gnutls: Update to 3.6.10 * Version 3.6.10 (released 2019-09-29) ** libgnutls: Added support for deterministic ECDSA/DSA (RFC6979) Deterministic signing can be enabled by setting GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE when calling gnutls_privkey_sign_*() functions (#94). ** libgnutls: add gnutls_aead_cipher_encryptv2 and gnutls_aead_cipher_decryptv2 functions that will perform in-place encryption/decryption on data buffers (#718). ** libgnutls: Corrected issue in gnutls_session_get_data2() which could fail under TLS1.3, if a timeout callback was not set using gnutls_transport_set_pull_timeout_function() (#823). ** libgnutls: added interoperability tests with gnutls 2.12.x; addressed issue with large record handling due to random padding (#811). ** libgnutls: the server now selects the highest TLS protocol version, if TLS 1.3 is enabled and the client advertises an older protocol version first (#837). ** libgnutls: fix non-PIC assembly on i386 (#818). ** libgnutls: added support for GOST 28147-89 cipher in CNT (GOST counter) mode and MAC generation based on GOST 28147-89 (IMIT). For description of the modes see RFC 5830. S-Box is id-tc26-gost-28147-param-Z (TC26Z) defined in RFC 7836. ** certtool: when outputting an encrypted private key do not insert the textual description of it. This fixes a regression since 3.6.5 (#840). ** API and ABI modifications: gnutls_aead_cipher_encryptv2: Added gnutls_aead_cipher_decryptv2: Added GNUTLS_CIPHER_GOST28147_TC26Z_CNT: Added GNUTLS_MAC_GOST28147_TC26Z_IMIT: Addeddiff -r1.202 -r1.203 pkgsrc/security/gnutls/Makefile
(nia)
@@ -1,28 +1,29 @@ | @@ -1,28 +1,29 @@ | |||
1 | # $NetBSD: Makefile,v 1.202 2019/10/01 14:34:08 nia Exp $ | 1 | # $NetBSD: Makefile,v 1.203 2019/10/04 17:25:53 nia Exp $ | |
2 | 2 | |||
3 | DISTNAME= gnutls-3.6.9 | 3 | DISTNAME= gnutls-3.6.10 | |
4 | PKGREVISION= 2 | |||
5 | CATEGORIES= security devel | 4 | CATEGORIES= security devel | |
6 | MASTER_SITES= https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/ | 5 | MASTER_SITES= https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/ | |
7 | EXTRACT_SUFX= .tar.xz | 6 | EXTRACT_SUFX= .tar.xz | |
8 | 7 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= https://www.gnutls.org/ | 9 | HOMEPAGE= https://www.gnutls.org/ | |
11 | COMMENT= Transport Layer Security library | 10 | COMMENT= Transport Layer Security library | |
12 | LICENSE= gnu-gpl-v3 AND gnu-lgpl-v2.1 | 11 | LICENSE= gnu-gpl-v3 AND gnu-lgpl-v2.1 | |
13 | 12 | |||
14 | DEPENDS+= mozilla-rootcerts-[0-9]*:../../security/mozilla-rootcerts | 13 | DEPENDS+= mozilla-rootcerts-[0-9]*:../../security/mozilla-rootcerts | |
15 | 14 | |||
15 | PLIST_SRC= PLIST | |||
16 | ||||
16 | USE_LANGUAGES= c c++ | 17 | USE_LANGUAGES= c c++ | |
17 | USE_LIBTOOL= yes | 18 | USE_LIBTOOL= yes | |
18 | USE_PKGLOCALEDIR= yes | 19 | USE_PKGLOCALEDIR= yes | |
19 | USE_TOOLS+= gmake gsed perl pkg-config bash | 20 | USE_TOOLS+= gmake gsed perl pkg-config bash | |
20 | GNU_CONFIGURE= yes | 21 | GNU_CONFIGURE= yes | |
21 | # this library duplicates (and conflicts with) openssl | 22 | # this library duplicates (and conflicts with) openssl | |
22 | CONFIGURE_ARGS+= --disable-openssl-compatibility | 23 | CONFIGURE_ARGS+= --disable-openssl-compatibility | |
23 | CONFIGURE_ARGS+= --disable-guile | 24 | CONFIGURE_ARGS+= --disable-guile | |
24 | CONFIGURE_ARGS+= --disable-libdane | 25 | CONFIGURE_ARGS+= --disable-libdane | |
25 | CONFIGURE_ARGS+= --without-idn | 26 | CONFIGURE_ARGS+= --without-idn | |
26 | CONFIGURE_ARGS+= --without-tpm | 27 | CONFIGURE_ARGS+= --without-tpm | |
27 | CONFIGURE_ARGS+= --disable-valgrind-tests | 28 | CONFIGURE_ARGS+= --disable-valgrind-tests | |
28 | CONFIGURE_ARGS+= --with-default-trust-store-file=${PREFIX}/share/mozilla-rootcerts/cacert.pem | 29 | CONFIGURE_ARGS+= --with-default-trust-store-file=${PREFIX}/share/mozilla-rootcerts/cacert.pem |
@@ -1,60 +1,55 @@ | @@ -1,60 +1,55 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.67 2019/09/18 19:00:13 tnn Exp $ | 1 | @comment $NetBSD: PLIST,v 1.68 2019/10/04 17:25:53 nia Exp $ | |
2 | bin/certtool | 2 | bin/certtool | |
3 | ${PLIST.dane}bin/danetool | |||
4 | bin/gnutls-cli | 3 | bin/gnutls-cli | |
5 | bin/gnutls-cli-debug | 4 | bin/gnutls-cli-debug | |
6 | bin/gnutls-serv | 5 | bin/gnutls-serv | |
7 | bin/ocsptool | 6 | bin/ocsptool | |
8 | bin/p11tool | 7 | bin/p11tool | |
9 | bin/psktool | 8 | bin/psktool | |
10 | bin/srptool | 9 | bin/srptool | |
11 | include/gnutls/abstract.h | 10 | include/gnutls/abstract.h | |
12 | include/gnutls/compat.h | 11 | include/gnutls/compat.h | |
13 | include/gnutls/crypto.h | 12 | include/gnutls/crypto.h | |
14 | ${PLIST.dane}include/gnutls/dane.h | |||
15 | include/gnutls/dtls.h | 13 | include/gnutls/dtls.h | |
16 | include/gnutls/gnutls.h | 14 | include/gnutls/gnutls.h | |
17 | include/gnutls/gnutlsxx.h | 15 | include/gnutls/gnutlsxx.h | |
18 | include/gnutls/ocsp.h | 16 | include/gnutls/ocsp.h | |
19 | include/gnutls/openpgp.h | 17 | include/gnutls/openpgp.h | |
20 | include/gnutls/pkcs11.h | 18 | include/gnutls/pkcs11.h | |
21 | include/gnutls/pkcs12.h | 19 | include/gnutls/pkcs12.h | |
22 | include/gnutls/pkcs7.h | 20 | include/gnutls/pkcs7.h | |
23 | include/gnutls/self-test.h | 21 | include/gnutls/self-test.h | |
24 | include/gnutls/socket.h | 22 | include/gnutls/socket.h | |
25 | include/gnutls/system-keys.h | 23 | include/gnutls/system-keys.h | |
26 | include/gnutls/tpm.h | 24 | include/gnutls/tpm.h | |
27 | include/gnutls/urls.h | 25 | include/gnutls/urls.h | |
28 | include/gnutls/x509-ext.h | 26 | include/gnutls/x509-ext.h | |
29 | include/gnutls/x509.h | 27 | include/gnutls/x509.h | |
30 | info/gnutls-client-server-use-case.png | 28 | info/gnutls-client-server-use-case.png | |
31 | info/gnutls-guile.info | 29 | info/gnutls-guile.info | |
32 | info/gnutls-handshake-sequence.png | 30 | info/gnutls-handshake-sequence.png | |
33 | info/gnutls-handshake-state.png | 31 | info/gnutls-handshake-state.png | |
34 | info/gnutls-internals.png | 32 | info/gnutls-internals.png | |
35 | info/gnutls-layers.png | 33 | info/gnutls-layers.png | |
36 | info/gnutls-logo.png | 34 | info/gnutls-logo.png | |
37 | info/gnutls-modauth.png | 35 | info/gnutls-modauth.png | |
38 | info/gnutls-x509.png | 36 | info/gnutls-x509.png | |
39 | info/gnutls.info | 37 | info/gnutls.info | |
40 | info/pkcs11-vision.png | 38 | info/pkcs11-vision.png | |
41 | ${PLIST.dane}lib/libgnutls-dane.la | |||
42 | lib/libgnutls.la | 39 | lib/libgnutls.la | |
43 | lib/libgnutlsxx.la | 40 | lib/libgnutlsxx.la | |
44 | ${PLIST.dane}lib/pkgconfig/gnutls-dane.pc | |||
45 | lib/pkgconfig/gnutls.pc | 41 | lib/pkgconfig/gnutls.pc | |
46 | man/man1/certtool.1 | 42 | man/man1/certtool.1 | |
47 | ${PLIST.dane}man/man1/danetool.1 | |||
48 | man/man1/gnutls-cli-debug.1 | 43 | man/man1/gnutls-cli-debug.1 | |
49 | man/man1/gnutls-cli.1 | 44 | man/man1/gnutls-cli.1 | |
50 | man/man1/gnutls-serv.1 | 45 | man/man1/gnutls-serv.1 | |
51 | man/man1/ocsptool.1 | 46 | man/man1/ocsptool.1 | |
52 | man/man1/p11tool.1 | 47 | man/man1/p11tool.1 | |
53 | man/man1/psktool.1 | 48 | man/man1/psktool.1 | |
54 | man/man1/srptool.1 | 49 | man/man1/srptool.1 | |
55 | man/man1/tpmtool.1 | 50 | man/man1/tpmtool.1 | |
56 | man/man3/dane_cert_type_name.3 | 51 | man/man3/dane_cert_type_name.3 | |
57 | man/man3/dane_cert_usage_name.3 | 52 | man/man3/dane_cert_usage_name.3 | |
58 | man/man3/dane_match_type_name.3 | 53 | man/man3/dane_match_type_name.3 | |
59 | man/man3/dane_query_data.3 | 54 | man/man3/dane_query_data.3 | |
60 | man/man3/dane_query_deinit.3 | 55 | man/man3/dane_query_deinit.3 | |
@@ -62,29 +57,31 @@ man/man3/dane_query_entries.3 | @@ -62,29 +57,31 @@ man/man3/dane_query_entries.3 | |||
62 | man/man3/dane_query_status.3 | 57 | man/man3/dane_query_status.3 | |
63 | man/man3/dane_query_tlsa.3 | 58 | man/man3/dane_query_tlsa.3 | |
64 | man/man3/dane_query_to_raw_tlsa.3 | 59 | man/man3/dane_query_to_raw_tlsa.3 | |
65 | man/man3/dane_raw_tlsa.3 | 60 | man/man3/dane_raw_tlsa.3 | |
66 | man/man3/dane_state_deinit.3 | 61 | man/man3/dane_state_deinit.3 | |
67 | man/man3/dane_state_init.3 | 62 | man/man3/dane_state_init.3 | |
68 | man/man3/dane_state_set_dlv_file.3 | 63 | man/man3/dane_state_set_dlv_file.3 | |
69 | man/man3/dane_strerror.3 | 64 | man/man3/dane_strerror.3 | |
70 | man/man3/dane_verification_status_print.3 | 65 | man/man3/dane_verification_status_print.3 | |
71 | man/man3/dane_verify_crt.3 | 66 | man/man3/dane_verify_crt.3 | |
72 | man/man3/dane_verify_crt_raw.3 | 67 | man/man3/dane_verify_crt_raw.3 | |
73 | man/man3/dane_verify_session_crt.3 | 68 | man/man3/dane_verify_session_crt.3 | |
74 | man/man3/gnutls_aead_cipher_decrypt.3 | 69 | man/man3/gnutls_aead_cipher_decrypt.3 | |
70 | man/man3/gnutls_aead_cipher_decryptv2.3 | |||
75 | man/man3/gnutls_aead_cipher_deinit.3 | 71 | man/man3/gnutls_aead_cipher_deinit.3 | |
76 | man/man3/gnutls_aead_cipher_encrypt.3 | 72 | man/man3/gnutls_aead_cipher_encrypt.3 | |
77 | man/man3/gnutls_aead_cipher_encryptv.3 | 73 | man/man3/gnutls_aead_cipher_encryptv.3 | |
74 | man/man3/gnutls_aead_cipher_encryptv2.3 | |||
78 | man/man3/gnutls_aead_cipher_init.3 | 75 | man/man3/gnutls_aead_cipher_init.3 | |
79 | man/man3/gnutls_alert_get.3 | 76 | man/man3/gnutls_alert_get.3 | |
80 | man/man3/gnutls_alert_get_name.3 | 77 | man/man3/gnutls_alert_get_name.3 | |
81 | man/man3/gnutls_alert_get_strname.3 | 78 | man/man3/gnutls_alert_get_strname.3 | |
82 | man/man3/gnutls_alert_send.3 | 79 | man/man3/gnutls_alert_send.3 | |
83 | man/man3/gnutls_alert_send_appropriate.3 | 80 | man/man3/gnutls_alert_send_appropriate.3 | |
84 | man/man3/gnutls_alpn_get_selected_protocol.3 | 81 | man/man3/gnutls_alpn_get_selected_protocol.3 | |
85 | man/man3/gnutls_alpn_set_protocols.3 | 82 | man/man3/gnutls_alpn_set_protocols.3 | |
86 | man/man3/gnutls_anon_allocate_client_credentials.3 | 83 | man/man3/gnutls_anon_allocate_client_credentials.3 | |
87 | man/man3/gnutls_anon_allocate_server_credentials.3 | 84 | man/man3/gnutls_anon_allocate_server_credentials.3 | |
88 | man/man3/gnutls_anon_free_client_credentials.3 | 85 | man/man3/gnutls_anon_free_client_credentials.3 | |
89 | man/man3/gnutls_anon_free_server_credentials.3 | 86 | man/man3/gnutls_anon_free_server_credentials.3 | |
90 | man/man3/gnutls_anon_set_params_function.3 | 87 | man/man3/gnutls_anon_set_params_function.3 |
@comment $NetBSD: PLIST.dane,v 1.1 2019/10/04 17:25:53 nia Exp $
bin/danetool
include/gnutls/dane.h
lib/libgnutls-dane.la
lib/pkgconfig/gnutls-dane.pc
man/man1/danetool.1
@@ -1,18 +1,13 @@ | @@ -1,18 +1,13 @@ | |||
1 | $NetBSD: distinfo,v 1.139 2019/09/30 09:51:16 maya Exp $ | 1 | $NetBSD: distinfo,v 1.140 2019/10/04 17:25:53 nia Exp $ | |
2 | 2 | |||
3 | SHA1 (gnutls-3.6.9.tar.xz) = 4a12757b129562ae92a01ca890ed282050595296 | 3 | SHA1 (gnutls-3.6.10.tar.xz) = c073c6b0c57506a592854471576321be80f809d4 | |
4 | RMD160 (gnutls-3.6.9.tar.xz) = 2771adabb5342b24fbebcb69b324924ee2b56513 | 4 | RMD160 (gnutls-3.6.10.tar.xz) = fe2df3aead55853711a0dbd80ef5dd648a4e09a7 | |
5 | SHA512 (gnutls-3.6.9.tar.xz) = a9fd0f4edae4c081d5c539ba2e5574a4d7294bc00c5c73ea25ce26cb7fd126299c2842a282d45ef5cf0544108f27066e587df28776bc7915143d190d7d5b9d07 | 5 | SHA512 (gnutls-3.6.10.tar.xz) = fe0481f9e4219e983b01b91e69ffd95819a4c0d0c09028509106d561967e9c5d900bc5e3a48140a34fa4467feda2a619085adf3fa8fdade96c8debf125e91ae8 | |
6 | Size (gnutls-3.6.9.tar.xz) = 5773928 bytes | 6 | Size (gnutls-3.6.10.tar.xz) = 5795984 bytes | |
7 | SHA1 (patch-cfg.mk) = c91374a0f9c3031ea90d7f8c455d9e7e42de464b | |||
8 | SHA1 (patch-config.h.in) = 9f403bd91ddb90d970ba56f91a56e0339848c026 | |||
9 | SHA1 (patch-configure) = 0fcfa9255f15a43aced7262bc2c5084945910aec | |||
10 | SHA1 (patch-lib_Makefile.in) = c9a6bbe6238ccd9de41c708012e36b202d2a86e7 | 7 | SHA1 (patch-lib_Makefile.in) = c9a6bbe6238ccd9de41c708012e36b202d2a86e7 | |
11 | SHA1 (patch-lib_accelerated_x86_elf_aesni-x86.s) = 834fe259954c1806185d95a5029ba0379bd31cce | |||
12 | SHA1 (patch-lib_accelerated_x86_x86-common.c) = ccbf4e01f5bcb01b998e80294ecae2f0413680b8 | |||
13 | SHA1 (patch-lib_system_certs.c) = fba74b2834a36d66bddcd7d3405d0c91c1b14efc | 8 | SHA1 (patch-lib_system_certs.c) = fba74b2834a36d66bddcd7d3405d0c91c1b14efc | |
14 | SHA1 (patch-src_libopts_autoopts_options.h) = 9202c55314fe8764ac82c95bbfabfa1b031e9ba4 | 9 | SHA1 (patch-src_libopts_autoopts_options.h) = 9202c55314fe8764ac82c95bbfabfa1b031e9ba4 | |
15 | SHA1 (patch-src_libopts_compat_compat.h) = 240fbfc0ba20af35e0634ba873fe9e34bfbcc921 | 10 | SHA1 (patch-src_libopts_compat_compat.h) = 240fbfc0ba20af35e0634ba873fe9e34bfbcc921 | |
16 | SHA1 (patch-src_libopts_libopts.c) = ce5e7681def882e95ed5ab770564d1f999b97039 | 11 | SHA1 (patch-src_libopts_libopts.c) = ce5e7681def882e95ed5ab770564d1f999b97039 | |
17 | SHA1 (patch-src_libopts_makeshell.c) = e5b7d66caaec45e12ae5490d515fc9fc75de3d92 | 12 | SHA1 (patch-src_libopts_makeshell.c) = e5b7d66caaec45e12ae5490d515fc9fc75de3d92 | |
18 | SHA1 (patch-src_libopts_proto.h) = 78f845bdcbac8de74953a3cee0b77fa9c5b05386 | 13 | SHA1 (patch-src_libopts_proto.h) = 78f845bdcbac8de74953a3cee0b77fa9c5b05386 |
@@ -1,15 +1,14 @@ | @@ -1,15 +1,14 @@ | |||
1 | # $NetBSD: options.mk,v 1.1 2019/09/18 15:27:05 ng0 Exp $ | 1 | # $NetBSD: options.mk,v 1.2 2019/10/04 17:25:53 nia Exp $ | |
2 | 2 | |||
3 | PKG_OPTIONS_VAR= PKG_OPTIONS.gnutls | 3 | PKG_OPTIONS_VAR= PKG_OPTIONS.gnutls | |
4 | PKG_SUPPORTED_OPTIONS= dane | 4 | PKG_SUPPORTED_OPTIONS= dane | |
5 | PLIST_VARS+= dane | |||
6 | 5 | |||
7 | .include "../../mk/bsd.options.mk" | 6 | .include "../../mk/bsd.options.mk" | |
8 | 7 | |||
9 | .if !empty(PKG_OPTIONS:Mdane) | 8 | .if !empty(PKG_OPTIONS:Mdane) | |
10 | .include "../../net/unbound/buildlink3.mk" | 9 | .include "../../net/unbound/buildlink3.mk" | |
11 | CONFIGURE_ARGS+= --enable-libdane | 10 | CONFIGURE_ARGS+= --enable-libdane | |
12 | PLIST.dane= yes | 11 | PLIST_SRC+= PLIST.dane | |
13 | .else | 12 | .else | |
14 | CONFIGURE_ARGS+= --disable-libdane | 13 | CONFIGURE_ARGS+= --disable-libdane | |
15 | .endif | 14 | .endif |