From 7fecd39c3d11dc864f71f779a61409695b25cd68 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Fri, 26 Aug 2022 00:41:50 +0900
Subject: [PATCH] Pin nettle version in Requires when compiled with FIPS

Related: #2097327
Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
 gnutls.spec | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/gnutls.spec b/gnutls.spec
index 5919123..9a3495c 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -13,7 +13,7 @@ print(string.sub(hash, 0, 16))
 }
 
 Version: 3.7.6
-Release: 8%{?dist}
+Release: 9%{?dist}
 # not upstreamed
 Patch: gnutls-3.6.7-no-now-guile.patch
 Patch: gnutls-3.2.7-rpath.patch
@@ -100,6 +100,10 @@ Source100:	gmp-6.2.1.tar.xz
 # Taken from the main gmp package
 Source101:	gmp-6.2.1-intel-cet.patch
 
+%if %{with fips}
+Requires: nettle%{?_isa} = 3.8-2
+%endif
+
 # Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
 Provides: bundled(gnulib) = 20130424
 
@@ -390,6 +394,9 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
 %endif
 
 %changelog
+* Thu Aug 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-9
+- Pin nettle version in Requires when compiled with FIPS
+
 * Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-8
 - Bundle GMP to privatize memory functions
 - Disable certificate compression support by default