Hello community,
here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2013-11-04 14:58:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gnutls (Old)
and /work/SRC/openSUSE:Factory/.gnutls.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls"
Changes:
--------
--- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2013-10-29 13:52:01.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2013-11-04 14:58:24.000000000 +0100
@@ -1,0 +2,40 @@
+Fri Nov 1 14:39:41 UTC 2013 - shchang@suse.com
+
+- Upgrade to 3.2.6
+
+** libgnutls: Support for TPM via trousers is now enabled by default.
+
+** libgnutls: Camellia in GCM mode has been added in default priorities,
+and GCM mode is prioritized over CBC in all of the default priority strings.
+
+** libgnutls: Added ciphersuite GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384.
+
+** libgnutls: Fixed ciphersuites
+GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384,
+GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 and
+GNUTLS_PSK_CAMELLIA_128_GCM_SHA256. Reported by Stefan Buehler.
+
+** libgnutls: Added support for ISO OID for RSA-SHA1 signatures.
+
+** libgnutls: Minimum acceptable DH group parameters were increased to
+767 bits from 727.
+
+** libgnutls: Added function to obtain random data from PKCS #11 tokens.
+Contributed by Wolfgang Meyer zu Bergsten.
+
+** gnulib: updated.
+
+** libdane: Fixed a one-off bug in dane_query_tlsa() introduced by the
+previous fix. Reported by Tomas Mraz.
+
+** p11tool: Added option generate-random.
+
+** API and ABI modifications:
+gnutls_pkcs11_token_get_random: Added
+
+Add: gnutls-3.2.6-noecc.patch, gnutls-3.2.6.tar.xz, gnutls-3.2.6.tar.xz.sig
+
+Delete: gnutls-3.2.6-noecc.patch, gnutls-3.2.5.tar.xz, gnutls-3.2.5.tar.xz.sig,
+make-obs-happy-with-gnutls_3.2.5.patch
+
+-------------------------------------------------------------------
Old:
----
gnutls-3.2.5-noecc.patch
gnutls-3.2.5.tar.xz
gnutls-3.2.5.tar.xz.sig
make-obs-happy-with-gnutls_3.2.5.patch
New:
----
gnutls-3.2.6-noecc.patch
gnutls-3.2.6.tar.xz
gnutls-3.2.6.tar.xz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gnutls.spec ++++++
--- /var/tmp/diff_new_pack.fbQycC/_old 2013-11-04 14:58:30.000000000 +0100
+++ /var/tmp/diff_new_pack.fbQycC/_new 2013-11-04 14:58:30.000000000 +0100
@@ -21,7 +21,7 @@
%define gnutls_ossl_sover 27
Name: gnutls
-Version: 3.2.5
+Version: 3.2.6
Release: 0
Summary: The GNU Transport Layer Security Library
License: LGPL-2.1+ and GPL-3.0+
@@ -37,9 +37,8 @@
Patch3: gnutls-3.0.26-skip-test-fwrite.patch
# Disable elliptic curves for reasons. - meissner&cfarrell
-Patch5: gnutls-3.2.5-noecc.patch
+Patch5: gnutls-3.2.6-noecc.patch
Patch6: gnutls-implement-trust-store-dir.diff
-Patch7: make-obs-happy-with-gnutls_3.2.5.patch
BuildRequires: automake
BuildRequires: gcc-c++
@@ -141,7 +140,6 @@
%patch3
%patch5 -p1
%patch6 -p1
-%patch7 -p1
%build
autoreconf -if
++++++ gnutls-3.2.5-noecc.patch -> gnutls-3.2.6-noecc.patch ++++++
--- /work/SRC/openSUSE:Factory/gnutls/gnutls-3.2.5-noecc.patch 2013-10-29 13:52:01.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls-3.2.6-noecc.patch 2013-11-04 14:58:24.000000000 +0100
@@ -1,7 +1,7 @@
-Index: gnutls-3.2.5/lib/algorithms/publickey.c
+Index: gnutls-3.2.6/lib/algorithms/publickey.c
===================================================================
---- gnutls-3.2.5.orig/lib/algorithms/publickey.c
-+++ gnutls-3.2.5/lib/algorithms/publickey.c
+--- gnutls-3.2.6.orig/lib/algorithms/publickey.c
++++ gnutls-3.2.6/lib/algorithms/publickey.c
@@ -49,8 +49,10 @@ static const gnutls_pk_map pk_mappings[]
{GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
{GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
@@ -13,7 +13,7 @@
{GNUTLS_KX_DHE_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
{GNUTLS_KX_SRP_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
{GNUTLS_KX_RSA_PSK, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
-@@ -97,7 +99,9 @@ static const gnutls_pk_entry pk_algorith
+@@ -98,7 +100,9 @@ static const gnutls_pk_entry pk_algorith
{"DSA", PK_DSA_OID, GNUTLS_PK_DSA},
{"GOST R 34.10-2001", PK_GOST_R3410_2001_OID, GNUTLS_PK_UNKNOWN},
{"GOST R 34.10-94", PK_GOST_R3410_94_OID, GNUTLS_PK_UNKNOWN},
@@ -23,10 +23,10 @@
{0, 0, 0}
};
-Index: gnutls-3.2.5/lib/auth/cert.c
+Index: gnutls-3.2.6/lib/auth/cert.c
===================================================================
---- gnutls-3.2.5.orig/lib/auth/cert.c
-+++ gnutls-3.2.5/lib/auth/cert.c
+--- gnutls-3.2.6.orig/lib/auth/cert.c
++++ gnutls-3.2.6/lib/auth/cert.c
@@ -63,7 +63,11 @@ static gnutls_privkey_t alloc_and_load_p
key, int deinit);
#endif
@@ -60,10 +60,10 @@
ret = _gnutls_buffer_append_data (data, tmp_data, CERTTYPE_SIZE);
if (ret < 0)
-Index: gnutls-3.2.5/lib/auth/dhe_psk.c
+Index: gnutls-3.2.6/lib/auth/dhe_psk.c
===================================================================
---- gnutls-3.2.5.orig/lib/auth/dhe_psk.c
-+++ gnutls-3.2.5/lib/auth/dhe_psk.c
+--- gnutls-3.2.6.orig/lib/auth/dhe_psk.c
++++ gnutls-3.2.6/lib/auth/dhe_psk.c
@@ -92,6 +92,7 @@ const mod_auth_st ecdhe_psk_auth_struct
};
#endif
@@ -128,10 +128,10 @@
+#endif
#endif /* ENABLE_PSK */
-Index: gnutls-3.2.5/lib/ext/ecc.c
+Index: gnutls-3.2.6/lib/ext/ecc.c
===================================================================
---- gnutls-3.2.5.orig/lib/ext/ecc.c
-+++ gnutls-3.2.5/lib/ext/ecc.c
+--- gnutls-3.2.6.orig/lib/ext/ecc.c
++++ gnutls-3.2.6/lib/ext/ecc.c
@@ -35,7 +35,7 @@
/* Maps record size to numbers according to the
* extensions draft.
@@ -146,10 +146,10 @@
return GNUTLS_E_ECC_UNSUPPORTED_CURVE;
}
+#endif
-Index: gnutls-3.2.5/lib/gnutls_extensions.c
+Index: gnutls-3.2.6/lib/gnutls_extensions.c
===================================================================
---- gnutls-3.2.5.orig/lib/gnutls_extensions.c
-+++ gnutls-3.2.5/lib/gnutls_extensions.c
+--- gnutls-3.2.6.orig/lib/gnutls_extensions.c
++++ gnutls-3.2.6/lib/gnutls_extensions.c
@@ -351,6 +351,7 @@ _gnutls_ext_init (void)
if (ret != GNUTLS_E_SUCCESS)
return ret;
@@ -166,10 +166,10 @@
ret = _gnutls_ext_register (&ext_mod_sig);
if (ret != GNUTLS_E_SUCCESS)
-Index: gnutls-3.2.5/lib/gnutls_priority.c
+Index: gnutls-3.2.6/lib/gnutls_priority.c
===================================================================
---- gnutls-3.2.5.orig/lib/gnutls_priority.c
-+++ gnutls-3.2.5/lib/gnutls_priority.c
+--- gnutls-3.2.6.orig/lib/gnutls_priority.c
++++ gnutls-3.2.6/lib/gnutls_priority.c
@@ -245,35 +245,45 @@ gnutls_certificate_type_set_priority (gn
}
@@ -216,7 +216,7 @@
0
};
-@@ -416,51 +426,74 @@ static const int comp_priority[] = {
+@@ -423,51 +433,74 @@ static const int comp_priority[] = {
static const int sign_priority_default[] = {
GNUTLS_SIGN_RSA_SHA256,
GNUTLS_SIGN_DSA_SHA256,
@@ -292,10 +292,10 @@
0
};
-Index: gnutls-3.2.5/lib/nettle/pk.c
+Index: gnutls-3.2.6/lib/nettle/pk.c
===================================================================
---- gnutls-3.2.5.orig/lib/nettle/pk.c
-+++ gnutls-3.2.5/lib/nettle/pk.c
+--- gnutls-3.2.6.orig/lib/nettle/pk.c
++++ gnutls-3.2.6/lib/nettle/pk.c
@@ -146,6 +146,7 @@ static int _wrap_nettle_pk_derive(gnutls
switch (algo)
@@ -376,10 +376,10 @@
default:
ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
}
-Index: gnutls-3.2.5/tests/cert-tests/dane
+Index: gnutls-3.2.6/tests/cert-tests/dane
===================================================================
---- gnutls-3.2.5.orig/tests/cert-tests/dane
-+++ gnutls-3.2.5/tests/cert-tests/dane
+--- gnutls-3.2.6.orig/tests/cert-tests/dane
++++ gnutls-3.2.6/tests/cert-tests/dane
@@ -22,6 +22,8 @@
set -e
@@ -388,11 +388,11 @@
+
srcdir=${srcdir:-.}
DANETOOL=${DANETOOL:-../../src/danetool$EXEEXT}
-
-Index: gnutls-3.2.5/tests/dtls/dtls-nb
+ DIFF=${DIFF:-diff}
+Index: gnutls-3.2.6/tests/dtls/dtls-nb
===================================================================
---- gnutls-3.2.5.orig/tests/dtls/dtls-nb
-+++ gnutls-3.2.5/tests/dtls/dtls-nb
+--- gnutls-3.2.6.orig/tests/dtls/dtls-nb
++++ gnutls-3.2.6/tests/dtls/dtls-nb
@@ -22,9 +22,7 @@
set -e
@@ -404,10 +404,10 @@
./dtls-stress -nb -shello 021 -sfinished 01 -cfinished 012 SKeyExchange CKeyExchange CFinished
./dtls-stress -nb -shello 012 -sfinished 10 -cfinished 210 SHello SKeyExchange SHelloDone
-Index: gnutls-3.2.5/tests/dtls/dtls
+Index: gnutls-3.2.6/tests/dtls/dtls
===================================================================
---- gnutls-3.2.5.orig/tests/dtls/dtls
-+++ gnutls-3.2.5/tests/dtls/dtls
+--- gnutls-3.2.6.orig/tests/dtls/dtls
++++ gnutls-3.2.6/tests/dtls/dtls
@@ -22,9 +22,7 @@
set -e
@@ -419,10 +419,10 @@
./dtls-stress -shello 021 -sfinished 01 -cfinished 012 SKeyExchange CKeyExchange CFinished
./dtls-stress -shello 012 -sfinished 10 -cfinished 210 SHello SKeyExchange SHelloDone
-Index: gnutls-3.2.5/tests/ecdsa/ecdsa
+Index: gnutls-3.2.6/tests/ecdsa/ecdsa
===================================================================
---- gnutls-3.2.5.orig/tests/ecdsa/ecdsa
-+++ gnutls-3.2.5/tests/ecdsa/ecdsa
+--- gnutls-3.2.6.orig/tests/ecdsa/ecdsa
++++ gnutls-3.2.6/tests/ecdsa/ecdsa
@@ -22,6 +22,8 @@
#set -e
@@ -432,10 +432,10 @@
srcdir=${srcdir:-.}
CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-Index: gnutls-3.2.5/tests/mini-dtls-heartbeat.c
+Index: gnutls-3.2.6/tests/mini-dtls-heartbeat.c
===================================================================
---- gnutls-3.2.5.orig/tests/mini-dtls-heartbeat.c
-+++ gnutls-3.2.5/tests/mini-dtls-heartbeat.c
+--- gnutls-3.2.6.orig/tests/mini-dtls-heartbeat.c
++++ gnutls-3.2.6/tests/mini-dtls-heartbeat.c
@@ -27,7 +27,7 @@
#include