From 48e70d7c1590140d06b4d40c9cb96211b46e3149 Mon Sep 17 00:00:00 2001
From: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Date: Wed, 6 Jul 2016 22:53:45 -0400
Subject: [PATCH] contrib: require version 3.4.14 of gnutls
gnutls 3.4.14 has just been released.
This release contains our DTLS patch, so this patch
set this version as minimum and removes the DTLS patch.
As gnutls is updated, this patch removes also the build force
on nettle, removes deprecated format-security patch and
disable non-suitb curves to let gnutls link with some system
provided nettle (like on Fedora).
Change-Id: I073b7409138310c1d749e5ef5a9ddd3937dc1d4a
Tuleap: #783
---
contrib/src/gnutls/SHA512SUMS | 2 +-
contrib/src/gnutls/dtls-packet-reordering.patch | 5 -----
contrib/src/gnutls/format-security.patch | 6 ------
contrib/src/gnutls/rules.mak | 8 +++-----
contrib/src/nettle/rules.mak | 9 +++------
5 files changed, 7 insertions(+), 23 deletions(-)
delete mode 100644 contrib/src/gnutls/dtls-packet-reordering.patch
delete mode 100644 contrib/src/gnutls/format-security.patch
diff --git a/contrib/src/gnutls/SHA512SUMS b/contrib/src/gnutls/SHA512SUMS
index 5c136299a0..7292832e42 100644
--- a/contrib/src/gnutls/SHA512SUMS
+++ b/contrib/src/gnutls/SHA512SUMS
@@ -1 +1 @@
-e5cd60240ebbcac9d8f7c28fdbf023a499e3c58a352a43c24d075b248a0a903161b1745641bf263519293c0014424cc23dbb67274c8934aaf273a523ad0a2925 gnutls-3.4.10.tar.xz
+d75f6b4dea2dc742cd7f60ee0ee540d41b69991aaa937ca0138cfdf4a1e0dfaaa3863464303bfa5799e14ee02de252f71c59a7a9e57b96ff8af653e419edfd4e gnutls-3.4.14.tar.xz
diff --git a/contrib/src/gnutls/dtls-packet-reordering.patch b/contrib/src/gnutls/dtls-packet-reordering.patch
deleted file mode 100644
index 24a474aa68..0000000000
--- a/contrib/src/gnutls/dtls-packet-reordering.patch
+++ /dev/null
@@ -1,5 +0,0 @@
---- a/lib/gnutls_buffers.c
-+++ b/lib/gnutls_buffers.c
-@@ -1033 +1033 @@
-- && hsk->end_offset >=
-+ && hsk->end_offset + 1 >=
diff --git a/contrib/src/gnutls/format-security.patch b/contrib/src/gnutls/format-security.patch
deleted file mode 100644
index b0b4f322d0..0000000000
--- a/contrib/src/gnutls/format-security.patch
+++ /dev/null
@@ -1,6 +0,0 @@
-diff -rU0 gnutls-old/lib/x509/ocsp_output.c gnutls/lib/x509/ocsp_output.c
---- gnutls-old/lib/x509/ocsp_output.c
-+++ gnutls/lib/x509/ocsp_output.c
-@@ -289 +289 @@
-- addf(str, _("\tResponder Key ID: "));
-+ adds(str, _("\tResponder Key ID: "));
diff --git a/contrib/src/gnutls/rules.mak b/contrib/src/gnutls/rules.mak
index 58fbd7586f..e7c2280069 100644
--- a/contrib/src/gnutls/rules.mak
+++ b/contrib/src/gnutls/rules.mak
@@ -1,11 +1,10 @@
# GnuTLS
-GNUTLS_VERSION := 3.4.10
+GNUTLS_VERSION := 3.4.14
GNUTLS_URL := ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-$(GNUTLS_VERSION).tar.xz
PKGS += gnutls
-# We need at least the 3.4.10, but DTLS handshake re-ordered packet fix is only available since 3.4.14
-# So we patch the 3.4.10 until official release of 3.4.14
+
ifeq ($(call need_pkg,"gnutls >= 3.4.14"),)
PKGS_FOUND += gnutls
endif
@@ -33,8 +32,6 @@ endif
ifndef HAVE_IOS
$(APPLY) $(SRC)/gnutls/mac-keychain-lookup.patch
endif
- $(APPLY) $(SRC)/gnutls/format-security.patch
- $(APPLY) $(SRC)/gnutls/dtls-packet-reordering.patch
$(call pkg_static,"lib/gnutls.pc.in")
$(UPDATE_AUTOCONFIG)
$(MOVE)
@@ -52,6 +49,7 @@ GNUTLS_CONF := \
--disable-nls \
--disable-dtls-srtp-support \
--without-libintl-prefix \
+ --disable-non-suiteb-curves \
$(HOSTCONF)
ifdef HAVE_ANDROID
diff --git a/contrib/src/nettle/rules.mak b/contrib/src/nettle/rules.mak
index 888570e3a5..6db034f715 100644
--- a/contrib/src/nettle/rules.mak
+++ b/contrib/src/nettle/rules.mak
@@ -5,12 +5,9 @@ NETTLE_URL := $(GNU)/nettle/nettle-$(NETTLE_VERSION).tar.gz
PKGS += nettle
-# TEMPORARY DISABLED
-# Force nettle contrib until gnutls major patches are upstream and released
-# See gnutls rules.mak for more information
-#ifeq ($(call need_pkg,"nettle >= 3.1"),)
-#PKGS_FOUND += nettle
-#endif
+ifeq ($(call need_pkg,"nettle >= 3.1"),)
+PKGS_FOUND += nettle
+endif
$(TARBALLS)/nettle-$(NETTLE_VERSION).tar.gz:
$(call download,$(NETTLE_URL))
--
GitLab