pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc/security/nettle
Thank you, I've reverted the upgrade.
We'll definitely have to wait for gnutls to support this.
Thomas
On Fri, Feb 06, 2026 at 10:49:31PM +0100, Ryo ONODERA wrote:
> Hi,
>
> Gnutls has an issue for nettle 4.0.
> https://gitlab.com/gnutls/gnutls/-/issues/1791
> And it has no patch yet.
>
> Thank you.
>
> On Fri, Feb 6, 2026 at 10:26 PM Ryo ONODERA <ryo%tetera.org@localhost> wrote:
> >
> > Hi,
> >
> > Gnutls is not buildable with nettle 4.0.
> > And I feel that a fix is not trivial.
> >
> > Do you have a patch to fix gnutls build?
> >
> > Thank you.
> >
> > --
> > Ryo ONODERA // ryo%tetera.org@localhost
> > PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
> >
> > On Fri, Feb 6, 2026, 19:02 Thomas Klausner <wiz%netbsd.org@localhost> wrote:
> >>
> >> Module Name: pkgsrc
> >> Committed By: wiz
> >> Date: Fri Feb 6 10:02:02 UTC 2026
> >>
> >> Modified Files:
> >> pkgsrc/security/nettle: Makefile PLIST distinfo
> >> pkgsrc/security/nettle/patches: patch-Makefile.in
> >>
> >> Log Message:
> >> nettle: update to 4.0.
> >>
> >> NEWS for the Nettle 4.0 release
> >>
> >> This is a new major release. It includes one new feature,
> >> support for SLH-DSA. There are several changes to Nettle's
> >> API, as well as deletion of obsolete features. There are also
> >> several improvements to the ABI that leaves the API mostly
> >> unchanged, in particular, smaller context structs for several
> >> algorithms.
> >>
> >> The most disruptive API change is that the *_digest functions
> >> no longer takes the desired digest size as argument. Truncated
> >> hashes appeared to be an important use case decades ago when
> >> the previous interface was designed, but that is now rather
> >> obscure.
> >>
> >> Feedback on the new interfaces is appreciated, e.g., if the
> >> variable tag length for OCB and CCM should be supported
> >> differently, if additional types would benefit from larger
> >> alignment, or if there are remaining interface bugs or
> >> inconsistencies. Smaller additional API or ABI changes may be
> >> considered for the next release, Nettle-4.1, but after that,
> >> the intention is that both ABI and API should stay backwards
> >> compatible for a longer time.
> >>
> >> The shared library names are libnettle.so.9.0 and
> >> libhogweed.so.7.0, with new sonames libnettle.so.9 and
> >> libhogweed.so.7.
> >>
> >> Interface changes:
> >>
> >> * The _digest functions for hash algorithms, MACs and AEADs no
> >> longer take the desired digest size as argument, instead,
> >> they always produce the full-size digest. The typedef
> >> nettle_hash_digest_func has also been changed accordingly.
> >>
> >> There are two exceptions: CCM and OCB. These AEAD algorithms
> >> are specified with a variable tag length, which is not a
> >> mere truncation of the output. Their _digest functions
> >> (ccm_digest, ocb_digest, ccm_ae128_digest, ...) also have
> >> their length argument deleted, but they still produce a
> >> variable size digest. The number of octets to write (at most
> >> 16) is stored into the context struct by the corresponding
> >> _set_nonce function.
> >>
> >> * The functions to process complete messages using CCM AES now
> >> take a const cipher context as the first argument, e.g,
> >> first argument to ccm_aes128_encrypt_message is now a const
> >> struct aes128_ctx *. It used to be a struct ccm_aes128_ctx
> >> *, where everything but the underlying cipher context was
> >> ignored.
> >>
> >> * The SHA3 functions now use the same struct sha3_ctx for all
> >> flavors, and the same function sha3_init. Old names, e.g.,
> >> sha3_256_ctx and sha3_256_init, are defined as preprocessor
> >> aliases, for backwards compatibility.
> >>
> >> * The dst_length argument to base16_decode_update and
> >> base64_decode_update is now both an input and output
> >> argument. On input it must now hold the size of the
> >> destination buffer, and decoding fails if that is not
> >> sufficient. Previously, dst_length was an output only, and
> >> it was required that the destination buffer was large enough
> >> for any input of the given src_length.
> >>
> >> Interface deletions:
> >>
> >> * Deleted the old struct aes_ctx, and all functions operating
> >> on it. Use the fixed key size interfaces instead, e.g.,
> >> struct aes256_ctx, introduced in Nettle-3.0.
> >>
> >> * Deleted dsa-compat.h, and everything declared therein. Use
> >> the interface in dsa.h, introduced in Nettle-3.0.
> >>
> >> * Deleted old header sha.h. Use sha1.h or sha2.h instead, as
> >> appropriate.
> >>
> >> * Deleted the general HMAC interface, with functions like
> >> hmac_set_key that work with an arbitrary underlying hash
> >> function. Use the specific hmac functions instead, e.g.,
> >> hmac_sha256_set_key, or the mac abstraction defined in
> >> nettle-meta.h, e.g, the nettle_hmac_sha256 instance.
> >>
> >> * Deleted the undocumented struct nettle_armor abstraction.
> >>
> >> * Deleted the undocumented function base64_encode_group.
> >>
> >> * Deleted md5-compat.h, and everything declared therein. Use
> >> the interface in md5.h instead (or even better, stop using md5).
> >>
> >> * Deleted pgp.h, and everything declared therein. This attempt
> >> to support openpgp formats was incomplete, undocumented, and
> >> mostly obsolete.
> >>
> >> * Delete all the *_DATA_SIZE compatibility aliases. Use
> >> corresponding *_BLOCK_SIZE constants instead, introduced in
> >> Nettle-3.0.
> >>
> >> * Deleted the obsolete functions _rsa_blind and _rsa_unblind.
> >> (Current RSA blinding in Nettle uses internal functions with
> >> a different interface).
> >>
> >> * Delete compatibility aliases salsa20_set_iv,
> >> SALSA20_IV_SIZE. These were renamed to salsa20_set_nonce and
> >> SALSA20_NONCE_SIZE in Nettle-3.0.
> >>
> >> * Deleted compatibility aliases _nettle_md5_compress,
> >> _nettle_sha1_compress. These internal functions were
> >> promoted to documented and supported functions in
> >> Nettle-3.9, with new names md5_compress and sha1_compress.
> >>
> >> * Deleted compatibility alias yarrow_force_reseed. Renamed to
> >> yarrow_slow_reseed in Nettle-2.0.
> >>
> >> ABI changes and improvements.
> >>
> >> * Introduce 16-byte alignment on certain types. Applied to
> >> union nettle_block16, and subkey arrays of AES and UMAC.
> >> This is intended to improve performance for SIMD load and
> >> store instructions, which on some platforms may be faster
> >> with proper alignment. The larger alignment is enabled only
> >> for platforms where the alignment of the uint64_t type is 8.
> >>
> >> * Size of struct gcm_key is reduced from 4096 bytes to 2048.
> >>
> >> * Size of the new sha3_ctx is considerable smaller, 216 bytes,
> >> than the previous types that included a buffer for a
> >> complete block. E.g., the largest one, for sha3_128_ctx
> >> (shake128), used to be 376 bytes.
> >>
> >> * Size of HMAC contexts have been reduced, by not including
> >> multiple block buffers. E.g, size of struct hmac_sha256_ctx
> >> reduced from 336 bytes to 192. This change has been
> >> discussed for a long time, with first attempt made by Dmitry
> >> Baryshkov years ago, but delayed, since it implies an ABI
> >> break.
> >>
> >> * For OCB block counters, use type uint32_t for blocks of
> >> associated data, and uint64_t for message blocks, instead of
> >> size_t. This makes the implementation limits the same for
> >> 32-bit and 64-bit platforms.
> >>
> >> Bug fixes:
> >>
> >> * Fix off-by-one bug in sexp parser, which could result in a
> >> one byte overread on invalid input. Also fix excessive
> >> recursion and stack usage for some inputs. Both problems
> >> reported via oss-fuzz.
> >>
> >> * Fix ed448_shake256_verify to check that the final signature
> >> octet is zero (previous versions completely ignored this
> >> somewhat redundant octet). Reported by Oren Yomtov.
> >>
> >> New features:
> >>
> >> * Support for SLH-DSA signatures (stateless hash-based digital
> >> signature algorithm). See the Nettle manual for details.
> >>
> >> * New public function drbg_ctr_aes256_update, to enable
> >> FIPS-compliant reseeding. Contributed by Daiki Ueno.
> >>
> >> Configure and build changes:
> >>
> >> * Support for at least C99 is required when building Nettle.
> >> In addition, support for alignof and alignas is required;
> >> these are part of C11, but intention is that this is the
> >> only required C11 feature.
> >>
> >> * The unusual configure options --with-lib-path and
> >> --with-include-path has been deleted. Use CFLAGS and LDFLAGS
> >> instead. This implies that Nettle's configure script no
> >> longer attempts to add rpath-related linker flags
> >> automagically; if any are needed, they must be passed in
> >> LDFLAGS.
> >>
> >> * The logic to sometimes change the default libdir has been
> >> deleted. Previously, configure tried to be helpful and
> >> change the default, e.g., to ${exec_prefix}/lib32 when you
> >> build 32-bit libraries on a system where ${exec_prefix}/lib
> >> is for 64-bit libraries. If you relied on this behavior, you
> >> now have to use the --libdir configure option.
> >>
> >> * Rearranged getopt files, now based on gnulib copies.
> >>
> >>
> >> To generate a diff of this commit:
> >> cvs rdiff -u -r1.34 -r1.35 pkgsrc/security/nettle/Makefile
> >> cvs rdiff -u -r1.14 -r1.15 pkgsrc/security/nettle/PLIST
> >> cvs rdiff -u -r1.31 -r1.32 pkgsrc/security/nettle/distinfo
> >> cvs rdiff -u -r1.11 -r1.12 pkgsrc/security/nettle/patches/patch-Makefile.in
> >>
> >> Please note that diffs are not public domain; they are subject to the
> >> copyright notices on the relevant files.
> >>
>
>
> --
> Ryo ONODERA // ryo%tetera.org@localhost
> PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
Home |
Main Index |
Thread Index |
Old Index