diff options
author | salo <salo@pkgsrc.org> | 2005-05-02 20:14:06 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2005-05-02 20:14:06 +0000 |
commit | 6996a5d1f7d72cf20af77fcf570f6057d2468064 (patch) | |
tree | c56248531d8073ba46687d574b9d4ff48e5daa2f /security | |
parent | 1485158809b51de1c177dd423464a47d8ce75d89 (diff) | |
download | pkgsrc-6996a5d1f7d72cf20af77fcf570f6057d2468064.tar.gz |
Pullup ticket 479 - requested by Thomas Klausner
security update for gnutls
Revisions pulled up:
- pkgsrc/security/gnutls/Makefile 1.26, 1.28
- pkgsrc/security/gnutls/PLIST 1.13-1.14
- pkgsrc/security/gnutls/buildlink3.mk 1.8
- pkgsrc/security/gnutls/distinfo 1.15-1.16
- pkgsrc/security/gnutls/patches/patch-aa removed
Module Name: pkgsrc
Committed By: wiz
Date: Fri Apr 8 15:50:41 UTC 2005
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo
Removed Files:
pkgsrc/security/gnutls/patches: patch-aa
Log Message:
Update to 1.2.1:
* Version 1.2.1 (2005-04-04)
- gnutls_bye() will no longer fail when RDWR is used and application
data are available for reading.
- Added more strict checks for the SRP parameters (g,n), when they
are not in the included list.
- Added warning to certtool when MD5 is being used for digital
signatures.
- Optimizations ("-O2 -finline-functions") are not enabled by default,
instead the standard autoconf defaults are used. Use `./configure
CFLAGS="-O2 -finline-functions"' to get the old optimizations.
- Added the option --get-dh-params to certtool, in order to get the
included in the library primes and generators.
- Improved the semantics of GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, to
allow only trusted Version 1 CAs and introduced
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT which has the old semantics.
- Nettle self tests now build properly, reported by Pierre
- Eliminated some memory leaks in DHE and RSA-EXPORT cipher suites.
Reported by Yoann Vandoorselaere
- Added the functions:
gnutls_x509_crt_list_import(),
gnutls_x509_crq_get_attribute_by_oid(),
gnutls_x509_crq_set_attribute_by_oid() and
gnutls_x509_crt_set_extension_by_oid().
- If the library has been compiled with features disabled, a warning is
issued during the compilation of any program.
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon May 2 12:59:24 UTC 2005
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo
Log Message:
Update to 1.2.3:
* Version 1.2.3
- Corrected bug in record packet parsing that could lead
to a denial of service attack.
- Corrected bug in RSA key export. Previously exported keys
can be fixed using certtool. Use certtool -k <infile >outfile
- API and ABI modifications:
gnutls_x509_privkey_fix(): Add.
* Version 1.2.2 (2005-04-25)
- gnutls_error_to_alert() now considers
GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET.
- Fixed error in session resuming that could cause a crash in
a session.
- Fixed pkcs12 friendly name and local key identifier decoding.
- Internal cleanups, removed duplicate typedef/struct definitions,
and made source code include external include file, to check
function prototypes during compile time.
- API and ABI modifications:
No changes since last version. At least not intentional, but due
to the include header changes, there may be inadvertant changes,
please let us know if you find any.
---
Module Name: pkgsrc
Committed By: salo
Date: Mon May 2 19:48:37 UTC 2005
Modified Files:
pkgsrc/security/gnutls: buildlink3.mk
Log Message:
Bump BUILDLINK_RECOMMENDED after latest security update. (hi wiz!)
Diffstat (limited to 'security')
-rw-r--r-- | security/gnutls/Makefile | 5 | ||||
-rw-r--r-- | security/gnutls/PLIST | 12 | ||||
-rw-r--r-- | security/gnutls/buildlink3.mk | 4 | ||||
-rw-r--r-- | security/gnutls/distinfo | 9 | ||||
-rw-r--r-- | security/gnutls/patches/patch-aa | 13 |
5 files changed, 18 insertions, 25 deletions
diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile index 3bd926fe893..414012c0b15 100644 --- a/security/gnutls/Makefile +++ b/security/gnutls/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.25 2005/02/25 15:23:24 wiz Exp $ +# $NetBSD: Makefile,v 1.25.2.1 2005/05/02 20:14:06 salo Exp $ -DISTNAME= gnutls-1.2.0 +DISTNAME= gnutls-1.2.3 CATEGORIES= security devel MASTER_SITES= http://josefsson.org/gnutls/releases/ \ ftp://ftp.gnutls.org/pub/gnutls/ \ @@ -18,6 +18,7 @@ PKG_INSTALLATION_TYPES= overwrite pkgviews USE_BUILDLINK3= YES USE_LIBTOOL= YES GNU_CONFIGURE= YES +TEST_TARGET= check INFO_FILES= gnutls.info diff --git a/security/gnutls/PLIST b/security/gnutls/PLIST index 78d66803584..7adc3f3ae9d 100644 --- a/security/gnutls/PLIST +++ b/security/gnutls/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.12 2005/02/19 00:14:23 wiz Exp $ +@comment $NetBSD: PLIST,v 1.12.2.1 2005/05/02 20:14:06 salo Exp $ bin/certtool bin/gnutls-cli bin/gnutls-cli-debug @@ -23,8 +23,6 @@ man/man1/gnutls-cli-debug.1 man/man1/gnutls-cli.1 man/man1/gnutls-serv.1 man/man1/srptool.1 -man/man3/_gnutls_x509_get_raw_crt_activation_time.3 -man/man3/_gnutls_x509_get_raw_crt_expiration_time.3 man/man3/gnutls_alert_get.3 man/man3/gnutls_alert_get_name.3 man/man3/gnutls_alert_send.3 @@ -286,6 +284,7 @@ man/man3/gnutls_x509_crl_sign2.3 man/man3/gnutls_x509_crl_verify.3 man/man3/gnutls_x509_crq_deinit.3 man/man3/gnutls_x509_crq_export.3 +man/man3/gnutls_x509_crq_get_attribute_by_oid.3 man/man3/gnutls_x509_crq_get_challenge_password.3 man/man3/gnutls_x509_crq_get_dn.3 man/man3/gnutls_x509_crq_get_dn_by_oid.3 @@ -294,6 +293,7 @@ man/man3/gnutls_x509_crq_get_pk_algorithm.3 man/man3/gnutls_x509_crq_get_version.3 man/man3/gnutls_x509_crq_import.3 man/man3/gnutls_x509_crq_init.3 +man/man3/gnutls_x509_crq_set_attribute_by_oid.3 man/man3/gnutls_x509_crq_set_challenge_password.3 man/man3/gnutls_x509_crq_set_dn_by_oid.3 man/man3/gnutls_x509_crq_set_key.3 @@ -333,6 +333,7 @@ man/man3/gnutls_x509_crt_get_subject_key_id.3 man/man3/gnutls_x509_crt_get_version.3 man/man3/gnutls_x509_crt_import.3 man/man3/gnutls_x509_crt_init.3 +man/man3/gnutls_x509_crt_list_import.3 man/man3/gnutls_x509_crt_list_verify.3 man/man3/gnutls_x509_crt_set_activation_time.3 man/man3/gnutls_x509_crt_set_authority_key_id.3 @@ -341,6 +342,7 @@ man/man3/gnutls_x509_crt_set_crl_dist_points.3 man/man3/gnutls_x509_crt_set_crq.3 man/man3/gnutls_x509_crt_set_dn_by_oid.3 man/man3/gnutls_x509_crt_set_expiration_time.3 +man/man3/gnutls_x509_crt_set_extension_by_oid.3 man/man3/gnutls_x509_crt_set_issuer_dn_by_oid.3 man/man3/gnutls_x509_crt_set_key.3 man/man3/gnutls_x509_crt_set_key_purpose_oid.3 @@ -361,6 +363,7 @@ man/man3/gnutls_x509_privkey_export.3 man/man3/gnutls_x509_privkey_export_dsa_raw.3 man/man3/gnutls_x509_privkey_export_pkcs8.3 man/man3/gnutls_x509_privkey_export_rsa_raw.3 +man/man3/gnutls_x509_privkey_fix.3 man/man3/gnutls_x509_privkey_generate.3 man/man3/gnutls_x509_privkey_get_key_id.3 man/man3/gnutls_x509_privkey_get_pk_algorithm.3 @@ -382,9 +385,12 @@ share/examples/gnutls/ex-alert.c share/examples/gnutls/ex-cert-select.c share/examples/gnutls/ex-client-resume.c share/examples/gnutls/ex-client-srp.c +share/examples/gnutls/ex-client1.c share/examples/gnutls/ex-client2.c share/examples/gnutls/ex-crq.c share/examples/gnutls/ex-pkcs12.c +share/examples/gnutls/ex-rfc2818.c +share/examples/gnutls/ex-serv-anon.c share/examples/gnutls/ex-serv-export.c share/examples/gnutls/ex-serv-pgp.c share/examples/gnutls/ex-serv-srp.c diff --git a/security/gnutls/buildlink3.mk b/security/gnutls/buildlink3.mk index 24b8b453d39..18cfe7a9017 100644 --- a/security/gnutls/buildlink3.mk +++ b/security/gnutls/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.7 2004/10/03 00:18:08 tv Exp $ +# $NetBSD: buildlink3.mk,v 1.7.4.1 2005/05/02 20:14:06 salo Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ GNUTLS_BUILDLINK3_MK:= ${GNUTLS_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= gnutls .if !empty(GNUTLS_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.gnutls+= gnutls>=1.0.13 -BUILDLINK_RECOMMENDED.gnutls+= gnutls>=1.0.20nb2 +BUILDLINK_RECOMMENDED.gnutls+= gnutls>=1.2.3 BUILDLINK_PKGSRCDIR.gnutls?= ../../security/gnutls .endif # GNUTLS_BUILDLINK3_MK diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo index 485139c9d01..8e3d2c6671c 100644 --- a/security/gnutls/distinfo +++ b/security/gnutls/distinfo @@ -1,7 +1,6 @@ -$NetBSD: distinfo,v 1.13.2.1 2005/04/03 17:36:27 salo Exp $ +$NetBSD: distinfo,v 1.13.2.2 2005/05/02 20:14:06 salo Exp $ -SHA1 (gnutls-1.2.0.tar.bz2) = 618d502fc872530b726e791a818af5a95ee39d00 -RMD160 (gnutls-1.2.0.tar.bz2) = 1f03385047112721173f116821dc92680d60b687 -Size (gnutls-1.2.0.tar.bz2) = 2417909 bytes -SHA1 (patch-aa) = 3b4adf0b6acde5a56c0a7f3003a0a1e90bfbd672 +SHA1 (gnutls-1.2.3.tar.bz2) = 78e1b92a9d818479faca9042d446eed61770fb17 +RMD160 (gnutls-1.2.3.tar.bz2) = 8e796bcd3f303f52f6c2c9dad18814a467b550eb +Size (gnutls-1.2.3.tar.bz2) = 2446437 bytes SHA1 (patch-ab) = a3327de3052375acd569ee8541c90e2555e73f2d diff --git a/security/gnutls/patches/patch-aa b/security/gnutls/patches/patch-aa deleted file mode 100644 index 52cedce1fe8..00000000000 --- a/security/gnutls/patches/patch-aa +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-aa,v 1.3 2005/02/19 00:14:23 wiz Exp $ - ---- configure.orig 2005-01-27 14:16:39.000000000 +0100 -+++ configure -@@ -3651,8 +3651,6 @@ rm -f conftest.err conftest.$ac_objext c - if test $ac_cv_c_compiler_gnu != no; then - if test x$opt_developer_mode = xyes; then - CFLAGS="${CFLAGS} -g -Wno-format-y2k -Wall -Wcast-align -W -Wpointer-arith -Wchar-subscripts -Wformat-security -Wmissing-braces -Winline -Wstrict-prototypes" -- else -- CFLAGS="${CFLAGS} -O2 -finline-functions" - fi - - if test x$opt_dmalloc_mode = xyes; then |