- rel 3; fix gnutls build

diff --git a/eet.spec b/eet.spec
index 628b3b8170cfc424c497c379128546cdd84582b1..00c2ee4257ec2ac7cd59934545ec36e3d0bf2689 100644 (file)
--- a/eet.spec
+++ b/eet.spec
@@ -8,11 +8,12 @@ Summary:      Library for speedy data storage, retrieval, and compression
 Summary(pl.UTF-8):     Biblioteka do szybkiego zapisywania, odtwarzania i kompresji danych
 Name:          eet
 Version:       1.7.10
-Release:       2
+Release:       3
 License:       BSD
 Group:         Libraries
-Source0:       http://download.enlightenment.org/releases/%{name}-%{version}.tar.bz2
+Source0:       http://download.enlightenment.org/att/releases/%{name}-%{version}.tar.bz2
 # Source0-md5: 396ccb7094518cb9ce6939e7d2c6ef8c
+Patch0:                gnutls.patch
 URL:           http://trac.enlightenment.org/e/wiki/Eet
 BuildRequires: autoconf >= 2.52
 BuildRequires: automake >= 1.6
@@ -86,6 +87,7 @@ Statyczna biblioteka Eet.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 %{__libtoolize}

diff --git a/gnutls.patch b/gnutls.patch
new file mode 100644 (file)
index 0000000..3f29c49
--- /dev/null
+++ b/gnutls.patch
@@ -0,0 +1,153 @@
+--- eet-1.7.10/src/lib/eet_cipher.c.orig       2013-07-29 16:22:39.000000000 +0200
++++ eet-1.7.10/src/lib/eet_cipher.c    2018-09-19 10:34:46.452526279 +0200
+@@ -56,9 +56,7 @@ void *alloca(size_t);
+ 
+ #ifdef HAVE_CIPHER
+ # ifdef HAVE_GNUTLS
+-#  if defined EET_USE_NEW_PUBKEY_VERIFY_HASH || defined EET_USE_NEW_PRIVKEY_SIGN_DATA
+-#   include <gnutls/abstract.h>
+-#  endif
++#  include <gnutls/abstract.h>
+ #  include <gnutls/x509.h>
+ #  include <gcrypt.h>
+ # else /* ifdef HAVE_GNUTLS */
+@@ -500,10 +498,8 @@ eet_identity_sign(FILE    *fp,
+    gnutls_datum_t datum = { NULL, 0 };
+    size_t sign_len = 0;
+    size_t cert_len = 0;
+-#ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA
+    gnutls_datum_t signum = { NULL, 0 };
+    gnutls_privkey_t privkey;
+-#endif
+ # else /* ifdef HAVE_GNUTLS */
+    EVP_MD_CTX md_ctx;
+    unsigned int sign_len = 0;
+@@ -535,7 +531,6 @@ eet_identity_sign(FILE    *fp,
+    datum.size = st_buf.st_size;
+ 
+    /* Get the signature length */
+-#ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA
+    if (gnutls_privkey_init(&privkey) < 0)
+      {
+         err = EET_ERROR_SIGNATURE_FAILED;
+@@ -556,30 +551,6 @@ eet_identity_sign(FILE    *fp,
+ 
+    sign = signum.data;
+    sign_len = signum.size;
+-#else
+-   if (gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0,
+-                                     &datum, sign, &sign_len) &&
+-       !sign_len)
+-     {
+-        err = EET_ERROR_SIGNATURE_FAILED;
+-        goto on_error;
+-     }
+-
+-   /* Get the signature */
+-   sign = malloc(sign_len);
+-   if (!sign ||
+-       gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0,
+-                                     &datum,
+-                                     sign, &sign_len))
+-     {
+-        if (!sign)
+-          err = EET_ERROR_OUT_OF_MEMORY;
+-        else
+-          err = EET_ERROR_SIGNATURE_FAILED;
+-
+-        goto on_error;
+-     }
+-#endif
+ 
+    /* Get the certificate length */
+    if (gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert,
+@@ -729,15 +700,11 @@ eet_identity_check(const void   *data_ba
+    gnutls_x509_crt_t cert;
+    gnutls_datum_t datum;
+    gnutls_datum_t signature;
+-#  if EET_USE_NEW_GNUTLS_API
+-#  if EET_USE_NEW_PUBKEY_VERIFY_HASH
+    gnutls_pubkey_t pubkey;
+    gnutls_digest_algorithm_t hash_algo;
+-#  endif
+    unsigned char *hash;
+    gcry_md_hd_t md;
+    int err;
+-#  endif /* if EET_USE_NEW_GNUTLS_API */
+ 
+    /* Create an understanding certificate structure for gnutls */
+    datum.data = (void *)cert_der;
+@@ -749,7 +716,6 @@ eet_identity_check(const void   *data_ba
+    signature.size = sign_len;
+ 
+    /* Verify the signature */
+-#  if EET_USE_NEW_GNUTLS_API
+    /*
+       I am waiting for my patch being accepted in GnuTLS release.
+       But we now have a way to prevent double computation of SHA1.
+@@ -767,7 +733,6 @@ eet_identity_check(const void   *data_ba
+    datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
+    datum.data = hash;
+ 
+-#  ifdef EET_USE_NEW_PUBKEY_VERIFY_HASH
+    if (gnutls_pubkey_init(&pubkey) < 0)
+      goto on_error;
+ 
+@@ -779,10 +744,6 @@ eet_identity_check(const void   *data_ba
+ 
+    if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0)
+      goto on_error;
+-#  else
+-   if (!gnutls_x509_crt_verify_hash(cert, 0, &datum, &signature))
+-     goto on_error;
+-#  endif
+ 
+    if (sha1)
+      {
+@@ -794,20 +755,6 @@ eet_identity_check(const void   *data_ba
+      }
+ 
+    gcry_md_close(md);
+-#  else /* if EET_USE_NEW_GNUTLS_API */
+-   datum.data = (void *)data_base;
+-   datum.size = data_length;
+-
+-   if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature))
+-     return NULL;
+-
+-   if (sha1)
+-     {
+-        *sha1 = NULL;
+-        *sha1_length = -1;
+-     }
+-
+-#  endif /* if EET_USE_NEW_GNUTLS_API */
+    gnutls_x509_crt_deinit(cert);
+ 
+ # else /* ifdef HAVE_GNUTLS */
+@@ -861,11 +808,9 @@ eet_identity_check(const void   *data_ba
+ 
+    return cert_der;
+ # ifdef HAVE_GNUTLS
+-#  if EET_USE_NEW_GNUTLS_API
+  on_error:
+    gcry_md_close(md);
+    return NULL;
+-#  endif
+ # endif
+ #else /* ifdef HAVE_SIGNATURE */
+    data_base = NULL;
+--- eet-1.7.10/src/lib/eet_cipher.c.org        2018-09-19 10:53:01.742816086 +0200
++++ eet-1.7.10/src/lib/eet_cipher.c    2018-09-19 10:54:10.794913636 +0200
+@@ -739,10 +739,7 @@ eet_identity_check(const void   *data_ba
+    if (gnutls_pubkey_import_x509(pubkey, cert, 0) < 0)
+      goto on_error;
+ 
+-   if (gnutls_pubkey_get_verify_algorithm(pubkey, &signature, &hash_algo) < 0)
+-     goto on_error;
+-
+-   if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0)
++   if (gnutls_pubkey_verify_hash2(pubkey, GNUTLS_SIGN_RSA_SHA1, 0, &datum, &signature) < 0)
+      goto on_error;
+ 
+    if (sha1)