aboutsummaryrefslogtreecommitdiffstats
path: root/main/gnutls/APKBUILD
blob: 1cfa356915e9ba1bac8881dc07609917a5c5ee0c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# Contriburo: Ɓukasz Jendrysik <scadu@yandex.com>
# Contributor: Michael Mason <ms13sp@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.6.15
pkgrel=1
pkgdesc="A TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
license="GPL-3.0-or-later"
options="!check" # depends on datefudge
checkdepends="diffutils"
makedepends="nettle-dev zlib-dev libtasn1-dev p11-kit-dev libunistring-dev texinfo"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev $pkgname-utils $pkgname-c++:xx"
_v=${pkgver%.*}
case $pkgver in
*.*.*.*) _v=${_v%.*};;
esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
	CVE-2021-20231.patch
	CVE-2021-20232.patch
	"

# secfixes:
#   3.6.15-r1:
#     - CVE-2021-20231
#     - CVE-2021-20232
#   3.6.15-r0:
#     - CVE-2020-24659 GNUTLS-SA-2020-09-04
#   3.6.14-r0:
#     - CVE-2020-13777 GNUTLS-SA-2020-06-03
#   3.6.8-r1:
#     - CVE-2020-11501 GNUTLS-SA-2020-03-31
#   3.6.7-r0:
#     - CVE-2019-3836
#     - CVE-2019-3829
#   3.5.13-r0:
#     - CVE-2017-7507

build() {
	LIBS="-lgmp" ./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--disable-openssl-compatibility \
		--disable-rpath \
		--disable-static \
		--disable-guile \
		--disable-valgrind-tests
	make
}

check() {
	make check
}

package() {
	make -j1 DESTDIR="$pkgdir" \
		-C "$builddir" install
}

utils() {
	pkgdesc="Command line tools for TLS protocol"
	mkdir -p "$subpkgdir"/usr/
	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}

xx() {
	pkgdesc="The C++ interface to GnuTLS"
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}

sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c  gnutls-3.6.15.tar.xz
37261adbb9da45b3f2b11e65a148e19c825970d3342b2946ccbc4abbea9b61c8a90d79b220ddc16cdcad95ee26a77a53fac6400d68c76e2cf8aea5e22900e374  CVE-2021-20231.patch
9c6bffcccc2ac887f92f252be94a822465a79a5080d6e912c3f8ef44a53511f1eefb2fa876a3af6d21ddc2baf5717b8c454d6a79bd328fe52b02f4d27c12a505  CVE-2021-20232.patch"