* [PATCH 2/3] gnutls: update to 3.4.1
2015-06-04 19:37 [PATCH 0/3] Gntls update to 4.3.1 Armin Kuster
@ 2015-06-04 19:37 ` Armin Kuster
0 siblings, 0 replies; 15+ messages in thread
From: Armin Kuster @ 2015-06-04 19:37 UTC (permalink / raw)
To: openembedded-core
This version supports the nettle 3.x and higher and requires that version.
this include a security fix:
GNUTLS-SA-2015-2
no CVE assigned to date.
enable openssl compat via PACKAGECONFIG as iputils needs gnutls/openssl.h
for migration info:
http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-support/gnutls/gnutls.inc | 3 ++-
.../gnutls/configure.ac-fix-sed-command.patch | 29 ++++++++++------------
meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ------
meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 ++++++
4 files changed, 23 insertions(+), 25 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..6928cb9 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -34,9 +34,10 @@ do_configure_prepend() {
done
}
-PACKAGECONFIG ??= "zlib"
+PACKAGECONFIG ??= "zlib openssl_compat"
PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
+PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
PACKAGES =+ "${PN}-openssl ${PN}-xx"
diff --git a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
index 44a9934..342143f 100644
--- a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
+++ b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
@@ -13,19 +13,16 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.ac b/configure.ac
-index c6818a0..1c4582d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
- dnl replace libopts-generated files with distributed backups, if present
- missing_baks=
- for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
-- nam=`echo $i|sed 's/.bak//g'`
-+ nam=`echo $i|sed 's/\.bak$//'`
- if test -f $i;then
- cp -f $i $nam
- else
---
-2.0.1
-
+Index: gnutls-3.4.1/configure.ac
+===================================================================
+--- gnutls-3.4.1.orig/configure.ac
++++ gnutls-3.4.1/configure.ac
+@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
+ dnl replace libopts-generated files with distributed backups, if present
+ missing_baks=
+ for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
+- nam=`echo $i|sed 's/.bak//g'`
++ nam=`echo $i|sed 's/\.bak$//'`
+ if test -f $i;then
+ cp -f $i $nam
+ else
diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb b/meta/recipes-support/gnutls/gnutls_3.3.14.bb
deleted file mode 100644
index f41d183..0000000
--- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require gnutls.inc
-
-SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
- file://configure.ac-fix-sed-command.patch \
- file://use-pkg-config-to-locate-zlib.patch \
- "
-SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
-SRC_URI[sha256sum] = "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
new file mode 100644
index 0000000..1b64813
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
@@ -0,0 +1,8 @@
+require gnutls.inc
+
+SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
+ file://configure.ac-fix-sed-command.patch \
+ file://use-pkg-config-to-locate-zlib.patch \
+ "
+SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
+SRC_URI[sha256sum] = "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
--
1.9.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 2/3] gnutls: update to 3.4.1
2015-06-09 19:30 [PATCH 0/3] gnutls " Armin Kuster
@ 2015-06-09 19:30 ` Armin Kuster
0 siblings, 0 replies; 15+ messages in thread
From: Armin Kuster @ 2015-06-09 19:30 UTC (permalink / raw)
To: openembedded-core
This version supports the nettle 3.x and higher and requires that version.
this include a security fix:
GNUTLS-SA-2015-2
no CVE assigned to date.
enable openssl compat via PACKAGECONFIG as iputils needs gnutls/openssl.h
for migration info:
http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-support/gnutls/gnutls.inc | 3 ++-
.../gnutls/configure.ac-fix-sed-command.patch | 29 ++++++++++------------
meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ------
meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 ++++++
4 files changed, 23 insertions(+), 25 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..6928cb9 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -34,9 +34,10 @@ do_configure_prepend() {
done
}
-PACKAGECONFIG ??= "zlib"
+PACKAGECONFIG ??= "zlib openssl_compat"
PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
+PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
PACKAGES =+ "${PN}-openssl ${PN}-xx"
diff --git a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
index 44a9934..342143f 100644
--- a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
+++ b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
@@ -13,19 +13,16 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.ac b/configure.ac
-index c6818a0..1c4582d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
- dnl replace libopts-generated files with distributed backups, if present
- missing_baks=
- for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
-- nam=`echo $i|sed 's/.bak//g'`
-+ nam=`echo $i|sed 's/\.bak$//'`
- if test -f $i;then
- cp -f $i $nam
- else
---
-2.0.1
-
+Index: gnutls-3.4.1/configure.ac
+===================================================================
+--- gnutls-3.4.1.orig/configure.ac
++++ gnutls-3.4.1/configure.ac
+@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
+ dnl replace libopts-generated files with distributed backups, if present
+ missing_baks=
+ for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
+- nam=`echo $i|sed 's/.bak//g'`
++ nam=`echo $i|sed 's/\.bak$//'`
+ if test -f $i;then
+ cp -f $i $nam
+ else
diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb b/meta/recipes-support/gnutls/gnutls_3.3.14.bb
deleted file mode 100644
index f41d183..0000000
--- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require gnutls.inc
-
-SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
- file://configure.ac-fix-sed-command.patch \
- file://use-pkg-config-to-locate-zlib.patch \
- "
-SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
-SRC_URI[sha256sum] = "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
new file mode 100644
index 0000000..1b64813
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
@@ -0,0 +1,8 @@
+require gnutls.inc
+
+SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
+ file://configure.ac-fix-sed-command.patch \
+ file://use-pkg-config-to-locate-zlib.patch \
+ "
+SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
+SRC_URI[sha256sum] = "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
--
2.3.5
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 2/3] gnutls: update to 3.4.1
2015-06-14 5:37 [PATCH 0/3] Gnutls update 4.2 V2 Armin Kuster
@ 2015-06-14 5:37 ` Armin Kuster
2015-06-15 10:13 ` Burton, Ross
0 siblings, 1 reply; 15+ messages in thread
From: Armin Kuster @ 2015-06-14 5:37 UTC (permalink / raw)
To: openembedded-core
This version supports the nettle 3.x and higher and requires that version.
this include a security fix:
GNUTLS-SA-2015-2
no CVE assigned to date.
enable openssl compat via PACKAGECONFIG as iputils needs gnutls/openssl.h
for migration info:
http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-support/gnutls/gnutls.inc | 3 ++-
.../gnutls/configure.ac-fix-sed-command.patch | 29 ++++++++++------------
meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ------
meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 ++++++
4 files changed, 23 insertions(+), 25 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..6928cb9 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -34,9 +34,10 @@ do_configure_prepend() {
done
}
-PACKAGECONFIG ??= "zlib"
+PACKAGECONFIG ??= "zlib openssl_compat"
PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
+PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
PACKAGES =+ "${PN}-openssl ${PN}-xx"
diff --git a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
index 44a9934..342143f 100644
--- a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
+++ b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
@@ -13,19 +13,16 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.ac b/configure.ac
-index c6818a0..1c4582d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
- dnl replace libopts-generated files with distributed backups, if present
- missing_baks=
- for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
-- nam=`echo $i|sed 's/.bak//g'`
-+ nam=`echo $i|sed 's/\.bak$//'`
- if test -f $i;then
- cp -f $i $nam
- else
---
-2.0.1
-
+Index: gnutls-3.4.1/configure.ac
+===================================================================
+--- gnutls-3.4.1.orig/configure.ac
++++ gnutls-3.4.1/configure.ac
+@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
+ dnl replace libopts-generated files with distributed backups, if present
+ missing_baks=
+ for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
+- nam=`echo $i|sed 's/.bak//g'`
++ nam=`echo $i|sed 's/\.bak$//'`
+ if test -f $i;then
+ cp -f $i $nam
+ else
diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb b/meta/recipes-support/gnutls/gnutls_3.3.14.bb
deleted file mode 100644
index f41d183..0000000
--- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require gnutls.inc
-
-SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
- file://configure.ac-fix-sed-command.patch \
- file://use-pkg-config-to-locate-zlib.patch \
- "
-SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
-SRC_URI[sha256sum] = "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
new file mode 100644
index 0000000..1b64813
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
@@ -0,0 +1,8 @@
+require gnutls.inc
+
+SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
+ file://configure.ac-fix-sed-command.patch \
+ file://use-pkg-config-to-locate-zlib.patch \
+ "
+SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
+SRC_URI[sha256sum] = "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
--
2.3.5
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-14 5:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
@ 2015-06-15 10:13 ` Burton, Ross
2015-06-15 23:18 ` akuster808
2015-06-18 15:57 ` akuster808
0 siblings, 2 replies; 15+ messages in thread
From: Burton, Ross @ 2015-06-15 10:13 UTC (permalink / raw)
To: Armin Kuster; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 5409 bytes --]
So this happens:
WARNING: QA Issue: gnutls-openssl rdepends on libidn, but it isn't a build
dependency? [build-deps]
WARNING: QA Issue: gnutls-xx rdepends on libidn, but it isn't a build
dependency? [build-deps]
WARNING: QA Issue: gnutls-dev rdepends on libidn, but it isn't a build
dependency? [build-deps]
WARNING: QA Issue: gnutls-bin rdepends on libidn, but it isn't a build
dependency? [build-deps]
WARNING: QA Issue: gnutls rdepends on libidn, but it isn't a build
dependency? [build-deps]
Ross
On 14 June 2015 at 06:37, Armin Kuster <akuster808@gmail.com> wrote:
> This version supports the nettle 3.x and higher and requires that version.
>
> this include a security fix:
> GNUTLS-SA-2015-2
> no CVE assigned to date.
>
> enable openssl compat via PACKAGECONFIG as iputils needs gnutls/openssl.h
>
> for migration info:
> http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
>
> Signed-off-by: Armin Kuster <akuster808@gmail.com>
> ---
> meta/recipes-support/gnutls/gnutls.inc | 3 ++-
> .../gnutls/configure.ac-fix-sed-command.patch | 29
> ++++++++++------------
> meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ------
> meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 ++++++
> 4 files changed, 23 insertions(+), 25 deletions(-)
> delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
> create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
>
> diff --git a/meta/recipes-support/gnutls/gnutls.inc
> b/meta/recipes-support/gnutls/gnutls.inc
> index e9b138a..6928cb9 100644
> --- a/meta/recipes-support/gnutls/gnutls.inc
> +++ b/meta/recipes-support/gnutls/gnutls.inc
> @@ -34,9 +34,10 @@ do_configure_prepend() {
> done
> }
>
> -PACKAGECONFIG ??= "zlib"
> +PACKAGECONFIG ??= "zlib openssl_compat"
> PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
> PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
> +PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
>
> PACKAGES =+ "${PN}-openssl ${PN}-xx"
>
> diff --git
> a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> index 44a9934..342143f 100644
> --- a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> +++ b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> @@ -13,19 +13,16 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
> configure.ac | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> -diff --git a/configure.ac b/configure.ac
> -index c6818a0..1c4582d 100644
> ---- a/configure.ac
> -+++ b/configure.ac
> -@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
> - dnl replace libopts-generated files with distributed backups, if
> present
> - missing_baks=
> - for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
> -- nam=`echo $i|sed 's/.bak//g'`
> -+ nam=`echo $i|sed 's/\.bak$//'`
> - if test -f $i;then
> - cp -f $i $nam
> - else
> ---
> -2.0.1
> -
> +Index: gnutls-3.4.1/configure.ac
> +===================================================================
> +--- gnutls-3.4.1.orig/configure.ac
> ++++ gnutls-3.4.1/configure.ac
> +@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
> + dnl replace libopts-generated files with distributed
> backups, if present
> + missing_baks=
> + for i in ${srcdir}/src/*-args.c.bak
> ${srcdir}/src/*-args.h.bak; do
> +- nam=`echo $i|sed 's/.bak//g'`
> ++ nam=`echo $i|sed 's/\.bak$//'`
> + if test -f $i;then
> + cp -f $i $nam
> + else
> diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> b/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> deleted file mode 100644
> index f41d183..0000000
> --- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> +++ /dev/null
> @@ -1,8 +0,0 @@
> -require gnutls.inc
> -
> -SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
> - file://configure.ac-fix-sed-command.patch \
> - file://use-pkg-config-to-locate-zlib.patch \
> - "
> -SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
> -SRC_URI[sha256sum] =
> "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
> diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> new file mode 100644
> index 0000000..1b64813
> --- /dev/null
> +++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> @@ -0,0 +1,8 @@
> +require gnutls.inc
> +
> +SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
> + file://configure.ac-fix-sed-command.patch \
> + file://use-pkg-config-to-locate-zlib.patch \
> + "
> +SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
> +SRC_URI[sha256sum] =
> "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
> --
> 2.3.5
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
[-- Attachment #2: Type: text/html, Size: 8100 bytes --]
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-15 10:13 ` Burton, Ross
@ 2015-06-15 23:18 ` akuster808
2015-06-18 15:57 ` akuster808
1 sibling, 0 replies; 15+ messages in thread
From: akuster808 @ 2015-06-15 23:18 UTC (permalink / raw)
To: Burton, Ross; +Cc: OE-core
On 06/15/2015 03:13 AM, Burton, Ross wrote:
> So this happens:
>
> WARNING: QA Issue: gnutls-openssl rdepends on libidn, but it isn't a
> build dependency? [build-deps]
> WARNING: QA Issue: gnutls-xx rdepends on libidn, but it isn't a build
> dependency? [build-deps]
> WARNING: QA Issue: gnutls-dev rdepends on libidn, but it isn't a build
> dependency? [build-deps]
> WARNING: QA Issue: gnutls-bin rdepends on libidn, but it isn't a build
> dependency? [build-deps]
> WARNING: QA Issue: gnutls rdepends on libidn, but it isn't a build
> dependency? [build-deps]
Well that is a bummer. I have not seen those otherwise I would have not
submitted the request.
Thanks for the feedback.
- armin
>
> Ross
>
> On 14 June 2015 at 06:37, Armin Kuster <akuster808@gmail.com
> <mailto:akuster808@gmail.com>> wrote:
>
> This version supports the nettle 3.x and higher and requires that
> version.
>
> this include a security fix:
> GNUTLS-SA-2015-2
> no CVE assigned to date.
>
> enable openssl compat via PACKAGECONFIG as iputils needs
> gnutls/openssl.h
>
> for migration info:
> http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
>
> Signed-off-by: Armin Kuster <akuster808@gmail.com
> <mailto:akuster808@gmail.com>>
> ---
> meta/recipes-support/gnutls/gnutls.inc | 3 ++-
> .../gnutls/configure.ac-fix-sed-command.patch | 29
> ++++++++++------------
> meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb> | 8 ------
> meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb> | 8 ++++++
> 4 files changed, 23 insertions(+), 25 deletions(-)
> delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb>
> create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb>
>
> diff --git a/meta/recipes-support/gnutls/gnutls.inc
> b/meta/recipes-support/gnutls/gnutls.inc
> index e9b138a..6928cb9 100644
> --- a/meta/recipes-support/gnutls/gnutls.inc
> +++ b/meta/recipes-support/gnutls/gnutls.inc
> @@ -34,9 +34,10 @@ do_configure_prepend() {
> done
> }
>
> -PACKAGECONFIG ??= "zlib"
> +PACKAGECONFIG ??= "zlib openssl_compat"
> PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
> PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
> +PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
>
> PACKAGES =+ "${PN}-openssl ${PN}-xx"
>
> diff --git
> a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> index 44a9934..342143f 100644
> ---
> a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> +++
> b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> @@ -13,19 +13,16 @@ Signed-off-by: Robert Yang
> <liezhi.yang@windriver.com <mailto:liezhi.yang@windriver.com>>
> configure.ac <http://configure.ac> | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> -diff --git a/configure.ac <http://configure.ac> b/configure.ac
> <http://configure.ac>
> -index c6818a0..1c4582d 100644
> ---- a/configure.ac <http://configure.ac>
> -+++ b/configure.ac <http://configure.ac>
> -@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
> - dnl replace libopts-generated files with distributed
> backups, if present
> - missing_baks=
> - for i in ${srcdir}/src/*-args.c.bak
> ${srcdir}/src/*-args.h.bak; do
> -- nam=`echo $i|sed 's/.bak//g'`
> -+ nam=`echo $i|sed 's/\.bak$//'`
> - if test -f $i;then
> - cp -f $i $nam
> - else
> ---
> -2.0.1
> -
> +Index: gnutls-3.4.1/configure.ac <http://configure.ac>
> +===================================================================
> +--- gnutls-3.4.1.orig/configure.ac <http://configure.ac>
> ++++ gnutls-3.4.1/configure.ac <http://configure.ac>
> +@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
> + dnl replace libopts-generated files with distributed
> backups, if present
> + missing_baks=
> + for i in ${srcdir}/src/*-args.c.bak
> ${srcdir}/src/*-args.h.bak; do
> +- nam=`echo $i|sed 's/.bak//g'`
> ++ nam=`echo $i|sed 's/\.bak$//'`
> + if test -f $i;then
> + cp -f $i $nam
> + else
> diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb>
> b/meta/recipes-support/gnutls/gnutls_3.3.14.bb <http://gnutls_3.3.14.bb>
> deleted file mode 100644
> index f41d183..0000000
> --- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb>
> +++ /dev/null
> @@ -1,8 +0,0 @@
> -require gnutls.inc
> -
> -SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
> - file://configure.ac-fix-sed-command.patch \
> - file://use-pkg-config-to-locate-zlib.patch \
> - "
> -SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
> -SRC_URI[sha256sum] =
> "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
> diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb>
> b/meta/recipes-support/gnutls/gnutls_3.4.1.bb <http://gnutls_3.4.1.bb>
> new file mode 100644
> index 0000000..1b64813
> --- /dev/null
> +++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb>
> @@ -0,0 +1,8 @@
> +require gnutls.inc
> +
> +SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
> + file://configure.ac-fix-sed-command.patch \
> + file://use-pkg-config-to-locate-zlib.patch \
> + "
> +SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
> +SRC_URI[sha256sum] =
> "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
> --
> 2.3.5
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> <mailto:Openembedded-core@lists.openembedded.org>
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
>
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH 2/3] gnutls: update to 3.4.1
2015-06-18 4:50 [PATCH 0/3] [v3] Gntls update to 4.3.1 Armin Kuster
@ 2015-06-18 4:50 ` Armin Kuster
2015-06-19 9:06 ` Burton, Ross
0 siblings, 1 reply; 15+ messages in thread
From: Armin Kuster @ 2015-06-18 4:50 UTC (permalink / raw)
To: openembedded-core
This version supports the nettle 3.x and higher and requires that version.
this include a security fix:
GNUTLS-SA-2015-2
no CVE assigned to date.
enable openssl compat via PACKAGECONFIG as iputils needs gnutls/openssl.h
for migration info:
http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
V2: Fix some build depends seen on some systems.
WARNING: QA Issue: gnutls-openssl rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls-xx rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls-dev rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls-bin rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls rdepends on libidn, but it isn't a build dependency? [build-deps]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-support/gnutls/gnutls.inc | 4 ++-
.../gnutls/configure.ac-fix-sed-command.patch | 29 ++++++++++------------
meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ------
meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 ++++++
4 files changed, 24 insertions(+), 25 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..9075cad 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -34,9 +34,11 @@ do_configure_prepend() {
done
}
-PACKAGECONFIG ??= "zlib"
+PACKAGECONFIG ??= "zlib openssl_compat"
PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
+PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
+PACKAGECONFIG[libind] = ",--without-idn, libidn"
PACKAGES =+ "${PN}-openssl ${PN}-xx"
diff --git a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
index 44a9934..342143f 100644
--- a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
+++ b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
@@ -13,19 +13,16 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.ac b/configure.ac
-index c6818a0..1c4582d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
- dnl replace libopts-generated files with distributed backups, if present
- missing_baks=
- for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
-- nam=`echo $i|sed 's/.bak//g'`
-+ nam=`echo $i|sed 's/\.bak$//'`
- if test -f $i;then
- cp -f $i $nam
- else
---
-2.0.1
-
+Index: gnutls-3.4.1/configure.ac
+===================================================================
+--- gnutls-3.4.1.orig/configure.ac
++++ gnutls-3.4.1/configure.ac
+@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
+ dnl replace libopts-generated files with distributed backups, if present
+ missing_baks=
+ for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
+- nam=`echo $i|sed 's/.bak//g'`
++ nam=`echo $i|sed 's/\.bak$//'`
+ if test -f $i;then
+ cp -f $i $nam
+ else
diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb b/meta/recipes-support/gnutls/gnutls_3.3.14.bb
deleted file mode 100644
index f41d183..0000000
--- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require gnutls.inc
-
-SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
- file://configure.ac-fix-sed-command.patch \
- file://use-pkg-config-to-locate-zlib.patch \
- "
-SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
-SRC_URI[sha256sum] = "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
new file mode 100644
index 0000000..1b64813
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
@@ -0,0 +1,8 @@
+require gnutls.inc
+
+SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
+ file://configure.ac-fix-sed-command.patch \
+ file://use-pkg-config-to-locate-zlib.patch \
+ "
+SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
+SRC_URI[sha256sum] = "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
--
1.9.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-15 10:13 ` Burton, Ross
2015-06-15 23:18 ` akuster808
@ 2015-06-18 15:57 ` akuster808
2015-06-19 9:03 ` Burton, Ross
1 sibling, 1 reply; 15+ messages in thread
From: akuster808 @ 2015-06-18 15:57 UTC (permalink / raw)
To: Burton, Ross; +Cc: OE-core
Ross,
I could not reproduce these warnings but found a configure option to
build without libidn so I added that in my last submit.
Thanks again,
kind regards,
Armin
On 06/15/2015 03:13 AM, Burton, Ross wrote:
> So this happens:
>
> WARNING: QA Issue: gnutls-openssl rdepends on libidn, but it isn't a
> build dependency? [build-deps]
> WARNING: QA Issue: gnutls-xx rdepends on libidn, but it isn't a build
> dependency? [build-deps]
> WARNING: QA Issue: gnutls-dev rdepends on libidn, but it isn't a build
> dependency? [build-deps]
> WARNING: QA Issue: gnutls-bin rdepends on libidn, but it isn't a build
> dependency? [build-deps]
> WARNING: QA Issue: gnutls rdepends on libidn, but it isn't a build
> dependency? [build-deps]
>
> Ross
>
> On 14 June 2015 at 06:37, Armin Kuster <akuster808@gmail.com
> <mailto:akuster808@gmail.com>> wrote:
>
> This version supports the nettle 3.x and higher and requires that
> version.
>
> this include a security fix:
> GNUTLS-SA-2015-2
> no CVE assigned to date.
>
> enable openssl compat via PACKAGECONFIG as iputils needs
> gnutls/openssl.h
>
> for migration info:
> http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
>
> Signed-off-by: Armin Kuster <akuster808@gmail.com
> <mailto:akuster808@gmail.com>>
> ---
> meta/recipes-support/gnutls/gnutls.inc | 3 ++-
> .../gnutls/configure.ac-fix-sed-command.patch | 29
> ++++++++++------------
> meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb> | 8 ------
> meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb> | 8 ++++++
> 4 files changed, 23 insertions(+), 25 deletions(-)
> delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb>
> create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb>
>
> diff --git a/meta/recipes-support/gnutls/gnutls.inc
> b/meta/recipes-support/gnutls/gnutls.inc
> index e9b138a..6928cb9 100644
> --- a/meta/recipes-support/gnutls/gnutls.inc
> +++ b/meta/recipes-support/gnutls/gnutls.inc
> @@ -34,9 +34,10 @@ do_configure_prepend() {
> done
> }
>
> -PACKAGECONFIG ??= "zlib"
> +PACKAGECONFIG ??= "zlib openssl_compat"
> PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
> PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
> +PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
>
> PACKAGES =+ "${PN}-openssl ${PN}-xx"
>
> diff --git
> a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> index 44a9934..342143f 100644
> ---
> a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> +++
> b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
> @@ -13,19 +13,16 @@ Signed-off-by: Robert Yang
> <liezhi.yang@windriver.com <mailto:liezhi.yang@windriver.com>>
> configure.ac <http://configure.ac> | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> -diff --git a/configure.ac <http://configure.ac> b/configure.ac
> <http://configure.ac>
> -index c6818a0..1c4582d 100644
> ---- a/configure.ac <http://configure.ac>
> -+++ b/configure.ac <http://configure.ac>
> -@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
> - dnl replace libopts-generated files with distributed
> backups, if present
> - missing_baks=
> - for i in ${srcdir}/src/*-args.c.bak
> ${srcdir}/src/*-args.h.bak; do
> -- nam=`echo $i|sed 's/.bak//g'`
> -+ nam=`echo $i|sed 's/\.bak$//'`
> - if test -f $i;then
> - cp -f $i $nam
> - else
> ---
> -2.0.1
> -
> +Index: gnutls-3.4.1/configure.ac <http://configure.ac>
> +===================================================================
> +--- gnutls-3.4.1.orig/configure.ac <http://configure.ac>
> ++++ gnutls-3.4.1/configure.ac <http://configure.ac>
> +@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
> + dnl replace libopts-generated files with distributed
> backups, if present
> + missing_baks=
> + for i in ${srcdir}/src/*-args.c.bak
> ${srcdir}/src/*-args.h.bak; do
> +- nam=`echo $i|sed 's/.bak//g'`
> ++ nam=`echo $i|sed 's/\.bak$//'`
> + if test -f $i;then
> + cp -f $i $nam
> + else
> diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb>
> b/meta/recipes-support/gnutls/gnutls_3.3.14.bb <http://gnutls_3.3.14.bb>
> deleted file mode 100644
> index f41d183..0000000
> --- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
> <http://gnutls_3.3.14.bb>
> +++ /dev/null
> @@ -1,8 +0,0 @@
> -require gnutls.inc
> -
> -SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
> - file://configure.ac-fix-sed-command.patch \
> - file://use-pkg-config-to-locate-zlib.patch \
> - "
> -SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
> -SRC_URI[sha256sum] =
> "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
> diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb>
> b/meta/recipes-support/gnutls/gnutls_3.4.1.bb <http://gnutls_3.4.1.bb>
> new file mode 100644
> index 0000000..1b64813
> --- /dev/null
> +++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
> <http://gnutls_3.4.1.bb>
> @@ -0,0 +1,8 @@
> +require gnutls.inc
> +
> +SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
> + file://configure.ac-fix-sed-command.patch \
> + file://use-pkg-config-to-locate-zlib.patch \
> + "
> +SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
> +SRC_URI[sha256sum] =
> "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
> --
> 2.3.5
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> <mailto:Openembedded-core@lists.openembedded.org>
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
>
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-18 15:57 ` akuster808
@ 2015-06-19 9:03 ` Burton, Ross
0 siblings, 0 replies; 15+ messages in thread
From: Burton, Ross @ 2015-06-19 9:03 UTC (permalink / raw)
To: akuster808; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 308 bytes --]
On 18 June 2015 at 16:57, akuster808 <akuster808@gmail.com> wrote:
> I could not reproduce these warnings but found a configure option to
> build without libidn so I added that in my last submit.
>
It would be a simple:
$ bitbake libidn
$ bitbake gnutls -ccleansstate
$ bitbake gnutls
Ross
[-- Attachment #2: Type: text/html, Size: 811 bytes --]
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-18 4:50 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
@ 2015-06-19 9:06 ` Burton, Ross
0 siblings, 0 replies; 15+ messages in thread
From: Burton, Ross @ 2015-06-19 9:06 UTC (permalink / raw)
To: Armin Kuster; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 429 bytes --]
On 18 June 2015 at 05:50, Armin Kuster <akuster808@gmail.com> wrote:
> +PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
> +PACKAGECONFIG[libind] = ",--without-idn, libidn"
>
For clarity always pass both enable and disable options, in case upstream
changes their default behaviour. The autoconf macros AC_ARG_WITH and
_ENABLE always support both their enable/disable and with/without forms.
Ross
[-- Attachment #2: Type: text/html, Size: 852 bytes --]
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH 1/3] nettle: update package to 3.1.1 version.
2015-06-23 1:37 [PATCH 0/3] Update gnutls 3.4.1 Armin Kuster
@ 2015-06-23 1:37 ` Armin Kuster
2015-06-23 1:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
2015-06-23 1:37 ` [PATCH 3/3] neon: fix compat issues with gnutls 4.3 Armin Kuster
2 siblings, 0 replies; 15+ messages in thread
From: Armin Kuster @ 2015-06-23 1:37 UTC (permalink / raw)
To: openembedded-core
this requires the gnutls 3.4.1 update or the current gnutils build will break.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../nettle/{nettle_2.7.1.bb => nettle_3.1.1.bb} | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
rename meta/recipes-support/nettle/{nettle_2.7.1.bb => nettle_3.1.1.bb} (48%)
diff --git a/meta/recipes-support/nettle/nettle_2.7.1.bb b/meta/recipes-support/nettle/nettle_3.1.1.bb
similarity index 48%
rename from meta/recipes-support/nettle/nettle_2.7.1.bb
rename to meta/recipes-support/nettle/nettle_3.1.1.bb
index f53afcc..ce5e756 100644
--- a/meta/recipes-support/nettle/nettle_2.7.1.bb
+++ b/meta/recipes-support/nettle/nettle_3.1.1.bb
@@ -1,17 +1,17 @@
SUMMARY = "A low level cryptographic library"
HOMEPAGE = "http://www.lysator.liu.se/~nisse/nettle/"
SECTION = "libs"
-LICENSE = "LGPLv2.1 & GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=2d5025d4aa3495befef8f17206a5b0a1 \
- file://serpent-decrypt.c;beginline=53;endline=67;md5=bcfd4745d53ca57f82907089898e390d \
- file://serpent-set-key.c;beginline=56;endline=70;md5=bcfd4745d53ca57f82907089898e390d"
+LICENSE = "GPLv2+ & GPLv3 & LGPLv3+"
+LIC_FILES_CHKSUM = "file://COPYINGv2;beginline=1;endline=2;md5=c70d8d3310941dcdfcd1e02800a1f548 \
+ file://COPYINGv3;beginline=1;endline=2;md5=d1c727712ceba52db52e0ee449cadf43 \
+ file://COPYING.LESSERv3;beginline=1;endline=2;md5=ff44a06d461487fb65f84ad672a1d1c8"
DEPENDS += "gmp"
SRC_URI = "http://www.lysator.liu.se/~nisse/archive/${BP}.tar.gz"
-SRC_URI[md5sum] = "003d5147911317931dd453520eb234a5"
-SRC_URI[sha256sum] = "bc71ebd43435537d767799e414fce88e521b7278d48c860651216e1fc6555b40"
+SRC_URI[md5sum] = "b40fa88dc32f37a182b6b42092ebb144"
+SRC_URI[sha256sum] = "5fd4d25d64d8ddcb85d0d897572af73b05b4d163c6cc49438a5bfbb8ff293d4c"
EXTRA_OECONF = "--disable-openssl"
--
1.9.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 0/3] Update gnutls 3.4.1
@ 2015-06-23 1:37 Armin Kuster
2015-06-23 1:37 ` [PATCH 1/3] nettle: update package to 3.1.1 version Armin Kuster
` (2 more replies)
0 siblings, 3 replies; 15+ messages in thread
From: Armin Kuster @ 2015-06-23 1:37 UTC (permalink / raw)
To: openembedded-core
The nettle and gnutls updates must be done as a pair.
The following changes since commit c40eb563fe771740f98aaa197d82af71de874c44:
bitbake: runqueue: Sanity check BB_NUMBER_THREADS (2015-06-20 06:50:50 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib akuster/gnutls_update
http://git.yoctoproject.org/cgit.cgi//log/?h=akuster/gnutls_update
Armin Kuster (3):
nettle: update package to 3.1.1 version.
gnutls: update to 3.4.1
neon: fix compat issues with gnutls 4.3
meta/recipes-support/gnutls/gnutls.inc | 4 +-
.../gnutls/configure.ac-fix-sed-command.patch | 29 +++++----
meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ---
meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 +++
.../neon/neon/gnutls_4.3_fixup.patch | 68 ++++++++++++++++++++++
meta/recipes-support/neon/neon_0.30.1.bb | 3 +-
.../nettle/{nettle_2.7.1.bb => nettle_3.1.1.bb} | 12 ++--
7 files changed, 100 insertions(+), 32 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
create mode 100644 meta/recipes-support/neon/neon/gnutls_4.3_fixup.patch
rename meta/recipes-support/nettle/{nettle_2.7.1.bb => nettle_3.1.1.bb} (48%)
--
1.9.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH 2/3] gnutls: update to 3.4.1
2015-06-23 1:37 [PATCH 0/3] Update gnutls 3.4.1 Armin Kuster
2015-06-23 1:37 ` [PATCH 1/3] nettle: update package to 3.1.1 version Armin Kuster
@ 2015-06-23 1:37 ` Armin Kuster
2015-06-23 16:28 ` Burton, Ross
2015-06-23 1:37 ` [PATCH 3/3] neon: fix compat issues with gnutls 4.3 Armin Kuster
2 siblings, 1 reply; 15+ messages in thread
From: Armin Kuster @ 2015-06-23 1:37 UTC (permalink / raw)
To: openembedded-core
This version supports the nettle 3.x and higher and requires that version.
this include a security fix:
GNUTLS-SA-2015-2
no CVE assigned to date.
enable openssl compat via PACKAGECONFIG as iputils needs gnutls/openssl.h
for migration info:
http://www.gnutls.org/manual/gnutls.html#Upgrading-from-previous-versions
V2: Fix some build depends seen on some systems.
WARNING: QA Issue: gnutls-openssl rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls-xx rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls-dev rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls-bin rdepends on libidn, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gnutls rdepends on libidn, but it isn't a build dependency? [build-deps]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-support/gnutls/gnutls.inc | 4 ++-
.../gnutls/configure.ac-fix-sed-command.patch | 29 ++++++++++------------
meta/recipes-support/gnutls/gnutls_3.3.14.bb | 8 ------
meta/recipes-support/gnutls/gnutls_3.4.1.bb | 8 ++++++
4 files changed, 24 insertions(+), 25 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.3.14.bb
create mode 100644 meta/recipes-support/gnutls/gnutls_3.4.1.bb
diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..f57a788 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -34,9 +34,11 @@ do_configure_prepend() {
done
}
-PACKAGECONFIG ??= "zlib"
+PACKAGECONFIG ??= "zlib openssl_compat"
PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
+PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
+PACKAGECONFIG[libind] = "--with-idn,--without-idn, libidn"
PACKAGES =+ "${PN}-openssl ${PN}-xx"
diff --git a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
index 44a9934..342143f 100644
--- a/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
+++ b/meta/recipes-support/gnutls/gnutls/configure.ac-fix-sed-command.patch
@@ -13,19 +13,16 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.ac b/configure.ac
-index c6818a0..1c4582d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -466,7 +466,7 @@ if test "$NEED_LIBOPTS_DIR" = "true";then
- dnl replace libopts-generated files with distributed backups, if present
- missing_baks=
- for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
-- nam=`echo $i|sed 's/.bak//g'`
-+ nam=`echo $i|sed 's/\.bak$//'`
- if test -f $i;then
- cp -f $i $nam
- else
---
-2.0.1
-
+Index: gnutls-3.4.1/configure.ac
+===================================================================
+--- gnutls-3.4.1.orig/configure.ac
++++ gnutls-3.4.1/configure.ac
+@@ -530,7 +530,7 @@ if test "$enable_tools" != "no" || test
+ dnl replace libopts-generated files with distributed backups, if present
+ missing_baks=
+ for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
+- nam=`echo $i|sed 's/.bak//g'`
++ nam=`echo $i|sed 's/\.bak$//'`
+ if test -f $i;then
+ cp -f $i $nam
+ else
diff --git a/meta/recipes-support/gnutls/gnutls_3.3.14.bb b/meta/recipes-support/gnutls/gnutls_3.3.14.bb
deleted file mode 100644
index f41d183..0000000
--- a/meta/recipes-support/gnutls/gnutls_3.3.14.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require gnutls.inc
-
-SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
- file://configure.ac-fix-sed-command.patch \
- file://use-pkg-config-to-locate-zlib.patch \
- "
-SRC_URI[md5sum] = "7f4465f8c564cf9cb8f5cb38b909f7ca"
-SRC_URI[sha256sum] = "0dfa0030faad8909c1e904105198232d6bc0123cae8cf4933b2bac85ee7cec52"
diff --git a/meta/recipes-support/gnutls/gnutls_3.4.1.bb b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
new file mode 100644
index 0000000..1b64813
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls_3.4.1.bb
@@ -0,0 +1,8 @@
+require gnutls.inc
+
+SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
+ file://configure.ac-fix-sed-command.patch \
+ file://use-pkg-config-to-locate-zlib.patch \
+ "
+SRC_URI[md5sum] = "2d04f34fa25b45f9dcb9104c0394e12e"
+SRC_URI[sha256sum] = "e9b5f58becf34756464216056cd5abbf04315eda80a374d02699dee83f80b12e"
--
1.9.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 3/3] neon: fix compat issues with gnutls 4.3
2015-06-23 1:37 [PATCH 0/3] Update gnutls 3.4.1 Armin Kuster
2015-06-23 1:37 ` [PATCH 1/3] nettle: update package to 3.1.1 version Armin Kuster
2015-06-23 1:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
@ 2015-06-23 1:37 ` Armin Kuster
2 siblings, 0 replies; 15+ messages in thread
From: Armin Kuster @ 2015-06-23 1:37 UTC (permalink / raw)
To: openembedded-core
V2: fix missing 4.3 work around
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../neon/neon/gnutls_4.3_fixup.patch | 68 ++++++++++++++++++++++
meta/recipes-support/neon/neon_0.30.1.bb | 3 +-
2 files changed, 70 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-support/neon/neon/gnutls_4.3_fixup.patch
diff --git a/meta/recipes-support/neon/neon/gnutls_4.3_fixup.patch b/meta/recipes-support/neon/neon/gnutls_4.3_fixup.patch
new file mode 100644
index 0000000..a76560a
--- /dev/null
+++ b/meta/recipes-support/neon/neon/gnutls_4.3_fixup.patch
@@ -0,0 +1,68 @@
+replace deprecated GnuTLS functions with newer ones if available
+
+Upstream Status: Pending
+
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+Index: neon-0.30.1/macros/neon.m4
+===================================================================
+--- neon-0.30.1.orig/macros/neon.m4
++++ neon-0.30.1/macros/neon.m4
+@@ -987,6 +987,10 @@ gnutls)
+ gnutls_certificate_get_x509_cas \
+ gnutls_x509_crt_sign2])
+
++ # gnutls 4.3 check
++ AC_CHECK_LIB(gnutls, gnutls_global_init)
++ AC_CHECK_FUNCS(gnutls_certificate_set_retrieve_function,,)
++
+ # fail if gnutls_x509_crt_sign2 is not found (it was introduced in 1.2.0, which is required)
+ if test x${ac_cv_func_gnutls_x509_crt_sign2} != xyes; then
+ AC_MSG_ERROR([GnuTLS version predates gnutls_x509_crt_sign2, newer version required (at least 1.2.0)])
+Index: neon-0.30.1/src/ne_gnutls.c
+===================================================================
+--- neon-0.30.1.orig/src/ne_gnutls.c
++++ neon-0.30.1/src/ne_gnutls.c
+@@ -553,7 +553,13 @@ dup_error:
+ static int provide_client_cert(gnutls_session_t session,
+ const gnutls_datum_t *req_ca_rdn, int nreqs,
+ const gnutls_pk_algorithm_t *sign_algos,
+- int sign_algos_length, gnutls_retr_st *st)
++ int sign_algos_length,
++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION
++ gnutls_retr2_st* st
++#else
++ gnutls_retr_st *st
++#endif
++ )
+ {
+ ne_session *sess = gnutls_session_get_ptr(session);
+
+@@ -617,8 +623,11 @@ static int provide_client_cert(gnutls_se
+ #endif
+ ) {
+ NE_DEBUG(NE_DBG_SSL, "Supplying client certificate.\n");
+-
++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION
++ st->cert_type = type;
++#else
+ st->type = type;
++#endif
+ st->ncerts = 1;
+ st->cert.x509 = &sess->client_cert->cert.subject;
+ st->key.x509 = sess->client_cert->pkey;
+@@ -649,8 +658,14 @@ ne_ssl_context *ne_ssl_context_create(in
+ ne_ssl_context *ctx = ne_calloc(sizeof *ctx);
+ gnutls_certificate_allocate_credentials(&ctx->cred);
+ if (flags == NE_SSL_CTX_CLIENT) {
++
++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION
++ gnutls_certificate_set_retrieve_function(ctx->cred,
++ provide_client_cert);
++#else
+ gnutls_certificate_client_set_retrieve_function(ctx->cred,
+ provide_client_cert);
++#endif
+ }
+ gnutls_certificate_set_verify_flags(ctx->cred,
+ GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
diff --git a/meta/recipes-support/neon/neon_0.30.1.bb b/meta/recipes-support/neon/neon_0.30.1.bb
index fd170bc..0244314 100644
--- a/meta/recipes-support/neon/neon_0.30.1.bb
+++ b/meta/recipes-support/neon/neon_0.30.1.bb
@@ -10,7 +10,8 @@ DEPENDS_class-native = "zlib-native libxml2-native expat-native gnutls-native"
BBCLASSEXTEND = "native"
SRC_URI = "http://www.webdav.org/${BPN}/${BPN}-${PV}.tar.gz \
- file://pkgconfig.patch"
+ file://pkgconfig.patch \
+ file://gnutls_4.3_fixup.patch"
SRC_URI[md5sum] = "231adebe5c2f78fded3e3df6e958878e"
SRC_URI[sha256sum] = "00c626c0dc18d094ab374dbd9a354915bfe4776433289386ed489c2ec0845cdd"
--
1.9.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-23 1:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
@ 2015-06-23 16:28 ` Burton, Ross
2015-06-25 1:28 ` akuster808
0 siblings, 1 reply; 15+ messages in thread
From: Burton, Ross @ 2015-06-23 16:28 UTC (permalink / raw)
To: Armin Kuster; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 338 bytes --]
On 23 June 2015 at 02:37, Armin Kuster <akuster808@gmail.com> wrote:
> +PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
>
Also add --disable-openssl-compatibility (and remove the redundant trailing
commas).
+PACKAGECONFIG[libind] = "--with-idn,--without-idn, libidn"
>
The flag name has a typo.
Ross
[-- Attachment #2: Type: text/html, Size: 952 bytes --]
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 2/3] gnutls: update to 3.4.1
2015-06-23 16:28 ` Burton, Ross
@ 2015-06-25 1:28 ` akuster808
0 siblings, 0 replies; 15+ messages in thread
From: akuster808 @ 2015-06-25 1:28 UTC (permalink / raw)
To: Burton, Ross; +Cc: OE-core
On 6/23/15 9:28 AM, Burton, Ross wrote:
>
> On 23 June 2015 at 02:37, Armin Kuster <akuster808@gmail.com
> <mailto:akuster808@gmail.com>> wrote:
>
> +PACKAGECONFIG[openssl_compat] = "--enable-openssl-compatibility,,"
>
>
> Also add --disable-openssl-compatibility (and remove the redundant
> trailing commas).
you are slipping. those where in a previous set ; )
>
> +PACKAGECONFIG[libind] = "--with-idn,--without-idn, libidn"
>
>
> The flag name has a typo.
Says you. ; )
I get these in ...... (looks like 3.4.2 is out now)... the next round.
kind regards,
Armin
>
> Ross
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2015-06-25 1:28 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-06-23 1:37 [PATCH 0/3] Update gnutls 3.4.1 Armin Kuster
2015-06-23 1:37 ` [PATCH 1/3] nettle: update package to 3.1.1 version Armin Kuster
2015-06-23 1:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
2015-06-23 16:28 ` Burton, Ross
2015-06-25 1:28 ` akuster808
2015-06-23 1:37 ` [PATCH 3/3] neon: fix compat issues with gnutls 4.3 Armin Kuster
-- strict thread matches above, loose matches on Subject: below --
2015-06-18 4:50 [PATCH 0/3] [v3] Gntls update to 4.3.1 Armin Kuster
2015-06-18 4:50 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
2015-06-19 9:06 ` Burton, Ross
2015-06-14 5:37 [PATCH 0/3] Gnutls update 4.2 V2 Armin Kuster
2015-06-14 5:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
2015-06-15 10:13 ` Burton, Ross
2015-06-15 23:18 ` akuster808
2015-06-18 15:57 ` akuster808
2015-06-19 9:03 ` Burton, Ross
2015-06-09 19:30 [PATCH 0/3] gnutls " Armin Kuster
2015-06-09 19:30 ` [PATCH 2/3] gnutls: " Armin Kuster
2015-06-04 19:37 [PATCH 0/3] Gntls update to 4.3.1 Armin Kuster
2015-06-04 19:37 ` [PATCH 2/3] gnutls: update to 3.4.1 Armin Kuster
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox