blob: 465344e133d9e4760d70f18f53a403c12c85a621 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
# Contriburo: Łukasz Jendrysik <scadu@yandex.com>
# Contributor: Michael Mason <ms13sp@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.8.3
pkgrel=0
pkgdesc="TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
license="LGPL-2.1-or-later"
checkdepends="diffutils datefudge"
makedepends="
libidn2-dev
libkcapi-dev
libtasn1-dev
libunistring-dev
linux-headers
nettle-dev
p11-kit-dev
texinfo
zlib-dev
"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev $pkgname-utils $pkgname-c++:xx"
_v=${pkgver%.*}
case $pkgver in
*.*.*.*) _v=${_v%.*};;
esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
skip-ktls.patch
"
# Upstream Tracker: https://gnutls.org/security-new.html
# secfixes:
# 3.8.3-r0:
# - CVE-2023-5981
# - CVE-2024-0553
# - CVE-2024-0567
# 3.8.0-r0:
# - CVE-2023-0361
# 3.7.7-r0:
# - CVE-2022-2509 GNUTLS-SA-2022-07-07
# 3.7.1-r0:
# - CVE-2021-20231 GNUTLS-SA-2021-03-10
# - CVE-2021-20232 GNUTLS-SA-2021-03-10
# 3.6.15-r0:
# - CVE-2020-24659 GNUTLS-SA-2020-09-04
# 3.6.14-r0:
# - CVE-2020-13777 GNUTLS-SA-2020-06-03
# 3.6.13-r0:
# - CVE-2020-11501 GNUTLS-SA-2020-03-31
# 3.6.7-r0:
# - CVE-2019-3836
# - CVE-2019-3829
# 3.5.13-r0:
# - CVE-2017-7507
build() {
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--enable-ktls \
--disable-openssl-compatibility \
--disable-rpath \
--disable-static \
--disable-valgrind-tests
make
}
check() {
# millis, 100s
export GNUTLS_TEST_TIMEOUT=100000
make check || {
cat tests/test-suite.log
return 1
}
}
package() {
DESTDIR="$pkgdir" make -C "$builddir" install
}
utils() {
license="GPL-3.0-or-later"
pkgdesc="Command line tools for TLS protocol"
mkdir -p "$subpkgdir"/usr/
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
xx() {
pkgdesc="The C++ interface to GnuTLS"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}
sha512sums="
74eddba01ce4c2ffdca781c85db3bb52c85f1db3c09813ee2b8ceea0608f92ca3912fd9266f55deb36a8ba4d01802895ca5d5d219e7d9caec45e1a8534e45a84 gnutls-3.8.3.tar.xz
0913e95e58c509c5bb3463cce262741486ada05e283f770a0ef9bf88956e1b87224070036d32069a6d0b6cb880253627890aee98edb5f1b07acf26a97bc19cee skip-ktls.patch
"
|