diff --git a/gnutls-2.12.7-libgcrypt-mpi.patch b/gnutls-2.12.7-libgcrypt-mpi.patch new file mode 100644 index 0000000..b0f185a --- /dev/null +++ b/gnutls-2.12.7-libgcrypt-mpi.patch @@ -0,0 +1,147 @@ +diff -up gnutls-2.12.7/lib/gcrypt/pk.c.mpi gnutls-2.12.7/lib/gcrypt/pk.c +--- gnutls-2.12.7/lib/gcrypt/pk.c.mpi 2011-04-08 02:30:44.000000000 +0200 ++++ gnutls-2.12.7/lib/gcrypt/pk.c 2011-07-25 14:21:43.000000000 +0200 +@@ -112,7 +112,7 @@ _wrap_gcry_pk_encrypt (gnutls_pk_algorit + goto cleanup; + } + +- res = gcry_sexp_nth_mpi (list, 1, 0); ++ res = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + if (res == NULL) + { +@@ -202,7 +202,7 @@ _wrap_gcry_pk_decrypt (gnutls_pk_algorit + goto cleanup; + } + +- res = gcry_sexp_nth_mpi (s_plain, 0, 0); ++ res = gcry_sexp_nth_mpi (s_plain, 0, GCRYMPI_FMT_USG); + if (res == NULL) + { + gnutls_assert (); +@@ -327,7 +327,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (s_sig, "s", 0); +@@ -338,7 +338,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + ret = _gnutls_encode_ber_rs (signature, res[0], res[1]); +@@ -360,7 +360,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + ret = _gnutls_mpi_dprint (res[0], signature); +@@ -559,7 +559,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "q", 0); +@@ -570,7 +570,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "g", 0); +@@ -581,7 +581,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[2] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "y", 0); +@@ -592,7 +592,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[3] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -604,7 +604,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[4] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + + gcry_sexp_release (list); + gcry_sexp_release (key); +@@ -660,7 +660,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "e", 0); +@@ -671,7 +671,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "d", 0); +@@ -682,7 +682,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[2] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "p", 0); +@@ -693,7 +693,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[3] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -705,7 +705,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[4] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -717,7 +717,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[5] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[5] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + + gcry_sexp_release (list); + gcry_sexp_release (key); diff --git a/gnutls.spec b/gnutls.spec index f770aa8..dd0a218 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,7 +1,7 @@ Summary: A TLS protocol implementation Name: gnutls Version: 2.12.7 -Release: 1%{?dist} +Release: 2%{?dist} # The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv3+ License: GPLv3+ and LGPLv2+ Group: System Environment/Libraries @@ -21,14 +21,21 @@ Patch2: gnutls-2.8.6-link-libgcrypt.patch Patch3: gnutls-2.12.2-nosrp.patch # Skip tests that are expected to fail on libgcrypt build Patch4: gnutls-2.12.7-dsa-skiptests.patch +# Patch incorrect calls to libgcrypt (patch by Andreas Metzler) +Patch5: gnutls-2.12.7-libgcrypt-mpi.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: libgcrypt >= 1.2.2 +%package c++ +Summary: The C++ interface to GnuTLS +Requires: %{name}%{?_isa} = %{version}-%{release} + %package devel Summary: Development files for the %{name} package Group: Development/Libraries -Requires: %{name} = %{version}-%{release} +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name}-c++%{?_isa} = %{version}-%{release} Requires: libgcrypt-devel Requires: pkgconfig Requires(post): /sbin/install-info @@ -38,12 +45,12 @@ Requires(preun): /sbin/install-info License: GPLv3+ Summary: Command line tools for TLS protocol Group: Applications/System -Requires: %{name} = %{version}-%{release} +Requires: %{name}%{?_isa} = %{version}-%{release} %package guile Summary: Guile bindings for the GNUTLS library Group: Development/Libraries -Requires: %{name} = %{version}-%{release} +Requires: %{name}%{?_isa} = %{version}-%{release} Requires: guile %description @@ -51,6 +58,12 @@ GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group. +%description c++ +GnuTLS is a project that aims to develop a library which provides a secure +layer, over a reliable transport layer. Currently the GnuTLS library implements +the proposed standards by the IETF's TLS working group. +This package contains the C++ interface for the GnuTLS library. + %description devel GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements @@ -77,6 +90,7 @@ This package contains Guile bindings for the library. %patch2 -p1 -b .link %patch3 -p1 -b .nosrp %patch4 -p1 -b .skiptests +%patch5 -p1 -b .mpi for i in auth_srp_rsa.c auth_srp_sb64.c auth_srp_passwd.c auth_srp.c gnutls_srp.c ext_srp.c; do touch lib/$i @@ -89,6 +103,7 @@ export LDFLAGS="-Wl,--no-add-needed" %configure --with-libtasn1-prefix=%{_prefix} \ --with-included-libcfg \ --disable-static \ + --disable-openssl-compatibility \ --disable-srp-authentication \ --disable-rpath \ --with-libgcrypt @@ -119,6 +134,10 @@ rm -fr $RPM_BUILD_ROOT %postun -p /sbin/ldconfig +%post c++ -p /sbin/ldconfig + +%postun c++ -p /sbin/ldconfig + %post devel if [ -f %{_infodir}/gnutls.info.gz ]; then /sbin/install-info %{_infodir}/gnutls.info.gz %{_infodir}/dir || : @@ -135,9 +154,13 @@ fi %files -f libgnutls.lang %defattr(-,root,root,-) -%{_libdir}/libgnutls*.so.* +%{_libdir}/libgnutls.so.* +%{_libdir}/libgnutls-extra.so.* %doc COPYING COPYING.LIB README AUTHORS +%files c++ +%{_libdir}/libgnutlsxx.so.* + %files devel %defattr(-,root,root,-) %{_bindir}/libgnutls*-config @@ -164,6 +187,11 @@ fi %{_datadir}/guile/site/gnutls.scm %changelog +* Mon Jul 25 2011 Tomas Mraz 2.12.7-2 +- fix problem when using new libgcrypt +- split libgnutlsxx to a subpackage (#455146) +- drop libgnutls-openssl (#460310) + * Tue Jun 21 2011 Tomas Mraz 2.12.7-1 - new upstream version