From 07736fd8044bae2b15bc95b2ca051c91ac96d67c Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 10 Feb 2021 14:16:17 +0100 Subject: [PATCH] Update to 3.7.0 upstream release --- .gitignore | 2 + gnutls-3.6.15-gnulib-perror-tests.patch | 46 ------------ gnutls-3.7.0-gost.patch | 12 ++++ ...xes.patch => gnutls-3.7.0-test-fixes.patch | 72 ++++++++++++------- gnutls.spec | 14 ++-- sources | 4 +- 6 files changed, 73 insertions(+), 77 deletions(-) delete mode 100644 gnutls-3.6.15-gnulib-perror-tests.patch create mode 100644 gnutls-3.7.0-gost.patch rename gnutls-3.6.15-test-fixes.patch => gnutls-3.7.0-test-fixes.patch (73%) diff --git a/.gitignore b/.gitignore index ea6a2e0..7137263 100644 --- a/.gitignore +++ b/.gitignore @@ -129,3 +129,5 @@ gnutls-2.10.1-nosrp.tar.bz2 /gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg /gnutls-3.6.15.tar.xz /gnutls-3.6.15.tar.xz.sig +/gnutls-3.7.0.tar.xz +/gnutls-3.7.0.tar.xz.sig diff --git a/gnutls-3.6.15-gnulib-perror-tests.patch b/gnutls-3.6.15-gnulib-perror-tests.patch deleted file mode 100644 index 5de2e14..0000000 --- a/gnutls-3.6.15-gnulib-perror-tests.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 175e0bc72808d564074c4adcc72aeadb74adfcc6 Mon Sep 17 00:00:00 2001 -From: Paul Eggert -Date: Thu, 27 Aug 2020 17:52:58 -0700 -Subject: [PATCH] perror, strerror_r: remove unportable tests - -Problem reported by Florian Weimer in: -https://lists.gnu.org/r/bug-gnulib/2020-08/msg00220.html -* tests/test-perror2.c (main): -* tests/test-strerror_r.c (main): Omit unportable tests. ---- - ChangeLog | 8 ++++++++ - tests/test-perror2.c | 3 --- - tests/test-strerror_r.c | 3 --- - 3 files changed, 8 insertions(+), 6 deletions(-) - -diff --git a/gl/tests/test-perror2.c b/gl/tests/test-perror2.c -index 1d14eda7b..c6214dd25 100644 ---- a/gl/tests/test-perror2.c -+++ b/gl/tests/test-perror2.c -@@ -79,9 +79,6 @@ main (void) - errno = -5; - perror (""); - ASSERT (!ferror (stderr)); -- ASSERT (msg1 == msg2 || msg1 == msg4 || STREQ (msg1, str1)); -- ASSERT (msg2 == msg4 || STREQ (msg2, str2)); -- ASSERT (msg3 == msg4 || STREQ (msg3, str3)); - ASSERT (STREQ (msg4, str4)); - - free (str1); -diff --git a/gl/tests/test-strerror_r.c b/gl/tests/test-strerror_r.c -index b11d6fd9f..c1dbcf837 100644 ---- a/gl/tests/test-strerror_r.c -+++ b/gl/tests/test-strerror_r.c -@@ -165,9 +165,6 @@ main (void) - - strerror_r (EACCES, buf, sizeof buf); - strerror_r (-5, buf, sizeof buf); -- ASSERT (msg1 == msg2 || msg1 == msg4 || STREQ (msg1, str1)); -- ASSERT (msg2 == msg4 || STREQ (msg2, str2)); -- ASSERT (msg3 == msg4 || STREQ (msg3, str3)); - ASSERT (STREQ (msg4, str4)); - - free (str1); --- -2.26.2 - diff --git a/gnutls-3.7.0-gost.patch b/gnutls-3.7.0-gost.patch new file mode 100644 index 0000000..7cad9b5 --- /dev/null +++ b/gnutls-3.7.0-gost.patch @@ -0,0 +1,12 @@ +diff -up ./tests/gnutls-cli-debug.sh.gost ./tests/gnutls-cli-debug.sh +--- ./tests/gnutls-cli-debug.sh.gost 2021-02-09 13:28:46.528821113 +0100 ++++ ./tests/gnutls-cli-debug.sh 2021-02-09 13:29:18.851646678 +0100 +@@ -217,6 +217,8 @@ if test "${ENABLE_GOST}" = "1" && test " + kill ${PID} + wait + ++ cat $OUTFILE ++ + check_text "for VKO GOST-2012 (draft-smyshlyaev-tls12-gost-suites) support... yes" + check_text "for GOST28147-CNT cipher (draft-smyshlyaev-tls12-gost-suites) support... yes" + check_text "for GOST28147-IMIT MAC (draft-smyshlyaev-tls12-gost-suites) support... yes" diff --git a/gnutls-3.6.15-test-fixes.patch b/gnutls-3.7.0-test-fixes.patch similarity index 73% rename from gnutls-3.6.15-test-fixes.patch rename to gnutls-3.7.0-test-fixes.patch index 7bf84c5..066feb4 100644 --- a/gnutls-3.6.15-test-fixes.patch +++ b/gnutls-3.7.0-test-fixes.patch @@ -1,4 +1,4 @@ -From c2e39386e5df376620264b820fde2994b12d035d Mon Sep 17 00:00:00 2001 +From c815f725448af8d023818a968e1296946ceb0f1c Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Mon, 21 Dec 2020 09:36:47 -0500 Subject: [PATCH 1/2] tests: Fix tpmtool_test due to changes in trousers @@ -14,7 +14,7 @@ Signed-off-by: Stefan Berger 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/tests/tpmtool_test.sh b/tests/tpmtool_test.sh -index c6e4bc42e..137552d62 100755 +index eba502612..77fe17e59 100755 --- a/tests/tpmtool_test.sh +++ b/tests/tpmtool_test.sh @@ -138,6 +138,7 @@ start_tcsd() @@ -76,7 +76,7 @@ index c6e4bc42e..137552d62 100755 2.29.2 -From 40203390a48b8fa01d72c6a9739d963cf24556b8 Mon Sep 17 00:00:00 2001 +From 2b0f6f3a2ff13153aaa70c764ba7a8b90aef794d Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Mon, 28 Dec 2020 16:16:53 +0100 Subject: [PATCH 2/2] testpkcs11: use datefudge to trick certificate expiry @@ -90,28 +90,11 @@ https://gitlab.com/gnutls/gnutls/-/issues/1135#note_469682121 Signed-off-by: Daiki Ueno --- - tests/scripts/common.sh | 5 +++++ - tests/testpkcs11.sh | 12 +++++++++++- - 2 files changed, 16 insertions(+), 1 deletion(-) + tests/testpkcs11.sh | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) -diff --git a/tests/scripts/common.sh b/tests/scripts/common.sh -index 6ae19fa58..69b5fd612 100644 ---- a/tests/scripts/common.sh -+++ b/tests/scripts/common.sh -@@ -187,6 +187,11 @@ launch_bare_server() { - ${SERV} $* >${LOGFILE-/dev/null} & - } - -+launch_bare_server2() { -+ wait_for_free_port "$PORT" -+ "$@" >${LOGFILE-/dev/null} & -+} -+ - wait_server() { - local PID=$1 - trap "test -n \"${PID}\" && kill ${PID};exit 1" 1 15 2 diff --git a/tests/testpkcs11.sh b/tests/testpkcs11.sh -index 9458af238..3d74bfea6 100755 +index 38b9585bc..09a627477 100755 --- a/tests/testpkcs11.sh +++ b/tests/testpkcs11.sh @@ -67,6 +67,8 @@ have_ed25519=0 @@ -144,8 +127,8 @@ index 9458af238..3d74bfea6 100755 echo -n "* Using PKCS #11 with gnutls-cli (${txt})... " # start server eval "${GETPORT}" -- launch_pkcs11_server $$ "${ADDITIONAL_PARAM}" --echo --priority NORMAL --x509certfile="${certfile}" \ -+ launch_bare_server2 datefudge -s "$TESTDATE" \ +- launch_server ${ADDITIONAL_PARAM} --echo --priority NORMAL --x509certfile="${certfile}" \ ++ launch_bare_server datefudge -s "$TESTDATE" \ + $VALGRIND $SERV $DEBUG -p "$PORT" \ + ${ADDITIONAL_PARAM} --debug 10 --echo --priority NORMAL --x509certfile="${certfile}" \ --x509keyfile="$keyfile" --x509cafile="${cafile}" \ @@ -171,3 +154,42 @@ index 9458af238..3d74bfea6 100755 -- 2.29.2 +From 5a64e896a56ef602bb86242bbac01e4319f12cbe Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Tue, 9 Feb 2021 15:26:07 +0100 +Subject: [PATCH] tests/gnutls-cli-debug.sh: don't unset system priority + settings + +When the test is exercised, GNUTLS_SYSTEM_PRIORITY_FILE is set in many +places, such as TESTS_ENVIRONMENT tests/Makefile.am or a packaging +system that runs the test in a restricted environment. Unsetting it +after a temporary use forces the remaining part of the test to use the +default system priority, which might not be the intention of the user. + +Signed-off-by: Daiki Ueno +--- + tests/gnutls-cli-debug.sh | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/tests/gnutls-cli-debug.sh b/tests/gnutls-cli-debug.sh +index a73910dea..3c3e2214e 100755 +--- a/tests/gnutls-cli-debug.sh ++++ b/tests/gnutls-cli-debug.sh +@@ -184,13 +184,11 @@ cat <<_EOF_ > ${TMPFILE} + tls-disabled-cipher = CAMELLIA-128-CBC + tls-disabled-cipher = CAMELLIA-256-CBC + _EOF_ +-export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" + ++GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" \ + timeout 1800 datefudge "2017-08-9" \ + "${DCLI}" -p "${PORT}" localhost >$OUTFILE 2>&1 || fail ${PID} "gnutls-cli-debug run should have succeeded!" + +-unset GNUTLS_SYSTEM_PRIORITY_FILE +- + kill ${PID} + wait + +-- +2.29.2 + diff --git a/gnutls.spec b/gnutls.spec index e2bf429..adba8c2 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,10 +1,10 @@ # This spec file has been automatically updated -Version: 3.6.15 -Release: 4%{?dist} +Version: 3.7.0 +Release: 1%{?dist} Patch1: gnutls-3.6.7-no-now-guile.patch Patch2: gnutls-3.2.7-rpath.patch -Patch3: gnutls-3.6.15-gnulib-perror-tests.patch -Patch4: gnutls-3.6.15-test-fixes.patch +Patch3: gnutls-3.7.0-test-fixes.patch +Patch4: gnutls-3.7.0-gost.patch %bcond_without dane %if 0%{?rhel} %bcond_with guile @@ -158,6 +158,8 @@ echo "SYSTEM=NORMAL" >> tests/system.prio # via the crypto policies %build +%define _lto_cflags %{nil} + CCASFLAGS="$CCASFLAGS -Wa,--generate-missing-build-notes=yes" export CCASFLAGS @@ -282,6 +284,10 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null %endif %changelog +* Mon Feb 8 2021 Daiki Ueno - 3.7.0-1 +- Update to upstream 3.7.0 release +- Temporarily disable LTO + * Tue Jan 26 2021 Daiki Ueno - 3.6.15-4 - Fix broken tests on rawhide (#1908110) - Add BuildRequires: make (by Tom Stellard) diff --git a/sources b/sources index b005a4a..da7e44a 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (gnutls-3.6.15.tar.xz) = f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c -SHA512 (gnutls-3.6.15.tar.xz.sig) = a6dbb6093fefddce4c76ce0015d1e0ff7bb712985007c5c6bd5ed6a8cd7529ab250bcbc98b70beeb9dc1b43dcfc65495c77b9abb43e690f24eb7bf0042af1f68 +SHA512 (gnutls-3.7.0.tar.xz) = 5cf1025f2d0a0cbf5a83dd7f3b22dafd1769f7c3349096c0272d08573bb5ff87f510e0e69b4bbb47dad1b64476aa5479804b2f4ceb2216cd747bbc53bf42d885 +SHA512 (gnutls-3.7.0.tar.xz.sig) = 25793ac5e3d2610f95f26a2aa6f444a0cebe45a173cd330ed95b38c82b8f469024c9fa35249917f6b880ae32192b5e74988169a68724c08f5c82a3379fff82fd SHA512 (gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg) = a74b92826fd0e5388c9f6d9231959e38b26aeef83138648fab66df951d8e1a4db5302b569d08515d4d6443e5e4f6c466f98319f330c820790260d22a9b9f7173