[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 2af3693a618cef6ede54b783d048767482ae21a6
Author: Sam James gentoo org>
AuthorDate: Fri Aug 16 23:24:46 2024 +
Commit: Sam James gentoo org>
CommitDate: Fri Aug 16 23:25:12 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2af3693a
net-libs/gnutls: fix configure handling of brotli args
Revbump given it could be automagic.
Closes: https://bugs.gentoo.org/937997
Signed-off-by: Sam James gentoo.org>
.../files/gnutls-3.8.7.1-configure-brotli.patch| 156 +
...tls-3.8.7.1.ebuild => gnutls-3.8.7.1-r1.ebuild} | 11 +-
2 files changed, 165 insertions(+), 2 deletions(-)
diff --git a/net-libs/gnutls/files/gnutls-3.8.7.1-configure-brotli.patch
b/net-libs/gnutls/files/gnutls-3.8.7.1-configure-brotli.patch
new file mode 100644
index ..1dac6f514f0b
--- /dev/null
+++ b/net-libs/gnutls/files/gnutls-3.8.7.1-configure-brotli.patch
@@ -0,0 +1,156 @@
+https://bugs.gentoo.org/937997
+https://gitlab.com/gnutls/gnutls/-/merge_requests/1867
+
+From 292f96f26d7ce80e4a165c903c4fd569b85c1c1f Mon Sep 17 00:00:00 2001
+From: Daiki Ueno
+Date: Fri, 16 Aug 2024 09:42:15 +0900
+Subject: [PATCH 1/3] build: fix setting AM_CONDITIONAL for brotli and zstd
+
+As the with_{libbrotli,libzsttd} variables are unset if configured
+with --without-{brotli,zstd}, check the unequality to "no" doesn't
+work; use explicit matching with "yes" instead.
+
+Signed-off-by: Daiki Ueno
+--- a/configure.ac
b/configure.ac
+@@ -1158,7 +1158,7 @@ if test x$ac_brotli != xno; then
+ else
+ AC_MSG_RESULT(no)
+ fi
+-AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" != "no" && test
"$with_libbrotlidec" != "no")
++AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" = yes && test
"$with_libbrotlidec" = yes)
+
+ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+ save_CFLAGS=$CFLAGS
+@@ -1203,7 +1203,7 @@ if test x$ac_zstd != xno; then
+ else
+ AC_MSG_RESULT(no)
+ fi
+-AM_CONDITIONAL(HAVE_LIBZSTD, test "$with_libzstd" != "no")
++AM_CONDITIONAL(HAVE_LIBZSTD, test "$with_libzstd" = yes)
+
+ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+ save_CFLAGS=$CFLAGS
+--
+GitLab
+
+
+From 546153198d2fb8fc4902f23de6254bb7988de534 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno
+Date: Fri, 16 Aug 2024 09:48:31 +0900
+Subject: [PATCH 2/3] build: don't emit Requires.private for dlopened libraries
+
+Signed-off-by: Daiki Ueno
+--- a/configure.ac
b/configure.ac
+@@ -1100,11 +1100,6 @@ if test x$ac_zlib != xno; then
+ PKG_CHECK_EXISTS(zlib, ZLIB_HAS_PKGCONFIG=y, ZLIB_HAS_PKGCONFIG=n)
+ if test "$ZLIB_HAS_PKGCONFIG" = "y" ; then
+ PKG_CHECK_MODULES(ZLIB, [zlib])
+- if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then
+- GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib"
+- else
+- GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib"
+- fi
+ ac_zlib=yes
+ else
+ AC_LIB_HAVE_LINKFLAGS(z,, [#include ], [compress (0, 0, 0, 0);])
+@@ -1134,6 +1129,13 @@ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+compress (0, 0, 0, 0);])])
+ LIBS="$save_LIBS"
+ CFLAGS="$save_CFLAGS"
++],
++ [test "$ZLIB_HAS_PKGCONFIG" = y && test "$ac_zlib" = yes], [
++if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then
++GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib"
++else
++GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib"
++fi
+ ])
+
+ AC_ARG_WITH(brotli,
+@@ -1146,11 +1148,6 @@ if test x$ac_brotli != xno; then
+ PKG_CHECK_MODULES(LIBBROTLIDEC, [libbrotlidec >= 1.0.0],
[with_libbrotlidec=yes], [with_libbrotlidec=no])
+ if test "${with_libbrotlienc}" = "yes" && test "${with_libbrotlidec}" =
"yes"; then
+ AC_DEFINE([HAVE_LIBBROTLI], 1, [Define if BROTLI compression is
enabled.])
+- if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
+- GNUTLS_REQUIRES_PRIVATE="Requires.private: libbrotlienc,
libbrotlidec"
+- else
+- GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libbrotlienc,
libbrotlidec"
+- fi
+ need_ltlibdl=yes
+ else
+ AC_MSG_WARN(*** LIBBROTLI was not found. You will not be able to use
BROTLI compression.)
+@@ -1180,6 +1177,13 @@ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+BrotliDecoderVersion();])])
+ LIBS="$save_LIBS"
+ CFLAGS="$save_CFLAGS"
++],
++ [test "$with_libbrotlienc" = yes && test "$with_libbrotlidec" = yes], [
++if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
++GNUTLS_REQUIRES_PRIVATE="Requires.private: libbrotlienc, libbrotlidec"
++else
++GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libbrotlienc,
libbrotlidec"
++fi
+ ])
+
+ AC_ARG_WITH(zstd,
+@@ -1191,11 +1195,6 @@ if test x$ac_zstd != xno; then
+ PKG_CHECK_MODULES(LIBZSTD, [libzstd >= 1.3.0], [with_libzstd=yes],
[with_libzstd=no])
+ if test "${with_libzstd}" = "yes"; then
+ AC_DEFINE([HAVE_LIBZSTD], 1, [Define if ZSTD compression is
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 3e414999ed5919555adceb25d8abf547f001f034
Author: Christopher Fore posteo net>
AuthorDate: Tue Apr 23 22:59:04 2024 +
Commit: Sam James gentoo org>
CommitDate: Sat Apr 27 22:10:27 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e414999
net-libs/gnutls: Add patch to fix Wireshark tests
- GnuTLS tests pass
- Wireshark tests pass now with this
[sam: add more references to patch]
Closes: https://bugs.gentoo.org/930529
Closes: https://bugs.gentoo.org/930752
Signed-off-by: Christopher Fore posteo.net>
Closes: https://github.com/gentoo/gentoo/pull/36392
Signed-off-by: Sam James gentoo.org>
...3.8.5-fix-rsaes-pkcs1-systemd-wide-config.patch | 261 +
net-libs/gnutls/gnutls-3.8.5-r1.ebuild | 155
2 files changed, 416 insertions(+)
diff --git
a/net-libs/gnutls/files/gnutls-3.8.5-fix-rsaes-pkcs1-systemd-wide-config.patch
b/net-libs/gnutls/files/gnutls-3.8.5-fix-rsaes-pkcs1-systemd-wide-config.patch
new file mode 100644
index ..6905f793ab4f
--- /dev/null
+++
b/net-libs/gnutls/files/gnutls-3.8.5-fix-rsaes-pkcs1-systemd-wide-config.patch
@@ -0,0 +1,261 @@
+https://bugs.gentoo.org/930752
+https://bugs.gentoo.org/930529
+https://gitlab.com/gnutls/gnutls/-/issues/1540
+https://gitlab.com/gnutls/gnutls/-/merge_requests/1830
+https://gitlab.com/gnutls/gnutls/-/commit/2d73d945c4b1dfcf8d2328c4d23187d62ffaab2d
+
+From 2d73d945c4b1dfcf8d2328c4d23187d62ffaab2d Mon Sep 17 00:00:00 2001
+From: Zoltan Fridrich
+Date: Wed, 10 Apr 2024 12:51:33 +0200
+Subject: [PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration
+
+Signed-off-by: Zoltan Fridrich
+--- a/lib/priority.c
b/lib/priority.c
+@@ -1018,6 +1018,12 @@ struct cfg {
+ bool force_ext_master_secret_set;
+ };
+
++static inline void cfg_init(struct cfg *cfg)
++{
++ memset(cfg, 0, sizeof(*cfg));
++ cfg->allow_rsa_pkcs1_encrypt = true;
++}
++
+ static inline void cfg_deinit(struct cfg *cfg)
+ {
+ if (cfg->priority_strings) {
+@@ -1095,6 +1101,12 @@ struct ini_ctx {
+ size_t curves_size;
+ };
+
++static inline void ini_ctx_init(struct ini_ctx *ctx)
++{
++ memset(ctx, 0, sizeof(*ctx));
++ cfg_init(&ctx->cfg);
++}
++
+ static inline void ini_ctx_deinit(struct ini_ctx *ctx)
+ {
+ cfg_deinit(&ctx->cfg);
+@@ -1423,9 +1435,6 @@ static inline int cfg_apply(struct cfg *cfg, struct
ini_ctx *ctx)
+ _gnutls_default_priority_string = cfg->default_priority_string;
+ }
+
+- /* enable RSA-PKCS1-V1_5 by default */
+- cfg->allow_rsa_pkcs1_encrypt = true;
+-
+ if (cfg->allowlisting) {
+ /* also updates `flags` of global `hash_algorithms[]` */
+ ret = cfg_hashes_set_array(cfg, ctx->hashes, ctx->hashes_size);
+@@ -2217,22 +2226,73 @@ update_system_wide_priority_string(void)
+ return 0;
+ }
+
++/* Returns false on parse error, otherwise true.
++ * The system_wide_config must be locked for writing.
++ */
++static inline bool load_system_priority_file(void)
++{
++ int err;
++ FILE *fp;
++ struct ini_ctx ctx;
++
++ cfg_init(&system_wide_config);
++
++ fp = fopen(system_priority_file, "re");
++ if (fp == NULL) {
++ _gnutls_debug_log("cfg: unable to open: %s: %d\n",
++system_priority_file, errno);
++ return true;
++ }
++
++ /* Parsing the configuration file needs to be done in 2 phases:
++ * first parsing the [global] section
++ * and then the other sections,
++ * because the [global] section modifies the parsing behavior.
++ */
++ ini_ctx_init(&ctx);
++ err = ini_parse_file(fp, global_ini_handler, &ctx);
++ if (!err) {
++ if (fseek(fp, 0L, SEEK_SET) < 0) {
++ _gnutls_debug_log("cfg: unable to rewind: %s\n",
++system_priority_file);
++ if (fail_on_invalid_config)
++ exit(1);
++ }
++ err = ini_parse_file(fp, cfg_ini_handler, &ctx);
++ }
++ fclose(fp);
++ if (err) {
++ ini_ctx_deinit(&ctx);
++ _gnutls_debug_log("cfg: unable to parse: %s: %d\n",
++system_priority_file, err);
++ return false;
++ }
++ cfg_apply(&system_wide_config, &ctx);
++ ini_ctx_deinit(&ctx);
++ return true;
++}
++
+ static int _gnutls_update_system_priorities(bool defer_system_wide)
+ {
+- int ret, err = 0;
++ int ret;
++ bool config_parse_error = false;
+ struct stat sb;
+- FILE *fp;
+ gnutls_buffer_st buf;
+- struct ini_ctx ctx;
+
+ ret = gnutls_rwlock_rdlock(&system_wide_config_rwlock);
+- if (ret < 0) {
++ if (ret < 0)
+ return gnutls_assert_val(ret);
+- }
+
+ if (stat(system_priority_file, &sb) < 0) {
+ _gnutls_debug
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 7ac241549034d7ca490acb1ea8321daf25b4fd21
Author: Sam James gentoo org>
AuthorDate: Sat May 14 04:03:23 2022 +
Commit: Sam James gentoo org>
CommitDate: Sat May 14 21:22:25 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ac24154
net-libs/gnutls: drop 3.7.4
Signed-off-by: Sam James gentoo.org>
net-libs/gnutls/Manifest | 2 -
.../files/gnutls-3.7.4-configure-compression.patch | 63 -
net-libs/gnutls/gnutls-3.7.4.ebuild| 153 -
3 files changed, 218 deletions(-)
diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index b80bc56323a2..cdc465872bb4 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -1,6 +1,4 @@
DIST gnutls-3.7.2.tar.xz 6091508 BLAKE2B
f408ff65f2e08cf294b449dfac64a272a8ba40e987618960f57ee36c167a25974711ab8d11bdbd6335fbf18ac902a79b5c6b40bb6a37f4ee07549832d0611df2
SHA512
5d01d561a05379da71e4847e30ba13c2abe09f7a5c4359fd539d8bd19abad0ce87120f82ee7b6264e787bd3edbc5ae16beffa892983cbc3d59f11a1811c10329
DIST gnutls-3.7.3.tar.xz 6119292 BLAKE2B
811e6fbb62fbd35fa63e66cfcbfc3bf899cea5cece1d2a68bc650f507df0f7be9f59c707c90fa19b7ef5a52455a663da49682704e0884af06075c566afbfc0bf
SHA512
3ace744affe23e284342658d6d2d2de49dd50065489cbc8be18fc7d38187253e5268ca54027ce5cd517056c249ac039a7481e4548cec04325de37ae85617d077
-DIST gnutls-3.7.4.tar.xz 6131772 BLAKE2B
1c44528952275f48e4e458558c4e03c5b90dfb267482d6815f6c836f9530abb486a23ae5ea70ba2db7e272eee8e2066b259374f02a9bb9e714487466fd5994c9
SHA512
38b488ca1223d9aa8fc25756df08db6f29aaf76fb5816fdeaa14bd89fb431a2e1c495fefc64094f726337d5b89e198146ec7dc22e9a1bca6841a9d881b0d99e6
-DIST gnutls-3.7.4.tar.xz.sig 685 BLAKE2B
ad485450abb916a229984f8f0d74fe7c46a0a87627f9d739f8121dccf36f4ca454007178f2a4e9bd5fffa2813363481bf80eaeee40f86e1b9c23b1f25dff7b4c
SHA512
74b8badd67e215313583bd25c7b639207860af45d6f5cbcb81f1aaf46dacf0992b6d06876979594688e13dac5b8b27ba39935626374b4ddaa3e48118bbc2e7de
DIST gnutls-3.7.5.tar.xz 6321392 BLAKE2B
e7b2da643dc8d5160d1872655ed6771b89587d62132eccfe0b7ce0cc9e81daa27b3608608df3301787d89148a27d321266ac52c1fde06afd2e821575e8805403
SHA512
2e4898e6aeff4f82abd48e6a442f5c9ebe4ecaeb0c038b76e2da8e468f6a7ae37fef5e8de17d90346f29aa0b56a08abf67fe8b81ba09dcf4612cc3b97b830bec
DIST gnutls-3.7.5.tar.xz.sig 685 BLAKE2B
0a7fdeae9b10382e962c5ea7b49fbb2c0829203bded123597b7718b0cd9483204498a05556da82518f40a4775c90a9b275afdbb4d6a65e7a9396bd0c40ca522a
SHA512
1110b859299d13c5121f9c68d6faf099a62b13500cd1c994ac6dea49d69c29a351fd4de42bb66fe01d2e6feef9c3fbd344e8eec0a409c804699d3f7956fe28ff
diff --git a/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch
b/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch
deleted file mode 100644
index edd688d9b58a..
--- a/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-https://gitlab.com/gnutls/gnutls/-/merge_requests/1557
-
-From: Sam James
-Date: Fri, 18 Mar 2022 05:40:28 +
-Subject: [PATCH 1/2] configure.ac: fix brotli/zstd configure argument name
-
-The old `./configure` arguments for brotli and zstd respectively
-were inconsistent with the `./configure --help` output.
-
-Old: --without-libbrotli --without-libzstd (also --with-*)
-New: --without-brotli --without-zstd (also --with-*)
-
-Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1342
-Signed-off-by: Sam James
a/configure.ac
-+++ b/configure.ac
-@@ -1010,7 +1010,7 @@ if test x$ac_zlib != xno; then
- fi
- AC_SUBST(LIBZ_PC)
-
--AC_ARG_WITH(libbrotli,
-+AC_ARG_WITH(brotli,
- AS_HELP_STRING([--without-brotli], [disable brotli compression
support]),
- ac_brotli=$withval, ac_brotli=yes)
- AC_MSG_CHECKING([whether to include brotli compression support])
-@@ -1033,7 +1033,7 @@ else
- fi
- AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" != "no" && test
"$with_libbrotlidec" != "no")
-
--AC_ARG_WITH(libzstd,
-+AC_ARG_WITH(zstd,
- AS_HELP_STRING([--without-zstd], [disable zstd compression
support]),
- ac_zstd=$withval, ac_zstd=yes)
- AC_MSG_CHECKING([whether to include zstd compression support])
-GitLab
-
-From: Sam James
-Date: Fri, 18 Mar 2022 05:51:29 +
-Subject: [PATCH 2/2] configure.ac: fix zstd detection
-
-Fixes typo in zstd detection.
-
-None of the used autoconf macros will define `has_zstd_h` so
-configure will (AFAICT) always fail to find zstd, even if it succeeded
-via pkg-config moments before.
-
-Drop it and rely solely on pkg-config as that's the only search
-we're actually doing.
-
-Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1343
-Signed-off-by: Sam James
a/configure.ac
-+++ b/configure.ac
-@@ -1040,7 +1040,7 @@ AC_MSG_CHECKING([whether to include zstd compression
support])
- if test x$ac_zstd != xno; then
- AC_MSG_RESULT(yes)
- PKG_CHECK_MODULES(LIBZSTD, [libzstd >= 1.3.0], [with_libzstd=yes],
[with_libzstd=no])
--if test "${wit
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 82957f19c28749d0004fef905c949a39aced93b2
Author: Sam James gentoo org>
AuthorDate: Fri Mar 18 06:10:47 2022 +
Commit: Sam James gentoo org>
CommitDate: Fri Mar 18 06:16:18 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82957f19
net-libs/gnutls: add 3.7.4
More of an exciting release than I anticipated when I started looking at it,
but for unexpected reasons!
- verify-sig support is stubbed out in the ebuild (commented out); couldn't
enable yet because website doesn't list key from new maintainer(?) but
distfile *does* have a valid signature from a known maintainer. gemato/gpg/
verify-sig currently rejects a distfile if it has *any* unrecognised
signatuers,
not if *all* are.
See https://gitlab.com/gnutls/web-pages/-/issues/3.
- Noticed `--{enable,disable}-gtk-doc` was suddenly unrecognised by
`./configure`.
The macro is used automagically upstream rather than being a hard dependency
so if it's not available at point of `make dist`, it'll just be dropped. It
looks
like that's what happened as a new person made the release => new env.
Temporarily unconditionally BDEPENDing on gtk-doc-am (harmless, tiny dep)
for now.
See https://gitlab.com/gnutls/gnutls/-/issues/1341.
- Needed to fix brotli & zstd configure arguments to be consistent with
`./configure --help` output.
Bug: https://gitlab.com/gnutls/gnutls/-/issues/1342
- Discovered brotli & zstd were both automagic dependencies, but it turns out
that the zstd check was broken anyway (would always fail).
See: https://gitlab.com/gnutls/gnutls/-/issues/1343.
Bug: https://gitlab.com/gnutls/gnutls/-/issues/1341
Bug: https://gitlab.com/gnutls/gnutls/-/issues/1342
Bug: https://gitlab.com/gnutls/gnutls/-/issues/1343
Bug: https://gitlab.com/gnutls/web-pages/-/issues/3
Signed-off-by: Sam James gentoo.org>
net-libs/gnutls/Manifest | 1 +
.../files/gnutls-3.7.4-configure-compression.patch | 63 +
net-libs/gnutls/gnutls-3.7.4.ebuild| 157 +
3 files changed, 221 insertions(+)
diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index b3e46a868aac..3158b68efb68 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -1,2 +1,3 @@
DIST gnutls-3.7.2.tar.xz 6091508 BLAKE2B
f408ff65f2e08cf294b449dfac64a272a8ba40e987618960f57ee36c167a25974711ab8d11bdbd6335fbf18ac902a79b5c6b40bb6a37f4ee07549832d0611df2
SHA512
5d01d561a05379da71e4847e30ba13c2abe09f7a5c4359fd539d8bd19abad0ce87120f82ee7b6264e787bd3edbc5ae16beffa892983cbc3d59f11a1811c10329
DIST gnutls-3.7.3.tar.xz 6119292 BLAKE2B
811e6fbb62fbd35fa63e66cfcbfc3bf899cea5cece1d2a68bc650f507df0f7be9f59c707c90fa19b7ef5a52455a663da49682704e0884af06075c566afbfc0bf
SHA512
3ace744affe23e284342658d6d2d2de49dd50065489cbc8be18fc7d38187253e5268ca54027ce5cd517056c249ac039a7481e4548cec04325de37ae85617d077
+DIST gnutls-3.7.4.tar.xz 6131772 BLAKE2B
1c44528952275f48e4e458558c4e03c5b90dfb267482d6815f6c836f9530abb486a23ae5ea70ba2db7e272eee8e2066b259374f02a9bb9e714487466fd5994c9
SHA512
38b488ca1223d9aa8fc25756df08db6f29aaf76fb5816fdeaa14bd89fb431a2e1c495fefc64094f726337d5b89e198146ec7dc22e9a1bca6841a9d881b0d99e6
diff --git a/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch
b/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch
new file mode 100644
index ..edd688d9b58a
--- /dev/null
+++ b/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch
@@ -0,0 +1,63 @@
+https://gitlab.com/gnutls/gnutls/-/merge_requests/1557
+
+From: Sam James
+Date: Fri, 18 Mar 2022 05:40:28 +
+Subject: [PATCH 1/2] configure.ac: fix brotli/zstd configure argument name
+
+The old `./configure` arguments for brotli and zstd respectively
+were inconsistent with the `./configure --help` output.
+
+Old: --without-libbrotli --without-libzstd (also --with-*)
+New: --without-brotli --without-zstd (also --with-*)
+
+Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1342
+Signed-off-by: Sam James
+--- a/configure.ac
b/configure.ac
+@@ -1010,7 +1010,7 @@ if test x$ac_zlib != xno; then
+ fi
+ AC_SUBST(LIBZ_PC)
+
+-AC_ARG_WITH(libbrotli,
++AC_ARG_WITH(brotli,
+ AS_HELP_STRING([--without-brotli], [disable brotli compression
support]),
+ ac_brotli=$withval, ac_brotli=yes)
+ AC_MSG_CHECKING([whether to include brotli compression support])
+@@ -1033,7 +1033,7 @@ else
+ fi
+ AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" != "no" && test
"$with_libbrotlidec" != "no")
+
+-AC_ARG_WITH(libzstd,
++AC_ARG_WITH(zstd,
+ AS_HELP_STRING([--without-zstd], [disable zstd compression
support]),
+ ac_zstd=$withval, ac_zstd=yes)
+ AC_MSG_CHECKING([whether to include zstd compression support])
+GitLab
+
+From: Sam James
+Date: Fri, 18 Mar 2022 05:51:29 +
+Subject: [PATCH 2/2] configure.ac: fix zstd detection
+
+Fixes typo in zstd detection.
+
+None of the used autoconf macros will define `has
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 1080e719f546c07009f81a320917ff96bf4e8f26
Author: David Seifert gentoo org>
AuthorDate: Sun May 23 11:48:05 2021 +
Commit: David Seifert gentoo org>
CommitDate: Sun May 23 11:48:05 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1080e719
net-libs/gnutls: drop 3.6.15
Signed-off-by: David Seifert gentoo.org>
net-libs/gnutls/Manifest | 1 -
.../gnutls-3.6.15-skip-dtls-seccomp-tests.patch| 26
net-libs/gnutls/gnutls-3.6.15.ebuild | 139 -
3 files changed, 166 deletions(-)
diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index 1ab16ed845f..94f3fc8017f 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -1,2 +1 @@
-DIST gnutls-3.6.15.tar.xz 6081656 BLAKE2B
6c52419037e41e817087a2577a6b73969cf065453ecf88e2f87152f544a177e4ad0ef825ae9dab243312e0223a953ab28e532bd2dbf96cb9498618415bc7f654
SHA512
f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c
DIST gnutls-3.7.1.tar.xz 6038388 BLAKE2B
1d55eb441827c7148d63bcad37bf7bc62d539ee9bc7e14c2fe5ec1d0bdcadd75e2cbc98ba104523b24c8dfd9526b4595475a818d206971cc012fac509cd33a6f
SHA512
0fe801f03676c3bd970387f94578c8be7ba6030904989e7d21dffdc726209bab44c8096fbcb6d51fed2de239537bd00df2338ee9c8d984a1c386826b91062a95
diff --git a/net-libs/gnutls/files/gnutls-3.6.15-skip-dtls-seccomp-tests.patch
b/net-libs/gnutls/files/gnutls-3.6.15-skip-dtls-seccomp-tests.patch
deleted file mode 100644
index dad6cec8d3d..000
--- a/net-libs/gnutls/files/gnutls-3.6.15-skip-dtls-seccomp-tests.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-https://bugs.gentoo.org/649396
-https://bugs.gentoo.org/711104
-
a/tests/dtls-client-with-seccomp.c
-+++ b/tests/dtls-client-with-seccomp.c
-@@ -27,7 +27,7 @@
- #include
- #include
-
--#if defined(_WIN32) || !defined(HAVE_LIBSECCOMP)
-+#if 1
-
- int main()
- {
a/tests/dtls-with-seccomp.c
-+++ b/tests/dtls-with-seccomp.c
-@@ -27,7 +27,7 @@
- #include
- #include
-
--#if defined(_WIN32) || !defined(HAVE_LIBSECCOMP)
-+#if 1
-
- int main()
- {
-
diff --git a/net-libs/gnutls/gnutls-3.6.15.ebuild
b/net-libs/gnutls/gnutls-3.6.15.ebuild
deleted file mode 100644
index b5557dc3ffc..000
--- a/net-libs/gnutls/gnutls-3.6.15.ebuild
+++ /dev/null
@@ -1,139 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit libtool multilib-minimal
-
-DESCRIPTION="A secure communications library implementing the SSL, TLS and
DTLS protocols"
-HOMEPAGE="https://www.gnutls.org/";
-SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz"
-
-LICENSE="GPL-3 LGPL-2.1+"
-SLOT="0/30" # libgnutls.so number
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390
sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos
~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="+cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2
sslv3 static-libs test test-full +tls-heartbeat tools valgrind"
-
-REQUIRED_USE="
- test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp
tls-heartbeat tools )"
-RESTRICT="!test? ( test )"
-
-# NOTICE: sys-devel/autogen is required at runtime as we
-# use system libopts
-RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}]
- dev-libs/libunistring:=[${MULTILIB_USEDEP}]
- >=dev-libs/nettle-3.4.1:=[gmp,${MULTILIB_USEDEP}]
- >=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}]
- tools? ( sys-devel/autogen:= )
- dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] )
- guile? ( >=dev-scheme/guile-2:=[networking] )
- nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] )
- pkcs11? ( >=app-crypt/p11-kit-0.23.1:=[${MULTILIB_USEDEP}] )
- idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
- test? (
- seccomp? ( sys-libs/libseccomp )
- )"
-BDEPEND=">=virtual/pkgconfig-0-r1
- doc? ( dev-util/gtk-doc )
- nls? ( sys-devel/gettext )
- tools? ( sys-devel/autogen )
- valgrind? ( dev-util/valgrind )
- test-full? (
- app-crypt/dieharder
- >=app-misc/datefudge-1.22
- dev-libs/softhsm:2[-bindist]
- net-dialup/ppp
- net-misc/socat
- )"
-
-DOCS=(
- README.md
- doc/certtool.cfg
-)
-
-HTML_DOCS=()
-
-PATCHES=( "${FILESDIR}"/${PN}-3.6.15-skip-dtls-seccomp-tests.patch )
-
-pkg_setup() {
- # bug#520818
- export TZ=UTC
-
- use doc && HTML_DOCS+=(
- doc/gnutls.html
- )
-}
-
-src_prepare() {
- default
-
- # force regeneration of autogen-ed files
- local file
- for file in $(grep -l AutoGen-ed src/*.c) ; do
- rm src/$(basename ${file} .c).{c,h} || die
- done
-
- # don't try to
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 42cb2c95be07553ccb6c28c1634e8b64602c3fe1
Author: Thomas Deutschmann gentoo org>
AuthorDate: Sun Mar 28 06:07:24 2021 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Sun Mar 28 06:08:22 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42cb2c95
net-libs/gnutls: drop vulnerable version
Bug: https://bugs.gentoo.org/775338
Package-Manager: Portage-3.0.17, Repoman-3.0.2
Signed-off-by: Thomas Deutschmann gentoo.org>
net-libs/gnutls/Manifest | 1 -
...nutls-3.7.0-ignore-duplicate-certificates.patch | 403 -
net-libs/gnutls/gnutls-3.7.0-r1.ebuild | 139 ---
3 files changed, 543 deletions(-)
diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index 5c0d91491fa..1ab16ed845f 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -1,3 +1,2 @@
DIST gnutls-3.6.15.tar.xz 6081656 BLAKE2B
6c52419037e41e817087a2577a6b73969cf065453ecf88e2f87152f544a177e4ad0ef825ae9dab243312e0223a953ab28e532bd2dbf96cb9498618415bc7f654
SHA512
f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c
-DIST gnutls-3.7.0.tar.xz 6129176 BLAKE2B
3b03e7017ac1d715c740f8f09b0690dd1c983dcfd5faef0740cf66ac785c1a84e959f85808aa10a6eebd745d96ca0293681049911ea663aeff85fedfa2567aad
SHA512
5cf1025f2d0a0cbf5a83dd7f3b22dafd1769f7c3349096c0272d08573bb5ff87f510e0e69b4bbb47dad1b64476aa5479804b2f4ceb2216cd747bbc53bf42d885
DIST gnutls-3.7.1.tar.xz 6038388 BLAKE2B
1d55eb441827c7148d63bcad37bf7bc62d539ee9bc7e14c2fe5ec1d0bdcadd75e2cbc98ba104523b24c8dfd9526b4595475a818d206971cc012fac509cd33a6f
SHA512
0fe801f03676c3bd970387f94578c8be7ba6030904989e7d21dffdc726209bab44c8096fbcb6d51fed2de239537bd00df2338ee9c8d984a1c386826b91062a95
diff --git
a/net-libs/gnutls/files/gnutls-3.7.0-ignore-duplicate-certificates.patch
b/net-libs/gnutls/files/gnutls-3.7.0-ignore-duplicate-certificates.patch
deleted file mode 100644
index b0143818b46..000
--- a/net-libs/gnutls/files/gnutls-3.7.0-ignore-duplicate-certificates.patch
+++ /dev/null
@@ -1,403 +0,0 @@
-From 09b40be6e0e0a59ba4bd764067eb353241043a70 Mon Sep 17 00:00:00 2001
-From: Daiki Ueno
-Date: Mon, 28 Dec 2020 12:14:13 +0100
-Subject: [PATCH] gnutls_x509_trust_list_verify_crt2: ignore duplicate
- certificates
-
-The commit ebb19db9165fed30d73c83bab1b1b8740c132dfd caused a
-regression, where duplicate certificates in a certificate chain are no
-longer ignored but treated as a non-contiguous segment and that
-results in calling the issuer callback, or a verification failure.
-
-This adds a mechanism to record certificates already seen in the
-chain, and skip them while still allow the caller to inject missing
-certificates.
-
-Signed-off-by: Daiki Ueno
-Co-authored-by: Andreas Metzler
- lib/x509/common.c | 8 ++
- lib/x509/verify-high.c | 157 +++--
- tests/missingissuer.c | 2 +
- tests/test-chains-issuer.h | 101 +++-
- 4 files changed, 245 insertions(+), 23 deletions(-)
-
-diff --git a/lib/x509/common.c b/lib/x509/common.c
-index 3301aaad0c..10c8db53c0 100644
a/lib/x509/common.c
-+++ b/lib/x509/common.c
-@@ -1758,6 +1758,14 @@ unsigned int _gnutls_sort_clist(gnutls_x509_crt_t
*clist,
-* increasing DEFAULT_MAX_VERIFY_DEPTH.
-*/
- for (i = 0; i < clist_size; i++) {
-+ /* Self-signed certificate found in the chain; skip it
-+ * as it should only appear in the trusted set.
-+ */
-+ if (gnutls_x509_crt_check_issuer(clist[i], clist[i])) {
-+ _gnutls_cert_log("self-signed cert found", clist[i]);
-+ continue;
-+ }
-+
- for (j = 1; j < clist_size; j++) {
- if (i == j)
- continue;
-diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
-index 588e7ee0dc..9a16e6b42a 100644
a/lib/x509/verify-high.c
-+++ b/lib/x509/verify-high.c
-@@ -67,6 +67,80 @@ struct gnutls_x509_trust_list_iter {
-
- #define DEFAULT_SIZE 127
-
-+struct cert_set_node_st {
-+ gnutls_x509_crt_t *certs;
-+ unsigned int size;
-+};
-+
-+struct cert_set_st {
-+ struct cert_set_node_st *node;
-+ unsigned int size;
-+};
-+
-+static int
-+cert_set_init(struct cert_set_st *set, unsigned int size)
-+{
-+ memset(set, 0, sizeof(*set));
-+
-+ set->size = size;
-+ set->node = gnutls_calloc(size, sizeof(*set->node));
-+ if (!set->node) {
-+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
-+ }
-+
-+ return 0;
-+}
-+
-+static void
-+cert_set_deinit(struct cert_set_st *set)
-+{
-+ size_t i;
-+
-+ for (i = 0; i < set->size; i++) {
-+ gnutls_free(set->node[i].certs);
-+ }
-+
-+ gnutls_free(set->node);
-+}
-+
-+static bool
-+cert_set_contains(struct cert_set_st *set
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 807088725f04adee3a1e0ed9a8b41d8d647262b3
Author: Thomas Deutschmann gentoo org>
AuthorDate: Fri Sep 4 15:28:14 2020 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Fri Sep 4 16:13:47 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=80708872
net-libs/gnutls: bump to v3.6.15
Bug: https://bugs.gentoo.org/649396
Bug: https://bugs.gentoo.org/711104
Bug: https://bugs.gentoo.org/740390
Package-Manager: Portage-3.0.4, Repoman-3.0.1
Signed-off-by: Thomas Deutschmann gentoo.org>
net-libs/gnutls/Manifest | 1 +
.../gnutls-3.6.15-skip-dtls-seccomp-tests.patch| 26
net-libs/gnutls/gnutls-3.6.15.ebuild | 134 +
3 files changed, 161 insertions(+)
diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index a6db64d03c0..580a7c962dd 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -1 +1,2 @@
DIST gnutls-3.6.14.tar.xz 6069088 BLAKE2B
a1cd88a7c977f3a94a49e4187878560a8d9589a6fd32d8ad41b84c33534597fb85a88cf6b260a4a5e8b1a100790a7ba701acac2368f1ad42dcaba7e5c90b6758
SHA512
b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604
+DIST gnutls-3.6.15.tar.xz 6081656 BLAKE2B
6c52419037e41e817087a2577a6b73969cf065453ecf88e2f87152f544a177e4ad0ef825ae9dab243312e0223a953ab28e532bd2dbf96cb9498618415bc7f654
SHA512
f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c
diff --git a/net-libs/gnutls/files/gnutls-3.6.15-skip-dtls-seccomp-tests.patch
b/net-libs/gnutls/files/gnutls-3.6.15-skip-dtls-seccomp-tests.patch
new file mode 100644
index 000..dad6cec8d3d
--- /dev/null
+++ b/net-libs/gnutls/files/gnutls-3.6.15-skip-dtls-seccomp-tests.patch
@@ -0,0 +1,26 @@
+https://bugs.gentoo.org/649396
+https://bugs.gentoo.org/711104
+
+--- a/tests/dtls-client-with-seccomp.c
b/tests/dtls-client-with-seccomp.c
+@@ -27,7 +27,7 @@
+ #include
+ #include
+
+-#if defined(_WIN32) || !defined(HAVE_LIBSECCOMP)
++#if 1
+
+ int main()
+ {
+--- a/tests/dtls-with-seccomp.c
b/tests/dtls-with-seccomp.c
+@@ -27,7 +27,7 @@
+ #include
+ #include
+
+-#if defined(_WIN32) || !defined(HAVE_LIBSECCOMP)
++#if 1
+
+ int main()
+ {
+
diff --git a/net-libs/gnutls/gnutls-3.6.15.ebuild
b/net-libs/gnutls/gnutls-3.6.15.ebuild
new file mode 100644
index 000..2aaf56d8ded
--- /dev/null
+++ b/net-libs/gnutls/gnutls-3.6.15.ebuild
@@ -0,0 +1,134 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit libtool multilib-minimal
+
+DESCRIPTION="A TLS 1.2 and SSL 3.0 implementation for the GNU project"
+HOMEPAGE="http://www.gnutls.org/";
+SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz"
+
+LICENSE="GPL-3 LGPL-2.1+"
+SLOT="0/30" # libgnutls.so number
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv
~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos
~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="+cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2
sslv3 static-libs test test-full +tls-heartbeat tools valgrind"
+
+REQUIRED_USE="
+ test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp
tls-heartbeat tools )"
+RESTRICT="!test? ( test )"
+
+# NOTICE: sys-devel/autogen is required at runtime as we
+# use system libopts
+RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}]
+ dev-libs/libunistring:=[${MULTILIB_USEDEP}]
+ >=dev-libs/nettle-3.4.1:=[gmp,${MULTILIB_USEDEP}]
+ >=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}]
+ tools? ( sys-devel/autogen:= )
+ dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] )
+ guile? ( >=dev-scheme/guile-2:=[networking] )
+ nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] )
+ pkcs11? ( >=app-crypt/p11-kit-0.23.1:=[${MULTILIB_USEDEP}] )
+ idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+ test? (
+ seccomp? ( sys-libs/libseccomp )
+ )"
+BDEPEND=">=virtual/pkgconfig-0-r1
+ doc? ( dev-util/gtk-doc )
+ nls? ( sys-devel/gettext )
+ tools? ( sys-devel/autogen )
+ valgrind? ( dev-util/valgrind )
+ test-full? (
+ app-crypt/dieharder
+ >=app-misc/datefudge-1.22
+ dev-libs/softhsm:2[-bindist]
+ net-dialup/ppp
+ net-misc/socat
+ )"
+
+DOCS=(
+ README.md
+ doc/certtool.cfg
+)
+
+HTML_DOCS=()
+
+PATCHES=( "${FILESDIR}"/${PN}-3.6.15-skip-dtls-seccomp-tests.patch )
+
+pkg_setup() {
+ # bug#520818
+ export TZ=UTC
+
+ use doc && HTML_DOCS+=(
+ doc/gnutls.html
+ )
+}
+
+src_prepare() {
+ default
+
+ # force regeneration of autogen-ed files
+
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 4254290cbaff26d7530a273eb9d307317f7f5f45
Author: Thomas Deutschmann gentoo org>
AuthorDate: Tue Jun 9 14:58:22 2020 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Tue Jun 9 14:58:22 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4254290c
net-libs/gnutls: security cleanup
Bug: https://bugs.gentoo.org/727108
Package-Manager: Portage-2.3.100, Repoman-2.3.22
Signed-off-by: Thomas Deutschmann gentoo.org>
net-libs/gnutls/Manifest | 1 -
...s-3.6.13-handle-expired-root-certificates.patch | 391 -
net-libs/gnutls/gnutls-3.6.13-r1.ebuild| 134 ---
3 files changed, 526 deletions(-)
diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index b64da79d7df..a6db64d03c0 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -1,2 +1 @@
-DIST gnutls-3.6.13.tar.xz 5958956 BLAKE2B
de67f96198b6456f397bf203f13bf1f906b69c7ce632dd96b72539fea12f2bd8ee8b2c608d1ed8b06d3b189023fa81e9a2cfcdd6c9bbd174e5bd2b0673f6ca47
SHA512
23581952cb72c9a34f378c002bb62413d5a1243b74b48ad8dc49eaea4020d33c550f8dc1dd374cf7fbfa4187b0ca1c5698c8a0430398268a8b8a863f8633305c
DIST gnutls-3.6.14.tar.xz 6069088 BLAKE2B
a1cd88a7c977f3a94a49e4187878560a8d9589a6fd32d8ad41b84c33534597fb85a88cf6b260a4a5e8b1a100790a7ba701acac2368f1ad42dcaba7e5c90b6758
SHA512
b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604
diff --git
a/net-libs/gnutls/files/gnutls-3.6.13-handle-expired-root-certificates.patch
b/net-libs/gnutls/files/gnutls-3.6.13-handle-expired-root-certificates.patch
deleted file mode 100644
index 91986cf449c..000
--- a/net-libs/gnutls/files/gnutls-3.6.13-handle-expired-root-certificates.patch
+++ /dev/null
@@ -1,391 +0,0 @@
-From 299bd4f113d0bd39fa1577a671a04ed7899eff3c Mon Sep 17 00:00:00 2001
-From: Daiki Ueno
-Date: Sun, 31 May 2020 12:39:14 +0200
-Subject: [PATCH 1/3] _gnutls_pkcs11_verify_crt_status: check validity against
- system cert
-
-To verify a certificate chain, this function replaces known
-certificates with the ones in the system trust store if possible.
-
-However, if it is found, the function checks the validity of the
-original certificate rather than the certificate found in the trust
-store. That reveals a problem in a scenario that (1) a certificate is
-signed by multiple issuers and (2) one of the issuers' certificate has
-expired and included in the input chain.
-
-This patch makes it a little robuster by actually retrieving the
-certificate from the trust store and perform check against it.
-
-Signed-off-by: Daiki Ueno
- lib/pkcs11.c | 98 +--
- lib/pkcs11_int.h | 5 +++
- lib/x509/verify.c | 7 +++-
- 3 files changed, 80 insertions(+), 30 deletions(-)
-
-diff --git a/lib/pkcs11.c b/lib/pkcs11.c
-index fad16aaf4f..d8d4a65114 100644
a/lib/pkcs11.c
-+++ b/lib/pkcs11.c
-@@ -4547,34 +4547,10 @@ int gnutls_pkcs11_get_raw_issuer_by_subject_key_id
(const char *url,
- return ret;
- }
-
--/**
-- * gnutls_pkcs11_crt_is_known:
-- * @url: A PKCS 11 url identifying a token
-- * @cert: is the certificate to find issuer for
-- * @issuer: Will hold the issuer if any in an allocated buffer.
-- * @fmt: The format of the exported issuer.
-- * @flags: Use zero or flags from %GNUTLS_PKCS11_OBJ_FLAG.
-- *
-- * This function will check whether the provided certificate is stored
-- * in the specified token. This is useful in combination with
-- * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED or
-- * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED,
-- * to check whether a CA is present or a certificate is blacklisted in
-- * a trust PKCS #11 module.
-- *
-- * This function can be used with a @url of "pkcs11:", and in that case all
modules
-- * will be searched. To restrict the modules to the marked as trusted in
p11-kit
-- * use the %GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE flag.
-- *
-- * Note that the flag %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is
-- * specific to p11-kit trust modules.
-- *
-- * Returns: If the certificate exists non-zero is returned, otherwise zero.
-- *
-- * Since: 3.3.0
-- **/
--unsigned gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
-- unsigned int flags)
-+unsigned
-+_gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
-+ unsigned int flags,
-+ gnutls_x509_crt_t *trusted_cert)
- {
- int ret;
- struct find_cert_st priv;
-@@ -4586,6 +4562,15 @@ unsigned gnutls_pkcs11_crt_is_known(const char *url,
gnutls_x509_crt_t cert,
-
- memset(&priv, 0, sizeof(priv));
-
-+ if (trusted_cert) {
-+ ret = gnutls_pkcs11_obj_init(&priv.obj);
-+ if (ret < 0) {
-+ gnutls_assert();
-+ goto cleanup;
-+ }
-+
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: bd171538ea6c76c689150c983ad4069b4b5a2549
Author: Alon Bar-Lev gentoo org>
AuthorDate: Sun Jan 6 19:24:53 2019 +
Commit: Alon Bar-Lev gentoo org>
CommitDate: Sun Jan 6 19:26:26 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bd171538
net-libs/gnutls: build with libidn2-2.1.0
Closes: https://bugs.gentoo.org/show_bug.cgi?id=674690
Signed-off-by: Alon Bar-Lev gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
net-libs/gnutls/files/gnutls-3.5.19-idn2.patch | 47 ++
net-libs/gnutls/gnutls-3.5.19-r1.ebuild| 6 +++-
net-libs/gnutls/gnutls-3.5.19.ebuild | 6 +++-
3 files changed, 57 insertions(+), 2 deletions(-)
diff --git a/net-libs/gnutls/files/gnutls-3.5.19-idn2.patch
b/net-libs/gnutls/files/gnutls-3.5.19-idn2.patch
new file mode 100644
index 000..1f16302c81b
--- /dev/null
+++ b/net-libs/gnutls/files/gnutls-3.5.19-idn2.patch
@@ -0,0 +1,47 @@
+From b0dfccd2149086cf5d2db44c329664a56b126216 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev
+Date: Sun, 6 Jan 2019 20:02:50 +0200
+Subject: [PATCH] idn2: do not use deprecated idn2_to_unicode_8z8z in
+ idn2-2.1.0
+
+Signed-off-by: Alon Bar-Lev
+---
+ lib/str-idna.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+https://gitlab.com/gnutls/gnutls/merge_requests/864
+
+diff --git a/lib/str-idna.c b/lib/str-idna.c
+index 3bf2db877..95ca9b769 100644
+--- a/lib/str-idna.c
b/lib/str-idna.c
+@@ -145,7 +145,7 @@ int gnutls_idna_map(const char *input, unsigned ilen,
gnutls_datum_t *out, unsig
+ return ret;
+ }
+
+-#ifdef HAVE_LIBIDN2
++#if defined(HAVE_LIBIDN2) && IDN2_VERSION_NUMBER < 0x0200
+ int _idn2_punycode_decode(
+ size_t input_length,
+ const char input[],
+@@ -153,7 +153,7 @@ int _idn2_punycode_decode(
+ uint32_t output[],
+ unsigned char case_flags[]);
+
+-static int _idn2_to_unicode_8z8z(const char *src, char **dst)
++static int idn2_to_unicode_8z8z(const char *src, char **dst, int flags)
+ {
+ int rc, run;
+ size_t out_len = 0;
+@@ -253,7 +253,7 @@ int gnutls_idna_reverse_map(const char *input, unsigned
ilen, gnutls_datum_t *ou
+
+ #ifdef HAVE_LIBIDN2
+ /* currently libidn2 just converts single labels, thus a wrapper
function */
+- rc = _idn2_to_unicode_8z8z((char*)istr.data, &u8);
++ rc = idn2_to_unicode_8z8z((char*)istr.data, &u8, 0);
+ if (rc != IDN2_OK) {
+ gnutls_assert();
+ _gnutls_debug_log("unable to convert ACE name '%s' to UTF-8
format: %s\n", istr.data, idn2_strerror(rc));
+--
+2.19.2
+
diff --git a/net-libs/gnutls/gnutls-3.5.19-r1.ebuild
b/net-libs/gnutls/gnutls-3.5.19-r1.ebuild
index 9fc06eac7ed..379e758cd88 100644
--- a/net-libs/gnutls/gnutls-3.5.19-r1.ebuild
+++ b/net-libs/gnutls/gnutls-3.5.19-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -54,6 +54,10 @@ DOCS=(
HTML_DOCS=()
+PATCHES=(
+ "${FILESDIR}/${P}-idn2.patch"
+)
+
pkg_setup() {
# bug#520818
export TZ=UTC
diff --git a/net-libs/gnutls/gnutls-3.5.19.ebuild
b/net-libs/gnutls/gnutls-3.5.19.ebuild
index 39244f5c2a3..77cc3480387 100644
--- a/net-libs/gnutls/gnutls-3.5.19.ebuild
+++ b/net-libs/gnutls/gnutls-3.5.19.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -54,6 +54,10 @@ DOCS=(
HTML_DOCS=()
+PATCHES=(
+ "${FILESDIR}/${P}-idn2.patch"
+)
+
pkg_setup() {
# bug#520818
export TZ=UTC
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 0d72ce7cbd61355efa88da7369d37b1849ec2f4a Author: Alon Bar-Lev gentoo org> AuthorDate: Sat Sep 9 19:31:23 2017 + Commit: Alon Bar-Lev gentoo org> CommitDate: Sat Sep 9 19:34:22 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0d72ce7c net-libs/gnutls: cleanup 3.3 series Gentoo-Bug: 612340 Package-Manager: Portage-2.3.6, Repoman-2.3.1 net-libs/gnutls/Manifest | 3 - ...ow-installing-man-1-even-with-disable-doc.patch | 94 --- net-libs/gnutls/gnutls-3.3.26.ebuild | 181 - net-libs/gnutls/gnutls-3.3.27.ebuild | 181 - net-libs/gnutls/gnutls-3.3.28.ebuild | 181 - net-libs/gnutls/metadata.xml | 5 +- 6 files changed, 1 insertion(+), 644 deletions(-) diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest index 9fc72d07f4d..c0a68df90fb 100644 --- a/net-libs/gnutls/Manifest +++ b/net-libs/gnutls/Manifest @@ -1,6 +1,3 @@ -DIST gnutls-3.3.26.tar.xz 6361068 SHA256 6a7d882b6b581d684883fde195abf930dab37dfbe6aaea88ab164252bec720d9 SHA512 41259f760f5ed9b87d4203de567efb1a2087e01a025f2ea0f14167f146ecd640fbddeab390fbae6acc262507229894774db883d0892d448068ee73abb110738f WHIRLPOOL afca5aabebf36064847933662736c7713b837375db2c91c416d43a980407d912edf8fb64f53615c0bed770f46a9d2e0a3eb309f6a66281f5377e50a02863c8e7 -DIST gnutls-3.3.27.tar.xz 6364824 SHA256 8dfda16c158ef5c134010d51d1a91d02aa5d43b8cb711b1572650a7ffb56b17f SHA512 2cc5706b502a500375f706d1a7321af4c4d3052f35cf24cbb288f9568ce891999d0f401119d04f594e9bc79e2e68d3c00864860403ad2a6d8224bbdf WHIRLPOOL 508ac8939e471155bd5d49510111fca4eb5b5362f0bae8ec16f98eb16aeaa44ff06448fd7793398e56f9713b344b0b27a32e66c24cbdc062d33bc74dd6b83f57 -DIST gnutls-3.3.28.tar.xz 6369560 SHA256 608f63441abc209c5bd5f61e35f2b6128c22e06fa2ad6248a08d8a643feeb807 SHA512 c88c8dca22446f1eda0bd06b57402a9d67c866b87836963cba66ff3209c0781c3106f8d4355c50ed15bd11b3208c029652cd7f00450de68f01651aad7c8e562f WHIRLPOOL cb6c6a796a0c75f0b70bce617ddcde2c34c21626d6ac351cb9c6df585e84a63d4dbe15d0b70a5ad901be4ff914f83f8a7fbb477624ca3e16e25b81c8afbc3f4e DIST gnutls-3.5.12.tar.xz 7212652 SHA256 63cb39a5eaa029381df2e49a74cfb7be89fc4a592445191818ffe1e66bde57cb SHA512 8fec23e7e494a2e15e0f938115cae1ba3fee952d634db387f983b01096f68ca4313b23bc4c439d3c7fdd07c861eac4913a7c2343c8704961588ae195886ec90c WHIRLPOOL f7309aa89e75ed75371893ba4e4ac89f9f8bc7a61ef10ae4c4986aec290ae2dc5108cd3cc6463af6700ddab3754c6fcbd10ac95d3c40c4549cfdf6b3289f8a72 DIST gnutls-3.5.13.tar.xz 7226468 SHA256 79f5480ad198dad5bc78e075f4a40c4a315a1b2072666919d2d05a08aec13096 SHA512 e98f23a589042f879936c3f8b474535e695fb7dd68a9e81323668c013241f765c2d3af6c6a072ecf867acc1e551ec46e15bb842144d3a06bdd5d2f4fc3d828a7 WHIRLPOOL 89439e7adba634698642a247c418569c0ea6ca6155bfb5dce17c8ed69d2506a37d9ad793122aaaec92adffefa75cb23a857c49ef722c5cf506700fe0c34b6028 DIST gnutls-3.5.14.tar.xz 7228200 SHA256 4aa12dec92f42a0434df794aca3d02f6f2a35b47b48c01252de65f355c051bda SHA512 c55384bdf835c0f7715bfb10b7fa0ac30d26d53ffa5f32af78844cf27985407eed034af77413fb2e94e3a0c0a5fb0597d66f5dbbbe72e5e0658bfeeafa6f7829 WHIRLPOOL c6ae68898983184d00dde78a38a3398b677541ae6316a25544668f183423da1f6c3c7f3709f896f6c135e6907d832d6980f102d77b40758f9cf81c25f68cb086 diff --git a/net-libs/gnutls/files/gnutls-3.3.19-build-allow-installing-man-1-even-with-disable-doc.patch b/net-libs/gnutls/files/gnutls-3.3.19-build-allow-installing-man-1-even-with-disable-doc.patch deleted file mode 100644 index dda8bfced64..000 --- a/net-libs/gnutls/files/gnutls-3.3.19-build-allow-installing-man-1-even-with-disable-doc.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 0f230c6375fd3680837d98f20ee3862e9041af3d Mon Sep 17 00:00:00 2001 -From: Alon Bar-Lev -Date: Fri, 18 Dec 2015 12:14:08 +0200 -Subject: [PATCH] build: allow installing man(1) even with --disable-doc - -Currently these man pages are installed only if --enable-doc -is provided, while these are not actually docs, do not require any -special dependency, nor consume large space. - -This adds --enable-manpages to enable/disable manpages installation, and -install the man(1) regardless of --disable-doc. - -Signed-off-by: Alon Bar-Lev -Signed-off-by: Nikos Mavrogiannopoulos - - Makefile.am | 3 +++ - configure.ac | 10 ++ - doc/Makefile.am | 2 +- - doc/manpages/Makefile.am | 2 ++ - 5 files changed, 17 insertions(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index d446711..6e19f26 100644 a/Makefile.am -+++ b/Makefile.am -@@ -28,6 +28,9 @@ SUBDIRS += libdane - endif - - SUBDIRS += po src -+if ENABLE_MANPAGES -+SUBDIRS += doc/manpages -+endif - if ENABLE_DOC - SUBDIRS += doc - endif -diff --git a/configure.ac b/configure.ac -index c7a83b8..d161c05 100644 a/configure.ac -+++ b/configure.ac -@@ -152,6 +152,15 @@ AC_ARG_ENABLE(doc, - enable_
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 3782a23cc43e7c22e50ce524761f2385ddb25543 Author: Alon Bar-Lev gentoo org> AuthorDate: Fri May 19 15:50:15 2017 + Commit: Alon Bar-Lev gentoo org> CommitDate: Fri May 19 15:50:15 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3782a23c net-libs/gnutls: cleanup Package-Manager: Portage-2.3.5, Repoman-2.3.1 net-libs/gnutls/Manifest| 1 - net-libs/gnutls/files/gnutls-3.5.11-tests.patch | 166 net-libs/gnutls/gnutls-3.5.11.ebuild| 138 3 files changed, 305 deletions(-) diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest index 3fd74bfe2f3..10fcfed1f5f 100644 --- a/net-libs/gnutls/Manifest +++ b/net-libs/gnutls/Manifest @@ -1,4 +1,3 @@ DIST gnutls-3.3.26.tar.xz 6361068 SHA256 6a7d882b6b581d684883fde195abf930dab37dfbe6aaea88ab164252bec720d9 SHA512 41259f760f5ed9b87d4203de567efb1a2087e01a025f2ea0f14167f146ecd640fbddeab390fbae6acc262507229894774db883d0892d448068ee73abb110738f WHIRLPOOL afca5aabebf36064847933662736c7713b837375db2c91c416d43a980407d912edf8fb64f53615c0bed770f46a9d2e0a3eb309f6a66281f5377e50a02863c8e7 DIST gnutls-3.3.27.tar.xz 6364824 SHA256 8dfda16c158ef5c134010d51d1a91d02aa5d43b8cb711b1572650a7ffb56b17f SHA512 2cc5706b502a500375f706d1a7321af4c4d3052f35cf24cbb288f9568ce891999d0f401119d04f594e9bc79e2e68d3c00864860403ad2a6d8224bbdf WHIRLPOOL 508ac8939e471155bd5d49510111fca4eb5b5362f0bae8ec16f98eb16aeaa44ff06448fd7793398e56f9713b344b0b27a32e66c24cbdc062d33bc74dd6b83f57 -DIST gnutls-3.5.11.tar.xz 7208068 SHA256 51765cc5579e250da77fbd7871507c517d01b15353cc40af7b67e9ec7b6fe28f SHA512 ce7e68bae417c114dcd8d2d8f84a69c233e41aa0591cb35f3872db29164031b53e1688553eb1c829602512954066aef6b0894ce50deb556723b93fd8e5817ac5 WHIRLPOOL 0c237b924148aef3fdee82567962c379293054f2b73e7740fc73aef9dc70f19007992a3d69bd2b3b0939c5ef4b34350fe69c99e94f46f3784d326eb6ddce9c01 DIST gnutls-3.5.12.tar.xz 7212652 SHA256 63cb39a5eaa029381df2e49a74cfb7be89fc4a592445191818ffe1e66bde57cb SHA512 8fec23e7e494a2e15e0f938115cae1ba3fee952d634db387f983b01096f68ca4313b23bc4c439d3c7fdd07c861eac4913a7c2343c8704961588ae195886ec90c WHIRLPOOL f7309aa89e75ed75371893ba4e4ac89f9f8bc7a61ef10ae4c4986aec290ae2dc5108cd3cc6463af6700ddab3754c6fcbd10ac95d3c40c4549cfdf6b3289f8a72 diff --git a/net-libs/gnutls/files/gnutls-3.5.11-tests.patch b/net-libs/gnutls/files/gnutls-3.5.11-tests.patch deleted file mode 100644 index e81ecedbc34..000 --- a/net-libs/gnutls/files/gnutls-3.5.11-tests.patch +++ /dev/null @@ -1,166 +0,0 @@ -From e03782b6ce2f5b909ebb65ff1682126302200c80 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Tue, 7 Mar 2017 22:39:20 +0100 -Subject: [PATCH] tests: do not run tests which require openpgp when it is - disabled - -Signed-off-by: Nikos Mavrogiannopoulos - tests/openpgp-callback.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/openpgp-callback.c b/tests/openpgp-callback.c -index c3f2c4c..3df10ac 100644 a/tests/openpgp-callback.c -+++ b/tests/openpgp-callback.c -@@ -27,7 +27,7 @@ - #include - #include - --#if defined(_WIN32) -+#if defined(_WIN32) || !defined(ENABLED_OPENPGP) - - /* socketpair isn't supported on Win32. */ - int main(int argc, char **argv) --- -2.10.2 - -From 72e9bc6f807924ae563f247272ebd8437f7fd5db Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Wed, 8 Mar 2017 16:00:02 +0100 -Subject: [PATCH] tests: dtls-stress: use X.509 certificates instead of openpgp - -This will allow the test tool to operate even after openpgp certificates -are deprecated. - -Signed-off-by: Nikos Mavrogiannopoulos - tests/dtls/Makefile.am | 1 + - tests/dtls/dtls-stress.c | 67 ++-- - 2 files changed, 9 insertions(+), 59 deletions(-) - -diff --git a/tests/dtls/Makefile.am b/tests/dtls/Makefile.am -index 8f56408..6c8f411 100644 a/tests/dtls/Makefile.am -+++ b/tests/dtls/Makefile.am -@@ -30,6 +30,7 @@ AM_CPPFLAGS = \ - -I$(top_srcdir)/extra/includes \ - -I$(top_builddir)/extra/includes\ - -I$(top_srcdir)/lib \ -+ -I$(top_srcdir)/tests \ - -I$(top_srcdir)/doc/examples - - AM_LDFLAGS = -no-install -diff --git a/tests/dtls/dtls-stress.c b/tests/dtls/dtls-stress.c -index c9493af..01e5eca 100644 a/tests/dtls/dtls-stress.c -+++ b/tests/dtls/dtls-stress.c -@@ -101,6 +101,7 @@ - #include - #include - #include -+#include - #include - - #if _POSIX_TIMERS && (_POSIX_TIMERS - 200112L) >= 0 -@@ -232,56 +233,7 @@ static const char *filter_names_full[12] - "SFinished" - }; - --static const unsigned char PUBKEY[] = --"-BEGIN PGP PUBLIC KEY BLOCK-\n" --"\n" --"mI0ETz0XRAEEAKXSU/tg2yGvoKf/r1pdzj7dnfPHeS+BRiT34763uUhibAbTgMkp\n" --"v44OlBPiAaZ54uuXVkz8e4pgvrBgQwIRtNp3xPaWF1CfC4F+V4LdZV8l8IG+AfES\n" --"K0GbfUS4q8vjnPJ0TyxnXE2KtbcRdzZzWBshJ8KChKwb
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 7151cfbeaec4f1c8cfae0491ffece7be694269af
Author: Alon Bar-Lev gentoo org>
AuthorDate: Fri Aug 12 16:42:12 2016 +
Commit: Alon Bar-Lev gentoo org>
CommitDate: Fri Aug 12 16:42:32 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7151cfbe
net-libs/gnutls: fix parallel build
Bug: 590918
Thanks: Oleg
Package-Manager: portage-2.2.28
net-libs/gnutls/files/gnutls-3.4.14-build.patch | 25 +
net-libs/gnutls/gnutls-3.4.14-r1.ebuild | 133
2 files changed, 158 insertions(+)
diff --git a/net-libs/gnutls/files/gnutls-3.4.14-build.patch
b/net-libs/gnutls/files/gnutls-3.4.14-build.patch
new file mode 100644
index 000..5803bf5
--- /dev/null
+++ b/net-libs/gnutls/files/gnutls-3.4.14-build.patch
@@ -0,0 +1,25 @@
+From 107e1df19715ffd4701bfcd3325c5cc80e5174b0 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos
+Date: Thu, 18 Feb 2016 09:17:17 +0100
+Subject: [PATCH] src: added systemkey-args to BUILT_SOURCES
+
+---
+ src/Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 1901a76..fda8b9e 100644
+--- a/src/Makefile.am
b/src/Makefile.am
+@@ -25,7 +25,7 @@ BUILT_SOURCES = srptool-args.c srptool-args.h \
+ serv-args.c serv-args.h cli-args.c cli-args.h \
+ cli-debug-args.c cli-debug-args.h certtool-args.c certtool-args.h \
+ danetool-args.c danetool-args.h p11tool-args.c p11tool-args.h \
+- tpmtool-args.c tpmtool-args.h
++ tpmtool-args.c tpmtool-args.h systemkey-args.c systemkey-args.h
+
+ if ENABLE_CRYWRAP
+ SUBDIRS += crywrap
+--
+2.7.3
+
diff --git a/net-libs/gnutls/gnutls-3.4.14-r1.ebuild
b/net-libs/gnutls/gnutls-3.4.14-r1.ebuild
new file mode 100644
index 000..5656755
--- /dev/null
+++ b/net-libs/gnutls/gnutls-3.4.14-r1.ebuild
@@ -0,0 +1,133 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools libtool eutils multilib-minimal versionator
+
+DESCRIPTION="A TLS 1.2 and SSL 3.0 implementation for the GNU project"
+HOMEPAGE="http://www.gnutls.org/";
+SRC_URI="mirror://gnupg/gnutls/v$(get_version_component_range 1-2)/${P}.tar.xz"
+
+LICENSE="GPL-3 LGPL-2.1"
+SLOT="0/30" # libgnutls.so number
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-interix ~amd64-linux
~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris
~x86-solaris"
+IUSE_LINGUAS=" en cs de fi fr it ms nl pl sv uk vi zh_CN"
+IUSE="+cxx +crywrap dane doc examples guile nls +openssl pkcs11 static-libs
test +tls-heartbeat +tools zlib ${IUSE_LINGUAS// / linguas_}"
+
+# NOTICE: sys-devel/autogen is required at runtime as we
+# use system libopts
+RDEPEND=">=dev-libs/libtasn1-4.3[${MULTILIB_USEDEP}]
+ >=dev-libs/nettle-3.1:=[gmp,${MULTILIB_USEDEP}]
+ >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}]
+ tools? ( sys-devel/autogen )
+ crywrap? ( net-dns/libidn )
+ dane? ( >=net-dns/unbound-1.4.20[${MULTILIB_USEDEP}] )
+ guile? ( >=dev-scheme/guile-1.8:*[networking] )
+ nls? ( >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] )
+ pkcs11? ( >=app-crypt/p11-kit-0.23.1[${MULTILIB_USEDEP}] )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )
+ abi_x86_32? (
+ !<=app-emulation/emul-linux-x86-baselibs-20140508
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+ )"
+DEPEND="${RDEPEND}
+ >=sys-devel/automake-1.11.6
+ >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]
+ doc? (
+ sys-apps/texinfo
+ dev-util/gtk-doc
+ )
+ nls? ( sys-devel/gettext )
+ test? ( app-misc/datefudge )"
+
+DOCS=( AUTHORS ChangeLog NEWS README THANKS doc/TODO )
+
+PATCHES=(
+
"${FILESDIR}/${PN}-3.4.7-build-allow-installing-man-1-even-with-disable-doc.patch"
+ "${FILESDIR}/${PN}-3.4.14-build.patch"
+)
+
+pkg_setup() {
+ # bug#520818
+ export TZ=UTC
+}
+
+src_prepare() {
+ default
+
+ sed -i \
+ -e 's/imagesdir = $(infodir)/imagesdir = $(htmldir)/' \
+ doc/Makefile.am || die
+
+ # force regeneration of autogen-ed files
+ local file
+ for file in $(grep -l AutoGen-ed src/*.c) ; do
+ rm src/$(basename ${file} .c).{c,h} || die
+ done
+
+ # force regeneration of makeinfo files
+ # have no idea why on some system these files are not
+ # accepted as-is, see bug#520818
+ for file in $(grep -l "produced by makeinfo" doc/*.info) ; do
+ rm "${file}" || die
+ done
+
+ eautoreconf
+
+ # Use sane .so versioning on FreeBSD.
+ elibtoolize
+
+ # bug 497472
+ use cxx || epunt_cxx
+}
+
+multilib_src_configure() {
+ LINGUAS="${LINGUAS//en/en@boldquot en@quot}"
+
+ # TPM needs to be te
[gentoo-commits] repo/gentoo:master commit in: net-libs/gnutls/, net-libs/gnutls/files/
commit: 0aa72a1fa56ba00946438ae38fba467fcc277e36
Author: Alon Bar-Lev gentoo org>
AuthorDate: Sat Dec 19 11:13:01 2015 +
Commit: Alon Bar-Lev gentoo org>
CommitDate: Sat Dec 19 11:26:28 2015 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0aa72a1f
net-libs/gnutls - install man(1)
Bug: 568534
Package-Manager: portage-2.2.24
...ow-installing-man-1-even-with-disable-doc.patch | 94 +++
...ow-installing-man-1-even-with-disable-doc.patch | 96 +++
net-libs/gnutls/gnutls-3.3.19-r1.ebuild| 177 +
net-libs/gnutls/gnutls-3.4.7-r1.ebuild | 135
4 files changed, 502 insertions(+)
diff --git
a/net-libs/gnutls/files/gnutls-3.3.19-build-allow-installing-man-1-even-with-disable-doc.patch
b/net-libs/gnutls/files/gnutls-3.3.19-build-allow-installing-man-1-even-with-disable-doc.patch
new file mode 100644
index 000..dda8bfc
--- /dev/null
+++
b/net-libs/gnutls/files/gnutls-3.3.19-build-allow-installing-man-1-even-with-disable-doc.patch
@@ -0,0 +1,94 @@
+From 0f230c6375fd3680837d98f20ee3862e9041af3d Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev
+Date: Fri, 18 Dec 2015 12:14:08 +0200
+Subject: [PATCH] build: allow installing man(1) even with --disable-doc
+
+Currently these man pages are installed only if --enable-doc
+is provided, while these are not actually docs, do not require any
+special dependency, nor consume large space.
+
+This adds --enable-manpages to enable/disable manpages installation, and
+install the man(1) regardless of --disable-doc.
+
+Signed-off-by: Alon Bar-Lev
+Signed-off-by: Nikos Mavrogiannopoulos
+
+---
+ Makefile.am | 3 +++
+ configure.ac | 10 ++
+ doc/Makefile.am | 2 +-
+ doc/manpages/Makefile.am | 2 ++
+ 5 files changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index d446711..6e19f26 100644
+--- a/Makefile.am
b/Makefile.am
+@@ -28,6 +28,9 @@ SUBDIRS += libdane
+ endif
+
+ SUBDIRS += po src
++if ENABLE_MANPAGES
++SUBDIRS += doc/manpages
++endif
+ if ENABLE_DOC
+ SUBDIRS += doc
+ endif
+diff --git a/configure.ac b/configure.ac
+index c7a83b8..d161c05 100644
+--- a/configure.ac
b/configure.ac
+@@ -152,6 +152,15 @@ AC_ARG_ENABLE(doc,
+ enable_doc=$enableval, enable_doc=yes)
+ AM_CONDITIONAL(ENABLE_DOC, test "$enable_doc" != "no")
+
++AC_ARG_ENABLE(manpages,
++ AS_HELP_STRING([--enable-manpages], [install manpages even if disable-doc
is given]),
++enable_manpages=$enableval,enable_manpages=auto)
++
++if test "${enable_manpages}" = "auto";then
++ enable_manpages="${enable_doc}"
++fi
++AM_CONDITIONAL(ENABLE_MANPAGES, test "$enable_manpages" != "no")
++
+ AC_ARG_ENABLE(tests,
+ AS_HELP_STRING([--disable-tests], [don't compile or run any tests]),
+ enable_tests=$enableval, enable_tests=yes)
+@@ -838,6 +847,7 @@ AC_MSG_NOTICE([summary of build options:
+ Local libtasn1: ${included_libtasn1}
+ Use nettle-mini: ${mini_nettle}
+ nettle-version: ${nettle_version}
++ Documentation:${enable_doc} (manpages: ${enable_manpages})
+ ])
+
+ AC_MSG_NOTICE([External hardware support:
+diff --git a/doc/Makefile.am b/doc/Makefile.am
+index d9b4022..492a74a 100644
+--- a/doc/Makefile.am
b/doc/Makefile.am
+@@ -24,7 +24,7 @@ EXTRA_DIST = TODO certtool.cfg gnutls.pdf gnutls.html
\
+ gnutls-guile.pdf gnutls-guile.html stamp_enums stamp_functions \
+ doc.mk
+
+-SUBDIRS = examples cyclo scripts manpages credentials latex
++SUBDIRS = examples cyclo scripts credentials latex
+ if ENABLE_GTK_DOC
+ SUBDIRS += reference
+ endif
+diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am
+index 6d16787..2840197 100644
+--- a/doc/manpages/Makefile.am
b/doc/manpages/Makefile.am
+@@ -1053,7 +1053,9 @@ APIMANS += gnutls_x509_trust_list_verify_crt.3
+ APIMANS += gnutls_x509_trust_list_verify_crt2.3
+ APIMANS += gnutls_x509_trust_list_verify_named_crt.3
+
++if ENABLE_DOC
+ dist_man_MANS += $(APIMANS)
++endif
+
+ $(APIMANS): stamp_mans
+
+--
+2.4.10
+
diff --git
a/net-libs/gnutls/files/gnutls-3.4.7-build-allow-installing-man-1-even-with-disable-doc.patch
b/net-libs/gnutls/files/gnutls-3.4.7-build-allow-installing-man-1-even-with-disable-doc.patch
new file mode 100644
index 000..cf108f0
--- /dev/null
+++
b/net-libs/gnutls/files/gnutls-3.4.7-build-allow-installing-man-1-even-with-disable-doc.patch
@@ -0,0 +1,96 @@
+From 86f039f8c78f87edd6346265010abc679d9283a9 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev
+Date: Fri, 18 Dec 2015 12:14:08 +0200
+Subject: [PATCH] build: allow installing man(1) even with --disable-doc
+
+Currently these man pages are installed only if --enable-doc
+is provided, while these are not actually docs, do not require any
+special dependency, nor consume large space.
+
+This adds --enable-manpages to enable/disable manpages installation, and
+install the man(1) regardless of --disable-doc.
+
+Signed-o
