gnutls: Updated (2.12.23 -> 3.2.12.1)

11 years ago · 9efb6aadb6
4 changed files with 39 additions and 117 deletions
--- a/security/gnutls/CVE-2014-0092.patch
+++ b/security/gnutls/CVE-2014-0092.patch
@ -1,104 +0,0 @@
 # --- SDE-COPYRIGHT-NOTE-BEGIN ---
 # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 #
 # Filename: package/.../gnutls/CVE-2014-0092.patch
 # Copyright (C) 2014 The OpenSDE Project
 #
 # More information can be found in the files COPYING and README.
 #
 # This patch file is dual-licensed. It is available under the license the
 # patched project is licensed under, as long as it is an OpenSource license
 # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
 # of the GNU General Public License as published by the Free Software
 # Foundation; either version 2 of the License, or (at your option) any later
 # version.
 # --- SDE-COPYRIGHT-NOTE-END ---
 --- a/lib/x509/verify.c
 +++ b/lib/x509/verify.c
@@ -141,7 +141,7 @@
   if (result < 0)
     {
       gnutls_assert ();
 -      goto cleanup;
 +      goto fail;
     }
   result =
@@ -150,7 +150,7 @@
   if (result < 0)
     {
       gnutls_assert ();
 -      goto cleanup;
 +      goto fail;
     }
   result =
@@ -158,7 +158,7 @@
   if (result < 0)
     {
       gnutls_assert ();
 -      goto cleanup;
 +      goto fail;
     }
   result =
@@ -166,7 +166,7 @@
   if (result < 0)
     {
       gnutls_assert ();
 -      goto cleanup;
 +      goto fail;
     }
   /* If the subject certificate is the same as the issuer
@@ -206,6 +206,7 @@
   else
     gnutls_assert ();
 +fail:
   result = 0;
 cleanup:
@@ -330,7 +331,7 @@
   gnutls_datum_t cert_signed_data = { NULL, 0 };
   gnutls_datum_t cert_signature = { NULL, 0 };
   gnutls_x509_crt_t issuer = NULL;
 -  int issuer_version, result;
 +  int issuer_version, result = 0;
   if (output)
     *output = 0;
@@ -363,7 +364,7 @@
   if (issuer_version < 0)
     {
       gnutls_assert ();
 -      return issuer_version;
 +      return 0;
     }
   if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) &&
@@ -385,6 +386,7 @@
   if (result < 0)
     {
       gnutls_assert ();
 +      result = 0;
       goto cleanup;
     }
@@ -393,6 +395,7 @@
   if (result < 0)
     {
       gnutls_assert ();
 +      result = 0;
       goto cleanup;
     }
@@ -410,6 +413,7 @@
   else if (result < 0)
     {
       gnutls_assert();
 +      result = 0;
       goto cleanup;
     }
--- a/security/gnutls/gnutls-opensde-automake-downgrade.patch
+++ b/security/gnutls/gnutls-opensde-automake-downgrade.patch
@ -0,0 +1,30 @@
 # --- SDE-COPYRIGHT-NOTE-BEGIN ---
 # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 #
 # Filename: package/.../gnutls/gnutls-opensde-automake-downgrade.patch
 # Copyright (C) 2014 The OpenSDE Project
 #
 # More information can be found in the files COPYING and README.
 #
 # This patch file is dual-licensed. It is available under the license the
 # patched project is licensed under, as long as it is an OpenSource license
 # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
 # of the GNU General Public License as published by the Free Software
 # Foundation; either version 2 of the License, or (at your option) any later
 # version.
 # --- SDE-COPYRIGHT-NOTE-END ---
 This is an OpenSDE specific patch downgrading to the currently used
 automake version used by it.
 --- a/configure.ac	2014-04-02 01:47:03.774975808 +0200
 +++ b/configure.ac	2014-04-02 01:47:15.487252030 +0200
@@ -26,7 +26,7 @@
 AC_CONFIG_MACRO_DIR([m4])
 AC_CANONICAL_HOST
 -AM_INIT_AUTOMAKE([1.12.2 subdir-objects no-dist-gzip dist-xz dist-lzip -Wall -Wno-override])
 +AM_INIT_AUTOMAKE([1.11.6 subdir-objects no-dist-gzip dist-xz dist-lzip -Wall -Wno-override])
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 AC_CONFIG_HEADERS([config.h])
--- a/security/gnutls/gnutls.conf
+++ b/security/gnutls/gnutls.conf
@ -2,7 +2,7 @@
 # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 #
 # Filename: package/.../gnutls/gnutls.conf
-# Copyright (C) 2011 - 2012 The OpenSDE Project
+# Copyright (C) 2011 - 2014 The OpenSDE Project
 #
 # More information can be found in the files COPYING and README.
 #
@ -12,15 +12,11 @@
 # GNU General Public License can be found in the file COPYING.
 # --- SDE-COPYRIGHT-NOTE-END ---
-# since 2.11.x gnutls is supporting 2 cryptographic backend libraries:
+# regenerate autotools related files to avoid version conflicts
-# 1. nettle (default)
+hook_add preconf 9 'autoreconf -vfi'
-# 2. libgcrypt 
+
-if ! pkginstalled nettle; then
+# nettle is needed as crypto backend
-	echo_status "Could not find default cryptographic backend library (nettle)"
+pkgprefix -t nettle
 	echo_status "Trying to use alternative cryptographic backend library (libgcrypt)"
 	pkgprefix -t libgcrypt
 	var_append extraconfopt ' ' '--with-libgcrypt'
 fi
 # PKCS#11 support through p11-kit is enabled by default
 if ! pkginstalled -f p11-kit; then
--- a/security/gnutls/gnutls.desc
+++ b/security/gnutls/gnutls.desc
@ -2,7 +2,7 @@
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../gnutls/gnutls.desc
-[COPY] Copyright (C) 2006 - 2013 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2014 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY]
 [COPY] More information can be found in the files COPYING and README.
@ -41,7 +41,7 @@
 [E] libtasn1 opencdk libgcrypt
 [S] Stable
-[V] 2.12.23
+[V] 3.2.12.1
 [P] X -?---5---9 109.300
-[D] 2065421852 gnutls-2.12.23.tar.bz2 ftp://ftp.gnutls.org/gcrypt/gnutls/v2.12/
+[D] 4147389982 gnutls-3.2.12.1.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/