[OE-core] [V2][PATCH] gnutls: Update to 3.6.3
Andre McCurdy
armccurdy at gmail.com
Mon Aug 20 20:46:29 UTC 2018
On Fri, Aug 17, 2018 at 3:39 PM, akuster808 <akuster808 at gmail.com> wrote:
> On 08/17/2018 02:31 PM, Andre McCurdy wrote:
>> On Fri, Aug 17, 2018 at 7:14 AM, Armin Kuster <akuster808 at gmail.com> wrote:
>>> [v2]
>>> Fix new config options form with to disable.
>>>
>>> [v1]
>>> release notes: https://lists.gnupg.org/pipermail/gnutls-devel/2018-July/008584.html
>>>
>>> add ssl3 and tls1.3 config options now supported.
>>>
>>> Signed-off-by: Armin Kuster <akuster808 at gmail.com>
>>> ---
>>> meta/recipes-support/gnutls/gnutls.inc | 2 ++
>>> .../gnutls/{gnutls_3.6.2.bb => gnutls_3.6.3.bb} | 5 +++--
>>> 2 files changed, 5 insertions(+), 2 deletions(-)
>>> rename meta/recipes-support/gnutls/{gnutls_3.6.2.bb => gnutls_3.6.3.bb} (53%)
>>>
>>> diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc
>>> index 04c0fd2af8..f204e5f4c0 100644
>>> --- a/meta/recipes-support/gnutls/gnutls.inc
>>> +++ b/meta/recipes-support/gnutls/gnutls.inc
>>> @@ -30,6 +30,8 @@ PACKAGECONFIG[libidn] = "--with-idn,--without-idn,libidn2"
>>> PACKAGECONFIG[libtasn1] = "--with-included-libtasn1=no,--with-included-libtasn1,libtasn1"
>>> PACKAGECONFIG[p11-kit] = "--with-p11-kit,--without-p11-kit,p11-kit"
>>> PACKAGECONFIG[tpm] = "--with-tpm,--without-tpm,trousers"
>>> +PACKAGECONFIG[ssl3] = "--enable-ssl3-support,--disable-ssl3-support,"
>>> +PACKAGECONFIG[tls13] = "--enable-tls13-support,--disable-tls13-support,"
>> I'm not sure whether either of these should have PACKAGECONFIG options.
>>
>> SSL v3 is obsolete and if gnutls is disabling it by default now then
>> it's probably best to leave it that way (dead and buried). Experienced
>> users can always enable via EXTRA_OECONF if they really need it.
>>
>> TLS 1.3 is the opposite - it's brand new. If we add a PACKAGECONFIG
>> option to control it then it becomes the gnutls recipe maintainer's
>> job to figure out when to enable it by default. I think it's better to
>> leave that decision to upstream gnutls.
> No change in behavior in the way its setup now.
>
> You can send a patch to correct them. I am not doing a v3 for this.
No, not a big issue either way.
I thought we might be getting a v3 anyway to move the [v1] and [v2]
comments below the "---" line but the v2 got merged as-is...
More information about the Openembedded-core
mailing list