From 8638c2ee7c5f4e15a7382b3f17348fd3168f31f8 Mon Sep 17 00:00:00 2001 From: xuraoqing Date: Sat, 17 Jun 2023 10:13:28 +0800 Subject: [PATCH 1/2] add sw arch patch Signed-off-by: xuraoqing (cherry picked from commit bb7f99d360ebd60b78759429fa6d5b9edcceddff) --- gnutls-3.7.2-sw.patch | 123 ++++++++++++++++++++++++++++++++++++++++++ gnutls.spec | 10 ++-- 2 files changed, 130 insertions(+), 3 deletions(-) create mode 100644 gnutls-3.7.2-sw.patch diff --git a/gnutls-3.7.2-sw.patch b/gnutls-3.7.2-sw.patch new file mode 100644 index 0000000..8670476 --- /dev/null +++ b/gnutls-3.7.2-sw.patch @@ -0,0 +1,123 @@ +diff -Nuar gnutls-3.7.2.org/build-aux/config.guess gnutls-3.7.2.sw/build-aux/config.guess +--- gnutls-3.7.2.org/build-aux/config.guess 2022-04-08 14:19:41.630000000 +0000 ++++ gnutls-3.7.2.sw/build-aux/config.guess 2022-04-08 14:21:05.750000000 +0000 +@@ -938,6 +938,14 @@ + UNAME_MACHINE=aarch64_be + echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" + exit ;; ++ sw_64:Linux:*:*) ++ case $(sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null) in ++ sw) UNAME_MACHINE=sw_64 ;; ++ esac ++ objdump --private-headers /bin/sh | grep -q ld.so.1 ++ if test "$?" = 0 ; then LIBC=gnulibc1 ; fi ++ echo "$UNAME_MACHINE"-sunway-linux-"$LIBC" ++ exit ;; + alpha:Linux:*:*) + case $(sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null) in + EV5) UNAME_MACHINE=alphaev5 ;; +diff -Nuar gnutls-3.7.2.org/build-aux/config.sub gnutls-3.7.2.sw/build-aux/config.sub +--- gnutls-3.7.2.org/build-aux/config.sub 2022-04-08 14:19:41.630000000 +0000 ++++ gnutls-3.7.2.sw/build-aux/config.sub 2022-04-08 14:21:25.690000000 +0000 +@@ -1160,6 +1160,7 @@ + | a29k \ + | aarch64 | aarch64_be \ + | abacus \ ++ | sw_64 \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ + | alphapca5[67] | alpha64pca5[67] \ +diff -Nuar gnutls-3.7.2.org/configure gnutls-3.7.2.sw/configure +--- gnutls-3.7.2.org/configure 2022-04-08 14:19:42.150000000 +0000 ++++ gnutls-3.7.2.sw/configure 2022-04-08 14:24:41.310000000 +0000 +@@ -8863,6 +8863,12 @@ + # (according to the test results of Bruno Haible's ieeefp/fenv_default.m4 + # and the GCC 4.1.2 manual). + case "$host_cpu" in ++ sw_64*) ++ if test -n "$GCC"; then ++ # GCC has the option -mieee. ++ CPPFLAGS="$CPPFLAGS -mieee" ++ fi ++ ;; + alpha*) + # On Alpha systems, a compiler option provides the behaviour. + # See the ieee(3) manual page, also available at +@@ -14191,7 +14197,7 @@ + case "$gl_cv_host_cpu_c_abi" in + i386 | x86_64-x32 | arm | armhf | arm64-ilp32 | hppa | ia64-ilp32 | mips | mipsn32 | powerpc | riscv*-ilp32* | s390 | sparc) + gl_cv_host_cpu_c_abi_32bit=yes ;; +- x86_64 | alpha | arm64 | hppa64 | ia64 | mips64 | powerpc64 | powerpc64-elfv2 | riscv*-lp64* | s390x | sparc64 ) ++ x86_64 | sw_64 | alpha | arm64 | hppa64 | ia64 | mips64 | powerpc64 | powerpc64-elfv2 | riscv*-lp64* | s390x | sparc64 ) + gl_cv_host_cpu_c_abi_32bit=no ;; + *) + gl_cv_host_cpu_c_abi_32bit=unknown ;; +@@ -14220,7 +14226,7 @@ + ;; + + # CPUs that only support a 64-bit ABI. +- alpha | alphaev[4-8] | alphaev56 | alphapca5[67] | alphaev6[78] \ ++ sw_64* | alpha | alphaev[4-8] | alphaev56 | alphapca5[67] | alphaev6[78] \ + | mmix ) + gl_cv_host_cpu_c_abi_32bit=no + ;; +diff -Nuar gnutls-3.7.2.org/m4/host-cpu-c-abi.m4 gnutls-3.7.2.sw/m4/host-cpu-c-abi.m4 +--- gnutls-3.7.2.org/m4/host-cpu-c-abi.m4 2022-04-08 14:19:42.780000000 +0000 ++++ gnutls-3.7.2.sw/m4/host-cpu-c-abi.m4 2022-04-08 14:26:41.970000000 +0000 +@@ -91,6 +91,12 @@ + ;; + + changequote(,)dnl ++ sw_64* ) ++changequote([,])dnl ++ gl_cv_host_cpu_c_abi=sw_64 ++ ;; ++ ++changequote(,)dnl + alphaev[4-8] | alphaev56 | alphapca5[67] | alphaev6[78] ) + changequote([,])dnl + gl_cv_host_cpu_c_abi=alpha +@@ -355,6 +361,9 @@ + #ifndef __x86_64__ + #undef __x86_64__ + #endif ++#ifndef __sw_64__ ++#undef __sw_64__ ++#endif + #ifndef __alpha__ + #undef __alpha__ + #endif +@@ -468,7 +477,7 @@ + case "$gl_cv_host_cpu_c_abi" in + i386 | x86_64-x32 | arm | armhf | arm64-ilp32 | hppa | ia64-ilp32 | mips | mipsn32 | powerpc | riscv*-ilp32* | s390 | sparc) + gl_cv_host_cpu_c_abi_32bit=yes ;; +- x86_64 | alpha | arm64 | hppa64 | ia64 | mips64 | powerpc64 | powerpc64-elfv2 | riscv*-lp64* | s390x | sparc64 ) ++ x86_64 | sw_64 | alpha | arm64 | hppa64 | ia64 | mips64 | powerpc64 | powerpc64-elfv2 | riscv*-lp64* | s390x | sparc64 ) + gl_cv_host_cpu_c_abi_32bit=no ;; + *) + gl_cv_host_cpu_c_abi_32bit=unknown ;; +@@ -498,7 +507,7 @@ + + # CPUs that only support a 64-bit ABI. + changequote(,)dnl +- alpha | alphaev[4-8] | alphaev56 | alphapca5[67] | alphaev6[78] \ ++ sw_64* | alpha | alphaev[4-8] | alphaev56 | alphapca5[67] | alphaev6[78] \ + | mmix ) + changequote([,])dnl + gl_cv_host_cpu_c_abi_32bit=no +diff -Nuar gnutls-3.7.2.org/src/gl/m4/fpieee.m4 gnutls-3.7.2.sw/src/gl/m4/fpieee.m4 +--- gnutls-3.7.2.org/src/gl/m4/fpieee.m4 2022-04-08 14:19:42.800000000 +0000 ++++ gnutls-3.7.2.sw/src/gl/m4/fpieee.m4 2022-04-08 14:28:42.820000000 +0000 +@@ -30,6 +30,12 @@ + # (according to the test results of Bruno Haible's ieeefp/fenv_default.m4 + # and the GCC 4.1.2 manual). + case "$host_cpu" in ++ sw_64*) ++ if test -n "$GCC"; then ++ # GCC has the option -mieee. ++ CPPFLAGS="$CPPFLAGS -mieee" ++ fi ++ ;; + alpha*) + # On Alpha systems, a compiler option provides the behaviour. + # See the ieee(3) manual page, also available at diff --git a/gnutls.spec b/gnutls.spec index 4c2ac26..b0f6110 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,6 +1,6 @@ Name: gnutls Version: 3.7.2 -Release: 6 +Release: 7 Summary: The GNU Secure Communication Protocol Library License: LGPLv2.1+ and GPLv3+ @@ -11,8 +11,9 @@ Source1: https://www.gnupg.org/ftp/gcrypt/%{name}/v3.7/%{name}-%{version}.tar.xz Patch1: fix-ipv6-handshake-failed.patch Patch2: backport-CVE-2022-2509.patch Patch3: backport-CVE-2021-4209.patch -Patch4: backport-01-CVE-2023-0361.patch -Patch5: backport-02-CVE-2023-0361.patch +Patch4: gnutls-3.7.2-sw.patch +Patch5: backport-01-CVE-2023-0361.patch +Patch6: backport-02-CVE-2023-0361.patch %bcond_without dane %bcond_with guile @@ -219,6 +220,9 @@ make check %{?_smp_mflags} %endif %changelog +* Sat Jun 17 2023 xuraoqing <609179072@qq.com> - 3.7.2-7 +- add sw arch patch + * Sat Feb 18 2023 xuraoqing <609179072@qq.com> - 3.7.2-6 - fix CVE-2023-0361 -- Gitee From 1dfd3715a5b2225669d518f5a9b95c2bd324377e Mon Sep 17 00:00:00 2001 From: xuraoqing Date: Sat, 17 Jun 2023 10:57:29 +0800 Subject: [PATCH 2/2] add nettle-devel version Signed-off-by: xuraoqing (cherry picked from commit 437da705a5b9769a578678b0a6c805746bc1715a) --- gnutls.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/gnutls.spec b/gnutls.spec index b0f6110..07b693c 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,6 +1,6 @@ Name: gnutls Version: 3.7.2 -Release: 7 +Release: 8 Summary: The GNU Secure Communication Protocol Library License: LGPLv2.1+ and GPLv3+ @@ -22,7 +22,7 @@ Patch6: backport-02-CVE-2023-0361.patch BuildRequires: p11-kit-devel, gettext-devel, zlib-devel, readline-devel BuildRequires: libtasn1-devel, libtool, automake, autoconf, texinfo BuildRequires: autogen-libopts-devel, gperf, gnupg2, gcc, gcc-c++ -BuildRequires: nettle-devel, trousers-devel, libidn2-devel +BuildRequires: nettle-devel >= 3.7.3, trousers-devel, libidn2-devel BuildRequires: libunistring-devel, net-tools, softhsm BuildRequires: p11-kit-trust, ca-certificates, gtk-doc, perl %if %{with fips} @@ -220,6 +220,9 @@ make check %{?_smp_mflags} %endif %changelog +* Sat Jun 17 2023 xuraoqing <609179072@qq.com> - 3.7.2-8 +- add nettle-devel version + * Sat Jun 17 2023 xuraoqing <609179072@qq.com> - 3.7.2-7 - add sw arch patch -- Gitee