| Message ID | 20260603074613.2846839-1-haixiao.yan.cn@windriver.com |
|---|---|
| State | Rejected, archived |
| Delegated to: | Yoann Congal |
| Headers | show |
| Series | [wrynose,v3] gnutls: upgrade 3.8.12 -> 3.8.13 | expand |
On Wed Jun 3, 2026 at 9:46 AM CEST, Haixiao (CN) via lists.openembedded.org Yan wrote: > From: Peter Marko <peter.marko@siemens.com> > > Release notes: [1] > > Rebase patches and drop patch included in this release. > Add patches to fix linking with musl libc. > Increase memory needed to successfully run test key-openssl. > Drop code for previous release tarball problem. > > [1] https://github.com/gnutls/gnutls/blob/3.8.13/NEWS > > Signed-off-by: Peter Marko <peter.marko@siemens.com> > Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> > (master rev: 1193b0778a0f81bd75f7ec6f8f44fa44cf4b8f5e) > Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Hello, Sorry but the changelog you linked lists new features and evolution not limited to bugfixes: > ** libgnutls: Allow fetching object type metadata for PKCS#11 keys > A new library function, gnutls_pkcs11_obj_get_pk_algorithm, > has been added to check the public key algorithms of PKCS#11 key objects. > Object types other than CKO_PRIVATE_KEY are currently not supported. > Contributed by Ghadi Elie Rahme (!2074). > > ** API and ABI modifications: > gnutls_hpke_kem_t: New enum > gnutls_hpke_kdf_t: New enum > gnutls_hpke_aead_t: New enum > gnutls_hpke_mode_t: New enum > gnutls_hpke_role_t: New enum > gnutls_hpke_context_st: New context structure > gnutls_hpke_init: New function > gnutls_hpke_deinit: New function > gnutls_hpke_encap: New function > gnutls_hpke_seal: New function > gnutls_hpke_decap: New function > gnutls_hpke_open: New function > gnutls_hpke_derive_keypair: New function > gnutls_hpke_export: New function > gnutls_pkcs11_obj_get_pk_algorithm: New function Thus, this upgrade is not acceptable on the stable branch, sorry. Regards, > --- > meta/recipes-core/images/core-image-ptest.bb | 1 + > ...ts-mini-dtls-framents-link-to-gnulib.patch | 25 +++++++++++ > ...ust-list-fault-fix-issues-in-linking.patch | 31 ++++++++++++++ > .../gnutls/gnutls/Add-ptest-support.patch | 4 +- > meta/recipes-support/gnutls/gnutls/c99.patch | 41 ------------------- > .../{gnutls_3.8.12.bb => gnutls_3.8.13.bb} | 9 ++-- > 6 files changed, 62 insertions(+), 49 deletions(-) > create mode 100644 meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch > create mode 100644 meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch > delete mode 100644 meta/recipes-support/gnutls/gnutls/c99.patch > rename meta/recipes-support/gnutls/{gnutls_3.8.12.bb => gnutls_3.8.13.bb} (93%) > > diff --git a/meta/recipes-core/images/core-image-ptest.bb b/meta/recipes-core/images/core-image-ptest.bb > index c08561296fe4..008b5770a898 100644 > --- a/meta/recipes-core/images/core-image-ptest.bb > +++ b/meta/recipes-core/images/core-image-ptest.bb > @@ -39,6 +39,7 @@ QB_MEM:virtclass-mcextend-python3 = "-m 2048" > QB_MEM:virtclass-mcextend-python3-cryptography = "-m 5100" > QB_MEM:virtclass-mcextend-python3-numpy = "-m 4096" > QB_MEM:virtclass-mcextend-tcl = "-m 5100" > +QB_MEM:virtclass-mcextend-gnutls = "-m 1536" > > TEST_SUITES = "ping ssh parselogs ptest" > > diff --git a/meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch b/meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch > new file mode 100644 > index 000000000000..7f999c4b22ec > --- /dev/null > +++ b/meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch > @@ -0,0 +1,25 @@ > +From 68b2fb63c8df61d1480121a859f8c955f4910c01 Mon Sep 17 00:00:00 2001 > +From: Alexander Sosedkin <asosedkin@redhat.com> > +Date: Thu, 30 Apr 2026 13:08:01 +0200 > +Subject: [PATCH] tests/mini-dtls-framents: link to gnulib > + > +Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com> > + > +Upstream-Status: Backport [https://github.com/gnutls/gnutls/commit/68b2fb63c8df61d1480121a859f8c955f4910c01] > +Signed-off-by: Peter Marko <peter.marko@siemens.com> > +--- > + tests/Makefile.am | 1 + > + 1 file changed, 1 insertion(+) > + > +diff --git a/tests/Makefile.am b/tests/Makefile.am > +index f8797964d..1b27df751 100644 > +--- a/tests/Makefile.am > ++++ b/tests/Makefile.am > +@@ -524,6 +524,7 @@ pathbuf_CPPFLAGS = $(AM_CPPFLAGS) \ > + mini_dtls_fragments_CPPFLAGS = $(AM_CPPFLAGS) \ > + -I$(top_srcdir)/gl \ > + -I$(top_builddir)/gl > ++mini_dtls_fragments_LDADD = $(LDADD) ../gl/libgnu.la > + > + if ENABLE_PKCS11 > + if !WINDOWS > diff --git a/meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch b/meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch > new file mode 100644 > index 000000000000..b15a05d5b634 > --- /dev/null > +++ b/meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch > @@ -0,0 +1,31 @@ > +From 9c573a2a0e7473ab79c43a6d3ecb0ab68ce896dc Mon Sep 17 00:00:00 2001 > +From: Daiki Ueno <ueno@gnu.org> > +Date: Thu, 7 May 2026 09:42:09 +0900 > +Subject: [PATCH] tests/pkcs11/trust-list-fault: fix issues in linking > + > +This fixes the use of automake variables and also adds the linked mock > +library in .gitignore. > + > +Signed-off-by: Daiki Ueno <ueno@gnu.org> > + > +Upstream-Status: Backport [https://github.com/gnutls/gnutls/commit/9c573a2a0e7473ab79c43a6d3ecb0ab68ce896dc] > +Signed-off-by: Peter Marko <peter.marko@siemens.com> > +--- > + tests/Makefile.am | 4 ++-- > + 1 file changed, 2 insertions(+), 2 deletions(-) > + > +diff --git a/tests/Makefile.am b/tests/Makefile.am > +index 1b27df751..f6a60a32b 100644 > +--- a/tests/Makefile.am > ++++ b/tests/Makefile.am > +@@ -540,8 +540,8 @@ pkcs11_os_locking_ok_DEPENDENCIES = libpkcs11mock4.la libutils.la > + pkcs11_os_locking_ok_LDADD = $(LDADD) $(LIBDL) > + pkcs11_long_label_DEPENDENCIES = libpkcs11mock4.la libutils.la > + pkcs11_long_label_LDADD = $(LDADD) $(LIBDL) > +-pkcs11_trust_fault_DEPENDENCIES = libpkcs11mock5.la libutils.la > +-pkcs11_trust_fault_LDADD = $(LDADD) $(LIBDL) > ++pkcs11_trust_list_fault_DEPENDENCIES = libpkcs11mock5.la libutils.la > ++pkcs11_trust_list_fault_LDADD = $(LDADD) $(LIBDL) > + endif > + endif > + > diff --git a/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch > index 398c0464e0f3..8c867a5a4008 100644 > --- a/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch > +++ b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch > @@ -29,7 +29,7 @@ diff --git a/configure.ac b/configure.ac > index 1744813..efb9e34 100644 > --- a/configure.ac > +++ b/configure.ac > -@@ -1448,6 +1448,8 @@ AC_SUBST(LIBGNUTLS_CFLAGS) > +@@ -1413,6 +1413,8 @@ AC_SUBST(LIBGNUTLS_CFLAGS) > > AM_CONDITIONAL(NEEDS_LIBRT, test "$gnutls_needs_librt" = "yes") > > @@ -42,7 +42,7 @@ diff --git a/tests/Makefile.am b/tests/Makefile.am > index 189d068..8430b05 100644 > --- a/tests/Makefile.am > +++ b/tests/Makefile.am > -@@ -721,6 +721,12 @@ SH_LOG_COMPILER = $(SHELL) > +@@ -745,6 +745,12 @@ SH_LOG_COMPILER = $(SHELL) > AM_VALGRINDFLAGS = --suppressions=$(srcdir)/suppressions.valgrind > LOG_COMPILER = $(LOG_VALGRIND) > > diff --git a/meta/recipes-support/gnutls/gnutls/c99.patch b/meta/recipes-support/gnutls/gnutls/c99.patch > deleted file mode 100644 > index 3f41241deba0..000000000000 > --- a/meta/recipes-support/gnutls/gnutls/c99.patch > +++ /dev/null > @@ -1,41 +0,0 @@ > -From 203d8f2187bb7f483290e0f8b7b48b152b1d027f Mon Sep 17 00:00:00 2001 > -From: Ross Burton <ross.burton@arm.com> > -Date: Thu, 5 Mar 2026 11:33:57 +0000 > -Subject: [PATCH] configure: make the C99 detection more resiliant > - > -autoconf 2.73 will default to C23 by default, which means that the >C99 > -detection logic in configure.ac will fail because it only handles c11 > -and c99. > - > -Instead of adding c23 to the list and then breaking again in the future, > -flip the logic around (as suggested by Zack Weinberg) and check > -explicitly for just c89. > - > -Closes #1806. > - > -Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/merge_requests/2081] > -Signed-off-by: Ross Burton <ross.burton@arm.com> > ---- > - configure.ac | 6 +++--- > - 1 file changed, 3 insertions(+), 3 deletions(-) > - > -diff --git a/configure.ac b/configure.ac > -index 740fb6339..c708d8f5e 100644 > ---- a/configure.ac > -+++ b/configure.ac > -@@ -54,9 +54,9 @@ AC_USE_SYSTEM_EXTENSIONS > - # Require C99 support > - # > - AS_CASE([$ac_prog_cc_stdc], > -- [c11 | c99], [AC_DEFINE([C99_MACROS], 1, [C99 macros are supported])], > -- [AC_MSG_WARN([[Compiler does not support C99. It may not be able to compile the project.]])] > --) > -+ [c89], > -+ [AC_MSG_WARN([[Compiler does not support C99. It may not be able to compile the project.]])], > -+ [AC_DEFINE([C99_MACROS], 1, [C99 macros are supported])]) > - > - AM_CONDITIONAL(CROSS_COMPILING, test "$cross_compiling" = yes) > - > --- > -2.43.0 > - > diff --git a/meta/recipes-support/gnutls/gnutls_3.8.12.bb b/meta/recipes-support/gnutls/gnutls_3.8.13.bb > similarity index 93% > rename from meta/recipes-support/gnutls/gnutls_3.8.12.bb > rename to meta/recipes-support/gnutls/gnutls_3.8.13.bb > index 721842801229..78b88005305a 100644 > --- a/meta/recipes-support/gnutls/gnutls_3.8.12.bb > +++ b/meta/recipes-support/gnutls/gnutls_3.8.13.bb > @@ -23,10 +23,11 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar > file://0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch \ > file://run-ptest \ > file://Add-ptest-support.patch \ > - file://c99.patch \ > + file://0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch \ > + file://0001-tests-mini-dtls-framents-link-to-gnulib.patch \ > " > > -SRC_URI[sha256sum] = "a7b341421bfd459acf7a374ca4af3b9e06608dcd7bd792b2bf470bea012b8e51" > +SRC_URI[sha256sum] = "ffed8ec1bf09c2426d4f14aae377de4753b53e537d685e604e99a8b16ca9c97e" > > inherit autotools texinfo pkgconfig gettext lib_package gtk-doc ptest > > @@ -63,10 +64,6 @@ do_configure:prepend() { > for dir in . lib; do > rm -f ${dir}/aclocal.m4 ${dir}/m4/libtool.m4 ${dir}/m4/lt*.m4 > done > - > - # remove on next upgrade when release tarball gets fixed > - # https://gitlab.com/gnutls/gnutls/-/issues/1797 > - cp -p ${S}/doc/stamp_enums ${S}/doc/stamp_error_codes > } > > do_compile_ptest() {
diff --git a/meta/recipes-core/images/core-image-ptest.bb b/meta/recipes-core/images/core-image-ptest.bb index c08561296fe4..008b5770a898 100644 --- a/meta/recipes-core/images/core-image-ptest.bb +++ b/meta/recipes-core/images/core-image-ptest.bb @@ -39,6 +39,7 @@ QB_MEM:virtclass-mcextend-python3 = "-m 2048" QB_MEM:virtclass-mcextend-python3-cryptography = "-m 5100" QB_MEM:virtclass-mcextend-python3-numpy = "-m 4096" QB_MEM:virtclass-mcextend-tcl = "-m 5100" +QB_MEM:virtclass-mcextend-gnutls = "-m 1536" TEST_SUITES = "ping ssh parselogs ptest" diff --git a/meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch b/meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch new file mode 100644 index 000000000000..7f999c4b22ec --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/0001-tests-mini-dtls-framents-link-to-gnulib.patch @@ -0,0 +1,25 @@ +From 68b2fb63c8df61d1480121a859f8c955f4910c01 Mon Sep 17 00:00:00 2001 +From: Alexander Sosedkin <asosedkin@redhat.com> +Date: Thu, 30 Apr 2026 13:08:01 +0200 +Subject: [PATCH] tests/mini-dtls-framents: link to gnulib + +Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com> + +Upstream-Status: Backport [https://github.com/gnutls/gnutls/commit/68b2fb63c8df61d1480121a859f8c955f4910c01] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + tests/Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tests/Makefile.am b/tests/Makefile.am +index f8797964d..1b27df751 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -524,6 +524,7 @@ pathbuf_CPPFLAGS = $(AM_CPPFLAGS) \ + mini_dtls_fragments_CPPFLAGS = $(AM_CPPFLAGS) \ + -I$(top_srcdir)/gl \ + -I$(top_builddir)/gl ++mini_dtls_fragments_LDADD = $(LDADD) ../gl/libgnu.la + + if ENABLE_PKCS11 + if !WINDOWS diff --git a/meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch b/meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch new file mode 100644 index 000000000000..b15a05d5b634 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch @@ -0,0 +1,31 @@ +From 9c573a2a0e7473ab79c43a6d3ecb0ab68ce896dc Mon Sep 17 00:00:00 2001 +From: Daiki Ueno <ueno@gnu.org> +Date: Thu, 7 May 2026 09:42:09 +0900 +Subject: [PATCH] tests/pkcs11/trust-list-fault: fix issues in linking + +This fixes the use of automake variables and also adds the linked mock +library in .gitignore. + +Signed-off-by: Daiki Ueno <ueno@gnu.org> + +Upstream-Status: Backport [https://github.com/gnutls/gnutls/commit/9c573a2a0e7473ab79c43a6d3ecb0ab68ce896dc] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + tests/Makefile.am | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 1b27df751..f6a60a32b 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -540,8 +540,8 @@ pkcs11_os_locking_ok_DEPENDENCIES = libpkcs11mock4.la libutils.la + pkcs11_os_locking_ok_LDADD = $(LDADD) $(LIBDL) + pkcs11_long_label_DEPENDENCIES = libpkcs11mock4.la libutils.la + pkcs11_long_label_LDADD = $(LDADD) $(LIBDL) +-pkcs11_trust_fault_DEPENDENCIES = libpkcs11mock5.la libutils.la +-pkcs11_trust_fault_LDADD = $(LDADD) $(LIBDL) ++pkcs11_trust_list_fault_DEPENDENCIES = libpkcs11mock5.la libutils.la ++pkcs11_trust_list_fault_LDADD = $(LDADD) $(LIBDL) + endif + endif + diff --git a/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch index 398c0464e0f3..8c867a5a4008 100644 --- a/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch +++ b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch @@ -29,7 +29,7 @@ diff --git a/configure.ac b/configure.ac index 1744813..efb9e34 100644 --- a/configure.ac +++ b/configure.ac -@@ -1448,6 +1448,8 @@ AC_SUBST(LIBGNUTLS_CFLAGS) +@@ -1413,6 +1413,8 @@ AC_SUBST(LIBGNUTLS_CFLAGS) AM_CONDITIONAL(NEEDS_LIBRT, test "$gnutls_needs_librt" = "yes") @@ -42,7 +42,7 @@ diff --git a/tests/Makefile.am b/tests/Makefile.am index 189d068..8430b05 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -721,6 +721,12 @@ SH_LOG_COMPILER = $(SHELL) +@@ -745,6 +745,12 @@ SH_LOG_COMPILER = $(SHELL) AM_VALGRINDFLAGS = --suppressions=$(srcdir)/suppressions.valgrind LOG_COMPILER = $(LOG_VALGRIND) diff --git a/meta/recipes-support/gnutls/gnutls/c99.patch b/meta/recipes-support/gnutls/gnutls/c99.patch deleted file mode 100644 index 3f41241deba0..000000000000 --- a/meta/recipes-support/gnutls/gnutls/c99.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 203d8f2187bb7f483290e0f8b7b48b152b1d027f Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@arm.com> -Date: Thu, 5 Mar 2026 11:33:57 +0000 -Subject: [PATCH] configure: make the C99 detection more resiliant - -autoconf 2.73 will default to C23 by default, which means that the >C99 -detection logic in configure.ac will fail because it only handles c11 -and c99. - -Instead of adding c23 to the list and then breaking again in the future, -flip the logic around (as suggested by Zack Weinberg) and check -explicitly for just c89. - -Closes #1806. - -Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/merge_requests/2081] -Signed-off-by: Ross Burton <ross.burton@arm.com> ---- - configure.ac | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 740fb6339..c708d8f5e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -54,9 +54,9 @@ AC_USE_SYSTEM_EXTENSIONS - # Require C99 support - # - AS_CASE([$ac_prog_cc_stdc], -- [c11 | c99], [AC_DEFINE([C99_MACROS], 1, [C99 macros are supported])], -- [AC_MSG_WARN([[Compiler does not support C99. It may not be able to compile the project.]])] --) -+ [c89], -+ [AC_MSG_WARN([[Compiler does not support C99. It may not be able to compile the project.]])], -+ [AC_DEFINE([C99_MACROS], 1, [C99 macros are supported])]) - - AM_CONDITIONAL(CROSS_COMPILING, test "$cross_compiling" = yes) - --- -2.43.0 - diff --git a/meta/recipes-support/gnutls/gnutls_3.8.12.bb b/meta/recipes-support/gnutls/gnutls_3.8.13.bb similarity index 93% rename from meta/recipes-support/gnutls/gnutls_3.8.12.bb rename to meta/recipes-support/gnutls/gnutls_3.8.13.bb index 721842801229..78b88005305a 100644 --- a/meta/recipes-support/gnutls/gnutls_3.8.12.bb +++ b/meta/recipes-support/gnutls/gnutls_3.8.13.bb @@ -23,10 +23,11 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar file://0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch \ file://run-ptest \ file://Add-ptest-support.patch \ - file://c99.patch \ + file://0001-tests-pkcs11-trust-list-fault-fix-issues-in-linking.patch \ + file://0001-tests-mini-dtls-framents-link-to-gnulib.patch \ " -SRC_URI[sha256sum] = "a7b341421bfd459acf7a374ca4af3b9e06608dcd7bd792b2bf470bea012b8e51" +SRC_URI[sha256sum] = "ffed8ec1bf09c2426d4f14aae377de4753b53e537d685e604e99a8b16ca9c97e" inherit autotools texinfo pkgconfig gettext lib_package gtk-doc ptest @@ -63,10 +64,6 @@ do_configure:prepend() { for dir in . lib; do rm -f ${dir}/aclocal.m4 ${dir}/m4/libtool.m4 ${dir}/m4/lt*.m4 done - - # remove on next upgrade when release tarball gets fixed - # https://gitlab.com/gnutls/gnutls/-/issues/1797 - cp -p ${S}/doc/stamp_enums ${S}/doc/stamp_error_codes } do_compile_ptest() {