Great : ) Thanks John. I would think we can close this case as approved now.
--Irene John Fischer wrote: > All, > > I should have added the +1 to my original email. > So ... +1. > > > John > > Jeff Cai wrote: >> The project team will update the man pages before the integration. >> >> Thanks >> >> Jeff >> >> On 02/27/09 14:26, Margot Miller wrote: >>> Hey, >>> >>> It looks like there are new interfaces according to the >>> technical description, which are just new interfaces >>> to libgnutls.so.26 and libgnutlsxx.so.26. If that is >>> the case and the man pages reflect that, then +1. >>> >>> Thanks >>> Margot >>> >>> >>> John Fischer wrote: >>>> All, >>>> >>>> Please note that this project also includes the appropriate >>>> 64-bit library and 64-bit pkg-config file. >>>> >>>> Thanks, >>>> >>>> John >>>> >>>> On Thu, 2009-02-12 at 04:50, Shi-Ying Irene Huang wrote: >>>>> Template Version: @(#)sac_nextcase %I% %G% SMI >>>>> This information is Copyright 2009 Sun Microsystems >>>>> 1. Introduction >>>>> 1.1. Project/Component Working Name: >>>>> Gnutls update to 2.6 >>>>> 1.2. Name of Document Author/Supplier: >>>>> Author: Jeff Cai >>>>> 1.3 Date of This Document: >>>>> 12 February, 2009 >>>>> 4. Technical Description >>>>> 1. Introduction >>>>> 1.1. Project/Component Working Name: >>>>> >>>>> GnuTLS Update for 2.6.3 >>>>> >>>>> 1.2. Name of Document Author/Supplier: >>>>> Author: Jeff Cai >>>>> Sponser: Irene Huang >>>>> >>>>> 1.3. Date of This Document: >>>>> >>>>> 02/06/2009 >>>>> >>>>> 1.4. Name of Major Document Customer(s)/Consumer(s): >>>>> >>>>> 1.4.1. The PAC or CPT you expect to review your project: >>>>> >>>>> Solaris PAC >>>>> >>>>> 1.4.2. The ARC(s) you expect to review your project: >>>>> >>>>> LSARC >>>>> >>>>> 1.4.3. The Director/VP who is "Sponsoring" this project: >>>>> >>>>> Robert O'Dea >>>>> >>>>> 1.4.4. The name of your business unit: >>>>> >>>>> Software - OPG >>>>> >>>>> 1.5. Email Aliases: >>>>> 1.5.1. Responsible Manager: harry.lu at sun.com >>>>> 1.5.2. Responsible Engineer: jeff.cai at sun.com >>>>> 1.5.3. Marketing Manager: glynn.foster at sun.com >>>>> 1.5.4. Interest List: brian.cameron at sun.com >>>>> darren.moffat at sun.com >>>>> wyllys.ingersoll at sun.com >>>>> >>>>> 2. Project Summary >>>>> 2.1. Project Description: >>>>> GnuTLS provides a secure layer, over a reliable >>>>> transport layer. Currently the GnuTLS library implements the >>>>> proposed standards by the IETF's TLS working group. >>>>> >>>>> This fast-track increments the version of GnuTLS in Solaris >>>>> from 2.2.4 to 2.6.3. >>>>> >>>>> 3. Technical Description: >>>>> 3.1. Details: >>>>> GnuTLS is a modern C library that implements the >>>>> standard network >>>>> security protocol Transport Layer Security (TLS), for use by >>>>> network >>>>> applications. >>>>> A number of projects in the Solaris Desktop such as >>>>> Evolution, Pidgin, >>>>> Ekiga and Vino depend on it. The latest stable >>>>> version of GnuTLS is 2.6.3. >>>>> GnuTLS 2.6.0 has interface changes, but 2.6.1 through 2.6.3 are >>>>> bugfix only releases. >>>>> >>>>> Compared with the previously integrated version, GnuTLS >>>>> 2.2.4, the new >>>>> version adds following features: >>>>> >>>>> * Full OpenPGP support is part of libgnutls, licensed >>>>> under the LGPL. >>>>> * The PSK sub-system has been improved and now supports >>>>> password >>>>> derivation and PSK identity hints. >>>>> * The default handshake size limit has been increased to >>>>> 48kb. >>>>> The earlier limit was 16kb. The handshake messages >>>>> contain all handshake >>>>> messages between a client and a server only if they >>>>> communicate in >>>>> TLS protocol. The reason for restricting the handshake >>>>> message size is to limit Denial of Service attacks. >>>>> * New APIs to access the raw X.509 Subject and Issuer DN's >>>>> and >>>>> elements from the certificate credentials structure. >>>>> * New APIs to improve working with username/passwords and >>>>> PSK. >>>>> * Names of constants to affect certificate printing changed. >>>>> The constants are used for OpenPGP too, which the names >>>>> didn't >>>>> reflect, so the following name change has been made: >>>>> >>>>> Old name New name >>>>> GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL >>>>> GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE >>>>> GNUTLS_X509_CRT_UNSIGNED_FULL >>>>> GNUTLS_CRT_PRINT_UNSIGNED_FULL >>>>> The old names will be mapped to the new names for some >>>>> time. >>>>> * The function gnutls_openpgp_privkey_get_id has been >>>>> renamed to >>>>> gnutls_openpgp_privkey_get_key_id. >>>>> A compatibility mapping exists to avoid breaking API >>>>> backwards >>>>> compatibility. >>>>> * Replaced all uses of alloca with malloc and free. >>>>> * Remove code to import certificate chains in PKCS#7 format. >>>>> The code has not worked since v0.9.0 and apparently >>>>> nobody has missed >>>>> it, so the community decided to remove the code rather >>>>> than fix it. If you have >>>>> old certificate chains stored in PKCS#7 format, you can >>>>> convert them >>>>> to a list of PEM certificates by using 'certtool >>>>> --p7-info'. * Added API to replace and update the crypto >>>>> backend. >>>>> A new header file <gnutls/crypto.h> has been added. It >>>>> contains >>>>> definitions related to replacing the internal crypto >>>>> functionality. >>>>> All definitions and the header itself are experimental >>>>> but supported. >>>>> * gnutls_x509_crt_set_subject_alt_name() was added. It can >>>>> either set or append alternative names. It can also >>>>> handle binary structures >>>>> such as IP addresses. >>>>> * New function to set minimum acceptable SRP bits. >>>>> * Add interface to deal with public key and signature >>>>> algorithms. >>>>> * New interfaces to get name of public key and signing >>>>> algorithms. >>>>> * New API to get a string corresponding to a error symbol. >>>>> * New API to set the public parameters in a certificate >>>>> request >>>>> from a private key. >>>>> * New API to set a callback to extract TLS Finished data. >>>>> * Fix namespace problem with TLS_MASTER_SIZE and >>>>> TLS_RANDOM_SIZE. >>>>> The new names are GNUTLS_MASTER_SIZE and >>>>> GNUTLS_RANDOM_SIZE. The old >>>>> names are mapped to the new names in compat.h. These >>>>> mappings will >>>>> likely be removed more quickly than other mappings in >>>>> that file due to >>>>> the namespace violation. >>>>> * New interface to register a new TLS extension handler. >>>>> The new function gnutls_ext_register can be used to >>>>> register handlers >>>>> for specific TLS extension types. The callback >>>>> functions have the new >>>>> types gnutls_ext_recv_func and gnutls_ext_send_func. A >>>>> type to >>>>> classify TLS extensions, gnutls_ext_parse_type_t, has >>>>> been added as well. >>>>> >>>>> 3.2. Interfaces: >>>>> Exported Interfaces >>>>> Interface Classification >>>>> Comments >>>>> --------------- -------------- >>>>> ----------------------- >>>>> SUNWgnutls Uncommitted >>>>> Package name (unchanged) >>>>> SUNWgnutls-devel Uncommitted >>>>> Package name (unchanged) >>>>> >>>>> /usr/lib/libgnutls.so.26 Volatile C >>>>> library (unchanged) >>>>> /usr/lib/libgnutlsxx.so.26 Volatile C++ >>>>> library (unchanged) >>>>> >>>>> /usr/share/aclocal/libgnutls.m4 Volatile >>>>> (unchanged) >>>>> /usr/lib/pkgconfig/gnutls.pc Volatile >>>>> (unchanged) >>>>> /usr/include/gnutls/gnutls.h Volatile >>>>> (unchanged) >>>>> /usr/include/gnutls/gnutlsxx.h Volatile >>>>> (unchanged) >>>>> /usr/include/gnutls/pkcs12.h Volatile >>>>> (unchanged) >>>>> /usr/include/gnutls/compat.h Volatile >>>>> (unchanged) >>>>> /usr/include/gnutls/x509.h Volatile >>>>> (unchanged) >>>>> /usr/bin/libgnutls-config Volatile >>>>> (unchanged) >>>>> /usr/share/man/man1/libgnutls-config Volatile >>>>> (unchanged) >>>>> /usr/share/man/man3/libgnutls.3 Volatile >>>>> (unchanged) >>>>> /usr/share/man/man3/libgnutlsxx.3 Volatile >>>>> (unchanged) >>>>> /usr/share/doc/SUNWgnutls/AUTHORS Volatile >>>>> (unchanged) >>>>> /usr/share/doc/SUNWgnutls/NEWS.bz2 Volatile >>>>> (unchanged) >>>>> /usr/share/doc/SUNWgnutls/README Volatile >>>>> (unchanged) >>>>> /usr/share/doc/SUNWgnutls/ Volatile >>>>> (unchanged) >>>>> COPYING.LIB.bz2 >>>>> >>>>> /usr/include/gnutls/openpgp.h Volatile (added) >>>>> /usr/include/gnutls/crypto.h Volatile >>>>> (added) >>>>> >>>>> Imported Interfaces >>>>> Interface Classification >>>>> Comments >>>>> --------------- --------------- >>>>> --------------------- >>>>> /usr/lib/libgcrypt.so.11 Volatile >>>>> (unchanged) >>>>> >>>>> LSARC/2008/390/ >>>>> >>>>> /usr/lib/libtasn1.so.3 Volatile >>>>> (added) >>>>> >>>>> LSARC/2008/341/ >>>>> >>>>> /usr/lib/libz.so.1 Committed >>>>> (unchanged) >>>>> >>>>> PSARC/2006/537 >>>>> >>>>> 3.3. Packaging & Delivery: >>>>> SUNWgnutls(base package) - base package >>>>> for binaries >>>>> SUNWgnutls-devel (development package) - development >>>>> package for >>>>> header and documents >>>>> >>>>> 3.4. Dependencies: >>>>> libgnutls depends on libtasn1, libgcrypt and zlib. >>>>> >>>>> 3.5 References >>>>> Sun Evolution LSARC/2003/298/ >>>>> libtasn1 LSARC/2008/390/ >>>>> GnuTLS Update for 2.2.4 LSARC/2008/341/ >>>>> >>>>> 4. Resources and Schedule: >>>>> 4.1. Product Approval Committee requested information: >>>>> 4.1.1. Consolidation Name: >>>>> >>>>> Desktop Cteam/GNOME >>>>> >>>>> 4.1.2. Contributing OpCo/BU/Division Name: >>>>> >>>>> Desktop Solutions >>>>> >>>>> 4.1.3. Type of PAC Review and Approval expected: >>>>> >>>>> FastTrack >>>>> >>>>> 5. References >>>>> Project website: http://www.gnu.org/software/gnutls/ >>>>> GnuTLS 2.4.0 Release News: >>>>> http://article.gmane.org/gmane.network.gnutls.general/1282 >>>>> GnuTLS 2.6.0 Release News: >>>>> >>>>> http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3135 >>>>> >>>>> >>>>> >>>>> 6. Resources and Schedule >>>>> 6.4. Steering Committee requested information >>>>> 6.4.1. Consolidation C-team Name: >>>>> Desktop >>>>> 6.5. ARC review type: FastTrack >>>>> 6.6. ARC Exposure: open >>>>> >>>> >>> >>
