[blfs-book] r11032 - in trunk/BOOK: . general/genlib postlfs/security

krejzi at higgs.linuxfromscratch.org krejzi at higgs.linuxfromscratch.org
Fri Mar 1 04:31:35 PST 2013


Author: krejzi
Date: Fri Mar  1 04:31:35 2013
New Revision: 11032

Log:
GnuTLS 3.1.9.1, NSS 3.14.3, NSPR 4.9.5, P11-Kit 0.15.2, OpenSSL 1.0.1e.

Modified:
   trunk/BOOK/general.ent
   trunk/BOOK/general/genlib/nspr.xml
   trunk/BOOK/postlfs/security/gnutls.xml
   trunk/BOOK/postlfs/security/nss.xml
   trunk/BOOK/postlfs/security/openssl.xml
   trunk/BOOK/postlfs/security/p11-kit.xml

Modified: trunk/BOOK/general.ent
==============================================================================
--- trunk/BOOK/general.ent	Fri Mar  1 03:01:49 2013	(r11031)
+++ trunk/BOOK/general.ent	Fri Mar  1 04:31:35 2013	(r11032)
@@ -178,7 +178,7 @@
 <!ENTITY cyrus-sasl-version           "2.1.25">
 <!ENTITY gnupg-version                "1.4.13">
 <!ENTITY gnupg2-version               "2.0.19">
-<!ENTITY gnutls-version               "3.1.6">
+<!ENTITY gnutls-version               "3.1.9">
 <!ENTITY gpgme-version                "1.3.2">
 <!ENTITY iptables-version             "1.4.17">
 <!ENTITY libcap2-version              "2.22">
@@ -188,11 +188,11 @@
 <!ENTITY mitkrb-version               "1.11.1">
 <!ENTITY nettle-version               "2.6">
 <!ENTITY nss-major-version            "14">
-<!ENTITY nss-minor-version            "1">
+<!ENTITY nss-minor-version            "3">
 <!ENTITY nss-version                  "3.&nss-major-version;.&nss-minor-version;">
 <!ENTITY openssh-version              "6.1p1">
-<!ENTITY openssl-version              "1.0.1c">
-<!ENTITY p11-kit-version              "0.14">
+<!ENTITY openssl-version              "1.0.1e">
+<!ENTITY p11-kit-version              "0.15.2">
 <!ENTITY polkit-version               "0.110">
 <!ENTITY shadow-version               "4.1.5.1">
 <!ENTITY stunnel-version              "4.54">
@@ -285,7 +285,7 @@
 <!ENTITY libxslt-version              "1.1.28">
 <!ENTITY LZO-version                  "2.06">
 <!ENTITY mtdev-version                "1.1.3">
-<!ENTITY nspr-version                 "4.9.4">
+<!ENTITY nspr-version                 "4.9.5">
 <!ENTITY openobex-version             "1.6">
 <!ENTITY pcre-version                 "8.32">
 <!ENTITY popt-version                 "1.16">

Modified: trunk/BOOK/general/genlib/nspr.xml
==============================================================================
--- trunk/BOOK/general/genlib/nspr.xml	Fri Mar  1 03:01:49 2013	(r11031)
+++ trunk/BOOK/general/genlib/nspr.xml	Fri Mar  1 04:31:35 2013	(r11032)
@@ -8,7 +8,7 @@
            "http://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v&nspr-version;/src/nspr-&nspr-version;.tar.gz">
   <!ENTITY nspr-download-ftp
            "ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v&nspr-version;/src/nspr-&nspr-version;.tar.gz">
-  <!ENTITY nspr-md5sum        "cf58772702b3abbdcff14e22014eeeaf">
+  <!ENTITY nspr-md5sum        "b6ccfa8fcbbeb17ebeb19a3edff612bd">
   <!ENTITY nspr-size          "1.2 MB">
   <!ENTITY nspr-buildsize     "12 MB">
   <!ENTITY nspr-time          "less than 0.1 SBU">

Modified: trunk/BOOK/postlfs/security/gnutls.xml
==============================================================================
--- trunk/BOOK/postlfs/security/gnutls.xml	Fri Mar  1 03:01:49 2013	(r11031)
+++ trunk/BOOK/postlfs/security/gnutls.xml	Fri Mar  1 04:31:35 2013	(r11032)
@@ -6,8 +6,8 @@
 
   <!ENTITY gnutls-download-http " ">
   <!ENTITY gnutls-download-ftp  "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-&gnutls-version;.tar.xz">
-  <!ENTITY gnutls-md5sum        "835a5d20def765cd49ad7274ff3e7493">
-  <!ENTITY gnutls-size          "4.8 MB">
+  <!ENTITY gnutls-md5sum        "0674032fe6de0d90d08eed81fcac2e1d">
+  <!ENTITY gnutls-size          "4.9 MB">
   <!ENTITY gnutls-buildsize     "130 MB">
   <!ENTITY gnutls-time          "0.8 SBU (additional 3.0 SBU if running the testsuite)">
 ]>
@@ -98,6 +98,7 @@
 
     <bridgehead renderas="sect4">Recommended</bridgehead>
     <para role="recommended">
+      <xref linkend="cacerts"/> and
       <xref linkend="libtasn1"/>
     </para>
 
@@ -131,7 +132,9 @@
       following commands:
     </para>
 
-<screen><userinput>./configure --prefix=/usr --disable-static &&
+<screen><userinput>./configure --prefix=/usr    \
+            --disable-static \
+            --with-default-trust-store-file=/etc/ssl/ca-bundle.crt &&
 make</userinput></screen>
 
     <para>
@@ -160,6 +163,12 @@
   <sect2 role="commands">
     <title>Command Explanations</title>
 
+    <para>
+      <parameter>--with-default-trust-store-file=/etc/ssl/ca-bundle.crt</parameter>:
+      This switch tells <command>configure</command> where to find the
+      CA Certificates.
+    </para>
+
     <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
       href="../../xincludes/static-libraries.xml"/>
 
@@ -179,10 +188,11 @@
       <seglistitem>
         <seg>
           certtool, crywrap, danetool, gnutls-cli, gnutls-cli-debug,
-          gnutls-serv, ocsptool, p11tool, psktool, and srptool
+          gnutls-serv, ocsptool, p11tool, psktool and srptool
         </seg>
         <seg>
-          libgnutls.so, libgnutls-openssl.so, and libgnutlsxx.so
+          libgnutls.so, libgnutls-openssl.so, libgnutls-xssl.so and
+          libgnutlsxx.so
         </seg>
         <seg>
           /usr/include/gnutls and
@@ -221,6 +231,19 @@
           </indexterm>
         </listitem>
       </varlistentry>
+
+      <varlistentry id="danetool">
+        <term><command>danetool</command></term>
+        <listitem>
+          <para>
+            is a tool used to generate and check DNS resource records
+            for the DANE protocol.
+          </para>
+          <indexterm zone="gnutls danetool">
+            <primary sortas="b-danetool">danetool</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
       <varlistentry id="gnutls-cli">
         <term><command>gnutls-cli</command></term>

Modified: trunk/BOOK/postlfs/security/nss.xml
==============================================================================
--- trunk/BOOK/postlfs/security/nss.xml	Fri Mar  1 03:01:49 2013	(r11031)
+++ trunk/BOOK/postlfs/security/nss.xml	Fri Mar  1 04:31:35 2013	(r11032)
@@ -5,12 +5,12 @@
   %general-entities;
 
   <!ENTITY nss-download-http
-           "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;_WITH_CKBI_1_93_RTM/src/nss-&nss-version;.with.ckbi.1.93.tar.gz">
+           "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;/src/nss-&nss-version;.tar.gz">
   <!ENTITY nss-download-ftp
-           "ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;_WITH_CKBI_1_93_RTM/src/nss-&nss-version;.with.ckbi.1.93.tar.gz">
-  <!ENTITY nss-md5sum        "49e6661758deb0c469f0b4edd4e727d5">
-  <!ENTITY nss-size          "5.6 MB">
-  <!ENTITY nss-buildsize     "70 MB">
+           "ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_&nss-major-version;_&nss-minor-version;/src/nss-&nss-version;.tar.gz">
+  <!ENTITY nss-md5sum        "b326c2be8df277f62fb9c65fb3428148">
+  <!ENTITY nss-size          "6.0 MB">
+  <!ENTITY nss-buildsize     "72 MB">
   <!ENTITY nss-time          "0.8 SBU">
 ]>
 

Modified: trunk/BOOK/postlfs/security/openssl.xml
==============================================================================
--- trunk/BOOK/postlfs/security/openssl.xml	Fri Mar  1 03:01:49 2013	(r11031)
+++ trunk/BOOK/postlfs/security/openssl.xml	Fri Mar  1 04:31:35 2013	(r11032)
@@ -5,12 +5,12 @@
   %general-entities;
 
   <!ENTITY openssl-download-http
-    "http://www.openssl.org/source/openssl-&openssl-version;.tar.gz">
+           "http://www.openssl.org/source/openssl-&openssl-version;.tar.gz">
   <!ENTITY openssl-download-ftp
-    "ftp://ftp.openssl.org/source/openssl-&openssl-version;.tar.gz">
-  <!ENTITY openssl-md5sum        "ae412727c8c15b67880aef7bd2999b2e">
+           "ftp://ftp.openssl.org/source/openssl-&openssl-version;.tar.gz">
+  <!ENTITY openssl-md5sum        "66bf6f10f060d561929de96f9dfe5b8c">
   <!ENTITY openssl-size          "4.3 MB">
-  <!ENTITY openssl-buildsize     "43 MB">
+  <!ENTITY openssl-buildsize     "55 MB">
   <!ENTITY openssl-time          "1.5 SBU">
 ]>
 
@@ -76,7 +76,7 @@
     </itemizedlist>
 
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
-    <itemizedlist spacing='compact'>
+    <itemizedlist spacing="compact">
       <listitem>
         <para>
           Required patch: <ulink
@@ -89,9 +89,9 @@
 
     <bridgehead renderas="sect4">Optional</bridgehead>
     <para role="optional">
-      <xref linkend="mitkrb"/> and
       <xref linkend="bc"/> (required for full coverage by the test suite during
-      the build)
+      the build) and
+      <xref linkend="mitkrb"/>
     </para>
 
     <para condition="html" role="usernotes">
@@ -107,7 +107,7 @@
     </para>
 
 <screen><userinput>patch -Np1 -i ../openssl-&openssl-version;-fix_manpages-1.patch &&
-./config --prefix=/usr zlib-dynamic --openssldir=/etc/ssl shared &&
+./config --prefix=/usr --openssldir=/etc/ssl shared zlib-dynamic &&
 make</userinput></screen>
 
     <para>
@@ -124,9 +124,10 @@
       Now, as the <systemitem class="username">root</systemitem> user:
     </para>
 
-<screen role="root"><userinput>make MANDIR=/usr/share/man install                &&
-install -v -d -m755 /usr/share/doc/openssl-&openssl-version; &&
-cp -v -r doc/*      /usr/share/doc/openssl-&openssl-version;</userinput></screen>
+<screen role="root"><userinput>make MANDIR=/usr/share/man install              &&
+install -dv -m755 /usr/share/doc/openssl-&openssl-version; &&
+cp -vfr doc/*     /usr/share/doc/openssl-&openssl-version;</userinput></screen>
+
   </sect2>
 
   <sect2 role="commands">
@@ -156,6 +157,7 @@
       <filename class='directory'>/usr/share/man</filename> instead of
       <filename class='directory'>/etc/ssl/man</filename>.
     </para>
+
   </sect2>
 
   <sect2 role="configuration">
@@ -171,6 +173,7 @@
       <indexterm zone="openssl openssl-config">
         <primary sortas="e-etc-ssl-openssl.cnf">/etc/ssl/openssl.cnf</primary>
       </indexterm>
+
     </sect3>
 
     <sect3>
@@ -194,7 +197,9 @@
         update <filename>/etc/ssl/openssl.cnf</filename> or be able to find out
         how to do it.
       </para>
+
     </sect3>
+
   </sect2>
 
   <sect2 role="content">
@@ -206,17 +211,17 @@
       <segtitle>Installed Directories</segtitle>
 
       <seglistitem>
-        <seg>c_rehash and openssl.</seg>
         <seg>
-          libcrypto.{so,a}, libssl.{so,a}, and additional encryption
-          libraries in /usr/lib/engines/ (lib4758cca.so, libaep.so,
-          libatalla.so, libcapi.so, libchil.so, libcswift.so, libgmp.so,
-          libgost.so, libnuron.so, libpadlock.so, libsureware.so, and
-          libubsec.so).
+          c_rehash and openssl
         </seg>
         <seg>
-          /etc/ssl, /usr/include/openssl, /usr/lib/engines and
-          /usr/share/doc/openssl-&openssl-version;.
+          libcrypto.{so,a} and libssl.{so,a}
+        </seg>
+        <seg>
+          /etc/ssl,
+          /usr/include/openssl,
+          /usr/lib/engines and
+          /usr/share/doc/openssl-&openssl-version;
         </seg>
       </seglistitem>
     </segmentedlist>
@@ -255,7 +260,7 @@
       </varlistentry>
 
       <varlistentry id="libcrypto">
-        <term><filename class='libraryfile'>libcrypto.{so,a}</filename></term>
+        <term><filename class="libraryfile">libcrypto.{so,a}</filename></term>
         <listitem>
           <para>
             implements a wide range of cryptographic algorithms used in various
@@ -273,7 +278,7 @@
       </varlistentry>
 
       <varlistentry id="libssl">
-        <term><filename class='libraryfile'>libssl.{so,a}</filename></term>
+        <term><filename class="libraryfile">libssl.{so,a}</filename></term>
         <listitem>
           <para>
             implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
@@ -285,6 +290,9 @@
           </indexterm>
         </listitem>
       </varlistentry>
+
     </variablelist>
+
   </sect2>
+
 </sect1>

Modified: trunk/BOOK/postlfs/security/p11-kit.xml
==============================================================================
--- trunk/BOOK/postlfs/security/p11-kit.xml	Fri Mar  1 03:01:49 2013	(r11031)
+++ trunk/BOOK/postlfs/security/p11-kit.xml	Fri Mar  1 04:31:35 2013	(r11032)
@@ -6,10 +6,10 @@
 
   <!ENTITY p11-kit-download-http "http://p11-glue.freedesktop.org/releases/p11-kit-&p11-kit-version;.tar.gz">
   <!ENTITY p11-kit-download-ftp  " ">
-  <!ENTITY p11-kit-md5sum        "e8b10a0ef1d9ebc6384ca361a70a4b02">
-  <!ENTITY p11-kit-size          "536 KB">
-  <!ENTITY p11-kit-buildsize     "8.0 MB">
-  <!ENTITY p11-kit-time          "0.1 SBU">
+  <!ENTITY p11-kit-md5sum        "248a81bdab1d692688b4d98e3c0013d3">
+  <!ENTITY p11-kit-size          "788 KB">
+  <!ENTITY p11-kit-buildsize     "30 MB">
+  <!ENTITY p11-kit-time          "0.2 SBU">
 ]>
 
 <sect1 id="p11-kit" xreflabel="p11-kit-&p11-kit-version;">
@@ -72,9 +72,16 @@
 
     <bridgehead renderas="sect3">p11-kit Dependencies</bridgehead>
 
+    <bridgehead renderas="sect4">Recommended</bridgehead>
+    <para role="recommended">
+      <xref linkend="cacerts"/> and
+      <xref linkend="libtasn1"/>
+    </para>
+
     <bridgehead renderas="sect4">Optional</bridgehead>
     <para role="optional">
-      <xref linkend="gtk-doc"/>
+      <xref linkend="gtk-doc"/> and
+      <xref linkend="libxslt"/>
     </para>
 
     <para condition="html" role="usernotes">User Notes:
@@ -108,8 +115,11 @@
   <sect2 role="commands">
     <title>Command Explanations</title>
 
-    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-      href="../../xincludes/gtk-doc-rebuild.xml"/>
+    <para>
+      <option>--enable-doc</option>: Use this switch if you have installed
+      <xref linkend="gtk-doc"/> and <xref linkend="libxslt"/> and wish to
+      rebuild the documentation and generate manual pages.
+    </para>
 
   </sect2>
 
@@ -130,8 +140,10 @@
         </seg>
         <seg>
           /etc/pkcs11,
-          /usr/include/p11-kit-1 and
-          /usr/share/gtk-doc/html/p11-kit
+          /usr/include/p11-kit-1,
+          /usr/lib/pkcs11,
+          /usr/share/gtk-doc/html/p11-kit and
+          /usr/share/p11-kit
         </seg>
       </seglistitem>
     </segmentedlist>
@@ -141,6 +153,19 @@
       <?dbfo list-presentation="list"?>
       <?dbhtml list-presentation="table"?>
 
+      <varlistentry id="p11-kit-prog">
+        <term><command>p11-kit</command></term>
+        <listitem>
+          <para>
+            is a command line tool that can be used to perform operations
+             on PKCS#11 modules configured on the system.
+          </para>
+          <indexterm zone="p11-kit p11-kit-prog">
+            <primary sortas="b-p11-kit">p11-kit</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
       <varlistentry id="libp11-kit">
         <term><filename class="libraryfile">libp11-kit.so</filename></term>
         <listitem>



More information about the blfs-book mailing list