gnutls/gnutls-3.2.7-suiteb.patch

diff -ur gnutls-3.2.7.orig/lib/algorithms/ecc.c gnutls-3.2.7/lib/algorithms/ecc.c
--- gnutls-3.2.7.orig/lib/algorithms/ecc.c	2013-11-10 18:59:14.000000000 +0100
+++ gnutls-3.2.7/lib/algorithms/ecc.c	2013-11-25 17:22:28.242324562 +0100
@@ -31,20 +31,6 @@
 
 static const gnutls_ecc_curve_entry_st ecc_curves[] = {
 	{
-	 .name = "SECP192R1",
-	 .oid = "1.2.840.10045.3.1.1",
-	 .id = GNUTLS_ECC_CURVE_SECP192R1,
-	 .tls_id = 19,
-	 .size = 24,
-	 },
-	{
-	 .name = "SECP224R1",
-	 .oid = "1.3.132.0.33",
-	 .id = GNUTLS_ECC_CURVE_SECP224R1,
-	 .tls_id = 21,
-	 .size = 28,
-	 },
-	{
 	 .name = "SECP256R1",
 	 .oid = "1.2.840.10045.3.1.7",
 	 .id = GNUTLS_ECC_CURVE_SECP256R1,
diff -ur gnutls-3.2.7.orig/lib/gnutls_priority.c gnutls-3.2.7/lib/gnutls_priority.c
--- gnutls-3.2.7.orig/lib/gnutls_priority.c	2013-11-22 22:27:37.000000000 +0100
+++ gnutls-3.2.7/lib/gnutls_priority.c	2013-11-25 17:22:34.576359546 +0100
@@ -231,8 +231,6 @@
 }
 
 static const int supported_ecc_normal[] = {
-	GNUTLS_ECC_CURVE_SECP192R1,
-	GNUTLS_ECC_CURVE_SECP224R1,
 	GNUTLS_ECC_CURVE_SECP256R1,
 	GNUTLS_ECC_CURVE_SECP384R1,
 	GNUTLS_ECC_CURVE_SECP521R1,
Only in gnutls-3.2.7/lib: gnutls_priority.c~
diff -ur gnutls-3.2.7.orig/lib/nettle/pk.c gnutls-3.2.7/lib/nettle/pk.c
--- gnutls-3.2.7.orig/lib/nettle/pk.c	2013-11-10 18:59:14.000000000 +0100
+++ gnutls-3.2.7/lib/nettle/pk.c	2013-11-25 17:22:28.242324562 +0100
@@ -625,10 +625,6 @@
 static inline const struct ecc_curve *get_supported_curve(int curve)
 {
 	switch (curve) {
-	case GNUTLS_ECC_CURVE_SECP192R1:
-		return &nettle_secp_192r1;
-	case GNUTLS_ECC_CURVE_SECP224R1:
-		return &nettle_secp_224r1;
 	case GNUTLS_ECC_CURVE_SECP256R1:
 		return &nettle_secp_256r1;
 	case GNUTLS_ECC_CURVE_SECP384R1:
diff -ur gnutls-3.2.7.orig/tests/mini-xssl.c gnutls-3.2.7/tests/mini-xssl.c
--- gnutls-3.2.7.orig/tests/mini-xssl.c	2013-11-10 18:59:14.000000000 +0100
+++ gnutls-3.2.7/tests/mini-xssl.c	2013-11-25 17:22:28.243324567 +0100
@@ -27,7 +27,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+/* uses unsupported curves */
+#if 1
 
 int main()
 {
diff -ur gnutls-3.2.7.orig/tests/pkcs12_simple.c gnutls-3.2.7/tests/pkcs12_simple.c
--- gnutls-3.2.7.orig/tests/pkcs12_simple.c	2013-11-10 18:59:14.000000000 +0100
+++ gnutls-3.2.7/tests/pkcs12_simple.c	2013-11-25 17:22:28.243324567 +0100
@@ -48,6 +48,9 @@
 	gnutls_x509_privkey_t pkey;
 	int ret;
 
+	/* uses unsupported curves */
+	exit(77);
+
 	ret = global_init();
 	if (ret < 0)
 		fail("global_init failed %d\n", ret);
Updated to 3.2.7 2013-11-25 16:19:57 +00:00			`diff -ur gnutls-3.2.7.orig/lib/algorithms/ecc.c gnutls-3.2.7/lib/algorithms/ecc.c`
			`--- gnutls-3.2.7.orig/lib/algorithms/ecc.c 2013-11-10 18:59:14.000000000 +0100`
			`+++ gnutls-3.2.7/lib/algorithms/ecc.c 2013-11-25 17:22:28.242324562 +0100`
			`@@ -31,20 +31,6 @@`

			`static const gnutls_ecc_curve_entry_st ecc_curves[] = {`
			`{`
			`- .name = "SECP192R1",`
			`- .oid = "1.2.840.10045.3.1.1",`
			`- .id = GNUTLS_ECC_CURVE_SECP192R1,`
			`- .tls_id = 19,`
			`- .size = 24,`
			`- },`
			`- {`
			`- .name = "SECP224R1",`
			`- .oid = "1.3.132.0.33",`
			`- .id = GNUTLS_ECC_CURVE_SECP224R1,`
			`- .tls_id = 21,`
			`- .size = 28,`
			`- },`
			`- {`
			`.name = "SECP256R1",`
			`.oid = "1.2.840.10045.3.1.7",`
			`.id = GNUTLS_ECC_CURVE_SECP256R1,`
			`diff -ur gnutls-3.2.7.orig/lib/gnutls_priority.c gnutls-3.2.7/lib/gnutls_priority.c`
			`--- gnutls-3.2.7.orig/lib/gnutls_priority.c 2013-11-22 22:27:37.000000000 +0100`
			`+++ gnutls-3.2.7/lib/gnutls_priority.c 2013-11-25 17:22:34.576359546 +0100`
			`@@ -231,8 +231,6 @@`
			`}`

			`static const int supported_ecc_normal[] = {`
			`- GNUTLS_ECC_CURVE_SECP192R1,`
			`- GNUTLS_ECC_CURVE_SECP224R1,`
			`GNUTLS_ECC_CURVE_SECP256R1,`
			`GNUTLS_ECC_CURVE_SECP384R1,`
			`GNUTLS_ECC_CURVE_SECP521R1,`
			`Only in gnutls-3.2.7/lib: gnutls_priority.c~`
			`diff -ur gnutls-3.2.7.orig/lib/nettle/pk.c gnutls-3.2.7/lib/nettle/pk.c`
			`--- gnutls-3.2.7.orig/lib/nettle/pk.c 2013-11-10 18:59:14.000000000 +0100`
			`+++ gnutls-3.2.7/lib/nettle/pk.c 2013-11-25 17:22:28.242324562 +0100`
			`@@ -625,10 +625,6 @@`
			`static inline const struct ecc_curve *get_supported_curve(int curve)`
			`{`
			`switch (curve) {`
			`- case GNUTLS_ECC_CURVE_SECP192R1:`
			`- return &nettle_secp_192r1;`
			`- case GNUTLS_ECC_CURVE_SECP224R1:`
			`- return &nettle_secp_224r1;`
			`case GNUTLS_ECC_CURVE_SECP256R1:`
			`return &nettle_secp_256r1;`
			`case GNUTLS_ECC_CURVE_SECP384R1:`
			`diff -ur gnutls-3.2.7.orig/tests/mini-xssl.c gnutls-3.2.7/tests/mini-xssl.c`
			`--- gnutls-3.2.7.orig/tests/mini-xssl.c 2013-11-10 18:59:14.000000000 +0100`
			`+++ gnutls-3.2.7/tests/mini-xssl.c 2013-11-25 17:22:28.243324567 +0100`
			`@@ -27,7 +27,8 @@`
			`#include <stdio.h>`
			`#include <stdlib.h>`

			`-#if defined(_WIN32)`
			`+/* uses unsupported curves */`
			`+#if 1`

			`int main()`
			`{`
			`diff -ur gnutls-3.2.7.orig/tests/pkcs12_simple.c gnutls-3.2.7/tests/pkcs12_simple.c`
			`--- gnutls-3.2.7.orig/tests/pkcs12_simple.c 2013-11-10 18:59:14.000000000 +0100`
			`+++ gnutls-3.2.7/tests/pkcs12_simple.c 2013-11-25 17:22:28.243324567 +0100`
			`@@ -48,6 +48,9 @@`
			`gnutls_x509_privkey_t pkey;`
			`int ret;`

			`+ /* uses unsupported curves */`
			`+ exit(77);`
			`+`
			`ret = global_init();`
			`if (ret < 0)`
			`fail("global_init failed %d\n", ret);`