summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--patches/gnutls-3.6.16/0001-don-t-try-ru-build-run-code-generator.patch31
l---------patches/gnutls-3.6.16/autogen.sh1
-rw-r--r--patches/gnutls-3.6.16/series4
-rw-r--r--rules/gnutls.in11
-rw-r--r--rules/gnutls.make19
5 files changed, 23 insertions, 43 deletions
diff --git a/patches/gnutls-3.6.16/0001-don-t-try-ru-build-run-code-generator.patch b/patches/gnutls-3.6.16/0001-don-t-try-ru-build-run-code-generator.patch
deleted file mode 100644
index c879ec7f8..000000000
--- a/patches/gnutls-3.6.16/0001-don-t-try-ru-build-run-code-generator.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Michael Olbrich <m.olbrich@pengutronix.de>
-Date: Fri, 3 Apr 2020 13:07:30 +0200
-Subject: [PATCH] don't try ru build / run code generator
-
-Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
----
- lib/nettle/Makefile.am | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am
-index aae87e09023a..de6f9ed44399 100644
---- a/lib/nettle/Makefile.am
-+++ b/lib/nettle/Makefile.am
-@@ -99,6 +99,8 @@ ecc_generated_headers = \
- BUILT_SOURCES = $(ecc_generated_headers)
- EXTRA_DIST = $(ecc_generated_headers) ecc/eccdata.stamp
-
-+if !CROSS_COMPILING
-+
- noinst_PROGRAMS = ecc/eccdata$(EXEEXT)
-
- ecc_eccdata_SOURCES = ecc/eccdata.c
-@@ -126,6 +128,8 @@ ecc/ecc-gost-gc512a-32.h: ecc/eccdata.stamp
- ecc/ecc-gost-gc512a-64.h: ecc/eccdata.stamp
- $(AM_V_GEN)ecc/eccdata$(EXEEXT) gost_gc512a 43 6 64 > $@T && mv $@T $@
-
-+endif
-+
- libcrypto_la_SOURCES += \
- gost/ecc-gost-hash.c nettle-alloca.h ecc-gost-curve.h
-
diff --git a/patches/gnutls-3.6.16/autogen.sh b/patches/gnutls-3.6.16/autogen.sh
deleted file mode 120000
index 9f8a4cb7d..000000000
--- a/patches/gnutls-3.6.16/autogen.sh
+++ /dev/null
@@ -1 +0,0 @@
-../autogen.sh \ No newline at end of file
diff --git a/patches/gnutls-3.6.16/series b/patches/gnutls-3.6.16/series
deleted file mode 100644
index 1a79ecf82..000000000
--- a/patches/gnutls-3.6.16/series
+++ /dev/null
@@ -1,4 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-0001-don-t-try-ru-build-run-code-generator.patch
-# b14a2a9426010360472bbafa176de894 - git-ptx-patches magic
diff --git a/rules/gnutls.in b/rules/gnutls.in
index 8b9443652..11fd963da 100644
--- a/rules/gnutls.in
+++ b/rules/gnutls.in
@@ -4,6 +4,7 @@ menuconfig GNUTLS
tristate
select LIBTASN1
select NETTLE
+ select LIBKCAPI if GNUTLS_AFALG
select GCCLIBS_CXX if GNUTLS_CXX
select CRYPTODEV_API if GNUTLS_CRYPTODEV && BUILDTIME
prompt "gnutls "
@@ -28,6 +29,16 @@ config GNUTLS_CRYPTODEV
help
Enable the BSD cryptodev engine even if we are not using BSD.
+config GNUTLS_AFALG
+ bool
+ prompt "enable AFALG support"
+
+config GNUTLS_KTLS
+ bool
+ prompt "enable KTLS support"
+ help
+ Kernel TLS offload. Sufficiently moderen kernel headers are needed.
+
config GNUTLS_OPENSSL
bool
prompt "openssl compatibility"
diff --git a/rules/gnutls.make b/rules/gnutls.make
index 43aa90b8d..bc5d69cf0 100644
--- a/rules/gnutls.make
+++ b/rules/gnutls.make
@@ -14,11 +14,11 @@ PACKAGES-$(PTXCONF_GNUTLS) += gnutls
#
# Paths and names
#
-GNUTLS_VERSION := 3.6.16
-GNUTLS_MD5 := 5db1678931fa6bbd40beed235c6a0a37
+GNUTLS_VERSION := 3.7.3
+GNUTLS_MD5 := 3723d8fee66c5d45d780ca64c089ed23
GNUTLS := gnutls-$(GNUTLS_VERSION)
GNUTLS_SUFFIX := tar.xz
-GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/$(GNUTLS).$(GNUTLS_SUFFIX)
+GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/$(GNUTLS).$(GNUTLS_SUFFIX)
GNUTLS_SOURCE := $(SRCDIR)/$(GNUTLS).$(GNUTLS_SUFFIX)
GNUTLS_DIR := $(BUILDDIR)/$(GNUTLS)
GNUTLS_LICENSE := LGPL-3.0-or-later
@@ -27,6 +27,11 @@ GNUTLS_LICENSE := LGPL-3.0-or-later
# Prepare
# ----------------------------------------------------------------------------
+ifdef PTXCONF_KERNEL_HEADER
+GNUTLS_CPPFLAGS := \
+ -isystem $(KERNEL_HEADERS_INCLUDE_DIR)
+endif
+
#
# autoconf
#
@@ -41,6 +46,7 @@ GNUTLS_CONF_OPT := \
--disable-manpages \
--disable-tools \
--enable-cxx \
+ --disable-dyn-ncrypt \
--enable-hardware-acceleration \
--enable-tls13-interop \
--enable-padlock \
@@ -58,6 +64,8 @@ GNUTLS_CONF_OPT := \
--enable-ecdhe \
--enable-gost \
--$(call ptx/endis, PTXCONF_GNUTLS_CRYPTODEV)-cryptodev \
+ --$(call ptx/endis, PTXCONF_GNUTLS_AFALG)-afalg \
+ --$(call ptx/endis, PTXCONF_GNUTLS_KTLS)-ktls \
--enable-ocsp \
--$(call ptx/endis, PTXCONF_GNUTLS_OPENSSL)-openssl-compatibility \
--disable-tests \
@@ -78,9 +86,6 @@ GNUTLS_CONF_OPT := \
--disable-fips140-mode \
--enable-non-suiteb-curves \
--disable-libdane \
- --enable-local-libopts \
- --disable-libopts-install \
- --enable-optional-args \
--disable-guile \
--with-nettle-mini \
--without-included-libtasn1 \
@@ -88,9 +93,9 @@ GNUTLS_CONF_OPT := \
--without-fips140-key \
--without-idn \
--without-p11-kit \
+ --without-tpm2 \
--without-tpm \
--without-trousers-lib \
- --without-libregex \
--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
# ----------------------------------------------------------------------------
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-11 15:51:35 +0000