rpms
/
gnutls
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import gnutls-3.7.3-5.el9

This commit is contained in:
CentOS Sources 2022-03-01 07:48:08 -05:00 committed by Stepan Oksanichenko
parent 420cce95cb
commit 69169ae197
14 changed files with 878 additions and 8544 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/gnutls-3.7.2.tar.xz
SOURCES/gnutls-3.7.3.tar.xz
SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg

2
.gnutls.metadata
View File

@ -1,2 +1,2 @@
02e12259680b6ad3ec973e0df6bf2cf0c5ef1100 SOURCES/gnutls-3.7.2.tar.xz
552c337be97d2379ae7233ebf55e949010ef7837 SOURCES/gnutls-3.7.3.tar.xz
648ec46f9539fe756fb90131b85ae4759ed2ed21 SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg

8352
SOURCES/gnutls-3.7.2-config-allowlisting.patch
View File

File diff suppressed because it is too large Load Diff

92
SOURCES/gnutls-3.7.2-key-share-ecdhx.patch
View File

@ -1,92 +0,0 @@
From c9e072236c4e1c290f38aee819ecaff8398e2a16 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 25 Jun 2021 08:39:12 +0200
Subject: [PATCH] key_share: treat X25519 and X448 as same PK type when
advertising
Previously, if both X25519 and X448 groups were enabled in the
priority string, the client sent both algorithms in a key_share
extension, while it was only capable of handling one algorithm from
the same (Edwards curve) category. This adds an extra check so the
client should send either X25519 or X448.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/ext/key_share.c | 24 +++++++++++++++++++++---
tests/tls13/key_share.c | 3 +++
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
index a8c4bb5cf..a4db3af95 100644
--- a/lib/ext/key_share.c
+++ b/lib/ext/key_share.c
@@ -656,6 +656,18 @@ key_share_recv_params(gnutls_session_t session,
return 0;
}
+static inline bool
+pk_type_is_ecdhx(gnutls_pk_algorithm_t pk)
+{
+ return pk == GNUTLS_PK_ECDH_X25519 || pk == GNUTLS_PK_ECDH_X448;
+}
+
+static inline bool
+pk_type_equal(gnutls_pk_algorithm_t a, gnutls_pk_algorithm_t b)
+{
+ return a == b || (pk_type_is_ecdhx(a) && pk_type_is_ecdhx(b));
+}
+
/* returns data_size or a negative number on failure
*/
static int
@@ -710,12 +722,18 @@ key_share_send_params(gnutls_session_t session,
/* generate key shares for out top-(max_groups) groups
* if they are of different PK type. */
for (i = 0; i < session->internals.priorities->groups.size; i++) {
+ unsigned int j;
+
group = session->internals.priorities->groups.entry[i];
- if (generated == 1 && group->pk == selected_groups[0])
- continue;
- else if (generated == 2 && (group->pk == selected_groups[1] || group->pk == selected_groups[0]))
+ for (j = 0; j < generated; j++) {
+ if (pk_type_equal(group->pk, selected_groups[j])) {
+ break;
+ }
+ }
+ if (j < generated) {
continue;
+ }
selected_groups[generated] = group->pk;
diff --git a/tests/tls13/key_share.c b/tests/tls13/key_share.c
index 7f8f6295c..816a7d9b5 100644
--- a/tests/tls13/key_share.c
+++ b/tests/tls13/key_share.c
@@ -124,6 +124,7 @@ unsigned int tls_id_to_group[] = {
[23] = GNUTLS_GROUP_SECP256R1,
[24] = GNUTLS_GROUP_SECP384R1,
[29] = GNUTLS_GROUP_X25519,
+ [30] = GNUTLS_GROUP_X448,
[0x100] = GNUTLS_GROUP_FFDHE2048,
[0x101] = GNUTLS_GROUP_FFDHE3072
};
@@ -315,11 +316,13 @@ void doit(void)
start("two groups: default secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_SECP256R1, 2);
start("two groups: secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_SECP256R1, 2);
start("two groups: x25519", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_X25519, 2);
+ start("two groups: x448", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_X448, 2);
start("two groups: ffdhe2048", "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE3072", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_FFDHE2048, 2);
start("three groups: default secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_SECP256R1, 3);
start("three groups: secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_SECP256R1, 3);
start("three groups: x25519", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_X25519, 3);
+ start("three groups: x448", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_X448, 3);
start("three groups: ffdhe2048", "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE3072", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_FFDHE2048, 3);
/* test default behavior */
--
2.31.1

72
SOURCES/gnutls-3.7.2-libopts-covscan.patch
View File

@ -1,72 +0,0 @@
From de11338de900f5c8840268264bceccbf76cca34f Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Thu, 21 Oct 2021 12:19:30 +0200
Subject: [PATCH 1/2] autoopts: makeshell: use ferror before fclose
Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
src/libopts/makeshell.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/libopts/makeshell.c b/src/libopts/makeshell.c
index b6cb441a..7eb17a1f 100644
--- a/src/libopts/makeshell.c
+++ b/src/libopts/makeshell.c
@@ -164,9 +164,8 @@ optionParseShell(tOptions * opts)
#ifdef HAVE_FCHMOD
fchmod(STDOUT_FILENO, 0755);
#endif
- fclose(stdout);
- if (ferror(stdout))
+ if (ferror(stdout) || fclose(stdout))
fserr_exit(opts->pzProgName, zwriting, zstdout_name);
AGFREE(script_text);
--
2.31.1
From 161097d36b608b615482e42e56a465c9fd740c26 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Thu, 21 Oct 2021 12:43:07 +0200
Subject: [PATCH 2/2] autoopts: load: fix resource leak in error path
Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
src/libopts/load.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/libopts/load.c b/src/libopts/load.c
index 3f1ce2e6..ad1c4584 100644
--- a/src/libopts/load.c
+++ b/src/libopts/load.c
@@ -219,8 +219,11 @@ add_prog_path(char * buf, int b_sz, char const * fname, char const * prg_path)
* IF we cannot find a directory name separator,
* THEN we do not have a path name to our executable file.
*/
- if (pz == NULL)
+ if (pz == NULL) {
+ if (path != prg_path)
+ AGFREE(path);
return false;
+ }
fname += skip;
fname_len = strlen(fname) + 1; // + NUL byte
@@ -230,8 +233,11 @@ add_prog_path(char * buf, int b_sz, char const * fname, char const * prg_path)
* Concatenate the file name to the end of the executable path.
* The result may be either a file or a directory.
*/
- if (dir_len + fname_len > (unsigned)b_sz)
+ if (dir_len + fname_len > (unsigned)b_sz) {
+ if (path != prg_path)
+ AGFREE(path);
return false;
+ }
memcpy(buf, path, dir_len);
memcpy(buf + dir_len, fname, fname_len);
--
2.31.1

32
SOURCES/gnutls-3.7.2-no-explicit-init.patch Normal file
View File

@ -0,0 +1,32 @@
From 36a92d984020df16296784a7ad613c9693469d23 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 21 Dec 2021 16:28:09 +0100
Subject: [PATCH 1/2] Remove GNUTLS_NO_EXPLICIT_INIT compatibility
Signed-off-by: rpm-build <rpm-build>
---
lib/global.c | 8 --------
1 file changed, 8 deletions(-)
diff --git a/lib/global.c b/lib/global.c
index 3731418..1384045 100644
--- a/lib/global.c
+++ b/lib/global.c
@@ -500,14 +500,6 @@ static void _CONSTRUCTOR lib_init(void)
return;
}
- e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT");
- if (e != NULL) {
- _gnutls_debug_log("GNUTLS_NO_EXPLICIT_INIT is deprecated; use GNUTLS_NO_IMPLICIT_INIT\n");
- ret = atoi(e);
- if (ret == 1)
- return;
- }
-
ret = _gnutls_global_init(1);
if (ret < 0) {
fprintf(stderr, "Error in GnuTLS initialization: %s\n", gnutls_strerror(ret));
--
2.31.1

BIN
SOURCES/gnutls-3.7.2.tar.xz.sig
View File

Binary file not shown.

19
SOURCES/gnutls-3.7.3-disable-config-reload.patch Normal file
View File

@ -0,0 +1,19 @@
diff --color -ru a/lib/priority.c b/lib/priority.c
--- a/lib/priority.c 2022-01-14 07:53:21.000000000 +0100
+++ b/lib/priority.c 2022-02-15 09:31:36.388485784 +0100
@@ -2030,15 +2030,6 @@
additional++;
}
- /* Always try to refresh the cached data, to allow it to be
- * updated without restarting all applications.
- */
- ret = _gnutls_update_system_priorities();
- if (ret < 0) {
- _gnutls_debug_log("failed to update system priorities: %s\n",
- gnutls_strerror(ret));
- }
-
do {
ss_next = strchr(ss, ',');
if (ss_next) {

471
SOURCES/gnutls-3.7.3-fips-pkcs12.patch Normal file
View File

@ -0,0 +1,471 @@
From 7d8d8feb502ddb20a0d115fa3f63403c849a7168 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 10 Feb 2022 16:43:08 +0100
Subject: [PATCH 1/2] pkcs12: mark MAC generation and verification as FIPS
non-approved
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/x509/pkcs12.c | 39 +++++++++++++++++++++++++---
tests/pkcs12_encode.c | 59 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 94 insertions(+), 4 deletions(-)
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index a8f7d8f956..11b9da3ac9 100644
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -286,13 +286,26 @@ gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
gnutls_x509_crt_fmt_t format, void *output_data,
size_t * output_data_size)
{
+ int ret;
+
if (pkcs12 == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
- return _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
- output_data, output_data_size);
+ ret = _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
+ output_data, output_data_size);
+
+ if (ret < 0) {
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+ } else {
+ /* PKCS#12 export is always non-approved, because the MAC
+ * calculation involves non-approved KDF (PKCS#12 KDF) and
+ * without MAC the protection is insufficient.
+ */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+ }
+ return ret;
}
/**
@@ -317,13 +330,25 @@ int
gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
{
+ int ret;
+
if (pkcs12 == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
- return _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
- out);
+ ret = _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
+ out);
+ if (ret < 0) {
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+ } else {
+ /* PKCS#12 export is always non-approved, because the MAC
+ * calculation involves non-approved KDF (PKCS#12 KDF) and
+ * without MAC the protection is insufficient.
+ */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+ }
+ return ret;
}
static int oid2bag(const char *oid)
@@ -1025,9 +1050,12 @@ int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12, gnutls_mac_algorithm_t m
goto cleanup;
}
+ /* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
return 0;
cleanup:
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
_gnutls_free_datum(&tmp);
return result;
}
@@ -1203,8 +1231,11 @@ pkcs12_try_gost:
goto cleanup;
}
+ /* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
result = 0;
cleanup:
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
_gnutls_free_datum(&tmp);
_gnutls_free_datum(&salt);
return result;
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index 3b0e84ef13..b8f7d17267 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -70,6 +70,29 @@ static void tls_log_func(int level, const char *str)
fprintf(stderr, "|<%d>| %s", level, str);
}
+#define FIPS_PUSH_CONTEXT() do { \
+ if (gnutls_fips140_mode_enabled()) { \
+ ret = gnutls_fips140_push_context(fips_context); \
+ if (ret < 0) { \
+ fail("gnutls_fips140_push_context failed\n"); \
+ } \
+ } \
+} while (0)
+
+#define FIPS_POP_CONTEXT(state) do { \
+ if (gnutls_fips140_mode_enabled()) { \
+ ret = gnutls_fips140_pop_context(); \
+ if (ret < 0) { \
+ fail("gnutls_fips140_context_pop failed\n"); \
+ } \
+ fips_state = gnutls_fips140_get_operation_state(fips_context); \
+ if (fips_state != GNUTLS_FIPS140_OP_ ## state) { \
+ fail("operation state is not " # state " (%d)\n", \
+ fips_state); \
+ } \
+ } \
+} while (0)
+
void doit(void)
{
gnutls_pkcs12_t pkcs12;
@@ -82,6 +105,8 @@ void doit(void)
char outbuf[10240];
size_t size;
unsigned tests, i;
+ gnutls_fips140_context_t fips_context;
+ gnutls_fips140_operation_state_t fips_state;
ret = global_init();
if (ret < 0) {
@@ -93,6 +118,11 @@ void doit(void)
if (debug)
gnutls_global_set_log_level(4711);
+ ret = gnutls_fips140_context_init(&fips_context);
+ if (ret < 0) {
+ fail("Cannot initialize FIPS context\n");
+ }
+
/* Read certs. */
ret = gnutls_x509_crt_init(&client);
if (ret < 0) {
@@ -196,6 +226,8 @@ void doit(void)
gnutls_pkcs12_bag_deinit(bag);
}
+ FIPS_PUSH_CONTEXT();
+
/* MAC the structure, export and print. */
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA1, "pass");
if (ret < 0) {
@@ -203,36 +235,60 @@ void doit(void)
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_verify_mac(pkcs12, "pass");
if (ret < 0) {
fprintf(stderr, "verify_mac: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA256, "passwd");
if (ret < 0) {
fprintf(stderr, "generate_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_verify_mac(pkcs12, "passwd");
if (ret < 0) {
fprintf(stderr, "verify_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA512, "passwd1");
if (ret < 0) {
fprintf(stderr, "generate_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_verify_mac(pkcs12, "passwd1");
if (ret < 0) {
fprintf(stderr, "verify_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
size = sizeof(outbuf);
ret =
gnutls_pkcs12_export(pkcs12, GNUTLS_X509_FMT_PEM, outbuf,
@@ -242,10 +298,13 @@ void doit(void)
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
if (debug)
fwrite(outbuf, size, 1, stdout);
/* Cleanup. */
+ gnutls_fips140_context_deinit(fips_context);
gnutls_pkcs12_deinit(pkcs12);
gnutls_x509_crt_deinit(client);
gnutls_x509_crt_deinit(ca);
--
2.34.1
From e7f9267342bc2231149a640163c82b63c86f1dfd Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 10 Feb 2022 17:35:13 +0100
Subject: [PATCH 2/2] _gnutls_pkcs_raw_{decrypt,encrypt}_data: use public
crypto API
These functions previously used the internal crypto
API (_gnutls_cipher_*) which does not have algorithm checks for FIPS.
This change switches the code to use the public crypto
API (gnutls_cipher_*) to trigger proper state transitions under FIPS
mode.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/x509/pkcs7-crypt.c | 36 +++++++++++-----------------
tests/pkcs12_encode.c | 54 +++++++++++++++++++++++++++---------------
2 files changed, 49 insertions(+), 41 deletions(-)
diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
index 4cce52ecf0..2dc5bc4df0 100644
--- a/lib/x509/pkcs7-crypt.c
+++ b/lib/x509/pkcs7-crypt.c
@@ -1130,8 +1130,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
gnutls_datum_t enc = { NULL, 0 };
uint8_t *key = NULL;
gnutls_datum_t dkey, d_iv;
- cipher_hd_st ch;
- int ch_init = 0;
+ gnutls_cipher_hd_t ch = NULL;
int key_size, ret;
unsigned int pass_len = 0;
const struct pkcs_cipher_schema_st *p;
@@ -1237,8 +1236,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
d_iv.data = (uint8_t *) enc_params->iv;
d_iv.size = enc_params->iv_size;
- ret =
- _gnutls_cipher_init(&ch, ce, &dkey, &d_iv, 0);
+ ret = gnutls_cipher_init(&ch, ce->id, &dkey, &d_iv);
gnutls_free(key);
@@ -1247,9 +1245,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
goto error;
}
- ch_init = 1;
-
- ret = _gnutls_cipher_decrypt(&ch, enc.data, enc.size);
+ ret = gnutls_cipher_decrypt(ch, enc.data, enc.size);
if (ret < 0) {
gnutls_assert();
ret = GNUTLS_E_DECRYPTION_FAILED;
@@ -1281,7 +1277,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
decrypted_data->size = enc.size;
}
- _gnutls_cipher_deinit(&ch);
+ gnutls_cipher_deinit(ch);
ret = 0;
@@ -1294,8 +1290,9 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
gnutls_free(password);
gnutls_free(enc.data);
gnutls_free(key);
- if (ch_init != 0)
- _gnutls_cipher_deinit(&ch);
+ if (ch) {
+ gnutls_cipher_deinit(ch);
+ }
return ret;
}
@@ -1725,8 +1722,7 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
int data_size;
uint8_t *data = NULL;
gnutls_datum_t d_iv;
- cipher_hd_st ch;
- int ch_init = 0;
+ gnutls_cipher_hd_t ch = NULL;
uint8_t pad, pad_size;
const cipher_entry_st *ce;
@@ -1756,18 +1752,13 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
d_iv.data = (uint8_t *) enc_params->iv;
d_iv.size = enc_params->iv_size;
- result =
- _gnutls_cipher_init(&ch, cipher_to_entry(enc_params->cipher),
- key, &d_iv, 1);
-
+ result = gnutls_cipher_init(&ch, enc_params->cipher, key, &d_iv);
if (result < 0) {
gnutls_assert();
goto error;
}
- ch_init = 1;
-
- result = _gnutls_cipher_encrypt(&ch, data, data_size);
+ result = gnutls_cipher_encrypt(ch, data, data_size);
if (result < 0) {
gnutls_assert();
goto error;
@@ -1776,13 +1767,14 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
encrypted->data = data;
encrypted->size = data_size;
- _gnutls_cipher_deinit(&ch);
+ gnutls_cipher_deinit(ch);
return 0;
error:
gnutls_free(data);
- if (ch_init != 0)
- _gnutls_cipher_deinit(&ch);
+ if (ch) {
+ gnutls_cipher_deinit(ch);
+ }
return result;
}
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index b8f7d17267..78f6f41b48 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -104,9 +104,17 @@ void doit(void)
int ret, indx;
char outbuf[10240];
size_t size;
- unsigned tests, i;
+ unsigned i;
gnutls_fips140_context_t fips_context;
gnutls_fips140_operation_state_t fips_state;
+ size_t n_tests = 0;
+ struct tests {
+ const char *name;
+ gnutls_x509_crt_t crt;
+ const char *friendly_name;
+ unsigned bag_encrypt_flags;
+ int bag_encrypt_expected;
+ } tests[2];
ret = global_init();
if (ret < 0) {
@@ -157,21 +165,34 @@ void doit(void)
exit(1);
}
- /* Generate and add PKCS#12 cert bags. */
- if (!gnutls_fips140_mode_enabled()) {
- tests = 2; /* include RC2 */
+ tests[n_tests].name = "3DES";
+ tests[n_tests].crt = client;
+ tests[n_tests].friendly_name = "client";
+ tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS8_USE_PKCS12_3DES;
+ tests[n_tests].bag_encrypt_expected = 0;
+ n_tests++;
+
+ tests[n_tests].name = "RC2-40";
+ tests[n_tests].crt = ca;
+ tests[n_tests].friendly_name = "ca";
+ tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS_USE_PKCS12_RC2_40;
+ if (gnutls_fips140_mode_enabled()) {
+ tests[n_tests].bag_encrypt_expected =
+ GNUTLS_E_UNWANTED_ALGORITHM;
} else {
- tests = 1;
+ tests[n_tests].bag_encrypt_expected = 0;
}
+ n_tests++;
- for (i = 0; i < tests; i++) {
+ /* Generate and add PKCS#12 cert bags. */
+ for (i = 0; i < n_tests; i++) {
ret = gnutls_pkcs12_bag_init(&bag);
if (ret < 0) {
fprintf(stderr, "bag_init: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
- ret = gnutls_pkcs12_bag_set_crt(bag, i == 0 ? client : ca);
+ ret = gnutls_pkcs12_bag_set_crt(bag, tests[i].crt);
if (ret < 0) {
fprintf(stderr, "set_crt: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
@@ -180,16 +201,14 @@ void doit(void)
indx = ret;
ret = gnutls_pkcs12_bag_set_friendly_name(bag, indx,
- i ==
- 0 ? "client" :
- "ca");
+ tests[i].friendly_name);
if (ret < 0) {
fprintf(stderr, "set_friendly_name: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
size = sizeof(key_id_buf);
- ret = gnutls_x509_crt_get_key_id(i == 0 ? client : ca, 0,
+ ret = gnutls_x509_crt_get_key_id(tests[i].crt, 0,
key_id_buf, &size);
if (ret < 0) {
fprintf(stderr, "get_key_id: %s (%d)\n", gnutls_strerror(ret), ret);
@@ -206,14 +225,11 @@ void doit(void)
}
ret = gnutls_pkcs12_bag_encrypt(bag, "pass",
- i ==
- 0 ?
- GNUTLS_PKCS8_USE_PKCS12_3DES
- :
- GNUTLS_PKCS_USE_PKCS12_RC2_40);
- if (ret < 0) {
- fprintf(stderr, "bag_encrypt: %d: %s", ret,
- i == 0 ? "3DES" : "RC2-40");
+ tests[i].bag_encrypt_flags);
+ if (ret != tests[i].bag_encrypt_expected) {
+ fprintf(stderr, "bag_encrypt: returned %d, expected %d: %s", ret,
+ tests[i].bag_encrypt_expected,
+ tests[i].name);
exit(1);
}
--
2.34.1

182
SOURCES/gnutls-3.7.3-fips-rsa-keygen.patch Normal file
View File

@ -0,0 +1,182 @@
From 9f5a60c1fe576f82bcd5c7998b2ca2b0d60e8e4f Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 27 Jan 2022 18:17:43 +0100
Subject: [PATCH 1/2] rsa_generate_fips186_4_keypair: accept a few more modulus
sizes
While _rsa_generate_fips186_4_keypair was modified to accept modulus
sizes other than 2048 and 3076, rsa_generate_fips186_4_keypair, which
calls that function, was not updated to accept such modulus sizes.
Spotted by Alexander Sosedkin.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/nettle/int/rsa-keygen-fips186.c | 67 ++++++++++++++++-------------
1 file changed, 36 insertions(+), 31 deletions(-)
diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c
index 5b221a030a..c6f7e675af 100644
--- a/lib/nettle/int/rsa-keygen-fips186.c
+++ b/lib/nettle/int/rsa-keygen-fips186.c
@@ -27,6 +27,7 @@
#include "config.h"
#endif
+#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -248,6 +249,33 @@ cleanup:
return ret;
}
+/* Return the pre-defined seed length for modulus size, or 0 when the
+ * modulus size is unsupported.
+ */
+static inline unsigned
+seed_length_for_modulus_size(unsigned modulus_size)
+{
+ switch (modulus_size) {
+ case 2048: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
+ return 14 * 2;
+ case 3072: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
+ return 16 * 2;
+ case 4096: /* SP 800-56B rev 2 Appendix D */
+ return 19 * 2;
+ case 6144: /* SP 800-56B rev 2 Appendix D */
+ return 22 * 2;
+ case 7680: /* FIPS 140-2 IG 7.5 */
+ return 24 * 2;
+ case 8192: /* SP 800-56B rev 2 Appendix D */
+ return 25 * 2;
+ case 15360: /* FIPS 140-2 IG 7.5 */
+ return 32 * 2;
+ default:
+ return 0;
+ }
+
+}
+
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
*
* The hash function used is SHA384.
@@ -266,33 +294,15 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
int ret;
struct dss_params_validation_seeds cert;
unsigned l = n_size / 2;
+ unsigned s = seed_length_for_modulus_size(n_size);
- switch (n_size) {
- case 2048: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 14 * 2, 0, "seed length other than 28 bytes\n");
- break;
- case 3072: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 16 * 2, 0, "seed length other than 32 bytes\n");
- break;
- case 4096: /* SP 800-56B rev 2 Appendix D */
- FIPS_RULE(seed_length != 19 * 2, 0, "seed length other than 38 bytes\n");
- break;
- case 6144: /* SP 800-56B rev 2 Appendix D */
- FIPS_RULE(seed_length != 22 * 2, 0, "seed length other than 44 bytes\n");
- break;
- case 7680: /* FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 24 * 2, 0, "seed length other than 48 bytes\n");
- break;
- case 8192: /* SP 800-56B rev 2 Appendix D */
- FIPS_RULE(seed_length != 25 * 2, 0, "seed length other than 50 bytes\n");
- break;
- case 15360: /* FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 32 * 2, 0, "seed length other than 64 bytes\n");
- break;
- default:
+ if (!s) {
FIPS_RULE(false, 0, "unsupported modulus size\n");
}
+ FIPS_RULE(seed_length != s, 0,
+ "seed length other than %u bytes\n", s);
+
if (!mpz_tstbit(pub->e, 0)) {
_gnutls_debug_log("Unacceptable e (it is even)\n");
return 0;
@@ -405,10 +415,6 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
return ret;
}
-/* Not entirely accurate but a good precision
- */
-#define SEED_LENGTH(bits) (_gnutls_pk_bits_to_subgroup_bits(bits)/8)
-
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
*
* The hash function used is SHA384.
@@ -429,11 +435,10 @@ rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
unsigned seed_length;
int ret;
- FIPS_RULE(n_size != 2048 && n_size != 3072, 0, "size of prime of other than 2048 or 3072\n");
+ seed_length = seed_length_for_modulus_size(n_size);
+ FIPS_RULE(!seed_length, 0, "unsupported modulus size\n");
- seed_length = SEED_LENGTH(n_size);
- if (seed_length > sizeof(seed))
- return 0;
+ assert(seed_length <= sizeof(seed));
random(random_ctx, seed_length, seed);
--
2.34.1
From 46ae6160489151034bca19aa6c40ba0df6b53bcc Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 1 Feb 2022 15:19:52 +0100
Subject: [PATCH 2/2] certtool --generate-privkey: update warnings on RSA key
sizes
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
src/certtool.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/certtool.c b/src/certtool.c
index c128500614..71d4aff13e 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -206,8 +206,12 @@ generate_private_key_int(common_info_st * cinfo)
"Note that DSA keys with size over 1024 may cause incompatibility problems when used with earlier than TLS 1.2 versions.\n\n");
if ((HAVE_OPT(SEED) || provable) && GNUTLS_PK_IS_RSA(key_type)) {
- if (bits != 2048 && bits != 3072) {
- fprintf(stderr, "Note that the FIPS 186-4 key generation restricts keys to 2048 and 3072 bits\n");
+ /* Keep in sync with seed_length_for_modulus_size in
+ * lib/nettle/int/rsa-keygen-fips186.c. */
+ if (bits != 2048 && bits != 3072 && bits != 4096 &&
+ bits != 6144 && bits != 7680 && bits != 8192 &&
+ bits != 15360) {
+ fprintf(stderr, "Note that the FIPS 186-4 key generation restricts keys to be of known lengths (2048, 3072, etc)\n");
}
}
@@ -225,7 +229,15 @@ generate_private_key_int(common_info_st * cinfo)
kdata[kdata_size++].size = cinfo->seed_size;
if (GNUTLS_PK_IS_RSA(key_type)) {
- if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) {
+ /* Keep in sync with seed_length_for_modulus_size in
+ * lib/nettle/int/rsa-keygen-fips186.c. */
+ if ((bits == 2048 && cinfo->seed_size != 28) ||
+ (bits == 3072 && cinfo->seed_size != 32) ||
+ (bits == 4096 && cinfo->seed_size != 38) ||
+ (bits == 6144 && cinfo->seed_size != 44) ||
+ (bits == 7680 && cinfo->seed_size != 48) ||
+ (bits == 8192 && cinfo->seed_size != 50) ||
+ (bits == 15360 && cinfo->seed_size != 64)) {
fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
}
} else if (key_type == GNUTLS_PK_DSA) {
--
2.34.1

70
SOURCES/gnutls-3.7.3-fix-tests-in-fips.patch Normal file
View File

@ -0,0 +1,70 @@
From 2c33761787f6530cf3984310a5f3b7dd05a7b375 Mon Sep 17 00:00:00 2001
From: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu, 17 Feb 2022 11:46:29 +0100
Subject: [PATCH] Disable some tests in fips mode
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
---
tests/pkcs11/pkcs11-eddsa-privkey-test.c | 5 +++++
tests/pkcs11/tls-neg-pkcs11-key.c | 8 +++++++-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/tests/pkcs11/pkcs11-eddsa-privkey-test.c b/tests/pkcs11/pkcs11-eddsa-privkey-test.c
index 44515da3f..ebbfe5278 100644
--- a/tests/pkcs11/pkcs11-eddsa-privkey-test.c
+++ b/tests/pkcs11/pkcs11-eddsa-privkey-test.c
@@ -107,6 +107,11 @@ void doit(void)
fail("%d: %s\n", ret, gnutls_strerror(ret));
}
+ if (gnutls_fips140_mode_enabled()) {
+ gnutls_global_deinit();
+ return;
+ }
+
gnutls_pkcs11_set_pin_function(pin_func, NULL);
gnutls_global_set_log_function(tls_log_func);
if (debug)
diff --git a/tests/pkcs11/tls-neg-pkcs11-key.c b/tests/pkcs11/tls-neg-pkcs11-key.c
index fc7c3dc4e..5cc1ae6e2 100644
--- a/tests/pkcs11/tls-neg-pkcs11-key.c
+++ b/tests/pkcs11/tls-neg-pkcs11-key.c
@@ -268,6 +268,7 @@ typedef struct test_st {
int exp_serv_err;
int needs_eddsa;
int needs_decryption;
+ int nofips;
unsigned requires_pkcs11_pss;
} test_st;
@@ -340,6 +341,7 @@ static const test_st tests[] = {
.cert = &server_ca3_eddsa_cert,
.key = &server_ca3_eddsa_key,
.exp_kx = GNUTLS_KX_ECDHE_RSA,
+ .nofips = 1
},
{.name = "tls1.3: ecc key",
.pk = GNUTLS_PK_ECDSA,
@@ -392,7 +394,8 @@ static const test_st tests[] = {
.prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA",
.cert = &server_ca3_eddsa_cert,
.key = &server_ca3_eddsa_key,
- .exp_kx = GNUTLS_KX_ECDHE_RSA
+ .exp_kx = GNUTLS_KX_ECDHE_RSA,
+ .nofips = 1
}
};
@@ -448,6 +451,9 @@ void doit(void)
have_eddsa = verify_eddsa_presence();
for (i=0;i<sizeof(tests)/sizeof(tests[0]);i++) {
+ if (tests[i].nofips && gnutls_fips140_mode_enabled())
+ continue;
+
if (tests[i].needs_eddsa && !have_eddsa)
continue;
--
2.35.1

33
SOURCES/gnutls-3.7.3-ktls-stub.patch Normal file
View File

@ -0,0 +1,33 @@
From a97a93e23483aafc3508adee8e6399a2302e0fbc Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 15 Feb 2022 17:38:20 +0100
Subject: [PATCH] gnutls_transport_is_ktls_enabled: fix return value of stub
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/system/ktls.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/lib/system/ktls.c b/lib/system/ktls.c
index 7e3cb875ed..f156f08ab2 100644
--- a/lib/system/ktls.c
+++ b/lib/system/ktls.c
@@ -422,12 +422,11 @@ int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type,
#else //ENABLE_KTLS
gnutls_transport_ktls_enable_flags_t
-gnutls_transport_is_ktls_enabled(gnutls_session_t session){
- return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+gnutls_transport_is_ktls_enabled(gnutls_session_t session) {
+ return 0;
}
-void _gnutls_ktls_enable(gnutls_session_t session){
- return;
+void _gnutls_ktls_enable(gnutls_session_t session) {
}
int _gnutls_ktls_set_keys(gnutls_session_t session) {
--
2.34.1

BIN
SOURCES/gnutls-3.7.3.tar.xz.sig Normal file
View File

Binary file not shown.

95
SPECS/gnutls.spec
View File

@ -1,12 +1,28 @@
# This spec file has been automatically updated
Version: 3.7.2
Release: 8%{?dist}
%define srpmhash() %{lua:
local files = rpm.expand("%_specdir/gnutls.spec")
for i, p in ipairs(patches) do
files = files.." "..p
end
for i, p in ipairs(sources) do
files = files.." "..p
end
local sha256sum = assert(io.popen("cat "..files.."| sha256sum"))
local hash = sha256sum:read("*a")
sha256sum:close()
print(string.sub(hash, 0, 16))
}
Version: 3.7.3
Release: 5%{?dist}
Patch1: gnutls-3.6.7-no-now-guile.patch
Patch2: gnutls-3.2.7-rpath.patch
Patch3: gnutls-3.7.2-config-allowlisting.patch
Patch4: gnutls-3.7.2-key-share-ecdhx.patch
Patch5: gnutls-3.7.2-enable-intel-cet.patch
Patch6: gnutls-3.7.2-libopts-covscan.patch
Patch3: gnutls-3.7.2-enable-intel-cet.patch
Patch4: gnutls-3.7.2-no-explicit-init.patch
Patch5: gnutls-3.7.3-disable-config-reload.patch
Patch6: gnutls-3.7.3-fips-rsa-keygen.patch
Patch7: gnutls-3.7.3-ktls-stub.patch
Patch8: gnutls-3.7.3-fips-pkcs12.patch
Patch9: gnutls-3.7.3-fix-tests-in-fips.patch
%bcond_with bootstrap
%bcond_without dane
%if 0%{?rhel}
@ -17,6 +33,7 @@ Patch6: gnutls-3.7.2-libopts-covscan.patch
%bcond_without fips
%endif
%bcond_with tpm12
%bcond_without tpm2
%bcond_with gost
Summary: A TLS protocol implementation
@ -27,12 +44,14 @@ BuildRequires: p11-kit-devel >= 0.21.3, gettext-devel
BuildRequires: zlib-devel, readline-devel, libtasn1-devel >= 4.3
%if %{with bootstrap}
BuildRequires: automake, autoconf, gperf, libtool, texinfo
BuildRequires: autogen-libopts-devel >= 5.18, autogen
%endif
BuildRequires: nettle-devel >= 3.5.1
%if %{with tpm12}
BuildRequires: trousers-devel >= 0.3.11.2
%endif
%if %{with tpm2}
BuildRequires: tpm2-tss-devel >= 3.0.3
%endif
BuildRequires: libidn2-devel
BuildRequires: libunistring-devel
BuildRequires: net-tools, datefudge, softhsm, gcc, gcc-c++
@ -167,24 +186,6 @@ rm -f lib/minitasn1/*.c lib/minitasn1/*.h
echo "SYSTEM=NORMAL" >> tests/system.prio
%if !%{with bootstrap}
# These are ordered by dependency:
touch doc/functions/* doc/enums/*
touch doc/enums.texi doc/gnutls-api.texi
touch doc/invoke-gnutls-cli.texi
touch doc/invoke-gnutls-cli-debug.texi
touch doc/invoke-gnutls-serv.texi
touch doc/invoke-certtool.texi
touch doc/invoke-ocsptool.texi
touch doc/invoke-danetool.texi
touch doc/invoke-srptool.texi
touch doc/invoke-psktool.texi
touch doc/invoke-p11tool.texi
touch doc/invoke-tpmtool.texi
touch doc/stamp_functions doc/stamp_enums
touch doc/gnutls.info doc/gnutls.html doc/manpages/stamp_mans
%endif
# Note that we explicitly enable SHA1, as SHA1 deprecation is handled
# via the crypto policies
@ -202,9 +203,16 @@ GUILD=%{_bindir}/guild2.2
export GUILD
%endif
%if %{with fips}
eval $(sed -n 's/^\(\(NAME\|VERSION_ID\)=.*\)/OS_\1/p' /etc/os-release)
export FIPS_MODULE_NAME="$OS_NAME $OS_VERSION_ID %name"
%endif
%configure \
%if %{with fips}
--enable-fips140-mode \
--with-fips140-module-name="$FIPS_MODULE_NAME" \
--with-fips140-module-version=%{version}-%{srpmhash} \
%endif
%if %{with gost}
--enable-gost \
@ -221,6 +229,11 @@ export GUILD
--with-trousers-lib=%{_libdir}/libtspi.so.1 \
%else
--without-tpm \
%endif
%if %{with tpm2}
--with-tpm2 \
%else
--without-tpm2 \
%endif
--htmldir=%{_docdir}/manual \
%if %{with guile}
@ -322,6 +335,36 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
%endif
%changelog
* Thu Feb 17 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.3-5
- Fix upstream testsuite in fips mode (#2051637)
* Wed Feb 16 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-4
- Specify FIPS140-3 module name and version
- fips: allow a few more primes in RSA key generation
- fips: tighten PKCS#12 algorithm checks
- Correct return value of KTLS stub API
* Tue Feb 15 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.3-3
- Disable config reload in order to not break allowlisting (#2042532)
* Wed Feb 2 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-2
- Build with TPM2 support, patch from Alexander Sosedkin (#2033220)
* Tue Jan 18 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-1
- Update to gnutls 3.7.3 (#2033220)
* Wed Dec 22 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-10
- Update gnutls_{hash,hmac}_copy man-pages as well (#1999639)
* Wed Dec 22 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-9
- Drop support for GNUTLS_NO_EXPLICIT_INIT envvar in favor of
GNUTLS_NO_IMPLICIT_INIT (#1999639)
- Expand documentation of gnutls_{hash,hmac}_copy, mentioning that
those do not always work (#1999639)
* Tue Dec 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-9
- Fix race condition when resolving SYSTEM priority in allowlisting mode (#2012249)
* Thu Oct 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-8
- Fix issues in bundled libopts, spotted by covscan (#1938730)