| Age | Commit message (Collapse) | Author |
|---|
|
Unlike OpenSSL, LibreSSL hardcode it's certificate bundle and doesn't
allow to specify it through a environment variable.
* gnu/packages/tls.scm (libressl)[configure-flags]: Specify OpenSSL
configuration directory.
[native-search-paths]: Remove it.
* gnu/packages/ntp.scm (openntpd)[configure-flags]: Adjust CAcert
location.
|
|
* gnu/packages/tls.scm (openssl): Update to 1.1.1k.
[replacement]: Remove.
(openssl-1.1.1k): Remove variable.
|
|
* gnu/packages/tls.scm (libressl): Update to 3.3.3.
|
|
Fixes <https://bugs.gnu.org/48771>.
Reported by Eric Brown <ecbrown@ericcbrown.com>.
* gnu/packages/tls.scm (gnutls-3.6.16)[arguments]: New field.
|
|
Conflicts:
gnu/local.mk
gnu/packages/algebra.scm
gnu/packages/bioinformatics.scm
gnu/packages/curl.scm
gnu/packages/docbook.scm
gnu/packages/emacs-xyz.scm
gnu/packages/maths.scm
gnu/packages/plotutils.scm
gnu/packages/python-web.scm
gnu/packages/python-xyz.scm
gnu/packages/radio.scm
gnu/packages/readline.scm
gnu/packages/tls.scm
gnu/packages/xml.scm
gnu/packages/xorg.scm
|
|
The 3.7 branch, while not considered the "stable" branch upstream, has been
adopted by most major GNU/Linux distributions such as Debian, Arch, openSUSE,
etc. It has the benefit of receiving all the security fixes.
* gnu/packages/tls.scm (gnutls): Update to 3.7.2. Remove trailing #t.
[source]: Remove the gnutls-CVE-2021-20231.patch and
gnutls-CVE-2021-20232.patch patches, now incorporated in the source.
* gnu/packages/patches/gnutls-CVE-2021-20231.patch: Delete file.
* gnu/packages/patches/gnutls-CVE-2021-20232.patch: Likewise.
* gnu/local.mk (dist_patch_DATA): De-register them.
|
|
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls-3.6.16): New variable.
Signed-off-by: Leo Famulari <leo@famulari.name>
|
|
* gnu/packages/tls.scm (openssl-1.1.1k): New variable.
(openssl)[replacement]: New field.
|
|
* gnu/packages/tls.scm (libtasn1): Update to 4.17.0.
|
|
Conflicts:
gnu/local.mk
gnu/packages/bioinformatics.scm
gnu/packages/django.scm
gnu/packages/gtk.scm
gnu/packages/llvm.scm
gnu/packages/python-web.scm
gnu/packages/python.scm
gnu/packages/tex.scm
guix/build-system/asdf.scm
guix/build/emacs-build-system.scm
guix/profiles.scm
|
|
* gnu/packages/tls.scm (python-acme, certbot): Update to 1.15.0.
|
|
* gnu/packages/tls.scm (gnutls)[source]: Add 'gnutls-CVE-2021-20231.patch' and
'gnutls-CVE-2021-20232.patch'.
[replacement]: Remove field.
(gnutls/fixed): Remove variable.
|
|
* gnu/packages/tls.scm (openssl): Update to 1.1.1j.
[replacement]: Remove field.
(openssl/fixed): Remove variable.
|
|
* gnu/packages/tls.scm (certbot, python-acme): Update to 1.14.0.
|
|
Conflicts:
gnu/local.mk
gnu/packages/boost.scm
gnu/packages/chez.scm
gnu/packages/compression.scm
gnu/packages/crates-io.scm
gnu/packages/docbook.scm
gnu/packages/engineering.scm
gnu/packages/gcc.scm
gnu/packages/gl.scm
gnu/packages/gtk.scm
gnu/packages/nettle.scm
gnu/packages/python-check.scm
gnu/packages/python-xyz.scm
gnu/packages/radio.scm
gnu/packages/rust.scm
gnu/packages/sqlite.scm
guix/build-system/node.scm
|
|
* gnu/packages/tls.scm (gnutls)[description]: Fix typos.
Reported by genr8 on #guix.
|
|
Fixes CVE-2021-3450 and CVE-2021-3449.
* gnu/packages/tls.scm (openssl/fixed): Update to 1.1.1k.
|
|
|
|
* gnu/packages/tls.scm (openssl)[arguments]: Replace use of VERSION with
(PACKAGE-VERSION THIS-PACKAGE).
(openssl/fixed): Adjust accordingly.
|
|
* gnu/packages/patches/gnutls-CVE-2021-20231.patch,
gnu/packages/patches/gnutls-CVE-2021-20232.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls/fixed): New variable.
(guile2.2-gnutls): Use package/inherit.
|
|
* gnu/packages/tls.scm (s2n): New variable.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Fixes <https://bugs.gnu.org/47108>.
This is a followup to commit 4a8b529ce15ddc69a9dd701e450fc85a0ed65910.
* gnu/packages/tls.scm (openssl/fixed)[arguments]: New field.
|
|
* gnu/packages/tls.scm (python-acme): Update to 1.13.0.
[native-inputs]: Remove python-mock.
[propagated-inputs]: Remove python-six.
(certbot): Update to 1.13.0.
[propagated-inputs]: Remove python-six.
[arguments]: Remove 'build-documentation' phase.
|
|
* gnu/packages/tls.scm (openssl/fixed): New variable.
(openssl)[replacement]: Graft.
|
|
|
|
* gnu/packages/tls.scm (python-acme): Update to 1.12.0.
(certbot): Update to 1.12.0.
[arguments]: Replace the 'build-documentation' phase.
|
|
Conflicts:
gnu/local.mk
gnu/packages/cmake.scm
gnu/packages/curl.scm
gnu/packages/gl.scm
gnu/packages/glib.scm
gnu/packages/guile.scm
gnu/packages/node.scm
gnu/packages/openldap.scm
gnu/packages/package-management.scm
gnu/packages/python-xyz.scm
gnu/packages/python.scm
gnu/packages/tls.scm
gnu/packages/vpn.scm
gnu/packages/xorg.scm
|
|
|
|
* gnu/packages/tls.scm (libressl): Update to 3.1.5.
|
|
|
|
* gnu/packages/tls.scm (certbot, python-acme): Update to 1.10.1.
|
|
|
|
(Obviously) the tarball wasn't updated in place, and the .sig did check
out, but I forgot to commit it because I'm a bit of an idiot.
* gnu/packages/tls.scm (p11-kit)[source]: Update hash.
|
|
* gnu/packages/tls.scm (p11-kit): Update to 0.23.22.
|
|
* gnu/packages/tls.scm (dehydrated): Update to 0.7.0.
|
|
* gnu/packages/tls.scm (openssl)[replacement]: Update replacement to 1.1.1i
(openssl-1.1.1g): Replace with ...
(openssl-1.1.1i): ... new variable.
|
|
* gnu/packages/tls.scm (openssl): Update to 1.1.1i.
|
|
* gnu/packages/tls.scm (openssl): Update to 1.1.1g.
[replacement]: Remove.
(openssl-1.1.1g): Remove.
|
|
* gnu/packages/tls.scm (gnutls): Update to 3.6.15.
[source]: Add "gnutls-cross.patch".
[replacement]: Remove.
[native-inputs]: Add GUILE-3.0 when (%current-target-system) is true.
(gnutls/fixed): Remove.
* gnu/packages/package-management.scm (guix)[propagated-inputs]: Remove
reference to 'gnutls/fixed'.
* gnu/packages/tls.scm (gnutls/dane): Inherit from gnutls.
* gnu/packages/vpn.scm (openconnect)[propagated-inputs]: Remove
gnutls/fixed, add gnutls.
Co-authored-by: Efraim Flashner <efraim@flashner.co.il>
|
|
Fixes <https://bugs.gnu.org/44914>.
* gnu/packages/tls.scm (gnutls/dane): Inherit from GNUTLS/FIXED instead of
GNUTLS.
|
|
* gnu/packages/tls.scm (gnutls-3.6.14): Rename to ...
(gnutls/fixed): ... this. Update to 3.6.15.
(gnutls): Adjust for renamed replacement.
* gnu/packages/package-management.scm (guix)[propagated-inputs]: Likewise.
* gnu/packages/vpn.scm (openconnect)[propagated-inputs]: Likewise.
|
|
|
|
* gnu/packages/tls.scm (openssl)[arguments]: Add cross compile target
cases for powerpc64le-linux, powerpc64-linux and powerpc-linux.
|
|
Because p11-kit appears in the gnutls.pc file, it needs to be a propagated
input.
This was a regression introduced in 28a13226fd5cd08b3eb090151c0753424c3f6eb4
which broke things like HTTPS support in curl, which then broke Git clones
from repositories using HTTPS.
* gnu/packages/tls.scm (gnutls)[inputs]: Move p11-kit from here.
[propagated-inputs]: To here.
|
|
* gnu/packages/tls.scm (openssl): Fix indentation of package definition.
|
|
* gnu/packages/tls.scm (openssl)[arguments]: When cross compiling add
case for mips64el-linux.
|
|
* gnu/packages/tls.scm (certbot, python-acme): Update 1.8.0.
|
|
Everywhere except mips64el, where a comment says it doesn't work. I can't test
as I can't build this on mips64el anyway.
This change will enable running the tests for libcacard.
* gnu/packages/tls.scm (gnutls)[arguments]: Only specify --without-p11-kit on
mips64el.
[inputs]: Include the p11-kit for all systems except mips64el.
|
|
Conflicts:
gnu/packages/admin.scm
gnu/packages/commencement.scm
gnu/packages/gdb.scm
gnu/packages/llvm.scm
gnu/packages/package-management.scm
gnu/packages/tls.scm
|
|
* gnu/packages/tls.scm (libressl): Update to 3.1.4.
|
