gnutls: Updated (2.12.23 -> 3.2.12.1)

11 years ago · 9efb6aadb6
4 changed files with 39 additions and 117 deletions
--- a/security/gnutls/CVE-2014-0092.patch
+++ b/security/gnutls/CVE-2014-0092.patch
@ -1,104 +0,0 @@
-# --- SDE-COPYRIGHT-NOTE-BEGIN ---
-# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
-#
-# Filename: package/.../gnutls/CVE-2014-0092.patch
-# Copyright (C) 2014 The OpenSDE Project
-#
-# More information can be found in the files COPYING and README.
-#
-# This patch file is dual-licensed. It is available under the license the
-# patched project is licensed under, as long as it is an OpenSource license
-# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
-# of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
-# --- SDE-COPYRIGHT-NOTE-END ---
-
--- a/lib/x509/verify.c
-+++ b/lib/x509/verify.c
-@@ -141,7 +141,7 @@
-   if (result < 0)
-     {
-       gnutls_assert ();
-      goto cleanup;
-+      goto fail;
-     }
- 
-   result =
-@@ -150,7 +150,7 @@
-   if (result < 0)
-     {
-       gnutls_assert ();
-      goto cleanup;
-+      goto fail;
-     }
- 
-   result =
-@@ -158,7 +158,7 @@
-   if (result < 0)
-     {
-       gnutls_assert ();
-      goto cleanup;
-+      goto fail;
-     }
- 
-   result =
-@@ -166,7 +166,7 @@
-   if (result < 0)
-     {
-       gnutls_assert ();
-      goto cleanup;
-+      goto fail;
-     }
- 
-   /* If the subject certificate is the same as the issuer
-@@ -206,6 +206,7 @@
-   else
-     gnutls_assert ();
- 
-+fail:
-   result = 0;
- 
- cleanup:
-@@ -330,7 +331,7 @@
-   gnutls_datum_t cert_signed_data = { NULL, 0 };
-   gnutls_datum_t cert_signature = { NULL, 0 };
-   gnutls_x509_crt_t issuer = NULL;
-  int issuer_version, result;
-+  int issuer_version, result = 0;
- 
-   if (output)
-     *output = 0;
-@@ -363,7 +364,7 @@
-   if (issuer_version < 0)
-     {
-       gnutls_assert ();
-      return issuer_version;
-+      return 0;
-     }
- 
-   if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) &&
-@@ -385,6 +386,7 @@
-   if (result < 0)
-     {
-       gnutls_assert ();
-+      result = 0;
-       goto cleanup;
-     }
- 
-@@ -393,6 +395,7 @@
-   if (result < 0)
-     {
-       gnutls_assert ();
-+      result = 0;
-       goto cleanup;
-     }
- 
-@@ -410,6 +413,7 @@
-   else if (result < 0)
-     {
-       gnutls_assert();
-+      result = 0;
-       goto cleanup;
-     }
- 
--- a/security/gnutls/gnutls-opensde-automake-downgrade.patch
+++ b/security/gnutls/gnutls-opensde-automake-downgrade.patch
@ -0,0 +1,30 @@
+# --- SDE-COPYRIGHT-NOTE-BEGIN ---
+# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
+#
+# Filename: package/.../gnutls/gnutls-opensde-automake-downgrade.patch
+# Copyright (C) 2014 The OpenSDE Project
+#
+# More information can be found in the files COPYING and README.
+#
+# This patch file is dual-licensed. It is available under the license the
+# patched project is licensed under, as long as it is an OpenSource license
+# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
+# of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+# --- SDE-COPYRIGHT-NOTE-END ---
+
+This is an OpenSDE specific patch downgrading to the currently used
+automake version used by it.
+
+--- a/configure.ac	2014-04-02 01:47:03.774975808 +0200
+++ b/configure.ac	2014-04-02 01:47:15.487252030 +0200
+@@ -26,7 +26,7 @@
+ AC_CONFIG_MACRO_DIR([m4])
+ AC_CANONICAL_HOST
+ 
+-AM_INIT_AUTOMAKE([1.12.2 subdir-objects no-dist-gzip dist-xz dist-lzip -Wall -Wno-override])
+AM_INIT_AUTOMAKE([1.11.6 subdir-objects no-dist-gzip dist-xz dist-lzip -Wall -Wno-override])
+ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
+ AC_CONFIG_HEADERS([config.h])
+ 
--- a/security/gnutls/gnutls.conf
+++ b/security/gnutls/gnutls.conf
@ -2,7 +2,7 @@
 # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 #
 # Filename: package/.../gnutls/gnutls.conf
-# Copyright (C) 2011 - 2012 The OpenSDE Project
+# Copyright (C) 2011 - 2014 The OpenSDE Project
 #
 # More information can be found in the files COPYING and README.
 #
@ -12,15 +12,11 @@
 # GNU General Public License can be found in the file COPYING.
 # --- SDE-COPYRIGHT-NOTE-END ---

-# since 2.11.x gnutls is supporting 2 cryptographic backend libraries:
-# 1. nettle (default)
-# 2. libgcrypt 
-if ! pkginstalled nettle; then
-	echo_status "Could not find default cryptographic backend library (nettle)"
-	echo_status "Trying to use alternative cryptographic backend library (libgcrypt)"
-	pkgprefix -t libgcrypt
-	var_append extraconfopt ' ' '--with-libgcrypt'
-fi
+# regenerate autotools related files to avoid version conflicts
+hook_add preconf 9 'autoreconf -vfi'
+
+# nettle is needed as crypto backend
+pkgprefix -t nettle

 # PKCS#11 support through p11-kit is enabled by default
 if ! pkginstalled -f p11-kit; then
--- a/security/gnutls/gnutls.desc
+++ b/security/gnutls/gnutls.desc
@ -2,7 +2,7 @@
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../gnutls/gnutls.desc
-[COPY] Copyright (C) 2006 - 2013 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2014 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY]
 [COPY] More information can be found in the files COPYING and README.
@ -41,7 +41,7 @@
 [E] libtasn1 opencdk libgcrypt

 [S] Stable
-[V] 2.12.23
+[V] 3.2.12.1
 [P] X -?---5---9 109.300

-[D] 2065421852 gnutls-2.12.23.tar.bz2 ftp://ftp.gnutls.org/gcrypt/gnutls/v2.12/
+[D] 4147389982 gnutls-3.2.12.1.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/