Source: wolfssl Version: wolfssl/4.5.0+dfsg-4 Severity: normal
A new wolfSSL version 4.6.0 is available. Patches are enclosed with all necessary changes to build the new version. Please consider updating the package.
>From 5e5c68b3f7a70cf46bf67bf0a41956729bd02863 Mon Sep 17 00:00:00 2001 From: Bastian Germann <bastiangerm...@fishpost.de> Date: Tue, 29 Dec 2020 20:01:25 +0100 Subject: [PATCH 1/5] Amend general copyright year --- debian/copyright | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/copyright b/debian/copyright index 295b8f784..40c6abc9c 100644 --- a/debian/copyright +++ b/debian/copyright @@ -15,7 +15,7 @@ Files-Excluded: Files: * Copyright: - 2006-2019 wolfSSL Inc. + 2006-2020 wolfSSL Inc. License: GPL-2+ Files: -- 2.29.2
>From 80b6272b1ea8298c46fb0f8efe341a1373ed508c Mon Sep 17 00:00:00 2001 From: Bastian Germann <bastiangerm...@fishpost.de> Date: Tue, 29 Dec 2020 23:33:39 +0100 Subject: [PATCH 2/5] Remove upstream patch --- ...cc91d0cd276befe7f08f87ba2dc5ee7122ff.patch | 26 ------------------- debian/patches/series | 1 - 2 files changed, 27 deletions(-) delete mode 100644 debian/patches/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff.patch diff --git a/debian/patches/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff.patch b/debian/patches/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff.patch deleted file mode 100644 index ec70ea9fa..000000000 --- a/debian/patches/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff.patch +++ /dev/null @@ -1,26 +0,0 @@ -Description: Make ByteReverseWords available on s390x - Cherry picked from upstream -Origin: https://github.com/wolfSSL/wolfssl/pull/3255/commits/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff -Forwarded: not-needed ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c -index fe66ee0a1a..23bfa1adc5 100644 ---- a/wolfcrypt/src/misc.c -+++ b/wolfcrypt/src/misc.c -@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWord32(word32 value) - return rotlFixed(value, 16U); - #endif - } --#if defined(LITTLE_ENDIAN_ORDER) - /* This routine performs a byte swap of words array of a given count. */ - WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in, - word32 byteCount) -@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in, - out[i] = ByteReverseWord32(in[i]); - - } --#endif /* LITTLE_ENDIAN_ORDER */ - - #if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS) - diff --git a/debian/patches/series b/debian/patches/series index 4ab700070..229a39e30 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,3 @@ -b90acc91d0cd276befe7f08f87ba2dc5ee7122ff.patch utf8.patch multi-arch.patch reproducible-build.patch -- 2.29.2
>From 10ef9256051987983fbaed7943373e97407ea423 Mon Sep 17 00:00:00 2001 From: Bastian Germann <bastiangerm...@fishpost.de> Date: Tue, 29 Dec 2020 23:36:47 +0100 Subject: [PATCH 3/5] Update DFSG patch --- debian/patches/dfsg.patch | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/patches/dfsg.patch b/debian/patches/dfsg.patch index b1a47c7dd..52775a920 100644 --- a/debian/patches/dfsg.patch +++ b/debian/patches/dfsg.patch @@ -3,9 +3,9 @@ Forwarded: not-needed From: Felix Lechner <felix.lech...@lease-up.com> --- a/Makefile.am +++ b/Makefile.am -@@ -168,25 +168,6 @@ include tests/include.am - include sslSniffer/sslSnifferTest/include.am +@@ -173,25 +173,6 @@ include sslSniffer/sslSnifferTest/include.am include rpm/include.am + include linuxkm/include.am -# Exclude references to non-DFSG sources from build files -if !BUILD_DISTRO @@ -28,4 +28,4 @@ From: Felix Lechner <felix.lech...@lease-up.com> -endif include scripts/include.am - if USE_VALGRIND + if BUILD_LINUXKM -- 2.29.2
>From c277ef0951b1252203685036b09ad1873fc42534 Mon Sep 17 00:00:00 2001 From: Bastian Germann <bastiangerm...@fishpost.de> Date: Tue, 29 Dec 2020 23:28:08 +0100 Subject: [PATCH 4/5] Replace patches with configure option --- debian/patches/disable-crl-monitor.patch | 18 -------------- debian/patches/series | 2 -- .../patches/turn-off-fastmath-for-amd64.patch | 24 ------------------- debian/rules | 2 ++ 4 files changed, 2 insertions(+), 44 deletions(-) delete mode 100644 debian/patches/disable-crl-monitor.patch delete mode 100644 debian/patches/turn-off-fastmath-for-amd64.patch diff --git a/debian/patches/disable-crl-monitor.patch b/debian/patches/disable-crl-monitor.patch deleted file mode 100644 index 9bd9a8e25..000000000 --- a/debian/patches/disable-crl-monitor.patch +++ /dev/null @@ -1,18 +0,0 @@ -Description: Disable CRL monitor on all architectures - CRL monitor is unavailable on Debian architecture kFreeBSD, causes FTBFS -Author: Felix Lechner <felix.lech...@lease-up.com> -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860514 -Forwarded: not-needed -Last-Update: 2017-04-22 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ ---- a/configure.ac -+++ b/configure.ac -@@ -194,7 +194,6 @@ then - enable_ocspstapling=yes - enable_ocspstapling2=yes - enable_crl=yes -- enable_crl_monitor=yes - enable_sni=yes - enable_maxfragment=yes - enable_alpn=yes diff --git a/debian/patches/series b/debian/patches/series index 229a39e30..18611bbe4 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,6 +4,4 @@ reproducible-build.patch improve-clean-target.patch dfsg.patch fix-hurd-i386-flags.patch -turn-off-fastmath-for-amd64.patch -disable-crl-monitor.patch disable-jobserver.patch diff --git a/debian/patches/turn-off-fastmath-for-amd64.patch b/debian/patches/turn-off-fastmath-for-amd64.patch deleted file mode 100644 index a5719631a..000000000 --- a/debian/patches/turn-off-fastmath-for-amd64.patch +++ /dev/null @@ -1,24 +0,0 @@ -Description: Turn off fastmath for amd64, where it is default - Enabling fastmath just for amd64 causes the shared library symbols to - become architecture-dependent. -Author: Felix Lechner <felix.lech...@lease-up.com> -Forwarded: not-needed ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ ---- a/configure.ac -+++ b/configure.ac -@@ -3970,10 +3970,10 @@ fi - # set fastmath default - FASTMATH_DEFAULT=no - --if test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" --then -- FASTMATH_DEFAULT=yes --fi -+#if test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" -+#then -+# FASTMATH_DEFAULT=yes -+#fi - if test "$ENABLED_SP_MATH" = "yes" - then - FASTMATH_DEFAULT=no diff --git a/debian/rules b/debian/rules index e3e8071e8..3f1b366c2 100755 --- a/debian/rules +++ b/debian/rules @@ -23,7 +23,9 @@ override_dh_auto_configure: --enable-pkcs11 \ --enable-tls13 \ --enable-base64encode \ + --disable-crl-monitor \ --disable-examples \ + --disable-fastmath \ --disable-silent-rules override_dh_installexamples: -- 2.29.2
>From 3a3d77c3ea4a87e67cb305497cbf303f277bff05 Mon Sep 17 00:00:00 2001 From: Bastian Germann <bastiangerm...@fishpost.de> Date: Wed, 30 Dec 2020 00:39:56 +0100 Subject: [PATCH 5/5] Rename two OpenSSL API symbols The SSL_get_*finished got a wolf prefix. --- debian/libwolfssl24.symbols | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/libwolfssl24.symbols b/debian/libwolfssl24.symbols index 1143c5231..75efb6b02 100644 --- a/debian/libwolfssl24.symbols +++ b/debian/libwolfssl24.symbols @@ -30,8 +30,6 @@ libwolfssl.so.24 libwolfssl24 #MINVER# SSL_SESSION_get0_id_context@Base 4.1.0+dfsg SSL_SESSION_set1_id@Base 4.1.0+dfsg SSL_SESSION_set1_id_context@Base 4.1.0+dfsg - SSL_get_finished@Base 4.1.0+dfsg - SSL_get_peer_finished@Base 4.1.0+dfsg SetName@Base 4.1.0+dfsg ToTraditional@Base 4.1.0+dfsg ToTraditional_ex@Base 4.1.0+dfsg @@ -2181,6 +2179,7 @@ libwolfssl.so.24 libwolfssl24 #MINVER# wolfSSL_get_ex_data_X509_STORE_CTX_idx@Base 4.1.0+dfsg wolfSSL_get_ex_new_index@Base 4.1.0+dfsg wolfSSL_get_fd@Base 4.1.0+dfsg + wolfSSL_get_finished@Base 4.6.0+dfsg wolfSSL_get_jobject@Base 4.1.0+dfsg wolfSSL_get_keyblock_size@Base 4.1.0+dfsg wolfSSL_get_keys@Base 4.1.0+dfsg @@ -2188,6 +2187,7 @@ libwolfssl.so.24 libwolfssl24 #MINVER# wolfSSL_get_peer_cert_chain@Base 4.1.0+dfsg wolfSSL_get_peer_certificate@Base 4.1.0+dfsg wolfSSL_get_peer_chain@Base 4.1.0+dfsg + wolfSSL_get_peer_finished@Base 4.6.0+dfsg wolfSSL_get_privatekey@Base 4.1.0+dfsg wolfSSL_get_psk_callback_ctx@Base 4.5.0+dfsg wolfSSL_get_psk_identity@Base 4.1.0+dfsg -- 2.29.2