diff options
| author |   Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> | 2009-05-19 13:54:10 +0000 |
|---|---|---|
| committer | Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> | 2009-05-19 13:54:10 +0000 |
| commit | d7cd907da7b4cfdcae07fd0b32b2f7fb46818a82 (patch) | |
| tree | e77ee270e50bb44ba6c8b38ec7f76ee285fe8c7b /net-libs | |
| parent | Add cppserv-0.2.10 (diff) | |
| download | gentoo-2-d7cd907da7b4cfdcae07fd0b32b2f7fb46818a82.tar.gz gentoo-2-d7cd907da7b4cfdcae07fd0b32b2f7fb46818a82.tar.bz2 gentoo-2-d7cd907da7b4cfdcae07fd0b32b2f7fb46818a82.zip | |
Version bump.
(Portage version: 13623-svn/cvs/Linux x86_64)
Diffstat (limited to 'net-libs')
| -rw-r--r-- | net-libs/gnutls/ChangeLog | 12 | ||||
| -rw-r--r-- | net-libs/gnutls/files/CVE-2009-1415.patch | 19 | ||||
| -rw-r--r-- | net-libs/gnutls/files/CVE-2009-1416.patch | 13 | ||||
| -rw-r--r-- | net-libs/gnutls/files/CVE-2009-1417.patch | 90 | ||||
| -rw-r--r-- | net-libs/gnutls/files/gnutls-2.6.0-openpgp-selftest.patch | 14 | ||||
| -rw-r--r-- | net-libs/gnutls/files/gnutls-2.7.8-lzo.patch | 16 | ||||
| -rw-r--r-- | net-libs/gnutls/gnutls-2.6.4.ebuild | 85 | ||||
| -rw-r--r-- | net-libs/gnutls/gnutls-2.6.5-r1.ebuild | 93 | ||||
| -rw-r--r-- | net-libs/gnutls/gnutls-2.6.5.ebuild | 86 | ||||
| -rw-r--r-- | net-libs/gnutls/gnutls-2.7.11.ebuild (renamed from net-libs/gnutls/gnutls-2.7.8.ebuild) | 6 |
10 files changed, 13 insertions, 421 deletions
diff --git a/net-libs/gnutls/ChangeLog b/net-libs/gnutls/ChangeLog index 2ca3aeadcb45..c92c25baabff 100644 --- a/net-libs/gnutls/ChangeLog +++ b/net-libs/gnutls/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for net-libs/gnutls # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/ChangeLog,v 1.197 2009/05/15 22:59:46 arfrever Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/ChangeLog,v 1.198 2009/05/19 13:54:09 arfrever Exp $ + +*gnutls-2.7.11 (19 May 2009) + + 19 May 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> + -files/gnutls-2.6.0-openpgp-selftest.patch, -gnutls-2.6.4.ebuild, + -gnutls-2.6.5.ebuild, -gnutls-2.6.5-r1.ebuild, -gnutls-2.7.8.ebuild, + -files/gnutls-2.7.8-lzo.patch, +gnutls-2.7.11.ebuild, + -files/CVE-2009-1415.patch, -files/CVE-2009-1416.patch, + -files/CVE-2009-1417.patch: + Version bump. *gnutls-2.7.10 (15 May 2009) diff --git a/net-libs/gnutls/files/CVE-2009-1415.patch b/net-libs/gnutls/files/CVE-2009-1415.patch deleted file mode 100644 index 552775c59bfe..000000000000 --- a/net-libs/gnutls/files/CVE-2009-1415.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- pk-libgcrypt.c- 2009-04-23 10:59:06.000000000 +0200 -+++ pk-libgcrypt.c 2009-04-23 18:32:17.000000000 +0200 -@@ -418,7 +418,7 @@ - const gnutls_datum_t * signature, - const gnutls_pk_params_st * pk_params) - { -- gcry_sexp_t s_sig, s_hash, s_pkey; -+ gcry_sexp_t s_sig = NULL, s_hash = NULL, s_pkey = NULL; - int rc = -1, ret; - bigint_t hash; - bigint_t tmp[2] = { NULL, NULL }; -@@ -511,6 +511,7 @@ - gcry_sexp_release (s_sig); - gcry_sexp_release (s_hash); - gcry_sexp_release (s_pkey); -+ s_hash = s_pkey = s_sig = NULL; - - if (rc != 0) - { diff --git a/net-libs/gnutls/files/CVE-2009-1416.patch b/net-libs/gnutls/files/CVE-2009-1416.patch deleted file mode 100644 index ebc540592820..000000000000 --- a/net-libs/gnutls/files/CVE-2009-1416.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c -index 1015c3a..a08349b 100644 ---- a/lib/gnutls_pk.c -+++ b/lib/gnutls_pk.c -@@ -529,7 +529,7 @@ _generate_params (int algo, bigint_t * resarr, unsigned int *resarr_len, - int ret; - unsigned int i; - -- ret = _gnutls_pk_ops.generate (GNUTLS_PK_RSA, bits, ¶ms); -+ ret = _gnutls_pk_ops.generate (algo, bits, ¶ms); - - if (ret < 0) - { diff --git a/net-libs/gnutls/files/CVE-2009-1417.patch b/net-libs/gnutls/files/CVE-2009-1417.patch deleted file mode 100644 index 859c4a632a5c..000000000000 --- a/net-libs/gnutls/files/CVE-2009-1417.patch +++ /dev/null @@ -1,90 +0,0 @@ -Index: gnutls-2.6.5/includes/gnutls/gnutls.h.in -=================================================================== ---- gnutls-2.6.5.orig/includes/gnutls/gnutls.h.in -+++ gnutls-2.6.5/includes/gnutls/gnutls.h.in -@@ -251,7 +251,13 @@ extern "C" - */ - GNUTLS_CERT_SIGNER_NOT_FOUND = 64, - GNUTLS_CERT_SIGNER_NOT_CA = 128, -- GNUTLS_CERT_INSECURE_ALGORITHM = 256 -+ GNUTLS_CERT_INSECURE_ALGORITHM = 256, -+ -+ /* Time verification. -+ */ -+ GNUTLS_CERT_NOT_ACTIVATED = 512, -+ GNUTLS_CERT_EXPIRED = 1024 -+ - } gnutls_certificate_status_t; - - typedef enum -Index: gnutls-2.6.5/includes/gnutls/x509.h -=================================================================== ---- gnutls-2.6.5.orig/includes/gnutls/x509.h -+++ gnutls-2.6.5/includes/gnutls/x509.h -@@ -481,7 +481,13 @@ extern "C" - - /* Allow certificates to be signed using the broken MD5 algorithm. - */ -- GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32 -+ GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, -+ -+ /* Disable checking of activation and expiration validity -+ * periods of certificate chains. Don't set this unless you -+ * understand the security implications. -+ */ -+ GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64 - } gnutls_certificate_verify_flags; - - int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, -Index: gnutls-2.6.5/lib/x509/verify.c -=================================================================== ---- gnutls-2.6.5.orig/lib/x509/verify.c -+++ gnutls-2.6.5/lib/x509/verify.c -@@ -493,6 +493,32 @@ _gnutls_x509_verify_certificate (const g - } - #endif - -+ /* Check activation/expiration times -+ */ -+ if (!(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) -+ { -+ time_t t, now = time (0); -+ -+ for (i = 0; i < clist_size; i++) -+ { -+ t = gnutls_x509_crt_get_activation_time (certificate_list[i]); -+ if (t == (time_t) -1 || now < t) -+ { -+ status |= GNUTLS_CERT_NOT_ACTIVATED; -+ status |= GNUTLS_CERT_INVALID; -+ return status; -+ } -+ -+ t = gnutls_x509_crt_get_expiration_time (certificate_list[i]); -+ if (t == (time_t) -1 || now > t) -+ { -+ status |= GNUTLS_CERT_EXPIRED; -+ status |= GNUTLS_CERT_INVALID; -+ return status; -+ } -+ } -+ } -+ - /* Verify the certificate path (chain) - */ - for (i = clist_size - 1; i > 0; i--) -Index: gnutls-2.6.5/src/common.c -=================================================================== ---- gnutls-2.6.5.orig/src/common.c -+++ gnutls-2.6.5/src/common.c -@@ -427,6 +427,10 @@ print_cert_vrfy (gnutls_session_t sessio - { - if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) - printf ("- Peer's certificate issuer is unknown\n"); -+ if (status & GNUTLS_CERT_NOT_ACTIVATED) -+ printf ("- Peer's certificate chain uses not yet valid certificate\n"); -+ if (status & GNUTLS_CERT_EXPIRED) -+ printf ("- Peer's certificate chain uses expired certificate\n"); - if (status & GNUTLS_CERT_INVALID) - printf ("- Peer's certificate is NOT trusted\n"); - else diff --git a/net-libs/gnutls/files/gnutls-2.6.0-openpgp-selftest.patch b/net-libs/gnutls/files/gnutls-2.6.0-openpgp-selftest.patch deleted file mode 100644 index 661ca87bfffe..000000000000 --- a/net-libs/gnutls/files/gnutls-2.6.0-openpgp-selftest.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- tests/openpgp/Makefile.am.orig 2009-01-10 11:48:55.000000000 +1100 -+++ tests/openpgp/Makefile.am 2009-01-10 11:49:13.000000000 +1100 -@@ -30,10 +30,7 @@ - - AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_builddir)/includes \ - -I$(top_srcdir)/tests --LDADD = -L$(top_builddir)/libextra -lgnutls-extra \ -- -L$(top_builddir)/lib -lgnutls \ -- -L$(top_builddir)/tests -lutils -- -+LDADD = ../lib/libgnutls.la ../lib/libgnutls-extra.la ../libutils.la - else - - EXTRA_DIST = $(openpgp_sources) diff --git a/net-libs/gnutls/files/gnutls-2.7.8-lzo.patch b/net-libs/gnutls/files/gnutls-2.7.8-lzo.patch deleted file mode 100644 index 5b0d280281f9..000000000000 --- a/net-libs/gnutls/files/gnutls-2.7.8-lzo.patch +++ /dev/null @@ -1,16 +0,0 @@ -http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=e7eeb6c7c94cf838b3b199d4d7ec5aa1b6e1f656 - ---- lib/libgnutls.map -+++ lib/libgnutls.map -@@ -582,6 +582,11 @@ - _gnutls_read_uint24; - _gnutls_get_cred; - _gnutls_recv_int; -+ # Internal symbols needed by libgnutls-extra for LZO: -+ _gnutls_compression_algorithms; -+ _gnutls_comp_algorithms_size; -+ _gnutls_lzo1x_decompress_safe; -+ _gnutls_lzo1x_1_compress; - # Internal symbols needed by libgnutls-openssl: - _gnutls_pkix1_asn; - _gnutls_x509_parse_dn_oid; diff --git a/net-libs/gnutls/gnutls-2.6.4.ebuild b/net-libs/gnutls/gnutls-2.6.4.ebuild deleted file mode 100644 index 0b8351cd3818..000000000000 --- a/net-libs/gnutls/gnutls-2.6.4.ebuild +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/gnutls-2.6.4.ebuild,v 1.6 2009/04/11 14:08:29 armin76 Exp $ - -EAPI="2" -inherit eutils libtool autotools - -DESCRIPTION="A TLS 1.0 and SSL 3.0 implementation for the GNU project" -HOMEPAGE="http://www.gnutls.org/" - -MINOR_VERSION="${PV#*.}" -MINOR_VERSION="${MINOR_VERSION%.*}" -if [[ $((MINOR_VERSION % 2)) == 0 ]] ; then - #SRC_URI="ftp://ftp.gnu.org/pub/gnu/${PN}/${P}.tar.bz2" - SRC_URI="mirror://gnu/${PN}/${P}.tar.bz2" -else - SRC_URI="ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.bz2" -fi -unset MINOR_VERSION - -# GPL-3 for the gnutls-extras library and LGPL for the gnutls library. -LICENSE="LGPL-2.1 GPL-3" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="bindist +cxx doc guile lzo nls zlib" - -RDEPEND="dev-libs/libgpg-error - >=dev-libs/libgcrypt-1.4.0 - >=dev-libs/libtasn1-0.3.4 - nls? ( virtual/libintl ) - guile? ( dev-scheme/guile[networking] ) - zlib? ( >=sys-libs/zlib-1.1 ) - !bindist? ( lzo? ( >=dev-libs/lzo-2 ) )" -DEPEND="${RDEPEND} - sys-devel/libtool - doc? ( dev-util/gtk-doc ) - nls? ( sys-devel/gettext )" - -pkg_setup() { - if use lzo && use bindist; then - ewarn "lzo support was disabled for binary distribution of gnutls" - ewarn "due to licensing issues. See Bug 202381 for details." - epause 5 - fi -} - -src_prepare() { - for dir in m4 lib/m4 libextra/m4 ; do - rm -f ${dir}/lt* ${dir}/libtool.m4 - done - find . -name ltmain.sh -exec rm {} \; - - # the below patch is in 2.7.* as per - # https://savannah.gnu.org/support/?106542 - epatch "${FILESDIR}"/gnutls-2.6.0-cxx-configure.in.patch - epatch "${FILESDIR}"/gnutls-2.6.0-openpgp-selftest.patch - - eautoreconf - - elibtoolize # for sane .so versioning on FreeBSD -} - -src_configure() { - local myconf - use bindist && myconf="--without-lzo" || myconf="$(use_with lzo)" - econf \ - $(use_with zlib) \ - $(use_enable nls) \ - $(use_enable guile) \ - $(use_enable cxx) \ - $(use_enable doc gtk-doc) \ - ${myconf} -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - - dodoc AUTHORS ChangeLog NEWS README THANKS doc/TODO - - if use doc ; then - dodoc doc/README.autoconf doc/tex/gnutls.ps - docinto examples - dodoc doc/examples/*.c - fi -} diff --git a/net-libs/gnutls/gnutls-2.6.5-r1.ebuild b/net-libs/gnutls/gnutls-2.6.5-r1.ebuild deleted file mode 100644 index 874b6dc2417e..000000000000 --- a/net-libs/gnutls/gnutls-2.6.5-r1.ebuild +++ /dev/null @@ -1,93 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/gnutls-2.6.5-r1.ebuild,v 1.3 2009/05/01 10:33:54 dragonheart Exp $ - -EAPI="2" -inherit autotools eutils libtool - -DESCRIPTION="A TLS 1.0 and SSL 3.0 implementation for the GNU project" -HOMEPAGE="http://www.gnutls.org/" - -MINOR_VERSION="${PV#*.}" -MINOR_VERSION="${MINOR_VERSION%.*}" -if [[ $((MINOR_VERSION % 2)) == 0 ]] ; then - #SRC_URI="ftp://ftp.gnu.org/pub/gnu/${PN}/${P}.tar.bz2" - SRC_URI="mirror://gnu/${PN}/${P}.tar.bz2" -else - SRC_URI="ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.bz2" -fi -unset MINOR_VERSION - -# GPL-3 for the gnutls-extras library and LGPL for the gnutls library. -LICENSE="LGPL-2.1 GPL-3" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" -IUSE="bindist +cxx doc guile lzo nls zlib" - -RDEPEND="dev-libs/libgpg-error - >=dev-libs/libgcrypt-1.4.0 - >=dev-libs/libtasn1-0.3.4 - nls? ( virtual/libintl ) - guile? ( dev-scheme/guile[networking] ) - zlib? ( >=sys-libs/zlib-1.1 ) - !bindist? ( lzo? ( >=dev-libs/lzo-2 ) )" -DEPEND="${RDEPEND} - sys-devel/libtool - doc? ( dev-util/gtk-doc ) - nls? ( sys-devel/gettext )" - -pkg_setup() { - if use lzo && use bindist; then - ewarn "lzo support was disabled for binary distribution of gnutls" - ewarn "due to licensing issues. See Bug 202381 for details." - epause 5 - fi -} - -src_prepare() { - # old libtool compatibility #245544 - local dir - for dir in m4 lib/m4 libextra/m4 ; do - rm -f ${dir}/lt* ${dir}/libtool.m4 - done - find . -name ltmain.sh -exec rm {} \; - - # the below patch is in 2.7.* as per - # https://savannah.gnu.org/support/?106542 - epatch "${FILESDIR}"/gnutls-2.6.0-cxx-configure.in.patch - epatch "${FILESDIR}"/gnutls-2.6.0-openpgp-selftest.patch - - pushd lib - epatch "${FILESDIR}"/CVE-2009-1415.patch - epatch "${FILESDIR}"/CVE-2009-1416.patch - popd - epatch "${FILESDIR}"/CVE-2009-1417.patch - - eautoreconf - - elibtoolize # for sane .so versioning on FreeBSD -} - -src_configure() { - local myconf - use bindist && myconf="--without-lzo" || myconf="$(use_with lzo)" - econf \ - $(use_enable cxx) \ - $(use_enable doc gtk-doc) \ - $(use_enable guile) \ - $(use_enable nls) \ - $(use_with zlib) \ - ${myconf} -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - - dodoc AUTHORS ChangeLog NEWS README THANKS doc/TODO - - if use doc ; then - dodoc doc/README.autoconf doc/tex/gnutls.ps - docinto examples - dodoc doc/examples/*.c - fi -} diff --git a/net-libs/gnutls/gnutls-2.6.5.ebuild b/net-libs/gnutls/gnutls-2.6.5.ebuild deleted file mode 100644 index e8fb96912301..000000000000 --- a/net-libs/gnutls/gnutls-2.6.5.ebuild +++ /dev/null @@ -1,86 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/gnutls-2.6.5.ebuild,v 1.1 2009/04/12 18:07:52 arfrever Exp $ - -EAPI="2" -inherit autotools eutils libtool - -DESCRIPTION="A TLS 1.0 and SSL 3.0 implementation for the GNU project" -HOMEPAGE="http://www.gnutls.org/" - -MINOR_VERSION="${PV#*.}" -MINOR_VERSION="${MINOR_VERSION%.*}" -if [[ $((MINOR_VERSION % 2)) == 0 ]] ; then - #SRC_URI="ftp://ftp.gnu.org/pub/gnu/${PN}/${P}.tar.bz2" - SRC_URI="mirror://gnu/${PN}/${P}.tar.bz2" -else - SRC_URI="ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.bz2" -fi -unset MINOR_VERSION - -# GPL-3 for the gnutls-extras library and LGPL for the gnutls library. -LICENSE="LGPL-2.1 GPL-3" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" -IUSE="bindist +cxx doc guile lzo nls zlib" - -RDEPEND="dev-libs/libgpg-error - >=dev-libs/libgcrypt-1.4.0 - >=dev-libs/libtasn1-0.3.4 - nls? ( virtual/libintl ) - guile? ( dev-scheme/guile[networking] ) - zlib? ( >=sys-libs/zlib-1.1 ) - !bindist? ( lzo? ( >=dev-libs/lzo-2 ) )" -DEPEND="${RDEPEND} - sys-devel/libtool - doc? ( dev-util/gtk-doc ) - nls? ( sys-devel/gettext )" - -pkg_setup() { - if use lzo && use bindist; then - ewarn "lzo support was disabled for binary distribution of gnutls" - ewarn "due to licensing issues. See Bug 202381 for details." - epause 5 - fi -} - -src_prepare() { - local dir - for dir in m4 lib/m4 libextra/m4 ; do - rm -f ${dir}/lt* ${dir}/libtool.m4 - done - find . -name ltmain.sh -exec rm {} \; - - # the below patch is in 2.7.* as per - # https://savannah.gnu.org/support/?106542 - epatch "${FILESDIR}"/gnutls-2.6.0-cxx-configure.in.patch - epatch "${FILESDIR}"/gnutls-2.6.0-openpgp-selftest.patch - - eautoreconf - - elibtoolize # for sane .so versioning on FreeBSD -} - -src_configure() { - local myconf - use bindist && myconf="--without-lzo" || myconf="$(use_with lzo)" - econf \ - $(use_enable cxx) \ - $(use_enable doc gtk-doc) \ - $(use_enable guile) \ - $(use_enable nls) \ - $(use_with zlib) \ - ${myconf} -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - - dodoc AUTHORS ChangeLog NEWS README THANKS doc/TODO - - if use doc ; then - dodoc doc/README.autoconf doc/tex/gnutls.ps - docinto examples - dodoc doc/examples/*.c - fi -} diff --git a/net-libs/gnutls/gnutls-2.7.8.ebuild b/net-libs/gnutls/gnutls-2.7.11.ebuild index b0c9c2aa2d97..f2d0e007ae02 100644 --- a/net-libs/gnutls/gnutls-2.7.8.ebuild +++ b/net-libs/gnutls/gnutls-2.7.11.ebuild @@ -1,10 +1,10 @@ # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/gnutls-2.7.8.ebuild,v 1.1 2009/05/04 03:41:49 arfrever Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-libs/gnutls/gnutls-2.7.11.ebuild,v 1.1 2009/05/19 13:54:09 arfrever Exp $ EAPI="2" -inherit autotools eutils libtool +inherit autotools libtool DESCRIPTION="A TLS 1.0 and SSL 3.0 implementation for the GNU project" HOMEPAGE="http://www.gnutls.org/" @@ -46,8 +46,6 @@ pkg_setup() { } src_prepare() { - epatch "${FILESDIR}/${P}-lzo.patch" - local dir for dir in m4 lib/m4 libextra/m4 ; do rm -f "${dir}/lt"* "${dir}/libtool.m4" |