From 697da38665a137ada9ba58b3948b78d23f30fb31 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 1 Jan 1970 00:00:00 +0000 Subject: [PATCH] - Rebase to native Fedora version 2.6.3. - Enable C++ library. - Use _smp_mflags. - Use find_lang macro. - Don't build static library. --- .hgignore | 1 + gnutls/gnutls-1.4.1-cve-2008-4989.patch | 39 --------------------------------- gnutls/gnutls-2.4.0-nosrp.patch | 33 ---------------------------- gnutls/gnutls-2.6.2-nosrp.patch | 20 +++++++++++++++++ gnutls/mingw32-gnutls.spec | 35 ++++++++++++++++------------- 5 files changed, 41 insertions(+), 87 deletions(-) delete mode 100644 gnutls/gnutls-1.4.1-cve-2008-4989.patch delete mode 100644 gnutls/gnutls-2.4.0-nosrp.patch create mode 100644 gnutls/gnutls-2.6.2-nosrp.patch diff --git a/.hgignore b/.hgignore index 486246e..6d149b0 100644 --- a/.hgignore +++ b/.hgignore @@ -42,6 +42,7 @@ glib2/glib-2.18.1.tar.bz2 glibmm24/glibmm-2.18.1.tar.bz2 gnutls/gnutls-2.4.1.tar.bz2 gnutls/gnutls-2.4.2-nosrp.tar.bz2 +gnutls/gnutls-2.6.3-nosrp.tar.bz2 gsl/gsl-1.11.tar.gz gtk2/gtk+-2.14.0.tar.bz2 gtk2/gtk+-2.14.2.tar.bz2 diff --git a/gnutls/gnutls-1.4.1-cve-2008-4989.patch b/gnutls/gnutls-1.4.1-cve-2008-4989.patch deleted file mode 100644 index c7f5bc7..0000000 --- a/gnutls/gnutls-1.4.1-cve-2008-4989.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff -up gnutls-1.4.1/lib/x509/verify.c.chain-verify gnutls-1.4.1/lib/x509/verify.c ---- gnutls-1.4.1/lib/x509/verify.c.chain-verify 2008-11-11 10:55:19.000000000 +0100 -+++ gnutls-1.4.1/lib/x509/verify.c 2008-11-11 10:58:54.000000000 +0100 -@@ -379,6 +379,17 @@ _gnutls_x509_verify_certificate (const g - int i = 0, ret; - unsigned int status = 0, output; - -+ /* Check if the last certificate in the path is self signed. -+ * In that case ignore it (a certificate is trusted only if it -+ * leads to a trusted party by us, not the server's). -+ */ -+ if (clist_size > 1 && -+ gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], -+ certificate_list[clist_size - 1]) > 0) -+ { -+ clist_size--; -+ } -+ - /* Verify the last certificate in the certificate path - * against the trusted CA certificate list. - * -@@ -417,17 +428,6 @@ _gnutls_x509_verify_certificate (const g - } - #endif - -- /* Check if the last certificate in the path is self signed. -- * In that case ignore it (a certificate is trusted only if it -- * leads to a trusted party by us, not the server's). -- */ -- if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], -- certificate_list[clist_size - 1]) > 0 -- && clist_size > 0) -- { -- clist_size--; -- } -- - /* Verify the certificate path (chain) - */ - for (i = clist_size - 1; i > 0; i--) diff --git a/gnutls/gnutls-2.4.0-nosrp.patch b/gnutls/gnutls-2.4.0-nosrp.patch deleted file mode 100644 index ddfb9a5..0000000 --- a/gnutls/gnutls-2.4.0-nosrp.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -up gnutls-2.4.0/lib/gnutlsxx.cpp.nosrp gnutls-2.4.0/lib/gnutlsxx.cpp ---- gnutls-2.4.0/lib/gnutlsxx.cpp.nosrp 2008-05-19 10:01:43.000000000 +0200 -+++ gnutls-2.4.0/lib/gnutlsxx.cpp 2008-06-23 20:11:26.000000000 +0200 -@@ -398,7 +398,11 @@ void session::set_credentials( credentia - - const char* server_session::get_srp_username() const - { -+#ifdef ENABLE_SRP - return gnutls_srp_server_get_username( s); -+#else -+ return NULL; -+#endif - } - - const char* server_session::get_psk_username() const -@@ -677,7 +681,7 @@ void certificate_client_credentials::set - } - - // SRP -- -+#ifdef ENABLE_SRP - srp_server_credentials::srp_server_credentials() : credentials(GNUTLS_CRD_SRP) - { - RETWRAP(gnutls_srp_allocate_server_credentials( &cred)); -@@ -721,7 +725,7 @@ void srp_client_credentials::set_credent - { - gnutls_srp_set_client_credentials_function( cred, func); - } -- -+#endif - // PSK - - psk_server_credentials::psk_server_credentials() : credentials(GNUTLS_CRD_PSK) diff --git a/gnutls/gnutls-2.6.2-nosrp.patch b/gnutls/gnutls-2.6.2-nosrp.patch new file mode 100644 index 0000000..9bcdfeb --- /dev/null +++ b/gnutls/gnutls-2.6.2-nosrp.patch @@ -0,0 +1,20 @@ +diff -up gnutls-2.6.2/lib/gnutlsxx.cpp.nosrp gnutls-2.6.2/lib/gnutlsxx.cpp +--- gnutls-2.6.2/lib/gnutlsxx.cpp.nosrp 2008-11-12 10:56:28.000000000 +0100 ++++ gnutls-2.6.2/lib/gnutlsxx.cpp 2008-12-04 14:34:10.000000000 +0100 +@@ -396,12 +396,14 @@ void session::set_credentials( credentia + RETWRAP(gnutls_credentials_set( s, cred.get_type(), cred.ptr())); + } + +-#ifdef ENABLE_SRP + const char* server_session::get_srp_username() const + { ++#ifdef ENABLE_SRP + return gnutls_srp_server_get_username( s); +-} ++#else ++ return NULL; + #endif ++} + + const char* server_session::get_psk_username() const + { diff --git a/gnutls/mingw32-gnutls.spec b/gnutls/mingw32-gnutls.spec index 0739ee0..6f5088e 100644 --- a/gnutls/mingw32-gnutls.spec +++ b/gnutls/mingw32-gnutls.spec @@ -5,8 +5,8 @@ %define __find_provides %{_mingw32_findprovides} Name: mingw32-gnutls -Version: 2.4.2 -Release: 4%{?dist} +Version: 2.6.3 +Release: 1%{?dist} Summary: MinGW Windows GnuTLS TLS/SSL encryption library License: GPLv3+ and LGPLv2+ @@ -15,12 +15,12 @@ URL: http://www.gnutls.org/ #Source0: ftp://ftp.gnutls.org/pub/gnutls/gnutls-%{version}.tar.bz2 # XXX patent tainted SRP code removed. Source0: gnutls-%{version}-nosrp.tar.bz2 +Source1: libgnutls-config BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch -Patch1: gnutls-2.4.0-nosrp.patch -Patch5: gnutls-1.4.1-cve-2008-4989.patch +Patch1: gnutls-2.6.2-nosrp.patch # MinGW-specific patches. Patch1000: gnutls-certtool-build.patch @@ -29,7 +29,7 @@ BuildRequires: mingw32-filesystem >= 25 BuildRequires: mingw32-gcc BuildRequires: mingw32-binutils BuildRequires: mingw32-libgpg-error -BuildRequires: mingw32-libgcrypt +BuildRequires: mingw32-libgcrypt >= 1.2.2 BuildRequires: mingw32-iconv BuildRequires: mingw32-gettext BuildRequires: mingw32-zlib @@ -46,7 +46,6 @@ MinGW Windows GnuTLS TLS/SSL encryption library. %setup -q -n gnutls-%{version} %patch1 -p1 -b .nosrp -%patch5 -p1 -b .chain-verify %patch1000 -p1 -b .mingw32 @@ -57,9 +56,11 @@ done %build autoreconf PATH="%{_mingw32_bindir}:$PATH" \ -%{_mingw32_configure} --with-included-libtasn1 --disable-cxx \ - --disable-srp-authentication -make +%{_mingw32_configure} \ + --with-included-libtasn1 \ + --disable-srp-authentication \ + --disable-static +make %{?_smp_mflags} %install @@ -68,20 +69,18 @@ rm -rf $RPM_BUILD_ROOT make DESTDIR=$RPM_BUILD_ROOT install rm -f $RPM_BUILD_ROOT%{_mingw32_datadir}/info/dir -rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libgnutls-extra.a -rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libgnutls-openssl.a -rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libgnutls.a - # Remove info and man pages which duplicate stuff in Fedora already. rm -rf $RPM_BUILD_ROOT%{_mingw32_infodir} rm -rf $RPM_BUILD_ROOT%{_mingw32_mandir} +%find_lang gnutls + %clean rm -rf $RPM_BUILD_ROOT -%files +%files -f gnutls.lang %defattr(-,root,root) %{_mingw32_bindir}/certtool.exe %{_mingw32_bindir}/gnutls-cli-debug.exe @@ -107,10 +106,16 @@ rm -rf $RPM_BUILD_ROOT %{_mingw32_includedir}/gnutls/ %{_mingw32_datadir}/aclocal/libgnutls-extra.m4 %{_mingw32_datadir}/aclocal/libgnutls.m4 -%{_mingw32_datadir}/locale/*/LC_MESSAGES/gnutls.mo %changelog +* Fri Jan 23 2009 Richard W.M. Jones - 2.6.3-1 +- Rebase to native Fedora version 2.6.3. +- Enable C++ library. +- Use _smp_mflags. +- Use find_lang macro. +- Don't build static library. + * Tue Jan 13 2009 Richard W.M. Jones - 2.4.2-4 - Requires pkgconfig. -- 1.8.3.1