diff --git a/backport-allow-tls-unique-channel-binding-test-to-fail.patch b/backport-allow-tls-unique-channel-binding-test-to-fail.patch deleted file mode 100644 index ee689b093f31da7e3a2952b3e04066c1b3eeae83..0000000000000000000000000000000000000000 --- a/backport-allow-tls-unique-channel-binding-test-to-fail.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 5b1dfa43c3dbc97e04d2fd0ce60f897d95a587ca Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Tue, 22 Jun 2021 20:15:32 -0500 -Subject: [PATCH] Allow tls-unique channel binding test to fail - -The tls-unique channel binding type is not supported under TLS 1.3. -Since GnuTLS 3.7.2, this now fails differently than before. Previously, -the call to g_tls_connection_get_channel_binding_data() would succeed -but return no data. That was a bug. Now it fails, as expected. - -Since our tests are not supposed to have different behavior depending on -TLS backend or TLS version, let's just rewrite this test to allow -tls-unique to fail. - -Fixes #164 ---- - tls/tests/connection.c | 63 ++++++++++++++++++++++++++------------------------ - 1 file changed, 33 insertions(+), 30 deletions(-) - -diff --git a/tls/tests/connection.c b/tls/tests/connection.c -index 475285d..b0dd9d8 100644 ---- a/tls/tests/connection.c -+++ b/tls/tests/connection.c -@@ -2562,6 +2562,8 @@ test_connection_binding_match_tls_unique (TestConnection *test, - GIOStream *connection; - GByteArray *client_cb, *server_cb; - gchar *client_b64, *server_b64; -+ gboolean client_supports_tls_unique; -+ gboolean server_supports_tls_unique; - GError *error = NULL; - - test->database = g_tls_file_database_new (tls_test_file_path ("ca-roots.pem"), &error); -@@ -2590,38 +2592,39 @@ test_connection_binding_match_tls_unique (TestConnection *test, - read_test_data_async (test); - g_main_loop_run (test->loop); - -- /* Smoke test: ensure both sides support tls-unique */ -- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), -- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL)); -- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), -- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL)); -+ /* tls-unique is supported by the OpenSSL backend always. It's supported by -+ * the GnuTLS backend only with TLS 1.2 or older. Since the test needs to be -+ * independent of backend and TLS version, this is allowed to fail.... -+ */ -+ client_supports_tls_unique = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), -+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL); -+ server_supports_tls_unique = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), -+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL); -+ g_assert_cmpint (client_supports_tls_unique, ==, server_supports_tls_unique); - - /* Real test: retrieve bindings and compare */ -- client_cb = g_byte_array_new (); -- server_cb = g_byte_array_new (); -- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), -- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, client_cb, NULL)); -- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), -- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, server_cb, NULL)); -- --#ifdef BACKEND_IS_OPENSSL -- g_assert_cmpint (client_cb->len, >, 0); -- g_assert_cmpint (server_cb->len, >, 0); --#else -- /* GnuTLS returns empty binding for TLS1.3, let's pretend it didn't happen -- * see https://gitlab.com/gnutls/gnutls/-/issues/1041 */ -- if (client_cb->len == 0 && server_cb->len == 0) -- g_test_skip ("GnuTLS missing support for tls-unique over TLS1.3"); --#endif -- -- client_b64 = g_base64_encode (client_cb->data, client_cb->len); -- server_b64 = g_base64_encode (server_cb->data, server_cb->len); -- g_assert_cmpstr (client_b64, ==, server_b64); -- -- g_free (client_b64); -- g_free (server_b64); -- g_byte_array_unref (client_cb); -- g_byte_array_unref (server_cb); -+ if (client_supports_tls_unique) -+ { -+ client_cb = g_byte_array_new (); -+ server_cb = g_byte_array_new (); -+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), -+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, client_cb, NULL)); -+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), -+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, server_cb, NULL)); -+ g_assert_cmpint (client_cb->len, >, 0); -+ g_assert_cmpint (server_cb->len, >, 0); -+ -+ client_b64 = g_base64_encode (client_cb->data, client_cb->len); -+ server_b64 = g_base64_encode (server_cb->data, server_cb->len); -+ g_assert_cmpstr (client_b64, ==, server_b64); -+ -+ g_free (client_b64); -+ g_free (server_b64); -+ g_byte_array_unref (client_cb); -+ g_byte_array_unref (server_cb); -+ } -+ else -+ g_test_skip ("tls-unique is not supported"); - - /* drop the mic */ - close_server_connection (test); --- -1.8.3.1 - diff --git a/glib-networking-2.68.1.tar.xz b/glib-networking-2.68.1.tar.xz deleted file mode 100644 index dff0ea15fdf9919b6ce126d262916c725b207ccf..0000000000000000000000000000000000000000 Binary files a/glib-networking-2.68.1.tar.xz and /dev/null differ diff --git a/glib-networking-2.72.0-1.src.rpm b/glib-networking-2.72.0-1.src.rpm new file mode 100644 index 0000000000000000000000000000000000000000..ebf1318b663bd9b7bd64ce59420918572a5c25d3 Binary files /dev/null and b/glib-networking-2.72.0-1.src.rpm differ diff --git a/glib-networking.spec b/glib-networking.spec index 8d2023b57fd869e2e0e57da0b914b5864f5523a3..2bd3ecfe797f3de862c84b21f453f6b02d54ea56 100644 --- a/glib-networking.spec +++ b/glib-networking.spec @@ -1,19 +1,18 @@ Name: glib-networking -Version: 2.68.1 -Release: 2 +Version: 2.72.0 +Release: 1 Summary: Network-related modules for glib License: LGPLv2+ -URL: http://www.gnome.org -Source0: http://download.gnome.org/sources/glib-networking/2.66/%{name}-%{version}.tar.xz - -Patch0: backport-allow-tls-unique-channel-binding-test-to-fail.patch +URL: https://gitlab.gnome.org/GNOME/glib-networking +Source0: https://download.gnome.org/sources/glib-networking/2.72/%{name}-%{version}.tar.xz BuildRequires: meson gcc ca-certificates gettext systemd -BuildRequires: pkgconfig(glib-2.0) >= 2.67.0 pkgconfig(gnutls) +BuildRequires: pkgconfig(glib-2.0) >= 2.69.0 pkgconfig(gnutls) BuildRequires: pkgconfig(gio-2.0) pkgconfig(gsettings-desktop-schemas) BuildRequires: pkgconfig(libproxy-1.0) pkgconfig(p11-kit-1) -Requires: ca-certificates gsettings-desktop-schemas glib2 >= 2.67.0 +Requires: ca-certificates gsettings-desktop-schemas glib2 >= 2.69.0 +Recommends: libproxy-webkitgtk4 %description glib-networking contains the implementations of certain GLib networking features @@ -43,9 +42,12 @@ verify the Usability of the glib-networking package. %files -f %{name}.lang %defattr(-,root,root) -%doc NEWS README %license COPYING -%{_libdir}/gio/modules/* +%doc NEWS README +%{_libdir}/gio/modules/libgioenvironmentproxy.so +%{_libdir}/gio/modules/libgiognomeproxy.so +%{_libdir}/gio/modules/libgiognutls.so +%{_libdir}/gio/modules/libgiolibproxy.so %{_libexecdir}/glib-pacrunner %{_datadir}/dbus-1/services/org.gtk.GLib.PACRunner.service %{_userunitdir}/glib-pacrunner.service @@ -56,6 +58,9 @@ verify the Usability of the glib-networking package. %{_datadir}/installed-tests %changelog +* Fri Apr 8 2022 lin zhang - 2.72.0-1 +- Update to 2.72.0 + * Fri Jan 07 2022 xingwei - 2.68.1-2 - Type:bugfix - ID:NA