30 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.14-1
|
||||
- new upstream release
|
||||
- improved BER decoding of PKCS #12 structures (#1131461)
|
||||
|
||||
* Fri Mar 6 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-3
|
||||
- Build with hardened flags
|
||||
- Removed -Wl,--no-add-needed linker flag
|
||||
|
||||
* Fri Feb 27 2015 Till Maas <opensource@till.name> - 3.3.13-2
|
||||
- Do not build with hardened flags
|
||||
|
||||
* Thu Feb 26 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-1
|
||||
- new upstream release
|
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-3
|
||||
- Make build verbose
|
||||
- Use %%license
|
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-2
|
||||
- Rebuilt for Fedora 23 Change
|
||||
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
|
||||
|
||||
* Mon Jan 19 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.12-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Jan 5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-2
|
||||
- enabled guile bindings (#1177847)
|
||||
|
||||
* Thu Dec 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Nov 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.10-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Oct 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-2
|
||||
- applied fix for issue in get-issuer (#1155901)
|
||||
|
||||
* Mon Oct 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-1
|
||||
- new upstream release
|
||||
|
||||
* Fri Sep 19 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-2
|
||||
- strip rpath from library
|
||||
|
||||
* Thu Sep 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Aug 25 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.7-1
|
||||
- new upstream release
|
||||
|
||||
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.6-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Wed Jul 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.6-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Jul 01 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-2
|
||||
- Added work-around for s390 builds with gcc 4.9 (#1102324)
|
||||
|
||||
* Mon Jun 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Jun 17 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-3
|
||||
- explicitly depend on p11-kit-trust
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Mon Jun 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-1
|
||||
- new upstream release
|
||||
|
||||
* Fri May 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.3-1
|
||||
- new upstream release
|
||||
|
||||
* Wed May 21 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-2
|
||||
- Require crypto-policies
|
||||
|
||||
* Fri May 09 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-1
|
||||
- new upstream release
|
||||
|
||||
* Mon May 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-4
|
||||
- Replaced /etc/crypto-profiles/apps with /etc/crypto-policies/back-ends.
|
||||
- Added support for "very weak" profile.
|
||||
|
||||
* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-2
|
||||
- gnutls_global_deinit() will not do anything if the previous
|
||||
initialization has failed (#1091053)
|
||||
|
||||
* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Apr 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.0-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Apr 08 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.13-1
|
||||
- new upstream release
|
||||
|
||||
* Wed Mar 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12.1-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Mar 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-2
|
||||
- use p11-kit trust store for certificate verification
|
||||
|
||||
* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-1
|
||||
- new upstream release
|
||||
|
||||
* Tue Jan 14 2014 Tomáš Mráz <tmraz@redhat.com> 3.2.8-2
|
||||
- build the crywrap tool
|
||||
|
||||
* Mon Dec 23 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.8-1
|
||||
- new upstream release
|
||||
|
||||
* Wed Dec 4 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-2
|
||||
- Use the correct root key for unbound /var/lib/unbound/root.key (#1012494)
|
||||
- Pull asm fixes from upstream (#973210)
|
||||
|
||||
* Mon Nov 25 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-1
|
||||
- new upstream release
|
||||
- added dependency to autogen-libopts-devel to use the system's
|
||||
libopts library
|
||||
- added dependency to trousers-devel to enable TPM support
|
||||
|
||||
* Mon Nov 4 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.16-1
|
||||
- new upstream release
|
||||
- fixes CVE-2013-4466 off-by-one in dane_query_tlsa()
|
||||
|
||||
* Fri Oct 25 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.15-1
|
||||
- new upstream release
|
||||
- fixes CVE-2013-4466 buffer overflow in handling DANE entries
|
||||
|
||||
* Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-3
|
||||
- enable ECC NIST Suite B curves
|
||||
|
||||
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.13-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Mon Jul 15 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-1
|
||||
- new upstream release
|
||||
|
||||
* Mon May 13 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.11-1
|
||||
- new upstream release
|
||||
|
||||
* Mon Mar 25 2013 Tomas Mraz <tmraz@redhat.com> 3.1.10-1
|
||||
- new upstream release
|
||||
- license of the library is back to LGPLv2.1+
|
||||
|
||||
* Fri Mar 15 2013 Tomas Mraz <tmraz@redhat.com> 3.1.9-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Mar 7 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-3
|
||||
- drop the temporary old library
|
||||
|
||||
* Tue Feb 26 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-2
|
||||
- don't send ECC algos as supported (#913797)
|
||||
|
||||
* Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Feb 6 2013 Tomas Mraz <tmraz@redhat.com> 3.1.7-1
|
||||
- new upstream version, requires rebuild of dependencies
|
||||
- this release temporarily includes old compatibility .so
|
||||
|
||||
* Tue Feb 5 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-2
|
||||
- rebuilt with new libtasn1
|
||||
- make guile bindings optional - breaks i686 build and there is
|
||||
no dependent package
|
||||
|
||||
* Tue Jan 8 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Nov 28 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-2
|
||||
- use RSA bit sizes supported by libgcrypt in FIPS mode for security
|
||||
levels (#879643)
|
||||
|
||||
* Fri Nov 9 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Nov 1 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-4
|
||||
- negotiate only FIPS approved algorithms in the FIPS mode (#871826)
|
||||
|
||||
* Wed Aug 8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-3
|
||||
- fix the gnutls-cli-debug manpage - patch by Peter Schiffer
|
||||
|
||||
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.20-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Mon Jun 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-1
|
||||
- new upstream version
|
||||
|
||||
* Fri May 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.19-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Mar 29 2012 Tomas Mraz <tmraz@redhat.com> 2.12.18-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Mar 8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.17-1
|
||||
- new upstream version
|
||||
- fix leaks in key generation (#796302)
|
||||
|
||||
* Fri Feb 03 2012 Kevin Fenzi <kevin@scrye.com> - 2.12.14-3
|
||||
- Disable largefile on arm arch. (#787287)
|
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.14-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Tue Nov 8 2011 Tomas Mraz <tmraz@redhat.com> 2.12.14-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Oct 24 2011 Tomas Mraz <tmraz@redhat.com> 2.12.12-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Sep 29 2011 Tomas Mraz <tmraz@redhat.com> 2.12.11-1
|
||||
- new upstream version
|
||||
|
||||
* Fri Aug 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.9-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Aug 16 2011 Tomas Mraz <tmraz@redhat.com> 2.12.8-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Jul 25 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-2
|
||||
- fix problem when using new libgcrypt
|
||||
- split libgnutlsxx to a subpackage (#455146)
|
||||
- drop libgnutls-openssl (#460310)
|
||||
|
||||
* Tue Jun 21 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-1
|
||||
- new upstream version
|
||||
|
||||
* Mon May 9 2011 Tomas Mraz <tmraz@redhat.com> 2.12.4-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Apr 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.3-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Apr 18 2011 Tomas Mraz <tmraz@redhat.com> 2.12.2-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Mar 3 2011 Tomas Mraz <tmraz@redhat.com> 2.10.5-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.10.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Wed Dec 8 2010 Tomas Mraz <tmraz@redhat.com> 2.10.4-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Dec 2 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-2
|
||||
- fix buffer overflow in gnutls-serv (#659259)
|
||||
|
||||
* Fri Nov 19 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-1
|
||||
- new upstream version
|
||||
|
||||
* Thu Sep 30 2010 Tomas Mraz <tmraz@redhat.com> 2.10.2-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Sep 29 2010 jkeating - 2.10.1-4
|
||||
- Rebuilt for gcc bug 634757
|
||||
|
||||
* Thu Sep 23 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-3
|
||||
- more patching for internal errors regression (#629858)
|
||||
patch by Vivek Dasmohapatra
|
||||
|
||||
* Tue Sep 21 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-2
|
||||
- backported patch from upstream git hopefully fixing internal errors
|
||||
(#629858)
|
||||
|
||||
* Wed Aug 4 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Jun 2 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-2
|
||||
- add support for safe renegotiation CVE-2009-3555 (#533125)
|
||||
|
||||
* Wed May 12 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Mon Feb 15 2010 Rex Dieter <rdieter@fedoraproject.org> 2.8.5-4
|
||||
- FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624)
|
||||
|
||||
* Thu Jan 28 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-3
|
||||
- drop superfluous rpath from binaries
|
||||
- do not call autoreconf during build
|
||||
- specify the license on utils subpackage
|
||||
|
||||
* Mon Jan 18 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-2
|
||||
- do not create static libraries (#556052)
|
||||
|
||||
* Mon Nov 2 2009 Tomas Mraz <tmraz@redhat.com> 2.8.5-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Wed Sep 23 2009 Tomas Mraz <tmraz@redhat.com> 2.8.4-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 2.8.3-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.1-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Wed Jun 10 2009 Tomas Mraz <tmraz@redhat.com> 2.8.1-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Wed Jun 3 2009 Tomas Mraz <tmraz@redhat.com> 2.8.0-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Mon May 4 2009 Tomas Mraz <tmraz@redhat.com> 2.6.6-1
|
||||
- upgrade to a new upstream version - security fixes
|
||||
|
||||
* Tue Apr 14 2009 Tomas Mraz <tmraz@redhat.com> 2.6.5-1
|
||||
- upgrade to a new upstream version, minor bugfixes only
|
||||
|
||||
* Fri Mar 6 2009 Tomas Mraz <tmraz@redhat.com> 2.6.4-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Mon Dec 15 2008 Tomas Mraz <tmraz@redhat.com> 2.6.3-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Thu Dec 4 2008 Tomas Mraz <tmraz@redhat.com> 2.6.2-1
|
||||
- upgrade to a new upstream version
|
||||
|
||||
* Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-3
|
||||
- fix chain verification issue CVE-2008-4989 (#470079)
|
||||
|
||||
* Thu Sep 25 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-2
|
||||
- add guile subpackage (#463735)
|
||||
- force new libtool through autoreconf to drop unnecessary rpaths
|
||||
|
||||
* Tue Sep 23 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Jul 1 2008 Tomas Mraz <tmraz@redhat.com> 2.4.1-1
|
||||
- new upstream version
|
||||
- correct the license tag
|
||||
- explicit --with-included-opencdk not needed
|
||||
- use external lzo library, internal not included anymore
|
||||
|
||||
* Tue Jun 24 2008 Tomas Mraz <tmraz@redhat.com> 2.4.0-1
|
||||
- upgrade to latest upstream
|
||||
|
||||
* Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 2.0.4-3
|
||||
- fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
|
||||
(#447461, #447462, #447463)
|
||||
|
||||
* Mon Feb 4 2008 Joe Orton <jorton@redhat.com> 2.0.4-2
|
||||
- use system libtasn1
|
||||
|
||||
* Tue Dec 4 2007 Tomas Mraz <tmraz@redhat.com> 2.0.4-1
|
||||
- upgrade to latest upstream
|
||||
|
||||
* Tue Aug 21 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-2
|
||||
- license tag fix
|
||||
|
||||
* Wed Jun 6 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-1
|
||||
- upgrade to latest upstream (#232445)
|
||||
|
||||
* Tue Apr 10 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-2
|
||||
- properly require install-info (patch by Ville Skyttä)
|
||||
- standard buildroot and use dist tag
|
||||
- add COPYING and README to doc
|
||||
|
||||
* Wed Feb 7 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-1
|
||||
- new upstream version
|
||||
- drop libtermcap-devel from buildrequires
|
||||
|
||||
* Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2
|
||||
- detect forged signatures - CVE-2006-4790 (#206411), patch
|
||||
from upstream
|
||||
|
||||
* Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1
|
||||
- upgrade to new upstream version, only minor changes
|
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1
|
||||
- rebuild
|
||||
|
||||
* Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1
|
||||
- upgrade to new upstream version (#192070), rebuild
|
||||
of dependent packages required
|
||||
|
||||
* Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2
|
||||
- added missing buildrequires
|
||||
|
||||
* Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1
|
||||
- updated to new version (fixes CVE-2006-0645)
|
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2
|
||||
- bump again for double-long bug on ppc(64)
|
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1
|
||||
- rebuilt for new gcc4.1 snapshot and glibc changes
|
||||
|
||||
* Tue Jan 3 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3
|
||||
- rebuilt
|
||||
|
||||
* Fri Dec 9 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2
|
||||
- replaced *-config scripts with calls to pkg-config to
|
||||
solve multilib conflicts
|
||||
|
||||
* Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1
|
||||
- upgrade to newest upstream
|
||||
- removed .la files (#172635)
|
||||
|
||||
* Sun Aug 7 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1
|
||||
- upgrade to newest upstream (rebuild of dependencies necessary)
|
||||
|
||||
* Mon Jul 4 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2
|
||||
- split the command line tools to utils subpackage
|
||||
|
||||
* Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1
|
||||
- new upstream version fixes potential DOS attack
|
||||
|
||||
* Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2
|
||||
- readd the version script dropped by upstream
|
||||
|
||||
* Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1
|
||||
- update to the latest upstream version on the 1.0 branch
|
||||
|
||||
* Wed Mar 2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6
|
||||
- gcc4 rebuild
|
||||
|
||||
* Tue Jan 4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5
|
||||
- add gnutls Requires zlib-devel (#144069)
|
||||
|
||||
* Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4
|
||||
- Make gnutls-devel Require libgcrypt-devel
|
||||
|
||||
* Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3
|
||||
- rebuild with release++, otherwise unchanged.
|
||||
|
||||
* Tue Sep 7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2
|
||||
- patent tainted SRP code removed.
|
||||
|
||||
* Sun Sep 5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1
|
||||
- update to 1.0.20.
|
||||
- add --with-included-opencdk --with-included-libtasn1
|
||||
- add --with-included-libcfg --with-included-lzo
|
||||
- add --disable-srp-authentication.
|
||||
- do "make check" after build.
|
||||
|
||||
* Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1
|
||||
- upgrade to 0.9.2
|
||||
|
||||
* Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1
|
||||
- update to 0.4.4.
|
||||
|
||||
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
|
||||
- automated rebuild
|
||||
|
||||
* Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1
|
||||
- update to 0.4.3.
|
||||
|
||||
* Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1
|
||||
- update to 0.4.2.
|
||||
- change license to LGPL.
|
||||
- include splint annotations patch.
|
||||
|
||||
* Tue Apr 2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1
|
||||
- update to 0.4.0
|
||||
|
||||
* Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1
|
||||
- update to 0.3.2
|
||||
|
||||
* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1
|
||||
- add a URL
|
||||
|
||||
* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- initial package
|
||||
1
ci.fmf
1
ci.fmf
|
|
@ -1 +0,0 @@
|
|||
resultsdb-testcase: separate
|
||||
14
gating.yml
14
gating.yml
|
|
@ -1,14 +0,0 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_testing
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_stable
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
diff --git a/acinclude.m4 b/acinclude.m4
|
||||
index 906071c..a466b7c 100644
|
||||
--- a/acinclude.m4
|
||||
+++ b/acinclude.m4
|
||||
@@ -609,7 +609,7 @@ GMP_PROG_CC_WORKS_PART([$1], [long long reliability test 1],
|
||||
|
||||
#if defined (__GNUC__) && ! defined (__cplusplus)
|
||||
typedef unsigned long long t1;typedef t1*t2;
|
||||
-void g(){}
|
||||
+void g(int, t2, t1, t2, t2, int){}
|
||||
void h(){}
|
||||
static __inline__ t1 e(t2 rp,t2 up,int n,t1 v0)
|
||||
{t1 c,x,r;int i;if(v0){c=1;for(i=1;i<n;i++){x=up[i];r=x+1;rp[i]=r;}}return c;}
|
||||
File diff suppressed because it is too large
Load diff
60
gnutls-3.6.14-configure-fix-soname-detection.patch
Normal file
60
gnutls-3.6.14-configure-fix-soname-detection.patch
Normal file
|
|
@ -0,0 +1,60 @@
|
|||
From b57b820a3f0464e3151dd675af4f28ad109d683c Mon Sep 17 00:00:00 2001
|
||||
From: Vitezslav Cizek <vcizek@suse.com>
|
||||
Date: Tue, 9 Jun 2020 13:54:04 +0200
|
||||
Subject: [PATCH] configure: improve nettle, gmp, and hogweed soname detection
|
||||
|
||||
Some linkers might optimize away the libraries passed on the
|
||||
command line if they aren't actually needed, such as gnu ld with
|
||||
--as-needed.
|
||||
The ldd output then won't list the shared libraries and the
|
||||
detection will fail.
|
||||
Make sure nettle and others are really used.
|
||||
|
||||
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
|
||||
---
|
||||
configure.ac | 15 ++++++++++++---
|
||||
1 file changed, 12 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index e4ca66aec..ccbe4e563 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -741,7 +741,10 @@ LIBS=$save_LIBS
|
||||
save_LIBS=$LIBS
|
||||
LIBS="$LIBS $GMP_LIBS"
|
||||
AC_MSG_CHECKING([gmp soname])
|
||||
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
|
||||
+AC_LINK_IFELSE([AC_LANG_PROGRAM([
|
||||
+ #include <gmp.h>],[
|
||||
+ mpz_t n;
|
||||
+ mpz_init(n);])],
|
||||
[gmp_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libgmp\.so'`],
|
||||
[gmp_so=none])
|
||||
if test -z "$gmp_so"; then
|
||||
@@ -754,7 +757,10 @@ LIBS=$save_LIBS
|
||||
save_LIBS=$LIBS
|
||||
LIBS="$LIBS $NETTLE_LIBS"
|
||||
AC_MSG_CHECKING([nettle soname])
|
||||
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
|
||||
+AC_LINK_IFELSE([AC_LANG_PROGRAM([
|
||||
+ #include <nettle/sha2.h>],[
|
||||
+ struct sha256_ctx ctx;
|
||||
+ sha256_init(&ctx);])],
|
||||
[nettle_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libnettle\.so'`],
|
||||
[nettle_so=none])
|
||||
if test -z "$nettle_so"; then
|
||||
@@ -767,7 +773,10 @@ LIBS=$save_LIBS
|
||||
save_LIBS=$LIBS
|
||||
LIBS="$LIBS $HOGWEED_LIBS"
|
||||
AC_MSG_CHECKING([hogweed soname])
|
||||
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
|
||||
+AC_LINK_IFELSE([AC_LANG_PROGRAM([
|
||||
+ #include <nettle/rsa.h>],[
|
||||
+ struct rsa_private_key priv;
|
||||
+ nettle_rsa_private_key_init(&priv);])],
|
||||
[hogweed_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libhogweed\.so'`],
|
||||
[hogweed_so=none])
|
||||
if test -z "$hogweed_so"; then
|
||||
--
|
||||
2.25.4
|
||||
|
||||
152
gnutls-3.6.14-fix-iovec-memory-leak.patch
Normal file
152
gnutls-3.6.14-fix-iovec-memory-leak.patch
Normal file
|
|
@ -0,0 +1,152 @@
|
|||
From 6fbff7fc8aabeee2254405f254220bbe8c05c67d Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Fri, 5 Jun 2020 16:26:33 +0200
|
||||
Subject: [PATCH] crypto-api: always allocate memory when serializing iovec_t
|
||||
|
||||
The AEAD iov interface falls back to serializing the input buffers if
|
||||
the low-level cipher doesn't support scatter/gather encryption.
|
||||
However, there was a bug in the functions used for the serialization,
|
||||
which causes memory leaks under a certain condition (i.e. the number
|
||||
of input buffers is 1).
|
||||
|
||||
This patch makes the logic of the functions simpler, by removing a
|
||||
micro-optimization that tries to minimize the number of calls to
|
||||
malloc/free.
|
||||
|
||||
The original problem was reported by Marius Steffen in:
|
||||
https://bugzilla.samba.org/show_bug.cgi?id=14399
|
||||
and the cause was investigated by Alexander Haase in:
|
||||
https://gitlab.com/gnutls/gnutls/-/merge_requests/1277
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
lib/crypto-api.c | 36 +++++++++++-------------------------
|
||||
tests/aead-cipher-vec.c | 33 ++++++++++++++++++---------------
|
||||
2 files changed, 29 insertions(+), 40 deletions(-)
|
||||
|
||||
diff --git a/lib/crypto-api.c b/lib/crypto-api.c
|
||||
index 45be64ed1..8524f5ed4 100644
|
||||
--- a/lib/crypto-api.c
|
||||
+++ b/lib/crypto-api.c
|
||||
@@ -891,32 +891,23 @@ gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
|
||||
struct iov_store_st {
|
||||
void *data;
|
||||
size_t size;
|
||||
- unsigned allocated;
|
||||
};
|
||||
|
||||
static void iov_store_free(struct iov_store_st *s)
|
||||
{
|
||||
- if (s->allocated) {
|
||||
- gnutls_free(s->data);
|
||||
- s->allocated = 0;
|
||||
- }
|
||||
+ gnutls_free(s->data);
|
||||
}
|
||||
|
||||
static int iov_store_grow(struct iov_store_st *s, size_t length)
|
||||
{
|
||||
- if (s->allocated || s->data == NULL) {
|
||||
- s->size += length;
|
||||
- s->data = gnutls_realloc(s->data, s->size);
|
||||
- if (s->data == NULL)
|
||||
- return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
||||
- s->allocated = 1;
|
||||
- } else {
|
||||
- void *data = s->data;
|
||||
- size_t size = s->size + length;
|
||||
- s->data = gnutls_malloc(size);
|
||||
- memcpy(s->data, data, s->size);
|
||||
- s->size += length;
|
||||
- }
|
||||
+ void *data;
|
||||
+
|
||||
+ s->size += length;
|
||||
+ data = gnutls_realloc(s->data, s->size);
|
||||
+ if (data == NULL)
|
||||
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
||||
+
|
||||
+ s->data = data;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -926,11 +917,6 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
|
||||
memset(dst, 0, sizeof(*dst));
|
||||
if (iovcnt == 0) {
|
||||
return 0;
|
||||
- } else if (iovcnt == 1) {
|
||||
- dst->data = iov[0].iov_base;
|
||||
- dst->size = iov[0].iov_len;
|
||||
- /* implies: dst->allocated = 0; */
|
||||
- return 0;
|
||||
} else {
|
||||
int i;
|
||||
uint8_t *p;
|
||||
@@ -944,11 +930,11 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
|
||||
|
||||
p = dst->data;
|
||||
for (i=0;i<iovcnt;i++) {
|
||||
- memcpy(p, iov[i].iov_base, iov[i].iov_len);
|
||||
+ if (iov[i].iov_len > 0)
|
||||
+ memcpy(p, iov[i].iov_base, iov[i].iov_len);
|
||||
p += iov[i].iov_len;
|
||||
}
|
||||
|
||||
- dst->allocated = 1;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
diff --git a/tests/aead-cipher-vec.c b/tests/aead-cipher-vec.c
|
||||
index fba9010d9..6a30a35f7 100644
|
||||
--- a/tests/aead-cipher-vec.c
|
||||
+++ b/tests/aead-cipher-vec.c
|
||||
@@ -49,6 +49,7 @@ static void start(const char *name, int algo)
|
||||
giovec_t auth_iov[2];
|
||||
uint8_t tag[64];
|
||||
size_t tag_size = 0;
|
||||
+ size_t i;
|
||||
|
||||
key.data = key16;
|
||||
key.size = gnutls_cipher_get_key_size(algo);
|
||||
@@ -82,21 +83,23 @@ static void start(const char *name, int algo)
|
||||
if (ret < 0)
|
||||
fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret));
|
||||
|
||||
- ret = gnutls_aead_cipher_encryptv2(ch,
|
||||
- iv.data, iv.size,
|
||||
- auth_iov, 2,
|
||||
- iov, 3,
|
||||
- tag, &tag_size);
|
||||
- if (ret < 0)
|
||||
- fail("could not encrypt data: %s\n", gnutls_strerror(ret));
|
||||
-
|
||||
- ret = gnutls_aead_cipher_decryptv2(ch,
|
||||
- iv.data, iv.size,
|
||||
- auth_iov, 2,
|
||||
- iov, 3,
|
||||
- tag, tag_size);
|
||||
- if (ret < 0)
|
||||
- fail("could not decrypt data: %s\n", gnutls_strerror(ret));
|
||||
+ for (i = 0; i < 2; i++) {
|
||||
+ ret = gnutls_aead_cipher_encryptv2(ch,
|
||||
+ iv.data, iv.size,
|
||||
+ auth_iov, 2,
|
||||
+ iov, i + 1,
|
||||
+ tag, &tag_size);
|
||||
+ if (ret < 0)
|
||||
+ fail("could not encrypt data: %s\n", gnutls_strerror(ret));
|
||||
+
|
||||
+ ret = gnutls_aead_cipher_decryptv2(ch,
|
||||
+ iv.data, iv.size,
|
||||
+ auth_iov, 2,
|
||||
+ iov, i + 1,
|
||||
+ tag, tag_size);
|
||||
+ if (ret < 0)
|
||||
+ fail("could not decrypt data: %s\n", gnutls_strerror(ret));
|
||||
+ }
|
||||
|
||||
gnutls_aead_cipher_deinit(ch);
|
||||
}
|
||||
--
|
||||
2.25.4
|
||||
|
||||
46
gnutls-3.6.15-gnulib-perror-tests.patch
Normal file
46
gnutls-3.6.15-gnulib-perror-tests.patch
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
From 175e0bc72808d564074c4adcc72aeadb74adfcc6 Mon Sep 17 00:00:00 2001
|
||||
From: Paul Eggert <eggert@cs.ucla.edu>
|
||||
Date: Thu, 27 Aug 2020 17:52:58 -0700
|
||||
Subject: [PATCH] perror, strerror_r: remove unportable tests
|
||||
|
||||
Problem reported by Florian Weimer in:
|
||||
https://lists.gnu.org/r/bug-gnulib/2020-08/msg00220.html
|
||||
* tests/test-perror2.c (main):
|
||||
* tests/test-strerror_r.c (main): Omit unportable tests.
|
||||
---
|
||||
ChangeLog | 8 ++++++++
|
||||
tests/test-perror2.c | 3 ---
|
||||
tests/test-strerror_r.c | 3 ---
|
||||
3 files changed, 8 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/gl/tests/test-perror2.c b/gl/tests/test-perror2.c
|
||||
index 1d14eda7b..c6214dd25 100644
|
||||
--- a/gl/tests/test-perror2.c
|
||||
+++ b/gl/tests/test-perror2.c
|
||||
@@ -79,9 +79,6 @@ main (void)
|
||||
errno = -5;
|
||||
perror ("");
|
||||
ASSERT (!ferror (stderr));
|
||||
- ASSERT (msg1 == msg2 || msg1 == msg4 || STREQ (msg1, str1));
|
||||
- ASSERT (msg2 == msg4 || STREQ (msg2, str2));
|
||||
- ASSERT (msg3 == msg4 || STREQ (msg3, str3));
|
||||
ASSERT (STREQ (msg4, str4));
|
||||
|
||||
free (str1);
|
||||
diff --git a/gl/tests/test-strerror_r.c b/gl/tests/test-strerror_r.c
|
||||
index b11d6fd9f..c1dbcf837 100644
|
||||
--- a/gl/tests/test-strerror_r.c
|
||||
+++ b/gl/tests/test-strerror_r.c
|
||||
@@ -165,9 +165,6 @@ main (void)
|
||||
|
||||
strerror_r (EACCES, buf, sizeof buf);
|
||||
strerror_r (-5, buf, sizeof buf);
|
||||
- ASSERT (msg1 == msg2 || msg1 == msg4 || STREQ (msg1, str1));
|
||||
- ASSERT (msg2 == msg4 || STREQ (msg2, str2));
|
||||
- ASSERT (msg3 == msg4 || STREQ (msg3, str3));
|
||||
ASSERT (STREQ (msg4, str4));
|
||||
|
||||
free (str1);
|
||||
--
|
||||
2.26.2
|
||||
|
||||
11
gnutls-3.6.7-no-now-guile.patch
Normal file
11
gnutls-3.6.7-no-now-guile.patch
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
--- a/guile/src/Makefile.in 2019-03-27 11:51:55.984398001 +0100
|
||||
+++ b/guile/src/Makefile.in 2019-03-27 11:52:27.259626076 +0100
|
||||
@@ -1472,7 +1472,7 @@
|
||||
# Use '-module' to build a "dlopenable module", in Libtool terms.
|
||||
# Use '-undefined' to placate Libtool on Windows; see
|
||||
# <https://lists.gnutls.org/pipermail/gnutls-devel/2014-December/007294.html>.
|
||||
-guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined
|
||||
+guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined -Wl,-z,lazy
|
||||
|
||||
# Linking against GnuTLS.
|
||||
GNUTLS_CORE_LIBS = $(top_builddir)/lib/libgnutls.la
|
||||
|
|
@ -1,114 +0,0 @@
|
|||
From e0eb2bbb212a5c9d72311c59e7235832a0075dcc Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Wed, 9 Jul 2025 18:54:48 +0900
|
||||
Subject: [PATCH] add tests/ktls_utils.h
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
tests/ktls_utils.h | 94 ++++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 94 insertions(+)
|
||||
create mode 100644 tests/ktls_utils.h
|
||||
|
||||
diff --git a/tests/ktls_utils.h b/tests/ktls_utils.h
|
||||
new file mode 100644
|
||||
index 0000000..231618d
|
||||
--- /dev/null
|
||||
+++ b/tests/ktls_utils.h
|
||||
@@ -0,0 +1,94 @@
|
||||
+#ifndef GNUTLS_TESTS_KTLS_UTILS_H
|
||||
+#define GNUTLS_TESTS_KTLS_UTILS_H
|
||||
+
|
||||
+#include <fcntl.h>
|
||||
+#include <signal.h>
|
||||
+
|
||||
+#include <netinet/in.h>
|
||||
+
|
||||
+#include <sys/socket.h>
|
||||
+#include <sys/wait.h>
|
||||
+
|
||||
+/* Sets the NONBLOCK flag on the socket(fd) */
|
||||
+inline static int set_nonblocking(int fd)
|
||||
+{
|
||||
+ int flags = fcntl(fd, F_GETFL, 0);
|
||||
+ if (flags == -1) {
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ if (fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1) {
|
||||
+ return 2;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+/* Creates a pair of TCP connected sockets */
|
||||
+static int create_socket_pair(int *client_fd, int *server_fd)
|
||||
+{
|
||||
+ int ret;
|
||||
+ struct sockaddr_in saddr;
|
||||
+ socklen_t addrlen;
|
||||
+ int listener;
|
||||
+
|
||||
+ listener = socket(AF_INET, SOCK_STREAM, 0);
|
||||
+ if (listener == -1) {
|
||||
+ fail("error in listener(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ int opt = 0;
|
||||
+ setsockopt(listener, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
|
||||
+
|
||||
+ memset(&saddr, 0, sizeof(saddr));
|
||||
+ saddr.sin_family = AF_INET;
|
||||
+ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
|
||||
+ saddr.sin_port = 0;
|
||||
+
|
||||
+ ret = bind(listener, (struct sockaddr *)&saddr, sizeof(saddr));
|
||||
+ if (ret == -1) {
|
||||
+ fail("error in bind(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ addrlen = sizeof(saddr);
|
||||
+ ret = getsockname(listener, (struct sockaddr *)&saddr, &addrlen);
|
||||
+ if (ret == -1) {
|
||||
+ fail("error in getsockname(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ ret = listen(listener, 1);
|
||||
+ if (ret == -1) {
|
||||
+ fail("error in listen(): %s\n", strerror(errno));
|
||||
+ close(listener);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ *client_fd = socket(AF_INET, SOCK_STREAM, 0);
|
||||
+ if (*client_fd < 0) {
|
||||
+ fail("error in socket(): %s\n", strerror(errno));
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ ret = connect(*client_fd, (struct sockaddr *)&saddr, addrlen);
|
||||
+ if (ret < 0) {
|
||||
+ fail("error in connect(): %s\n", strerror(errno));
|
||||
+ close(listener);
|
||||
+ close(*client_fd);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ *server_fd = accept(listener, NULL, NULL);
|
||||
+ if (*server_fd < 0) {
|
||||
+ fail("error in accept(): %s\n", strerror(errno));
|
||||
+ close(listener);
|
||||
+ close(*client_fd);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+#endif //GNUTLS_TESTS_KTLS_UTILS_H
|
||||
--
|
||||
2.49.0
|
||||
|
||||
|
|
@ -1,58 +0,0 @@
|
|||
From 15fb5ad536c375a74cc0d87859c9fc919d924c9d Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 10 Jul 2025 05:45:06 +0900
|
||||
Subject: [PATCH] support VPATH build for mldsa tests
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
tests/cert-tests/mldsa.sh | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/tests/cert-tests/mldsa.sh b/tests/cert-tests/mldsa.sh
|
||||
index 7e31e11..55e31ce 100644
|
||||
--- a/tests/cert-tests/mldsa.sh
|
||||
+++ b/tests/cert-tests/mldsa.sh
|
||||
@@ -130,7 +130,7 @@ for variant in 44 65 87; do
|
||||
# Check default
|
||||
TMPKEYDEFAULT=$testdir/key-$algo-$format-default
|
||||
TMPKEY=$testdir/key-$algo-$format
|
||||
- ${VALGRIND} "${CERTTOOL}" -k --no-text --infile "data/key-$algo-$format.pem" >"$TMPKEYDEFAULT"
|
||||
+ ${VALGRIND} "${CERTTOOL}" -k --no-text --infile "$srcdir/data/key-$algo-$format.pem" >"$TMPKEYDEFAULT"
|
||||
if [ $? != 0 ]; then
|
||||
cat "$TMPKEYDEFAULT"
|
||||
exit 1
|
||||
@@ -138,19 +138,19 @@ for variant in 44 65 87; do
|
||||
|
||||
# The "expandedKey" format doesn't have public key part
|
||||
if [ "$format" = seed ] || [ "$format" = both ]; then
|
||||
- if ! "${DIFF}" "$TMPKEYDEFAULT" "data/key-$algo-both.pem"; then
|
||||
+ if ! "${DIFF}" "$TMPKEYDEFAULT" "$srcdir/data/key-$algo-both.pem"; then
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# Check roundtrip with --key-format
|
||||
- ${VALGRIND} "${CERTTOOL}" -k --no-text --key-format "$format" --infile "data/key-$algo-$format.pem" >"$TMPKEY"
|
||||
+ ${VALGRIND} "${CERTTOOL}" -k --no-text --key-format "$format" --infile "$srcdir/data/key-$algo-$format.pem" >"$TMPKEY"
|
||||
if [ $? != 0 ]; then
|
||||
cat "$TMPKEY"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- if ! "${DIFF}" "$TMPKEY" "data/key-$algo-$format.pem"; then
|
||||
+ if ! "${DIFF}" "$TMPKEY" "$srcdir/data/key-$algo-$format.pem"; then
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
@@ -164,7 +164,7 @@ for n in 1; do
|
||||
fi
|
||||
|
||||
echo "Testing inconsistent ML-DSA key ($n)"
|
||||
- if "${CERTTOOL}" -k --infile "data/key-mldsa-inconsistent$n.pem"; then
|
||||
+ if "${CERTTOOL}" -k --infile "$srcdir/data/key-mldsa-inconsistent$n.pem"; then
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
--
|
||||
2.49.0
|
||||
|
||||
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
|
|
@ -1,27 +0,0 @@
|
|||
From a9800309197fe5aef913944b2fc77164946f0689 Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Tue, 23 Jul 2024 16:04:56 +0900
|
||||
Subject: [PATCH] build: link against libhogweed when checking
|
||||
nettle_rsa_oaep_*
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
configure.ac | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index fb0aefe1f4..8b55808bd7 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -795,7 +795,7 @@ AM_CONDITIONAL([NEED_SIV_GCM], [test "$ac_cv_func_nettle_siv_gcm_encrypt_message
|
||||
|
||||
# Check for RSA-OAEP
|
||||
save_LIBS=$LIBS
|
||||
-LIBS="$LIBS $NETTLE_LIBS"
|
||||
+LIBS="$LIBS $HOGWEED_LIBS $NETTLE_LIBS $GMP_LIBS"
|
||||
AC_CHECK_FUNCS(nettle_rsa_oaep_sha256_encrypt)
|
||||
LIBS=$save_LIBS
|
||||
AM_CONDITIONAL([NEED_RSA_OAEP], [test "$ac_cv_func_nettle_rsa_oaep_sha256_encrypt" != yes])
|
||||
--
|
||||
2.45.2
|
||||
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
From a36b73a21e4b5b6e051b23192a645dea34c9d6af Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Tue, 5 Nov 2024 14:45:46 +0900
|
||||
Subject: [PATCH] tests: skip CHACHA20-POLY1305 in TLS 1.2 when KTLS is enabled
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
tests/gnutls_ktls.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/tests/gnutls_ktls.c b/tests/gnutls_ktls.c
|
||||
index 90d3e9af91..d5ac4efecc 100644
|
||||
--- a/tests/gnutls_ktls.c
|
||||
+++ b/tests/gnutls_ktls.c
|
||||
@@ -347,9 +347,11 @@ void doit(void)
|
||||
{
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-128-GCM");
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-256-GCM");
|
||||
+#if 0
|
||||
if (!gnutls_fips140_mode_enabled()) {
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305");
|
||||
}
|
||||
+#endif
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM");
|
||||
run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM");
|
||||
if (!gnutls_fips140_mode_enabled()) {
|
||||
--
|
||||
2.47.0
|
||||
|
||||
File diff suppressed because it is too large
Load diff
1245
gnutls.spec
1245
gnutls.spec
File diff suppressed because it is too large
Load diff
|
|
@ -6,3 +6,10 @@ if [ "$1" = "-e" ] ; then
|
|||
else
|
||||
CMD="rm -f"
|
||||
fi
|
||||
|
||||
# SRP
|
||||
for f in auth/srp_sb64.c auth/srp_passwd.c auth/srp_rsa.c \
|
||||
srp.c auth/srp.c ext/srp.c ; do
|
||||
eval "$CMD lib/$f"
|
||||
done
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
summary: Runs FIPS library integrity checks.
|
||||
name: fips-smoke
|
||||
execute:
|
||||
script: if [[ $(GNUTLS_DEBUG_LEVEL=99 GNUTLS_FORCE_FIPS_MODE=1 certtool 2>&1 | grep "Error") ]]; then exit 1; else exit 0; fi;
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
summary: Upstreamed gnutls-openssl interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-nss-2way
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-gnutls & tag: interop-nss & tag: interop-2way'
|
||||
execute:
|
||||
how: tmt
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
summary: Upstreamed gnutls-openssl interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-openssl-2way
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-gnutls & tag: interop-openssl & tag: interop-2way'
|
||||
execute:
|
||||
how: tmt
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
summary: Upstreamed gnutls interop tests - short tests which do not need to run in parallel
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-gnutls-short
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-gnutls & tag: -interop-slow'
|
||||
execute:
|
||||
how: tmt
|
||||
8
sources
8
sources
|
|
@ -1,5 +1,3 @@
|
|||
SHA512 (gnutls-3.8.11.tar.xz) = 68f9e5bec3aa6686fd3319cc9c88a5cc44e2a75144049fc9de5fb55fef2241b4e16996af4be5dd48308abbee8cfaed6c862903f6bb89aff5dfa5410075bd7386
|
||||
SHA512 (gnutls-3.8.11.tar.xz.sig) = 90883e5736299b103844ca42b85d371969ef66b50b60cb185e814ad9978598796e9ed07a590245ff28ac6ac084b1dee93fae0845576464583a5941835990957d
|
||||
SHA512 (gnutls-release-keyring.gpg) = 8c2b39239d1d8c5319757fcf669f28a11de7f8ec4a726f9904c57ba8105bea80240083c0de71b747115907bab46569f10cf58004137cc7884ac5c20f8319ae0a
|
||||
SHA512 (gmp-6.2.1.tar.xz) = c99be0950a1d05a0297d65641dd35b75b74466f7bf03c9e8a99895a3b2f9a0856cd17887738fa51cf7499781b65c049769271cbcb77d057d2e9f1ec52e07dd84
|
||||
SHA512 (leancrypto-1.6.0.tar.gz) = cb6ace4a1642208dd7656b62a48e99d6261f471aa7967b738057745a4534abfa11d380dd5de98a737c0c13b1e1cb37ce780e02297eefc1cf839581629d34e100
|
||||
SHA512 (gnutls-3.6.15.tar.xz) = f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c
|
||||
SHA512 (gnutls-3.6.15.tar.xz.sig) = a6dbb6093fefddce4c76ce0015d1e0ff7bb712985007c5c6bd5ed6a8cd7529ab250bcbc98b70beeb9dc1b43dcfc65495c77b9abb43e690f24eb7bf0042af1f68
|
||||
SHA512 (gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg) = a74b92826fd0e5388c9f6d9231959e38b26aeef83138648fab66df951d8e1a4db5302b569d08515d4d6443e5e4f6c466f98319f330c820790260d22a9b9f7173
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue