[pkgsrc/trunk]: pkgsrc/security/gnutls Update to 1.2.9:

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2664d867f090
branches:  trunk
changeset: 503137:2664d867f090
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Mon Nov 14 18:17:49 2005 +0000

description:
Update to 1.2.9:

* Version 1.2.9 (2005-11-07)
- Documentation was updated and improved.
- RSA-MD2 is now supported for verifying digital signatures.
- Due to cryptographic advances, verifying untrusted X.509
  certificates signed with RSA-MD2 or RSA-MD5 will now fail with a
  GNUTLS_CERT_INSECURE_ALGORITHM verification output.  For
  applications that must remain interoperable, you can use the
  GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 or GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5
  flags when verifying certificates.  Naturally, this is not
  recommended default behaviour for applications.  To enable the
  broken algorithms, call gnutls_certificate_set_verify_flags with the
  proper flag, to change the verification mode used by
  gnutls_certificate_verify_peers2.
- Make it possible to send empty data through gnutls_record_send,
  to align with the send(2) API.
- Some changes in the certificate receiving part of handshake to prevent
  some possible errors with non-blocking servers.
- Added numeric version symbols to permit simple CPP-based feature
  tests, suggested by Daniel Stenberg <daniel%haxx.se@localhost>.
- The (experimental) low-level crypto alternative to libgcrypt used
  earlier (Nettle) has been replaced with crypto code from gnulib.
  This leads to easier re-use of these components in other projects,
  leading to more review and simpler maintenance.  The new configure
  parameter --with-builtin-crypto replace the old --with-nettle, and
  must be used if you wish to enable this functionality.  See README
  under "Experimental" for more information.  Internally, GnuTLS has
  been updated to use the new "Generic Crypto" API in gl/gc.h.  The
  API is similar to the old crypto/gc.h, because the gnulib code were
  based on GnuTLS's gc.h.
- Fix compiler warning in the "anonself" self test.
- API and ABI modifications:
gnutls_x509_crt_list_verify: Added 'const' to prototype in <gnutls/x509.h>.
                             This doesn't reflect a change in behaviour,
                             so we don't break backwards compatibility.
GNUTLS_MAC_MD2: New gnutls_mac_algorithm_t value.
GNUTLS_DIG_MD2: New gnutls_digest_algorithm_t value.
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: New gnutls_certificate_verify_flags values.
                                  Use when calling
                                  gnutls_x509_crt_list_verify,
                                  gnutls_x509_crt_verify, or
                                  gnutls_certificate_set_verify_flags.
GNUTLS_CERT_INSECURE_ALGORITHM: New gnutls_certificate_status_t value,
                                used when broken signature algorithms
                                is used (currently RSA-MD2/MD5).
LIBGNUTLS_VERSION_MAJOR,
LIBGNUTLS_VERSION_MINOR,
LIBGNUTLS_VERSION_PATCH,
LIBGNUTLS_VERSION_NUMBER: New CPP symbols, indicating the GnuTLS
                          version number, can be used for feature existence
                          tests.

diffstat:

 security/gnutls/Makefile |  4 ++--
 security/gnutls/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (26 lines):

diff -r 1d923cd203eb -r 2664d867f090 security/gnutls/Makefile
--- a/security/gnutls/Makefile  Mon Nov 14 18:16:29 2005 +0000
+++ b/security/gnutls/Makefile  Mon Nov 14 18:17:49 2005 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.35 2005/10/20 00:43:32 wiz Exp $
+# $NetBSD: Makefile,v 1.36 2005/11/14 18:17:49 wiz Exp $
 
-DISTNAME=      gnutls-1.2.8
+DISTNAME=      gnutls-1.2.9
 CATEGORIES=    security devel
 MASTER_SITES=  http://josefsson.org/gnutls/releases/ \
                ftp://ftp.gnutls.org/pub/gnutls/ \
diff -r 1d923cd203eb -r 2664d867f090 security/gnutls/distinfo
--- a/security/gnutls/distinfo  Mon Nov 14 18:16:29 2005 +0000
+++ b/security/gnutls/distinfo  Mon Nov 14 18:17:49 2005 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.21 2005/10/20 00:43:32 wiz Exp $
+$NetBSD: distinfo,v 1.22 2005/11/14 18:17:49 wiz Exp $
 
-SHA1 (gnutls-1.2.8.tar.bz2) = b49c86de7c10946bf440ea146f89a31474297872
-RMD160 (gnutls-1.2.8.tar.bz2) = efd431cffe74a4cf539d6dbb272ae158b71e0710
-Size (gnutls-1.2.8.tar.bz2) = 2527436 bytes
+SHA1 (gnutls-1.2.9.tar.bz2) = 7229d094de83cabd572fcaab806ab3afc6b58959
+RMD160 (gnutls-1.2.9.tar.bz2) = 4df467450ee2a3eaa509fb1f58dde41b81fcbb81
+Size (gnutls-1.2.9.tar.bz2) = 2720067 bytes
 SHA1 (patch-ab) = df9d588891ff88c41f297fa595d618c31dc8ef97