packages/glib-networking
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!12 update glib-networking to 2.68.1

Browse Source 
From: @yangl777 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
This commit is contained in:
openeuler-ci-bot 2022-03-22 03:19:23 +00:00 committed by Gitee
commit 14298298fb
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
4 changed files with 117 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
backport-allow-tls-unique-channel-binding-test-to-fail.patch Normal file
View File

@ -0,0 +1,105 @@
From 5b1dfa43c3dbc97e04d2fd0ce60f897d95a587ca Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Tue, 22 Jun 2021 20:15:32 -0500
Subject: [PATCH] Allow tls-unique channel binding test to fail
The tls-unique channel binding type is not supported under TLS 1.3.
Since GnuTLS 3.7.2, this now fails differently than before. Previously,
the call to g_tls_connection_get_channel_binding_data() would succeed
but return no data. That was a bug. Now it fails, as expected.
Since our tests are not supposed to have different behavior depending on
TLS backend or TLS version, let's just rewrite this test to allow
tls-unique to fail.
Fixes #164
---
tls/tests/connection.c | 63 ++++++++++++++++++++++++++------------------------
1 file changed, 33 insertions(+), 30 deletions(-)
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 475285d..b0dd9d8 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -2562,6 +2562,8 @@ test_connection_binding_match_tls_unique (TestConnection *test,
GIOStream *connection;
GByteArray *client_cb, *server_cb;
gchar *client_b64, *server_b64;
+ gboolean client_supports_tls_unique;
+ gboolean server_supports_tls_unique;
GError *error = NULL;
test->database = g_tls_file_database_new (tls_test_file_path ("ca-roots.pem"), &error);
@@ -2590,38 +2592,39 @@ test_connection_binding_match_tls_unique (TestConnection *test,
read_test_data_async (test);
g_main_loop_run (test->loop);
- /* Smoke test: ensure both sides support tls-unique */
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL));
+ /* tls-unique is supported by the OpenSSL backend always. It's supported by
+ * the GnuTLS backend only with TLS 1.2 or older. Since the test needs to be
+ * independent of backend and TLS version, this is allowed to fail....
+ */
+ client_supports_tls_unique = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL);
+ server_supports_tls_unique = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, NULL, NULL);
+ g_assert_cmpint (client_supports_tls_unique, ==, server_supports_tls_unique);
/* Real test: retrieve bindings and compare */
- client_cb = g_byte_array_new ();
- server_cb = g_byte_array_new ();
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, client_cb, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_UNIQUE, server_cb, NULL));
-
-#ifdef BACKEND_IS_OPENSSL
- g_assert_cmpint (client_cb->len, >, 0);
- g_assert_cmpint (server_cb->len, >, 0);
-#else
- /* GnuTLS returns empty binding for TLS1.3, let's pretend it didn't happen
- * see https://gitlab.com/gnutls/gnutls/-/issues/1041 */
- if (client_cb->len == 0 && server_cb->len == 0)
- g_test_skip ("GnuTLS missing support for tls-unique over TLS1.3");
-#endif
-
- client_b64 = g_base64_encode (client_cb->data, client_cb->len);
- server_b64 = g_base64_encode (server_cb->data, server_cb->len);
- g_assert_cmpstr (client_b64, ==, server_b64);
-
- g_free (client_b64);
- g_free (server_b64);
- g_byte_array_unref (client_cb);
- g_byte_array_unref (server_cb);
+ if (client_supports_tls_unique)
+ {
+ client_cb = g_byte_array_new ();
+ server_cb = g_byte_array_new ();
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, client_cb, NULL));
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ G_TLS_CHANNEL_BINDING_TLS_UNIQUE, server_cb, NULL));
+ g_assert_cmpint (client_cb->len, >, 0);
+ g_assert_cmpint (server_cb->len, >, 0);
+
+ client_b64 = g_base64_encode (client_cb->data, client_cb->len);
+ server_b64 = g_base64_encode (server_cb->data, server_cb->len);
+ g_assert_cmpstr (client_b64, ==, server_b64);
+
+ g_free (client_b64);
+ g_free (server_b64);
+ g_byte_array_unref (client_cb);
+ g_byte_array_unref (server_cb);
+ }
+ else
+ g_test_skip ("tls-unique is not supported");
/* drop the mic */
close_server_connection (test);
--
1.8.3.1

BIN
glib-networking-2.66.0.tar.xz
View File

Binary file not shown.

BIN
glib-networking-2.68.1.tar.xz Normal file
View File

Binary file not shown.

16
glib-networking.spec
View File

@ -1,17 +1,19 @@
Name: glib-networking Name: glib-networking
Version: 2.66.0 Version: 2.68.1
Release: 2 Release: 1
Summary: Network-related modules for glib Summary: Network-related modules for glib
License: LGPLv2+ License: LGPLv2+
URL: http://www.gnome.org URL: http://www.gnome.org
Source0: http://download.gnome.org/sources/glib-networking/2.66/%{name}-%{version}.tar.xz Source0: http://download.gnome.org/sources/glib-networking/2.66/%{name}-%{version}.tar.xz
Patch0: backport-allow-tls-unique-channel-binding-test-to-fail.patch
BuildRequires: meson gcc ca-certificates gettext systemd BuildRequires: meson gcc ca-certificates gettext systemd
BuildRequires: pkgconfig(glib-2.0) >= 2.63.0 pkgconfig(gnutls) BuildRequires: pkgconfig(glib-2.0) >= 2.67.0 pkgconfig(gnutls)
BuildRequires: pkgconfig(gio-2.0) pkgconfig(gsettings-desktop-schemas) BuildRequires: pkgconfig(gio-2.0) pkgconfig(gsettings-desktop-schemas)
BuildRequires: pkgconfig(libproxy-1.0) pkgconfig(p11-kit-1) BuildRequires: pkgconfig(libproxy-1.0) pkgconfig(p11-kit-1)
Requires: ca-certificates gsettings-desktop-schemas glib2 >= 2.63.0 Requires: ca-certificates gsettings-desktop-schemas glib2 >= 2.67.0
%description %description
glib-networking contains the implementations of certain GLib networking features glib-networking contains the implementations of certain GLib networking features
@ -54,6 +56,12 @@ verify the Usability of the glib-networking package.
%{_datadir}/installed-tests %{_datadir}/installed-tests
%changelog %changelog
* Mon Mar 21 2022 yanglu <yanglu2@h-partners.com> - 2.68.1-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update glib-networking to 2.68.1
* Mon Jul 19 2021 lijingyuan <lijingyuan3@huawei.com> - 2.62.4-2 * Mon Jul 19 2021 lijingyuan <lijingyuan3@huawei.com> - 2.62.4-2
- Type:requirement - Type:requirement
- ID:NA - ID:NA