From patchwork Wed Aug 21 18:45:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8039 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4WpwJ90TlVz3x41 for ; Wed, 21 Aug 2024 18:45:29 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4WpwJ50n6mz4Yg; Wed, 21 Aug 2024 18:45:25 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4WpwJ44vWTz3456; Wed, 21 Aug 2024 18:45:24 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4WpwJ25bWQz2ybk for ; Wed, 21 Aug 2024 18:45:22 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4WpwJ246d8z1Hm; Wed, 21 Aug 2024 18:45:22 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1724265922; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fL0wo0GcYmZE1f6ri5YxoRQrD+2PA0njPTTNRZzdSjE=; b=qAuJSmZKk21Np9uMVDnF509VElGIhWkJnQmZDBhA2qqx16tn6n6nIOvr39rzBtsf6oc/5j Cg0CFyq5wssh8WAQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1724265922; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fL0wo0GcYmZE1f6ri5YxoRQrD+2PA0njPTTNRZzdSjE=; b=ET4eKg17DhguiivvGyyUkiKfdJm0tLnIV2WgKuhf1RStrMyGtMRYY+W9FzCDQJdmZDdcnI py5+D/ODMh2UtutMniMGvGrTfcKmByYDeGT+dPD/HMdRvqHTSFxTqfQw7vwjLXTjm7znGB prwChYePaA6aY2Lwvf/i3jNIu7D4xrK8AlyFN8pUhetzDgY8pgkvNzgiOCt87Dyf5UxOeD k7HiN5MCHJ/Hzr9JglP4cZmSbanW7hNtO6Z9JaPP278wkgq9KPBIiEo9L2VLqNPWnpOy8s 19IA3GtsvOdKGzhOWREwQ08MXCnIaCKMxLKrsLjiN7IaXbUE3SWofW+AWoQLbQ== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] gnutls: Update to version 3.8.7 Date: Wed, 21 Aug 2024 20:45:13 +0200 Message-ID: <20240821184516.1906534-2-adolf.belka@ipfire.org> In-Reply-To: <20240821184516.1906534-1-adolf.belka@ipfire.org> References: <20240821184516.1906534-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: GT3USG2ZDSKT4SZQMPK3OUQTWI2XPKAF X-Message-ID-Hash: GT3USG2ZDSKT4SZQMPK3OUQTWI2XPKAF X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 3.8.5 to 3.8.7 - Update of rootfile - Changelog 3.8.7 ** libgnutls: New configure option to compile out DSA support The --disable-dsa configure option has been added to completely disable DSA algorithm support. ** libgnutls: Experimental support for X25519Kyber768Draft00 key exchange in TLS For testing purposes, the hybrid post-quantum key exchange defined in draft-tls-westerbaan-xyber768d00 has been implemented using liboqs. Since the algorithm is still not finalized, the support of this key exchange is disabled by default and can be enabled with the --with-liboqs configure option. 3.8.6 ** libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12 To be compliant with FIPS 140-3, PKCS#12 files with MAC based on PBKDF2 (PBMAC1) is now supported, according to the specification proposed in draft-ietf-lamps-pkcs12-pbmac1. ** libgnutls: SHA3 extendable output functions (XOF) are now supported SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new public API gnutls_hash_squeeze. ** API and ABI modifications: gnutls_pkcs12_generate_mac3: New function gnutls_pkcs12_flags_t: New enum gnutls_hash_squeeze: New function Signed-off-by: Adolf Belka --- config/rootfiles/common/gnutls | 22 +++------------------- lfs/gnutls | 4 ++-- 2 files changed, 5 insertions(+), 21 deletions(-) diff --git a/config/rootfiles/common/gnutls b/config/rootfiles/common/gnutls index 6a5d1a3bf..6707e8290 100644 --- a/config/rootfiles/common/gnutls +++ b/config/rootfiles/common/gnutls @@ -32,7 +32,7 @@ usr/lib/libgnutls-dane.so.0.4.1 #usr/lib/libgnutls.la #usr/lib/libgnutls.so usr/lib/libgnutls.so.30 -usr/lib/libgnutls.so.30.39.0 +usr/lib/libgnutls.so.30.40.1 #usr/lib/libgnutlsxx.la #usr/lib/libgnutlsxx.so usr/lib/libgnutlsxx.so.30 @@ -68,24 +68,6 @@ usr/lib/libgnutlsxx.so.30.0.0 #usr/share/info/gnutls.info-6 #usr/share/info/gnutls.info-7 #usr/share/info/pkcs11-vision.png -#usr/share/locale/cs/LC_MESSAGES/gnutls.mo -#usr/share/locale/de/LC_MESSAGES/gnutls.mo -#usr/share/locale/eo/LC_MESSAGES/gnutls.mo -#usr/share/locale/es/LC_MESSAGES/gnutls.mo -#usr/share/locale/fi/LC_MESSAGES/gnutls.mo -#usr/share/locale/fr/LC_MESSAGES/gnutls.mo -#usr/share/locale/it/LC_MESSAGES/gnutls.mo -#usr/share/locale/ka/LC_MESSAGES/gnutls.mo -#usr/share/locale/ms/LC_MESSAGES/gnutls.mo -#usr/share/locale/nl/LC_MESSAGES/gnutls.mo -#usr/share/locale/pl/LC_MESSAGES/gnutls.mo -#usr/share/locale/pt_BR/LC_MESSAGES/gnutls.mo -#usr/share/locale/ro/LC_MESSAGES/gnutls.mo -#usr/share/locale/sr/LC_MESSAGES/gnutls.mo -#usr/share/locale/sv/LC_MESSAGES/gnutls.mo -#usr/share/locale/uk/LC_MESSAGES/gnutls.mo -#usr/share/locale/vi/LC_MESSAGES/gnutls.mo -#usr/share/locale/zh_CN/LC_MESSAGES/gnutls.mo #usr/share/man/man1/certtool.1 #usr/share/man/man1/danetool.1 #usr/share/man/man1/gnutls-cli-debug.1 @@ -368,6 +350,7 @@ usr/lib/libgnutlsxx.so.30.0.0 #usr/share/man/man3/gnutls_hash_get_len.3 #usr/share/man/man3/gnutls_hash_init.3 #usr/share/man/man3/gnutls_hash_output.3 +#usr/share/man/man3/gnutls_hash_squeeze.3 #usr/share/man/man3/gnutls_heartbeat_allowed.3 #usr/share/man/man3/gnutls_heartbeat_enable.3 #usr/share/man/man3/gnutls_heartbeat_get_timeout.3 @@ -564,6 +547,7 @@ usr/lib/libgnutlsxx.so.30.0.0 #usr/share/man/man3/gnutls_pkcs12_export2.3 #usr/share/man/man3/gnutls_pkcs12_generate_mac.3 #usr/share/man/man3/gnutls_pkcs12_generate_mac2.3 +#usr/share/man/man3/gnutls_pkcs12_generate_mac3.3 #usr/share/man/man3/gnutls_pkcs12_get_bag.3 #usr/share/man/man3/gnutls_pkcs12_import.3 #usr/share/man/man3/gnutls_pkcs12_init.3 diff --git a/lfs/gnutls b/lfs/gnutls index 81030e483..596350c3d 100644 --- a/lfs/gnutls +++ b/lfs/gnutls @@ -24,7 +24,7 @@ include Config -VER = 3.8.5 +VER = 3.8.7 THISAPP = gnutls-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 30ea0e213b426df896af7cddfc39a7c50fd3130f99ced8386dc55e851122a37f6171722d2cb4abb68b9d2523cd3ba044b01248d740571a3bdd0cadf555894cdf +$(DL_FILE)_BLAKE2 = 900019c5f53d6c81c2761d02008a1bd7651bf4e70043d2a74f1fca0c3cda3c3c8c87a1f9dfc090517e875e9861b6ad9dd251f8121135aeaee209b54c2538ade0 install : $(TARGET)