diff options
author | Andre McCurdy <armccurdy@gmail.com> | 2017-11-08 19:45:36 -0800 |
---|---|---|
committer | Ross Burton <ross.burton@intel.com> | 2017-11-09 22:01:34 +0000 |
commit | 672845b9d0841de58b6a954d25fe6ee1ab7c333d (patch) | |
tree | 9c007bfbca5af35edc62c4fd574fd3a0aa867120 /recipes-support/gnutls/gnutls_3.3.27.bb | |
parent | c7f97f199a6dd54d3f369f0465a6bfd2cfa739b9 (diff) | |
download | meta-gplv2-672845b9d0841de58b6a954d25fe6ee1ab7c333d.tar.gz |
gnutls: update 3.3.27 -> 3.3.28
* Version 3.3.28 (released 2017-07-04)
** libgnutls: Fixed issue when rehandshaking without a client certificate in
a session which initially used one. Reported by Frantisek Sumsal.
** libgnutls: fix issue in RSA-PSK client callback which resulted in no username
being sent to the peer. Patch by Nicolas Dufresne.
** libgnutls: no longer parse the ResponseID field of the status response
TLS extension. The field is not used by GnuTLS nor is made available to
calling applications. That addresses a null pointer dereference on server
side caused by packets containing the ResponseID field. Reported
by Hubert Kario. [GNUTLS-SA-2017-4]
** libgnutls: Handle specially HSMs which request explicit authentication.
There are HSMs which return CKR_USER_NOT_LOGGED_IN on the first private key
operation. Detect that state and try to login.
** libgnutls: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login on HSMs.
That is, even in tokens which do not have a CKF_LOGIN_REQUIRED flag
a login will be forced. This improves operation on certain Safenet HSMs.
** libgnutls: do not set leading zeros when copying integers on HSMs.
PKCS#11 defines integers as unsigned having most significant byte
first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by
some HSMs which do not accept an integer with a leading zero. This
improves operation with certain Atos HSMs.
** libgnutls: Backported PKCS#11 key generation functionality for DSA keys.
** libgnutls: Improve check for /dev/urandom uniqueness. Ensure that when
gnutls_global_init() is called for a second time that /dev/urandom is
re-opened when the inode or device ID has changed.
** API and ABI modifications:
No changes since last version.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'recipes-support/gnutls/gnutls_3.3.27.bb')
-rw-r--r-- | recipes-support/gnutls/gnutls_3.3.27.bb | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/recipes-support/gnutls/gnutls_3.3.27.bb b/recipes-support/gnutls/gnutls_3.3.27.bb deleted file mode 100644 index a1dcdb5..0000000 --- a/recipes-support/gnutls/gnutls_3.3.27.bb +++ /dev/null | |||
@@ -1,17 +0,0 @@ | |||
1 | require gnutls.inc | ||
2 | |||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ | ||
4 | file://COPYING.LESSER;md5=a6f89e2100d9b6cdffcea4f398e37343" | ||
5 | |||
6 | SRC_URI += " \ | ||
7 | file://configure.ac-fix-sed-command.patch \ | ||
8 | file://use-pkg-config-to-locate-zlib.patch \ | ||
9 | " | ||
10 | SRC_URI[md5sum] = "8ee8cebd7f7575b11f232766a21c31d3" | ||
11 | SRC_URI[sha256sum] = "8dfda16c158ef5c134010d51d1a91d02aa5d43b8cb711b1572650a7ffb56b17f" | ||
12 | |||
13 | # This version doesn't support this option added in newer gnutls | ||
14 | # ERROR: gnutls-3.3.27-r0 do_configure: QA Issue: gnutls: configure was passed unrecognised options: --with-idn [unknown-configure-option] | ||
15 | PACKAGECONFIG[libidn] = "" | ||
16 | # but it still has the libidn dependency, without this option | ||
17 | EXTRA_OECONF += "--disable-crywrap" | ||