diff options
author | Christian Melki <christian.melki@t2data.com> | 2022-04-11 21:24:09 +0200 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2022-04-13 18:07:56 +0200 |
commit | 9f60cce118b1c89d7a76ef9a53fa519c932f680d (patch) | |
tree | e4457ac72f7bfb819f9af2c98689441be8f08750 | |
parent | 0816389ac314159764c11242590cca90ca1444b9 (diff) | |
download | ptxdist-9f60cce118b1c89d7a76ef9a53fa519c932f680d.tar.gz ptxdist-9f60cce118b1c89d7a76ef9a53fa519c932f680d.tar.xz |
gnutls: Version bump. 3.7.3 -> 3.7.4.
Various fixes and function expansion.
Notable additions:
Certificate compression. RFC8879.
More extensive x509 sanity checking configure option. RFC5280.
https://gitlab.com/gnutls/gnutls/-/blob/master/NEWS
* Remove obsoleted configure options.
* Disable compression options.
zstd and brotli option are misspelled (configure help vs actual option).
They will be corrected in the next release.
* Disable stricter x509 checking.
Signed-off-by: Christian Melki <christian.melki@t2data.com>
Message-Id: <20220411192409.3525611-1-christian.melki@t2data.com>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
-rw-r--r-- | rules/gnutls.make | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/rules/gnutls.make b/rules/gnutls.make index bc5d69cf0..785522c2a 100644 --- a/rules/gnutls.make +++ b/rules/gnutls.make @@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_GNUTLS) += gnutls # # Paths and names # -GNUTLS_VERSION := 3.7.3 -GNUTLS_MD5 := 3723d8fee66c5d45d780ca64c089ed23 +GNUTLS_VERSION := 3.7.4 +GNUTLS_MD5 := 4bce06332c525eae540bb237433d4225 GNUTLS := gnutls-$(GNUTLS_VERSION) GNUTLS_SUFFIX := tar.xz GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/$(GNUTLS).$(GNUTLS_SUFFIX) @@ -53,6 +53,7 @@ GNUTLS_CONF_OPT := \ --enable-strict-der-time \ --enable-sha1-support \ --disable-ssl3-support \ + --disable-strict-x509 \ --enable-ssl2-support \ --enable-dtls-srtp-support \ --enable-alpn-support \ @@ -70,9 +71,6 @@ GNUTLS_CONF_OPT := \ --$(call ptx/endis, PTXCONF_GNUTLS_OPENSSL)-openssl-compatibility \ --disable-tests \ --disable-fuzzer-target \ - --disable-gtk-doc \ - --disable-gtk-doc-html \ - --disable-gtk-doc-pdf \ --disable-nls \ --disable-rpath \ --disable-seccomp-tests \ @@ -90,12 +88,15 @@ GNUTLS_CONF_OPT := \ --with-nettle-mini \ --without-included-libtasn1 \ --with-included-unistring \ + --without-libbrotli \ --without-fips140-key \ --without-idn \ --without-p11-kit \ --without-tpm2 \ --without-tpm \ --without-trousers-lib \ + --without-zlib \ + --without-libzstd \ --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt # ---------------------------------------------------------------------------- |