about summary refs log tree commit diff
path: root/pkgs/development/libraries/gnutls
diff options
context:
space:
mode:
authorVladimír Čunát <vcunat@gmail.com>2019-01-21 17:53:12 +0100
committerVladimír Čunát <vcunat@gmail.com>2019-01-21 17:54:34 +0100
commit2ff530ec537948714067429f66c5d6678f2d1055 (patch)
tree40bb8a73b9250951aa0de78e4adc292960821a74 /pkgs/development/libraries/gnutls
parent0e0dd9478d857f7b058c364b037ff4c004505b49 (diff)
downloadnixlib-2ff530ec537948714067429f66c5d6678f2d1055.tar
nixlib-2ff530ec537948714067429f66c5d6678f2d1055.tar.gz
nixlib-2ff530ec537948714067429f66c5d6678f2d1055.tar.bz2
nixlib-2ff530ec537948714067429f66c5d6678f2d1055.tar.lz
nixlib-2ff530ec537948714067429f66c5d6678f2d1055.tar.xz
nixlib-2ff530ec537948714067429f66c5d6678f2d1055.tar.zst
nixlib-2ff530ec537948714067429f66c5d6678f2d1055.zip
gnutls: 3.6.2 -> 3.6.5
No security problems have been published about 3.6.x so far,
but I'd certainly count the almost-transparent TLS 1.3 support
as a security improvement.
Diffstat (limited to 'pkgs/development/libraries/gnutls')
-rw-r--r--pkgs/development/libraries/gnutls/3.6.nix16
1 files changed, 9 insertions, 7 deletions
diff --git a/pkgs/development/libraries/gnutls/3.6.nix b/pkgs/development/libraries/gnutls/3.6.nix
index 7fb1af70a289..4ec93cf26a86 100644
--- a/pkgs/development/libraries/gnutls/3.6.nix
+++ b/pkgs/development/libraries/gnutls/3.6.nix
@@ -1,20 +1,22 @@
 { callPackage, fetchurl, ... } @ args:
 
 callPackage ./generic.nix (args // rec {
-  version = "3.6.2";
+  version = "3.6.5";
 
   src = fetchurl {
     url = "mirror://gnupg/gnutls/v3.6/gnutls-${version}.tar.xz";
-    sha256 = "07wdffklwmxpa9i50sh5nwrc5ajb47skrldm6rzjc0jf4dxxpmdw";
+    sha256 = "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7"; # 3.6.5
   };
 
-  # Skip two tests introduced in 3.5.11.  Probable reasons of failure:
-  #  - pkgconfig: building against the result won't work before installing
-  #  - trust-store: default trust store path (/etc/ssl/...) is missing in sandbox
+  # Skip some tests:
+  #  - pkgconfig: building against the result won't work before installing (3.5.11)
+  #  - fastopen: no idea; it broke between 3.6.2 and 3.6.3 (3437fdde6 in particular)
+  #  - trust-store: default trust store path (/etc/ssl/...) is missing in sandbox (3.5.11)
+  #  - psk-file: no idea; it broke between 3.6.3 and 3.6.4
   # Change p11-kit test to use pkg-config to find p11-kit
   postPatch = ''
-    sed '2iexit 77' -i tests/pkgconfig.sh
-    sed '/^void doit(void)/,$s/{/{ exit(77);/; t' -i tests/trust-store.c
+    sed '2iexit 77' -i tests/{pkgconfig,fastopen}.sh
+    sed '/^void doit(void)/,/^{/ s/{/{ exit(77);/' -i tests/{trust-store,psk-file}.c
     sed 's:/usr/lib64/pkcs11/ /usr/lib/pkcs11/ /usr/lib/x86_64-linux-gnu/pkcs11/:`pkg-config --variable=p11_module_path p11-kit-1`:' -i tests/p11-kit-trust.sh
   '';
 })