Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2013-07-05 20:37:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls" Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2013-07-01 15:54:45.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2013-07-05 20:37:08.000000000 +0200 @@ -1,0 +2,7 @@ +Thu Jul 4 16:15:14 UTC 2013 - [email protected] + +- use pkcs11 interface to fetch the system's CA certificates + (fate#314991). Add patch gnutls-3.2.1-pkcs11.diff to fix doing + that, obsoletes gnutls-implement-trust-store-dir.diff. + +------------------------------------------------------------------- Old: ---- gnutls-implement-trust-store-dir.diff New: ---- gnutls-3.2.1-pkcs11.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.FTMnmw/_old 2013-07-05 20:37:09.000000000 +0200 +++ /var/tmp/diff_new_pack.FTMnmw/_new 2013-07-05 20:37:09.000000000 +0200 @@ -32,8 +32,9 @@ Source1: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/%{name}-%{version}.tar.xz.sig Source2: %name.keyring Source3: baselibs.conf -# suse specific, add support for certificate directories -- lnussel/meissner -Patch1: gnutls-implement-trust-store-dir.diff +# https://gitorious.org/gnutls/gnutls/commit/7613c3251430a212fe5d6001863045f20eca7563 +# PATCH-UPSTREAM [email protected] -- fix reading ca-certificates # via pkcs11 interface +Patch1: gnutls-3.2.1-pkcs11.diff Patch2: automake-1.12.patch # PATCH-FIX-OPENSUSE gnutls-3.0.26-skip-test-fwrite.patch [email protected] -- skip a failing test @@ -155,7 +156,7 @@ --with-pic \ --disable-rpath \ --disable-silent-rules \ - --with-default-trust-store-dir=/etc/ssl/certs \ + --with-default-trust-store-pkcs11=pkcs11: \ --disable-ecdhe \ --with-sysroot=/%{?_sysroot} %__make %{?_smp_mflags} ++++++ gnutls-3.2.1-pkcs11.diff ++++++ >From 9008620a9c452fb33942f0f8ee03a44fdf277475 Mon Sep 17 00:00:00 2001 From: Stef Walter <[email protected]> Date: Thu, 4 Jul 2013 16:15:03 +0200 Subject: [PATCH] pkcs11: Use the correct attribute length for CKA_TRUSTED CKA_TRUSTED is a CK_BBOOL value in PKCS#11. Since object searches are done with the attribute byte values, we need to get the length exactly right. --- lib/pkcs11.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pkcs11.c b/lib/pkcs11.c index 27ea3f4..3da3b92 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -2201,7 +2201,7 @@ find_objs (struct pkcs11_session_info* sinfo, struct ck_attribute *attr; ck_object_class_t class = (ck_object_class_t)-1; ck_certificate_type_t type = (ck_certificate_type_t)-1; - unsigned int trusted; + unsigned char trusted; unsigned long category; ck_rv_t rv; ck_object_handle_t obj; -- 1.8.3.1 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
