| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
| |
Adds support for building gnupg as a -native recipe.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
| |
Signed-off-by: Oleksandr Kravchuk <dev@sashko.rv.ua>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Version 3.3.30 (released 2018-07-16)
** libgnutls: Corrected infinite loop when an incorrect PIN was provided
via pin-value or pin-source.
** gnutls-cli: backported the --sni-hostname option. This allows overriding the
hostname advertised to the peer.
** Improved counter-measures for TLS CBC record padding. Kenny Paterson, Eyal Ronen
and Adi Shamir reported that the existing counter-measures had certain issues and
were insufficient when the attacker has additional access to the CPU cache and
performs a chosen-plaintext attack. This affected the legacy CBC ciphersuites. [CVSS: medium]
** The ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default
priority strings. They are not necessary for compatibility or other purpose and
provide no advantage over their SHA1 counter-parts, as they all depend on the legacy
TLS CBC block mode.
** API and ABI modifications:
No changes since last version.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
| |
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fixes:
WARNING: nettle-2.7.1-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:
devtool modify <recipe>
devtool finish --force-patch-refresh <recipe> <layer_path>
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch Add-target-to-only-build-tests-not-run-them.patch
patching file Makefile.in
Hunk #1 succeeded at 53 (offset -2 lines).
patching file testsuite/Makefile.in
Hunk #1 succeeded at 105 with fuzz 2 (offset -11 lines).
Now at patch Add-target-to-only-build-tests-not-run-them.patch
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Version 3.3.29 (released 2018-02-16)
** libgnutls: Fixed issue which caused 1-byte handshake fragments to be refused.
Reported by Balázs Kéri.
** libgnutls: Fixed interoperability issue with openssl when safe renegotiation was
used. Resolves gitlab issue #259.
** libgnutls: Use readdir() instead of readdir_r internally. The latter
is deprecated and on our use we don't need readdir() to be thread safe
(which it is in most common platforms).
** libgnutls: require strict DER encoding for certificates, OCSP requests, private
keys, CRLs and certificate requests. This backports the already default behavior
from the 3.5.x branch, in order to reduce issues due to the complexity of BER rules.
** libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by
Vitezslav Cizek).
** libgnutls: Addressed issue in the accelerated code which may affect interoperability
with versions of nettle > 3.4.
** p11tool: Fixed issue preventing the deletion of objects in batch mode.
** p11tool: Mark all generated objects as sensitive by default.
** API and ABI modifications:
No changes since last version.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Version 3.3.28 (released 2017-07-04)
** libgnutls: Fixed issue when rehandshaking without a client certificate in
a session which initially used one. Reported by Frantisek Sumsal.
** libgnutls: fix issue in RSA-PSK client callback which resulted in no username
being sent to the peer. Patch by Nicolas Dufresne.
** libgnutls: no longer parse the ResponseID field of the status response
TLS extension. The field is not used by GnuTLS nor is made available to
calling applications. That addresses a null pointer dereference on server
side caused by packets containing the ResponseID field. Reported
by Hubert Kario. [GNUTLS-SA-2017-4]
** libgnutls: Handle specially HSMs which request explicit authentication.
There are HSMs which return CKR_USER_NOT_LOGGED_IN on the first private key
operation. Detect that state and try to login.
** libgnutls: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login on HSMs.
That is, even in tokens which do not have a CKF_LOGIN_REQUIRED flag
a login will be forced. This improves operation on certain Safenet HSMs.
** libgnutls: do not set leading zeros when copying integers on HSMs.
PKCS#11 defines integers as unsigned having most significant byte
first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by
some HSMs which do not accept an integer with a leading zero. This
improves operation with certain Atos HSMs.
** libgnutls: Backported PKCS#11 key generation functionality for DSA keys.
** libgnutls: Improve check for /dev/urandom uniqueness. Ensure that when
gnutls_global_init() is called for a second time that /dev/urandom is
re-opened when the inode or device ID has changed.
** API and ABI modifications:
No changes since last version.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The gpg-zip script contains wrong tar binary path:
"TAR=/buildarea/poky/build/tmp/hosttools/tar"
Specify the correct tar path when configure.
Also remove the code for ustar format detection in configure because it
is not applicable for cross-compile environment.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building for aarch64 (ie relying only on generic C code rather
than asm) libgmp.so contains undefined references to __gmpn_add_nc
and __gmpn_sub_nc which causes attempts to link with -lgmp to fail:
| .../usr/lib/libgmp.so: undefined reference to `__gmpn_sub_nc'
| .../usr/lib/libgmp.so: undefined reference to `__gmpn_add_nc'
Solution based on a historical patch posted to the gmp mailing list:
https://gmplib.org/list-archives/gmp-discuss/2006-May/002344.html
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* also remove correct_rpl_gettimeofday_signature.patch like in
commit e01e7c543a559c8926d72159b5cd55db0c661434
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Thu Jun 15 23:15:00 2017 +0100
meta: Remove further uclibc remnants (inc. patches and site files)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* it was modified in oe-core/master in this commit:
commit ba7e5f51327d9833776aa066f30c5e46606be374
Author: Fan Xin <fan.xin@jp.fujitsu.com>
Date: Fri Jun 9 15:49:18 2017 +0900
gnutls: Upgrade to 3.5.13
1. Upgrade gnutls from 3.5.9 to 3.5.13
2. Rebase the following patch file.
use-pkg-config-to-locate-zlib.patch
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
and no longer applies for this version.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* gnutls depends on nettle-3.1* since 3.4.0:
The requirement for nettle was bumped from 3.0 to 3.1 in gnutls_3_4_0
https://gitlab.com/gnutls/gnutls/commit/c84129af91b21d33ffe086e507632771b0e76498
and from 2.7 to 3.0 a bit earlier also in gnutls_3_4_0
https://gitlab.com/gnutls/gnutls/commit/3fa80cf68919f07b3351b2722278ba463d6e731c
* add recipe for last release in 3.3 branch which is compatible
with nettle 2.7.1 used in meta-gplv2
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|