summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnutls
Commit message (Collapse)AuthorAgeFilesLines
* gnutls: upgrade 3.8.3 -> 3.8.4Simone Weiß2024-04-044-16/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Upgrade gnutls SRCREV for new version - Refresh patches for 3.8.4 Changelog: ========== ** libgnutls: RSA-OAEP encryption scheme is now supported To use it with an unrestricted RSA private key, one would need to initialize a gnutls_x509_spki_t object with necessary parameters for RSA-OAEP and attach it to the private key. It is also possible to import restricted private keys if they are stored in PKCS#8 format. ** libgnutls: Fix side-channel in the deterministic ECDSA. Reported by George Pantelakis (#1516). [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834] ** libgnutls: Fixed a bug where certtool crashed when verifying a certificate chain with more than 16 certificates. Reported by William Woodruff (#1525) and yixiangzhike (#1527). [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835] ** libgnutls: Compression libraries are now loaded dynamically as needed instead of all being loaded during gnutls library initialization. As a result, the library initialization should be faster. ** build: The gnutls library can now be linked with the static library of GMP. Note that in order for this to work libgmp.a needs to be compiled with -fPIC and libhogweed in Nettle also has to be linked to the static library of GMP. This can be used to prevent custom memory allocators from being overriden by other applications. ** API and ABI modifications: gnutls_x509_spki_get_rsa_oaep_params: New function. gnutls_x509_spki_set_rsa_oaep_params: New function. GNUTLS_PK_RSA_OAEP: New enum member of gnutls_pk_algorithm_t. (From OE-Core rev: feaa2b8065c7a02b52aa55954f05a3ee66260305) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: print log if ptest failsSimone Weiß2024-02-081-0/+10
| | | | | | | | | | | | There are AB-INT issues with the gnutls tests and the test for naked-alerts is failing. Tweak the run-ptest script to save the error log to obtain more infos for debugging. Related to [YOCTO #15352]. (From OE-Core rev: 9665d272df34bcb2811a2f7a1afccabe4bebc9d1) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Upgrade 3.8.2 -> 3.8.3Simone Weiß2024-01-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Upgrade version to adress recent CVE findings. Changelog ========= ** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange [GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553] ** libgnutls: Fix assertion failure when verifying a certificate chain with a cycle of cross signatures [GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567] ** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token certtool was unable to handle Ed25519 keys generated on PKCS#11 with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2. (From OE-Core rev: 705d2972b38efc9f331e3635c07ca92f8812b365) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.8.1 -> 3.8.2Wang Mingyu2023-11-301-1/+1
| | | | | | | | | | | | | | | | Changelog: ============ ** libgnutls: Fix timing side-channel inside RSA-PSK key exchange. ** libgnutls: Add API functions to perform ECDH and DH key agreement ** libgnutls: Added support for AES-GCM-SIV ciphers ** libgnutls: transparent KTLS support is extended to FreeBSD kernel ** gnutls-cli: New option --starttls-name (From OE-Core rev: 3c01bb0be8ddafa0aa1ad996ec524b51fd28f512) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.8.0 -> 3.8.1Alexander Kanavin2023-09-072-6/+8
| | | | | | | (From OE-Core rev: 5f08d833669e96df5236773ae5a70bfb22f90b6b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: remove use of argp-standalone for muslRoss Burton2023-05-221-3/+0
| | | | | | | | | | | This was made obsoleten in 3.5.0 when crywrap was removed from the GnuTLS source tree. (From OE-Core rev: b49dc6f29533ab7debd299419c8b891e106f5d9d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: clean up ptest compilationRoss Burton2023-05-221-4/+4
| | | | | | | | | | | Don't always build the tests in do_compile, use do_compile_ptest so they are only built when needed. (From OE-Core rev: 5f4b10a3361e273d22bc880b4127eb53291be47d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: use system libtasn1Ross Burton2023-05-221-2/+2
| | | | | | | | | | | Instead of using an internal ASN.1 parser, re-use libtasn1 from the system by default. (From OE-Core rev: db20ffc4ffb5e734258f0a9f9d1fb72d1f0df490) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: add PACKAGECONFIG options for certification compressionRoss Burton2023-05-221-0/+4
| | | | | | | | | | | | GnuTLS has optional support for certificate compression. These are not widely enabled in other distributions and were previously disabled in standard builds, so don't enable them by default. (From OE-Core rev: d22a406e7ca3018e0d1c0a7b1b6254c2aba6faba) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: add PACKAGECONFIG for DANERoss Burton2023-05-221-2/+4
| | | | | | | | | | | | | | DANE (DNS-based Authentication of Named Entities) allows certificates to be bound to DNS entries. This requires unbound which is not part of oe-core. Add a PACKAGECONFIG but disable by default. (From OE-Core rev: cfb328b2a7c35a8c1e0dd7cd8c7552a0837db206) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Add missing python ptest dependencyRichard Purdie2023-03-121-0/+2
| | | | | | | | Add dependency on python3 to fix execution in minimal images. (From OE-Core rev: bf5b15a8b7a2b2276109efc8a6fe54788908ef0d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Updated ther patch which fixes build error for fips enabled.leimaohui2023-03-011-1/+1
| | | | | | | | | | | The context of lib/Makefile.am in gnutls_3.8.0 has changed when updated from gnutls_3.7.8. (From OE-Core rev: 7c00bf8e0a0f9c88de6cf782b7fa3db7872c4100) Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.7.8 -> 3.8.0Alexander Kanavin2023-02-204-27/+23
| | | | | | | | | | | | | | | Refresh patches. guile option removed upstream. License-update: formatting, urls https://github.com/gnutls/gnutls/commit/a39e528897184c6f6a33d245b82891a8dc8090ce (From OE-Core rev: 016025f1c77b9ffc00213e6056c5134f353ff541) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: add ptest supportRavineet Singh2023-02-023-1/+157
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add gnutls unit-tests into ptest. Only self-contained tests (no external file system dependencies) are included. Some tests have been put in a disallow list in the run-ptest; these tests either require additional files (certificates) or environment setup prior to being run, via wrapper shell script. As autotools packages are built out-of-tree, it is cumbersome to add additional files. With regards to tests requiring wrapper scripts, it is possible to add logic to run these tests under run-ptests but that will require more effort to maintain, hence skipped. Verified via: $ runqemu qemux86-64 kvm nographic serial qemuparams='-m 4096 -smp 32' root@qemux86-64:~# ptest-runner gnutls START: ptest-runner BEGIN: /usr/lib64/gnutls/ptest PASS: aead-cipher-vec PASS: alerts PASS: anti_replay ... gnutls test summary: -------------------- total: 375 pass : 364 fail : 0 skip : 11 DURATION: 184 END: /usr/lib64/gnutls/ptest 2023-02-01T13:55 STOP: ptest-runner TOTAL: 1 FAIL: 0 (From OE-Core rev: 6061df3084b991ba4a54a3dca5dadda97e2364ac) Signed-off-by: Ravineet Singh <ravineet.a.singh@est.tech> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.7 -> 3.7.8wangmy2022-10-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========= ** libgnutls: In FIPS140 mode, RSA signature verification is an approved operation if the key has modulus with known sizes (1024, 1280, 1536, and 1792 bits), in addition to any modulus sizes larger than 2048 bits, according to SP800-131A rev2. ** libgnutls: gnutls_session_channel_binding performs additional checks when GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the "tls-exporter" channel binding is only usable when the handshake is bound to a unique master secret (i.e., either TLS 1.3 or extended master secret extension is negotiated). Otherwise the function now returns error. ** libgnutls: usage of the following functions, which are designed to loosen restrictions imposed by allowlisting mode of configuration, has been additionally restricted. Invoking them is now only allowed if system-wide TLS priority string has not been initialized yet: gnutls_digest_set_secure gnutls_sign_set_secure gnutls_sign_set_secure_for_certs gnutls_protocol_set_enabled (From OE-Core rev: 858886aa07d0c2c2ef2489996cc8eca5fbe931fa) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Unified package names to lower-caseKeiya Nobuta2022-10-251-1/+1
| | | | | | | | | | | create-spdx can't detect the license properly if the case doesn't match, so fix it. (From OE-Core rev: 9c87828493784d996910d742006268a626ef0130) Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.18.0 -> 4.19.0wangmy2022-09-011-1/+1
| | | | | | | | | | | | | | Changelog: =========== - Clarify libtasn1.map license. Closes: #38. - Fix ETYPE_OK out of bounds read. Closes: #32. - Update gnulib files and various maintenance fixes. (From OE-Core rev: b8f2c6ec61ffcc607a35bd5c11f5020c9b676226) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.6 -> 3.7.7Alexander Kanavin2022-08-101-1/+1
| | | | | | | | (From OE-Core rev: d70b29617789dcc7afe78e1d2d8b3f5122f6376f) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.5 -> 3.7.6Richard Purdie2022-06-041-1/+1
| | | | | | (From OE-Core rev: d3123a419165fadba10febec0bcaf83269b4a5a3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Added fips option.leimaohui2022-05-272-1/+51
| | | | | | | | | | | | | - Added a patch to avoid excute fipshmac command. Because *.hmac file should be created on target instead of on build environment. - Added pkg_postinst_ontarget to make sure necessary files are created on target. (From OE-Core rev: 1b5c620d10aa678871b6cea46e113c8fe3b79822) Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.4 -> 3.7.5Alexander Kanavin2022-05-201-1/+1
| | | | | | | | (From OE-Core rev: f1dc9311d4d10ca8a3b8ddfb8a79f335f01f5048) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.3 -> 3.7.4wangmy2022-03-231-1/+1
| | | | | | | | (From OE-Core rev: ae347dd574644a168e36cb42cf0560cd18cd636d) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX ↵Richard Purdie2022-02-202-8/+8
| | | | | | | | | | | | | license identifiers An automated conversion using scripts/contrib/convert-spdx-licenses.py to convert to use the standard SPDX license identifiers. Two recipes in meta-selftest were not converted as they're that way specifically for testing. A change in linux-firmware was also skipped and may need a more manual tweak. (From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.7.2 -> 3.7.3Alexander Kanavin2022-02-011-2/+1
| | | | | | | | | Drop unsupported option. (From OE-Core rev: 5a2d94e0df21992a30f95312da3bf8477f42785c) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.17.0 -> 4.18.0wangmy2021-11-162-9/+20
| | | | | | | | | | | | | | * Noteworthy changes in release 4.18.0 (2021-11-09) [stable] - Improve GTK-DOC manual. Closes: #35. - Improve --help and --version for tools with gnulib. Closes: #37. - Update gnulib files and various maintenance fixes. refresh dont-depend-on-help2man.patch (From OE-Core rev: 0d15632f3db787d3f08eb260732567e62f52ffb3) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Convert to new override syntaxRichard Purdie2021-08-022-12/+12
| | | | | | | | | | | | This is the result of automated script conversion: scripts/contrib/convert-overrides.py <oe-core directory> converting the metadata to use ":" as the override character instead of "_". (From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.1 -> 3.7.2wangmy2021-06-121-1/+1
| | | | | | | (From OE-Core rev: 3593a4c47d5e8faccb27c7cd975f18f90b9cd86f) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.16.0 -> 4.17.0wangmy2021-05-211-3/+3
| | | | | | | | | file LICENSE renamed to COPYING. (From OE-Core rev: 52e30a0344e727527cc3f498aa09bbbdfa1c2f47) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Point to staging area for finding seccomp libs and includesKhem Raj2021-04-271-1/+1
| | | | | | | | | | | | | | | This ensures that if libseccomp is installed on build host then it does not resort to use it. Fixes checking for libseccomp... (cached) yes checking how to link with libseccomp... /usr/lib/libseccomp.so (From OE-Core rev: 3751ac58720a500e3b749b2296922d7c82db49a1) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Enable seccomp if FEATURE is setArmin Kuster2021-04-261-1/+1
| | | | | | | (From OE-Core rev: f2527b5567252c7da4fbd863e119c8114e6debcd) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.7.0 -> 3.7.1Wang Mingyu2021-03-311-1/+1
| | | | | | | (From OE-Core rev: 7123b17db594b13c52414cd20beceb2a54841c4e) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipesMeh Mbeh Ida Delphine2021-03-022-1/+5
| | | | | | | | | Fixes: [YOCTO #13471] (From OE-Core rev: 6db24928d62aeb093a0e6da6619713eaca57a96f) Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.6.15 -> 3.7.0Alexander Kanavin2020-12-312-3/+14
| | | | | | | (From OE-Core rev: 6c4b2dcf82378419efca587f033ecac08fbc3b00) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: explicitly set --with-librt-prefixMartin Jansa2020-11-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * it will try to link with librt from host and if you have it on host (libc6-dev-i386 in ubuntu) it fails with: /usr/lib32/librt.so: error: undefined reference to '__clock_settime', version 'GLIBC_PRIVATE' /usr/lib32/librt.so: error: undefined reference to '__clock_getcpuclockid', version 'GLIBC_PRIVATE' /usr/lib32/librt.so: error: undefined reference to '__clock_getres', version 'GLIBC_PRIVATE' /usr/lib32/librt.so: error: undefined reference to '__clock_nanosleep', version 'GLIBC_PRIVATE' collect2: error: ld returned 1 exit status in older 3.6.14 it was using /usr/lib32/librt.so from host as well, but without do_compile failing configure:17539: checking for librt configure:17563: i686-oe-linux-gcc -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0=/usr/src/debug/gnutls/3.6.14-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0=/usr/src/debug/gnutls/3.6.14-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot= -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot-native= -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-z,relro,-z,now conftest.c /usr/lib32/librt.so >&5 configure:17563: $? = 0 configure:17573: result: yes configure:17580: checking how to link with librt configure:17582: result: /usr/lib32/librt.so with --with-librt-prefix passed, it finds the right one as shown in build/config.log: configure:17551: checking for librt configure:17575: i686-oe-linux-gcc -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0=/usr/src/debug/gnutls/3.6.15-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0=/usr/src/debug/gnutls/3.6.15-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot= -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot-native= -I/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/include -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-z,relro,-z,now conftest.c /tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/lib/librt.so >&5 configure:17575: $? = 0 configure:17585: result: yes configure:17592: checking how to link with librt configure:17594: result: /tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/lib/librt.so (From OE-Core rev: d355cd38904460f3add2b0b9477e8ddfd42b22e1) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.16.4 -> 3.16.5Alexander Kanavin2020-10-303-211/+2
| | | | | | | (From OE-Core rev: 2f38d5c97abbc84a55ad22dcd328f627380e79a8) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: CVE-2020-24659Zhixiong Chi2020-09-082-0/+118
| | | | | | | | | | | Backport the CVE patch from the usptream: https://gitlab.com/gnutls/gnutls.git commit 29ee67c205855e848a0a26e6d0e4f65b6b943e0a (From OE-Core rev: 84b1bc500e318657cb7a8a189b59cc63bc91dca3) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Fix krb5 code license to GPLv2.1+ to match the LICENSE file.zhengruoqin2020-07-122-0/+91
| | | | | | | | | | | This was discussed and accepted upstream by the project so their license is consistent. Please reference to https://gitlab.com/gnutls/gnutls/-/issues/1018 and https://gitlab.com/gnutls/gnutls/-/merge_requests/1285. (From OE-Core rev: 267d07301c79c24969c169add05284f612c41d77) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.13 -> 3.6.14Alexander Kanavin2020-06-091-2/+1
| | | | | | | (From OE-Core rev: cd88c81804a4a52b9875f2244c9f35911539be96) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: Remove workaround for host gcc < 5Adrian Bunk2020-05-141-2/+0
| | | | | | | (From OE-Core rev: 2c037f830856018b212d532198ae17932b3521d1) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.12 -> 3.6.13Wang Mingyu2020-04-241-2/+2
| | | | | | | (From OE-Core rev: 5cc0f0dcf1f41bc148b034b3f7abef756a328cd3) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.11.1 -> 3.6.12Alexander Kanavin2020-02-281-2/+2
| | | | | | | (From OE-Core rev: 8652c95ceb505dd7386166842486c833ea5a7ee7) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.15.0 -> 4.16.0Wang Mingyu2020-02-141-2/+2
| | | | | | | (From OE-Core rev: 320b62f12334684f1261b06e3e7bc8106e3b9490) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.14 -> 4.15.0Anuj Mittal2019-12-283-73/+4
| | | | | | | | | | | Remove backported patches and explicitly pass -std=gnu99 to native CFLAGS to make sure build passes on older and still supported OSes like CentOS 7. (From OE-Core rev: cc84d4dcc775c371389e1d351256946cbd003545) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.8 -> 3.6.11.1Alex Kiernan2019-12-282-42/+2
| | | | | | | | | | | | Drop patch from 81485be19b18 ("gnutls: don't use HOSTTOOLS_DIR/bash as a shell on target") as upstream now honours POSIX_SHELL when set as the primary target shell. (From OE-Core rev: bc487ced3be40569157fb40c99bfa68871f74744) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: fix build with api-documentation enabledRoss Burton2019-09-162-0/+39
| | | | | | | (From OE-Core rev: 698efe108de724d9129ca938151ab7c7d3cb34cc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: Enable nativesdk supportPhilippe Normand2019-08-211-1/+1
| | | | | | | | | | This is required before enabling p11-kit support by default in gnutls. (From OE-Core rev: 2a35202dbffd31eac1c00c03497549805853ad6c) Signed-off-by: Philippe Normand <philn@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.13 -> 4.14Anuj Mittal2019-07-314-86/+54
| | | | | | | | | | | | | | | | * For changes in this version, see: https://gitlab.com/gnutls/libtasn1/-/releases * Remove the musl patch as it's no longer needed. * Backport a patch to ensure LDFLAGS are not over-ridden. License-Update: License clarification, no change in actual terms. (From OE-Core rev: 243293436d9286f6d9a0f135d569b7b00ccc1078) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: don't use HOSTTOOLS_DIR/bash as a shell on targetRoss Burton2019-07-262-0/+43
| | | | | | | | | | | The libopts configure script looks for a shell on the build host and assumes it's good for the target. However in our builds it find $HOSTTOOLS_DIR/bash which isn't useful, so patch out the detection and force $base_bindir/sh. (From OE-Core rev: 9aaa1e3bdfd767fe8e19c00c611b34920644df27) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls:upgrade 3.6.7 -> 3.6.8Zang Ruochen2019-06-191-2/+2
| | | | | | | | | -Upgrade from gnutls_3.6.7.bb to gnutls_3.6.8.bb. (From OE-Core rev: b34486a616ab4d4b30247a5dff58a18ef26ed709) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Use the sysconfdir variable for the ca-certificates pathPhilippe Normand2019-06-071-1/+1
| | | | | | | (From OE-Core rev: 666f6192aaa9e847ad0d920a487b82d984b58d26) Signed-off-by: Philippe Normand <philn@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-26 01:29:25 +0000