Author: krejzi
Date: Fri Mar 1 04:31:35 2013
New Revision: 11032
Log:
GnuTLS 3.1.9.1, NSS 3.14.3, NSPR 4.9.5, P11-Kit 0.15.2, OpenSSL 1.0.1e.
Modified:
trunk/BOOK/general.ent
trunk/BOOK/general/genlib/nspr.xml
trunk/BOOK/postlfs/security/gnutls.xml
trunk/BOOK/postlfs/security/nss.xml
trunk/BOOK/postlfs/security/openssl.xml
trunk/BOOK/postlfs/security/p11-kit.xml
Modified: trunk/BOOK/general.ent
==============================================================================
--- trunk/BOOK/general.ent Fri Mar 1 03:01:49 2013 (r11031)
+++ trunk/BOOK/general.ent Fri Mar 1 04:31:35 2013 (r11032)
@@ -178,7 +178,7 @@
<!ENTITY cyrus-sasl-version "2.1.25">
<!ENTITY gnupg-version "1.4.13">
<!ENTITY gnupg2-version "2.0.19">
-<!ENTITY gnutls-version "3.1.6">
+<!ENTITY gnutls-version "3.1.9">
<!ENTITY gpgme-version "1.3.2">
<!ENTITY iptables-version "1.4.17">
<!ENTITY libcap2-version "2.22">
@@ -188,11 +188,11 @@
<!ENTITY mitkrb-version "1.11.1">
<!ENTITY nettle-version "2.6">
<!ENTITY nss-major-version "14">
-<!ENTITY nss-minor-version "1">
+<!ENTITY nss-minor-version "3">
<!ENTITY nss-version
"3.&nss-major-version;.&nss-minor-version;">
<!ENTITY openssh-version "6.1p1">
-<!ENTITY openssl-version "1.0.1c">
-<!ENTITY p11-kit-version "0.14">
+<!ENTITY openssl-version "1.0.1e">
+<!ENTITY p11-kit-version "0.15.2">
<!ENTITY polkit-version "0.110">
<!ENTITY shadow-version "4.1.5.1">
<!ENTITY stunnel-version "4.54">
@@ -285,7 +285,7 @@
<!ENTITY libxslt-version "1.1.28">
<!ENTITY LZO-version "2.06">
<!ENTITY mtdev-version "1.1.3">
-<!ENTITY nspr-version "4.9.4">
+<!ENTITY nspr-version "4.9.5">
<!ENTITY openobex-version "1.6">
<!ENTITY pcre-version "8.32">
<!ENTITY popt-version "1.16">
Modified: trunk/BOOK/general/genlib/nspr.xml
==============================================================================
--- trunk/BOOK/general/genlib/nspr.xml Fri Mar 1 03:01:49 2013 (r11031)
+++ trunk/BOOK/general/genlib/nspr.xml Fri Mar 1 04:31:35 2013 (r11032)
@@ -8,7 +8,7 @@
"http://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v&nspr-version;/src/nspr-&nspr-version;.tar.gz";>
<!ENTITY nspr-download-ftp
"ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v&nspr-version;/src/nspr-&nspr-version;.tar.gz";>
- <!ENTITY nspr-md5sum "cf58772702b3abbdcff14e22014eeeaf">
+ <!ENTITY nspr-md5sum "b6ccfa8fcbbeb17ebeb19a3edff612bd">
<!ENTITY nspr-size "1.2 MB">
<!ENTITY nspr-buildsize "12 MB">
<!ENTITY nspr-time "less than 0.1 SBU">
Modified: trunk/BOOK/postlfs/security/gnutls.xml
==============================================================================
--- trunk/BOOK/postlfs/security/gnutls.xml Fri Mar 1 03:01:49 2013
(r11031)
+++ trunk/BOOK/postlfs/security/gnutls.xml Fri Mar 1 04:31:35 2013
(r11032)
@@ -6,8 +6,8 @@
<!ENTITY gnutls-download-http " ">
<!ENTITY gnutls-download-ftp
"ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-&gnutls-version;.tar.xz";>
- <!ENTITY gnutls-md5sum "835a5d20def765cd49ad7274ff3e7493">
- <!ENTITY gnutls-size "4.8 MB">
+ <!ENTITY gnutls-md5sum "0674032fe6de0d90d08eed81fcac2e1d">
+ <!ENTITY gnutls-size "4.9 MB">
<!ENTITY gnutls-buildsize "130 MB">
<!ENTITY gnutls-time "0.8 SBU (additional 3.0 SBU if running the
testsuite)">
]>
@@ -98,6 +98,7 @@
<bridgehead renderas="sect4">Recommended</bridgehead>
<para role="recommended">
+ <xref linkend="cacerts"/> and
<xref linkend="libtasn1"/>
</para>
@@ -131,7 +132,9 @@
following commands:
</para>
-<screen><userinput>./configure --prefix=/usr --disable-static &&
+<screen><userinput>./configure --prefix=/usr \
+ --disable-static \
+ --with-default-trust-store-file=/etc/ssl/ca-bundle.crt &&
make</userinput></screen>
<para>
@@ -160,6 +163,12 @@
<sect2 role="commands">
<title>Command Explanations</title>
+ <para>
+
<parameter>--with-default-trust-store-file=/etc/ssl/ca-bundle.crt</parameter>:
+ This switch tells <command>configure</command> where to find the
+ CA Certificates.
+ </para>
+
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="../../xincludes/static-libraries.xml"/>
@@ -179,10 +188,11 @@
<seglistitem>
<seg>
certtool, crywrap, danetool, gnutls-cli, gnutls-cli-debug,
- gnutls-serv, ocsptool, p11tool, psktool, and srptool
+ gnutls-serv, ocsptool, p11tool, psktool and srptool
</seg>
<seg>
- libgnutls.so, libgnutls-openssl.so, and libgnutlsxx.so
+ libgnutls.so, libgnutls-openssl.so, libgnutls-xssl.so and
+ libgnutlsxx.so
</seg>
<seg>
/usr/include/gnutls and
@@ -221,6 +231,19 @@
</indexterm>
</listitem>
</varlistentry>
+
+ <varlistentry id="danetool">
+ <term><command>danetool</command></term>
+ <listitem>
+ <para>
+ is a tool used to generate and check DNS resource records
+ for the DANE protocol.
+ </para>
+ <indexterm zone="gnutls danetool">
+ <primary sortas="b-danetool">danetool</primary>
+ </indexterm>
+ </listitem>
+ </varlistentry>
<varlistentry id="gnutls-cli">
<term><command>gnutls-cli</command></term>
Modified: trunk/BOOK/postlfs/security/nss.xml
==============================================================================
--- trunk/BOOK/postlfs/security/nss.xml Fri Mar 1 03:01:49 2013 (r11031)
+++ trunk/BOOK/postlfs/security/nss.xml Fri Mar 1 04:31:35 2013 (r11032)
@@ -5,12 +5,12 @@
%general-entities;
<!ENTITY nss-download-http
-
"http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;_WITH_CKBI_1_93_RTM/src/nss-&nss-version;.with.ckbi.1.93.tar.gz";>
+
"http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;/src/nss-&nss-version;.tar.gz";>
<!ENTITY nss-download-ftp
-
"ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;_WITH_CKBI_1_93_RTM/src/nss-&nss-version;.with.ckbi.1.93.tar.gz";>
- <!ENTITY nss-md5sum "49e6661758deb0c469f0b4edd4e727d5">
- <!ENTITY nss-size "5.6 MB">
- <!ENTITY nss-buildsize "70 MB">
+
"ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;/src/nss-&nss-version;.tar.gz";>
+ <!ENTITY nss-md5sum "b326c2be8df277f62fb9c65fb3428148">
+ <!ENTITY nss-size "6.0 MB">
+ <!ENTITY nss-buildsize "72 MB">
<!ENTITY nss-time "0.8 SBU">
]>
Modified: trunk/BOOK/postlfs/security/openssl.xml
==============================================================================
--- trunk/BOOK/postlfs/security/openssl.xml Fri Mar 1 03:01:49 2013
(r11031)
+++ trunk/BOOK/postlfs/security/openssl.xml Fri Mar 1 04:31:35 2013
(r11032)
@@ -5,12 +5,12 @@
%general-entities;
<!ENTITY openssl-download-http
- "http://www.openssl.org/source/openssl-&openssl-version;.tar.gz";>
+ "http://www.openssl.org/source/openssl-&openssl-version;.tar.gz";>
<!ENTITY openssl-download-ftp
- "ftp://ftp.openssl.org/source/openssl-&openssl-version;.tar.gz";>
- <!ENTITY openssl-md5sum "ae412727c8c15b67880aef7bd2999b2e">
+ "ftp://ftp.openssl.org/source/openssl-&openssl-version;.tar.gz";>
+ <!ENTITY openssl-md5sum "66bf6f10f060d561929de96f9dfe5b8c">
<!ENTITY openssl-size "4.3 MB">
- <!ENTITY openssl-buildsize "43 MB">
+ <!ENTITY openssl-buildsize "55 MB">
<!ENTITY openssl-time "1.5 SBU">
]>
@@ -76,7 +76,7 @@
</itemizedlist>
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
- <itemizedlist spacing='compact'>
+ <itemizedlist spacing="compact">
<listitem>
<para>
Required patch: <ulink
@@ -89,9 +89,9 @@
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional">
- <xref linkend="mitkrb"/> and
<xref linkend="bc"/> (required for full coverage by the test suite during
- the build)
+ the build) and
+ <xref linkend="mitkrb"/>
</para>
<para condition="html" role="usernotes">
@@ -107,7 +107,7 @@
</para>
<screen><userinput>patch -Np1 -i
../openssl-&openssl-version;-fix_manpages-1.patch &&
-./config --prefix=/usr zlib-dynamic --openssldir=/etc/ssl shared &&
+./config --prefix=/usr --openssldir=/etc/ssl shared zlib-dynamic &&
make</userinput></screen>
<para>
@@ -124,9 +124,10 @@
Now, as the <systemitem class="username">root</systemitem> user:
</para>
-<screen role="root"><userinput>make MANDIR=/usr/share/man install
&&
-install -v -d -m755 /usr/share/doc/openssl-&openssl-version; &&
-cp -v -r doc/*
/usr/share/doc/openssl-&openssl-version;</userinput></screen>
+<screen role="root"><userinput>make MANDIR=/usr/share/man install
&&
+install -dv -m755 /usr/share/doc/openssl-&openssl-version; &&
+cp -vfr doc/* /usr/share/doc/openssl-&openssl-version;</userinput></screen>
+
</sect2>
<sect2 role="commands">
@@ -156,6 +157,7 @@
<filename class='directory'>/usr/share/man</filename> instead of
<filename class='directory'>/etc/ssl/man</filename>.
</para>
+
</sect2>
<sect2 role="configuration">
@@ -171,6 +173,7 @@
<indexterm zone="openssl openssl-config">
<primary sortas="e-etc-ssl-openssl.cnf">/etc/ssl/openssl.cnf</primary>
</indexterm>
+
</sect3>
<sect3>
@@ -194,7 +197,9 @@
update <filename>/etc/ssl/openssl.cnf</filename> or be able to find out
how to do it.
</para>
+
</sect3>
+
</sect2>
<sect2 role="content">
@@ -206,17 +211,17 @@
<segtitle>Installed Directories</segtitle>
<seglistitem>
- <seg>c_rehash and openssl.</seg>
<seg>
- libcrypto.{so,a}, libssl.{so,a}, and additional encryption
- libraries in /usr/lib/engines/ (lib4758cca.so, libaep.so,
- libatalla.so, libcapi.so, libchil.so, libcswift.so, libgmp.so,
- libgost.so, libnuron.so, libpadlock.so, libsureware.so, and
- libubsec.so).
+ c_rehash and openssl
</seg>
<seg>
- /etc/ssl, /usr/include/openssl, /usr/lib/engines and
- /usr/share/doc/openssl-&openssl-version;.
+ libcrypto.{so,a} and libssl.{so,a}
+ </seg>
+ <seg>
+ /etc/ssl,
+ /usr/include/openssl,
+ /usr/lib/engines and
+ /usr/share/doc/openssl-&openssl-version;
</seg>
</seglistitem>
</segmentedlist>
@@ -255,7 +260,7 @@
</varlistentry>
<varlistentry id="libcrypto">
- <term><filename class='libraryfile'>libcrypto.{so,a}</filename></term>
+ <term><filename class="libraryfile">libcrypto.{so,a}</filename></term>
<listitem>
<para>
implements a wide range of cryptographic algorithms used in various
@@ -273,7 +278,7 @@
</varlistentry>
<varlistentry id="libssl">
- <term><filename class='libraryfile'>libssl.{so,a}</filename></term>
+ <term><filename class="libraryfile">libssl.{so,a}</filename></term>
<listitem>
<para>
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
@@ -285,6 +290,9 @@
</indexterm>
</listitem>
</varlistentry>
+
</variablelist>
+
</sect2>
+
</sect1>
Modified: trunk/BOOK/postlfs/security/p11-kit.xml
==============================================================================
--- trunk/BOOK/postlfs/security/p11-kit.xml Fri Mar 1 03:01:49 2013
(r11031)
+++ trunk/BOOK/postlfs/security/p11-kit.xml Fri Mar 1 04:31:35 2013
(r11032)
@@ -6,10 +6,10 @@
<!ENTITY p11-kit-download-http
"http://p11-glue.freedesktop.org/releases/p11-kit-&p11-kit-version;.tar.gz";>
<!ENTITY p11-kit-download-ftp " ">
- <!ENTITY p11-kit-md5sum "e8b10a0ef1d9ebc6384ca361a70a4b02">
- <!ENTITY p11-kit-size "536 KB">
- <!ENTITY p11-kit-buildsize "8.0 MB">
- <!ENTITY p11-kit-time "0.1 SBU">
+ <!ENTITY p11-kit-md5sum "248a81bdab1d692688b4d98e3c0013d3">
+ <!ENTITY p11-kit-size "788 KB">
+ <!ENTITY p11-kit-buildsize "30 MB">
+ <!ENTITY p11-kit-time "0.2 SBU">
]>
<sect1 id="p11-kit" xreflabel="p11-kit-&p11-kit-version;">
@@ -72,9 +72,16 @@
<bridgehead renderas="sect3">p11-kit Dependencies</bridgehead>
+ <bridgehead renderas="sect4">Recommended</bridgehead>
+ <para role="recommended">
+ <xref linkend="cacerts"/> and
+ <xref linkend="libtasn1"/>
+ </para>
+
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional">
- <xref linkend="gtk-doc"/>
+ <xref linkend="gtk-doc"/> and
+ <xref linkend="libxslt"/>
</para>
<para condition="html" role="usernotes">User Notes:
@@ -108,8 +115,11 @@
<sect2 role="commands">
<title>Command Explanations</title>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
- href="../../xincludes/gtk-doc-rebuild.xml"/>
+ <para>
+ <option>--enable-doc</option>: Use this switch if you have installed
+ <xref linkend="gtk-doc"/> and <xref linkend="libxslt"/> and wish to
+ rebuild the documentation and generate manual pages.
+ </para>
</sect2>
@@ -130,8 +140,10 @@
</seg>
<seg>
/etc/pkcs11,
- /usr/include/p11-kit-1 and
- /usr/share/gtk-doc/html/p11-kit
+ /usr/include/p11-kit-1,
+ /usr/lib/pkcs11,
+ /usr/share/gtk-doc/html/p11-kit and
+ /usr/share/p11-kit
</seg>
</seglistitem>
</segmentedlist>
@@ -141,6 +153,19 @@
<?dbfo list-presentation="list"?>
<?dbhtml list-presentation="table"?>
+ <varlistentry id="p11-kit-prog">
+ <term><command>p11-kit</command></term>
+ <listitem>
+ <para>
+ is a command line tool that can be used to perform operations
+ on PKCS#11 modules configured on the system.
+ </para>
+ <indexterm zone="p11-kit p11-kit-prog">
+ <primary sortas="b-p11-kit">p11-kit</primary>
+ </indexterm>
+ </listitem>
+ </varlistentry>
+
<varlistentry id="libp11-kit">
<term><filename class="libraryfile">libp11-kit.so</filename></term>
<listitem>
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
