forked from pool/gnutls
Accepting request 205088 from Base:System
- Upgrade to 3.2.5 ** libgnutls: Documentation and build-time fixes. ** libgnutls: Allow the generation of DH groups of less than 700 bits. ** libgnutls: Added several combinations of ciphersuites with SHA256 and SHA384 as MAC, as well as Camellia with GCM. ** libdane: Added interfaces to allow initialization of dane_query_t from external DNS resolutions, and to allow direct verification of a certificate chain against a dane_query_t. Contributed by Christian Grothoff. ** libdane: Fixed a buffer overflow in dane_query_tlsa(). This could be triggered by a DNS server supplying more than 4 DANE records. Report and fix by Christian Grothoff. ** srptool: Fixed index command line option. Patch by Attila Molnar. ** gnutls-cli: Added support for inline commands, using the --inline-commands-prefix and --inline-commands options. Patch by Raj Raman. ** certtool: pathlen constraint is now read correctly. Reported by Christoph Seitz. ** API and ABI modifications: gnutls_certificate_get_crt_raw: Added dane_verify_crt_raw: Added dane_raw_tlsa: Added Add files: make-obs-happy-with-gnutls_3.2.5.patch, gnutls-3.2.5.tar.xz, gnutls-3.2.5.tar.xz.sig, gnutls-3.2.5-noecc.patch Delete files: gnutls-3.2.4.tar.xz, gnutls-3.2.4.tar.xz.sig, make-obs-happy-with-gnutls_3.2.4.patch, gnutls-3.2.4-noecc.patch OBS-URL: https://build.opensuse.org/request/show/205088 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=66
This commit is contained in:
parent
38d3bf8c14
commit
ee8692fe69
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:119570af3eb83b411252bf617688b9b9143e4349f48657b7ebaea57d90ff707f
|
||||
size 4959876
|
Binary file not shown.
@ -1,7 +1,7 @@
|
||||
Index: gnutls-3.2.4/lib/algorithms/publickey.c
|
||||
Index: gnutls-3.2.5/lib/algorithms/publickey.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/algorithms/publickey.c
|
||||
+++ gnutls-3.2.4/lib/algorithms/publickey.c
|
||||
--- gnutls-3.2.5.orig/lib/algorithms/publickey.c
|
||||
+++ gnutls-3.2.5/lib/algorithms/publickey.c
|
||||
@@ -49,8 +49,10 @@ static const gnutls_pk_map pk_mappings[]
|
||||
{GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
|
||||
{GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
|
||||
@ -23,15 +23,14 @@ Index: gnutls-3.2.4/lib/algorithms/publickey.c
|
||||
{0, 0, 0}
|
||||
};
|
||||
|
||||
Index: gnutls-3.2.4/lib/auth/cert.c
|
||||
Index: gnutls-3.2.5/lib/auth/cert.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/auth/cert.c
|
||||
+++ gnutls-3.2.4/lib/auth/cert.c
|
||||
@@ -63,7 +63,12 @@ static gnutls_privkey_t alloc_and_load_p
|
||||
--- gnutls-3.2.5.orig/lib/auth/cert.c
|
||||
+++ gnutls-3.2.5/lib/auth/cert.c
|
||||
@@ -63,7 +63,11 @@ static gnutls_privkey_t alloc_and_load_p
|
||||
key, int deinit);
|
||||
#endif
|
||||
|
||||
+
|
||||
+#ifdef ENABLE_ECC
|
||||
#define MAX_CLIENT_SIGN_ALGOS 3
|
||||
+#else
|
||||
@ -40,7 +39,7 @@ Index: gnutls-3.2.4/lib/auth/cert.c
|
||||
#define CERTTYPE_SIZE (MAX_CLIENT_SIGN_ALGOS+1)
|
||||
typedef enum CertificateSigType
|
||||
{ RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64
|
||||
@@ -1438,8 +1443,10 @@ _gnutls_check_supported_sign_algo (Certi
|
||||
@@ -1438,8 +1442,10 @@ _gnutls_check_supported_sign_algo (Certi
|
||||
return GNUTLS_PK_RSA;
|
||||
case DSA_SIGN:
|
||||
return GNUTLS_PK_DSA;
|
||||
@ -51,7 +50,7 @@ Index: gnutls-3.2.4/lib/auth/cert.c
|
||||
}
|
||||
|
||||
return -1;
|
||||
@@ -1735,7 +1742,9 @@ _gnutls_gen_cert_server_cert_req (gnutls
|
||||
@@ -1735,7 +1741,9 @@ _gnutls_gen_cert_server_cert_req (gnutls
|
||||
tmp_data[0] = CERTTYPE_SIZE - 1;
|
||||
tmp_data[1] = RSA_SIGN;
|
||||
tmp_data[2] = DSA_SIGN;
|
||||
@ -61,10 +60,10 @@ Index: gnutls-3.2.4/lib/auth/cert.c
|
||||
|
||||
ret = _gnutls_buffer_append_data (data, tmp_data, CERTTYPE_SIZE);
|
||||
if (ret < 0)
|
||||
Index: gnutls-3.2.4/lib/auth/dhe_psk.c
|
||||
Index: gnutls-3.2.5/lib/auth/dhe_psk.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/auth/dhe_psk.c
|
||||
+++ gnutls-3.2.4/lib/auth/dhe_psk.c
|
||||
--- gnutls-3.2.5.orig/lib/auth/dhe_psk.c
|
||||
+++ gnutls-3.2.5/lib/auth/dhe_psk.c
|
||||
@@ -92,6 +92,7 @@ const mod_auth_st ecdhe_psk_auth_struct
|
||||
};
|
||||
#endif
|
||||
@ -129,28 +128,28 @@ Index: gnutls-3.2.4/lib/auth/dhe_psk.c
|
||||
+#endif
|
||||
|
||||
#endif /* ENABLE_PSK */
|
||||
Index: gnutls-3.2.4/lib/ext/ecc.c
|
||||
Index: gnutls-3.2.5/lib/ext/ecc.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/ext/ecc.c
|
||||
+++ gnutls-3.2.4/lib/ext/ecc.c
|
||||
@@ -35,6 +35,7 @@
|
||||
--- gnutls-3.2.5.orig/lib/ext/ecc.c
|
||||
+++ gnutls-3.2.5/lib/ext/ecc.c
|
||||
@@ -35,7 +35,7 @@
|
||||
/* Maps record size to numbers according to the
|
||||
* extensions draft.
|
||||
*/
|
||||
-
|
||||
+#ifdef ENABLE_ECC
|
||||
|
||||
static int _gnutls_supported_ecc_recv_params (gnutls_session_t session,
|
||||
const uint8_t * data,
|
||||
@@ -269,3 +270,5 @@ _gnutls_session_supports_ecc_curve (gnut
|
||||
size_t data_size);
|
||||
@@ -269,3 +269,4 @@ _gnutls_session_supports_ecc_curve (gnut
|
||||
|
||||
return GNUTLS_E_ECC_UNSUPPORTED_CURVE;
|
||||
}
|
||||
+
|
||||
+#endif
|
||||
Index: gnutls-3.2.4/lib/gnutls_extensions.c
|
||||
Index: gnutls-3.2.5/lib/gnutls_extensions.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/gnutls_extensions.c
|
||||
+++ gnutls-3.2.4/lib/gnutls_extensions.c
|
||||
--- gnutls-3.2.5.orig/lib/gnutls_extensions.c
|
||||
+++ gnutls-3.2.5/lib/gnutls_extensions.c
|
||||
@@ -351,6 +351,7 @@ _gnutls_ext_init (void)
|
||||
if (ret != GNUTLS_E_SUCCESS)
|
||||
return ret;
|
||||
@ -167,10 +166,10 @@ Index: gnutls-3.2.4/lib/gnutls_extensions.c
|
||||
|
||||
ret = _gnutls_ext_register (&ext_mod_sig);
|
||||
if (ret != GNUTLS_E_SUCCESS)
|
||||
Index: gnutls-3.2.4/lib/gnutls_priority.c
|
||||
Index: gnutls-3.2.5/lib/gnutls_priority.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/gnutls_priority.c
|
||||
+++ gnutls-3.2.4/lib/gnutls_priority.c
|
||||
--- gnutls-3.2.5.orig/lib/gnutls_priority.c
|
||||
+++ gnutls-3.2.5/lib/gnutls_priority.c
|
||||
@@ -245,35 +245,45 @@ gnutls_certificate_type_set_priority (gn
|
||||
}
|
||||
|
||||
@ -217,7 +216,7 @@ Index: gnutls-3.2.4/lib/gnutls_priority.c
|
||||
0
|
||||
};
|
||||
|
||||
@@ -416,51 +426,75 @@ static const int comp_priority[] = {
|
||||
@@ -416,51 +426,74 @@ static const int comp_priority[] = {
|
||||
static const int sign_priority_default[] = {
|
||||
GNUTLS_SIGN_RSA_SHA256,
|
||||
GNUTLS_SIGN_DSA_SHA256,
|
||||
@ -233,8 +232,8 @@ Index: gnutls-3.2.4/lib/gnutls_priority.c
|
||||
GNUTLS_SIGN_RSA_SHA512,
|
||||
+#ifdef ENABLE_ECC
|
||||
GNUTLS_SIGN_ECDSA_SHA512,
|
||||
-
|
||||
+#endif
|
||||
|
||||
GNUTLS_SIGN_RSA_SHA224,
|
||||
GNUTLS_SIGN_DSA_SHA224,
|
||||
+#ifdef ENABLE_ECC
|
||||
@ -293,10 +292,10 @@ Index: gnutls-3.2.4/lib/gnutls_priority.c
|
||||
0
|
||||
};
|
||||
|
||||
Index: gnutls-3.2.4/lib/nettle/pk.c
|
||||
Index: gnutls-3.2.5/lib/nettle/pk.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/nettle/pk.c
|
||||
+++ gnutls-3.2.4/lib/nettle/pk.c
|
||||
--- gnutls-3.2.5.orig/lib/nettle/pk.c
|
||||
+++ gnutls-3.2.5/lib/nettle/pk.c
|
||||
@@ -146,6 +146,7 @@ static int _wrap_nettle_pk_derive(gnutls
|
||||
|
||||
switch (algo)
|
||||
@ -377,10 +376,10 @@ Index: gnutls-3.2.4/lib/nettle/pk.c
|
||||
default:
|
||||
ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
|
||||
}
|
||||
Index: gnutls-3.2.4/tests/cert-tests/dane
|
||||
Index: gnutls-3.2.5/tests/cert-tests/dane
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/cert-tests/dane
|
||||
+++ gnutls-3.2.4/tests/cert-tests/dane
|
||||
--- gnutls-3.2.5.orig/tests/cert-tests/dane
|
||||
+++ gnutls-3.2.5/tests/cert-tests/dane
|
||||
@@ -22,6 +22,8 @@
|
||||
|
||||
set -e
|
||||
@ -390,10 +389,10 @@ Index: gnutls-3.2.4/tests/cert-tests/dane
|
||||
srcdir=${srcdir:-.}
|
||||
DANETOOL=${DANETOOL:-../../src/danetool$EXEEXT}
|
||||
|
||||
Index: gnutls-3.2.4/tests/dtls/dtls-nb
|
||||
Index: gnutls-3.2.5/tests/dtls/dtls-nb
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/dtls/dtls-nb
|
||||
+++ gnutls-3.2.4/tests/dtls/dtls-nb
|
||||
--- gnutls-3.2.5.orig/tests/dtls/dtls-nb
|
||||
+++ gnutls-3.2.5/tests/dtls/dtls-nb
|
||||
@@ -22,9 +22,7 @@
|
||||
|
||||
set -e
|
||||
@ -405,10 +404,10 @@ Index: gnutls-3.2.4/tests/dtls/dtls-nb
|
||||
|
||||
./dtls-stress -nb -shello 021 -sfinished 01 -cfinished 012 SKeyExchange CKeyExchange CFinished
|
||||
./dtls-stress -nb -shello 012 -sfinished 10 -cfinished 210 SHello SKeyExchange SHelloDone
|
||||
Index: gnutls-3.2.4/tests/dtls/dtls
|
||||
Index: gnutls-3.2.5/tests/dtls/dtls
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/dtls/dtls
|
||||
+++ gnutls-3.2.4/tests/dtls/dtls
|
||||
--- gnutls-3.2.5.orig/tests/dtls/dtls
|
||||
+++ gnutls-3.2.5/tests/dtls/dtls
|
||||
@@ -22,9 +22,7 @@
|
||||
|
||||
set -e
|
||||
@ -420,10 +419,10 @@ Index: gnutls-3.2.4/tests/dtls/dtls
|
||||
|
||||
./dtls-stress -shello 021 -sfinished 01 -cfinished 012 SKeyExchange CKeyExchange CFinished
|
||||
./dtls-stress -shello 012 -sfinished 10 -cfinished 210 SHello SKeyExchange SHelloDone
|
||||
Index: gnutls-3.2.4/tests/ecdsa/ecdsa
|
||||
Index: gnutls-3.2.5/tests/ecdsa/ecdsa
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/ecdsa/ecdsa
|
||||
+++ gnutls-3.2.4/tests/ecdsa/ecdsa
|
||||
--- gnutls-3.2.5.orig/tests/ecdsa/ecdsa
|
||||
+++ gnutls-3.2.5/tests/ecdsa/ecdsa
|
||||
@@ -22,6 +22,8 @@
|
||||
|
||||
#set -e
|
||||
@ -433,10 +432,10 @@ Index: gnutls-3.2.4/tests/ecdsa/ecdsa
|
||||
srcdir=${srcdir:-.}
|
||||
CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
|
||||
|
||||
Index: gnutls-3.2.4/tests/mini-dtls-heartbeat.c
|
||||
Index: gnutls-3.2.5/tests/mini-dtls-heartbeat.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-dtls-heartbeat.c
|
||||
+++ gnutls-3.2.4/tests/mini-dtls-heartbeat.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-dtls-heartbeat.c
|
||||
+++ gnutls-3.2.5/tests/mini-dtls-heartbeat.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -446,10 +445,10 @@ Index: gnutls-3.2.4/tests/mini-dtls-heartbeat.c
|
||||
|
||||
int
|
||||
main ()
|
||||
Index: gnutls-3.2.4/tests/mini-dtls-record.c
|
||||
Index: gnutls-3.2.5/tests/mini-dtls-record.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-dtls-record.c
|
||||
+++ gnutls-3.2.4/tests/mini-dtls-record.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-dtls-record.c
|
||||
+++ gnutls-3.2.5/tests/mini-dtls-record.c
|
||||
@@ -29,7 +29,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -459,10 +458,10 @@ Index: gnutls-3.2.4/tests/mini-dtls-record.c
|
||||
|
||||
int
|
||||
main ()
|
||||
Index: gnutls-3.2.4/tests/mini-dtls-rehandshake.c
|
||||
Index: gnutls-3.2.5/tests/mini-dtls-rehandshake.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-dtls-rehandshake.c
|
||||
+++ gnutls-3.2.4/tests/mini-dtls-rehandshake.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-dtls-rehandshake.c
|
||||
+++ gnutls-3.2.5/tests/mini-dtls-rehandshake.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -472,10 +471,10 @@ Index: gnutls-3.2.4/tests/mini-dtls-rehandshake.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/mini-dtls-srtp.c
|
||||
Index: gnutls-3.2.5/tests/mini-dtls-srtp.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-dtls-srtp.c
|
||||
+++ gnutls-3.2.4/tests/mini-dtls-srtp.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-dtls-srtp.c
|
||||
+++ gnutls-3.2.5/tests/mini-dtls-srtp.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -485,10 +484,10 @@ Index: gnutls-3.2.4/tests/mini-dtls-srtp.c
|
||||
|
||||
int
|
||||
main (int argc, char** argv)
|
||||
Index: gnutls-3.2.4/tests/mini-handshake-timeout.c
|
||||
Index: gnutls-3.2.5/tests/mini-handshake-timeout.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-handshake-timeout.c
|
||||
+++ gnutls-3.2.4/tests/mini-handshake-timeout.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-handshake-timeout.c
|
||||
+++ gnutls-3.2.5/tests/mini-handshake-timeout.c
|
||||
@@ -28,7 +28,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@ -511,10 +510,10 @@ Index: gnutls-3.2.4/tests/mini-handshake-timeout.c
|
||||
}
|
||||
|
||||
static void
|
||||
Index: gnutls-3.2.4/tests/mini-loss-time.c
|
||||
Index: gnutls-3.2.5/tests/mini-loss-time.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-loss-time.c
|
||||
+++ gnutls-3.2.4/tests/mini-loss-time.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-loss-time.c
|
||||
+++ gnutls-3.2.5/tests/mini-loss-time.c
|
||||
@@ -28,7 +28,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@ -524,10 +523,10 @@ Index: gnutls-3.2.4/tests/mini-loss-time.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/mini-record.c
|
||||
Index: gnutls-3.2.5/tests/mini-record.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-record.c
|
||||
+++ gnutls-3.2.4/tests/mini-record.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-record.c
|
||||
+++ gnutls-3.2.5/tests/mini-record.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -537,10 +536,10 @@ Index: gnutls-3.2.4/tests/mini-record.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/mini-record-range.c
|
||||
Index: gnutls-3.2.5/tests/mini-record-range.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-record-range.c
|
||||
+++ gnutls-3.2.4/tests/mini-record-range.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-record-range.c
|
||||
+++ gnutls-3.2.5/tests/mini-record-range.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -550,10 +549,10 @@ Index: gnutls-3.2.4/tests/mini-record-range.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/mini-xssl.c
|
||||
Index: gnutls-3.2.5/tests/mini-xssl.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-xssl.c
|
||||
+++ gnutls-3.2.4/tests/mini-xssl.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-xssl.c
|
||||
+++ gnutls-3.2.5/tests/mini-xssl.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -563,10 +562,10 @@ Index: gnutls-3.2.4/tests/mini-xssl.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/pkcs12_simple.c
|
||||
Index: gnutls-3.2.5/tests/pkcs12_simple.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/pkcs12_simple.c
|
||||
+++ gnutls-3.2.4/tests/pkcs12_simple.c
|
||||
--- gnutls-3.2.5.orig/tests/pkcs12_simple.c
|
||||
+++ gnutls-3.2.5/tests/pkcs12_simple.c
|
||||
@@ -50,6 +50,10 @@ doit (void)
|
||||
gnutls_x509_privkey_t pkey;
|
||||
int ret;
|
||||
@ -578,10 +577,10 @@ Index: gnutls-3.2.4/tests/pkcs12_simple.c
|
||||
ret = global_init ();
|
||||
if (ret < 0)
|
||||
fail ("global_init failed %d\n", ret);
|
||||
Index: gnutls-3.2.4/tests/slow/keygen.c
|
||||
Index: gnutls-3.2.5/tests/slow/keygen.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/slow/keygen.c
|
||||
+++ gnutls-3.2.4/tests/slow/keygen.c
|
||||
--- gnutls-3.2.5.orig/tests/slow/keygen.c
|
||||
+++ gnutls-3.2.5/tests/slow/keygen.c
|
||||
@@ -65,6 +65,11 @@ doit (void)
|
||||
if (algorithm == GNUTLS_PK_DH)
|
||||
continue;
|
||||
@ -594,10 +593,10 @@ Index: gnutls-3.2.4/tests/slow/keygen.c
|
||||
ret = gnutls_x509_privkey_init (&pkey);
|
||||
if (ret < 0)
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/srp/mini-srp.c
|
||||
Index: gnutls-3.2.5/tests/srp/mini-srp.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/srp/mini-srp.c
|
||||
+++ gnutls-3.2.4/tests/srp/mini-srp.c
|
||||
--- gnutls-3.2.5.orig/tests/srp/mini-srp.c
|
||||
+++ gnutls-3.2.5/tests/srp/mini-srp.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -607,10 +606,10 @@ Index: gnutls-3.2.4/tests/srp/mini-srp.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/lib/auth/ecdhe.c
|
||||
Index: gnutls-3.2.5/lib/auth/ecdhe.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/auth/ecdhe.c
|
||||
+++ gnutls-3.2.4/lib/auth/ecdhe.c
|
||||
--- gnutls-3.2.5.orig/lib/auth/ecdhe.c
|
||||
+++ gnutls-3.2.5/lib/auth/ecdhe.c
|
||||
@@ -50,7 +50,7 @@ static int
|
||||
proc_ecdhe_client_kx (gnutls_session_t session,
|
||||
uint8_t * data, size_t _data_size);
|
||||
@ -620,10 +619,10 @@ Index: gnutls-3.2.4/lib/auth/ecdhe.c
|
||||
const mod_auth_st ecdhe_ecdsa_auth_struct = {
|
||||
"ECDHE_ECDSA",
|
||||
_gnutls_gen_cert_server_crt,
|
||||
Index: gnutls-3.2.4/tests/mini-dtls-hello-verify.c
|
||||
Index: gnutls-3.2.5/tests/mini-dtls-hello-verify.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-dtls-hello-verify.c
|
||||
+++ gnutls-3.2.4/tests/mini-dtls-hello-verify.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-dtls-hello-verify.c
|
||||
+++ gnutls-3.2.5/tests/mini-dtls-hello-verify.c
|
||||
@@ -27,7 +27,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -633,10 +632,10 @@ Index: gnutls-3.2.4/tests/mini-dtls-hello-verify.c
|
||||
|
||||
int main()
|
||||
{
|
||||
Index: gnutls-3.2.4/tests/mini-alpn.c
|
||||
Index: gnutls-3.2.5/tests/mini-alpn.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-alpn.c
|
||||
+++ gnutls-3.2.4/tests/mini-alpn.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-alpn.c
|
||||
+++ gnutls-3.2.5/tests/mini-alpn.c
|
||||
@@ -25,7 +25,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -646,10 +645,10 @@ Index: gnutls-3.2.4/tests/mini-alpn.c
|
||||
|
||||
int
|
||||
main (int argc, char** argv)
|
||||
Index: gnutls-3.2.4/tests/mini-dtls-large.c
|
||||
Index: gnutls-3.2.5/tests/mini-dtls-large.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-dtls-large.c
|
||||
+++ gnutls-3.2.4/tests/mini-dtls-large.c
|
||||
--- gnutls-3.2.5.orig/tests/mini-dtls-large.c
|
||||
+++ gnutls-3.2.5/tests/mini-dtls-large.c
|
||||
@@ -25,7 +25,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -671,11 +670,11 @@ Index: gnutls-3.2.4/tests/mini-dtls-large.c
|
||||
NULL);
|
||||
|
||||
gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
|
||||
Index: gnutls-3.2.4/tests/mini-x509-callbacks.c
|
||||
Index: gnutls-3.2.5/tests/mini-x509-callbacks.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/mini-x509-callbacks.c
|
||||
+++ gnutls-3.2.4/tests/mini-x509-callbacks.c
|
||||
@@ -56,13 +56,19 @@ unsigned int msg_order[] = {
|
||||
--- gnutls-3.2.5.orig/tests/mini-x509-callbacks.c
|
||||
+++ gnutls-3.2.5/tests/mini-x509-callbacks.c
|
||||
@@ -58,8 +58,13 @@ unsigned int msg_order[] = {
|
||||
GNUTLS_HANDSHAKE_CLIENT_HELLO,
|
||||
GNUTLS_HANDSHAKE_SERVER_HELLO,
|
||||
GNUTLS_HANDSHAKE_CERTIFICATE_PKT,
|
||||
@ -689,16 +688,10 @@ Index: gnutls-3.2.4/tests/mini-x509-callbacks.c
|
||||
GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
|
||||
GNUTLS_HANDSHAKE_CERTIFICATE_PKT,
|
||||
GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE,
|
||||
GNUTLS_HANDSHAKE_FINISHED,
|
||||
GNUTLS_HANDSHAKE_FINISHED,
|
||||
+
|
||||
};
|
||||
|
||||
static int handshake_callback (gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming)
|
||||
Index: gnutls-3.2.4/lib/algorithms/kx.c
|
||||
Index: gnutls-3.2.5/lib/algorithms/kx.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/lib/algorithms/kx.c
|
||||
+++ gnutls-3.2.4/lib/algorithms/kx.c
|
||||
--- gnutls-3.2.5.orig/lib/algorithms/kx.c
|
||||
+++ gnutls-3.2.5/lib/algorithms/kx.c
|
||||
@@ -28,9 +28,11 @@
|
||||
|
||||
extern mod_auth_st rsa_auth_struct;
|
||||
@ -748,10 +741,10 @@ Index: gnutls-3.2.4/lib/algorithms/kx.c
|
||||
{"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0},
|
||||
# endif
|
||||
#endif
|
||||
Index: gnutls-3.2.4/tests/priorities.c
|
||||
Index: gnutls-3.2.5/tests/priorities.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/tests/priorities.c
|
||||
+++ gnutls-3.2.4/tests/priorities.c
|
||||
--- gnutls-3.2.5.orig/tests/priorities.c
|
||||
+++ gnutls-3.2.5/tests/priorities.c
|
||||
@@ -73,7 +73,7 @@ unsigned i, si, count = 0;
|
||||
for (i=0;i<ret;i++)
|
||||
fprintf(stderr, "%s\n", gnutls_cipher_get_name(t[i]));
|
||||
@ -775,13 +768,13 @@ Index: gnutls-3.2.4/tests/priorities.c
|
||||
doit (void)
|
||||
{
|
||||
+#ifdef ENABLE_ECC
|
||||
const int normal = 42;
|
||||
const int normal = 55;
|
||||
const int null = 5;
|
||||
const int sec128 = 32;
|
||||
const int sec128 = 45;
|
||||
+#else
|
||||
+const int normal = 27;
|
||||
+ const int normal = 36;
|
||||
+ const int null = 3;
|
||||
+const int sec128 = 21;
|
||||
+ const int sec128 = 30;
|
||||
+#endif
|
||||
|
||||
try_prio("NORMAL", normal, 8);
|
||||
@ -796,9 +789,9 @@ Index: gnutls-3.2.4/tests/priorities.c
|
||||
+#endif
|
||||
try_prio("PERFORMANCE", normal, 8);
|
||||
+#ifdef ENABLE_ECC
|
||||
try_prio("SECURE256", 6, 3);
|
||||
try_prio("SECURE256", 14, 3);
|
||||
+#else
|
||||
+ try_prio("SECURE256", 3, 3);
|
||||
+ try_prio("SECURE256", 9, 3);
|
||||
+#endif
|
||||
try_prio("SECURE128", sec128, 6);
|
||||
try_prio("SECURE128:+SECURE256", sec128, 6); /* should be the same as SECURE128 */
|
||||
@ -808,3 +801,37 @@ Index: gnutls-3.2.4/tests/priorities.c
|
||||
+#endif
|
||||
}
|
||||
|
||||
Index: gnutls-3.2.5/tests/mini-record-2.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.5.orig/tests/mini-record-2.c
|
||||
+++ gnutls-3.2.5/tests/mini-record-2.c
|
||||
@@ -359,19 +359,19 @@ static void start (const char* prio, int
|
||||
}
|
||||
}
|
||||
|
||||
-#define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL"
|
||||
-#define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL"
|
||||
-#define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL"
|
||||
+#define AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL"
|
||||
+#define AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL"
|
||||
+#define AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL"
|
||||
|
||||
-#define ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL"
|
||||
-#define ARCFOUR_MD5 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:+RSA"
|
||||
+#define ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL"
|
||||
+#define ARCFOUR_MD5 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL:+RSA"
|
||||
|
||||
-#define NULL_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+RSA:+CURVE-ALL"
|
||||
+#define NULL_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+NULL:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL"
|
||||
|
||||
-#define NEW_AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING"
|
||||
-#define NEW_ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING"
|
||||
-#define NEW_AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING"
|
||||
-#define NEW_AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING"
|
||||
+#define NEW_AES_CBC "NONE:+VERS-TLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL:%NEW_PADDING"
|
||||
+#define NEW_ARCFOUR_SHA1 "NONE:+VERS-TLS1.0:-CIPHER-ALL:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL:%NEW_PADDING"
|
||||
+#define NEW_AES_CBC_SHA256 "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL:%NEW_PADDING"
|
||||
+#define NEW_AES_GCM "NONE:+VERS-TLS1.2:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+RSA:+CURVE-ALL:%NEW_PADDING"
|
||||
|
||||
static void ch_handler(int sig)
|
||||
{
|
3
gnutls-3.2.5.tar.xz
Normal file
3
gnutls-3.2.5.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:c6fbcdcd32b2f38cca3bbfa10759556d66f4795ac6e6e50503f2ee5c08c081b7
|
||||
size 4987156
|
BIN
gnutls-3.2.5.tar.xz.sig
Normal file
BIN
gnutls-3.2.5.tar.xz.sig
Normal file
Binary file not shown.
@ -1,3 +1,41 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 28 20:36:13 UTC 2013 - shchang@suse.com
|
||||
|
||||
- Upgrade to 3.2.5
|
||||
** libgnutls: Documentation and build-time fixes.
|
||||
|
||||
** libgnutls: Allow the generation of DH groups of less than 700 bits.
|
||||
|
||||
** libgnutls: Added several combinations of ciphersuites with SHA256 and
|
||||
SHA384 as MAC, as well as Camellia with GCM.
|
||||
|
||||
** libdane: Added interfaces to allow initialization of dane_query_t
|
||||
from external DNS resolutions, and to allow direct verification of a
|
||||
certificate chain against a dane_query_t. Contributed by Christian Grothoff.
|
||||
|
||||
** libdane: Fixed a buffer overflow in dane_query_tlsa(). This could be
|
||||
triggered by a DNS server supplying more than 4 DANE records. Report and
|
||||
fix by Christian Grothoff.
|
||||
|
||||
** srptool: Fixed index command line option. Patch by Attila Molnar.
|
||||
|
||||
** gnutls-cli: Added support for inline commands, using the
|
||||
--inline-commands-prefix and --inline-commands options. Patch by Raj Raman.
|
||||
|
||||
** certtool: pathlen constraint is now read correctly. Reported by
|
||||
Christoph Seitz.
|
||||
|
||||
** API and ABI modifications:
|
||||
gnutls_certificate_get_crt_raw: Added
|
||||
dane_verify_crt_raw: Added
|
||||
dane_raw_tlsa: Added
|
||||
|
||||
Add files: make-obs-happy-with-gnutls_3.2.5.patch, gnutls-3.2.5.tar.xz,
|
||||
gnutls-3.2.5.tar.xz.sig, gnutls-3.2.5-noecc.patch
|
||||
|
||||
Delete files: gnutls-3.2.4.tar.xz, gnutls-3.2.4.tar.xz.sig,
|
||||
make-obs-happy-with-gnutls_3.2.4.patch, gnutls-3.2.4-noecc.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 2 16:23:59 UTC 2013 - schwab@linux-m68k.org
|
||||
|
||||
|
@ -21,7 +21,7 @@
|
||||
%define gnutls_ossl_sover 27
|
||||
|
||||
Name: gnutls
|
||||
Version: 3.2.4
|
||||
Version: 3.2.5
|
||||
Release: 0
|
||||
Summary: The GNU Transport Layer Security Library
|
||||
License: LGPL-2.1+ and GPL-3.0+
|
||||
@ -37,9 +37,9 @@ Source3: baselibs.conf
|
||||
Patch3: gnutls-3.0.26-skip-test-fwrite.patch
|
||||
|
||||
# Disable elliptic curves for reasons. - meissner&cfarrell
|
||||
Patch5: gnutls-3.2.4-noecc.patch
|
||||
Patch5: gnutls-3.2.5-noecc.patch
|
||||
Patch6: gnutls-implement-trust-store-dir.diff
|
||||
Patch7: make-obs-happy-with-gnutls_3.2.4.patch
|
||||
Patch7: make-obs-happy-with-gnutls_3.2.5.patch
|
||||
|
||||
BuildRequires: automake
|
||||
BuildRequires: gcc-c++
|
||||
|
@ -1,47 +0,0 @@
|
||||
Index: gnutls-3.2.4/doc/examples/ex-client-xssl1.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/doc/examples/ex-client-xssl1.c
|
||||
+++ gnutls-3.2.4/doc/examples/ex-client-xssl1.c
|
||||
@@ -80,6 +80,8 @@ int main (void)
|
||||
xssl_cred_deinit (cred);
|
||||
|
||||
gnutls_global_deinit ();
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
|
||||
Index: gnutls-3.2.4/doc/examples/ex-client-xssl2.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/doc/examples/ex-client-xssl2.c
|
||||
+++ gnutls-3.2.4/doc/examples/ex-client-xssl2.c
|
||||
@@ -95,4 +95,6 @@ int main (void)
|
||||
xssl_cred_deinit (cred);
|
||||
|
||||
gnutls_global_deinit ();
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
Index: gnutls-3.2.4/doc/examples/print-ciphersuites.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/doc/examples/print-ciphersuites.c
|
||||
+++ gnutls-3.2.4/doc/examples/print-ciphersuites.c
|
||||
@@ -51,4 +51,5 @@ int main(int argc, char** argv)
|
||||
{
|
||||
if (argc > 1)
|
||||
print_cipher_suite_list (argv[1]);
|
||||
+ return 0;
|
||||
}
|
||||
Index: gnutls-3.2.4/src/serv.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.4.orig/src/serv.c
|
||||
+++ gnutls-3.2.4/src/serv.c
|
||||
@@ -1216,6 +1216,8 @@ main (int argc, char **argv)
|
||||
udp_server (name, port, mtu);
|
||||
else
|
||||
tcp_server (name, port);
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
static void
|
34
make-obs-happy-with-gnutls_3.2.5.patch
Normal file
34
make-obs-happy-with-gnutls_3.2.5.patch
Normal file
@ -0,0 +1,34 @@
|
||||
Index: gnutls-3.2.5/doc/examples/ex-client-xssl1.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.5.orig/doc/examples/ex-client-xssl1.c
|
||||
+++ gnutls-3.2.5/doc/examples/ex-client-xssl1.c
|
||||
@@ -80,6 +80,8 @@ int main (void)
|
||||
xssl_cred_deinit (cred);
|
||||
|
||||
gnutls_global_deinit ();
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
|
||||
Index: gnutls-3.2.5/doc/examples/ex-client-xssl2.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.5.orig/doc/examples/ex-client-xssl2.c
|
||||
+++ gnutls-3.2.5/doc/examples/ex-client-xssl2.c
|
||||
@@ -95,4 +95,6 @@ int main (void)
|
||||
xssl_cred_deinit (cred);
|
||||
|
||||
gnutls_global_deinit ();
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
Index: gnutls-3.2.5/doc/examples/print-ciphersuites.c
|
||||
===================================================================
|
||||
--- gnutls-3.2.5.orig/doc/examples/print-ciphersuites.c
|
||||
+++ gnutls-3.2.5/doc/examples/print-ciphersuites.c
|
||||
@@ -51,4 +51,5 @@ int main(int argc, char** argv)
|
||||
{
|
||||
if (argc > 1)
|
||||
print_cipher_suite_list (argv[1]);
|
||||
+ return 0;
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user