The 3.5.x has been promoted to stable, hence 3.4.x is deprecated and
3.3.x kept as old-stable.
libdane now specifies LGPLv2.1+ so drop the README kludge (which is also
gone regarding licensing).
libunistring is a new dependency, even though gnutls ships a builtin version
we prefer to use unbundled to avoid duplication with other users and target
size growth.
Fixes:
GNUTLS-SA-2017-01 - It was found using the OSS-FUZZ fuzzer
infrastructure that decoding a specially crafted X.509 certificate with
Proxy Certificate Information extension present could lead to a double
free.
GNUTLS-SA-2017-02 - It was found using the OSS-FUZZ fuzzer
infrastructure that decoding a specially crafted OpenPGP certificate
could lead to heap and stack overflows.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 3.4 series has been promoted to stable.
Handle autodeps more concisely (idn, p11-kit, zlib).
libtasn1 is now mandatory, since otherwise gnutls uses the bundled
version it makes no sense to try that because of target duplication.
Disable tpm support since we've got no trousers package.
Disable libdane support since we've got no dane package.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In the Config.in file of package foo, it often happens that there are other
symbols besides BR2_PACKAGE_FOO. Typically, these symbols only make sense
when foo itself is enabled. There are two ways to express this: with
depends on BR2_PACKAGE_FOO
in each extra symbol, or with
if BR2_PACKAGE_FOO
...
endif
around the entire set of extra symbols.
The if/endif approach avoids the repetition of 'depends on' statements on
multiple symbols, so this is clearly preferred. But even when there is only
one extra symbol, if/endif is a more logical choice:
- it is future-proof for when extra symbols are added
- it allows to have just one strategy instead of two (less confusion)
This patch modifies the Config.in files accordingly.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch lines up the comments in Config.in files that clarify which
toolchain options the package depends on.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 7672b1235d.
It turns out that libgnutls.so ends up with a reference to wctomb() on
uClibc, as uClibc doesn't have vasnprintf so gnutls builds its internal
gnulib version of it, referencing wctomb().
Fix it by going back to requiring wchar for the base gnutls library as well.
Fixes http://autobuild.buildroot.net/results/780/780e825e56dc78f1ea347ca462e2e31044428775/
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
This reverts commit f1b86cef98
While the fix makes gnutls build without wchar, it doesn't actually work as
there's no rpl_wctomb implementation so the .so ends up with an undefined
reference to wctomb:
./host/usr/bin/arm-linux-nm -D staging/usr/lib/libgnutls.so.28|grep wctomb
U wctomb
Causing linker errors for packages trying to use it:
CCLD msmtp
host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgnutls.so:
undefined reference to `wctomb'
collect2: ld returned 1 exit status
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
[Peter: add comment when tools not available]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Make gnutls work for non-wchar toolchains.
It's just a matter of throwing a helping hand to configure.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
