PR#90: [packit] 3.8.1 upstream release - rpms/gnutls

rpms / gnutls

#90 [packit] 3.8.1 upstream release

Merged 9 months ago by zfridric. Opened 9 months ago by zfridric.

rpms/ zfridric/gnutls zfridric_devel2 into f39

Zoltan Fridrich • 9 months ago

ebf440e

.gitignore

file modified

		`@@ -144,3 +144,5 @@`
		`/gnutls-3.8.0.tar.xz`
		`/gnutls-3.8.0.tar.xz.sig`
		`/gnutls-release-keyring.gpg`
		`+ /gnutls-3.8.1.tar.xz`
		`+ /gnutls-3.8.1.tar.xz.sig`

README.packit

file modified

+1 -1

		`@@ -1,3 +1,3 @@`
		`This repository is maintained by packit.`
		`https://packit.dev/`
		`- The file was generated using packit 0.67.0.`
		`+ The file was generated using packit 0.78.0.`

gnutls-3.8.0-ktls-Do-not-return-GNUTLS_E_INTERRUPTED-AGAIN-from-s.patch

file removed

-52

		`@@ -1,52 +0,0 @@`
		`- From 21c386860f1973344872eec4e4dd68644b1b48aa Mon Sep 17 00:00:00 2001`
		`- From: "Richard W.M. Jones" <rjones@redhat.com>`
		`- Date: Fri, 10 Mar 2023 11:15:19 +0000`
		`- Subject: [PATCH] ktls: Do not return GNUTLS_E_INTERRUPTED/AGAIN from short`
		`- writes`
		`-`
		`- If sendmsg returns a short write, we end up going around the loop with`
		`- data_to_send being smaller. However if sendmsg then returns -EAGAIN`
		`- or -EINTR then we return an error. But we have "forgotten" that we`
		`- already sent some data.`
		`-`
		`- This causes the caller to retry gnutls_record_send with the full`
		`- buffer (ie. with a buffer that has already been partially sent),`
		`- causing desynchronization.`
		`-`
		`- Instead check if we sent some data in this case and return the number`
		`- of bytes sent.`
		`-`
		`- Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1470`
		`- Thanks: Dan Berrange for suggesting a fix`
		`- Signed-off-by: Richard W.M. Jones <rjones@redhat.com>`
		`- ---`
		`- lib/system/ktls.c \| 12 ++++++++++--`
		`- 1 file changed, 10 insertions(+), 2 deletions(-)`
		`-`
		`- diff --git a/lib/system/ktls.c b/lib/system/ktls.c`
		`- index fd57a9c30..bb59fab7c 100644`
		`- --- a/lib/system/ktls.c`
		`- +++ b/lib/system/ktls.c`
		`- @@ -604,9 +604,17 @@ int _gnutls_ktls_send_control_msg(gnutls_session_t session,`
		`- if (ret == -1) {`
		`- switch (errno) {`
		`- case EINTR:`
		`- - return GNUTLS_E_INTERRUPTED;`
		`- + if (data_to_send < data_size) {`
		`- + return data_size - data_to_send;`
		`- + } else {`
		`- + return GNUTLS_E_INTERRUPTED;`
		`- + }`
		`- case EAGAIN:`
		`- - return GNUTLS_E_AGAIN;`
		`- + if (data_to_send < data_size) {`
		`- + return data_size - data_to_send;`
		`- + } else {`
		`- + return GNUTLS_E_AGAIN;`
		`- + }`
		`- default:`
		`- return GNUTLS_E_PUSH_ERROR;`
		`- }`
		`- --`
		`- 2.39.2`
		`-`

gnutls.spec

file modified

+4 -8

		`@@ -12,7 +12,7 @@`
		`print(string.sub(hash, 0, 16))`
		`}`

		`- Version: 3.8.0`
		`+ Version: 3.8.1`
		`Release: %{?autorelease}%{!?autorelease:1%{?dist}}`
		`Patch: gnutls-3.2.7-rpath.patch`

		`@@ -22,10 +22,6 @@`
		`# follow https://gitlab.com/gnutls/gnutls/-/issues/1443`
		`Patch: gnutls-3.7.8-ktls_skip_tls12_chachapoly_test.patch`

		`- # Fix desychronisation with kTLS:`
		`- # https://gitlab.com/gnutls/gnutls/-/issues/1470`
		`- Patch: gnutls-3.8.0-ktls-Do-not-return-GNUTLS_E_INTERRUPTED-AGAIN-from-s.patch`
		`-`
		`%bcond_without bootstrap`
		`%bcond_without dane`
		`%bcond_without fips`
		`@@ -51,7 +47,7 @@`
		`Summary: A TLS protocol implementation`
		`Name: gnutls`
		`# The libraries are LGPLv2.1+, utilities are GPLv3+`
		`- License: GPLv3+ and LGPLv2+`
		`+ License: GPL-3.0-or-later AND LGPL-2.1-or-later`
		`BuildRequires: p11-kit-devel >= 0.21.3, gettext-devel`
		`BuildRequires: readline-devel, libtasn1-devel >= 4.3`
		`%if %{with certificate_compression}`
		`@@ -69,7 +65,7 @@`
		`%endif`
		`BuildRequires: libidn2-devel`
		`BuildRequires: libunistring-devel`
		`- BuildRequires: net-tools, datefudge, softhsm, gcc, gcc-c++`
		`+ BuildRequires: net-tools, softhsm, gcc, gcc-c++`
		`BuildRequires: gnupg2`
		`BuildRequires: git-core`

		`@@ -130,7 +126,7 @@`
		`Requires: pkgconfig`

		`%package utils`
		`- License: GPLv3+`
		`+ License: GPL-3.0-or-later`
		`Summary: Command line tools for TLS protocol`
		`Requires: %{name}%{?_isa} = %{version}-%{release}`
		`%if %{with dane}`

sources

file modified

+2 -2

		`@@ -1,3 +1,3 @@`
		`- SHA512 (gnutls-3.8.0.tar.xz) = 2507b3133423fdaf90fbd826ccb1142e9ff6fc90fcd5531720218f19ddf0e6bbb8267d23bad35c0954860e5a4179da74823e0c8357db56a14f252e6ec9d59629`
		`- SHA512 (gnutls-3.8.0.tar.xz.sig) = 9db8db74aa0ebd871287b07b6a8a9f4ce90188633618e669fe07cb8bb314b624c14761f6fe1970e2fbffa87f7c0d6daa4b0fa838bd05f74b8b18cd1b5325c654`
		`+ SHA512 (gnutls-3.8.1.tar.xz) = 22e78db86b835843df897d14ad633d8a553c0f9b1389daa0c2f864869c6b9ca889028d434f9552237dc4f1b37c978fbe0cce166e3768e5d4e8850ff69a6fc872`
		`+ SHA512 (gnutls-3.8.1.tar.xz.sig) = f03fde611927c83f6b57af695d5610ba3cefbb88a261cf5485c94b3fb32c7480a77c68a353a6a28185337195e30011d6b5578c53ea4180a656cf7b175156f7f1`
		`SHA512 (gnutls-release-keyring.gpg) = 5c14d83f4f37bd319c652db0d76fc5bb04752fb461bbe853e25b20ffe41d6d14faae6c0bdd0193ac6242975bf1205ce606a9d0082261cc4581fd680abfcdbd4d`