From d202afae383825492c3d651b979f6a89a4e5ee8fbcfa8a286b477d80771c8fc3 Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Fri, 3 Aug 2007 14:29:06 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=4

---
 gnutls-1.4.4-sign-callback.patch | 148 +++++++++++++++++++++++++++++++
 gnutls.changes                   |   5 ++
 gnutls.spec                      |  15 ++--
 3 files changed, 162 insertions(+), 6 deletions(-)
 create mode 100644 gnutls-1.4.4-sign-callback.patch

diff --git a/gnutls-1.4.4-sign-callback.patch b/gnutls-1.4.4-sign-callback.patch
new file mode 100644
index 0000000..c86f23f
--- /dev/null
+++ b/gnutls-1.4.4-sign-callback.patch
@@ -0,0 +1,148 @@
+--- gnutls-1.4.4/includes/gnutls/gnutls.h.in~	2007-03-06 10:58:32.000000000 -0500
++++ gnutls-1.4.4/includes/gnutls/gnutls.h.in	2007-03-08 14:59:14.000000000 -0500
+@@ -970,6 +970,14 @@ extern "C"
+     (gnutls_certificate_credentials_t cred,
+      gnutls_certificate_server_retrieve_function * func);
+ 
++  typedef int gnutls_certificate_client_sign_function (gnutls_datum_t * cert,
++                                                       gnutls_certificate_type_t cert_type,
++                                                       const gnutls_datum_t *hash_concat,
++                                                       gnutls_datum_t * signature);
++  void gnutls_certificate_client_set_sign_function
++    (gnutls_certificate_credentials_t cred,
++     gnutls_certificate_client_sign_function * func);
++
+   void gnutls_certificate_server_set_request (gnutls_session_t session,
+ 					      gnutls_certificate_request_t
+ 					      req);
+--- gnutls-1.4.4/lib/auth_cert.h~	2006-03-08 05:44:59.000000000 -0500
++++ gnutls-1.4.4/lib/auth_cert.h	2007-03-08 14:37:10.000000000 -0500
+@@ -95,6 +95,7 @@ typedef struct gnutls_certificate_creden
+ 
+   gnutls_certificate_client_retrieve_function *client_get_cert_callback;
+   gnutls_certificate_server_retrieve_function *server_get_cert_callback;
++  gnutls_certificate_client_sign_function *client_sign_callback;
+ } certificate_credentials_st;
+ 
+ typedef struct rsa_info_st
+--- gnutls-1.4.4/lib/gnutls_cert.c~	2006-03-21 11:11:25.000000000 -0500
++++ gnutls-1.4.4/lib/gnutls_cert.c	2007-03-08 15:13:28.000000000 -0500
+@@ -363,6 +363,12 @@ void gnutls_certificate_server_set_retri
+   cred->server_get_cert_callback = func;
+ }
+ 
++void gnutls_certificate_client_set_sign_function
++    (gnutls_certificate_credentials_t cred,
++     gnutls_certificate_client_sign_function * func)
++{
++    cred->client_sign_callback = func;
++}
+ 
+ /* These are set by the gnutls_extra library's initialization function.
+  */
+--- gnutls-1.4.4/lib/auth_cert.c~	2006-06-28 05:06:09.000000000 -0400
++++ gnutls-1.4.4/lib/auth_cert.c	2007-03-08 15:01:28.000000000 -0500
+@@ -1301,20 +1301,25 @@ _gnutls_gen_cert_client_cert_vrfy (gnutl
+       return ret;
+     }
+ 
+-  if (apr_pkey != NULL)
++  if (apr_pkey == NULL)
+     {
+-      if ((ret =
+-	   _gnutls_tls_sign_hdata (session,
+-				   &apr_cert_list[0],
+-				   apr_pkey, &signature)) < 0)
+-	{
+-	  gnutls_assert ();
+-	  return ret;
+-	}
+-    }
+-  else
++      gnutls_certificate_credentials_t cred;
++      cred = (gnutls_certificate_credentials_t)
++          _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
++
++      if (cred == NULL || cred->client_sign_callback == NULL)
++        {
++          return 0;
++        }
++    }
++
++  if ((ret =
++       _gnutls_tls_sign_hdata (session,
++                               &apr_cert_list[0],
++                               apr_pkey, &signature)) < 0)
+     {
+-      return 0;
++      gnutls_assert ();
++      return ret;
+     }
+ 
+   *data = gnutls_malloc (signature.size + 2);
+--- gnutls-1.4.4/lib/gnutls_sig.c~	2006-03-08 05:44:59.000000000 -0500
++++ gnutls-1.4.4/lib/gnutls_sig.c	2007-03-08 15:06:52.000000000 -0500
+@@ -57,6 +57,7 @@ _gnutls_tls_sign_hdata (gnutls_session_t
+   mac_hd_t td_md5;
+   mac_hd_t td_sha;
+   gnutls_protocol_t ver = gnutls_protocol_get_version (session);
++  gnutls_certificate_credentials_t cred;
+ 
+   td_sha = _gnutls_hash_copy (session->internals.handshake_mac_handle_sha);
+   if (td_sha == NULL)
+@@ -111,7 +112,15 @@ _gnutls_tls_sign_hdata (gnutls_session_t
+       gnutls_assert ();
+       return GNUTLS_E_INTERNAL_ERROR;
+     }
+-  ret = _gnutls_tls_sign (cert, pkey, &dconcat, signature);
++
++  cred = (gnutls_certificate_credentials_t)
++      _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
++
++  if (cred != NULL && cred->client_sign_callback != NULL)
++      ret = cred->client_sign_callback (&cert->raw, cert->cert_type, &dconcat, signature);
++  else
++      ret = _gnutls_tls_sign (cert, pkey, &dconcat, signature);
++
+   if (ret < 0)
+     {
+       gnutls_assert ();
+--- gnutls-1.4.4/includes/gnutls/gnutls.h.in~	2007-03-09 12:48:09.000000000 -0500
++++ gnutls-1.4.4/includes/gnutls/gnutls.h.in	2007-03-09 12:48:48.000000000 -0500
+@@ -970,7 +970,8 @@ extern "C"
+     (gnutls_certificate_credentials_t cred,
+      gnutls_certificate_server_retrieve_function * func);
+ 
+-  typedef int gnutls_certificate_client_sign_function (gnutls_datum_t * cert,
++  typedef int gnutls_certificate_client_sign_function (gnutls_session_t session,
++                                                       gnutls_datum_t * cert,
+                                                        gnutls_certificate_type_t cert_type,
+                                                        const gnutls_datum_t *hash_concat,
+                                                        gnutls_datum_t * signature);
+--- gnutls-1.4.4/lib/gnutls_sig.c~	2007-03-09 12:50:46.000000000 -0500
++++ gnutls-1.4.4/lib/gnutls_sig.c	2007-03-09 12:51:15.000000000 -0500
+@@ -117,7 +117,9 @@ _gnutls_tls_sign_hdata (gnutls_session_t
+       _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
+ 
+   if (cred != NULL && cred->client_sign_callback != NULL)
+-      ret = cred->client_sign_callback (&cert->raw, cert->cert_type, &dconcat, signature);
++      ret = cred->client_sign_callback (session,
++                                        &cert->raw, cert->cert_type,
++                                        &dconcat, signature);
+   else
+       ret = _gnutls_tls_sign (cert, pkey, &dconcat, signature);
+ 
+--- gnutls-1.4.4/lib/auth_cert.c~	2007-03-12 12:48:09.000000000 -0400
++++ gnutls-1.4.4/lib/auth_cert.c	2007-03-13 14:52:42.000000000 -0400
+@@ -1301,6 +1301,11 @@ _gnutls_gen_cert_client_cert_vrfy (gnutl
+       return ret;
+     }
+ 
++  if (apr_cert_list_length == 0)
++    {
++      return 0;
++    }
++
+   if (apr_pkey == NULL)
+     {
+       gnutls_certificate_credentials_t cred;
diff --git a/gnutls.changes b/gnutls.changes
index da340f0..f69b75d 100644
--- a/gnutls.changes
+++ b/gnutls.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Fri Aug  3 13:54:37 CEST 2007 - hvogel@suse.de
+
+- Some additions for evolution smart card support
+
 -------------------------------------------------------------------
 Thu May 10 17:21:59 CEST 2007 - mkoenig@suse.de
 
diff --git a/gnutls.spec b/gnutls.spec
index 6da2d7d..6fff293 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -13,13 +13,14 @@
 Name:           gnutls
 BuildRequires:  gcc-c++ libgcrypt-devel libopencdk-devel lzo-devel
 Version:        1.6.1
-Release:        8
-License:        GNU General Public License (GPL)
+Release:        25
+License:        GPL v2 or later
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 URL:            http://www.gnutls.org/
 Source0:        %name-%version.tar.bz2
 Patch0:         gnutls-char-signedness.patch
 Patch1:         gnutls-fix_size_t.patch
+Patch2:         gnutls-1.4.4-sign-callback.patch
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security
 Autoreqprov:    on
@@ -41,7 +42,7 @@ Authors:
 
 %package devel
 Summary:        Development package for gnutls
-Group:          Productivity/Networking/Security
+Group:          Development/Libraries/C and C++
 Requires:       %name = %version glibc-devel libopencdk-devel libgcrypt-devel libgpg-error-devel zlib-devel lzo-devel 
 
 %description devel
@@ -60,6 +61,7 @@ Authors:
 %setup -q
 %patch0
 %patch1 -p1
+%patch2 -p1
 
 %build
 autoreconf -fi
@@ -77,6 +79,7 @@ make
 make DESTDIR=$RPM_BUILD_ROOT install
 rm -rf doc/examples/.deps doc/examples/.libs doc/examples/*.{o,lo,la} doc/examples/Makefile{,.in}
 find doc/examples -perm -111 -exec rm {} \;
+%find_lang %name
 
 %clean
 rm -rf %buildroot
@@ -93,7 +96,7 @@ rm -rf %buildroot
 %postun devel
 %install_info_delete --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz
 
-%files
+%files -f %name.lang
 %defattr(-, root, root)
 %doc THANKS README NEWS ChangeLog COPYING.LIB COPYING AUTHORS doc/TODO
 %_bindir/certtool
@@ -105,8 +108,6 @@ rm -rf %buildroot
 %_libdir/*.so.*
 %_mandir/man1/*
 
-%_usr/share/locale/*/*/%{name}.mo
-
 %files devel
 %defattr(-, root, root)
 %_bindir/libgnutls-config
@@ -123,6 +124,8 @@ rm -rf %buildroot
 %doc doc/examples doc/gnutls.html doc/*.png doc/gnutls.pdf doc/reference/html/*
 
 %changelog
+* Fri Aug 03 2007 - hvogel@suse.de
+- Some additions for evolution smart card support
 * Thu May 10 2007 - mkoenig@suse.de
 - Fix segfault on s390x [#97441]
   gnutls-fix_size_t.patch