Log message:
gnutls: updated to 3.8.3

Version 3.8.3 (released 2024-01-16)

** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange
   [GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553]

** libgnutls: Fix assertion failure when verifying a certificate chain with a
   cycle of cross signatures
   [GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567]

** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token
   certtool was unable to handle Ed25519 keys generated on PKCS#11
   with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2.

Log message:
gnutls: updated to 3.8.2

Version 3.8.2 (released 2023-11-14)

** libgnutls: Fix timing side-channel inside RSA-PSK key exchange.
   [GNUTLS-SA-2023-10-23, CVSS: medium] [CVE-2023-5981]

** libgnutls: Add API functions to perform ECDH and DH key agreement
   The functionality has been there for a long time though they were
   not available as part of the public API.  This enables applications
   to implement custom protocols leveraging non-interactive key
   agreement with ECDH and DH.

** libgnutls: Added support for AES-GCM-SIV ciphers (RFC 8452)
   The new algorithms GNUTLS_CIPHER_AES_128_SIV_GCM and
   GNUTLS_CIPHER_AES_256_SIV_GCM have been added to be used through
   the AEAD interface.  Note that, unlike
   GNUTLS_CIPHER_AES_{128,256}_SIV_GCM, the authentication tag is
   appended to the ciphertext, not prepended.

** libgnutls: transparent KTLS support is extended to FreeBSD kernel
   The kernel TLS feature can now be enabled on FreeBSD as well as
   Linux when compiled with the --enable-ktls configure option.

** gnutls-cli: New option --starttls-name
   Depending on deployment, application protocols such as XMPP may
   require a different origin address than the external address to be
   presented prior to STARTTLS negotiation.  The --starttls-name can
   be used to specify specify the addresses separately.

Log message:
*: recursive bump for icu 74.1

Log message:
*: bump for openssl 3

Log message:
gnutls: updated to 3.8.1

Version 3.8.1 (released 2023-08-03)

** libgnutls: ClientHello extensions are randomized by default
   To make fingerprinting harder, TLS extensions in ClientHello
   messages are shuffled. As this behavior may cause compatibility
   issue with legacy applications that do not accept the last
   extension without payload, the behavior can be reverted with the
   %NO_SHUFFLE_EXTENSIONS priority keyword.

** libgnutls: Add support for RFC 9258 external PSK importer.
   This enables to deploy the same PSK across multiple TLS versions
   (TLS 1.2 and TLS 1.3) in a secure manner. To use, the application
   needs to set up a callback that formats the PSK identity using
   gnutls_psk_format_imported_identity().

** libgnutls: %GNUTLS_NO_EXTENSIONS has been renamed to
   %GNUTLS_NO_DEFAULT_EXTENSIONS.

** libgnutls: Add additional PBKDF limit checks in FIPS mode as
   defined in SP 800-132. Minimum salt length is 128 bits and
   minimum iterations bound is 1000 for PBKDF in FIPS mode.

** libgnutls: Add a mechanism to control whether to enforce extended
   master secret (RFC 7627). FIPS 140-3 mandates the use of TLS
   session hash (extended master secret, EMS) in TLS 1.2. To enforce
   this, a new priority keyword %FORCE_SESSION_HASH is added and if
   it is set and EMS is not set, the peer aborts the connection. This
   behavior is the default in FIPS mode, though it can be overridden
   through the configuration file with the "tls-session-hash" option.
   In either case non-EMS PRF is reported as a non-approved operation
   through the FIPS service indicator.

** New option --attime to specify current time.
   To make testing with different timestamp to the system easier, the
   tools doing certificate verification now provide a new option
   --attime, which takes an arbitrary time.

** API and ABI modifications:
gnutls_psk_client_credentials_function3: New typedef
gnutls_psk_server_credentials_function3: New typedef
gnutls_psk_set_server_credentials_function3: New function
gnutls_psk_set_client_credentials_function3: New function
gnutls_psk_format_imported_identity: New function
GNUTLS_PSK_KEY_EXT: New enum member of gnutls_psk_key_flags

Log message:
Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/.

Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).

No change to BUILD_DEPENDS as used correctly inside buildlink3.

As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html

Log message:
gnutls: require minimum gcc 6, and indicte use of c++11.

The in-tree compiler on NetBSD/macppc 8.0 (gcc 5 based)
fails to build this package, with what now looks like a
bug in gcc 5.
Bump PKGREVISION.

Log message:
revbump after textproc/icu update

Log message:
gnutls: remove guile bindings, dropped and moved to https://gitlab.com/gnutls/guile/

Log message:
gnutls: update to 3.8.0.

* Version 3.8.0 (unreleased 2023-02-09)

** libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
   Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
   [GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]

** libgnutls: C++ library is now header only. All definitions from
   gnutlsxx.c have been moved into gnutlsxx.h. Users of the C++
   interface have two options:
   1. include gnutlsxx.h in their application and link against
      the C library. (default)
   2. include gnutlsxx.h in their application, compile with
      GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link
      against the C++ library.

** libgnutls: GNUTLS_NO_STATUS_REQUEST flag and %NO_STATUS_REQUEST
   priority modifier have been added to allow disabling of the
   status_request TLS extension in the client side.

** libgnutls: TLS heartbeat is disabled by default.
   The heartbeat extension in TLS (RFC 6520) is not widely used given
   other implementations dropped support for it. To enable back
   support for it, supply --enable-heartbeat-support to configure
   script.

** libgnutls: SRP authentication is now disabled by default.
   It is disabled because the SRP authentication in TLS is not up to
   date with the latest TLS standards and its ciphersuites are based
   on the CBC mode and SHA-1.  To enable it back, supply
   --enable-srp-authentication option to configure script.

** libgnutls: All code has been indented using "indent -ppi1 -linux".
   CI/CD has been adjusted to catch regressions.  This is implemented
   through devel/indent-gnutls, devel/indent-maybe and .gitlab-ci.yml’s
   commit-check.  You may run devel/indent-gnutls to fix any
   indentation issues if you make code modifications.

** guile: Guile-bindings removed.
   They have been extracted into a separate project to reduce complexity
   and to simplify maintenance, see <https://gitlab.com/gnutls/guile/>.

** minitasn1: Upgraded to libtasn1 version 4.19.

** API and ABI modifications:
GNUTLS_NO_STATUS_REQUEST: New flag
GNUTLS_SRTP_AEAD_AES_128_GCM: New gnutls_srtp_profile_t enum member
GNUTLS_SRTP_AEAD_AES_256_GCM: New gnutls_srtp_profile_t enum member

* Version 3.7.8 (released 2022-09-27)

** libgnutls: In FIPS140 mode, RSA signature verification is an approved
   operation if the key has modulus with known sizes (1024, 1280,
   1536, and 1792 bits), in addition to any modulus sizes larger than
   2048 bits, according to SP800-131A rev2.

** libgnutls: gnutls_session_channel_binding performs additional checks when
   GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the
   "tls-exporter" channel binding is only usable when the handshake is
   bound to a unique master secret (i.e., either TLS 1.3 or extended
   master secret extension is negotiated). Otherwise the function now
   returns error.

** libgnutls: usage of the following functions, which are designed to
   loosen restrictions imposed by allowlisting mode of configuration,
   has been additionally restricted. Invoking them is now only allowed
   if system-wide TLS priority string has not been initialized yet:
gnutls_digest_set_secure
gnutls_sign_set_secure
gnutls_sign_set_secure_for_certs
gnutls_protocol_set_enabled

** API and ABI modifications:
No changes since last version.