diff --git a/gnutls-2.0.1.tar.bz2 b/gnutls-2.0.1.tar.bz2 deleted file mode 100644 index b2b4329..0000000 --- a/gnutls-2.0.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6314580fbcc167e6f5987b634ef26fec687a0317570c26cc1a078048db8d9793 -size 4837109 diff --git a/gnutls-2.2.1.tar.bz2 b/gnutls-2.2.1.tar.bz2 new file mode 100644 index 0000000..46a5f76 --- /dev/null +++ b/gnutls-2.2.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a2cb85e2d35dfb7dacce20737dec6f0e8c0eccf4062e44c8eeaa74e4cb6f9615 +size 4945945 diff --git a/gnutls-fix_size_t.patch b/gnutls-fix_size_t.patch deleted file mode 100644 index c453f66..0000000 --- a/gnutls-fix_size_t.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: gnutls-1.6.1/src/tests.c -=================================================================== ---- gnutls-1.6.1.orig/src/tests.c -+++ gnutls-1.6.1/src/tests.c -@@ -50,7 +50,7 @@ int tls1_1_ok = 0; - /* keep session info */ - static char *session_data = NULL; - static char session_id[32]; --static int session_data_size = 0, session_id_size = 0; -+static size_t session_data_size = 0, session_id_size = 0; - static int sfree = 0; - static int handshake_output = 0; - diff --git a/gnutls.changes b/gnutls.changes index 2bd7836..b8cc1c5 100644 --- a/gnutls.changes +++ b/gnutls.changes @@ -1,3 +1,66 @@ +------------------------------------------------------------------- +Thu Jan 31 11:12:46 CET 2008 - mkoenig@suse.de + +- update to version 2.2.1 + * Fixes the post_client_hello_function() + * Fix for certificate selection in servers with certificate callbacks + * certtool: Fixed data corruption when using --outder + * TLS authorization support removed. + * Corrected bug which did not allow a server to run without + supporting certificates + * Introduced gnutls_session_enable_compatibility_mode() + * Added gnutls_record_disable_padding() to allow servers talking to + buggy clients + * Fixed PKCS #3 parameter export + * Added support for Camellia cipher + * certtool: Add option --quick-random + * Added capability to set a callback after the client hello is + received by the server in order to adjust parameters before + the handshake + * certtool: Fixed data corruption when using --outder + * SRP was corrected to adhere to the latest draft + * Updated the DN parser + * Added support for DSA2 using libgcrypt 1.3.0 + * Removed all the trustdb code from openpgp authentication. + We now use only the well-specified keyrings + * The gnutls_certificate_set_openpgp_* functions were modified + to include the format. This makes the interface consistent with + the x509 functions + * Introduced gnutls_session_enable_compatibility_mode() + * Added gnutls_set_default_priority2() + * Added priority functions that accept strings + * certtool: Add option --disable-quick-random to enable the + old behaviour of using /dev/random to generate keys + * Added the --v1 option to certtool, to allow generating X.509 + version 1 certificates + * Fix PKCS#3 parameter export problem + * Fixed GNUTLS_E_UNKNOWN_ALGORITHM vs GNUTLS_E_UNKNOWN_HASH_ALGORITHM + * gnutls_certificate_set_x509_key_* can now read PKCS #8 unencrypted + private keys + * Introduced the GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR error code + * Added the --to-p8 option to certtool to convert private keys + to PKCS #8 keys + * Corrected bug in decompression of expanded compression data + * The gnutls_*_convert_priority() functions were deprecated + * gnutls-cli and gnutls-serv now have a --priority option + * PKCS #8 parser can now encode/decode DSA keys + * Corrected a segfault when setting an empty gnutls_priority_t + at gnutls_priority_set() + * Added gnutls_x509_crt_get_subject_alt_name2() + * The GPL version has been changed from version 2 to version 3. + This affects the self-tests, command-line tools, the libgnutls-extra + library, the relevant guile parts, and the build environment +- API and ABI modifications, library soname switch from 13 to 26 +- change package structure: + * branch off libgnutls-extra + since this is now GPLv3 or later while libgnutls remains + LGPLv2.1 or later + * gnutls license change to GPLv3 +- build without lzo support to avoid license problems + since lzo is currently GPLv2 only +- removed merged patches: + gnutls-fix_size_t.patch + ------------------------------------------------------------------- Tue Oct 23 13:59:25 CEST 2007 - mkoenig@suse.de diff --git a/gnutls.spec b/gnutls.spec index ec5137b..46669e4 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,7 +1,7 @@ # -# spec file for package gnutls (Version 2.0.1) +# spec file for package gnutls (Version 2.2.1) # -# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # @@ -10,21 +10,20 @@ # norootforbuild + Name: gnutls -BuildRequires: gcc-c++ libgcrypt-devel libopencdk-devel lzo-devel -Version: 2.0.1 -Release: 1 -License: GPL v2 or later +BuildRequires: gcc-c++ libgcrypt-devel libopencdk-devel +Version: 2.2.1 +Release: 2 +License: GPL v2 or later; LGPL v2.1 or later BuildRoot: %{_tmppath}/%{name}-%{version}-build Url: http://www.gnutls.org/ Source0: %name-%version.tar.bz2 Patch0: gnutls-char-signedness.patch -Patch1: gnutls-fix_size_t.patch Patch2: gnutls-1.6.1-srptool.patch Summary: The GNU Transport Layer Security Library Group: Productivity/Networking/Security AutoReqProv: on -PreReq: %install_info_prereq %description The GnuTLS project aims to develop a library that provides a secure @@ -40,11 +39,29 @@ Authors: Timo Schulz Andrew McDonald -%package -n libgnutls13 +%package -n libgnutls26 Summary: The GNU Transport Layer Security Library Group: Productivity/Networking/Security -%description -n libgnutls13 +%description -n libgnutls26 +The GnuTLS project aims to develop a library that provides a secure +layer over a reliable transport layer. Currently the GnuTLS library +implements the proposed standards of the IETF's TLS working group. + + + +Authors: +-------- + Nikos Mavroyanopoulos + Fabio Fiorina + Timo Schulz + Andrew McDonald + +%package -n libgnutls-extra26 +Summary: The GNU Transport Layer Security Library +Group: Productivity/Networking/Security + +%description -n libgnutls-extra26 The GnuTLS project aims to develop a library that provides a secure layer over a reliable transport layer. Currently the GnuTLS library implements the proposed standards of the IETF's TLS working group. @@ -61,16 +78,36 @@ Authors: %package -n libgnutls-devel Summary: Development package for gnutls Group: Development/Libraries/C and C++ -Requires: libgnutls13 = %version glibc-devel libopencdk-devel libgcrypt-devel libgpg-error-devel zlib-devel lzo-devel -# gnutls-devel last used in 10.3 -Obsoletes: gnutls-devel < %version -Provides: gnutls-devel = %version +Requires: libgnutls26 = %version glibc-devel libopencdk-devel libgcrypt-devel +PreReq: %install_info_prereq %description -n libgnutls-devel Files needed for software development using gnutls. +Authors: +-------- + Nikos Mavroyanopoulos + Fabio Fiorina + Timo Schulz + Andrew McDonald + +%package -n libgnutls-extra-devel +Summary: The GNU Transport Layer Security Library +Group: Productivity/Networking/Security +Requires: libgnutls-extra26 = %version libgnutls-devel +# gnutls-devel last used in 10.3 +Obsoletes: gnutls-devel < %version +Provides: gnutls-devel = %version + +%description -n libgnutls-extra-devel +The GnuTLS project aims to develop a library that provides a secure +layer over a reliable transport layer. Currently the GnuTLS library +implements the proposed standards of the IETF's TLS working group. + + + Authors: -------- Nikos Mavroyanopoulos @@ -81,7 +118,6 @@ Authors: %prep %setup -q %patch0 -%patch1 -p1 %patch2 -p1 %build @@ -92,6 +128,7 @@ autoreconf -fi --mandir=%_mandir --infodir=%_infodir \ --localstatedir=%_localstatedir \ --with-included-libtasn1 \ + --without-lzo \ CFLAGS="$RPM_OPT_FLAGS" \ CXXFLAGS="$RPM_OPT_FLAGS" make @@ -108,15 +145,21 @@ rm -f %{buildroot}%{_libdir}/*.{a,la} %clean rm -rf %buildroot -%post -n libgnutls13 -%run_ldconfig +%post -n libgnutls26 +/sbin/ldconfig + +%postun -n libgnutls26 +/sbin/ldconfig + +%post -n libgnutls-extra26 +/sbin/ldconfig + +%postun -n libgnutls-extra26 +/sbin/ldconfig %post -n libgnutls-devel %install_info --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz -%postun -n libgnutls13 -%run_ldconfig - %postun -n libgnutls-devel %install_info_delete --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz @@ -131,26 +174,98 @@ rm -rf %buildroot %_bindir/psktool %_mandir/man1/* -%files -n libgnutls13 +%files -n libgnutls26 %defattr(-,root,root) -%_libdir/libgnutls.so.13* -%_libdir/libgnutls-extra.so.13* -%_libdir/libgnutls-openssl.so.13* -%_libdir/libgnutlsxx.so.13* +%_libdir/libgnutls.so.26* +%_libdir/libgnutlsxx.so.26* + +%files -n libgnutls-extra26 +%defattr(-,root,root) +%_libdir/libgnutls-extra.so.26* +%_libdir/libgnutls-openssl.so.26* %files -n libgnutls-devel %defattr(-, root, root) %_bindir/libgnutls-config -%_bindir/libgnutls-extra-config %_includedir/* -%_libdir/*.so -%_datadir/aclocal/* -%_libdir/pkgconfig/* +%_libdir/libgnutls.so +%_libdir/libgnutlsxx.so +%_datadir/aclocal/libgnutls.m4 +%_libdir/pkgconfig/gnutls.pc %_mandir/man3/* %_infodir/%{name}* %doc doc/examples doc/gnutls.html doc/*.png doc/gnutls.pdf doc/reference/html/* + +%files -n libgnutls-extra-devel +%defattr(-, root, root) +%_bindir/libgnutls-extra-config +%_libdir/libgnutls-extra.so +%_libdir/libgnutls-openssl.so +%_datadir/aclocal/libgnutls-extra.m4 +%_libdir/pkgconfig/gnutls-extra.pc + %changelog -* Tue Oct 23 2007 - mkoenig@suse.de +* Thu Jan 31 2008 mkoenig@suse.de +- update to version 2.2.1 + * Fixes the post_client_hello_function() + * Fix for certificate selection in servers with certificate callbacks + * certtool: Fixed data corruption when using --outder + * TLS authorization support removed. + * Corrected bug which did not allow a server to run without + supporting certificates + * Introduced gnutls_session_enable_compatibility_mode() + * Added gnutls_record_disable_padding() to allow servers talking to + buggy clients + * Fixed PKCS #3 parameter export + * Added support for Camellia cipher + * certtool: Add option --quick-random + * Added capability to set a callback after the client hello is + received by the server in order to adjust parameters before + the handshake + * certtool: Fixed data corruption when using --outder + * SRP was corrected to adhere to the latest draft + * Updated the DN parser + * Added support for DSA2 using libgcrypt 1.3.0 + * Removed all the trustdb code from openpgp authentication. + We now use only the well-specified keyrings + * The gnutls_certificate_set_openpgp_* functions were modified + to include the format. This makes the interface consistent with + the x509 functions + * Introduced gnutls_session_enable_compatibility_mode() + * Added gnutls_set_default_priority2() + * Added priority functions that accept strings + * certtool: Add option --disable-quick-random to enable the + old behaviour of using /dev/random to generate keys + * Added the --v1 option to certtool, to allow generating X.509 + version 1 certificates + * Fix PKCS#3 parameter export problem + * Fixed GNUTLS_E_UNKNOWN_ALGORITHM vs GNUTLS_E_UNKNOWN_HASH_ALGORITHM + * gnutls_certificate_set_x509_key_* can now read PKCS #8 unencrypted + private keys + * Introduced the GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR error code + * Added the --to-p8 option to certtool to convert private keys + to PKCS #8 keys + * Corrected bug in decompression of expanded compression data + * The gnutls_*_convert_priority() functions were deprecated + * gnutls-cli and gnutls-serv now have a --priority option + * PKCS #8 parser can now encode/decode DSA keys + * Corrected a segfault when setting an empty gnutls_priority_t + at gnutls_priority_set() + * Added gnutls_x509_crt_get_subject_alt_name2() + * The GPL version has been changed from version 2 to version 3. + This affects the self-tests, command-line tools, the libgnutls-extra + library, the relevant guile parts, and the build environment +- API and ABI modifications, library soname switch from 13 to 26 +- change package structure: + * branch off libgnutls-extra + since this is now GPLv3 or later while libgnutls remains + LGPLv2.1 or later + * gnutls license change to GPLv3 +- build without lzo support to avoid license problems + since lzo is currently GPLv2 only +- removed merged patches: + gnutls-fix_size_t.patch +* Tue Oct 23 2007 mkoenig@suse.de - update to version 2.0.1 - change package layout to conform shlib policy: rename gnutls-devel -> libgnutls-devel @@ -158,15 +273,15 @@ rm -rf %buildroot - removed patches: gnutls-1.4.4-sign-callback.patch gnutls-1.6.1-compiler_warnings.patch -* Thu Aug 30 2007 - mkoenig@suse.de +* Thu Aug 30 2007 mkoenig@suse.de - fix srptool [#208227] - fix some compiler warnings -* Fri Aug 03 2007 - hvogel@suse.de +* Fri Aug 03 2007 hvogel@suse.de - Some additions for evolution smart card support -* Thu May 10 2007 - mkoenig@suse.de +* Thu May 10 2007 mkoenig@suse.de - Fix segfault on s390x [#97441] gnutls-fix_size_t.patch -* Tue Jan 23 2007 - mkoenig@suse.de +* Tue Jan 23 2007 mkoenig@suse.de - update to new stable branch 1.6.1: * Fix the list of trusted CAs that server's send to clients. * Fix gnutls_certificate_set_x509_crl to initialize the CRL @@ -175,14 +290,14 @@ rm -rf %buildroot * Fix ./configure failure with non-GCC compilers. * A GnuTLS C++ library is part of the official distribution. * New APIs for custom push/pull function error reporting. -* Tue Oct 24 2006 - mkoenig@suse.de +* Tue Oct 24 2006 mkoenig@suse.de - move developer related docs to devel package and remove binary stuff from docs [#212454] -* Tue Sep 19 2006 - mkoenig@suse.de +* Tue Sep 19 2006 mkoenig@suse.de - update to version 1.4.4: * bugfix release * fixes security vulnerability [#206636] (CVE-2006-4790) -* Thu Aug 31 2006 - mkoenig@suse.de +* Thu Aug 31 2006 mkoenig@suse.de - update to new stable branch 1.4.1: * The command line tools now use getaddrinfo and support IPv6. * gnutls-cli can now recognize services and port numbers with @@ -218,9 +333,9 @@ rm -rf %buildroot + Fixed bug in non-blocking gnutls_bye(). + Fix read of out bounds bug in DER parser. + Fixed bug in OpenPGP authentication handshake. -* Sat Feb 18 2006 - ro@suse.de +* Sat Feb 18 2006 ro@suse.de - cleanup doc directory (.deps,.libs) -* Fri Feb 10 2006 - hvogel@suse.de +* Fri Feb 10 2006 hvogel@suse.de - Update to version 1.2.10. This release fixes several serious bugs that would make the DER decoder in libtasn1 crash on invalid input [#149897]. Including: @@ -232,64 +347,64 @@ rm -rf %buildroot * Fixed bug in non-blocking gnutls_bye(). gnutls_record_send() will no longer invalidate a session if the underlying send fails, but it will prevent future writes. -* Wed Jan 25 2006 - mls@suse.de +* Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires -* Tue Dec 20 2005 - ro@suse.de +* Tue Dec 20 2005 ro@suse.de - do not package /usr/share/info/dir -* Fri Dec 09 2005 - hvogel@suse.de +* Fri Dec 09 2005 hvogel@suse.de - update to version 1.2.9 -* Tue Oct 25 2005 - hvogel@suse.de +* Tue Oct 25 2005 hvogel@suse.de - update to version 1.2.8 -* Mon Aug 22 2005 - hvogel@suse.de +* Mon Aug 22 2005 hvogel@suse.de - fix data type comparison [Bug #104617] -* Sun Jul 03 2005 - hvogel@suse.de +* Sun Jul 03 2005 hvogel@suse.de - update to version 1.2.5 -* Wed Jun 29 2005 - hvogel@suse.de +* Wed Jun 29 2005 hvogel@suse.de - patch from mrueckert to use external lzo again -* Thu Jun 23 2005 - hvogel@suse.de +* Thu Jun 23 2005 hvogel@suse.de - use %%install_info/%%install_info_delete -* Tue Jun 07 2005 - hvogel@suse.de +* Tue Jun 07 2005 hvogel@suse.de - update to version 1.2.4 -* Fri Jun 03 2005 - ro@suse.de +* Fri Jun 03 2005 ro@suse.de - fix specfile (don't apply non-existant patch1) -* Thu Jun 02 2005 - hvogel@suse.de +* Thu Jun 02 2005 hvogel@suse.de - use included minilzo -* Wed May 25 2005 - hvogel@suse.de +* Wed May 25 2005 hvogel@suse.de - Update to version 1.2.3 (fixes gnutls DOS Bug #83481) - Include defines.h before gnutls.h, to pull in config.h, to make sure memmem.h prototype memmem properly -* Sat Jan 29 2005 - hvogel@suse.de +* Sun Jan 30 2005 hvogel@suse.de - Update to version 1.2.0 -* Wed Jan 19 2005 - hvogel@suse.de +* Wed Jan 19 2005 hvogel@suse.de - update to version 1.1.23 - get rid of prebuild html/ps docu again, the devel packages has man-pages now -* Mon Dec 13 2004 - hvogel@suse.de +* Mon Dec 13 2004 hvogel@suse.de - update to version 1.0.23 - make build of postscript/html docu configureable -* Sat Oct 23 2004 - hvogel@suse.de +* Sat Oct 23 2004 hvogel@suse.de - move config script to the devel package -* Thu Oct 14 2004 - hvogel@suse.de +* Thu Oct 14 2004 hvogel@suse.de - Update to version 1.0.21 -* Tue Sep 28 2004 - hvogel@suse.de +* Tue Sep 28 2004 hvogel@suse.de - add doc subpackage with prebuild html/ps docu (Bug #44496) -* Mon Sep 27 2004 - hvogel@suse.de +* Mon Sep 27 2004 hvogel@suse.de - fix ac-quotation patch to include libgnutls-extra.m4 (Bug #46035) -* Tue Aug 31 2004 - kukuk@suse.de +* Tue Aug 31 2004 kukuk@suse.de - Update to version 1.0.20 -* Mon Aug 30 2004 - kukuk@suse.de +* Mon Aug 30 2004 kukuk@suse.de - Add libopencdk-devel to neededforbuild -* Thu Jul 15 2004 - hvogel@suse.de +* Thu Jul 15 2004 hvogel@suse.de - add libgcrypt-devel and lipgpg-error-devel to nfb -* Wed May 19 2004 - hvogel@suse.de +* Wed May 19 2004 hvogel@suse.de - update to version 1.0.13 -* Fri May 14 2004 - mmj@suse.de +* Fri May 14 2004 mmj@suse.de - Add C++ compiler to build - Don't remove buildroot when installing -* Mon Mar 01 2004 - hvogel@suse.de +* Mon Mar 01 2004 hvogel@suse.de - update to version 1.0.8 -* Tue Feb 17 2004 - hvogel@suse.de +* Tue Feb 17 2004 hvogel@suse.de - update to version 1.0.6 - fix autoconf quotations -* Wed May 14 2003 - schubi@suse.de +* Wed May 14 2003 schubi@suse.de - initial; Sourcecode received from XIMIAN