diff options
author | Andre McCurdy <armccurdy@gmail.com> | 2017-11-08 19:45:36 -0800 |
---|---|---|
committer | Ross Burton <ross.burton@intel.com> | 2017-11-09 22:01:34 +0000 |
commit | 672845b9d0841de58b6a954d25fe6ee1ab7c333d (patch) | |
tree | 9c007bfbca5af35edc62c4fd574fd3a0aa867120 | |
parent | c7f97f199a6dd54d3f369f0465a6bfd2cfa739b9 (diff) | |
download | meta-gplv2-672845b9d0841de58b6a954d25fe6ee1ab7c333d.tar.gz |
gnutls: update 3.3.27 -> 3.3.28
* Version 3.3.28 (released 2017-07-04)
** libgnutls: Fixed issue when rehandshaking without a client certificate in
a session which initially used one. Reported by Frantisek Sumsal.
** libgnutls: fix issue in RSA-PSK client callback which resulted in no username
being sent to the peer. Patch by Nicolas Dufresne.
** libgnutls: no longer parse the ResponseID field of the status response
TLS extension. The field is not used by GnuTLS nor is made available to
calling applications. That addresses a null pointer dereference on server
side caused by packets containing the ResponseID field. Reported
by Hubert Kario. [GNUTLS-SA-2017-4]
** libgnutls: Handle specially HSMs which request explicit authentication.
There are HSMs which return CKR_USER_NOT_LOGGED_IN on the first private key
operation. Detect that state and try to login.
** libgnutls: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login on HSMs.
That is, even in tokens which do not have a CKF_LOGIN_REQUIRED flag
a login will be forced. This improves operation on certain Safenet HSMs.
** libgnutls: do not set leading zeros when copying integers on HSMs.
PKCS#11 defines integers as unsigned having most significant byte
first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by
some HSMs which do not accept an integer with a leading zero. This
improves operation with certain Atos HSMs.
** libgnutls: Backported PKCS#11 key generation functionality for DSA keys.
** libgnutls: Improve check for /dev/urandom uniqueness. Ensure that when
gnutls_global_init() is called for a second time that /dev/urandom is
re-opened when the inode or device ID has changed.
** API and ABI modifications:
No changes since last version.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
-rw-r--r-- | recipes-support/gnutls/gnutls.inc | 9 | ||||
-rw-r--r-- | recipes-support/gnutls/gnutls_3.3.27.bb | 17 | ||||
-rw-r--r-- | recipes-support/gnutls/gnutls_3.3.28.bb | 8 |
3 files changed, 12 insertions, 22 deletions
diff --git a/recipes-support/gnutls/gnutls.inc b/recipes-support/gnutls/gnutls.inc index 4a5c3df..4cf375f 100644 --- a/recipes-support/gnutls/gnutls.inc +++ b/recipes-support/gnutls/gnutls.inc | |||
@@ -8,9 +8,8 @@ LICENSE_${PN}-xx = "LGPLv2.1+" | |||
8 | LICENSE_${PN}-bin = "GPLv3+" | 8 | LICENSE_${PN}-bin = "GPLv3+" |
9 | LICENSE_${PN}-openssl = "GPLv3+" | 9 | LICENSE_${PN}-openssl = "GPLv3+" |
10 | 10 | ||
11 | LIC_FILES_CHKSUM = "file://LICENSE;md5=71391c8e0c1cfe68077e7fce3b586283 \ | 11 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ |
12 | file://doc/COPYING;md5=d32239bcb673463ab874e80d47fae504 \ | 12 | file://COPYING.LESSER;md5=a6f89e2100d9b6cdffcea4f398e37343" |
13 | file://doc/COPYING.LESSER;md5=a6f89e2100d9b6cdffcea4f398e37343" | ||
14 | 13 | ||
15 | DEPENDS = "nettle gmp virtual/libiconv" | 14 | DEPENDS = "nettle gmp virtual/libiconv" |
16 | DEPENDS_append_libc-musl = " argp-standalone" | 15 | DEPENDS_append_libc-musl = " argp-standalone" |
@@ -21,9 +20,8 @@ SRC_URI = "ftp://ftp.gnutls.org/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz" | |||
21 | 20 | ||
22 | inherit autotools texinfo binconfig pkgconfig gettext lib_package gtk-doc | 21 | inherit autotools texinfo binconfig pkgconfig gettext lib_package gtk-doc |
23 | 22 | ||
24 | PACKAGECONFIG ??= "libidn zlib" | 23 | PACKAGECONFIG ??= "zlib" |
25 | 24 | ||
26 | PACKAGECONFIG[libidn] = "--with-idn,--without-idn,libidn" | ||
27 | PACKAGECONFIG[libtasn1] = "--with-included-libtasn1=no,--with-included-libtasn1,libtasn1" | 25 | PACKAGECONFIG[libtasn1] = "--with-included-libtasn1=no,--with-included-libtasn1,libtasn1" |
28 | PACKAGECONFIG[p11-kit] = "--with-p11-kit,--without-p11-kit,p11-kit" | 26 | PACKAGECONFIG[p11-kit] = "--with-p11-kit,--without-p11-kit,p11-kit" |
29 | PACKAGECONFIG[tpm] = "--with-tpm,--without-tpm,trousers" | 27 | PACKAGECONFIG[tpm] = "--with-tpm,--without-tpm,trousers" |
@@ -31,6 +29,7 @@ PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib" | |||
31 | 29 | ||
32 | EXTRA_OECONF = " \ | 30 | EXTRA_OECONF = " \ |
33 | --enable-doc \ | 31 | --enable-doc \ |
32 | --disable-crywrap \ | ||
34 | --disable-libdane \ | 33 | --disable-libdane \ |
35 | --disable-guile \ | 34 | --disable-guile \ |
36 | --disable-rpath \ | 35 | --disable-rpath \ |
diff --git a/recipes-support/gnutls/gnutls_3.3.27.bb b/recipes-support/gnutls/gnutls_3.3.27.bb deleted file mode 100644 index a1dcdb5..0000000 --- a/recipes-support/gnutls/gnutls_3.3.27.bb +++ /dev/null | |||
@@ -1,17 +0,0 @@ | |||
1 | require gnutls.inc | ||
2 | |||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ | ||
4 | file://COPYING.LESSER;md5=a6f89e2100d9b6cdffcea4f398e37343" | ||
5 | |||
6 | SRC_URI += " \ | ||
7 | file://configure.ac-fix-sed-command.patch \ | ||
8 | file://use-pkg-config-to-locate-zlib.patch \ | ||
9 | " | ||
10 | SRC_URI[md5sum] = "8ee8cebd7f7575b11f232766a21c31d3" | ||
11 | SRC_URI[sha256sum] = "8dfda16c158ef5c134010d51d1a91d02aa5d43b8cb711b1572650a7ffb56b17f" | ||
12 | |||
13 | # This version doesn't support this option added in newer gnutls | ||
14 | # ERROR: gnutls-3.3.27-r0 do_configure: QA Issue: gnutls: configure was passed unrecognised options: --with-idn [unknown-configure-option] | ||
15 | PACKAGECONFIG[libidn] = "" | ||
16 | # but it still has the libidn dependency, without this option | ||
17 | EXTRA_OECONF += "--disable-crywrap" | ||
diff --git a/recipes-support/gnutls/gnutls_3.3.28.bb b/recipes-support/gnutls/gnutls_3.3.28.bb new file mode 100644 index 0000000..1b23369 --- /dev/null +++ b/recipes-support/gnutls/gnutls_3.3.28.bb | |||
@@ -0,0 +1,8 @@ | |||
1 | require gnutls.inc | ||
2 | |||
3 | SRC_URI += " \ | ||
4 | file://configure.ac-fix-sed-command.patch \ | ||
5 | file://use-pkg-config-to-locate-zlib.patch \ | ||
6 | " | ||
7 | SRC_URI[md5sum] = "e19718d97cee5279edf3f3b9318f926c" | ||
8 | SRC_URI[sha256sum] = "608f63441abc209c5bd5f61e35f2b6128c22e06fa2ad6248a08d8a643feeb807" | ||