[gnutls-help] nettle_cfb8_decrypt and nettle 5.1

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Dec 10 15:15:26 CET 2019


On Sat, Dec 7, 2019 at 2:26 PM Andreas Metzler <ametzler at bebt.de> wrote:
>
> Hello,
>
> gnutls 3.6.11 introduces this change in
> 98ac6220bdef67ba1153dc515613e4582e1419a2 "nettle: use included CFB8
> implementation if nettle is 3.5":
>
> configure.ac
>  # Check if nettle has CFB8 support
> +if test -z "$ac_cv_func_nettle_cfb8_encrypt"; then
> +       # nettle_cfb8_decrypt in nettle 3.5 is known to be broken
> +       ver=`$PKG_CONFIG --modversion nettle`
> +       if expr "$ver" : '^3\.5\b' >/dev/null; then
> +               ac_cv_func_nettle_cfb8_encrypt=no
> +       fi
> +fi
>
> Which versions of nettle are broken? Is there a fixed release?
> The "expr" test hits not only for 3.5 but also for 3.5.1.

I believe it is every released version of nettle which includes cfb8.
I think the 3.5.x match is intentional as the .1 releases in nettle
are made only for targeted fixes and may not include the cfb8 fix.

regards,
Nikos



More information about the Gnutls-help mailing list