new upstream release

gnutls-3.2.7-suiteb.patch

@@ -1,77 +0,0 @@
-diff -ur gnutls-3.2.7.orig/lib/algorithms/ecc.c gnutls-3.2.7/lib/algorithms/ecc.c
---- gnutls-3.2.7.orig/lib/algorithms/ecc.c	2013-11-10 18:59:14.000000000 +0100
-+++ gnutls-3.2.7/lib/algorithms/ecc.c	2013-11-25 17:22:28.242324562 +0100
-@@ -31,20 +31,6 @@
- 
- static const gnutls_ecc_curve_entry_st ecc_curves[] = {
- 	{
--	 .name = "SECP192R1",
--	 .oid = "1.2.840.10045.3.1.1",
--	 .id = GNUTLS_ECC_CURVE_SECP192R1,
--	 .tls_id = 19,
--	 .size = 24,
--	 },
--	{
--	 .name = "SECP224R1",
--	 .oid = "1.3.132.0.33",
--	 .id = GNUTLS_ECC_CURVE_SECP224R1,
--	 .tls_id = 21,
--	 .size = 28,
--	 },
--	{
- 	 .name = "SECP256R1",
- 	 .oid = "1.2.840.10045.3.1.7",
- 	 .id = GNUTLS_ECC_CURVE_SECP256R1,
-diff -ur gnutls-3.2.7.orig/lib/gnutls_priority.c gnutls-3.2.7/lib/gnutls_priority.c
---- gnutls-3.2.7.orig/lib/gnutls_priority.c	2013-11-22 22:27:37.000000000 +0100
-+++ gnutls-3.2.7/lib/gnutls_priority.c	2013-11-25 17:22:34.576359546 +0100
-@@ -231,8 +231,6 @@
- }
- 
- static const int supported_ecc_normal[] = {
--	GNUTLS_ECC_CURVE_SECP192R1,
--	GNUTLS_ECC_CURVE_SECP224R1,
- 	GNUTLS_ECC_CURVE_SECP256R1,
- 	GNUTLS_ECC_CURVE_SECP384R1,
- 	GNUTLS_ECC_CURVE_SECP521R1,
-Only in gnutls-3.2.7/lib: gnutls_priority.c~
-diff -ur gnutls-3.2.7.orig/lib/nettle/pk.c gnutls-3.2.7/lib/nettle/pk.c
---- gnutls-3.2.7.orig/lib/nettle/pk.c	2013-11-10 18:59:14.000000000 +0100
-+++ gnutls-3.2.7/lib/nettle/pk.c	2013-11-25 17:22:28.242324562 +0100
-@@ -625,10 +625,6 @@
- static inline const struct ecc_curve *get_supported_curve(int curve)
- {
- 	switch (curve) {
--	case GNUTLS_ECC_CURVE_SECP192R1:
--		return &nettle_secp_192r1;
--	case GNUTLS_ECC_CURVE_SECP224R1:
--		return &nettle_secp_224r1;
- 	case GNUTLS_ECC_CURVE_SECP256R1:
- 		return &nettle_secp_256r1;
- 	case GNUTLS_ECC_CURVE_SECP384R1:
-diff -ur gnutls-3.2.7.orig/tests/mini-xssl.c gnutls-3.2.7/tests/mini-xssl.c
---- gnutls-3.2.7.orig/tests/mini-xssl.c	2013-11-10 18:59:14.000000000 +0100
-+++ gnutls-3.2.7/tests/mini-xssl.c	2013-11-25 17:22:28.243324567 +0100
-@@ -27,7 +27,8 @@
- #include <stdio.h>
- #include <stdlib.h>
- 
--#if defined(_WIN32)
-+/* uses unsupported curves */
-+#if 1
- 
- int main()
- {
-diff -ur gnutls-3.2.7.orig/tests/pkcs12_simple.c gnutls-3.2.7/tests/pkcs12_simple.c
---- gnutls-3.2.7.orig/tests/pkcs12_simple.c	2013-11-10 18:59:14.000000000 +0100
-+++ gnutls-3.2.7/tests/pkcs12_simple.c	2013-11-25 17:22:28.243324567 +0100
-@@ -48,6 +48,9 @@
- 	gnutls_x509_privkey_t pkey;
- 	int ret;
- 
-+	/* uses unsupported curves */
-+	exit(77);
-+
- 	ret = global_init();
- 	if (ret < 0)
- 		fail("global_init failed %d\n", ret);

gnutls.spec

@@ -2,8 +2,8 @@
 %bcond_with guile
 Summary: A TLS protocol implementation
 Name: gnutls
-Version: 3.2.7
-Release: 2%{?dist}
+Version: 3.2.8
+Release: 1%{?dist}
 # The libraries are LGPLv2.1+, utilities are GPLv3+
 License: GPLv3+ and LGPLv2+
 Group: System Environment/Libraries
@@ -27,11 +27,9 @@ Source0: %{name}-%{version}-hobbled.tar.xz
 Source1: libgnutls-config
 Source2: hobble-gnutls
 Patch1: gnutls-3.2.7-rpath.patch
-Patch2: gnutls-3.2.7-asm.patch
 # Use only FIPS approved ciphers in the FIPS mode
 Patch7: gnutls-2.12.21-fips-algorithms.patch
 Patch8: gnutls-3.1.11-nosrp.patch
-Patch9: gnutls-3.2.7-suiteb.patch
 
 # Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
 Provides: bundled(gnulib) = 20130424
@@ -132,12 +130,10 @@ This package contains Guile bindings for the library.
 %setup -q
 
 %patch1 -p1 -b .rpath
-%patch2 -p1 -b .asm
 # This patch is not applicable as we use nettle now but some parts will be
 # later reused.
 #%patch7 -p1 -b .fips
 %patch8 -p1 -b .nosrp
-%patch9 -p1 -b .suiteb
 sed 's/gnutls_srp.c//g' -i lib/Makefile.in
 sed 's/gnutls_srp.lo//g' -i lib/Makefile.in
 
@@ -152,6 +148,7 @@ export LDFLAGS="-Wl,--no-add-needed"
            --disable-static \
            --disable-openssl-compatibility \
            --disable-srp-authentication \
+	   --disable-non-suiteb-curves \
 %if %{with guile}
            --enable-guile \
 %ifarch %{arm}